~

Understanding the Basic to keep bad guys at bay

Beware of key loggers at Computer rentals, offices

When accessing this or any Church-produced Web site, it is important to be sure of the place or location where the computer is situated. Use of shared computers, such as those from offices or computer rental shops, must be considered with extreme caution.

There are computer rental shops that install a software that capture username and password of a user who logs in to rented computers. Such software, which can be conveniently installed in any computer (e.g., offices, homes, computer rental shops), affords the person who installed such to obtain power over your account, thereby giving him or her rights to manipulate private accounts.

What most key loggers do is record passwords keyed in a shared computer in internet rentals, offices, or even at home. Such tool are used to obtain personal information such as bank or credit card numbers, social security information and more.

What to do:

Make sure to log-out to from MCGI Web site.
Delete the cache and cookies from the computer you used, To learn how to delete browser cache or cookies, please visit -http://www.aboutcookies.org/Default.aspx?page=2

For your best protection, use only private computers when logging in your account is required.

Private Computers may (not) be safe

Even your own computer may not be safe. An attacker may install a key logger software to spy on you. There are certain anti-virus software that detects and removes known key loggers.

What to do:

Install anti-virus software on your computer. Always keep it updated.

Ever heard about ‘social engineering’?

Always assume that when you are surfing the Internet, you are not always safe. There is a practice called social engineering that involves getting one person’s trust to divulge without hesitation one’s personal information to a stranger only met in the cyberspace.

What to do:

Never divulge your personal information over the Internet to anybody. Out there, there are many strangers who will do all means to gain your trust in order for you to divulge your personal information, which in turn will be used in obtaining access to your emails and bank records, among others.

Phishing and Sniffers

Don’t get too excited in clicking links. There exist sites that imitate even reputable and credible Web sites to obtain account information from any would-be victims. Often called ‘phishing’, predators conceal their schemes through seemingly harmless advertisements or promotions we see on the Internet. What these phishing sites do is sniff or steal your private information.

What to do:

Credible companies like Yahoo, Google and E-bay never ask for your password via email, or use e-mail to tell you to update your account.
The best defense against phishing is by ignoring all e-mails received.

Creating a strong password

When creating your password, make sure no one is right behind your back or sees what you are typing.
In the Web, there are so-called predictable passwords. These are your birth date, pop-out-of-the-shell numbers like ‘1234567’, and dictionary-based word.
Do not make password out of your personal information that others may possibly have known refers to you.
Robust passwords are comprised of 12 characters or more. The longer your password may be better.
It may be a phrase that consists of upper case and lower case letters, numbers, and keypad symbols.
Substitute letters with numbers. Make sure to add special characters to make it more complicated. Here are some examples –
- Iamsarah7 – Easy to crack
- !@ms@r@h7 – Moderately difficult to crack
- .!4ms@r4h#7 – Difficult to crack
- .!4ms@r4h#7g!rL – Very, very difficult to crack
- .!4ms@r4h#7g!rL#!. – Obscenely difficult to crack
Do not use the same password across all your internet accounts like Yahoo E-mail, Gmail, Facebook, online bank account, and your MCGI online account. Imagine how convenient it will be for any intruder to gain access to all your online accounts then ransack your privacy and data.
Do not expose or disclose your password to anybody. It is a poor security practice to write your passwords in sticky notepads and have it seen by anybody, including visitors or strangers who may be an MCGI Web site trespasser.
Change your password regularly. Or, change immediately your password when you have an inkling that someone may have already obtain your username or password. information.
Do not reuse passwords or use the first characters you already used. (e.g. password=1, password=2)
Ignore any email that asks for your password or any personal information (Employee/ Company identification number, SSS number, tax identification number, home address and things alike). There is no reputable firm who will ask your password, ethically speaking.

Threats brought by weak passwords

What will happen if security measures in creating strong passwords were ignored?

Security privacy is at risk.
Records that are housed via MCGI website can be destroyed.
Your rights or privileges to access your account will be transferred to the hacker. These online predators can block you from accessing your account because intruders may change your password at once.
Spies or hackers can watch over your online activities, confidential or personal files, and online transactions without you noticing it.
Someone may steal your identity and pretend to be the owner of the account. This illicit practice is called �identity theft� and means that hackers can destroy your online reputation by committing fraudulent acts under your name. Imagine the worst possible crimes that these hackers can inflict against you to make it appear that it is you who committed crimes or legal violations.

Enforce maximum security

Security is everybody’s responsibility. It helps that one is aware or informed about how to use the Internet not only to explore Web sites for your own good, but also to ensure your own privacy and security.

By being cautious and careful, we are protecting not only ourselves. We also helps in securing vital and confidential information owned by the Church.