Practising cyber sense
October 08, 2008 Wednesday, 04:23 PM
Chua Hian Hou gets lured by the promise of freebies.
THE offer sounded really good: 250GB of online storage, for free, forever.
A friend had e-mailed me the link, urging me to sign up quickly, before the offer expired last month.
The service certainly sounded useful.
A place to upload my holiday snaps, screenshots of income tax declarations, the e-receipt for my dog’s licence, just in case my computer hard disk and external hard disk backup both fail.
After all, one can never have too much insurance – especially if it’s free, I thought.
I hit the site, skimmed through it, and promptly signed up.
Registration was a breeze.
It was, in fact, the most fuss-free registration process I’ve ever experienced in over a decade of Internet use. I just picked my preferred login name, entered a password, and I was done.
No verification that I was a legit user, no personal details needed, no need to check any boxes confirming that I had read all 8,376 or so pages of may-as-well-be-pig-Latin legal notices, and best of all, no need to wait for that pesky “confirmation email” to start using the service.
No way.
That was just too easy.
A more detailed check on the site turned up some signs that I’d probably been suckered into signing up for a scam, possibly to capture passwords – people tend to reuse user-IDs and passwords after all, maybe in hopes that the hapless user might upload confidential documents which can be used for blackmail.
For instance, there was no way to change or reset forgotten passwords, no email or phone contacts for any problems, and a blank text file I uploaded to test the service was listed as 10GB in size.
If it is a scam, then it was a decent one, baiting greedy users like me with the promise of freebies.
But it was particularly galling for me, a technology reporter for some years now.
I’ve written many a story on phishing, scams, and viruses, and how to avoid them – especially those that offer too-good-to-be-true deals.
In fact, just last month, I wrote about how an online scammer sold genuine baby strollers at a loss, in order to try and bait the buyer into a bigger order.
Only to fall prey to a too-good-to-be-true offer myself.
I was reminded of this incident when I attended yesterday’s GovernmentWare infocomm security event, where the guest-of-honour, Senior Minister of State for Law and Home Affairs Associate Professor Ho Peng Kee stressed the importance of “public awareness and education” in the fight against these cyber-threats.
He's absolutely right.
More than anti-virus and firewall programs, it is people’s awareness of infocomm security that needs to be upgraded, to successfully defend against these new threats.
I certainly had an anti-virus and firewall program, but that didn’t save me from falling for the promise of freebies.
At the end of the day, it’s not what and how many security programs you install – sure, these might help, but they won’t save you from yourself, not if you decide to over-ride the anti-virus’ advice not to open that zip file promising to be that Edison Chen sex video you so desperately wanted to catch.
So listen to your common sense, and remember that old adage: if it’s too good to be true, it probably is.
I'm nursing a bruised ego, and reminding myself to remember that every day.
Read Chua Hian Hou's article Facing down cyber threats in today's edition of The Straits Times.
Tags: singapore, technology
October 08, 2008 Wednesday, 04:23 PM
Chua Hian Hou gets lured by the promise of freebies.
THE offer sounded really good: 250GB of online storage, for free, forever.
A friend had e-mailed me the link, urging me to sign up quickly, before the offer expired last month.
The service certainly sounded useful.
A place to upload my holiday snaps, screenshots of income tax declarations, the e-receipt for my dog’s licence, just in case my computer hard disk and external hard disk backup both fail.
After all, one can never have too much insurance – especially if it’s free, I thought.
I hit the site, skimmed through it, and promptly signed up.
Registration was a breeze.
It was, in fact, the most fuss-free registration process I’ve ever experienced in over a decade of Internet use. I just picked my preferred login name, entered a password, and I was done.
No verification that I was a legit user, no personal details needed, no need to check any boxes confirming that I had read all 8,376 or so pages of may-as-well-be-pig-Latin legal notices, and best of all, no need to wait for that pesky “confirmation email” to start using the service.
No way.
That was just too easy.
A more detailed check on the site turned up some signs that I’d probably been suckered into signing up for a scam, possibly to capture passwords – people tend to reuse user-IDs and passwords after all, maybe in hopes that the hapless user might upload confidential documents which can be used for blackmail.
For instance, there was no way to change or reset forgotten passwords, no email or phone contacts for any problems, and a blank text file I uploaded to test the service was listed as 10GB in size.
If it is a scam, then it was a decent one, baiting greedy users like me with the promise of freebies.
But it was particularly galling for me, a technology reporter for some years now.
I’ve written many a story on phishing, scams, and viruses, and how to avoid them – especially those that offer too-good-to-be-true deals.
In fact, just last month, I wrote about how an online scammer sold genuine baby strollers at a loss, in order to try and bait the buyer into a bigger order.
Only to fall prey to a too-good-to-be-true offer myself.
I was reminded of this incident when I attended yesterday’s GovernmentWare infocomm security event, where the guest-of-honour, Senior Minister of State for Law and Home Affairs Associate Professor Ho Peng Kee stressed the importance of “public awareness and education” in the fight against these cyber-threats.
He's absolutely right.
More than anti-virus and firewall programs, it is people’s awareness of infocomm security that needs to be upgraded, to successfully defend against these new threats.
I certainly had an anti-virus and firewall program, but that didn’t save me from falling for the promise of freebies.
At the end of the day, it’s not what and how many security programs you install – sure, these might help, but they won’t save you from yourself, not if you decide to over-ride the anti-virus’ advice not to open that zip file promising to be that Edison Chen sex video you so desperately wanted to catch.
So listen to your common sense, and remember that old adage: if it’s too good to be true, it probably is.
I'm nursing a bruised ego, and reminding myself to remember that every day.
Read Chua Hian Hou's article Facing down cyber threats in today's edition of The Straits Times.
Tags: singapore, technology