Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Security Tips for Online Shoppers! Your Security is in Your Hands!

 

This is the era of internet and everything is available online. We can buy anything from e-commerce websites. Different countries have different e-commerce websites. During online purchasing, we need to fill sensitive information of our credit cards, debits cards and internet banking accounts to make the payments. If this information goes into wrong hands, we can face a huge loss. It is the responsibility of website to keep our information secure from hackers. But our security is in our hands. Our little mistakes during internet surfing, may lead us to a big problem. Here are some security tips for online shoppers, which could be helpful for us to protect our sensitive financial information:

 

1. Restrain Yourself from Third Party Links

Mainly criminals effect PC’s through malwares by manipulating users to click and open malicious third party links . Occasionally phishing emails enclose spelling errors and poor grammar with which we can spot them . Nevertheless, attacks that are made intentionally are  indistinguishable from genuine emails. Ultimately Social media is also helping attacks. Hackers can get information about interests of targets and they can send them crafted emails. Hard coded malwares behind these links will install itself automatically, when target will click on the link.

 

2. Practice Dissimilar Passwords on Different Sites 

Typically individuals have , up to 100 online accounts, people use to share limited passwords across accounts . Many dictionary words are easily crackable . So use a different technique to set a password , ex- now for every site login page add some words to the password , such as on Facebook add F or B on front and end of the password . It should be  unguessable for others but for you, quite memorable.

 

3. Set a Different Recovery Email instead of Main Email Account

A hacker who compromised your main email can get access to all others accounts  because mostly main mail is used to reset the password from other accounts . A criminal can use this method and can access your  personal data such as  passport details, date of birth, which all enables the hacker  to fraud ID . 

 

4. Use Paid Anti-Virus Tools

Researchers found that there were 49 million new malwares after every five years , means  that anti-virus software manufacturers are involved in a constant game of "whack-a-mole". Mostly  their reaction is slow , they are much like flu viruses and vaccine design, it takes the software engineers some time to catch up with the hackers.

 

5. Avoid Unnatural Social Media Invitations

Simply  say no to social media invitations from people you don't know. It's the cyber equivalent if you are inviting unknown to your personal connections.  Social Media scams are in a wild now a days. Your single click may lead you in a big trouble. 

 

6. Think Twice Before Sharing Information

Again, the major risk is ID fraud. Scanning for individual  personal details is the new era equivalent of "dumpster-diving", in which hackers searching for private documents . Think , once that information is out over social media , you have no idea how others can use it.

 

7. Use "Wipe Your Phone" Feature

Apps such as Find My iPhone, Android Lost , BlackBerry Protect etc allow you to remotely remove all your private data  so your device should Absolutely, set it up . In the case you lost the phone, you erase data and can protect  info falling into the wrong hands. 

 

Also read: Bye Bye Ransomwares! Now We have Crypto Drop!

 


8. Trust Only Secure Sites 

Before entering credentials, ensure that the locked padlock is screening in your browser . Next online retailer's  address will alter from "HTTP" to "https" to specify a connection is secure. Away from sites that change back to Http after login. Hackers may use fake websites to collect victim's financial details. These fake websites will look like the original ones. You have to make yourself aware about it. For example: Hackers may use, "www. ebaynew.com" to manipulate the users of "www.ebay.com".


9. Avoid  Pop-Up Ads 

Pop-ups may be filled with malicious tools which can trick customer and can steal credentials. Always ignore pop-ups proposing things like site surveys on commercial sites, as they are sometimes where the malicious code is.

 

10. Say No To Free Wi-Fi 

Mostly Wi-Fi hotspots do not use data encryption. So the  information filled by users, goes in clear text .That means hackers can  search your data by packet sniffing that being transferred on a Wi-Fi network in unencrypted form. Never surf sensitive websites on public wifi. If you have to use, then always use a VPN. 

 

11. Use Multiple Email Accounts

Try  one for the bank ,other for shopping and one for social  sites . Suppose if one account is hacked, others accounts are safe .  It also helps you spot  many phishing emails like  if  the mail came in your shopping account, apparent to come from your bank, you can immediately find it's a fake.

 

12. Even Mac’s Are Not Secure 

It's obvious that Macs are less targeted, simply due to the lesser number of users , but this is changing. So determined crackers  can find new ways to exploit users on almost any OS. For your kind information, iOS and OS X was on the first place in the list of 2015 for having maximum vulnerabilities.

 

13. Never Use Save Password Feature of Browsers and Websites

Mass data security holes aren't common but don’t take the risk. Never save your user id and password in browsers and websites. By mistake, if your browser has been compromised hackers could steal your credentials. Some extra seconds it takes to fill details each time is a small price to pay. 

 

14. Two-step Verification is The Best Option 

If your online service  offering, it  set this up. In addition , you just have to verify yourself through the code sent to your phone every time. It little fuzzy but provide huge security. So a hacker might find your password, but without filling temporary verification code account is secure.


15. Lock Your Phone and Tablet Devices 

It's your first line of defense , however next-generation devices may employ fingerprint scanning technology as additional security but still there is time to it. Never share your devices with anyone, if you have stored your sensitive information in it. As a saying, "Walls Have Ears".


16. Recognize the Difference Between Fake and Genuine Discount Offers

Hackers may send spoof emails to users by offering them catchy and higher discount offers. By manipulating the targets, they can collect credit card and banking detail of users from here by setting up a fake payment gateway. Aware yourself to recognize these type of scams.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.