Online security means the prevention of unauthorized access and/or damage to the computer system through online access. So, our online systems should be protected by the online security. Nowadays, there has been improvement in the online securities because of the growth of the technology. However, there are still a lot of threats of online security.
The few examples of the online security threat are:
1) Viruses
Virus is a common cause of computer problems. Most of the virus spread through the online activities such as opening the unknown e-mail or sending through the online system. Some viruses rewrite coding to make software programs unusable, while others scramble or destroy our data. Many viruses spread quickly so they may not be noticed until the damage has already been done. So, our data will be damage or destroy.
2) Hackers
There are two main methods hackers can cause problems to computer systems and our data. They either find a way to enter the system and then change or steal information from the inside, or they attempt to over-whelm the system with information from the outside so that it shuts down. The hackers may enter to our network though an open port, or an Internet connection that remains open. Besides that, they also attempt to appropriate passwords that belong to the users. A lot of hackers are skilled at guessing common password and run programs that locate or capture password information.
3) Phishing
Phishing is one of the most damaging online security threats in recent times. Basically it involves an attempt by a fraudster, to extract confidential information from the innocent victim. Usually, the fraudster will create a clone site that look similar to the web page that the user will enter. For example, the web page of Public Bank e-banking. The fraudster will create a similar web page. Then, the users will access to their account. Once this happen, the fraudster will get the information and can access to the users account. So, the fraudster will illegally transfer the user's fund.
Wednesday, June 18, 2008
The Threat of Online Security: How Safe is Our Data?
Posted by ~ ELiZA ~ at 10:54 PM 0 comments
Tuesday, June 17, 2008
How to safeguard our personal and financial data?
Online activities such as blogging, online banking, E-commerce trading and others have become popular nowadays, therefore, online users increasing form year to year. This leads to identity theft increasing sharply in recent years. Identity theft occurs when someone co-ops your name, social security number, credit card number, or some other piece of your personal information for their own use, either to commit fraud or theft, without your knowledge. There are many ways that criminals can obtain our information. Hence, our privacy may be seriously invaded. Therefore, how to safeguard our personal and financial data?
There are several ways to cope with or reduce the risk of identity theft.
1)Install a firewall
2)Install spyware protection software
3)Avoid accessing financial information in public
4)Update your browser
The most popular browsers that being used are Mozilla Firefox and Internet Explorer. Make sure your operating system and web browser are set up properly and updating them on a regular basis which can help to plug up security holes, so make it a habit.
5)Look for "locks"
6)Do not open mystery attachments
7)Encrypted e-mail
8)Install online financial software
9)Select strong password
Posted by Sally Yau at 11:42 PM 0 comments
The application of third party certification programme in Malaysia
Nowadays, E-commerce become popular and many consumer will use the technology to buy and sell things on the internet. But still some of the consumer not dare to use the technology this is because of the security problem that worried for it. For example is that the consumer scared that their personal data will be stolen by third party and use their identity to perform other trnsaction without their acknowledgment.
Verisign Inc. is the trusted provider of Internet infrastructure services for the digital world. Verisign is the leading Secure Sockets Layer in short SSL Certificate Authority enabling secure e-commerce, communications and interactions of Websites, intranets and extranets.
If a web page without security, any mail that send can be access by 3rd party to see the date. But the SSL Certificate will build a private communication channel enabling encrytion of the data during transmission. It will create privacy when the mail is send out. This will enable the customer will trust the website to perform transaction. The pictures below is a prove to the customer that the site is in a secured so that the customer will have more trust to perform transaction in that site.
Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin. True 128-bit SSl Certificates enable every site visitor to experience the strongest SSL encryption available to them.
With the application of the security services provided, it will built more trust between the customer and the seller to ensure that the data of both site will not be use or stole by 3rd party to commit fraud and crime. By this it will also encourage more people to trade without use of paper.
Posted by RL at 11:05 PM 0 comments
Sunday, June 15, 2008
Phishing: Examples and its prevention methods
Phishing is an attempt to acquire sensitive information criminally and fraudulently, such as usernames, passwords and credit card details, in an electronic communication. PayPal, eBay and online banks are common targets. Phishing is typically carried out by e-mail or instant messaging and often directs users to enter details at a website.
(1) phishing e-mail targeted at eBay users.
Taken from: http://www.comfsm.fm/~dleeling/training/phishing2.html
(3) phishing e-mail targeted at Paypal users.
Taken from: http://en.wikipedia.org/wiki/Image:Paypal_Phishing.png
(4) phishing e-mail from Citibank.
Taken from: http://www.bankrate.com/brm/news/advice/Phishing-email.asp
PREVENTION METHODS:
It is easy to uncover a crude phishing by the way of when you get an email from a bank that you have never opened an account at, then do not follow the link and enter your personal information. However, if you have an account at the particular bank, it is easier for you to check whether the bank had sent the email for you by calling the particular bank.
Besides that, you must read the message carefully whether there are any errors on it. It is because the errors found can determine whether the message is sent by the particular institution or the phisher.
In addition, you should examine the link that provided in the email. For example, the email could gives you instruction to access to http://banking.about.com/od/securityandsafety/index.htm but if you click the link you will found that you have been directed to a different site. The best way to prevent this is to copy and paste the link to your address bar. However, you can still get tricked by URL’s that look legitimate but have one or two letters switched.
The best way to avoid phishing is to use your best judgment. No financial institution with any sense will email you and ask you to input all of your sensitive information through online. In fact, most institutions will inform their customers that “We will never ask you for your personal information via phone or email”.
Posted by Teng at 9:55 PM 0 comments
How Ecommerce reduce cycle of time, improve employment powerment and facilitate better customer service
Cycle time is the amount of time it takes to complete a process. In business perspective, it refers to length of time between customer place order and time that take place to delivery to customer. With help of E-commerce, it can help organization reduce cycle time with their customers and suppliers. For example, if the company stock level is low, the company can just send an email to the supplier and the supplier can deliver the goods to the company in time.
Employee empowerment is a strategy and philosophy that enables employees to make decision in their job. By the use of E-commerce, it can assign lesser employee to handle the task. By that, employee has more power to made decision in their work and will be more motivate for their work. It will also helps employees own their work and take responsibility for their results.
With the common use of computer and internet, most of the household will have personal computer and most of the consumer know how to use internet. By this the company will design their own website to facilitate their customer rather than visit to their store. This is because nowadays most of the consumer busy for their job and do not have the time to visit their store. So by E-commerce will facilitate the customer a lot by buy things online.
E-commerce will benefit the company not only reduce cycle of time, improve employee empowerment and facilitate customer support. It finally will benefit the company by increasing the sales and reduce cost for the company.
Posted by RL at 7:05 AM 0 comments
An example of E-commerce failure and its causes
Dell Computer Corporation is one of the largest firms consisting of approximately 30,000 employees. There are located throughout the United States, containing high top quality supplies and security services. In order for a large company like Dell to grow with all the competitors in the industry, the organization must be willing to take chances, to expand the corporation. However, the risk a company chooses to take can either be detrimental or beneficial. Dell's success over the years has caused concern for the future of the young company. Dell's business-to-business( B2B) exchange failed for a number of reasons.
1) Lack of insight in the research and development area
A lack of knowledge in this area proved to be detrimental because the company was unprepared for the lack of cooperation that other business showed in this new idea. Dell;s strong name and recognition may have worked against it, causing the company to be viewed as purely a computer manufacturer rather than a site also for alternative business products.
2) Recklessly jumped into B2B market
Dell set up a B2B marketplace hoping to allow online consumer sales to flourish. However, the computer industry is extremely competitive with several B2B exchanges taking place on the Web, only the strongest will survive. The computer maker closed the B2B exchange because of a lack of demand and unwillingness of customers to participate.
3) Dell gave up too early in the game
Beginning the business in October 2000 and ending in January 2001 gave them only a short time frame to produce a profit. If the business allowed more time to prove itself, it might have been able to salvage some of its profits as they should have focused on showing consumers that they are not just a PC firm.
4) Dell's choice of suppliers
Dell's suppliers include 3M, Motorola, and Pitney Bowes. They are second-rate firms compared to companiessuch as Compaq, Hewlett-Packard and Gateway. These three firms joined forces and formed an Internet-based exchange and had advantage over Dell.
5) Difficult in choosing best fit match in business world
Maybe if Dell incorporated smaller companies, they would have had more support and the potential for a larger growth. On the other hand, if they were to select a well-known firm, closely related to the computer industry, it could have provided consumers with a high degree of reassurance.
6) Dell was "caught up in hype"
There is no such thing as "easy money" and with all the competition within the computer industry. Dell should have thoroughly researched the positive and negative effects the corporation could receive. However, Dell recklessly jumped into this market and as a result failed after four months.
Luckily Dell is a strong company and was able to survive after the loss. With the future of the B2B commerce looking very bright, it would be a good idea for Dell to continue on this project with an optimistic outlook.
Posted by Sally Yau at 5:37 AM 0 comments