Social Networking Sites privacyThe Internet is a powerful tool that has revolutionized virtually every aspect of our lives, including how we socialize. Today, there are an estimated 200 online social networking sites, the most popular being MySpace and Facebook. But while it can be fun and convenient to keep up with old friends and make new ones online, sharing too much personal information on these sites can be risky. This is especially true for young people, who may not realize that the information they post online could end up in the hands of harassers, cyberbullies, scam artists, child predators and other unscrupulous people.

IDENTITY THEFT
What is identity theft?
How it happens?
What to do if it happens to you?
How to prevent it?

WHAT IS IDENTITY THEFT?
Identity theft occurs when a person’s identity is stolen for the purpose of opening credit accounts, stealing money from existing accounts, applying for loans, even renting apartments or committing crimes.

Victims of identify theft often aren’t aware that they’ve been targeted until they find unknown charges on their bank or credit card statements, are called by a collections agency or are denied credit.

HOW IDENTITY THEFT HAPPENS
Here are some of the most common ways identity thieves can gain access to your information. They:

• Steal wallets and purses containing your identification, credit and bank cards
• Steal your mail, including bank and credit card statements, phone bills and tax information
• Complete a “change of address form” to divert your mail to another location
• Steal or illegally purchase personal information you share on the Internet
• Call you claiming to be a well know reputable company, asking for personal information.
• Send you an email, which appears to be from a reputable company, asking to respond or go to a web site and provide your personal information. This practice is know as “phishing” (pronounced “fishing”)
• Set up bogus web sites that look like familiar legitimate sites and ask you to provide personal information. This practice is known as “spoofing”.
How to Protect yourself from Identity Theft

This guide will help you take action to protect yourself against identity theft. If you’ve already been victimized, this guide will provide information about restoring your credit profile and minimize the potential for any future occurrences of identify theft.

WHAT TO DO IF YOU’VE BECOME A VICTIM OF IDENTITY THEFT?
1. Contact one of the three credit bureaus to request that an initial 90-day fraud alert be added to your personal file. By requesting a 90-day fraud alert, anyone seeking credit in your name will have to have their identity verified. The credit bureau you contact will forward the fraud alert to the remaining two credit bureaus automatically. Once you place the fraud alert in your file you are entitled to a free credit report.

The information for each of the three bureaus is as follows:
Equifax
(800) 525-6285
Post Office Box 740241
Atlanta, GA 30374-0241
http://www.equifax.com

Experian
(888) 397-3742
Post Office Box 9532
Allen, TX 75013
http://www.experian.com

TransUnion
(800) 680-7289
Fraud Victim Assistance Division
Post Office Box 6790
Fullerton, CA 92834-6790
http://www.transunion.com

monster.com logoYou may not be surprised to know that of all the hacking attempts made on companies, the companies which hold and maintain large databases of information such as those of credit card companies, banks etc are online targets for hackers and opportunistic criminals who attempt to extract information from such databases. One such company which maintains such large databases of information is Monster, the largest and most popular Job portal on the Internet.

At Monster, they keep information of Job applicants and this information includes Name, current address, phone number, information about employers, past employment history(which can give away location of previous addresses) and other confidential information, all very appetizing for Internet Trolls and malicious hackers.

Recent reports coming out from Monster suggests that the Monster resume database was hacked into and information such as names, addresses, phone numbers and email addresses of job seekers with resumes posted on Monster including MonsterTRAK were stolen and illegally downloaded. Apparently there was a rogue server within the Monster Network which was used for downloading all this information from job seekers.

While the company claims to have conducted its own investigation, it still cannot say for sure which individual job seekers have their information stolen.

How can Hackers use this confidential information?

When your personal information has been stolen from the monster.com resume database, you can be a prime target for a phishing email. You may get an email stating that there are issues with your account and need immediate attention. You might be asked to click on a malicious/spoofed website. Worse yet, you may get a phishing email saying that you have obtained a job with the company you applied for and you need to click on a spoofed site which might ask you to enter more personal information or download some malicious software.

An example of such an email could be one show below. Notice the spelling mistakes

Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message. Generally, a steganographic message will appear to be something else: a picture, an article, a shopping list, or some other message. A Steganographic message (plaintext) is often first encrypted by some traditional means, and then a covertext is modified in some way to contain the encrypted message (ciphertext) , resulting in stegotext.

In this article, we will teach you how to do this. First to encrypt a message and then apply image steganography techniques to hide this encrypted message in an image.

PHASE # 1: How to encrypt a text/message

When Concealing data within encrypted data, the data to be concealed is first encrypted before being used to overwrite part of a much larger block of encrypted data. This technique works most effectively when the decrypted version of data being overwritten has no special meaning or use. Some cryptosystems, especially those designed for filesystems, add random looking padding bytes at the end of a ciphertext so that its size can’t be used to know what was the plaintext size. We will be applying this encryption technique using TrueCrypt.

TrueCrypt is a free open source disk encryption software that works on both Windows and Linux platforms. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. TrueCrypt does this by creating a virtual hard drive that will read and write encrypted files on the fly. The advantage of using TrueCrypt is that you need not download it everywhere. All you need are the files truecrypt.exe, truecrypt.sys and the volume file you create which you can carry on your flash drive.

Step by Step Tutorial on how to encrypt your Hard disk or data or message using TrueCrypt

Step # 1: Download and install TrueCrypt

Step # 2: Once you Launch TrueCrypt, Click on “Create Volume” button. This launches the Volume Creation wizard that prepares the encryped drive location. Next, choose ” Create a Standard TrueCrypt Volume” and hit Next. Next, click on “Select File” button. Browse to a place where you want to store your encryped files. In this case, I am selecting askstudent.secret Note: This is not the file you want to encrypt. Think of this as a Folder Name which in turn would contain the files you want to encrypt later on. Hit Next