Priveantion of Hacking

29
ED2015 Page 1 By: C. Bhamare

Transcript of Priveantion of Hacking

ED2015 Page 1

By: C. Bhamare

ED2015 Page 2

Summary :

Sr.No. Topic Name Page No.

1 Introduction 3,4

2 Steps to avoid Viruses and Malware. 5 -10

3 10 Tips to Prevent Hacker 10-14

4 Taking a steps to secure your online account 14-16

5 What Can I do keep secure my account 16-20

6 How to Protect your privacy 20-25

7 Indian cyber crime Act 26-28

ED2015 Page 3

Hi friends I am the person who’s like Hacking, One day somebody call me hacker

because I would like to try Small tricks of hacking but I am not a professional Hacker, I Would

like to Say something to all. Hacking is not a Game or Entertainment. It is the art but the some

people are miss use this art if you fill somebody trying to access your personal data don’t west

your time contact cyber crime department or police because big chances to use your personal

data for criminal activity

- C.Bhamare

ED2015 Page 4

Most of the viruses on the computer were hidden in files that had been downloaded off the

Internet: songs, videos, and movies. I was amazingly surprised that the computer lasted for 2

years with that many viruses! So I gave my dear cousin a serious lesson in how to protect her

computer from the dangers of the Internet.

Steps to Avoid Viruses & Malware

1. Install Anti-Virus Software - This should not even have to be listed because if you don’t have

any anti-virus software installed, you’re asking for trouble! If your reason for not installing anti-

virus software is because it’s too expensive, then that can reason can be shot down because

there are several free anti-virus programs out there that are considered better than commercial

software packages. Here are two of the most popular ones:

Avira – Avira has a free version that was ranked #3 in 2014 for detecting viruses.

Bitdefender – BITDEFENDER had the second highest detection rate and they also have a free

edition.

Panda Anti-Virus – In 2014 virus detection tests, Panda anti-virus had a 99.9% detection rate.

This was the highest out of over 25+ anti-virus programs. It’s not free, but I mentioned it

because of it’s top rating.

ED2015 Page 5

Kaspersky Anti-Virus – Not free, but in the top 5 in terms of detection rate.

In addition to anti-virus software, you should install one anti-malware program and the best

is MalwareBytes Anti-Malware Free. It was tested in 2014 and did the best job out of 10

products, many of which were not free.

2. Update All Software - Installing an anti-virus program by itself is not enough. There are

hundreds of new threats that are found daily and the anti-virus programs release updates

regularly to combat these new threats. Make sure you anti-virus program is set to update

automatically so that you don’t have to rely on your memory to do it. Also, this goes for all the

software on your computer. The most important software to keep up to date is your Windows

operating system. It is essential to have Automatic Updates turned on and set to download and

install updates automatically.

.

3. Install only Trusted Software - If you’re not sure what a piece of software does from its

name, then don’t install it. Also, don’t install anything you didn’t intend to install in the first

place. Sometimes programs will ask you to install other programs during the install of the

original application. Be careful of that because it’s usually spyware. If you’re installing software

from big names sites like Microsoft or Adobe, you’re good. For anything else, you should first

get it scanned. The easiest way to do this is to use an online tool like VirusTotal, which lets you

upload a file for scanning or lets you enter the URL you want checked.

ED2015 Page 6

enter the URL you want checked.

4. Avoid P2P File Sharing Software – If used with great caution, P2P software is quite useful for

movies, songs and software, but if you’re not very technically savvy, you might end up

downloading a song that has akeystroke logger attached to it that will send anything you type

to some other computer over the Internet. It’s almost impossible to tell that this is occurring

ED2015 Page 7

unless your anti-virus or anti-spyware programs pick it up in their scans. If you don’t know what

you’re doing, don’t try to torrent.

5. Delete Unknown Emails – If you receive emails from random people, do not bother to open

the email, just delete it. If you have any doubts after reading the name and the subject, it’s

probably not someone you know. Never download or open attachments unless you are sure it’s

from someone you know. Give the person a call quickly and ask them if you’re not sure. Most

large companies that you create online accounts with will not send you attachments unless you

specifically ask for them through their web site. Also, be wary of any emails from sites

pretending to be banks, auction sites, etc asking for you to verify bank account info or address

info. No bank ever does that.

Also, hackers try to prey on your emotions. If something sounds too good to be true, i.e. you

won some money or free vacation, it probably is. Secondly, if you get any email from the IRS or

police or a lawyer or anyone else trying to scare you, don’t panic and start giving out

information. These are all usually scams because no official agency emails people about serious

issues.

6. Do not click on Ads - Avoid clicking on ads if you can. Especially those ads where something is

flying around and if you shoot the duck, you win some prize! Ads have become more

sophisticated in that they try to make the ad interactive so that you’ll be tempted to play it like

a game.

ED2015 Page 8

7. Run Virus Scans Regularly – If you’re not in the mood to scan every day, at least run a scan

once a week. Actually, setup a schedule for your computer in your anti-virus software to run a

scan late at night or whenever you don’t use your computer and that way you won’t be

bothered with a slow computer.

8. Be careful what you attach to your computer – This is a more common way to transfer

viruses than you might think. Everyone now has a USB flash stick that they carry around on

their key chains, ready to snap into any computer. But who knows what viruses are on your

friends computers and what accidentally got transferred to their USB stick. A lot of virus

programs will auto launch right when the USB stick is put into the computer, so you don’t even

have to open or download any of the files to be infected.

9. Avoid Shady Web Sites – If you need to look at porn, then make sure you do it in a virtual

environment. You are DEFINITELY going to get a virus or spyware if you browse porn sites on

your computer. Virtualization basically allows you to run programs like Internet Explorer in a

virtual environment that does not effect your current operating system. If you want to find out

more, search for “Virtual PC” or “VM Ware” in Google. Otherwise, simply avoid going to shady

web sites!

10. Turn On or Install a Firewall - If you’re running Windows or Mac, make sure firewall is

turned on. A firewall prevents hackers from gaining access to your computer by limiting the

number of ports that are open to the public. Also, when buying a wireless router, make sure it

has a built in firewall. Having a software andhardware firewall is better than just having one or

the other.

ED2015 Page 9

11. Secure Your Wireless Network – Most wireless routers are set to no security when you

install them. Be sure to log into the router and at least set the basic security that requires a

password. There are stronger encryption options, but if you don’t understand those, then

simply set a password on the router and the wireless network, otherwise anyone can connect

to your home network and change all the settings.

12. Use a Complex Password for Login – This means that you should already have a password

to login to your computer. Not having a password at all is not a good idea. Create a password

for all user accounts and make sure it’s complex. Complex means it should have numbers,

upper case characters, lower case characters, and symbols. This makes it way more difficult for

a hacker to get into your computer.

Hackers have been around for too long, usually associated with dark themes and “the evil side”

they represent the minority of IT Gurus that just have too much time on their hands, and a

touch of evilness.

Usually represented with a skull or “horrifically” they are iconic in a never ending battle against

internet crime.

ED2015 Page 10

Your hosting provider should have set up your server with a certain amount of security built-in.

However, there’s much you can do yourself to ensure your site stays unmolested.

Hackers play an “unwanted” yet a significant role on the net, it creates thousands if not millions

of jobs, in the IT field but they are a menace to webmasters, such as you and me alike.

Not to worry, because the following list of “Ten Tips” aims to tell you a little about the way

malicious hackers work, and some ways of protecting your site-and inevitably preserving the

privacy of your visitors.

Ten Tips to Prevent Hackers

10) Comment Attacks

Comments are one of most prized features for blogs, and helps create a great relationship

between the author and the reader, and also between readers in the wider community. It

would also be easy for someone to insert HTML code that causes trouble.

You need to “validate” the form input before it’s accepted, to strip out all but the most basic

HTML tags, for example and also if you’re using WordPress – you can utilize the “Keyword

Filter” to block out any harsh words that might raise an issue or two.

9) Unsolicited Installation of Scripts

It can be dangerous to install third-party scripts and programs on your website unless you

understand what they are actually doing. Even if you don’t fully understand the programming,

you can read through the code and look for tell-tale signs such as references to third-party

URLS.

You can also visit community forums such as SitePoint and DigitalPoint to ask around for better

advice.

8) Avoid Scam/Spammy Websites

In a desperate attempt to get visitors you might consider try extensive viral marketing and

other means of gaining the attention, this may cause a few people in the wrong community to

raise a few eyebrows.

ED2015 Page 11

The last thing you need as a settled web-master is to cause a stir amongst the wrong people.

Stay away from websites and especially forums that offer “information” or “get traffic quick”

that uses illegal spam lists and such.

7) Clear the Cookies!

Personally, I use a lot of public computers to blog and do other online

activities, maybe because it’s convenient or my unreliable ISP crashed on my once more.

Inevitable there’s many, many webmasters like me that use public services for either a quick

access or regular work.

Just don’t forget to clear out the cookies and cache before you leave! Even if the service

provider claims “no tracking of privacy” or anything along those lines, a quick clean before you

leave wouldn’t hurt anyone.

6) Prevent illegal farmers’ from “harvesting” your lists

Hacking techniques are used to “harvest” email addresses, which are then used by spammers

and other hackers for malicious activities. If you are storing email data on your website, for

what-ever required reason, make sure it’s stored in a secure format, such as a MySQL Database.

Most top-CMS such as WordPress and Joomla make this compulsory but there’s many self

written CMS’s too. If your script simply writes data to a text called “emails.txt” it won’t be long

before someone sniffs it out.

5) Make sure your files are using the correct CHMOD Permissions

ED2015 Page 12

CHMOD File Permissions assign a specific value to every file/folder on your server, which allows

different levels of access.

CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files

get what permissions, but be warned that some third party software require higher permissions

to operate properly. You need to balance out features with security and make an informed

decision.

Using a FTP you can change the permissions given to each file/folder on your server. This is vital

to ensure any unauthorized access to your content is comprehensively denied.

Note – Make sure your CHMOD settings work with your current web-hosts. Some hosts prevent

‘777’ for security reasons.

4) Don’t use Generic Usernames

Using common words for usernames such as “admin”, “administrator” or “Site Owner” can

cause many implications because you are simply making the job of the hacker’s a lot easier. By

using such common words for your username, you are incredibly increasing the success rate of

the hacker by at least a few points of a percentage, which is consider a lot where only one

answer can be right from an unlimited range of combinations.

3) Securing your Ports

To put in simple words, a “PORT” is used to access data from outside the server. It also utilized

to transfer data both ways, into the server and also outgoing. Most of this activity is behind

closed doors and happens automatically, and only trained professionals tend to play around

with such details.

Nevertheless, ports are constantly opened & closed for easy-access, for programs such as a FTP

(File Transfer Protocol). This can be favorable for any hackers attempting to access your

sensitive files, so make sure any unwanted ports are ‘properly closed.’

2) Updated Security Patches

If your WEB HOSTING PROVIDER hasn’t already done so, you should check that all the latest

security patches for various aspects of the service are properly installed. As you might know,

WordPress (self-hosted) is one of the most popular Content Management Systems out there on

the market.

ED2015 Page 13

It is used by millions- so it’s not surprising to see many hackers working day/night trying to hack

it. Updates and patches are regularly released, so keep an eye out for all your plug-ins/core

files.

1) Use Strong Passwords!

The number one technique you can possibly implement. Hackers are

experts at programming computers to plough through huge amounts of data very quickly.

That’s the reason longer passwords are more secure; the number of possible combinations

grows exponentially with every extra character added.

Hackers employ a technique called “dictionary attack” where they repeatedly try username and

password combinations by running through hundreds of common words, phrases, numbers and

combination them till they get lucky. It’s important you use random strings like “j@m13s(!)”

instead of perhaps “jamie123″

Lastly, this cannot be a ‘tip’ instead a complusory step in setting up your online community.

Make sure your “.htaccess” and “.htpasswrd” is properly formatted with the secure CHMOD of

644. This is important and adds the best out-layer of protection for you and your visitors.

How to Prevent Hackers from Accessing Your Online Accounts Posted on September 10, 2014 by ZoneAlarm

ED2015 Page 14

Jennifer Lawrence. Arianna Grande. Kate Upton. These are just a few of the known celebrities

who recently had their private photos leaked online after a hacker had allegedly compromised

their iCloud accounts. The hacker went on to claim they have more than 100 celebrities’ photos

in their possession.

How did this happen? There are many theories to what was the root cause. Some say it was due

to weak or extremely guessable passwords and answers to security questions. Others say the

hacker got hold of the celebrities’ login credentials by sending phishing emails. Another theory

is that the WiFi at the Emmy Awards was compromised, which led to the celebrities having their

login credentials intercepted by the hacker.

The reality is this could have happened to any company. The focus here shouldn’t be on Apple

and iCloud, but rather on taking preemptive measures to ensure the security of your online

accounts.

Taking steps to protecting your online accounts

Secure your accounts with strong passwords

We often stress the importance of securing your online accounts with a strong password. This is

no different. Using “password” or “abc123” as your password is practically the same as not

using a password at all. Get into the habit of securing all of your online accounts with strong

passwords, which include a combination of lowercase and uppercase letters, numbers and

symbols.

Here are some tips to make your passwords stronger.

ED2015 Page 15

Beware of phishing scams

Phishing scams are one of the oldest tricks in book, yet many people still fall for them today. It’s

no surprise that one theory to this incident is that the celebrities were duped into revealing

their login credentials through a phishing scam. After all, many people will panic if they saw an

email saying, “Unauthorized access has been detected. Please verify or your account will be

locked.”

The best way to avoid a phishing scam is to avoid logging into accounts through links within

emails, even if you know with full certainty that the email is legitimate. Instead, go to the

official website directly and login from there to confirm the email claim.

Here are 7 ways to spot a phishing scam.

Enable two-factor authentication

While iCloud accounts previously did not have two-factor authentication, in light of this

incident, Apple said it would strengthen its security measures by adding alerts to notify users

when signs of a break-in have been detected, as well as make improvements to its two-factor

authentication.

We highly recommend enabling this security feature for all of your online accounts, if

applicable. It’s easy to setup, and you’ll have peace of mind knowing you have an additional

layer of security protecting your online accounts from unauthorized eyes.

Learn how to turn on two-factor authentication for the following:

Email

Facebook

LinkedIn

iCloud

Dropbox

Never access sensitive websites over unsecured WiFi

The theory that the WiFi at the Emmy Awards was compromised by a hacker is a possible

scenario. With selfies and Tweets guaranteed to happen, the likelihood of attendees using

public WiFi to access the Internet is extremely high. Since public WiFi signals are unsecured (or

rather unencrypted), the data transmitted could be sniffed out and intercepted. The approach

ED2015 Page 16

to make sure your data is secured when on public WiFi is to USE A VPN (virtual private

network). Hotspot Shield, SurfEasy, and Private WiFi are just a few of the many VPN services

available.

Learn about the risks of public hotspots.

Don’t wait until it’s too late

Having your private photos stolen from your online accounts (and posted for the world to see)

is upsetting and can potentially damage your reputation. But it isn’t just photos – hackers can

gain access to your emails, your online banking accounts, and other very sensitive parts of your

online life. Taking preemptive measures and being vigilant on the Web makes you a harder

target against those who want to take advantage of you.

What can I do to keep my account secure?

Here are a few things you can do to keep your account safe:

Pick a unique, strong password. Use combinations of at least 6 letters, numbers and punctuation marks and don't use this password for any of your other accounts. You can also use a password safe like LastPass, KeePass or 1Password to set and remember unique passwords for your account. Learn how to change your

password. Think before you click. Never click suspicious links, even if they come from a friend

or a company you know. This includes links sent on Facebook (ex: in a chat or story) or in emails. If one of your friends clicks a spam link, they could accidentally send you or tag you in spammy posts. If you see something suspicious on Facebook, report it. You also shouldn't download things (ex: a .exe file) if you aren’t sure what they are. Learn more about recognizing suspicious emails.

Watch out for fake Pages and apps/games. Be suspicious of Pages promoting offers that are too good to be true. If in doubt, check to see if a Page is verified. Also be mindful when you install new apps or games. Sometimes scammers use bad apps and games to gain access to your Facebook account.

Don't accept friend requests from people you don't know. Sometimes scammers

will create fake accounts to friend people. Becoming friends with scammers allows them access to spam your Timeline, tag you in posts and send you malicious messages. Your real friends may also end up being targeted.

Never give out your login info (ex: email address and password). Sometimes people or pages will promise you something (ex: free poker chips) if you share your login info with them. These types of deals are carried out by cybercriminals and violate the Facebook Statement of Rights and Responsibilities. If you're ever asked to re-enter your password on Facebook (ex: you're making changes to your account

ED2015 Page 17

settings) check to make sure the address of the page still hasfacebook.com/ in the URL (web address).

Log in at www.facebook.com. Sometimes scammers will set up a fake page to look like a Facebook login page, hoping to get you to enter your email address and password. Make sure you check the page's URL before you enter your login info. When in doubt, you can always typefacebook.com into your browser to get back to the real Facebook. Learn more about phishing.

Update your browser. The newest versions of internet browsers have built-in security protections. For example, they might be able to warn you if you're about to go to a suspected phishing site. Facebook supports:

Mozilla Firefox

Safari Google Chrome Internet Explorer

Run anti-virus software. To protect yourself from viruses and malware, scan your computer. You can learn more and download this software for free:

For Windows For Mac OS

It’s tough to get people to pay attention and be serious about their online identity. An

Email account is the first and primary component of your online identity and yet it’s the

one that is left unguarded the most. Email accounts may be virtual but once hacked, the

consequences and damages are very real.

The problem with a hacked email account is the domino effect. All registrations,

purchases, renewals, transactions, password reminders etc. are sent to your email

inbox. So once the first domino falls, the entire setup falls apart in one fell swoop. After

the jump, we’ve rounded up a few tips that can help you secure your email accounts of

popular webmail services.

Use a Strong Password

Strong Password

Yes, I know this is what every other tech blogger says every single time. But that has

never made people any wiser. Even hackers feel insulted when they come across

passwords like “sweetlove123”, “pass@123” and the like. Google is the best when it

comes to putting real effort into securing your email account proactively. You can use

special characters, numbers, upper and lower case alphabets of almost any length. My

ED2015 Page 18

Gmail password is between 60 to 80 characters long and my general rule of thumb is to

have a password that only the NSA can hack.

Use a reliable Secondary Email Address

Absolutely no Hotmail accounts for secondary fallback email account people. They still

have their stone age era email account expiry plan after certain number days of non

usage. So if the secondary email address is Hotmail and is expired, anyone create it back

again to receive password reset information. And since webmail providers have this

peculiar habit of giving all kinds of hints to remind you of the email address where the

password recovery link has been sent, use an uncommon, custom domain or corporate

email address that is hard to guess and hack into.

Setup SMS Alerts

SMS Alerts

Go to your account settings and add your mobile number to receive SMS alerts. Once

that’s set up, Google will send you the password reset code whenever somebody tries

to reset your password. Alternatively, if you are a smartphone user, you can rely on

these SMS alerts and disable password recovery via email altogether. Email accounts are

always vulnerable to a hacker from a remote place but your mobile phone is not. Yahoo

provides the same feature free too. Hotmail has a similar feature but is not supported in

a lot of countries.

Be sensible with your security question

Ok. There’s absolutely no point in having the security question, “My favorite doggy”,

and posting pics of you and your poodle with images titled “Rolling with Rosy” on

Facebook and Twitter. A lot of personal information is available online, thanks to social

networks. On being the weakest links in the email security chain, security questions rank

ahead of weak passwords. It’s nice to be an open book but select a question from those

stapled pages and blacked out lines.

Check Filters and Forwarding Addresses

In the event of a hack and after reclaiming the account, go through the existing filters to

check if there are some sneaky filters set up that forward all your CREDIT CARD , login

info, bank account and other sensitive correspondence to an email address that is not

ED2015 Page 19

yours. Go to the forwarding page and see that all your incoming mails are not forwarded

to the hacker either. This helps you avoid getting hacked in the future too.

Avoid Public WiFi

Happy to have discovered an unsecured WiFi hotspot? Or mooching your neighbour’s

spilt WiFi? Enjoying the free WiFi of the coffee shop round the corner? Good for you and

so is for the hacker sitting nearby to sniff the packets right out of thin air. Avoid using

public WiFi for accessing email or transacting online with a credit card. Casual browsing

and YouTube watching (without logging in) are Ok. Accessing emails is a big no, no.

Do not share your login information

Another obvious fact. But at times, it’s necessary for small businesses and online

entrepreneurs to share login information with colleagues. For example, accessing

Google AdSense, Analytics or Microsoft Live services etc. The ideal solution is to create a

dedicated account for accessing these services instead of linking everything to your

personal email id and sharing it.

Login regularly

Even if a hacker gets hold of the answer to your security question, they cannot use it

immediately to reset the password and break into your Gmail account. Password reset

with security question is possible only after 24 hours of your account being inactive

after receiving the password reset instructions. So for once, checking your mail regularly

is a good thing. Also, it will help reset the Hotmail account’s expiry date. Unfortunately

Hotmail and Yahoo do not have this useful restriction in place.

Special Features

Gmail

Enable HTTPS by default from your account settings. This helps from the password

getting sniffed when transmitted over public WiFi hot spots. If you are a Google Apps

user, enable pre release features to avail the upcoming two factor authentication

system before it launches.

Hotmail

Use the Windows Live Essentials package and verify the computer you are using as

reliable. “Trusted PC” is a unique new proof that lets you link your Hotmail account with

one or more of your personal computers. Then, if you ever need to regain control of

your account by resetting your password, you simply have to use the trusted computer

ED2015 Page 20

and Hotmail will know you are the legitimate owner. It’s a great feature for those who

are really paranoid about email security.

Yahoo

Sign In Seal

Make use of the sign in seal option to verify the computer. Sign in seal is basically an

image or color that Yahoo displays for each of your computers adding another layer of

security to the login process.

Avoid Webmail

Still not sure about the safety and security of your email account online? It is totally

understandable and I suggest you to take it off the Internet. I mean, partially. Get hold

of an ISP and get a POP or IMAP account set up for your email address forgoing the

webmail set up. Then use desktop email clients like Outlook or Thunderbird to pull your

mails. It will make you feel dated, but is reliable and works effectively too.

Did we miss an important tip or got a better suggestion? Share it with the rest of

community in the comments section. How to Protect Your Privacy

There are "bogus" job sites interested only in collecting your personal information - no real jobs

available. Just forms to complete with as much information as you will supply - information that

they will sell to spammers, identity thieves, or others, or misuse themselves.

Find a Job Here

ED2015 Page 21

There are also social networks

that will collect as much

information from you as

possible, and they sell it or

simply make it available publicly

to anyone who has access to

your profile.

In addition, the scammers of the

world have discovered that

legitimate job sites will allow

"employers" to search through

the resume/applicant database

and keep copies of resumes.

(More information about Job

Scams.)

If you have a job, protecting

your privacy also protects your

paycheck.

Employers don't trust employees

who are looking to work

elsewhere, and, at a minimum,

you could have a very

uncomfortable discussion

with your boss. At worst, you

could be fired. Yes, it is legal for

an employer to do fire someone

for job hunting in the USA, in

most situations.

So be cautious where you post your resume and what you reveal in social media about your

intentions to find a new job!

what

job title, keywords

where

city, state, zip

Find Jobs

jobs by

ED2015 Page 22

8 ways to protect your privacy when job hunting online

Here are some methods of protecting your privacy while conducting an ONLINE JOB SEARCH :

1. When completing a social media profile (like LinkedIn, Facebook, Google Plus, etc.) or posting your resume in an open place where millions of people may see it, limit the personal contact information (location, phone numbers, email address) on your resume. Job-Hunt's "Cyber-Safe Resume" article shows you what information to make public and how to make it public while minimizing the opportunity for identity theft or other bad result.

Yes, limiting your contact information may make you a little more difficult for an

employer to reach you, but the impact is minimal if you do it the right way (Cyber-Safe). Carefully providing limited contact information also makes you look more Internet-savvy, and it protects you and your family. Your choice.

2. NEVER share your birth date on social media or a job board! Someone interested in stealing your identity currently needs little more that your name, contact information, and -- most importantly -- your birthdate!

Someone interested in hiring you should not be asking for details that will tell them how old -- or young -- you are. Yes, you may receive fewer birthday greetings, but that's not a big loss in comparison with being a victim of identity fraud.

If you have already shared your birthday online, go back to where you have published it and take the following actions:

Delete the birthdate information if possible.

Change it to a completely fictional date - the month, day, and year! Changing the year won't make your birthday safe -- trying a few different years is easy for a person (and very easy for a computer) to do.

Choose another date that is memorable for you. I have a friend who always chooses January 1, 1901. Perhaps there is another date that is easy for you to remember (wedding anniversary, spouse's birthday, parent's birthday, child's

birthday, etc.), and you can use that date because you may need to remember your "birthday" to confirm that you "own" the account or social media profile.

If you cannot delete the birthdate, make it "private" if you can. But, don't

assume that changing the status to private will be solid protection. Be sure to change the date to something fictional.

3. Be picky about where you post your resume or the information you make "public" on a social network. (See Job-Hunt's "Being Smart About Choosing a Job Board" article for help.)

ED2015 Page 23

Post your resume only where you are reasonably sure it will be protected, at a site with your preferred employers or the best job listings for you. Focus on posting at a few really good sites rather than many mediocre sites.

Don't post your birthday, town where you were born, or your mother's maiden name on any social network. If they require your birthdate, make one up.

Most social networks, including Facebook. have privacy settings. Use those to protect your sensitive information, and check them regularly to see if they have changed.

4. When the option is available, choose to limit access to your complete resume,unless you are using the cyber-safe version of your resume.

Most job sites allow you to choose the level of visibility for your resume. The levels can include:

Completely open. Anyone (job seeker and employer/recruiter) can see your complete resume. This is the least secure, and least desirable, option. Avoid these sites, or be sure to use the cyber-safe version of your resume if you feel you must use a site like this.

Searchable by "employers" only. Employers/recruiters, or anyone willing to pay the fee for access to the resume database, will see your full resume. Good for marketing your skills and experience to employers, but don't take the risk unless you are using the cyber-safe version of your resume with your contact information disguised or deleted ("cyber-safe").

Semi-private, searchable but with your contact information blocked by the job site. Employers/recruiters (or anyone willing to pay) can see everything on your resume, except your contact information. If a potential employer is interested in you, the job site notifies you about the employer's interest so that you can contact the employer. Good for marketing your skills and experience and good

for your privacy, too! Use the cyber-safe version of your resume here, too, just to ensure that your contact information is safe.

Private, your resume is excluded from the searchable resume database. This

provides you with the most security and privacy, but doesn't allow an employer to find you. It would be the safest option for someone who is employed and protecting his or her job.

5. Keep a log of where and when you posted your resume on a job site or employer Web site. The long doesn't need to be fancy; just effective. A hand-written list with the date and site will work. If possible, keep track of which version of your resume you posted (helpful for updating and tracking contacts). It will also enable you to end your job

ED2015 Page 24

search after you land your new job. (See Keeping Track of Your Job Search for more tips.)

6. Don't use resume distribution services! You completely lose control of your resume, whether it is distributed via e-mail or posted to a number of Web sites. You don't know who has it or what they might do with it, and it makes you look desperate and/or inexperienced.

7. NEVER provide your Social Security Number (including your Driver's License, if your SSN is the same as your license number), your bank account number, or your mother's maiden name to anyone approaching you about a potential job. A person with a copy of your non-cyber-safe resume and your Social Security Number

has everything they need to steal your identity - the #1 fraud, according to the FBI. Don't help them by providing that last bit of information. There is no reason to include your SSN on your resume!

Many credit card issuers use your mother's maiden name as a "password" identifying you to them, so someone with that name can access your credit card accounts (to get cash, etc.).

If a stranger approaches you (via phone, e-mail, or regular mail) claiming to need a little more information to do an employment "background check," "prescreening," or something similar, and asks you for your Social Security Number or your mother's maiden name, do not give it to them. This approach has been used by identity thieves to collect information from victims.

In general, the safest time to provide anyone with your Social Security Number is only when you are completing an IRS form at the employer's physical location, after you have accepted their job offer. Your SSN may, very rarely, be needed for a background check, but few employers spend the time/MONEY for a background check on an applicant who has not been interviewed.

If the request feels "fishy" to you, follow your instincts, and don't provide the information they are requesting.

8. Look for, and READ, Web site privacy policies! (See Job-Hunt's How to Evaluate Privacy Policies article for help.)

If the site does not have a privacy policy, do not use the site! There are thousands of job sites - find another one. Read job site privacy policies!

NOTE: a privacy seal (e.g. TRUSTe or BBBonline) does NOT mean that a site is "safe" to use unless, when you click on the seal, you go to a page specifically about the website you are considering. If you go to the TRUSTe or BBBonline home page, the seal may not be current or even used legitimately.

ED2015 Page 25

For example, and we don't think this problem is limited to just one or two sites, Monster is

arguably a very major employment super site. However, on 9-5-2001, a Pam Dixon compiled a

serious report on Monster's privacy practices that, if accurate,indicated very bad practices. So,

if you choose to use ANY job site, be VERY careful! Follow Job-Hunt'scyber-safe

resume guidelines, use a 3rd party e-mail address, and be extremely cautious about any

personally identifiable information you share with any job site.

Don't be discouraged, but DO be careful!

Being Smart About Choosing a Job Board is something to be approached very carefully. Read

that Job-Hunt article before you start posting your resume at any job sites.

On Simple way we can say that cyber crime is unlawful acts wherein the computer is either a

tool or a target or both

ED2015 Page 26

Indian Cyber Crime Act -

Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.

We can categorize Cyber crimes in two ways The Computer as a Target :-using a computer to attack other computers.

e.g. Hacking, Virus/Worm attacks, DOS attack etc.

The computer as a weapon :-using a computer to commit real world crimes.

e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc. Cyber Crime regulated by Cyber Laws or Internet Laws.

Technical Aspects Technological advancements have created new possibilities for criminal activity, in particular the criminal misuse of information technologies such as

a. Unauthorized access & Hacking:-

Access means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network.

Unauthorized access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network.

Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money.

By hacking web server taking control on another persons website called as web hijacking

b. Trojan Attack:-

ED2015 Page 27

The program that act like something useful but do the things that are quiet damping. The programs of this kind are called as Trojans.

The name Trojan Horse is popular.

Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the trojan.

TCP/IP protocol is the usual protocol type used for communications, but some functions of the trojans use the UDP protocol as well.

c. Virus and Worm attack:-

A program that has capability to infect other programs and make copies of itself and spread into other programs is called virus.

Programs that multiply like viruses but spread from computer to computer are called as worms.

d. E-mail & IRC related crimes:-

1. Email spoofing

Email spoofing refers to email that appears to have been originated from one source when it was actually sent from another source. Please Read

2. Email Spamming

Email "spamming" refers to sending email to thousands and thousands of users - similar to a chain letter.

3 Sending malicious codes through email

E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of website which on visiting downloads malicious code.

4. Email bombing

E-mail "bombing" is characterized by abusers repeatedly sending an identical email message to a particular address.

5. Sending threatening emails

6. Defamatory emails

ED2015 Page 28

7. Email frauds

8. IRC related

Three main ways to attack IRC are: "verbalâ⦣8218;?Ŧ#8220; attacks, clone attacks, and flood attacks.

e. Denial of Service attacks:-

Flooding a computer resource with more requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users.

Examples include

attempts to "flood" a network, thereby preventing legitimate network traffic

attempts to disrupt connections between two machines, thereby preventing access to a service

attempts to prevent a particular individual from accessing a service

attempts to disrupt service to a specific system or person.

ED2015 Page 29

E- References ----

www.online-tech-tips.com

www.facebook.com

www.job-hunt.org

www.twitter.com

www.cyberlawsindia.net

Feedback ----

[email protected]

7385848115