But, if you know little about the technical aspects of how to configure a router remotely, the best thing would be to disable the remote management module. This is because a router that is not well configured for being managed remotely, could be accessed by anyone across the network or even across the internet. The router is in most cases a firewall too, anyone with access to the router configuration could set a configuration that compromises your online and network security.

If you would still like to remotely manage your router despite having scant technical knowledge, take the help of a trusted technically skilled person to configure the remote management module for you. Trusted because, remember that he could always keep a loophole that allows him to remotely access your router and network whenever he pleases !!!! The best thing to do would be to read the manual, jump to the section on remote management of the router and disable the function. It would be be safe to take technical help in  learning how to disable the remote management feature of your router.

The email you receive in this online fraud will have a few similar features:

(a) The ‘buyers’ generally claim to be from Singapore or Indonesia. They might also say that they are from the U.S or U.K. For U.S and U.K fraud emails, the requested shipping destination for the merchandise is generally given as a destination in Africa. The writer claims to have a chain of jewelry stores in Africa that is starving for your high priced merchandise.

(b) This fraudulent email claims to have seen your wesbite and found a keen interest in your merchandise. There might also be items from your website quoted in the email. The most striking part of these email frauds is that, the item description (if mentioned in the email) is a direct ‘cut and paste’ description. The fraudster generally selects the highest priced item and then requests a quote for 15, 50 or maybe more pieces. This is what excites innocent sellers, the idea of making a huge sale seems to blind you from the underlying dangers.

(c) Another feature of this online fraud is that, the ‘buyer’ says that before making the purchase he would need confirmation of some payment mode. Visa card, AMEX or even Western Union might be touted as some of his preferred mode of payments. The money would ofcourse never be paid to the seller or be paid through a credit card that belongs to someone other than the buyer!

(d) The sender of the email almost always, uses a free email address. The email address might not be a Yahoo or Gmail or Hotmail as everyone knows about these. Remember that a thousand other websites offer free email addresses and these are preyed upon by these online fraudsters. Our network team has come across cases where non free email addresses belonging to U.S universities, reputed companies etc have also been used to perpetuate these online frauds. Such email addresses are most likely hacked or probably belong to students or staff that are a part of this online security problem.

(e) The websites most likely to be targeted include jewelry, watches, expensive electronic gadgets etc. The fraudster seems to have a liking for small sized items with a big price tag.

Remember that you will never get paid for the merchandise you ship. Even if you do get a credit card payment in advance, you will soon get a reversal request (actually a demand) from the credit card company. This is because the online fraudster rarely owns or uses his own credit card. You will be obliged to refund the payment to the credit card company and will have no claims on the expensive merchandise that you have shipped.  

It is in your interest to delete such emails and do nothing. Keep your friends and relatives informed about this fraud. No authority that we know of has been willing to track down such online fraudsters. With official power it would be quite easy to trace the receiver of the merchandise as the merchandise moves to him. The fraud in the email is glaring the moment you receive it, so tracking the merchandise and payment all the way would be no problem. Either the interest or importance of this online fraud is being ignored or underestimated.

(a) Your money is on the way: The victim receives a fraudulent email from the fraudster. The email states that despite your refusal to help in the earlier transaction (money moving fraud), the fraudster has managed to move the funds. The fraudster however feels it right to give you a small share of the funds he successfully transferred. You are then requested to contact the sender of the email. You will undoubtedly be expected to part with some confidential financial details and a few thousand dollars. You obviously get nothing in return so do not be tempted to take any action if you receive such fraudulent emails.

(b) Your check is at the courier: This is similar to (a) above but is made more tempting. The message in this email fraud says that your draft is already ready to be sent to you. All you need to pay is a few hundred dollars towards courier fees. You are requested to contact the courier who in this case, will ofcourse be a close associate of the fraudster. At times, the email claims to have come from a courier/shipping company informing you that a parcel is waiting for your clearance. Do nothing with such emails, the delete key is your best protection against becoming a victim to such an email fraud.

Choosing a password: Do not use a very small password, most websites fix a minimum length for passwords. Always use a password that is at least 8 characters long, combine alphabets, digits and even special symbols if allowed. Do not use your name as a password, avoid using simple words like ‘house’, ‘eternity’ etc. Hackers have special programs that can generate almost every word in the English dictionary. Guessing conventional words is therefore not very difficult, remember to combine digits, alphabets and symbols. A password like ‘IwHyE545′, might sound tough to remember but,the secret lies in creating a password with some logic. The above password could have been created by choosing the first alphabet, of each word from this sentence, I was Hungry yesterday Evening at 5.45pm”.

Keeping passwords: Do not scribble your password near your computer, or in way that any person could identify it as a valuable password. If you must write down passwords, develop some conventions that would help keep them safe. For example, referring to our password mentioned above, ‘IwHyE545′ could be written as ‘WhYw545I’. What we have done is taken off the first character (I) in the password and placed it at the end. We have then changed the alphabets from small to big case and vice versa. While it is best not to note down passwords, millions of computer users do note them down. Never send passwords through emails, online chats etc. If you must note your password, do so in a place that is not near your computer. Also develop some sort of code that will allow you to juggle the characters of your password when you write it down.

Not the same password: Most computer users would typically access around half a dozen online services that need a username and password. If this is true with you, do not use the same password for more than one login. For example, do not use the same password for your email and online banking service. Using the same password for many services means that, you expose all the services if the password is compromised. It might not be possible to do this in certain cases. If you have a Hotmail email account and also use MSN Messenger, try to login to MSN messenger. Once logged in, you can see a link to your Hotmail email account, click it and you would be accessing your Hotmail account in a few moments. This is a bad feature, it means that you can never leave your MSN messenger even for a few minutes. If you did so, any person seated near your computer could click the Hotmail link and read your personal emails.

Change passwords periodically: It is a good idea to change your password periodically. Depending on how sensitive the information that you password protect is, change of password can be done anywhere from once a week to every month. Most of us stay alert when choosing a password for the first time, a certain degree of compacency creeps in if we have to change the password ever week or month. Some online services do not allow the same password to be repeated within a month, this is done for your security so do not fume and fret. Resist the temptation of changing to passwords that are similar to other passwords that you could be using.

Certain online services have implemented algorithms that actually check the ’strength’ of a password that you select. So if you chose a password that is similar to your first name or last name, you get a message regarding the ‘weekness’ of the password. You should also stay alert to fraudsters who try to get your password and misuse it. It is safe to say that you should trust no one with your password, keep it confidential. Stay updated with various phishing scams that try to extract confidential username and password details. A breach of security for your online financial services account could be severe, such frauds can ruin a person or organization financially. Online financial services include, online banking, credit card accounts and even online payment facilities like Paypal and StormPay.

Very few fraudulent online sellers actually get caught, this link has the report of one such case. There are hundreds more who never get reported or caught. http://www.nytimes.com/2007/06/09/business/09auction.html

Opening a verified account in Paypal does require a credit card validation but, the details of your credit card remain only with Paypal. They will not be disclosed to every seller that you pay through Paypal. There are cases where you will fund a Paypal pay transaction through your credit card, even in these circumstances details of your credit card remain with Paypal.

This is one very important advantage in using Paypal to pay for your online transaction. You should ofcourse stay informed regarding the various security measures that will enable to keep your Paypal account safe.

Children: Instant messengers can pose serious threat to innocent children, adults with bad intentions could exploit children in a number of ways. Children using Instant messengers have been known to disclose confidential information over text and audio chats. Such information could include, school name and address, their actual names and address, status of their parents etc. Slightly older children using the internet might also send images and live video through these Instant messengers. Teachers have in some cases (with good intentions) taught children how to get free email services by disclosing factual name, address and other information.

Office: Instant messengers like Skype, MSN and Yahoo are widely used in offices. The usage is not limited to personal communications, official works if often handled through such utilities. If this is the case in your office, you will need to be aware of a few things. Documents, images and probably even audio video footage can be stolen out of your organization through these Instant Messengers. Technology used to develop these messengers is becoming increasingly advanced and secure. Secure encryption is used to transmit data (text, audio and video) to and from the Instant Messenger. An organization losing data in this way might find it difficult to prove the contents of the data being transmitted. Security measures are available and every organization should implement such measures.

Personal: If you use Instant Messeging services for your personal use, read the above and then give attention to these further issues too. Do not dislcose any personal information while chatting over these utilities. It is possible that the receiver has set an ‘auto save conversation’ option to ‘yes’. If this is true, anyone having access to that computer and login could see the conversation. This possibility increases with the rampany use of laptops. People could lose, misplace or leave laptops unattended, this increases the chances of others accessing the information on the computers.

Messenger and email: If you use MSN messenger, you might not be aware of a very common and possible security threat. Users often login MSN, and remained login even when not on their seat. All that is done is put the status to ‘away’. This might seem like a harmless thing but, the point is that a person coming and sitting on the users desk could access the email (hotmail) account of the user that is logged in. This refers to the email that is connected to the MSN login.

The above are just some of the threats posed by Instant Messengers. There surely will be solutions to plugging such threats but, very few people are aware of the dangers and very few have access to these security solutions. Education is of prime importance, each of us would need to be unselfish and ensure that the our friends, relatives and collegues are kept updated regarding such online security threats.

As time went by, Western Union developed simpler processes to do money transfers. Western Union in some countries now allows the sender to phone in, provide credit card details and confirm a money transfer. You can also access the Western Union website and check for countries from where money can be transferred online. The sender in such cases would not need to present himself at a Western Union agent. The receiver would ofcourse need to follow the same procedure of identifying himself at a local Western Union agent and collect the funds.We now come to the possible dangers of using Western Union Money Transfers to pay for online transactions. In this case, the possibility of the buyer not having any previous buying experience with the seller is high. This is a situation that is different from the traditional money transfers earlier done through Western Union. Traditionally, the sender and receiver were known to each other, frauds between these two parties were unlikely. The role and responsibility of Western Union earlier and even now, ends when the money is paid out to the identified receiver. The receiver (seller) is then expected to fulfill his part of the transaction by shipping the merchandise or providing the agreed service to the sender (buyer). The scope for a fraud exists here, a fraudulent seller could back out of his part of the transaction after receiving the payment. The buyer could do little as Western Union would close the transaction the moment the pay out was made to the seller (receiver) of the payment. Western Union itself does it’s bit by advising senders not to transfer money to unknown people. This is a sad situation as Western Union Money Transfers are the only payment mode available in certain countries and regions. Besides this, not many sellers would indulge in such frauds. At the same time, the fears and worries of the sender (buyer) need to be addressed too. Most reputed online sellers including Kaisilver, offer Western Union Money Transfers as a mode of payment but, do not recommend it for first time buyers. It would give a buyer more peace of mind if he knew the reputation of the seller, repeat transactions could therefore be paid through Western Union Money Transfers.As a buyer, you should discuss other payment modes like Paypal or direct bank transfers with your seller. If you decide to use Western Union Money Transfers for online payments, check the website of the seller and make sure that it looks trustworthy. Then visit popular search engines like Yahoo and Google and search for the seller’s website name. Check for negative feedback or comments in blogs or forums. Some negative comments could be baseless, read and understand the content and context before making a decision.

Few sellers are willing to clearly explain the issues involved in online payments to buyers. They fear that buyers would be put off and prefer not to go ahead with the transaction. However, at Kaisilver we believe that a well informed buyer can be protected against threats and frauds. This security blog is maintained by us to educate buyers and not to push our jewelry sales. If you have found this information to be interesting or useful, please pass the link of this blog to your friends and collegues, a safer Internet will be great for all of us. You can find more information related to online security and threats at this link: http://www.newsletter.kaijewels.com/safe-online-payment.htm

That was the normal scenario, before a third party came into the picture and was capable of cheating the buyer or the seller. These fraudsters used various email communications trying to get confidential login information for online payment modes like Paypal. Armed with this information, they would then hack the victims paypal account and use the funds for their own benefit.

The emails would be made to appear like genuine paypal emails and contain links to click and login. The contents of the email could differ but the purpose is always the same, to compromise security of a paypal account. Here are some types of email contents that are very popular with these fraudsters.

(a) Account suspended or unauthorised activity. In this email, the victim is urged to login to his paypal account and update his profile information. The email goes on to say that some unauthorised activity was noticed in the paypal account and requires this update. The victim is informed that failing to do the update would result in account suspension. The links on these emails do not lead to the genuine Paypal website. They instead, divert the victim to a look-alike webpage hosted by the fraudster on another web host.

(b) Payment has been made: Another more worrying email content is when the fraudulent email claims that, a payment has been made to an XYZ party from the victim’s Paypal account. The victim is naturally very worried as he would have no idea regarding the payment. Should the

(c) Email added to Paypal account: The victim in this case receives an email that an additional email address was successfully added to his Paypal account. Once again, the fraudster hopes that the victim would click the link on the email to quickly check and rectify the situation.

You can read a more complete report on Paypal security problems and also learn how to keep your Paypal account safe at this link: http://www.newsletter.kaijewels.com/paypal-frauds-paypal-email-scams.htm

The report is compiled in the public interest by http://www.kaijewels.com The leading online custom jewelry provider from Thailand. Please pass the information to your friends and relatives. We can together build a safer and stronger ecommerce transaction platform for all of us.

Bank frauds are today being perpetuated by the popular method of phishihg. Simply put, phishing is the process where the fraudster tries to extract confidential information through convincing (fraudulent) emails. When such a fraudster tries to defraud your bank account, he does not really know whether you have a bank account with the concerned bank. Emails are sent to a very large number of innocent victims, the fraudster hopes that some of these will reach actual holders of bank accounts with the particular bank.

The email basically informs you that there is some update to be done to your bank account information. This is the beginning of an attempt to perform a bank fraud. It is quite likely that you do not even have an account with that particular bank, in which case you simply ignore the email. However, if you had an account with that bank, your impulsive action would be to act as per the email. The email would inform you that your bank account would be suspended if the suggested action was not taken. A link on the email urges you to login and make the necessary update to your bank account.

Once you click the link, you are taken to your bank account login page which looks very similar to the bank account page that you normally use to log in. This is the dangerous part of the email, the page is infact not an authentic login page for your bank account. It is clone page that is hosted by the fraudster on some other website and some other server. When you enter your login name and password to access your bank account, the clone web page transmits this information to the fraudster.

The fraudster is immediately informed through a triggered email that, a victim has fallen prey. He would then enter the actual bank account website and login with your details. The funds in your account will then be syphoned out of your bank account. Depending on the amount that is available, the damage to your financial position can be paralysing.

Advice: If you every receive such an email from any source, do not click on any link on the email. Remember this, no matter how authentic the email appears to be. If you must access your bank account, open a fresh browser page, type the entire name of the website for your bank and then do the login. If there was something genuinely wrong with your bank account, any reputed bank would place that issue right on the first page after you login successfully. If this is not present, call your bank and discuss the problem. Do not refer to any phone numbers mentioned on the suspected email.

If you by any chance fall for this prey, contact your bank as soon as possible and inform them of the problem. Access your bank website by typing in the full name of the bank website and change the password to your account.

This information is provided in the public interest by http://www.kaisilver.com the world’s largest online provider of high end custom jewelry. Please pass the information to your friends and relatives, it is our duty to ensure that fraudsters do not make Internet commerce unsafe for any one.