Category: General

Protect Your Tax File Number

In Australia your Tax File Number (TFN) is used by the Australian Tax Office to identify you. It could be used against you by other people to commit identity theft and fraud so you should take measures to ensure its security. Below are some tips to help you with this:

  • Don’t give it out to just anyone else who asks – it’s confidential. See the list below.
  • There have been bogus job ads on the internet and in newspapers that ask people to provide quite detailed personal information including tax file numbers. Don’t provide any of this information until you’ve met the potential employer at their office and confirmed their validity.
  • Don’t carry your Tax File Number in your wallet or mobile phone
  • Securely destroy any mail you receive from the Tax Office showing this number
  • Only use tax agents that are registered on the Tax Agents Board, http://www.tabd.gov.au/

tax The following are allowed to request your Tax File Number:

  • the Tax Office
  • employers
  • banks & other financial institutions
  • tax agents
  • Centrelink
  • superannuation funds

KeePass

KeePass Password Safe is a Windows application that can store all your logins and passwords. It has a long list of useful features and can even generate random passwords for you.

Some features that make this a good tool:

  • Passwords are encrypted, making them impossible to read without the master password
  • You can use a new password for every site without forgetting which is which
  • You can use complicated (strong) passwords more easily
  • You can backup your password list to a file (e.g., onto a USB flash drive that you store safely)
  • It’s open source. Everyone’s free to inspect the source code and convince themselves this program is safe and doesn’t do anything malicious with your passwords. This is very important.

Of course you need to have a computer you trust and use often for this program to be of any use to you. Use a good anti virus package and regularly backup the machine.

KeePass’s website is here.

Password Meter

Recently we mentioned Microsoft’s Password Checker. Today we’ve come across a much more sophisticated password testing program, Password Meter.

Password Meter measures a wide range of password metrics and gives them weighted values. It’s quite thorough.

Apart from strong passwords the following tips are useful:

  • Ensure nobody watches you type in your password
  • Keep your computer safe from key-logging programs. Use a good anti-spyware tool for this
  • Change your password often (every 1-2 months)
  • Don’t log into important sites on a public computer, such as at an internet cafe. Important sites include online banking sites, eBay, or any sites where money transactions can occur

Password Meter’s site is here.

Fake Anti Spyware

Brave Sentry is a fake anti spyware product that’s been going around a lot lately. It’s also known by these names:

  • Brave Sentry
  • Spy Sheriff
  • Spyware Quake
  • SpyFalcon

Once it gets onto your computer it tells you it found a large number of threats. For example, it could say “BraveSentry Scan found 138 threats“. This is false, following its instructions takes you to a site asking for money to remove the spyware.

Here’s a procedure on how to remove Brave Sentry, if you happen to become infected.

And to avoid infection follow these tips:

  • Install a good (and well known) anti virus/anti spyware product.
  • Avoid using Internet Explorer. Use one of the current alternative browsers such as:
  • Always use the latest web browser versions, download updates frequently.
  • Never ever download or run programs just because an email or a web site asked you to. This includes things like codecs to watch videos (unless you’re quite technical and know what you’re doing).
  • Avoid warez and porn sites (they’re often infected with malware)

    • 3.6 Million People

    crowdGartner is a well recognised research company. They’ve recently added up the numbers and come up with 3.6 million adults that lost money in 2007 due to phishing scams. In 2006 the figure was 2.3 million.

    That’s a lot of people being conned and losing money online. According to this report it adds up to US$3.2 billion in USA alone.

    Some tips you might find useful to avoid being of of these 3.6 million people:

    • Never hand over personal details to people or web sites, unless you’re 100% certain of who you’re handing the details to.
    • Pay attention to web addresses you click on. Read our article on this here.
    • If you didn’t ask your bank or other service provider to send you an email then treat it as suspicious.
    • Scammers always take advantage of popular events to send phishing emails. E.g., it’s now Easter so expect lots of Easter related scam emails.
    • Be skeptical of what you read online. Chances are you didn’t really win a lottery in Spain without even buying a ticket.
    • Use a good antivirus package that includes a web site scanner. The newer packages filter out fraudulent pages.

    Microsoft Password Checker

    Microsoft has a handy utility that rates your passwords. It doesn’t just look at the length of the password, it looks at how you mix upper case with lower case letters, numbers, punctuation marks etc.

    password

    When creating new passwords for your online services aim for Good or Best.

    Try it here: http://www.microsoft.com/protect/yourself/password/checker.mspx

    Note: there might be better password checkers in existence, I suggest this one because it’s hosted on Microsoft’s site. Whether you love them or hate them I believe their intentions are good and they won’t try to steal passwords.

    Statistics on Malware

    Some new statistics on how widespread malware has become. This research comes from Google’s Anti-Malware team (full document is here)

    • The majority of malware sites are hosted in China
    • 1.3% of Google searches return a link to a malicious site
    • They found more than 3 million unique URLs on over 180,000 web sites that automatically install malware

    That’s 3 million web pages that will attempt to install some form of malicious code on your computer.

    With things this bad you’d be crazy to use the internet without some kind of web filtering. This is different to virus scanning. Web filtering scans each web page before your web browser loads it, looking for things like phishing and malicious code.

    All of the big antivirus products include web filtering these days, it’s a good investment if you haven’t purchased one already.

    Adobe AIR 1.0

    Adobe has been making news today for releasing version 1.0 of their AIR framework. AIR is a new way to develop and run programs, it’s a combination of a web page but runs without a web browser.

    Adobe Air It has a long list of security features to make programs seem safe. And because of how internet applications work experts agree it won’t be long until this new technology is exploited.

    One thing to be careful of is when AIR warns you about “self signed” applications. This means that no reputable company has verified the person who wrote the program. So if you download an AIR application and you get warned about it being self signed, the safe bet is to deny it.

    If you’re tempted to play with AIR applications just be conscious of where you’re downloading programs from. They won’t remain safe for long.