Basics for Surviving Online!!

Surviving Online? Am I joking?

Yes, I did say “Surviving Online” and for your sake I hope you won’t take me to be a mad delinquent who’s pulling a fast one on you.

Some of my friends, known-ones have been using internet for quite some time but are quite illiterate in the art of surviving in cyberspace. I hope to address some of the most common issues right here, right now, so better be careful and attentive. What I’m gonna tell you is nothing new, you’ve probably heard or read it at numerous websites or forums or from other people and you probably never took it seriously. Well, I hope that you better take it seriously here if you don’t want to suffer the displeasures of the unlikable.

A Word of Warning: I’m not an authority in these matters, what I’m gonna say is based on my personal experiences and experiences of some others whose judgements I trust. Use my advice at your own risk, all I can say is that I’ve only benefited from it.

Starting up, lets see the roll of honour, topics that’ll be addressed here:

1. SPAM
2. Phishing

Yeah, I’m gonna take these 2 issues only right now, so better get cracking.

SPAM: Now I can give you a proper definition of what SPAM is but lets keep things simple here. So in common language, SPAM is a sort of communication that you don’t want but you still get & there’s no stopping it. Like unsolicited emails(junk, marketing emails, newsletter, sales pitch) which clog up your INBOX which you never asked for, and you can’t get it away, you delete it & next day, there’s more of it again!! The same thing can be said for forums and blogs where people(they are called spammers) post these useless comments, either to promote something(like pills?) or for putting up links to their websites(for their own as well as for those who pay them).

We’ll talk about email SPAM first. Now, what we do usually is, we curse our email provider for not having good enough SPAM filters to prevent that junk piling up in our INBOX, be it Hotmail or Yahoo! or any other. What we don’t understand is how SPAM gets in nor do we want to understand!! Well, SPAM filters work according to SPAM emails, its just like a medicine treating a disease. There’s a new disease & there’s a new medicine for it, so for new kinda SPAM, there’s new kinda SPAM filters. Its a continuous process. So whenever you get SPAM in your INBOX, don’t just plainly delete it. Use the special button given there to mark those emails as SPAM. The filters see them as SPAM & they learn what’s in them that they missed. They compare & analyse, so the next time, that kind of email from that person will definitely be blocked. Usually all email providers like Yahoo!, Hotmail, GMail have a special folder for the emails that they block from entering your INBOX, these folders are named like “Bulk Mail” or “Junk Mail” or “Spam” etc. Easy to spot. So it’ll be a good thing if you check these folders from time to time, to see that any email that you wanted to receive hasn’t been marked as SPAM by mistake. If you see any such email(rest assured that you’ll definitely see some of them), then simply mark them as “NOT SPAM”. This will ofcourse depend from provider to provider but there will be some way(just like the special button to mark SPAM) to mark those emails as OK, so the SPAM filters know that they those emails are not SPAM.

Also, almost all of the SPAM emails have an unsubscribe link which says that if you click that link, then you’ll not get any futher emails from that sender. BEWARE, don’t click that link, because it won’t do any good to you, it’ll just confirm to the spammer that your email address is valid and in use, making your email address quite valuable to them and your email address will be moved to the database of permanent targets containing live email addresses. If you have your own domain name and website, you’ll obviously be creating email addresses on that domain. If possible, avoid having common & short email addresses like info@example.com or me@example.com etc. They are common and the initial targets. Also, usually all web-hosts will have a default(or catchall) email account on your domain, which means that if someone emailed to your domain at an email address that doesn’t exist, then that email will be delivered to the default email address. Unless you have specific reasons to keep this default email address, do away with it, its not good to have junk piling up eating in your available server space.

Another thing that you should take care of is not to go on distributing your email address to everyone everywhere. Don’t leave your email addresses lying anywhere, because what you are doing is just leaving your email addresses open for harvestors who compile databases of thousands & millions of email addresses which they can sell to spammers. Leaving email addresses in a plain way(someone@example.com) is just plain dumb but if you thought that you can outsmart them by leaving your email address like “someone [at] example [dot] com”, think again, you can be, infact you are wrong. The harvestors are not idiots nor they are a computer program designed to run in a fixed way forever. Its done by a human and they are dynamic, they can think & they are smart as well. A little change in the parser and the harvesting bot can now sanitise email addresses like “someone [at] example [dot] com” into someone@example.com and store it in the database. Big deal? Not at all, I know this because I’m a programmer and I know this can be done fairly easily. So the rule is to never give out email addresses at online forums or in chatrooms etc. without knowing to whom you are giving this email address. You should treat it as your property, you take good care of it to protect it, no? Or do you like trespassers on your property?

As for other kinda SPAM like on forums & blogs. Well, for forums, I don’t know much except that you’ll have to moderate that yourself, but blogs which are more of a target than forums have some protection. Almost all of the current breed of blog softwares like WordPress, MovableType, TextPattern etc. have some SPAM fighting features built in them. You can boost their capabilities with a number of plugins available for combating SPAM, and they are quite effective.

Consider this, 2 years back, the SPAM filters were not as good as they are today, and 2 years down the road, they’ll be much much better than what they are. Its a cat-n-mouse game.

Moving onto the next topic, of
PHISHING: Again, in common dialect, an attempt to steal confidential & vital info from you(like Credit Card numbers, bank account passwords) by deceiving you(posing as someone you trust) is Phishing and the culprits are called Phishers. Now they are more dangerous than spammers as spammers just try to market their stuff, phishers are theives, frauds you can call them, who are after your money, one way or other!!

Usually it’ll be an email that’ll look like one from eBay, PayPal or a Bank(can be your bank too). There are a lot of things that you can notice, but you need the eye for it, which unfortunately not everyone has & which comes only from experience. It’ll usually say that you need to update some account info of yours to keep your account active and for your ease, it’ll give out a link which you can click to do that. DO NOT click that link, that link will be saying the website URL of eBay, PayPal or your Bank, but underneath it’ll be a cloaked URL to a different website, a replica of the one its impersonating. Its a good idea to always type in the URL of the website, like eBay, PayPal or your Bank’s, manually in the browser and visit it, so that you know that you are on the right website. Then you can update your info if you want(or required). Also take notice of a little yellow lock in the right hand corner at the bottom of your browser window, whenever you are seeing or sending confidential info like logging in or putting in your account or credit card number, look for this lock. This lock means that the transmission between you and the website is secure and the information being transmitted cann’t be stolen. But to be sure, double-click that lock and check the URL in the window that opens with the URL in the browser to make sure that the website address is same in both. If its not, then somethings really phishy(excuse the pun) and you shouldn’t proceed with giving out your info.

What you should understand is that none of the trusted websites like eBay, PayPal or Bank websites will ask you to send any confidential info like bank account passwords, credit card numbers etc. by email. They won’t ask you to update your info by giving you a link. Even if they do give a link, it won’t be a long URL or anything, but still, to be safe, don’t click the links in the email, manually type in the URL of the website in the browser to visit the website.

Also, it’ll be better if you arm yourself from being lured away & phished. Using a SpoofStick will certainly help, its a browser extension that’ll aid you in detecting fake websites and thwart attempts of phishing you. Another thing is that you shouldn’t download any attachments which you don’t know about, be it any EXE files or even images. They can be supposedly from your friends whom you trust but they can also be not from them. Downloading and running the attached files can make your computer vulnerable to Viruses, Hacking Attacks, Phishing, Spyware etc. So, if the attachment looks suspicious, don’t download it, better be safe than sorry!!

And as they say, its better to know your enemy. Phishers are your enemies, so knowing more about them and their ways of attacking the gullible like yourself will certainly be quite helpful for you, the best resource for more information is the Anti-Phishing Working Group website at www.antiphishing.org. You can also read up on about safeguarding yourself from phishing on the Federal Trade Commission website.

The cyberworld is a nastier place than the real world in which we live, because the reach of the bad guys in cyberworld is global and its easier to hoodwink someone, no matter where he is. And the worst thing is that you don’t even know who the culprit is, in almost all cases. But you can remain safe and protected if you keep your eyes & senses open, its not a milk-run but its not that difficult either!! 😉