How to Identify and Avoid Phishing Scams

Phishing is a form of social engineering technique used by hackers to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworty person/organization. Since most online users are unaware of the techniques used in carrying out a phishing attack, they often fall victims and hence, phishing can be very effective.

With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various phishing techniques and stay away from it.

 

Identifying a Phishing Scam

 

1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

• You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.
• In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.

3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:

• papyal.com
• paypal.org
• verify-paypal.com
• xyz.com/paypal/verify-account/

 

Tips to Avoid Being a Victim of Phishing

 

1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon  in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

In most cases, unlike a legitimate website, a phishing website or a spoofed webpage will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double-check the security features of the webpage before entering any of your personal information.

4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

5. Report a “phishing attack” or “spoofed emails” to the following groups so as to stop such attacks from spreading all over the Internet:

You can directly send an email to spam@uce.gov orreportphishing@antiphishing.org reporting an attack. You can also notify the Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov

How to Create Your Own Customized Run Commands

The Run command on Microsoft Windows operating system allows you to directly open an application or document with just a single command instead of navigating to it’s location and double-clicking the executable icon. However, it only works for some of the inbuilt Windows programs such as Command prompt (cmd), Calculator (calc) etc. So, have you ever wondered how to create your own customized Run commands for accessing your favorite programs, files and folders? Well, read on to find out the answer.

Creating the Customized Run Command

 

Let me take up an example of how to create a customized run command for opening the Internet explorer. Once you create this command, you should be able to open the Internet explorer just by typing “ie” (without quotes) in the Run dialog box. Here is how you can do that.

1. Right click on your Desktop and select New -> Shortcut.

2. You will see a “Create Shortcut” Dialog box as shown below

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3. Click on “Browse”, navigate to: Program Files -> Internet Explorer from your Root drive (usually C:\) and select “iexplore” as shown in the above figure and click on “OK”.

4. Now click on “Next” and type any name for your shortcut. You can choose any name as per your choice; this will be your customized “Run command”. In this case I name my shortcut as “ie”. Click on “Finish”.

5. You will see a shortcut named “ie” on your desktop. All you need to do is just copy this shortcut and paste it in your Windows folder (usually “C:/Windows”). Once you have copied the shortcut onto your Windows folder, you can delete the one on your Desktop.

6. That’s it! From now on, just open the Run dialog box, type ie and hit Enter to open the Internet Explorer.

In this way you can create customized Run commands for any program of your choice. Say “ff” for Firefox, “ym” for Yahoo messenger, “wmp” for Windows media player and so on.

To do this, when you click on “Browse” in the Step-3, just select the target program’s main executable (.exe) file which will usually be located in the C:\Program Files folder. Give a simple and short name for this shortcut as per your choice and copy the shortcut file onto the Windows folder as usual. Now just type this short name in the Run dialog box to open the program.

I hope you like this post! Pass your comments.

Choose Google Chrome For Better Results

Like many Google engineers, I’ve been running Google Chrome for several months. When I sat down with a blank piece of paper to write down why you should try Google Chrome, I ended up with several reasons, including speed, security, stability, and openness. I’ll run through them for you.

Speed. Google Chrome is wicked fast, especially if you use AJAX/JavaScript-heavy web applications such as Gmail. And it’s not just “benchmark fast,” it’s end-to-end fast. Google Chrome puts special emphasis on never making the user wait. Opening a tab is essentially instantaneous, and all the little pauses that would normally interrupt your workflow just don’t happen. Of course, sometimes a remote web server is slow to return data–there’s nothing that a web browser can do about that–but for everything else, the browser speeds along like lightning.

When Gmail came out, it took me months to switch over. Before Gmail, I used mutt and I had all kinds of crazy customizations and wild procmail rules, so it took quite a while for Gmail to convince me to switch. In contrast, it took less than a week for me to switch to Google Chrome. It’s so scary fast that I felt like I was taking smart pills because of all the extra work and email I could blast through.

Security. As the head of Google’s webspam team, I prowl around some pretty hairy places on the internet. Almost every day I encounter hacked pages, malware, porn, and generally scuzzy pages. The security model in Google Chrome is much stronger than most other browsers I’ve used. I’ve surfed through hundreds of seedy back alleys of the Internet over the last several months, and Google Chrome has safely kept me from being infected or affected by the junky web pages I encounter.

Stability. I loved my previous browser (and still do!), but I got used to killing my browser and restarting it daily to prevent memory leaks from hobbling my machine. I’ve run Google Chrome for weeks at a time with bunches of open tabs and it hasn’t crashed on me or bloated up my computer’s memory. I also love that Google has a “ChromeBot” which takes each new browser build and throws (put your pinky finger to your lips) one million webpages at the build as a torture test. That testing virtually guarantees that everyday web pages shouldn’t crash your browser. Google Chrome has been rock solid for me.

Openness. You aren’t locked in to using Google’s search; you can choose to use any major search engine in Google Chrome. Plus, as you click around the web, you don’t send surfing information to Google. Google Chrome is open-source under a BSD license, so you can check that for yourself. The cool bits of Google Chrome, including V8 (a from-the-ground-up JavaScript virtual machine), are open for anyone to take and use.

The comic book. Still not convinced? If you’re a geek, read the 40-page comic book about Google Chrome. It’s genuinely educational about the design choices that Google made. It turns out that a comic is one of the best ways to introduce a large piece of new software:

You’ve all heard the acronym “RTFM,” right? It stands for Read The *cough* Fine Manual. The next time someone asks whether Google Chrome uses WebKit or something else, I can say RTFC–Read The Fine Comic. 

Okay, how well does that post hold up after a month?

On speed, I think Chrome really holds up well. Om’s comments are filled with people who got hookedon the speedy and nice Google Chrome browser experience. A couple people who didn’t like it only tried it for a day; I really think you need to give Chrome a few days (maybe a week) to really notice the end-to-end difference.

On security, I was impressed that so few security holes were found, and most of them required the user to take some additional action or involved social engineering. I have seen very few (no?) attacks like “surf to a random page and your browser gets pwned.” That’s really nice to see; I’m sure the Chrome team was anxious to see what would happen when the outside world tried to attack Chrome. Chrome has been quite robust for a web browser that was only recently released into beta. I continue to surf to really dangerous places with no resulting hijacks or malware.

How about stability? I always thought this would be the weakest point of the Chrome launch, and not because of web pages that would crash Chrome, but because it’s hard to test on a wide variety of real-world hardware when you’re trying to keep a product secret before releasing it. And again, I was surprised that so few things broke. The fact that the Chrome team has released four updates to Chrome in four weeks tells me two things: 1) the worst bugs are going to get knocked down pretty quickly and 2) the Chrome team is very serious about iterating to improve the browser.

Openness is an interesting one. I think the EULA issue caused a short-term goodwill hit. Googlecorrected the terms in about a day, but it still provided material for the people who dislike the fundamental notion of the Chrome browser. I have to admit that I was surprised that people objected to the “Suggest” feature when you’re typing into the address bar, but it’s good that Google reacted quickly on that one as well. I had a conversation with Danny Sullivan where he urged Google employees to try to look at Google as if they were outside the company and didn’t work for Google. It’s excellent advice and definitely provides a helpful perspective. Ultimately, I think that the open-source nature of Google Chrome’s code should reassure most people and win over fans with time.

And the comic book? I still think it’s a cool way to explain a lot of complex design decisions. 

I’ve been watching the Chrome team work, and I believe that they’re going to earn the respect and loyalty of a lot of surfers over time. Their ability to execute reminds me of how the Google Reader team won me over a couple years ago. If you’re running Windows and haven’t taken it for a spin, if you try Chrome for 5-6 days, I think you’ll like it too.

Downlaod Google Chrome From Here

4 Ways to Identify Safe Websites on the Internet

On the whole Internet, there are approximately more than 150 million active websites up and running. As a result, it often becomes a real challenge for the users to identify safe websites that are trustworthy and reputed. Have you ever wondered to know the reputation of a website before placing the order? Need to know whether a given website is child safe? Well, here are some of the ways to identify safe websites on the Web.

1. WOT or Web Of Trust (www.mywot.com):

WOT is a great place to test the reputation of your favorite website. WOT gives real-time ratings for every website based on the feedback that it gets from millions of trustworthy users across the globe and trusted sources, such as phishing and malware blacklists. Each domain name is evaluated based on this data and ratings are applied to them accordingly.

Trustworthiness signifies the overall safety of the website. A poor rating may indicate that the site is associated with threats like Internet scams, phishing, identity theft risks and malware..

 Vendor reliability tells you whether a given site is safe for carrying out buy and sell transactions with it. An excellent rating indicates superior customer satisfaction while a poor rating indicates possible scam or bad shopping experience.

Privacy indicates about “to what extent the site respects the privacy of it’s users and protects their personal identity and data”.

Child Safety indicates whether the content of a given site is appropriate for children. Site contents like sexual material, nudity and vulgarity will have a poor Child Safety rating.

In most cases, the WOT ratings are found to be highly accurate. To check the reputation of any given website, just visit www.mywot.com type-in the address of your favorite website and click on “Check now”. This tool alone can tell you a lot about the reputation and safety level of a website. However, in addition to this, I am giving you another 3 handy tools to identify safe websites on the Web.

2. McCafee SiteAdvisor:

McCafee SiteAdvisor is a free tool that is available as a browser add-on. It adds safety ratings to your browser and search engine results. You can download it fromwww.siteadvisor.com.

3. StopBadware:

Using this tool, you can check whether a given site is said to have involved in malware activity in the past. To check this, go tohttp://www.stopbadware.org/home/reportsearch and enter the URL or domain name of a website and click on “Search Clearinghouse ”. If the search does not return any result, that means the site was never involved in any of the malware activity in the past.

4. Google Pagerank:

Google PageRank is another great tool to check the reputation and popularity of a website. The PageRank tool rates every webpage on a scale of 1 to 10 which indicates Google’s view of importance of the page. If a given website has a PageRank of less than 3, then it is said to be less popular among the other sites on the Internet.

However, PageRank will only tell you how much popular a given website is and has nothing to do with the safety level of a website. So, this tool alone cannot be used to evaluate a website’s safety and other factors.

PageRank feature is available as a part of Google Toolbar. You can install Google Toolbar from http://www.google.com/intl/en_uk/toolbar/ie/index.html.

I hope you like this article. Waiting for your comments…

How to Hack Symbian S60 Phones to Install Unsigned Applications

If you own a Nokia Symbian S60 phone, you will most likely be aware of the fact that it is not possible to install applications on it unless they are signed using a valid certificate. Have you been trying to install applications on your S60 3rd or 5th edition phone but ending up getting a certificate error? At times, this can be really annoying; but here is a smart solution to this problem!

Here in this post, I will show you how to hack your Symbian S60 3rd or 5th edition smartphone, so as to modify the phone’s firmware and completely bypass the mandatory signing requirement. So, once you are done with this one time hack, you should be able to install any compatible application including unsigned and those with an expired certificate.

 

What is the Need for Signing Applications?

From the 3rd edition onwards, all the Symbian S60 applications need to be signed in order to ensure their integrity, so that it would not be possible for a third party to tamper with the application. Also, signing ensures that you always install applications from a trusted source.

However, there are many freeware and beta applications that come unsigned as the developers cannot afford to buy a symbian certificate. Hence, it can be a real nightmare for the users who need to install such applications on their phones. So, here is a step-by-step procedure to hack your phone and permanently disable this security feature.

 

1. Download HelloOX2 V2.03 or the latest version from the HelloOX2 Ofiicial Website.

HelloOX2 is an excellent tool to hack Symbian S60 3rd, 5th and Symbian^3 smartphones which makes it possible to install a root certificate by gaining full access to the phone’s system files. With this capability, you can install anything you want on your phones without the need to worry about the annoying certificate error!

2. The signed version of HelloOX2 demands for a donation and hence, only the unsigned version is available for free download. So, if you have the unsigned version, you need to sign it before installing on your phone. In order to sign any application, you need to have the certificate and the key file which can be obtained as follows:

• Go to the OPDA Website, get registered and login to your account.
• Click on the “Apply Certificate” tab, enter the model number and the IMEI of your phone and then click on “Submit and Upload” button.
• It will usually take up 24 hours for your certificate and key file to be generated and uploaded. To check the status of your certificate click on “My Certificate” tab. If the certificate is ready for the download you will see something as follows:

 

• Download the certificate and the key file on to your computer. Also download the sisigner tool to sign your HelloOX2 application.
• Open the SisSigner, load the HelloOX2.sis, certificate and the key file as shown below and click on “Sign”. Leave the “Key File Password” field blank.

• • Your HelloOX2 application is now signed and ready for the installation.
  3. Install the signed HelloOX2 application on your phone and run it to start the hacking process, which is completely automatic. Within a minute your phone will be hacked. Once this is done, say goodbye to the annoying certificate error and install any application.
  I hope you like this post. Express your opinion through comments. Enjoy!!!

View own mobile number on screen

some time we have lots of sim card and we forget our mobile number so here is the tricks to find your lost numbers




Idea- *789#
Reliance- *1#
DoCoMo- *#1#
Virgin GSM- *1#
Aircel- *888#
Loop- *222# 

How to see private video on you tube ???

When you upload a video to YouTube and mark it as private, the video can only viewed by your own Google Account. You can choose to share that ‘private video’ with select YouTube users but they again need to be signed-in before they can watch your clip.

For instance, here's a private video - youtube.com/watch?v=FkTSUqPqsGE - that I recently uploaded to YouTube. There's nothing interesting inside except its private nature and therefore you should see a message saying “this video is private” if you try accessing that video from your computer.

What’s Not Private about ‘Private’ Videos

That said, if you know the URL of a private YouTube video, you can easily see some of the still frames of that video even if the owner has not shared that video with you.

The trick is simple – just get the ID of any YouTube video from its URL (in our case, FkTSUqPqsGE) and replace it in the following links.

• http://i.ytimg.com/vi/FkTSUqPqsGE/0.jpg
• http://i.ytimg.com/vi/FkTSUqPqsGE/1.jpg
• http://i.ytimg.com/vi/FkTSUqPqsGE/2.jpg
• http://i.ytimg.com/vi/FkTSUqPqsGE/3.jpg

The image 0.jpg is a 480x360 thumbnail image representing an approximate central frame of the video while the images 1.jpg and 3.jpg are from the beginning and end of the video respectively.

  

YouTube creates images thumbnails of every video that’s uploaded on to the site and these images are public even in the case of private videos. An image is often worth a thousand words and here, you have three images so you can sometimes connect the dots........................

EnjoY FrNDS ->>>>>>>>>>>>>>>>>>>>>>>>>

YouTube Video Not Available in Your Country? You Can Still Watch It!

After my long research i found how to view that videos that block in your country so here is the whole topic represent by sunil.

YouTube Videos Blocked

You could be staying in a country like US, UK or India but may not be able to watch every video on YouTube - that's because the content owners have allowed access to that video only from certain countries or geographic regions.

If your computer's IP address falls outside that geographic region, YouTube will display an error saying "This video is not available in your country" - this message has nothing to do with censorship, it's the owner of the video clip who could be limiting access.

YouTube Filters in Action

For instance, this video clip (Armor For Sleep - Hold The Door), uploaded to YouTube by Warner Brothers, is probably not available outside US. Similarly, this BBC clip (Stop Calling it a Honeymoon) on YouTube can only be watched from UK.

BBC has mentioned the reason behind region filtering on their official BBC Channel - "Because of the way that the BBC is funded in the UK through the license fee, we cannot make videos available outside of the UK". Similarly the Olympic Games channel on YouTube (youtube.com/beijing2008) is blocked in countries like US because NBC has a deal to stream Olympic Games Live in those countries.

How to bypass YouTube Region Filtering ?

YouTube uses your computer IP address to determine your physical location / country. In order to bypass these country-specific restrictions on YouTube, try this trick:

If the URL of the YouTube video is http://www.youtube.com/watch?v=yEwD36Dk1jw - just replace the /watch?v= part with /v so your new URL becomes http://www.youtube.com/v/yEwD36Dk1jw

The other trick is that you type the YouTube video URL inside Google Translate and use this a free Google Proxy Server. Read some more ways to access blocked websites.