We all know that it’s dangerous to use the same password for more than one program. If you sign up for a program run by someone of low moral fibre, what is to stop them running through various programs with your username and password to see what they can access?

But of course remembering all the different passwords can be a headache. And writing them down somewhere isn’t a great deal safer than using the same password again and again.

You can buy software that stores the passwords for you, but do you really want to pay money for another piece of software that performs a solitary function?

Try this simple, two-step, technique that lets you generate an infinite number of passwords, without having to remember any of them.

Step One: Choose a 4-6 letter word or number sequence that you can remember easily. Needless to say, don’t reveal this to anyone. For the purpose of this demonstration, I’ll choose the word "cash"

Step Two: Apply this secret word or number sequence to the name of the program you are setting up the password for.

To accomplish this, invent a couple of easy to remember rules.

Rule 1: Decide which part of the program name you are going to use. It could be the whole name, the first 6 letters of the name, the last 8 letters of the name. It’s totally up to you, be as creative as you like.

eg – For the program TrafficSwarm, I might choose the first 8 letters of the name. This give me: "traffics"

Rule 2: Take the portion of the program name you have selected and merge it with your secret word or number sequence to create a unique password. Again, be as creative as you can with this rule. You could replace every second letter, every third letter, every vowel or every consonant.

eg – If I replace every second letter of "traffics" with my secret word "cash", I get " t c a a f s c h "

or

- If I replace every vowel of "traffics" with my secret word "cash", I get " t r c f f a c s ". The "s" and the "h" are not used as "traffics" has only two vowels, but some words will use all four letters of "cash". Some words might have more than four vowels, in which case just start back at the beginning with "c" and "a" and so on…

You don’t have to worry about making your rules overly complex. Even the best code-breakers would need to see several of your passwords before they could start to guess what you rules are.

As long as you keep your rules safe and sound, your password is secure. But the real beauty of this system, is that you don’t have to remember the passwords you create. You ONLY have to remember the rules.

When you log into the program the next time, just apply your rules to the program name, and you can work out what password you generated. Once you have been using the rules for a while, you’ll generate the password in your head, without even having to pause.

Don’t worry if it seems a little complicated at first. Read this article through a couple more times and then try this technique with just a couple of programs. Once you are happy with it, all that’s left to do is to start working your way through existing programs and update your passwords. It’s time consuming, but for peace of mind you’ll be glad you did.

David Congreave is owner of The Nettle Ezine, the newsletter for the home business — online.  David lives in Leeds, in the United Kingdom, with his wife Leanne.

“You’ve just won a fabulous vacation or prize package! Now, if you’ll kindly give me your credit card information and social security number for verification purposes, you will receive this awesome gift!”

Now why would they need my credit card or social security number to send me a freebie? Can you say, “identity theft?”

Although there are legitimate reasons for people to need that information, such as a purchase or job application, thieves need it to steal your life and money from you!

Crime officials are reporting that this kind of theft is becoming quite common. Don’t be a victim! Follow a few common-sense suggestions to avoid finding out someone else has taken over your life-along with your bank account!

-Do not allow anyone to borrow your credit cards! Your best friend may be trustworthy, but her boyfriend may not be!

-Don’t provide personal information such as date of birth, credit card numbers, your pin number, mom’s maiden name, or social security number over the telephone unless you initiate the call. Don’t leave mail lying around for strangers to pry into. How well do you really know your teen’s friends?

-Destroy all bills, pre-approved credit card applications, credit card receipts, and other financial information when you no longer need such items.

-Don’t keep private information like pin numbers and such in your purse or wallet. It’s just too risky. We humans are much too forgetful. Be honest, how many times have YOU had to return to a restaurant or friend’s home to retrieve your purse? Is there anything in there that could harm you if it was stolen or lost? Time to check.

-Check your credit reports regularly. To order your report, call the three major credit bureaus at these toll-free numbers: Equifax at (800) 685-1111, Experian at (888) 397-3742, or Trans Union at (800) 888-4213. By law, the most you can be charged for a copy of your report is $8.50. To be safe, consider getting a copy from each of the three companies. If after reviewing your report you spot signs of a possible fraud, report it immediately!

-Keep your passwords and pins confidential and secure. Avoid passwords and pin numbers that will be easy for a thief to figure out. For example, don’t use your name, street address or birth date. Also, change your passwords every once in awhile, just to be safe.

- Get Identity Fraud Insurance. It’s just plain smart.

The FTC works for the consumer to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop and avoid them. To file a complaint or to get free information on consumer issues, visit www.ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad. Report suspected Internet-based fraud to the Federal Trade Commission or the IFCC (www.ifccfbi.gov/Default.asp), a new joint project of the FBI and the National White Collar Crime.

Kristi Sayles invites you to her Internet Treasures Newsletter at http://treasures.smartauthor.com to learn more valuable tips and freebies.

One evening, during the graveyard shift, an AOL technical support operator took a call from a hacker. During the hour long conversation the hacker mentioned he had a car for sale. The technical support operator expressed an interest so the hacker sent him an e-mail with a photo of the car attached. When the operator opened the attachment it created a back door that opened a connection out of AOL’s network, through the firewall, allowing the hacker full access to the entire internal network of AOL with very little effort on the hacker’s part.

The above is a true story and it is an excellent example of one of the biggest threats to an organisation’s security - social engineering. It has been described as people hacking and it generally means persuading someone inside a company to volunteer information or assistance.

Examples of techniques employed by hackers include:

Social engineering attacks can have devastating consequences for the businesses involved. Accounts can be lost, sensitive information can be compromised, competitive advantage can be wiped out and reputation can be destroyed.

By implementing some simple techniques you can reduce the risk of your organisation becoming a victim or, in the event that you are targeted, keep the consequences to a minimum.

Conduct regular audits, not only on IT systems but also on policies, procedures and personnel so that any potential weaknesses can be addressed as soon as possible.

About The Author

Rhona Aylward has extensive experience in the area of Quality Management and more recently in Information Security Management. She is a qualified Lead Auditor for BS7799 and CEO for Alpha Squared Solutions Ltd.

www.a2solutions.co.uk, raylward@a2solutions.co.uk

"Phishing," the latest craze among online evil-doers, has nothing to do with sitting at the end of a dock on a sunny afternoon dangling a worm to entice hungry catfish.

But, if you take their bait, this new breed of online con artist will hook you, reel you in, and take you for every dollar you have… or worse.

"Phishing" describes a combination of techniques used by cyber crooks to bait people into giving up sensitive personal data such as credit card numbers, social security numbers, bank account numbers, dates of birth and more.

Their techniques work so well that, according to FraudWatchInternational.com, "phishing" rates as the fastest growing scam on the Internet.

Here’s the basic pattern for a "phishing" scam…

You receive a very official email that appears to originate from a legitimate source, such as a bank, eBay, PayPal, a major retailer, or some other well known entity.

In the email it tells you that something bad is about to happen unless you act quickly.

Typically it tells you that your account is about to get closed, that someone appears to have stolen your identity, or even that someone opened a fraudulent account using your name.

In order to help straighten everything out, you need to click a link in the email and provide some basic account information so they can verify your identity and then give you additional details so you can help get everything cleared up.

Once you give up your information… it’s all over but the crying!

After getting your information, these cyber-bandits can empty your bank accounts, deplete your PayPal accounts, run up your credit card balances, open new credit accounts, assume your identity and much worse.

An especially disturbing new variation of this scam specifically targets online business owners and affiliate marketers.

In this con, the scammer’s email informs you that they’ve just sent $1,219.43 (or a similar big but believable amount) in affiliate commissions to you via PayPal.

They need you to log into your PayPal account to verify receipt of the money and then email them back to confirm you got it.

Since you’re so excited at the possibility of an unexpected pay day, you click the link to go to PayPal, log in, and BANG! They have your PayPal login information and can empty your account.

This new "phishing" style scam works extremely well for 2 basic reasons.

First, by exploiting your sense of urgency created by fear or greed, crooks get you to click the link and give them your information without thinking.

Second, the scammers use a variety of cloaking and spoofing techniques to make their emails and websites appear totally legitimate, making it extremely hard to spot a fake website, especially when they’ve first whipped you into an emotional frenzy.

The good news, however, is that you can protect yourself relatively easily against this type of cyber-crime with basic software and common sense.

Most of these scams get delivered to you via Spam (unsolicited email), so a good spam blocker will cut down on many of them even making it to your inbox.

If you receive an email that looks legitimate and you want to respond, Stop - Wait - Think!

Verify all phone numbers with a physical phone book or online phone directory like www.Verizon.com or www.ATT.com/directory/ before calling.

Look for spelling and grammatical errors that make it look like someone who doesn’t speak English or your native language very well wrote it.

Never click the link provided in the email, but go directly to the website by typing in the main address of the site yourself (example: www.paypal.com or www.ebay.com).

Forward the email to the main email address of the website (example: support@paypal.com) or call the customer service number on the main website you typed in yourself and ask if it is in fact legitimate.

Above all remember this:

Your bank, credit card company, PayPal, eBay and anyone else you deal with online already knows your account number, username, password or any other account specific information.

They don’t need to email you for ANY reason to ask you to confirm your information — so NEVER respond to email requests for your account or personal details.

About The Author

Jim Edwards is a syndicated newspaper columnist and the co-author of an amazing new ebook that will teach you how to use fr-e articles to quickly drive thousands of targeted visitors to your website or affiliate links…

Need MORE TRAFFIC to your website or affiliate links? "Turn Words Into Traffic" reveals the secrets for driving Thousands of NEW visitors to your website or affiliate links… without spending a dime on advertising! Click Here> http://www.TurnWordsIntoTraffic.com

To blog or not to blog? Well, why not? Lots of people like either to write or to read blogs — sometimes both. The much-quoted survey by the Pew Internet & American Life Project, says 27 percent read blogs. 38 percent of all Internet users at least know what a blog is. The survey was made in November 2004 and estimated that 32 million Americans to be blog readers by the end of 2004. So now there must be much more blog readers and writers.

But there has recently been bad news that spoiled bloggers’ mood. The security firm Websense found that blogs are "being used as a safe haven by hackers for storing and distributing malicious code, including identity-stealing keyloggers." Since January, Websense Security Labs has discovered hundreds of blogs set by hackers.

There have been scores of articles on this topic since last week. See, for example, the article by Gregg Keizer "Hackers Use Blogs To Spread Worms, Keyloggers" April 13, 2005 at http://informationweek.com/story/showArticle.jhtml?articleID=160702505

The general idea of all these articles is the same: hackers turn to blogs. Blogs are suitable for them: there are large amounts of free storage space, no identity authentication is required to post, and there is no scan of posted files for viruses, worms, or spyware in most blog hosting services.

Such blogs experts from Websense Security Labs call "toxic". In its press-release "Toxic Blogs Distribute Malcode and Keyloggers" http://ww2.websense.com/global/en/PressRoom/PressReleases/PressReleaseDetail/index.php?Release=050412889 they explained how some malevolent individuals use blogs for their own gain.

In some cases cybercriminals create a blog on a legitimate host site and post viral code or keylogging software at the page. Then they attract traffic to the toxic blog by sending a link through spam or spim (the analog of spam for instant messaging (IM). So a good advice never follow links in spam is worth remembering.

In other cases, a blog can be used only as a storage mechanism which keeps malicious code (for example, updates) for Trojan horses that have already been hidden on the users’ computers.

"To read or not to read blogs — that’s a question?" Of course to read them, to write them — blogs are already a part of our culture. But be careful.

While PC users can do little to stay aside of toxic blogs except not following links in spam and spim messages, leading to these blogs. If a blog is used as a storage for malicious code, users can do nothing at all about it.

It is up for blogging tool operators to add security, such as anti-virus and anti-spyware protection, to blog hosting service. They can also limit the types of files that can be stored. And it is high time they made their service more secure, because literally millions of Americans might be in danger of picking malicious code, such as a virus, worm or Trojan horse, simply by reading a blog.

Alexandra Gamanenko currently works at Raytown Corporation, LLC — an independent software developing which created a technology capable of disabling the very processes of information capturing — keylogging, screenshoting, etc. It makes the company’s anti-keylogging software a solution against information-stealing programs and modules.

Learn more — visit the company’s website http://www.anti-keyloggers.com

What is Phishing? In a typical Phishing attack, a criminal will send you an email which appears to be from a well known company, bank or government agency. The email will direct you to click on a link which directs you to a Website or pop-up box that looks like the company’s or organization’s legitimate site. The site will instruct you to enter personal information, such as your account ID, your password, your credit or debit card number and PIN, or your social security number. The criminals are “phishing” for information.

Tips for Spotting a Phishing Scam:

A fraudulent email will usually have a sense of urgency, stating that you must respond immediately or your account will be closed or frozen. Also, fraudulent emails and websites will often have obvious spelling errors.

Fraudulent emails will contain links to websites that appear to have an address similar to a Bank or its website name. Remember, it is always safer to type in the website address yourself than to click on a link.

It can be very difficult to determine the true identity of a website based upon its address. Cyber-criminals may use programming tricks to make the address that you see appear different than the true address to which you are directed.

Your greatest protection against online fraud is not to fall victim by taking reasonable steps to protect your private information. Visit the Federal Trade Commission’s website at www.FTC.gov/idtheft for more information about online security and how to protect yourself from scams.

1. First and foremost, never provide personal information in response to an unsolicited email.

"ThreatconYellow.com (http://www.threatconyellow.com) will never send you an email in which we ask you to reveal your password or any other private information."

2. Never click on links in unsolicited emails.

If you receive an unsolicited email that appears to be from your bank, go directly to one of your banks websites by typing in the whole Internet address. If a legitimate alert were issued, you should be able to find that information on the website.

If you think that you may have revealed information to someone not legitimately connected your Bank:

1. Contact your Bank immediately!

2. If possible, forward the fraudulent email to the Bank without changing the subject line, and then delete it from your inbox.

When banking online, change your password frequently – At least every 90 days, but you may change it more frequently if you are concerned that your account information might have been compromised.

(http://www.threatconyellow.com/phishing.htm)

Join the War on Crime: Get updated "Amber Alerts" at ThreatconYellow.com.

Get free "Consumer Advisory Alerts". Join the ThreatconYellow.com "Opt-out" mailing list at (http://www.threatconyellow.com). ThreatConYellow.com is one of the Internet’s leading resources for self defense weapons, pepper sprays, stun guns, and home safety and protection products.

If you know what is the ‘Fishing’ then it’s very easy to understand the definition of ‘Phishing’. Just replace letter ‘F’ from the word Fishing with ‘Ph’. Yes I am not joking. I mean it! Phishing is higher level of spam. Phishing is nothing but fishing in the sea of Internet. The victimized Net users are the fishes hooked by the hackers.

Phishing & Spoof Web sites

The role of hacker is to lure the innocent Netizens by sending an e-mail from spoof sites, pseudo claiming to be an legitimate enterprise in an attempt to force the user into surrendering private information such as password, credit card number, and social security number etc; which will be used for identity theft.

The hyperlink in the e-mail directs the innocent user to a spoof Web site where they are asked to enter personal information like passwords, social security, and bank account numbers. Basically hackers create Spoof Web sites to steal the user’s personal information.

The Idea Behind Spoof Sites

I can give you the well-known example in which users received Spam e-mails from hackers misleading innocent users. As if these mails came from eBay, claiming that the user’s account was about to be suspended unless he clicked on the hyperlink in the e-mail and update the credit card information hold by the genuine eBay web site. The idea behind this scam is very simple as it is relatively simple to make a Web site look like a legitimate site. That is why the Phishing is also called brand spoofing.

Tips To Stop Phishing & Report Phishing

* If you smell anything fishy (phishy) or if you received an e-mail that appears to be from your bank requesting you click a hyperlink in the e-mail and verify your online banking information. Simply delete such e-mail and make it thumb rule… never click that hyperlink in the e-mail.

* Contact your bank or financial institution on phone and confirm whether it has sent you such type of e-mail.

* Report Phishing to Federal Trade Commission (FTC).

* Send Internet Phishing scam reports to local authorities like police and crime bureau.

* Send details of a Phishing scam to the Anti-Phishing Working Group (APWG) to help them to build database of Phishing scams, and to alert the Netizens.

* Last but not the least if you can’t afford to neglect or you are tempted to think that the hyperlink in the received e-mail is worth to click… take a deep breath, think twice before clicking that suspicious hyperlink and copy and paste the URL (hyperlink) into the web browser’s address field and log on. This will help you to land on legitimate Web site instead of spoof Web site.

Popular Targets Of Phishers

1) Banks & Financial Institutions.

2) Credit card companies.

3) Auction portals.

4) Online stores.

5) Online stock trading companies.

How To Smell Phishing?

It is very difficult for e-mail recipients to guess what they have in their mailbox. They can’t guess Whether it is legitimate e-mail from an organization With whom they do transactions. Although the "From" Field of the e-mail may have the web site address of That organization, and the hyperlink may also appear, If the sender insists on clicking that hyperlink and Unfortunately you click that hyperlink you will land To a spoof Web site. To avoid this situation you must Have that sense to smell something fishy (phi shy) Because any legitimate web site never ask you to Update your personal information simply by sending a Hyperlink through the e-mail, use your commonsense and Ask yourself a simple question, why the legitimate web Site would ask you to update your personal information through a hyperlink via e-mail, since that organization has its own legitimate web site? I hope you have got the answer.

Krishna Pai is a webmaster and a writer. Get Internet Security tips, Computer Tutorials, reviews, Hardware & Software Tips, How to guides at

http://www.cheapest-computer-hardware-software.com/

For more Computer tips join his "Build Computer ezine" at http://www.cheapest-computer-hardware-software.com/build_computer_ezine.html

You must be cautious before you use all the Internet offers, be vigilant while purchasing anything from net.

At time of online shopping take care of the following to make your net shopping experience quite enjoyable.

Always prefer a protected browser: This software facilitates you to steer the Internet. Make sure the browser you are using, meet the terms of industry security values like Secure Sockets Layer (SSL). This software helps to protect your transaction.

You can download these browsers for free of cost over the Internet; however, nearly all computers have browser software installed.

Shop with known companies: There are lots of online shopping sites that will lure you by mouth-watering offer, but prefer to shop with the companies you know. You can also have an idea about new shopping sites by demanding for a catalog or brochure. Also, go through its money back and return guidelines before you place order.

Keep privacy for password(s): Never unveil your password to anyone. At all times try to use unique password that you only can make-out. Do not use birth date, mobile no., a telephone number etc as your password.

Be careful while paying by credit or charge card: Some companies offer an online shopping assurance that you won’t get any liabilities for unauthorized charges made online, however many cards facilitate added warranty, return and/or purchase protection benefits.

At all time keep a purchase order copy: Prefer to keep a copy of your purchase order and proof for your records.

Paras Yadav is freelance Article and Content writer, having experience of creating and editing over 3500 articles.

You can contact Paras Yadav at: reach2paras@gmail.com

Dear Mr. Hacker

I hope your head hurts this morning and I hope your fingernails fall out…

I had to think long and hard about not wishing this on your malice. When you work hard in making a success in business,(yes it all comes down to sheer hard work) you do expect a negative reaction from people with malice and jealousy in their mind make up.

You outdid yourself. You made me more determinded to make this a success.

You know we have launched our Magical Casino site at last and worked non stop on marketing, to get our site out in the big old world. Is that why you were sniffing around my PC all night?

Clever too, I grant you that, to use the MsTask, so that the tinbrain thinks you are legit in the world of numbers and letters.

I try and stay amused, for you did not quite succeed. You kept me and my internet gurus awake most of the night but the fact that I am writing and posting you this letter, would show that blind faith shines a light in the darkest moments of internet hacking nightmares.

Jokes aside. We are living in the 20th century with computers and cell phones and high tech ways of communicating BUT with all this brilliant technology comes trojans, hackers, worms, and what not.

We must be doing something right because we had all three of the above seeping through our computers causing irritation, frustration and not to mention a loss of sleep.

A firewall or antivirus is like a birthcontrol pill. It is never 100% safe. I saw this last night, hacker of the darkness.

You need to understand though, that as much as you had fun in making me dance around my internet service provider, explaining the possible spam coming from my tin brain, I have fun, knowing that whatever you wished for me to go through, will be returned to you by the good forces of the universe.

Luckily our site is hosted at another location so guess what…?

Evil Trojans, hackers and worms
Spite and malice WILL make you squirm
Our site is protected by the power of three
As I speak so must it be!!!

Funny how negative situations can be turned around into positive ones. These little monsters got the juices flowing and look, we have created yet another opportunity to send all the bad, back to its source.

http://www.magicalcasino.co.za

Don’t be a victim of Cybercrime

When you access the Internet through the world wide web it is extremely important that you safe guard your personal information.

There are literally thousands of people around the world that make a living exploiting the security loop holes by accessing your personal identity, passwords and bank accounts.

There are many more daily who are the victims of these crimes. You have a responsibility as a user of the Internet to take certain precautions to protect yourself from online crime.

Internet users who access bank accounts, e-currency accounts or any source of personal information online, should be aware of the following methods used by criminals to convince you to reveal your confidential information.

Here are some simple steps to help keep your information secure

1. Avoid being a victim of fradulent email requests for personal information

This method is called "Phishing" and is a popular way for criminals who are acting as legitimate businesses to steal your personal information. This is usually accomplished by sending you an email with a hyperlink to a fraudulent website made to look like the real one. Once you have entered your information the perpetrator will have access to your account, many times unknown to you.

One way to avoid falling victim to this sort of scam is to never provide any personal details in response to an email. Legitimate businesses will never ask you for your password by email. Be aware of suspicious emails from unknown individuals. Delete before opening anything that you think might be harmful.

2. Make sure you visit your bank, e-currency or financial website via your Internet browser with the correct website address.

3. You should take care to never follow any suspicious hyperlink, url, or open an unknown senders attachment.

If you inadvertently reply to a "Phishing" email or respond to what you think could be a fraudulent website, contact your associated financial institution immediately for advice. Do not delay in seeking help. Check your account for any unusual activity.

Ways to protect your computer

1. It is important to use only a trusted and secure computer to access your Internet banking account.

2. Using publicly shared computers, such as those at Internet cafes, is strongly discouraged.

3. It is recommended that you keep your computer up to date with current anti-virus protection, firewall and the latest patches.

4. Remember that after you install virus protection it is necessary to update the software so the protection remains current.

5. Avoid using the "remember my user name and password" feature when accessing sensitive financial information.

6. Make sure not to store your passwords and account information on your computer.

7. Use a different password for your bank than you would for your email address.

8. Do not use easy to guess passwords, or passwords that closely relate to you. Your birthdate, name or favorite pet make poor passwords.

9. Create passwords that have both numbers and letters.

10. If you use a wireless network it is important that you never leave your computer unattended.

11. Take extra precautions around wireless fidelity (Wi-Fi) hotspots that provide free Internet connections. Coffee shops, Internet cafes, airports and libraries can pose significant security threats. Avoid conducting sensitive business in a Wi-Fi hotspot.

Sniffing and Evil Twinning are two methods devious criminals are using to steal confidential data. Sniffing is the act of using a program to search for certain information like passwords and credit card numbers over a Wi-Fi network. Evil twinning mirrors the setting of a Wi-Fi hotspot. When the unsuspecting person uses the evil twinning hotspot the hijacker uses sniffer technology to access anything the victim might be sending.

12. When accessing bank accounts online, confirm that your data is encrypted between the bank and your computer by looking for the padlock symbol on the bottom right hand corner of the browser window.

13. Close your Internet browser after logging out at the end of each online banking session.

14. Beware of any windows that ‘pop-up’ during an online banking session.

Most financial institutions have detailed information on their websites on how their customers can protect themselves from Online fraud attempts. Visit their website or contact them via email or telephone for information on how you can protect yourself from online criminals.

Copyright (c) 2005 by M.Sherborne. All rights reserved. The author authorizes you to post the above article on your Web Site or E-zine solely for personal and non-commercial use.

Matt Sherborne is the creator of "Get Rich Trading E-Currency." For more information please visit his website at: http://www.dxingold.com