Presidents, Senators, You And Me

Another famous name has had their bank details stolen and money taken from their account. This time it’s the French President, Mr. Sarkozy. Of course it is not unusual for people to have their details stolen, we have seen other high profile cases in recent months, a US senator had their email account hacked and the Chief Executive of a bank also lost money. Of course if you happen to be you or me then it is unlikely to make the front pages of the news or spark quite the same level of campaign to find the perpetrators.

The interesting point in this latest case is that the thieves just skimmed off a little bit of money at a time, rather than empty the account. The thinking is that you won’t notice - so over time they would make off with more money. What can you do? Simple stuff really:

  • Don’t tell anyone (and I mean anyone) your logon or password details.
  • Regularly change your password.
  • Don’t make your password guessable. (This sounds obvious, but people evidently make them too easy to guess!)
  • Regularly check your statements and query any unknown transactions.

October 20, 2008 | Filed Under data-loss | Leave a Comment 

Think Of A Number… Any Number…

Just make sure you can’t find it on the Internet, or rather that it can’t be associated with you. Oh, and by the way, make sure other questions you use to validate who you are, are not on the Internet either. Sarah Palin had her email account broken into and the contents spread across the unforgiving web. The hack was allegedly done by either guessing the password resetting the password and in order to reset the password another piece of information was required, in this case where she had met her husband… information that could be found on the web.

Most banks rely on things like your Mother’s maiden name as a proof of identity, but now you can easily find that on the web. In an age where people like to tell all on social networking sites from favourite films to names of first pets, it seems no ’secret’ fact is a secret any more - unless you want it to be. So when it comes to deciding on security questions, have a thought for what is already out there and readily found.

September 24, 2008 | Filed Under security | Leave a Comment 

And Your Password Is… Password

A report into the Top 10 passwords for 2008 puts ‘Password’ at the top of the list. It’s been in the top 5 for years - why? You would have thought that people would realise that if it (whatever it is) is worth protecting by a password then they would realise that it is of value to someone else.

‘But… it’s only my blog’ or ‘It’s just my social networking account’ or … there is an endless supply of excuses as to why people chose weak passwords - listen up, if it has a value to you, it has a value to someone else. So, now let’s play a game of ‘What If’… and this is what you need to do when setting a password (partner’s name, child’s name, pet’s name - they are all in the popular list - and easily guessable - by machine, don’t think that someone is typing them in, oh no, its all done by machine)… so what if someone gets onto your site and defaces it, perhaps posts objectionable content or pictures, perhaps emails all your friends and tells them that you hate them… it’s coming from your account, they will be impersonating you, how do they know it’s not you? How long will it take to repair the damage caused? Hopefully the picture is clearer now… so when you chose a password make it a strong one - put in a number or two, perhaps some punctuation and have it at least 8 characters long. That way someone won’t come along and hijack your account and maybe your reputation as well.

(Just so you know… the same goes for work passwords as well - many companies have policies and protection in place for work based passwords… and for good reason. Imagine if someone could impersonate you and therefore your company…)

July 11, 2008 | Filed Under security | 1 Comment