Just when you thought your Gmail was safe, hackers have found a way to hijack your email accounts. This was revealed some months ago when Gmail customer support started getting concerned letters about the amount of spam received in their Gmail accounts.
This phenomenon is caused by hackers hijacking your Gmail account using a technique called Cross Site Request Forgery (CSRF), Techniques requires that you click a link on a dummy hacker site, spam mail or a pop up ad while logged into your Gmail account. This action can transplant a digital spy in the form of a cookie or java script code into your PC. When your Gmail account is open, this digital spy tricks your web browser into sending an invisible request to Gmail servers.
This request could be to download your account data, your contact list, or your emails. As long as you kept your Gmail account open the digital spy could download info uninterrupted until you logged out of your account. This technique could also load spam and other hacker scripts into your Gmail account. The stolen information would be used to pilfer other account information. Or hackers can profit by selling the Gmail account info to spammers for the highest price.
Google was able to respond to the Gmail flaw quickly by tightening up their security structure. But, the CSRF attack can work also with your Google Toolbar and other websites, not only Gmail. If hackers are able to hijack your Gmail accounts, this technology could be used to request financial information when you’re a doing online transactions. There have been reports that CSRF attacks were able to initiate the transfer money by embedding a java script code in the web browsers during online banking activity.
A CSRF technique relies primarily on the users’ ignorance and trust they have for major websites. There are techniques that would reduce this kind of attack from happening. Here is a simple strategy to stop hackers from stealing your online information.
1. Never instruct your browser to remember your login information. This allows hackers to easily enter your trusted sites using a hijacked web browser.
2. Set your browser to block cookies or a least require notification before being loaded. Also perform a “secure delete” of cookie history after logging off the net. Visit www.delete-computer-history.com/delete-cookie-history for instructions.
3. Use a third party firewall with settings at high security to monitor incoming and outgoing net traffic.
4. Use Firefox as your primary web browser. Firefox’s active development allows the web browser to immediately respond to security threats. For example, downloading the No Script Firefox add-on will guard you against this kind of attack.
5. Always logout of your websites when activity is finished. And log off from the net when your online activity is completed.
If you following these simple techniques you are already many steps ahead of most PC users. This action also provides a decent amount of online security against these kinds of attacks. However, online security flaws are not necessarily the fault of the internet users. Security flaws in a trusted website is the major avenue used for an attack. Trust in major sites is the weapon CSRF attackers use to steal information. For this reason Gmail and other web mail providers are the best places for hackers to launch an attack.
All in all, having a constant broadband connection to the net comes with a high price. The price is your security. If you don’t protect yourself the door to your online personal information is open. And leaving the door open for anyone to enter your home or in this case your computer.
About the Author
Before you consider investing in online security software, you should take the time to delete your internet history. Visit ( www.delete-computer-history.com ) Internet history files are a major resource for hackers to exploit. Protect your self with simple online techniques. However if software is your approach, don’t get scammed into paying hundreds for software that doesn’t deliver. Check out these reviews. www.delete-computer-history
Technorati Tags: gmail, email, hacker, hacking, pc security, email security, gmail security
BlinkList
del.icio.us
Digg
Furl
ma.gnolia
reddit
Simpy
Spurl
BackFlip
Bibsonomy
BlinkBits
BlogMarks
Diigo
DZone
Fantacular
Fark
FeedMarker
FeedMeLinks
Google
Gravee
igooi
iTalkNews
Linkagogo
LinkRoll
LookMarks
Markabboo
Ning
RawSugar
Riffs
Rojo
Scuttle
Shadows
SiteJot
Smarking
Squidoo
Taggly
tagtooga
TailRank
Wink
Wists