Identity Theft is the fastest growing crime in the US according to the FBI
 

Social Engineering: The Do’s & Don’ts

Written by OSAblog on Saturday, June 20th, 2009

Hackers and crackers use a proven technique called “social engineering” to determine the passwords you use to secure your computer. This technique is extremely effective and based upon an analysis of your lifestyle.  So when choosing a password, make it as difficult as possible for someone to make educated guesses about what you’ve chosen.

What Not to Use:

  • DON’T use your login name in any form (as-is, reversed, capitalized, etc.)
  • DON’T use your first or last name in any form.
  • DON’T use your spouse’s or child’s name.
  • DON’T use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
  • DON’T use a password of all digits, or all the same letter. This significantly decreases the search time for a cracker.
  • DON’T use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
  • DON’T use a password less than eight characters.

What to Use:

  • DO use a password with mixed-case alphabetics.
  • DO use a password with nonalphabetic characters, e.g., digits or punctuation.
  • DO use a password that is easy to remember, so you don’t have to  write it down.
  • DO use a password that you can type quickly, without having to look at the keyboard.

We recommend you choose a line or two from a song or poem, and use the first letter of each word.  For example, “The answer my friend is blowing in the wind…” becomes “Tamfibitw.”

If you feel like someone is trying to get details from you they shouldn’t end the conversation or change topic.

Sean Bennett is Commercial Director at Orthus limited (http://www.orthus.com). Orthus is a leading provider of information risk professional services, helping orgnisations globally to measure, minimise and manage the information risks they face. Orthus provide end to end services for clients to comprehensivly address risk in their environments including Insider Threats, addressing issues including data leakage, sabotage and fraud; External Threats (http://www.orthus.com/dr_overview.htm) including wireless security, penetration testing, virtualisation security, vulnerability management and Secure Software Development Life-Cycle; Supply Chain Threats including securing cloud services and data processed by third parties; and Legal and Regulatory challenges including Payment Card Industry (PCI) Data Security Standard (DSS).

Article Source:http://www.articlesbase.com/security-articles/social-engineering-the-dos-donts-981940.html

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace
  • E-mail this story to a friend!
  • RSS
  • Turn this article into a PDF!

Welcome back! You may want to subscribe to my RSS feed. Thanks for visiting!

Technorati Tags: , , , , , , , , , , , , , , , , , , ,

  • Share/Bookmark

If you enjoyed this post, make sure you subscribe to my RSS feed!

Blog Traffic Exchange Related Posts
  • Why do you need computer security? Computers are an inseparable part of our lives today, life that has increasingly become technology driven. Besides work, we use computers for communicating, banking, entertainment, research – just to name a few. Besides hardware, security of the new-age machines is threatened by malicious software, viruses, Trojans etc. all designed to......
  • A Guide to Strong passwords To continue on a bit about the passwords I mentioned yesterday, I decided to give some pointers on what makes a strong password.  Also, a few utilities to help with the creation, besides the lastpass I referred to yesterday. The role that passwords play in securing your information is often......
  • What Is Phishing and How To Avoid It Phishing is a criminally fraudulent process made in attempt to scam an Internet user into surrendering private information that will be used for identity theft. It is usually made through email. Phishing is a lucrative computer crime which is growing rapidly in the last few years. The best way to......
  • Identity Theft and What You Can Do About It - Part Two What Should I Do To Avoid Becoming A Victim Of Identity Theft? To reduce or minimize the risk of becoming a victim of identity theft or fraud, there are some basic steps you can take. For starters, just remember the word "SCAM":   “S”  Be STINGY about giving out your......
  • Removing Malware - Stop the Spy who loves your Data and Information In order to go about removing malware, you first will need to know what malware is. Basically, malware is a malicious piece of software that has been designed for no other intention than to damage or spy on your computer without your knowledge. There are several different types of malware......
Blog Traffic Exchange Related Websites
  • Three Essential Windows Mobile Applications Suddenly, the mobile phone industry is inundated with operating systems: iPhone OS, Google Android, Palm WebOS, Symbian, Maemo, BlackBerry, Samsung Bada, and of course, Windows Mobile. Microsoft recently released WinMob 6.5, in a sign that the company has not yet called it quits and is willing to fight it out.......
  • How People Make More Tons Of Money Online With Wordpress SEO Maybe you have found it difficult to bring in the kind of traffic you want to your wordpress site. If this is the case it is time for you to look into some serious search engine optimization using easily mastered wordpress methods. A lot of people have started using word......
  • nodvdComputer games on DVD/CD's will become Extinct I am a gamer and I only purchase games online, usually through Steam, http://store.steampowered.com/ Direct2Drive, http://www.direct2drive.com/ or the EA store, http://eastore.ea.com/ I think many gamers are going this route now a days, since it is a lot more convenient to purchase a game online, then go to the store,......
  • Secrets To Mastering The Successful Launch Of Your New Home Business - Part 2 In the earlier article on this subject, I covered some of the basic market selection and research work which will help ensure that your new venture brings the rewards you're looking for. In this second article, I'll be covering off the issues you need to consider as you evaluate your......
  • Five Reasons to Market Your Business on Twitter Are you new to internet marketing? If so, you may be looking for a crash course. Online, you will find a lot of information on using article directories, banner exchanges, and search engine optimization to market your business website. Yes, these are all effective approaches, but consider the unconventional approaches......
 

Leave a Comment

CommentLuv Enabled

« 10 Best Practices for Secure Coding | Home | Identity Theft and What You Can Do About It – Part Two »