View From The Bunker
A blog about security and availability by Guy Bunker at Symantec

• Home
• About
• RSS

• Recent Posts

  • Who Did That?
  • Bah Humbug…
  • 2009: Chaos In The Clouds?
  • Apple? You Are Not Immune…
  • Tis The Season To Be… Careful

• Tags

  business continuity Cloud CNI cyber-criminal data-gain data-loss Education email encryption financial loss fix fraud Get Safe Online Identity impersonation information cost ISTR IT department Las Vegas Malicious insider new process passwords PCI DSS People Phishing policy Reputation RUSI SaaS SLA security SMB social networking Software as a Service Spam Speaking strangers usability USB virtual machine Vision vulnerability website whaling wireless Work practice

• Blogroll

  • Ask Marian Consumer Security Blog
  • Bruce Schneier’s Blog
  • Con Mallon’s Symantec Consumer Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Toby Stevens’ Data Trust Blog

• Multimedia

  • Symantec Guide to Scary Internet Stuff - Botnets
  • Symantec Guide to Scary Internet Stuff - Phishing
  • Symantec Guide to Scary Internet Stuff - Underground Economy
• 

Recognising A Secure Website

We recently released a report on how much people trust companies with their data. The answer is that four out of five don’t trust companies and even more 89% think that reckless or repeated data loss should be punishable by prison.

Overwhelmingly the issue is with visiting websites, 18% of respondents said they didn’t check the security of the websites they use when shopping online. So here are some ways to identify a secure site:

• Look for the security padlock. If it’s not there, don’t enter your details. If it is there (and you are uncertain then click on it to see the security certificate for the site.)
• Stick to trusted brands - if a deal looks too good to be true, then it probably is!
• If going to a new site, do any of your friends use it or recommend it?
• Watch out for cyber-squatting on names. This is where you mistype the name of the website you want and a cyber-criminal has taken it and made it look like the real one… but it swipes your data!
• Watch out for numbers in the web address. Often a link on ‘bad’ or compromised sites can look ok on the screen, but click on it and it turns into a number (called an IP address) - which is not where you want to go… the cyber-criminal strikes again!

Finally, make sure that you have an anti-phishing filter switched on in your browser. When it comes to defeating the cyber-criminal the more layers of security and the more aware you are of the risks the better change you have to remain secure while on the web.

You can get a complete copy of the findings and recomendations in our new online security guide (3MB).

Spam, Spam, Spam, Spam - Not So Lov-er-ly Spam

Symantec released its latest report on spam. July’s results were a 12% increase, year-on-year, to 78% of all messages. As expected the ‘big’ public interest events are still a big trend, so the Olympics and the US presidential race are up there along with ones targeting people’s fears for the economy and the old favourites of losing weight and superfoods.

One of the other trends that was ‘emerging’ before and is now becoming an increased trend is to hijack legitimate websites which then host the malware. Businesses should start looking, not just if their website is up-and-running but also that it hasn’t been silently hacked and is now being used as a tool for cyber-criminals. Cross site scripting has been in the news a lot over the past few months - companies cannot afford to think it won’t happen to them, they need to change their policies today to ensure that they do not become part of the problem.

• Subscribe

  

  Enter your email address:

  Delivered by FeedBurner

• 
  UK Pre-Orders
  US Pre-Orders

• Podcasts

  
  Detach Player
  

   

• Symantec Security Response Weblog

• Links, downloads and other resources

  Symantec UK
  Symantec Podcast Directory
  Symantec Security Response