Ten technologies cybercrooks love to exploit

• Tags:
• Email,
• Unified Communications,
• P2P,
• E-commerce

Debra Littlejohn Shinder

Published: 14 Jul 2008 16:13 BST

• 
• 
• 
• 
• 

…you'll make it more difficult for attackers to get to your computer through your browser, but you may also not be able to properly view some sites. It's also important to install security updates for your browser as they're released.

5. Email and instant messaging
Email is ubiquitous. Almost everybody has one or more email addresses, and it's one of the most convenient ways to communicate. It has almost the same immediacy as a phone call or instant message, without the pressure to answer in real-time.

Unfortunately, email also has some characteristics that make it attractive to criminals. They can send mail with spoofed return addresses so that it's difficult or impossible to discover the true origin of the messages. Thus, they can get away with sending spam, phishing messages, threats, child pornography and other types of illegal correspondence.

Instant-messaging (IM) programs can also present a threat. As with email, people using IM can pretend to be someone else, and most IM programs now support file transfer, which provides a way for criminals to download malicious software to your machine.

Technologies to authenticate the identity of email senders, such as Microsoft's Sender ID and the more generic SPF, can solve the spoofing problem, but only if all email domain owners use them. Meanwhile, you can protect yourself with spam-filtering software that allows you to create a whitelist, or safe-senders list, and by following best practices such as not clicking on hyperlinks in emails, viewing your mail in text format only (no HTML mail), and not engaging in IM conversations or file exchange with people you don't know.

6. Unified communications
Unified communications (UC) is a popular trend in the enterprise space, and companies are finding many advantages in combining their email, telephony, IM and conferencing applications so that these programs can interact with each other. With voice over IP (VoIP) slowly replacing traditional telephone services, all these communications technologies can be run over the same network.

However, this also means that your phone calls are now subject to some of the same threats to which your data has always been vulnerable: VoIP packets can be intercepted or even modified in transit, just as other data traffic can.

To protect yourself in a unified world, use encryption to keep important data confidential, whether it's text, voice or another sort. Also make sure UC software is updated regularly (along with the underlying operating system) and use authentication to verify the origin of messages and to ensure that messages haven't been tampered with.

7. Peer-to-peer programs
The most popular means of exchanging large files quickly across the internet is through the use of peer-to-peer (P2P) software and networks, such as BitTorrent, Kazaa, Gnutella or Napster.

People use such networks to share music and movies in violation of copyright laws, as well as for legitimate purposes, such as distributing their own home movies and pictures. The number of songs swapped via P2P networks is estimated to be billions per year.

Criminals love P2P networks because they can mislabel the files they share and cause you to download malware (such as a program that will allow the criminal to take over your computer) when you think you're downloading a song, for example. Since most of these networks also strive to protect the anonymity of users, the cybercriminals have little risk of getting caught.

The best way to protect yourself from the dangers of using P2P applications is not to use them at all.

8. E-commerce and online banking
More and more of us are conducting more and more of our business over the internet. It's convenient to buy what we need from home and have it delivered to our doorsteps and to pay our bills and transfer money between our accounts without a trip to the bank.

Criminals love this trend because it gives them additional opportunities to get hold of your money. They can intercept information as it travels across the network, break into the databases of online businesses or financial institutions to steal information, or…

• 
• 
• 
• 

• Share this article:
• Digg
• Slashdot
• Del.ici.ous
• Stumble
• Reddit