A paper at recent security conference gets all worried about web-enabled gadgets like phones and games consoles being a haven for phishing scams. They direct people to a fake version of a site where they have a secure account, like a bank, and harvest the details they type in.
The problem is, say researchers at University of California, Davis, that cramming a browser onto a small screen means bits are chopped off. One of the first things to go is the address box that shows the URL you are visiting – the place to check if you want to know if you are being phished.
As well as not displaying full URLs, mobile web surfers are not encouraged to type out addresses in full like on a full-size computer.
That means people are more likely to select links in emails, and less likely to notice that they are not the URL they are expecting, the researchers found.
They suggest browsers should display full URLs, and that another solution would be to change the way phones use the web. Instead of surfing directly, they could go via an intermediary service that screens all the content they access.
Mobile web use is said to be growing fast as devices like the iPhone compete to make it easier – and an increase in phishing is sure to follow. The solutions suggested could certainly work, but I don’t think it will be long before mobile browsers get built-in phishing warnings like conventional browsers do.
With lots of application testing frameworks like Acunetix and Saint available,its quite difficult to make a mark in the security market,however when it comes to secure your web technologies,Websecurify does a pretty good job.Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.
Multi-platform – The tool is available and successfully runs on Windows, Mac OS, Linux and other operating systems.
Automatic Updates – Every single piece of the tool is subjected to automatic updates. This means that newer and more advanced versions of the tool can be shipped to your front door without you lifting your finger. This however is completely optional. The automatic update can be turned off if needed.
Today, more and more people are using computers for everything from communication to online banking and investing to shopping. People are using computer on regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. In this article, we are discussing some easy, cost-effective steps to make your computer more secure.
- When you are doing some important work, always make backups of important information and store in a safe place separate from your computer.
- You have to update latest patches on your computer system, web browser and software frequently. Update your computer system regularly.
- Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet.
- Install antivirus software and set for automatic updates so that you receive the most current versions.
- Do not open unknown email attachments. It might be virus.
- Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.
- Disable hidden filename extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows.
- Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.
- Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.