12Wonder
May 18th, 2004, 01:20 PM
Every one of the security reminders below are prompted by real-life situations which we have been hearing about, and dealing with, from customers and acquaintances alike over the past couple of weeks -- all because they didn't take common-sense precautions and never thought it would happen to them. It can, and does!
1) "Click here to Confirm/Update your account": Hard to believe but some folks are still falling for the "you must update your account information by clicking on this link" type of emails from various companies. If you fall for it and do as they say, you have just given someone all your account information -- credit card accounts, PayPal access, mail accounts, or worse. This allows someone to use your PayPal account or credit card to pay for anything they buy online. You probably won't know about it until you get the bill, because the order confirmations will go to the thief. Why? Because along with credit card info, they would also now have access to also change your associated email address to whatever they want.
DON'T EVER FOLLOW A LINK IN AN EMAIL TO UPDATE ACCOUNT INFORMATION ANYWHERE. If you are concerned about your account with any company, go straight to the company's main web site url and then find the link there to log into your account to check your information.
2) DON'T keep emails containing ANY account information. Instead, print out a couple of copies of them and put them in a safe place, then delete the email. This goes for online order receipts, account signups, anything that can have sensitive information in it. This also includes your hosting account information email/s.
3) If you order something online and notice that the confirmation email/receipt you get includes your entire credit card number on it, complain to the company you purchased from! Receipts should never contain full credit card numbers.
4) DON'T ever use the same username or password for everything. This makes it way too easy for someone to gain access to other accounts you have. If they know the username/password for one account you have, they'll try it on your other accounts. Using the same username/password for everything is like giving someone a master key. It's amazing how many people are still doing this -- and how many people we're hearing about being burned by it.
5) CHANGE PASSWORDS FREQUENTLY -- If you are still using the same password for anything that you had a month ago, it's time to change it! That goes for your hosting account password as well. You can easily change your hosting account password in your cPanel.
6) If you are using your own form mail script on your web site, or one you downloaded from somewhere, make triple-certain it is secure. This goes for all scripts that have any kind of email function in them -- even auto-notifications emails, etc. An insecure script on your site can be used by anyone to send spam from your web site or from your hosting account. We have seen insecure scripts recently being used to send spam. This resulted in irrevocable, permanent termination & deletion of the domain/s entire hosting account. We have no choice in this matter. If we don't immediately terminate a spamming account, the datacenter would shut down the entire server that account is on.
Anne
1) "Click here to Confirm/Update your account": Hard to believe but some folks are still falling for the "you must update your account information by clicking on this link" type of emails from various companies. If you fall for it and do as they say, you have just given someone all your account information -- credit card accounts, PayPal access, mail accounts, or worse. This allows someone to use your PayPal account or credit card to pay for anything they buy online. You probably won't know about it until you get the bill, because the order confirmations will go to the thief. Why? Because along with credit card info, they would also now have access to also change your associated email address to whatever they want.
DON'T EVER FOLLOW A LINK IN AN EMAIL TO UPDATE ACCOUNT INFORMATION ANYWHERE. If you are concerned about your account with any company, go straight to the company's main web site url and then find the link there to log into your account to check your information.
2) DON'T keep emails containing ANY account information. Instead, print out a couple of copies of them and put them in a safe place, then delete the email. This goes for online order receipts, account signups, anything that can have sensitive information in it. This also includes your hosting account information email/s.
3) If you order something online and notice that the confirmation email/receipt you get includes your entire credit card number on it, complain to the company you purchased from! Receipts should never contain full credit card numbers.
4) DON'T ever use the same username or password for everything. This makes it way too easy for someone to gain access to other accounts you have. If they know the username/password for one account you have, they'll try it on your other accounts. Using the same username/password for everything is like giving someone a master key. It's amazing how many people are still doing this -- and how many people we're hearing about being burned by it.
5) CHANGE PASSWORDS FREQUENTLY -- If you are still using the same password for anything that you had a month ago, it's time to change it! That goes for your hosting account password as well. You can easily change your hosting account password in your cPanel.
6) If you are using your own form mail script on your web site, or one you downloaded from somewhere, make triple-certain it is secure. This goes for all scripts that have any kind of email function in them -- even auto-notifications emails, etc. An insecure script on your site can be used by anyone to send spam from your web site or from your hosting account. We have seen insecure scripts recently being used to send spam. This resulted in irrevocable, permanent termination & deletion of the domain/s entire hosting account. We have no choice in this matter. If we don't immediately terminate a spamming account, the datacenter would shut down the entire server that account is on.
Anne