Friday, September 05, 2008

Digital Abstinence vs Digital Protection

"One interesting and fast-growing species of Internet fraud is phishing. Phishing attacks use email messages and web sites designed to look as if they come from a known and legitimate organization, in order to deceive users into disclosing personal, financial, or computer account information. The attacker can then use this information for criminal purposes, such as identity theft, larceny, or fraud. Users are tricked into disclosing their information either by providing it through a web form or by downloading and installing hostile software.

A phishing attack succeeds when a user is tricked into forming an inaccurate mental model of an online interaction and thus takes actions that have effects contrary to the user's intentions. Because inferring a user's intentions can be difficult, building an automated system to protect users from phishing attacks is a challenging problem."

I just got this gigantic lecture/scolding from Taint(my brother) about Data Abstinence. Apparently, when I was trying to test out a new networking site, I added his email address to my friends list.

In hindsight, I realize how dangerous and wrong this was. You're never supposed to give a 3rd party your account info or primary email address. And it's extremely bad etiquette to give away your friends or family's email address even if it's to invite them to the new application. You should always ask first.

According to him, a lot of these sites pop up under the guise of a new web 2.0 application. Once they become popular and rally a lot of user networks, they get bought out because they already have set focus groups established. Their database is worth more than their company. That's why you usually want to always have three email addresses: spam email, semi legit, and primary email address.

And while you may have spyware terminators, AVG, Norton etc set up to act as protection, sometimes that's not enough. Especially with the growing number of new applications and social networking sites, you might want to just practice digital abstinence...Stick with known sites. Or if you want to pioneer new applications, make sure you use spam email.

When I was trying out Digsby for the first time, I realized I was pretty much giving the software access to my email account through msn/gtalk etc. I ended up setting up a completely separate account just for chatting. It's amazing how easily you want to trust these sites and applications. Just be careful.


Starman said...

My mom does this. I tell her not to but she continues to. It's very annoying.

Blodwin said...

What I don't get is why internet companies don't do this by default. I think people need to have a decent internet survival guide. I'm actually glad that my rants led my family to stop asking me for computer help.

It's one thing to say "this is my PC if I break it I fix it" It's something else entirely to say "MY Pc broke again" and when I ask if they visited any dodgy sites I get that awkward silence. I even have one friend at work who waits to download pirated music until her husband is about to do a reinstall of their PC. That's how regular their problem is.

People say "oh it's because windows or I.E. is rubbish" but they don't take any preventative measures... Grrrr.

Anyway I am ranting now.

wowcast said...

Yeah, I consider myself pretty aware of internet safety practices...

However, sometimes you just get so excited about trying something new out or seeing if something works that you don't pay attention to how much information you're giving away.

It's extremely dangerous and I know a lot of people like out there do get blind sighted by the shiny apps.

Learn from my mistakes!!! :D

Design by Dzelque Blogger Templates 2008