Friday, 2 March 2007

High protection for using e-Gold

High protection for using e-Gold.

1. Turn on full security at e-Gold so you can only login via your IP and that it will send a pin via email if this changes.

2. Use a safe-mail email account for the email address entry at e-Gold for the pin email. Also use this safe-mail address for private use / non HYIP programs i.e. for a few trusted places only, so not to be used as an email where you use e-Gold or related to where you are known to be an investor on a public forum. If you only use the free safe-mail address at e-Gold and don't use it for a month, then you may get your safe-mail account locked as you need to access it at least once a month, hence their is no harm in using it at a few other trusted and non e-Gold related places, so you make use of your safe-mail account at least once a month.

3. Even though you may have full security turned on at e-Gold, there are ways a hacker can get around this, but are rare if you have protected yourself (details below), so it is very important to use high security passwords at e-Gold and the related safe-mail email account and also to ensure that these passwords can be entered without being captured and the best tool for this is Roboform, download and try it for free (Windows / PC only, Mac users see below) and you're wonder why you never used Roboform before, but always remember to back-up your Roboform user data (location shown within Roboform's options area).

Roboform has a password generator that can use all character types and shows bit strength when generating passwords and for e-Gold I recommend using 128bit or higher passwords. For safe-mail, then 70bit (12 chars of all types) or higher. Roboform sends passwords directly to the login form very quickly and not via memory, so it's almost impossible for anything else to capture them. Roboform will also not work if the site is not the real site, hence it protects people from phishing scams as well.

For MAC users: There is a similar tool to Roboform at: www.1passwd.com

4. Use good Anti-Virus and Anti-Spyware programs. I use the www.CA.com e-trust Internet Security Suite as it is more cost effective with deals at about $39 if you look around, (so only the price for the AV software alone), but I just use the Anti-Virus and Anti-Spyware programs in it as their zone-alarm based firewall is a bit over the top and their anti-spam is not designed for the 100+ email accounts I use, hence I do on this on a server, but general users will be fine with it and even the firewall my be preferred by them, but the one in Windows XP is perfectly ok, but check what you are allowing through it i.e. the "exceptions" list.

So the above are the main points, some say you should not use Internet Explorer or use a different operating system and I think this is going a bit too far if you use the above, so top security and keeping your system clean, if you already use Firefox then not so much malicious ware is targeted at it so it will be safer and it's also good to install the www.noscript.net extension to prevent malicious scripts on unknown sites.

If you know what you are doing, then after a full spyware scan you could make sure you don't have any unwanted processes running (programs and related modules in memory) i.e. use Ctrl+Alt+Del and see the task manager and all of the processes should be running for a reason. You can get process monitors (one below) to check who owns the ones running, but good Anti-Spyware should sense any unwanted process. Infact I've have just found the following from an early post and it monitors what your computer is running in memory, this is a sure way to make sure nothing extra should be running and that includes most spy-ware and viruses, see: www.neuber.com/taskmanager/taskmanager.html

After putting 1, 2, 3 and 4 in action, plus the other utilities mentioned, then it is worth being aware how hackers may get into someone's e-Gold and here are some examples as follows:

a) Phishing scams: - These are some of the easiest ways to get peoples e-Gold login details where people get invited to a spoof site to correct their e-Gold details or even pay for a service via a spoof e-Gold payment page. You'll see people that took so many precautions get caught out by these. Apart from knowing the spoofs by technical means, Roboform is probably the best way for all users to avoid them all, as it will not allow you to enter details in the wrong domain, even if it is masked (made to look like the real one). Once the hackers have all details and probably the email used at e-Gold, then they can login to e-Gold and if they require the pin, then they may be able to intercept the email or hack the email account or even spoof the IP, I haven't looked too far into this but am sure spoofing the IP can be done.

b) People's lack of security: - There are many out there that turn off all e-Gold security as they get tired of the pin emails due to frequent IP changes as they may be on dial-up or use other computers. They also use very weak passwords and I have known people to use just 1234 at e-Gold and then quickly put them right. Hackers will watch places like Talkgold, the Ministry of Gold and other places where they know inexperienced investors who don't think much about security will be and then link many details together to be able to hack those people's e-Gold accounts.

c) Local attacks: - There are some clever scams where hackers / scammers can get details via people's homes and offices. These include capturing data via wireless links, so if you use wireless then make sure you use WEP security and a key in your router / access point and notebook or PC. Many use free access points and don't realise that their details are not on a secure link anymore, the Notebook or PC should tell you that you are on a secure network link. There are also other methods where scammers have replaced keyboards in offices by posing as cleaners etc., and can then see all data entered and everything on the screen via a radio link. Those mentioned are just two that I know of but there are many others where people can get data from you without you even being aware. It could even be someone in your house or office that you thought you knew!

Roboform as suggested in 3. (above), would protect people from almost all the hacker attempts mentioned above, the only one it couldn't protect would be an un-secure wireless link, so do watch out about this as I know of many that don't put security on their wireless access point, you've only got to get a notebook and in the UK you'll see that you can connect through many open internet points from many local houses, not that I do this as I don't use a notebook and have a hard-wired network, but I've done repairs and secured others networks, only to see that so many others in the same area are not secure, so this is going to be a big problem in the future.

This post is brief and I'm not going to write a book on this subject, but there are many good security sources out there to check, but 1, 2, 3 and 4 above should be ample, plus being aware of a), b) and c) above and using the extra two utlities mentioned in this post.

There is another tool at www.snoopfree.com and it monitors data capture and warns you of this, so if anything is trying to take data from the screen or keyboard then this will know and I'll check it soon as it would be ideal to use with Roboform, especially when using the portable Roboform on other computers i.e. an internet cafe, so even though Roboform is very secure, you just don't know if anything is trying to capture some data on another system, even though they say the new Roboform is so fast that nobody has ever reported anything being captured from it.

No comments:

Friday, 2 March 2007

High protection for using e-Gold

High protection for using e-Gold.

1. Turn on full security at e-Gold so you can only login via your IP and that it will send a pin via email if this changes.

2. Use a safe-mail email account for the email address entry at e-Gold for the pin email. Also use this safe-mail address for private use / non HYIP programs i.e. for a few trusted places only, so not to be used as an email where you use e-Gold or related to where you are known to be an investor on a public forum. If you only use the free safe-mail address at e-Gold and don't use it for a month, then you may get your safe-mail account locked as you need to access it at least once a month, hence their is no harm in using it at a few other trusted and non e-Gold related places, so you make use of your safe-mail account at least once a month.

3. Even though you may have full security turned on at e-Gold, there are ways a hacker can get around this, but are rare if you have protected yourself (details below), so it is very important to use high security passwords at e-Gold and the related safe-mail email account and also to ensure that these passwords can be entered without being captured and the best tool for this is Roboform, download and try it for free (Windows / PC only, Mac users see below) and you're wonder why you never used Roboform before, but always remember to back-up your Roboform user data (location shown within Roboform's options area).

Roboform has a password generator that can use all character types and shows bit strength when generating passwords and for e-Gold I recommend using 128bit or higher passwords. For safe-mail, then 70bit (12 chars of all types) or higher. Roboform sends passwords directly to the login form very quickly and not via memory, so it's almost impossible for anything else to capture them. Roboform will also not work if the site is not the real site, hence it protects people from phishing scams as well.

For MAC users: There is a similar tool to Roboform at: www.1passwd.com

4. Use good Anti-Virus and Anti-Spyware programs. I use the www.CA.com e-trust Internet Security Suite as it is more cost effective with deals at about $39 if you look around, (so only the price for the AV software alone), but I just use the Anti-Virus and Anti-Spyware programs in it as their zone-alarm based firewall is a bit over the top and their anti-spam is not designed for the 100+ email accounts I use, hence I do on this on a server, but general users will be fine with it and even the firewall my be preferred by them, but the one in Windows XP is perfectly ok, but check what you are allowing through it i.e. the "exceptions" list.

So the above are the main points, some say you should not use Internet Explorer or use a different operating system and I think this is going a bit too far if you use the above, so top security and keeping your system clean, if you already use Firefox then not so much malicious ware is targeted at it so it will be safer and it's also good to install the www.noscript.net extension to prevent malicious scripts on unknown sites.

If you know what you are doing, then after a full spyware scan you could make sure you don't have any unwanted processes running (programs and related modules in memory) i.e. use Ctrl+Alt+Del and see the task manager and all of the processes should be running for a reason. You can get process monitors (one below) to check who owns the ones running, but good Anti-Spyware should sense any unwanted process. Infact I've have just found the following from an early post and it monitors what your computer is running in memory, this is a sure way to make sure nothing extra should be running and that includes most spy-ware and viruses, see: www.neuber.com/taskmanager/taskmanager.html

After putting 1, 2, 3 and 4 in action, plus the other utilities mentioned, then it is worth being aware how hackers may get into someone's e-Gold and here are some examples as follows:

a) Phishing scams: - These are some of the easiest ways to get peoples e-Gold login details where people get invited to a spoof site to correct their e-Gold details or even pay for a service via a spoof e-Gold payment page. You'll see people that took so many precautions get caught out by these. Apart from knowing the spoofs by technical means, Roboform is probably the best way for all users to avoid them all, as it will not allow you to enter details in the wrong domain, even if it is masked (made to look like the real one). Once the hackers have all details and probably the email used at e-Gold, then they can login to e-Gold and if they require the pin, then they may be able to intercept the email or hack the email account or even spoof the IP, I haven't looked too far into this but am sure spoofing the IP can be done.

b) People's lack of security: - There are many out there that turn off all e-Gold security as they get tired of the pin emails due to frequent IP changes as they may be on dial-up or use other computers. They also use very weak passwords and I have known people to use just 1234 at e-Gold and then quickly put them right. Hackers will watch places like Talkgold, the Ministry of Gold and other places where they know inexperienced investors who don't think much about security will be and then link many details together to be able to hack those people's e-Gold accounts.

c) Local attacks: - There are some clever scams where hackers / scammers can get details via people's homes and offices. These include capturing data via wireless links, so if you use wireless then make sure you use WEP security and a key in your router / access point and notebook or PC. Many use free access points and don't realise that their details are not on a secure link anymore, the Notebook or PC should tell you that you are on a secure network link. There are also other methods where scammers have replaced keyboards in offices by posing as cleaners etc., and can then see all data entered and everything on the screen via a radio link. Those mentioned are just two that I know of but there are many others where people can get data from you without you even being aware. It could even be someone in your house or office that you thought you knew!

Roboform as suggested in 3. (above), would protect people from almost all the hacker attempts mentioned above, the only one it couldn't protect would be an un-secure wireless link, so do watch out about this as I know of many that don't put security on their wireless access point, you've only got to get a notebook and in the UK you'll see that you can connect through many open internet points from many local houses, not that I do this as I don't use a notebook and have a hard-wired network, but I've done repairs and secured others networks, only to see that so many others in the same area are not secure, so this is going to be a big problem in the future.

This post is brief and I'm not going to write a book on this subject, but there are many good security sources out there to check, but 1, 2, 3 and 4 above should be ample, plus being aware of a), b) and c) above and using the extra two utlities mentioned in this post.

There is another tool at www.snoopfree.com and it monitors data capture and warns you of this, so if anything is trying to take data from the screen or keyboard then this will know and I'll check it soon as it would be ideal to use with Roboform, especially when using the portable Roboform on other computers i.e. an internet cafe, so even though Roboform is very secure, you just don't know if anything is trying to capture some data on another system, even though they say the new Roboform is so fast that nobody has ever reported anything being captured from it.

No comments:

Money making search

Google Custom Search