The Crisis of Credit Visualized from Jonathan Jarvis on Vimeo.

Originally found this by way of bkenny.com.

There are a number of different titles given to each of these malicious individuals and I’ll explain each one briefly so you can wrap your head around the terms you often hear thrown around the news.

The Players

Hackers - Hackers exploit vulnerabilities in operating systems, websites and other software to gain access to your personal information among other things.
Crackers - Crackers use software programs and other means to “crack” your password to gain access to your personal information.  Completely different from the delicious crunchy things you have with soup.
Phishers - Phishers use deceptive websites and email to trick you into offering your username and password to your email, online banking, and other personal websites.

The Schemes…

Hackers

So a typical scheme for a hacker would be to have you inadvertently download a password capturing or key logging program to your computer.  Once this is on your computer anything you type or just your usernames and passwords would be sent to the hacker.  He then sets about exploiting your personal information for notoriety or monetary gains.

To prevent this – Make sure that your computer has all of the latest updates and that your anti-virus software is up to date.  Any anti-virus software is better than no anti-virus software, I recommend Avast!  The non-commercial version is free and with a fairly quick download and providing your email address to be sent a 14 month registration key your done.  You can download it here.  For windows users you can visit http://update.microsoft.com and follow the prompts to make sure that you have all of the latest patches and updates to your system.  You should also have “automatic updates” turned on in your windows settings.

Turning on Automatic Updates for Windows XP

1. Right Click on your “My Computer” icon.
2. Click on “Properties.
3. Select the “Automatic Updates” tab.
4. Select the radio box next to “Automatic (recommended)”.
5. Set the schedule to “Everyday” and the time to a time when the computer will be on but you won’t necessarily be working on it.
6. Click “OK”

Crackers

Crackers set about using password cracking software to gain access to your tasty personal info.  There are a few types of this kind of software.

Brute Force – Brute force software cracks passwords by going through every possibility for your password.  An example of brute force attack guesses would go something like this:
a, b, c, d…  aa, ab, ac, ad…  aaa, aab, aac, aad…
You can see how this could quickly find your password, right?  Well the solution is called “password complexity” see below…
Dictionary Attack – Just like it says this attack throws the dictionary at your password.  So it would make some guesses like:  apple, aardvark (did anyone know there was to a’s in aardvark), asteroid, bat, bubble, etc…  Using all the words in a dictionary file.
Guessing – That’s right plain old guessing.  If your password is 123456, password, letmein, (yourfirstname), or (blank); stop reading this article and go change your password immediately.

Defending Against the Cracker!

Password complexity – This is the big one…  This is my suggestion for minimum password complexity:  At least 8 characters long, contains upper and lowercase, at least a couple of digits and a symbol or two and NO FIRST NAMES or DICTIONARY WORDS with exception.  I sometimes use similar numbers or symbols to replace letters in common words to make it easier for me to remember my passwords (I change them often).  An example of a password like this would be @pp13 to spell apple or $H!Pwr3(k to spell shipwreck.  It works for my brain anyway so I thought I would share.

The reason this is such big one is because after about 8 characters it gets ridiculous for the amount of time it would take to crack a password of this complexity.  A computer using a brute force hack to crack the above password criteria at 500,000 attempts per second would take about 58 years.  That same computer with 6 character password that had letters and numbers would take only 73 minutes; no numbers in the password try 11 minutes…  Curious how long it would take to crack your password, visit this password cracking calculator.

Phishers

I’m not going to spend much time on this one because almost everyone has been the recipient of one of these scammer’s emails.  It comes into your email box “Your Wells Fargo Account May Have Been Compromised” O’ my god it has?  Wait…  I don’t have a Wells Fargo account!

These guys are really just good at copying websites and spoofing email so that it looks like it’s come from legitimate companies.

Defense
CHECK THE ADDRESS BAR! Really it’s that simple if you happen to go as far as clicking a link in an email of this nature.  Take a look in that address bar above the page and make sure it has the actual domain name of the company you’re trying to go to.  Better yet instead of using links in sensitive emails just type in the domain name into the address bar yourself.  Besides if it’s from the bank and they really want to get a hold of you they’ll send you a good old fashioned letter.  They don’t need the money that bad anyway they just got all of that bailout money!

If you found this helpful please pass it along to a friend, comment below, or share it (links below).

Password Generator