What is Virus

You know what is antivirus , you know to scan your pen drive and you feel safe with it isn't it? But do you know what is virus actually?

In simple definition, virus is a computer program which has been created by using malicious codes to infect other computer . Let’s make it more simple, a virus  is a harmful computer which has been written with programming languages in motive to harm other computer and data.

How viruses are created

As I told above , viruses are created by using malicious programming codes.  Lets take an example of a simple virus which can infect a system and open/close the disk tray randomly . It’s a simple virus just to irritate other . see the batch codes below.

So generally viruses are normally written computer programming languages  but these programs are written for unethical purpose . Suppose you have written a program to delete all your pdf files in a one go and latter you planned to do a little prank with your friends and you told them to use this program it will help them to speed up the internet, when they will click  they will lost all the pdf files, then it can also be called as virus .

Why viruses are created ?

Its an important question that why people create virus or virus are created ?  there are many reasons behind it.  Suppose if you have a business then your competitors might create virus and infect your systems to disturb your services.  Some people create virus and sell them in black market for financial benefits. Some create to spread some messages or cyber terrorism . Some people also create virus are their research and people like me create virus just to play pranks (Just Kidding)

How to prevent virus and other malicious program

Do not download software from unknown sources , because most of the software present there are pirated and may contain malicious program binded along with them.

Don’t use unusual apps and games on social networking sites

Do check the options correctly before installing any software .

Get  updates for your Operating System periodically to receive patches for bugs

Be sure your antivirus is getting updates periodically because everyday people create millions of virus and if the database of your antivirus is not updated then it will not recognize any newly created malicious program .

Read More

Careto the most sophisticated malware

Get yourself introduced with the world’s yet most advance and sophisticated malware that has been discovered by Kaspersky  and It has infected many systems in more than 31 countries .  Instead of attacking the common users or consumers, it targets the government institutions , oil and gas companies , embassies and research companies and because of this behavior sometimes it is assumed as a sponsored attack or campaign to run a new form of surveillance or to collect foreign data.  Careto was live for many years until it was unmasked and then it’s centralized server went offline , but still there are many possibilities of Careto that can be run privately for any planned attack .

Careto was written by highly professional people which consist of a sophisticated malware, a rootkit, a boot kit , MacOS X, some version of Linux as well as mobile platform of iOS and android . Which mean it can act according to the victims’ system architecture.

CARETO STRING

How does Careto work?

It consists of phishing email with a link to malicious website ,  the malicious website contains many exploits which inject according to the victim’s OS architecture as the malware has been already designed for dynamic platform. When an user click on the link  , then the malcious website inject the exploits into the user’s system and after successfully injecting , it redirect the user to the original website that was stated in the phished email.

It capture nearly 50 file types including doc , pdf, encryption key, server SSH key and RDP files which are used to identify the users and build remote desktop connection , and many more file types .

This malware is highly modular that it can interact with almost all communication channels , it support plugins as well as it can also intercept with flash players .

The game of malware, virus and other threats will never end as each and every hacker and criminals builds new and new type of threats and many people will be victims  till it is discovered by the security researcher  . So  it is better to protect you system and device from day to day cyber threats .

It is very important to Install a security software in your system .

Avoid attachment from unknown senders

Download music, videos, apps, eBooks from only official and trusted sources .

Check the link sent by anyone and think twice before you click .

Stay updated with cyber threats , virus, malware by subscribing to security blogs .

If you find any unknown weird activates in your system or in someone system then report it to security researcher , it may help them to discover new threats .

Read More

If you are a celebrity, you are vulnerable to hack

No doubt that celebrities are more talented , good looking and intelligent than us but they are damn vulnerable to hack. For example, lets take the Oscar winner Jennifer Lawrence , recently whose’ extremely private photos were leaked by hackers from the Apple’s cloud storage service. Celebrities are being targeted because their private data are extremely valuable in the underground markets as well as many hackers try to show their skills to the world.

Why Celebrities are vulnerable to hack? That’s what this topic is about. When we forget our password of some websites we try to recover them from the ‘forget Password’ option, and there we have two or three option two reset or retrieve our password , first by receiving a password rest link in our email id, secondly we have to enter the ‘one time password’ received on our cellphone else we have to answer the security questions.Skip the first two options and lets try to answer the security questions.  Most of the account’s security questions based on the followings :

• The place where you were`
• In which year you were born?
• Your childhood nickname ?
• Which High school did you attend?
• Your Childhood best friend name?
• Your birth year?

If you are a celebrity or a popular person then all the answers of the security questions are already out there around the internet . Turn on the Wikipedia pages you will get all the biographical information from the birth year to yearly life story. A celebrity has to face different questions which belongs to their personal life, likes dislikes, hobbies as well as career . Hit the search engines and it will retrieve all the information published on the online portal of news and entertainment channels .   Their social profiles also yells various internal information about their daily life activities which can be the key of the security questions.

Well, nothing is secured in internet but one should adopt latest security features which are availe by their service provider such as Dual authentication systems , fingerprint recognition system etc so that a hacker have to access the celebrity’s device or have to plant malware to see the one time password which is not impossible but a difficult task.

Read More

Story of cloud storage security

The recent phenomenon of compromising the cloud account of Hollywood stars and leaking their private pictures around the internet , has been the hottest topic from last few days. As this incident has tickled the medulla of website moderators , security analytics and cloud service provider  that what to do. Really it is a million dollar question “What to do? “   Because it is the matter about security and privacy of the users.

Yes we can do a lot of things , but there is an one strong point which everyone should know. “Nothing is 100% secured in the internet”  Not mine, not yours and nor even the geeks who designs security protocols .  Internet is the game of codes, hardware, connectivity and we users . The things we human knows to build , does also know to break it, If it is not possible by punctual manner then there are lots of hammering and destructive way to break it.

Understanding the cloud storage

Cloud storage service has been built to bring flexibility of data sharing and migration anytime and anywhere. Once you upload your data then you can retrieve it from anywhere in the world. You don’t have to carry your own storage device , you just need an computing device with an internet connectivity .

So, here I have a question, where does you upload your files?

Sorry, don’t get me wrong,  but I have to say this.  Point to the line above “you don’t have to carry your own storage device” . So you are uploading your data to someone else’ storage media isn’t it? Where you don’t have any idea and control other than accessing your files and configuring your account’s digital security.  You don’t know where the storage media is,  about the physical security in the data warehouse of cloud service provider and so on. Its like handing over your important things to someone else.

Is your cloud account secured?

Keeping the point in mind “Nothing is secured in the internet” . But there are lots of way by which we can prevent or extend the duration to crack the security . Almost every cloud service provider has multiple security option some of them are by default and few of them have to configure by the user itself.

Two step authentication is one of the most important security measures that should be adopted by everyone , for not only your could account but also for your email and social accounts. In dual step authentication , first you have to enter your primary password and then the server will send you a text with a code, that’s your secondary password.

Authenticate by generating code using your smartphones cloud apps.

Pincode : It is generally generated once during enabling this feature. You will need to remember this incase you have enabled dual step authentication but you don’t have your cellphone with you.

Security question : Never choose an security question and answer which are know by anyone other than you.

Enable the SSL encryption.  Many cloud service has SSL by default and few have to configure by the user itself that he wants SSL encryption or not.

Secure your computer first

What is your primary computing device? Your laptop, desktop, tablet, iPad, or smartphone?  Do a proper maintenance of your device on a regular basis. Don’t keep the unusual applications and programs as it may bring security flaws.  Use a total security program consist of anti virus, anti malware, firewall , spam/phishing detection system etc. Do the updates of your operating system once in a month to get security patches .

Apart from these, spend your little more precious time over internet to learn about worms, malware, virus and information security threats . It will help you to deal with daily life phenomenon.

How is your smartphone?

Smartphone is one of the most important daily life gadgets , without it we feel like we are out of this living world isn’t it?  Yes it is,  it has more secret information than your social id does and can be the target for your competitors and malicious hackers.  Never Jailbreak or root your smartphone if you want to keep it safe. Root and Jailbreak can break the security level of your smartphone and becomes vulnerable to information security threats.  Keep a security program in your smartphone , by which you can wife the storage remotely if you ever lose it.

Few lines from my opinion.

Cloud storage is great innovation and technology for this developing IT infrastructure of this world. You can backup your data for emergency purpose, you can share work and office documents with clients and workmates , and much more. But I don’t recommend it keep your extreme private data on cloud storage as cloud storage device are not managed by yourself . If it’s the matter for your extreme privacy and security then there is no safer storage device  in the world other than your own isolated hard drive.

Did you get bored? Sorry about this :)  please express your anger by dropping your comment below :) 

Read More

How to remove RAMNIT malware

Ramnit is one of the most dangerous threat which is active today, it is a form of malware which is integrated with social engineering and because of which an user can be victim of this malware very easily. Usually it infects the .exe , .dill , .html files and also steals banking and financial information.

It is a multi component malware which spreads through removal devices such as USB Flash drive and stays stable until an user logged into his account.

It opens a backdoor which becomes easy for remote attackers to access your system remotely and make sudden changes as per their wish.

It makes some terrify changes in your computer , due to which it becomes difficult to make any changes such as OS updates, install security software or any anti malware programs.

Its steals browser cookies

Its steals login data and saved FTP and financial credentials.

How RAMNIT infect and work in a windows system?
When an user logged in into his Online bank account , then RAMNIT inject into a page where the user has to configure a phone number for one time password (OTP) or any other page to “set transfer processing system”  where it execute a temporary phone number. Then it connect to the command server designed by the attacker where it dispatch the details . Then the user receive a temporary number via RAMNIT and a OTP from the bank’s server. When the user enter the both his is right in the traps because he has authorized a money transfer to the attacker’s account unknowingly .

How to detect RAMNIT in your system?
You can diagonanis your system by various system diagonis tools and can see the infected output below:

“REG:system.ini: UserInit=c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe”

How to get ride of RAMNIT malware?

Its is not easy to get ride of such type of malware which makes difficult to install security suit , but we have many options  to try.

Microsoft has many free tools which can detect and remove such threats .

Windows Defender  for Windows 8 and Windows8.1

Microsoft security Essentials for  Windows 7 and Windows Vista

Windows Malicious software removal tools

Option two:
Download eScan antivirus toolkit.
Start your PC in safe mode  ( You can get the Safe mode option in BIOS under Boot settings )
Lunch the Toolkit and scan the complete hard drive.

Advice for user :
Always use a strong password
Use a good Firewall software
Always scan the removal storage media
Perform system updates at least once in a month.

Read More

How to identify scam emails

What you are going to do with $1 or $2 ? May be you will buy a bubble gum, candy or donate it in the temple, isn’t it? But this is the enough money for a hacker/spammer to create a fake email and send it to millions of email ids around the world and may be one will drop in your inbox , then how you will identify it as a scam email?
You may also receive emails about unusual advertisement and promotion of products and services even if you have not subscribed to their newsletters , so how do they get your email ids?  It is hard to believe anyone , as some greedy website owners sell their customers’  email database for a huge sum of money and the spammers and advertisers take advantages of this email marketing .

Here are some sample fake/scam email that you may have or you may receive in your inbox. 

LOTTERY  SCAMS
You may receive bulk email with subject “YOU WON A GRAND LOTTERY PRIZE” . They will inform you that “You have won a grand cash prizes of 250,000,000 Pounds for British Lottery Associations, and they need your personal details such as email id, bank account numbers, phone no address etc. so the association can contact you” first they will greed you by telling that huge sum of money , then they will ask you to pay some service charges, if you pay they will claim money again pretending with different charges .  So ignore such emails and mark it as spam as it will help the email server to protect other users from such fake emails.

REFUGEE SCAMS
You may receive bulk emails from a girl , she claims that her parents has died at civil war in some country and she is residing at a refugee camp as she have no home.   First she will contact with such emotional emails, if you give response to her emails she will act like a pen pal , she will share her self created emotional story with you as well as her father has left some huge amount of money in his  bank   account and that can only be withdrawn with a foreign partner , then she will ask your details such as personal email id, bank account number, address etc.  She is not she, it’s the spammers who try to fool people to steal money.

FOREIGN TRANSFER SCAM
You may receive a spam email the person will claim that he/she is from Reserve Bank/ Central Bank of the nation, and you are lucky one to be chosen as foreign exchange beneficiary of 500,000 pounds for outstanding incurred by foreign government  and as a rule of your central bank you have to pay about 19,000/ as handling and service fees to proceed the official transactions . If you pay the fees then they will claim some different fees as the Lottery scams and by the time its too late.

FAKE PAYMENT GATEWAY
Hackers and spammers are always trying new ideas to take down users and their information. As online education and online purchase are being more popular among people, so hackers found this a fair way to attract users, they send bulk email claiming that it’s a invitation  from a reputed foreign university for a higher degree or they send advertisement of personal medecines like pills for enlargement of organs , loose weight and fat etc. When a user is attracted toward this and he is willing to pay, then he got redirect to the spoofed payment gateway and if they enter their credit card number, cvv number, email id, billing address etc, Oh man! You are in trap!

We can identify such scam email by various things , but now a days most of the email servers has their own email detection system by which such emails directly goes to your spam folder, but if still it is in your inbox then you can detect by the followings:

Incorrect Spellings:
Spammers usually do mistakes while typing , but they try their most of the efforts to express originality and take down users but still their quality of language used will be very poor.

Plain Text
Most of the scam and phished emails are poorly written in plain text with weird unusual logos and  commonly used fonts. But if you receive emails from legitimate company you can see its written on HTML, images and high end font which looks like almost a banner.

Sender’s email id:
Hackers/spammers usually use free based email service or unusual email server to attempt such things. You can detect the email id in a weird form such as aghs-327@axnbe@com .

Website URL & Security:
Most of the spoofed webpages has weird url which is weird to read as well as to stare at them. They claims that their website is ssl secured, geo trust, certified by MasterCard/visa but actually it’s the only copied logo , if you hover your mouse and click on those logo it will show nothing, but a legitimate website and payment gateway is SSL secured which you can see it a secured logo with green colour at the address bar of your browser. If you click on the logo of visa/MasterCard , geo trust it will open a new popup secured window and display the website’s licence status.

USE YOUR COMMON SENSE
This is going to be the rude paragraph from my side , Ok if you don’t understand all of the above then use your common sense.  If you have to pick a lottery then go to the local lottery agency and pick any one and test your fortune. Why those gain company will give you such huge amount of money and that is in pounds ?  if you have to purchase medicine online for your extremely personal use then Google it you will get a lots of legit website that have some legit review about those medicines.  If you want to study abroad then first search details about the university online, no university is will to charge you to view their details and course structure in a first go. And Your central bank  much more work to do than informing you individually about the foreign beneficiary .

 

Read More

How to securely delete all files

Are you planning to sell your smartphone, tablet, laptop? Then you should be aware about few important things about privacy and protection of your data. Every mobile devices has an internal memory and it may have lots of your personal photos, documents , videos and other important files.
What normally people do is “Factory reset” or “Format” by plugging into the computer .

But beware, if you are going to hand over your device the it may not the correct way to securely wipe your every data.  Anyone who have a few knowledge about software can easily recover your deleted data by using freely available data recovery tools like windows kernel and recuva until you overwrites the data randomly. So, don’t fall in the prey of blackmailing your privacy is in your hand .

But there are always an way to get out of the problems which I am going to tell you.

How to delete all files securely in Android ?

                      

                        

If you are not having PC then don’t worry a single apps will do all the required work. It is FILE SHERDDER which is available in playstore.  It claims to delete all your files securely in your android device, I am not sure which algorithm does it use to overwrite the data but I have tested in my Micromax Bolt A56 and it works pretty well and I liked this apps very much.
I tried to recover the deleted files using Forensic imaginer and what all I got is overwritten data , which is not an easy task for a normal person  to extract data and meta data from a over written file. Isn’t it?

How to delete all the files securely in windows?

In our daily life we do many random things like we give our pendrive/usb drive to our friends , we try to sell our laptop and so on. Have you deleted your files securely? It’s the same case like I told you above , any files is not securely deleted until it has been overwritten by random files.  So before you going to hand over your device please wipe your important data properly and this applies to all flash drive, external hdd,  SD card, cellphones , laptop and so on.

Here I  have mentioned few tools which will do all the work for you.

CC-CLEANER

Its an tool with a complete package and most commonly used utility software. It have the features to wipe internet history, cookies, seasons. It can delete the system memory dumps to free up spaces, it can also edit and delete the registry. Apart from this in the tool section there are more important tools like drive wiper with many overwriting phases such as 1 passes , 3 passes , 7 passes, 35 passes .
You can choose the 7 passes that is complex overwriting to wipe your data securely. I am in love with this software.
Download CC-CLEANER

EARESR

It’s a tool which has been developed only to securely delete your files and it does its’ work very well. I personally recommend you this tool if your only intention is to wipe your files . Its an user friendly, overwrite and delete the data using 7 passes and 3 passes method. Even you can add the files and folder and schedule it to delete the data on that  specific time.

Download Eraser  

Read More

NaMo Antivirus : India's own antivirus

Finally India’s own antivirus is here, Innovazion an India’s own IT firm dedicated its first antivirus software to the Indian soil with the name of Indian Prime Minister  NaMo (Narendra Modi) antivirus.
Although it is the new entry of Innovazion in the giant market of Antivirus and security programs as yet  almost everyone of us has adopted the security solution of other MNC  companies, but I am sure Innovazion is going to hold a great position within few years in the market of antivirus and security software.

As per recent analysis of Innovazion , India has the third largest internet users in the world but among them only 13% users using the valid licence of antivirus software, and another 30% use the trial software and reinstalls it when the trial period ends and the remaining 57% user are using unknown security software or having no security program for their systems , so NaMo is targeting this segment to provide added security .(Sorry I am among this 57% having no antivirus software :))

Namo has the key features like
Real Time detection:  It checks the file in real time when they are created, opened and copied. This real time detection features assures that your system is perpetually monitored for malware and viruses and enjoy the high level of protection.

Intelligent Scanning: This feature is damn good which help to improve the performance of scanning. It learns which application and files are important to you , which ones you use often and makes sure that these files are always safe and given priority access.

Custom Detection – Using the de facto standard signature language: It supports cryptography such as symmetric key cryptography,  public key, hash function and digital signature .

Fast and light system footprint:  NaMo does not put much 

pressure in your device , it uses the minimal system resource for both scanning and updating and works so lightly to ensure that your device is not compromised . It use very less bandwidth during virus database updates . The fast and light system footprint ensures that the applications and programs runs faster, files load quicker and quick system boot .

Quarantine: It is an isolated area in hard dive creates by the NaMo antivirus where malicious programs, Trojans , virus  and other files are sent which seek to do harm to your system or has harmed your system before. It stores in that isolated area for your review about that program or file, that whether you want to delete it or keep it.

 So, the NaMo Antivirus has almost every key features needed by a normal user , you must give a try.

DOWNLOAD NaMo from here

Read More

How to report a cyber crime

HOW TO REPORT A CYBER CRIME.

If you are a victim of cyber crimes then you should report to take legal steps and reward exemplary punishments to the individuals whoever indulged in the instances. Crimes in a society remains at a  tolerable level  because of negative motivation and influence. You may worried about loss of reputation in society and business sectors or negative publicity, but  the early detection of crimes and rewarding punishment to whoever has indulged in the crimes will  worry the other criminals  , it will let them think twice before attempting to do such crimes again, as well as it will save many other people from being a victim of such crimes. Every law and enforcement organization are aware of privacy , they will take every steps in confidential way.

First lodge an report to the local police station as an FIR. Almost every city has cyber crime cell who deals with all these electronic crimes, just visit there with all the necessary evidences and they will  start investigating.

But before lodging the  complaints you need to ensure that you  have the electronic evidences related to the matter such as Server Logs, computer logs, emails, conversations record at instant messaging services etc. You should keep a copy of these evidences in cd/dvd/Memory Stick etc to keep them safe.  Proof of evidences  may include the followings:

Hard copy of received and sent emails.
Credit Card records, receipt and transaction details.
Snapshot and hard copy  of Defaced webpages.
Phone Bills
Fax Copies
Envelopes or letters received by Post/couriers
copy of text/mms
Snapshot or copy of instant messaging conversation in Chat room/newsgroups
Server logs
System Logs
Access Mechanism
List of suspects with reason .
URL of website
URL and hardcopy of fake profiles.
and much more as per requirement…

Never ignore the fake profile and Ids, prank callers, abusive emails and calls as they can create big issues later.

LIST OF CYBER CELLS IN INDIA

Source: cbi.nic.in

Bangalore

Cyber Crime Police Station, CID Annexe Building, Carlton House, # 1, Palace Road, Bangalore - 560001. Telephone: +91- 080- 22942475, +91- 080- 22943050  Email: cybercrimeps@ksp.gov.in Website: http://www.cyberpolicebangalore.nic.in

Chennai

SIDCO Electronics Complex,  Block No. 3, First Floor, Guindy Industrial Estate,  Chennai -32  Ph: 044 22502526 Email: spcybercbcid.tnpol@nic.in Website:http://cbcid.tn.nic.in

Delhi

Central Bureau of Investigation,  Plot No. 5-B, 6th Floor, CGO Complex,  Lodhi Road, New Delhi - 110003 Ph:+91-11-4362203, +91-11-4392424 Website:http://cbi.nic.in/  E-Mail: cbiccic@bol.net.in

Hyderabad

In Charge Cyber Crime Police Station,  Hyderabad City. Email : cybercell_hyd@hyd.appolice.gov.in Ph:04027852040 Website:http://www.hyderabadpolice.gov.in

Cyberabad

ACP   Inspector Cyber Crimes  Sub-Inspector Cyber Crimes    IT Cell    Special Branch Ph: 9491 039 167, 9491 039 172       9491 039 088, 040-2785 3413 Website: http://cyberabadpolice.gov.in/cybercellwebsite

Nagpur

Cyber Crime Investigation Cell, Crime Branch, 4th Floor, Administrative Building No. 1, Near Udyog Bhavan, Civil Lines, Nagpur-01. Email:cybercell@nagpurpolice.nic.in  Tel: +91 - 712 – 2566766 Website: http://www.nagpurpolice.info/manage_pages?id=29

Pune

Office of Commissioner of Police  2, Sadhu Vaswani Road, Camp, Pune - 411001 Phone: +91-20-020-26126296, 26122880, 26208250 Fax: 020 26128105. Website: www.punepolice.gov.in E-Mail: crimecomp.pune@nic.in / punepolice@vsnl.com

Mumbai

Cyber Crime Investigation cell, Annex III, 1st floor, Office of the Commissioner of Police, D.N.Road, Mumbai - 400001 Ph: +91-22- 24691233 Web site: http://www.cybercellmumbai.gov.in E-mail id: cybercell.mumbai@mahapolice.gov.in

Haryana

Cyber Crime and Technical Investigation Cell, Old S.P.Office complex,Civil Lines Gurgaon E-mail: jtcp.ggn@hry.nic.in Website : http://gurgaon.haryanapolice.gov.in

Rajasthan

Ph: +91-9672700012 Website: http://www.cybercellindia.com/ e-mail: cyber@cybercellindia.com

Madhya Pradesh

Inspector General of Police State CYBER POLICE, Bhopal (M.P.) Ph:0755-2770248 Email: mpcyberpolice@gmail.com Website: http://www.mpcyberpolice.nic.in

Kerala

Website: http://www.keralapolice.org/newsite/ccps.html Helpline Numbers:      0471-3243000     0471-3244000     0471-3245000

Meghalaya

Website: http://meghpol.nic.in

Thane

3rd Floor, Office of Commissioner of Police, Khalkar Lane, Court Naka, Thane (W) Ph: 022-25410986 Email: police@thanepolice.org Website: http://thanepolice.org/cybercell.php

Uttar Pradesh

Cyber Complaints Redressal Cell,  Nodal Officer Cyber Crime Unit Agra,  Agra Range 7,Kutchery Road,  Baluganj,Agra-232001 Uttar Pradesh Ph : 0562-2463343, Fax: 0562-2261000 E-mail: info@cybercellagra.com, digraga@up.nic.in Website: http://www.cybercellagra.com

West Bengal

DIG CID IIIrd Floor ,Bhawani Bhawan Alipore, Kolkata - 700 0027 Phone Numbers - 033 2450 6100  Fax Number - 033 2450 6174 Email :mail@cidwestbengal.gov.in Website: http://cidwestbengal.gov.in

                

Read More

How to protect identity theft in online banking

Online banking system has made our life easy and trouble free from daily hassle and save a lots of time as everything is a click ahead, but no doubt that there are lots of bad people around us due to which there is a possibilities of our account being hijacked or theft of our identity & banking information. 

Malicious people/hacker are always looking for  your personal information like bank login data such as id and password,  credit card numbers, social security numbers  etc. They will attempt various methods like by sending malicious email, backdoored software, fake call etc   to gain access  in your bank account. So when it comes about the matter of online financial transaction, we always need to be precautious.   You should follow the following steps to keep your account secured.

Secure Websites | Secured Browsing

If you need to send & receive confidential  like banking and company’s secret  data through a website, first make sure that the website is secured . Now a days almost every banking websites  and other important websites  have  secured socket layer , through which we can send the information to the server in encrypted format rather than in plain text. It will protect the sensitive data from being sniffed. To be sure the website is secured or not, look at the left of the address bar, if it is secured the address bar will have https protocol with green text and an icon of lock.

Malicious Website | Cloned/Phished Websites

As I told above an important website must be secured over SSL , the malicious people may try to fool you by redirecting you to the fake websites that’s look like the real one. But a fake website will not have a SSL certificate or https encryption . So make sure that the security of the site is well configured and never ever click on any link send to you by other people says that it’s a banking website.  If you can’t conform yourself that the website is real of fake, then Google & Wikipedia is always there for your service.
You need some configuration in your browser too. In the cookie settings never set it to “Accept all cookies” , turn on the “Phishing filters” and also turn on the  “pop up blocker”

Malicious Email | Pop up message

If you receive any suspicious email saying that you have won a grand prize and your email id is in their random list, don’t give any response to these types of emails. Such emails are the traps to collect your personal information like banking  and other data .  Sometime pop up ads on website displays something greedy like You have won a IPhone,  you are their lucky winner and blah blah , don’t click on such ads. Go to your  browser settings and turn on the pop up blocker.

Fake Call | Social Engineering

If you receive any call  and says anything like this call is for security purpose and they need your bank account details like credit card number, log in id & passwords to verify your identity, Beware of such calls! It’s  a to hack into your mind and collect your personal data. Banks will never call you in such way, if banks have any security upgrading you will receive a postal letter from your bank or they will call you to visit the bank for confidential work.

Bank Statements | Credit card statements.
Kindly verify the bank statements personally from bank, if you see any unusual charges or transactions.

Malicious Software | backdoor
Beware of free software and email attachments which may contains malware and keylogger that may infect your system and record your every online activities , collects the important sensitive data and sends the information to the attacker. Use a good anti-spyware & antivirus to protect your system from unusual software. Antivirus and antispyware needs regular updates ,

TOPIC
HOW TO PROTECT ONLINE BANKING ACCOUNT
HOW TO PROTECT IDENTITY THEFT IN ONLINE BANKING
HOW TO DO SECURE ONLINE BANKING

Read More