Defense against Cybercrime Can Start From Yourself

Keeping yourself abreast of the latest news on online threat and security, and on ways how to address and combat them accordingly surely are of great help to keep you from the peril of many cybercrimes and attacks. What most people sometimes forget is that just like website owners and law makers, they themselves also have a huge role on protecting their security and privacy online.

Many people blame the lame and unsophisticated infrastructure of institutions and organizations for successful instances of phishing and malware distribution attacks. Consciously or unconsciously, most people always see the fault as beyond their control and responsibility. While this is partly true, the consumers’ uninfluenced and independent decisions to sign up, agree to the terms and conditions, and use the organizations’ services are enough to speak of their shared responsibility on the data protection and security.

Even before the digital signatures were introduced, and even before the shift from physical to digital was made, passwords have been, and are continuously being the primary defense of people again unwanted prying and compromise of data, especially private and confidential ones.

A recent study showed revealed the top 25 worst passwords of 2012 and they are as follows:

1. password (Unchanged)
2. 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)

As passwords become the primary gate keepers to your account, make them as hard as possible to decrypt. While it is good to know and be assured that your bank or service provider had pledged to keep your data secured, it is also good to know that you are doing your part in making this possible.

There are a number of best practices available over the internet with suggestions for coming up with the best passwords ever. Some of these are as follow:

1. Use at least 8 – 10 character-long alpha numeric combination for your passwords.
2. Refrain from using your birthdate as your password as this is going to be easy to track and decrypt should someone want to expose your account.
3. As much as possible, do not create a password which is just from the characters of one single row on the keyboard.
4. Avoid using the same password and username combination for multiple accounts.
5. While it is important that your password be difficult to know, make sure that it will not be very hard to remember that you still need to write it on a piece of paper or put it as a note on your desktop as this will only defeat the purpose of having a hard to guess password.

When passwords are not enough

With the complexity of today’s technological processes, passwords may only be good at keeping your records safe until the witty hackers found the right combination of characters to open and expose your account. As there are increasingly more and more tools to be used in decrypting account passwords, if users become laxed with their passwords, it will not be long before they experience data breaches.

It may sound cliché but it is true, prevention is always better than cure. One of the best practices today to ensure security in the online world is to take advantage of the freedom to generate the hardest to decode password coupled with the security services from trusted Certification Authorities.

Choosing the right and strong passwords for your account is wise, but having even the basic know-how to identify websites which enforce the right security protocols is wiser. Just a word of caution though, nowadays, there are a number of website with SSL certificates installed but then the issuing body is not a trusted one. Be sure to check the Certification Authority which issued the certificate and verify its credentials.

GlobalSign has been one of the world’s largest and most trusted Certification Authorities delivering trust services and products to people, organizations, and documents for 16 years. It offers a wide range of Digital IDs which can be used in many different ways. SSL certificates which may be Domain Validated, Organization Validated, and Extended Validation, are used to secure websites through a 2048 bit future proof encryption. SSL activates the yellow padlock, turns the browser address bar green, and protects web users’ sensitive information as it moves between the browser and the server.

The Digital IDs from GlobalSign goes beyond the websites, they may also be used to secure emails, documents, and applications. Through the two factor authentication, GlobalSign’s Document Sign, PDF Sign, and Code Signing proves the authorship and keeps the integrity and authenticity of signed files.

Contact us today and discuss with our security specialist your needs. Send us an inquiry at sales-apac@globalsign.com.

Keywords: Password, GlobalSign, SSL, SSL Certificates, EV SSL, Digital ID, Document Sign, PDF Sign, Code Sign

Advance Technology to catch Phishing Attacks

Phishing is known as the attempt to get users to reveal personal and sensitive information through sending emails purporting to be coming from legitimate sources. It is very apparent in today’s IT industry bringing along more damages as its stays active for a longer period of time.

Phishers are getting smarter and more strategic. They are “compromising legitimate websites using automated attack tools,” which means that they do not just hack one account at a time but they can corrupt even thousands of accounts at once just by breaking into shared hosting web servers. This has gotten a lot worse. Most of them even phish at SSL secured websites taking advantage of users’ heightened vulnerability to click on just any link that pops up because of the trust they have on the supposedly secure site.

Just recently, news about Japanese banks being hit by phishing attacks became the talk of the online world. The attack particularly affected customers with accounts for online banking. What makes this case special, or better yet alarming, is the fact that even Japanese, who are known to be globally competitive in term of technology, have also been victims of malicious online criminals. How did phisher outwit the technologically competent Japanese people? Police suspect that attacks are brought out via PC viruses, where infected PCs display misleading messages to users entering the website.

From the above-mentioned account, it may be safe to conclude that to successfully triumph against unwanted security threats, it is best to utilize the most updated and comprehensive solutions in the online security market. GlobalSign, being one of the longest established Certification Authorities and leading online security solutions has always been committed to providing customers with the most up to date security solutions capable of guarding them against modern-day attacks.

It has recently partnered with NetCraft, a provider of internet security services including anti-fraud and anti-phishing services, to generate a first-of-its-kind service providing SSL Certificate customers with real-time alerts should their websites be vulnerable to being used to host phishing attacks. Along with the notification comes a quick recommendation of the steps how to remediate the attack. Isn’t that just the solution almost everyone needs today? With GlobalSign SSL certificates and phishing detection service working back to back, you can devote more time in growing your business without worry of being compromised or used as phishing agents.

For further information you can visit www.globalsign.com.sg and follow GlobalSign APAC on Twitter (@GlobalSign_APAC) and/or www.netcraft.com and follow Netcraft on Twitter (@netcraft) for updates. You may also contact us directly at sales-apac@globalsign.com.

Keywords: GlobalSign, SSL, Certificate Authority, Phishing Attack, Netcraft

Knowledge is power! Know when the site is secured

Ever wonder why many people keep on opening attachments or pop-up emails from literally any one who sends it? And why even if they know it might be bogus, they still click the links. This is because they trust the network/ social media they are in to.

So if you are into facebook, twitter, yahoo, google or any other network generator that handles account then you should be aware of your site. You as a user should be aware if the sites you are entering are protected, this is to lessen the increasingly spreading of ransomware.

For those of you who are not aware of ransomware, this is a type of malware which restricts access to the computer system that it infects and gain control again after a ransom is paid. It is very rampant to date because people engage their time more online, making cybercriminals see opportunities.

“While antivirus companies look to stay ahead of criminals, many times they fall behind -- or the criminals find some new method of attack. What has made staying ahead so much harder is that users today don't need to open an attachment or download anything. They really just need to click on the wrong link.”

It is this easy to get hacked nowadays, thus it is highly recommended for users to check if the site is safe to visit. So here's some pointers on how to know if the site is secured just by the front page of it.

1. The ADDRESS BAR turns GREEN

 

 

You can even check which company issued the certificate of the website. In this case, this is an Extended Validation SSL. The highest class of SSL available, it has a 2048-bit future proof SSL ssecurity, meaning all browsers connecting to your website also receive the highest available level of protection.

2. YELLOW PADLOCK ACTIVATES

 

3. SITE SEAL IS DISPLAYED – the Site Seal is usually displayed at the bottom of the page. To verify just click on the seal and you will be redirected to another page for the seal's information.

 

So there you have it. Three easy ways to see if the website you're visiting is safe and secured.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Keywords: GlobalSign, SSL, SSL Certificate, Extended Validation SSL

Big Players become an Easy Target

Wave of DDoS attack is nowhere near its ending. HSBC joins the list of companies that has been hacked and hit hard*.

HSBC experienced a distributed denial-of-service (DDoS) attack, Oct. 18 that disrupted a number of its Websites as hackers continue their cyber-attack campaign against financial institutions.

In a statement, HSBC acknowledged its servers came under attack, affecting HSBC Websites around the world.

"This denial-of-service attack did not affect any customer data, but did prevent customers from using HSBC online services, including Internet banking," according to the company. "We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running. We are cooperating with the relevant authorities and will cooperate with other [organizations] that have been similarly affected by such criminal acts. We [apologize] for any inconvenience caused to our customers throughout the world."

Immunity: Make-believe of the Online World

The internet has been home to people and users of different roots and intentions. Though primarily created to ease the way computing and information sharing is done, the online world has also been a fertile ground for crimes and thefts. And yes, with this fact stated, NO ONE is ever secure.

The above stated account is a proof that even big players may end up being compromised. Leaving many of us with the question of how much more the threat for small businesses is.

HSBC, being one of the world's largest banking and financial services organizations, as well as other key players in the industry, surely cannot afford to have any margin of error when it comes to online banking. It is on this issue where SSL Certificates can help. Secure Sockets Layer (SSL) Certificates allows secure communication, eCommerce, and browsing, as well as data protection and integrity. By installing SSL certificates in servers and websites, business of all sizes are executing the best prevention policy, thus lowering (or completely mitigating) the risk of unwanted data breach.

GlobalSign, being one of the world's largest SSL and client certificate provider, has right solutions for your company's different needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL.

GlobalSign also offers cost efficient solutions for enterprises like yours having a number of domains and subdomains to secure – SANs and Wildcard SSL, respectively. Subject Alternative Name (SAN) is utilized by multi-domain SSL certificates from GlobalSign to enable you the flexibility to secure up to 40 different domain names, subdomain, and public IP addresses using only one SSL certificate and IP address.

For further details/inquiries, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC), Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Keywords: GlobalSign, SSL, SSL Certificate, Domain Validation SSL, Organizational Validation SSL, Extended Validation SSL, Wildcard SSL, Subject Alternative Name (SAN)

Making the Cloud a Better Choice by Ensuring Data Security

Migration to the cloud is becoming the trend in today’s tech world as cloud services prove to be the most cost-effective solutions offering no lock-in period and pay for what you consume services. In a recent study, it is forecasted that in the APAC region as SMBs alone, the cloud market will rise from $7.6B to $19.8B in 2015. Something is still however stopping people and businesses from migrating to the cloud – security issues.

Cloud provides a gateway to different applications and business platforms without the hassle of keeping and maintaining a physical medium or device. Cloud environments allow users to save a lot of space in their hard drives and use applications with minimal lags. With everything virtually stored, it lets you literally save space. More importantly, with important files and documents hosted in the cloud, many businesses can streamline their processes and decision making through 24/7 access to data anywhere.

Given the unlimited benefits of the Cloud, what factor may speak for the somehow sluggish adaption rate? Security; the security of cloud environment has always been a highly debatable issue. Majority of decision makers believe do not fully trust the security in the cloud claiming that it is more likely easier to be hacked compared to the traditional storing of files and the anti-virus scanning. Nonetheless, this is being counterargued. According to Google Enterprise Director of Security Eran Feigenbaum that when it comes to moving to the cloud, it's more secure than what most organizations are currently using.

As one of the leaders in security services provisioning, GlobalSign came up with a technology which lets users save cost by migrating to the cloud with the confidence of not being susceptible to data breach.

GlobalSign’s CloudSSL is an SSL distribution service available via API and is designed specifically to help web services operate securely in the Cloud. It removes the restrictions of traditional SSL, such as one Certificate per IP address, and can be used across large virtualized environments without incurring additional license fees. CloudSSL partners make on-demand requests for SSL Certificates,including request for their customer base all within the top level Certificate issued to the Cloud partner. All the time meeting the highest security associated with the GlobalSign SSL brand.

For further details, you may visit our website at www.globalsign.com.sg or connect with us on Facebook (https://facebook.com/GlobalSignAPAC) and Twitter (https://twitter.com/GlobalSign_APAC) for updates. You may also contact us directly at sales-apac@globalsign.com.

Keywords: GlobalSign, SSL, SSL Certificate, Cloud, CloudSSL

World Hosting Days Australia, Wrapped Up

The very first WorldHostingDays in Sydney, Australia held last October 09, 2012 was a success gathering more than five hundred attendees coming from different industries across the globe to exchange ideas, generate new leads, and create long term business partnerships.

GlobalSign Booth #7 all geared up with freebies and product brochures

We appreciate you dropping by our booth to express renewed interest in our core solutions and/or to discuss some opportunities offering parallel business growth through our Partner Program.

GlobalSign’s very own Irena Haryono giving a talk on the revolutionary OneClickSSL and CloudSSL

 

We do hope that like us, you found the event to be an informative and productive one. We hope to meet you again on the next WHD.au.

In the meantime, we encourage you to visit our website at www.globalsign.com.sg or connect with us in Facebook, (https://www.facebook.com/GlobalSignAPAC) Twitter,

(https://twitter.com/GlobalSign_APAC), and LinkedIn to for the latest news and promotions. You may also contact us directly at sales-apac@globalsign.com.

Dealing with Cybercrime Becomes More Costly

“The average annual cost of cybercrime jumped 6 percent to $8.9 million in 2012, driven up by denial-of-service, malicious insiders and attacks on Websites, according to an Oct. 8 study released by the Ponemon Institute*.”

Cybercriminals are working overtime to infect as much people with malware, and steal a larger database from leading companies they’ll use as instruments for their malicious plans. Statistics say that on average, 1.8% of cyber attacks per week are successful. The percentage might sound small but, there is a huge margin of error for such estimates as many of today’s cyber attacks are becoming harder to discover and track, thus putting more companies in peril of being compromised.

As a result of the these ever-increasing threats, many enterprises and SMBs resort to outsourcing cyber security services from trusted Certification Authorities and Anti-virus companies. This is a very good and effective way to secure brand reputation and save money from data breaches. Unfortunately, cost for cyber security proportionally increases with cybercrime which is not-so-good news for many companies especially those seriously trying to cut their costs.

What makes the situation worse is the unarguable fact that “there is no way to get damages to fall to zero”. Cybercriminals are getting better everyday at hacking websites and distributing malwares as this has proven to be a very lucrative craft for them capable of sustaining not only their daily needs but also their wants. Believe it or not, the previous year, an average cyber-attack took only 18 days to be fixed, but now it takes 24 days on minimum to retrieve all lost data.

If this is the case, then what better way to shed those extra works of reviving the losses than to actually have it secured even before the attack.

GlobalSign, being one of the world's largest SSL and client certificate provider, has just the right solutions for different needs. GlobalSign offers a wide range of trust services and products. It offers SSL certificates secured by the highest encryption level available to date, 2048-bit encryption. You may choose among Domain Validation SSL, Organization Validation SSL, and Extended Validation SSL. And, GlobalSign also offers cost efficient solutions for those having a number of domains and subdomains to secure – SANs and Wildcard SSL, respectively. Subject Alternative Name (SAN) is utilized by multi-domain SSL certificates from GlobalSign to enable you the flexibility to secure up to 40 different domain names, subdomain, and public IP addresses using only one SSL certificate and IP address.

Moreover, GlobalSign also offers a range of digital certificates both for enterprise and individual use including Personal Sign, which allows customers to digitally sign emails and Microsoft office documents, PDF sign, allows digital signing of PDF documents, and code signing, which allows developers to digitally sign their applications and programs.

For further inquiries about the products you may visit our website: www.globalsign.com.sg, or contact us directly at sales-apac@globalsign.com. We will be more than willing to assist you in your needs.

Keywords: Cybercrime, Malware, GlobalSign, SSL Certificate, PDF sign, documentsign, code sign

MOBILE USERS ARE NOT SAFE

“The mobile movement is a global phenomenon with smartphone adoption increasing worldwide. Smartphones are becoming indispensable to our daily lives and transforming core consumer behavior. The adoption of smartphones has given rise to a massive shift in consumer behavior.”

-thinkwithgoogle.com/mobileplanet

Facts stated and numbers given. So here's the deal, as you can see in the picture – 51% use their smartphones while listening to music, 52% use their smartphones while watching tv, 86% use their smartphones while consuming other media, 35% make purchases on their smartphone, 32% change their minds about buying a product while in store as a result of researching on their smartphones and 96% research a product or service on their smartphones.

In today's generation there is but a small percentage of people who are not using phones. There is a smaller percentage of people who do not use phones while using other devices, such as laptops, personal computers, tablets and other electronic devices. Having said this, it is easy to note that our world is leading us to a different kind of lifestyle. But let me stress on the 35% who make purchases on their smartphones, yes this sounds pretty few but what is 35% of 1 billion internet users? Not just this, another study shows that 90% of internet consumers tend to start searching an item on one device then shift to another device to make the purchase. Imagine how many people use these tools everyday and imagine how many of malwares are out there ready to strike and infect them in seconds. Given the statistics, there is little chance that none of these users have been victims of cybercrimes. And this is why news regarding how we can prevent them from happening to us are very prevalent nowadays.

Prevention will always be the best weapon again such unwanted events. GlobalSign, as one of the largest trust services providers with global presence, offers a one-stop solution for all security concerns. GlobalSign's comprehensive product line ranges from SSL certificates to client certificates (Personal Sign, Document Sign, PDF Signing, Email Authentication) for both individual and enterprise use. GlobalSign certificates are protected by the highest encryption level available leaving customers with no security concerns. By partnering with the industry's largest names, GlobalSign is able to deliver timely and reliable solutions, and is still continuously coming up with new technologies which will revolutionize online data protection.

 

The GlobalSign team will be happy to assist you on your industry/business-specific needs. Visit www.globalsign.com.sg to know more about the solutions we offer. You may request a custom quote or send an inquiry to sales-apac@globalsign.com.

Keywords: Mobile Malware. Malware. SSL, Security, Hack, GlobalSign, SSLCertificates

CYBERCRIME LAW IMPLEMENTED TODAY

Mark your calendars! Today, October 3, 2012, is the day when the law will take effect. But let us just sum up all the reactions it has been creating in the news for the past month.

The Supreme Court will not negate nor delay the implementation of the Cybercrime Law in spite of the 7 petitions filed against it. According to the Supreme Court Public Information Office, the Court “did not issue a TRO (temporary restraining order) in the Cybercrime Prevention Act of 2012 petitions, which are up for further study.”

This being said, the law will give the Department of Justice the authority to take down websites and terminate data without notice. By today, the government has already started training more than 150 investigators and prosecutors in fighting online offenses. Justice Secretary Leila de Lima said that they shouldn't be blamed for the law's controversial provisions. Further adding that even if they initially objected the provisions, they still have to implement the law. “We have our law now and it is our duty to execute the law, unless otherwise declared unconstitutional by the Supreme Court or unless repealed by the crafters of the law, the Congress,” she added.

On a different perspective, Filipinos are affected by the provisions of the law that it already took two senators to file a petition against it, specifically protesting on the provision regarding online libel. The outrage even reached a “black protest”, one of which is that Facebook users are setting their display picture as black blank photo to stress that the government is assaulting their freedom to speak and express their feelings and opinions.

“What is to stop government from monitoring emails, online transactions, and other online activities? And on the mere basis of due cause? It is an assault on on our right to privacy.” Bayan secretary general Renato Reyes said in a press statement.

So today is the best day to know more about SSL Certificates and digital signatures. GMO Global Sign has yet the best solution for your problems. We offer a wide range of trust services and products with reasonable prices. We even have a local office here in the Philippines to assist your needs better.

For further inquiries about the products you may visit our website: https://globalsign.com.sg, or contact us directly at sales-apac@globalsign.com. We will be more than willing to assist you in your needs.

Keywords:

Cybercrime, Cybercrime Prevention Act of 2012, GlobalSign, SSL, SSL certificates

Sources:

Yahoo! News, PH Yahoo! News, PH Yahoo! News