Your Problem My Solution.

Book on Cyber Crime Protection and Investigation

2012-01-21T12:21:00.008+05:30

Dear Friends,

After long long interval I have come to you with a good news. A new book named as "Your Ultimate Cyber Crime Protection Guide" written by Sitanshu Mohan Ray (An educationist and experienced corporate person), Sri Bivas Chatterjee (An experienced law professional) and me. This book is written for upcoming Cyber Crime Investigators and netizens, who become victim due to their ignorance, as in this book we tried to write about different types of cyber crimes, how they are committed by cyber criminals (modus operandi)by using different types of tools and what to do when you are a victim and an investigator with real life case studies.

This book is designed with following chapters ; -

1. What is Cyber Crime
2. Important Technical Terminologies (What we must know and why)
3. Weapons of Cyber Criminals
4. Types of Cyber Crime (Different types of Cyber Crime and what to do when u r victim and when you are investigator)
5. Credit Card and Cyber Crime
6. Web Hacking
7. Cryptography
8. Futuristic Crime (Mind Control)
9. Cyber Laws of Different Countries
10. Social Networking Site bane or boon
11. Search and seizure

This book speaks about mind control and psychotronic tortures (Brain Hacking) and also laws about cyber crime around the world. We hope this will help the netizens. This will be available from the last week of this month.

This book will be available from the 1st week of February through the sites noted on cover page.

Thanking you,

Sujit

How To Write and lodge Complaint in Cyber Crime Cases

2011-11-14T12:10:00.006+05:30

Dear Friends/Colleagues

Due to lack of time I could not reach to you with my next topics. So again I have come to you with an important topic on cyber crime investigation i.e:- how to write complaint as victim in cyber crime cases. I feel this topic important as most of the cases get hampered due to weak complaint.

Generally in regular life netizens become victim in cyber crime cases as a victim of cyber stalking ( Fake profile in any social networking site or adult site for more pl search this blog on cyber stalking), online cheating through lottery, uploading personal intimate videos by someone in the net or something else.

So, when you are victim of these type of cases or any type of cyber crime related cases, take the print screen of those pages and copy the exact link which shows your profile only and also link of that page which shows your profile with others. Take the printout of those print screens.

If it is through any email take the entire print out of that email with its header file and attach it with your complaint.

There after lodge your complaint with those evidences to the Cyber Crime Police Station or nearby police station, where cyber crime police station does not exist. So this is not tough to understand and this will also help my colleagues to take complaint from victims in right manner. But if the complainant comes after lodging complaint to the website service provider for deactivating the link without copying the link address and the link becomes inactive, it could not be traced and it becomes next to impossible for LEAs to trace out the perpetrator until and unless you get the cached copy from Google or any other search engine.

With Thanks

Sujit

Beginners' Guide To Investigate Cyber Crime

2011-10-28T12:34:00.004+05:30

Dear Friends,

Sorry for the delay for posting my 3rd article on How to investigate cyber crime FOR BEGINNERS. Actually I was very much busy for my other official duties and that's why I could write for you but in the mean time I managed to prepare a pdf file for your study which will help you to learn the basics of the cyber crime investigations. So I would request you to go through the pdf after downloading it from the link noted below.

I hope and keep strong believe on the fact that this will be very much helpful to all of you.

Waiting for your mail and reply. It is based on Indian Information Technology Act but this will also be helpful to the citizen of other countries as the law is briefly explained here. So pl download it from here

Best of luck and thanks.

Sujit

How To Investigate Cyber Crime (Part-2)

2011-10-23T19:59:00.003+05:30

Dear Friends,

In my last post I promised to continue this article in a simple manner and easy understandable language so that everybody even a going to be retired police officer can understand and my article becomes helpful to them to investigate the Cyber Crime related cases. My expert friends are requested to share there knowledge here for new cyber crime investigators, who thinks it difficult to investigate the cyber crime related cases.

So first of all I will tell them that don't get afraid by hearing a complaint from a victim about cyber crime as most of the complaint in the PS label are very easy to investigate. My friends, who can investigate murder cases, theft cases, cheating and other cases which are regular crime in our daily life and know what evidences should be collected from mobile number and device, can easily investigate cyber crime related offense. So just listen the complaint of a victim and give him/her a relief and don't say that you can't as that makes you inefficient before that citizen and in coming days in most of the cases computer or communication device will be part and parcel of the weapon of the criminal.

So my friends lets start from here. First of all I want to bring in your notice : -

What are the Basic Knowledge:-

1) You should know how to use mobile phone and what mobile phone does. ( I think all of us know this as this is part and parcel in all of our life as today a day labour also carry mobile phone with him)

2) Common sense of investigating other cases. ( All the police officers do have it)

3) To have a little bit knowledge in computer. ( I think this is also in possession with all of my friends)

4) A little bit knowledge about internet, email id, and how internet works. ( Some of my friends do have this but I will discuss it in my next article for those who does not have the knowledge and its very easy)

What are Cyber Crimes and how these are committed:- This has already been discussed in my blog earlier but inspite of that I will discuss you serially as if you don't know the crime and modus operandi of criminals how you will solve the problem. In a sentence cyber crime is defined as " Any illigal act involving a computer, its systems, or its applications" by EC Council. Cyber Crime is intentional and not accidental.

How To Take Complaint from Victim:- It will also be discussed in the next day.

What is Cyber Forensic:- All the investigators have idea about scientific investigation in other type of regular life cases and so they have idea about forensic science but cyber forensic is a different field and I will discuss it later and this is also easy understandable if anyone wants to understand from the experience of daily life.

I hope this will help you my friend. So pl keep visit regular for its update.

With Lots of Love

Sujit

How To Investigate Cyber Crime

2011-10-22T23:59:00.004+05:30

Dear Friends,

Many of my friends of my profession request me to write something about " How to investigate Cyber Crime Cases " in a simple language so that everyone even a lay man can understand and it becomes helpful to the aged police personnel for investigating cyber crime cases. Now a days the police officers above 40+ get afraid during investigating cyber crime cases. I have experienced in my professional life that when a police officer of 40+ hears about cyber crime in Police Station label , he misguides the victim by saying that there is no infrastructure to investigate the case in PS label so advises the victim to go to specialized wing for lodging complaint.

That is why I have started to write on this topic for making it easy understandable to all the investigators even a going to be a retired police officer, who has minimum knowledge of using mobile phone.

That's all for today. Pl visit regularly for knowing step by step about how to investigate cyber crime related cases.

Expert police officers in this field are requested to share their experience here for helping other police officers and I hope my expert friends of this field will stretch their helping hand to me.

With Thanks,

Sujit

How To Identify 419 Scammers Phone

2011-09-01T10:20:00.004+05:30

Hi Friends,
After long long and long interval I am again infront of you with a valuable information, which I have got from my friend of cyber crime investigation field, who gave me the link of "joewein.de", and I am bringing this in front of you as this will help you a lot for identifying the 419 spammers. So here is the details of that information as published by that website.

Scam phone numbers in the United Kingdom (+44):

If an email mentions a UK phone number starting with +4470, it usually means that the sender of that mail is not in the UK at all and it is almost guaranteed to be a scam.

Usually the presence of a +44 70 number in a 419 scam email means you're dealing with criminals based in Nigeria who are using these numbers to make people believe they're dealing with someone legitimate who is in the UK instead of a criminal in an Internet cafe on a different continent.

Do not reply to any emails that mention +4470 phone numbers!
Never call such numbers!
Break off all contact with these people!

The scammer most likely is NOT based in the UK. +44 70 numbers belong to international call forwarding services. Their whole point is that people can reach the user of the number when he's not in the UK. These services make it possible for scammers to hide the fact that they are based in Nigeria or other countries in Africa, while the scam victim will believe they're dealing with someone in the UK. Very few (if any) legitimate individuals use these numbers. Banks, law offices, UK immigration officials, etc. never use +44 70 numbers because, since their offices are based in the UK, they have no need to redirect calls to their offices to sohttp://www.blogger.com/img/blank.gifme mobile phone outside the UK. We have not come across any legitimate UK businesses yet that use +44 70 numbers. Their only visible user base are scammers in Nigeria, South Africa and elsewhere. It is a perfect mystery to us why the UK authorities allow these services to continue operating despite them being used almost exclusively by criminals.

UK phone numbers starting with '70' are "Personal numbering" in the "Find me anywhere" range. Charges for calls to these numbers are not distance-dependent. They can cost as much as UKL 0.50 (USD 0.90) per minute to call and can forward the call to virtually any phone number in the world. Forwarding numbers can be set up for free and completely anonymously via websites such as uknumbers.com.

So my friends be cautious about them and for more information in details about the spammers please visit here

With lots of love

Sujit

How To Trace/Search Stolen Laptop Part-3

2011-04-19T00:10:00.005+05:30

Dear Friends,

In my earlier two parts (Part-1 and Part-2) I discussed about some important terms and logics behind my idea so that my friends can understand my point and they can enrich it with their valuable opinions. And in this third point I have started it as "How to find stolen laptop" as this will be helpful for law enforcing agencies and also other civilians.

So lets come to the original point.

I have already discussed in my earlier parts that laptop can't be traced like mobile phones by using its MAC number like IMEI in case of mobile but at the same time you have also learnt from there that MAC is an unique identifier and your duty is to note the MAC address in a separate place for your future need in case of laptop theft.

I think more or less 98% of laptop users go to internet and they use Antivirus for their Laptops and almost all the antivirus are updated through internet and not only that all the paid Antiviruses are either single user or a limited number of users, which means u can install that antivirus in either single machine or a limited number of machine and if the installation crosses the limit it stops to function in those systems/laptops. So I think now you have understood what I am going to say.
Yes my friend I am going to tell about the unique identifier of your laptop has already been registered in the server of your Antivirus during the time of activation and updatation in the net. There is another unique identifier in your laptop. That is hardware serial number and it can't be changed but you can't get it though any command except using tools/softwares like DEFT ,HELIX3 PRO and others and you can't get these easily. But your laptop manufacturer has this in their record. And I think this is also registered in the the server of your Antivirus.

So I want to say my Police friends that don't sent any request to the ISPs about searching of MAC of stolen Laptops in their network but you can send it to the Antivirus companies, who are running business in your country and in this case you must need support from your Government for passing legislation to compel Antivirus Companies to help police if they want to run their business in your Country and at the same time they must supply the hardware serial number of the laptop to their customers in the bill during selling the product.

And if this system is imposed in your state you need not to spend a single penny for using third party software like laptop tracker for tracking the stolen laptop as all the Govt. are liable to see the interest of their citizen and for this Govt. need not to pay a penny for you.

This was the technical part, which can help you but at the same time you can take help of this website. This is good effort of Quick Heal for the netizens.

Waiting for your comments and opinion on this.

Thanking you

Sujit

How to Find The Stolen Laptop Part-2

2011-04-18T01:26:00.005+05:30

Dear Friends,

In my earlier post I discussed about IMEI and MAC, the unique identifiers in favour of Mobile phones and Laptops as these are badly needed for searching in case of stolen or missing. MAC has two other names such as Physical Address and Network Interface Card address. The names itself are indicating its function.

In case of mobile it is easy but in case of Laptop its not easy as during communication through internet the ISP receives the MAC address or physical address of last router (It has also MAC or Physical Address or Network Interface Card address) through which the laptop is connected in internet and this is hardly possible to be the MAC of laptop as most of the laptops are connected with internet through data card or company's router or something else like this. As this thing happens as per logic of TCP/IP and practically in networking so the Internet Service Providers can not keep the MAC of laptop and as a result they can't search us like IMEI searching in case of mobile phones.

So what should we do for searching our stolen laptop? Most of the persons will advice to go to police for reporting and police will try to find out through source engaging and the tech savvy persons will advice and take initiative to install laptop tracker softwares in their system by purchasing softwares and they will do their business.

But don't you think that police should also think through some innovative ideas for tracing the laptop by using technological common sense? Yes police should do and in this case Govt. should come forward for the sake of her citizen as Govt. can't force you to purchase 3rd party softwares as they are also liable for your safety and security and they have also some power to pass the legislation in their country. And what the legislation is? Will discuss you in next part after discussing the actual procedure for finding the laptop.

To be continued.....to Part-3..

With Thanks

Sujit

How To Trace Stolen Laptop Part-1

2011-04-17T00:48:00.008+05:30

My Dear Friends,

Hope all of you are well and were well for the last few moths when I was away from you due my other official jobs.
In my daily work I get different type of cyber crime related complaints and other complaints, which are related to daily life and there I used to get complaints like Mobile Phone theft and Laptop theft. In case of mobile theft its easy to trace out the mobiles than the Laptops.

Why easy?

The reason is the Mobile Phones are traced by us through IMEI numbers searching with the help of Mobile Service Providers and this is also possible if mobile phone tracker software is installed in that phone. During purchasing mobile phones the seller note on their bill the IMEI or ESN number of that mobile. But in case of Laptop/Notepad MAC address is needed for searching the laptop/notepad and here lies the problem as most of the laptop users don't know anything about MAC address and not only that the sellers of Laptop/Notepad does not note on their bill during purchase the MAC addresses of the laptop.

What is MAC address?

MAC address is the full form of Media Access Control. So it is the unique physical address of that part of laptop/notepad (i,e:- the media), which is used to for connecting the network. For knowing details about MAC address pl google it.

How to find MAC address?

Finding MAC address or Physical Address ( Another name of MAC address) is different on different operating systems so you are requested to visit here. and then note the MAC addresses in separate place as this will be required if your laptop is stolen.

Can MAC be Changed?

The answer is yes. So now you will definitely raise question to me that if it can be changed so why will you note this in separate place as the criminal may change it after stealing the laptop/notepad. There are many softwares who allow you to change the MAC address in upper layer but they cant change the original MAC address of the system and for doing a trial you pl use TMAC software as per your OS. They can change the MAC and even they can bring back the original MAC so original MAC cant be changed and thats my original point of discussion in Part-2

To be continued..............Part-2

Thanking you,

Sujit

Case Study on Cyber Stalking

2010-12-11T21:07:00.010+05:30

Dear Friends,

Just few days ago one of my valuable reader from USA mailed me and asked me whether I had an experience on real life critical cyber-stalking case investigation or not and I mailed him some of my real life investigation experiences but I did not published those in my blog, so I want to share one of my critical case investigation on very recent complaint about cyber-stalking, which made the life of a gentle lady hell.

Before reading this case study I would request you to visit here for knowing details about cyber stalking.

This is a case where, a multinational renowned corporate house A complained that someone had been continuously sending offensive and abusive email to their customer care mail id with some obscene pictures as attachment in the name of a lady of another company B. All the mail was clearly disclosing the name of that lady and the content was written in such a manner that it seemed to company A that the mail was sent by the lady herself due poor package to her. Here company A outsourced his customer care work from company B.

During enquiry it came into light that the mail id in the name of lady of company B was created by a guy as his love offer was not accepted by that lady. The guy became so violent that one day he assaulted the husband of the lady badly and searching the address of the lady from Telephone Directory he dialed her neighbors in different names from different booths and tried to prove her prostitute in her locality. Investigating agency during investigation further revealed that the said guy also did same kind of work one year ago and at that time he sent mail to Police authority by sending a challenge to explode bomb in a renowned temple on the night of a Puja celebration. At that time also she used another girls email id as she also turned him down. His intention in both the cases was to make hell the life of the lady of his target. He thought Police would arrest those ladies as their names came openly in the email.
Finally he was arrested and all the evidences were collected against him by the investigating agencies in both the cases.

Someone may call this guy Erotomanic or love obsessional cyber stalker. Whatever it may be but they are really dangerous to the society as a large. If these kind of guys are refused by his desired one they can do anything.

So my friends beware from them. Best of luck.

Thanking you,

Urproblemmysolution Team

What are Different types of Phishing

2010-12-02T21:19:00.004+05:30

Hi My Friends,

I had already discussed you a lot about phishing but I think I have made you clear about the meaning and style of phishing but now the time has come to tell you about different types of phishing. I think you are thinking about online lottery fraud, job offer fraud, and fund transfer fraud and so on but my friends it’s not like that. I am going to tell about “Old wine in new bottle”. What does it mean? It is the style of business men to bring their old product in new style and in some specific style. I did not mention it earlier as all of these are phishing but some of friends told me to write about these topics otherwise writing about phishing will be incomplete.
Initially all the experts in the cyber world called all these activities are phishing and as time moves the experts started to christen the name of style of phishing as follows:-

A) Spear Phishing: - This comes in the form email like updating banking password, email id password and so on but this kind of email comes to a specific group of persons like the employees of a company or a government organization or same group and so on. It seems that the mail has come from your employer for divulging important information.

B) Smishing: - This comes in the form of SMS message. Like your mobile number has won $5 bln in a lottery and you are requested to contact Mr. G…… in his email id a….@hotmail.com and so on. And you are trapped.

C) Vishing: - This style of phishing happens through VoIP i.e:- Voice over Internet Protocol . Actually this is a combination of ‘Voice’ and ‘Phishing’. You are getting a net call from someone, who is asking you about your personal important information in the name of a company, where you have stake or you are a stake holder, employee or some other style. You will see an example of vishing in this blog here.

D) Whale-Phishing: - I think all of you know about whale. Whale is a big fish in the sea. So if you consider the net is a sea where we all are fish then if the phisher catches the most important person by his technique, he is a whale phisher. So I think you have understood about whale phishing. It’s a style of phishing where phisher targets the most important person of the concern like CEO of a company.

So my friends now you are clear about the types of phishing which are used to catch the netizens. Be cautious and divulge your personal information to him only, whom you trust after proper verification.

For reading other case studies on cyber crime pl visit.

Best of luck.

Thanking you,

Urproblemmysolution Team

Link of Identity Theft, Phishing and Cheating

2010-11-24T20:29:00.003+05:30

My Dear Friends,

Now I am going to share you few live case studies,which I got for the last 6 months in the field of my daily work in investigating cyber crime related cases. I am sharing this real life stories with you as my moto of writing this blog is to make you aware about the cyber crime and keep you away from cyber criminals.

This is the crime of phishers in disguise of HR of a renowned company. Now read step by step what they are doing for cheating a person, who is in search of a job.

Step 1:- They are sending mails by offering a lucrative job to different persons, who had enlisted their names on online job searching portals, as an HR of a renowned company such as IBM, Videocon, Sony by creating false email id in the name of that company. Like:- hr_sony@gmail.com, hr.videoconindia@hotmail.com and so on.

Step 2:- Then the mail receiver is receiving the offer and communicating with them over a telephone number as provided by them.

Step 3:- They are claiming security deposit for that good job and asking them to deposit that money in the bank accounts as supplied by them. Thereafter they are telling them to send the scan copy to them to their email id.

Step 4:- They are stopping to communicate with the victim.

Now you will be perplexed to know that the victims are educated guys even the the experienced guys of IT sector. I am telling you about a girl from Cog....... company became a victim and came to me for lodging a complaint. I asked her about her qualification and what he told that seemed to me that she is educated with specialization in IT sector.

You will definitely call me so what this thing may happen to anyone but my friends you should keep in mind that an HR of a company like Sony will not have an email id of other domain i.e gmail or yahoo or rediff or others their email id must end with @sony.com or some domain name which belongs to Sony. Its an example. So my dear friends before depositing any amount in any one's bank account pl verify the person who has sent you the mail as in most of the cases the address of phone numbers and bank account numbers are fake and they can't be traced.

So I would suggest you not to accept this kind of online offers until you are confirmed about the caller or sender and please find the original website of the employer company and make a communication with them to know the genuinity of your offer letter. I think now you will remain alert from this scoundrels and if you can't understand me pl mail me I will respond or comment here and I will respond.
Best of luck and be ahead and beware of phishers, who are stealing identity of another and cheating the educated job aspirants.

Thanking you

Love your Country.

Case Studies on Net Banking Hacking

2010-11-16T12:24:00.006+05:30

Hi Friends,

I think all of you are well and you have enjoyed a lot in your life in the festive season of India and also in other countries. Today I am going to tell you another style of phishers for your net banking hacking for making you aware from the hackers or cyber criminals. But before learing this you will have to read my earlier posting here. Here you found how they got your URN no. for activating third party in your bank account. But what they are doing that is as follows:- After step 2 of that article ;-

Step 3:- They take attempt to add the bank account of their agents with the hacked bank account. And then as per the banking security system the URN no goes to the mobile no of the person, who actually owns the bank account.

Step 4:- They call the person by claiming that they are from the ...... bank in which the bank of the customer exists and then they ask him/her to give the said number which reached in his/her mobile through sms as they were testing the genuinity of the mobile number of the customer.

Step 5:- The account holder gives the said URN no as he does not know anything about it. Now they get success to transfer the amount to their agent's account.
Thats all.

So my friends be cautious and don't do the mistake in future. I am really very very sorry and beg a pardon from you as I ought to tell you earlier but what to do I was very much busy with my official work so I was absent from my blog so many days.

Wish all of best of luck and thanking you,

Urproblemmysolution Team

How to secure your wifi

2010-06-16T17:12:00.005+05:30

How To Secure Your Wifi

Dear Friends,

I told you earlier that the final episode of my wifi series is yet to come and that is the most important part of this series as this will tell you how to secure the wifi connections of everybody.

So lets go to that part:-

Wi-fi implementations vary from one application area to another. Like Home to Enterprise to Public Hotspots.

The Above Table summarises the minimum requirements that need to meet in each case in order to ensure adequate security.

I shall explain the terms very briefly to make this table meaningful to the users. Interested users may google these terms to get further detail very easily.

MAC Binding: This technology is used to allow only MAC addresses of few known devices to associate with the Access Point. This is suitable for very small sized network and is not scalable. Also this is prone to MAC spoofing attack.

Hide SSID: SSID is the identification string of a wi-fi network. The default behaviour of any access point is to broadcast SSID in beacon. This helps the users to easily identify the networks available to them. Wireless best practice guidelines suggests to hide SSID so that it is not visible through casual attempts to locate a wi-fi network. However there are plenty of scanners available those can detect hidden SSIDs.

Captive Portal: This is an authentication portal which is kept captive either inside the access point or any user authentication system. If this is implemented, whenever a user tries to use the wi-fi network for internet browsing for the first time, he is challenged with this portal by automatically redirecting his URL request in browser to the authentication portal page. On successful authentication, the originally requested URL is returned to the user's browser and access to the network is granted. However on failure access to the network is denied.

WPA2-PSK: Discussed earlier.

WPA2-802.1x: Discussed earlier. 802.1x implementation would require a RADIUS server and optional directory databases like LDAP/Active Directory/NDS etc.

SSL: SSL in this context is a PKI mechanism clubbed with 802.1x. This will require the presence of one or more digital certificate servers. This is applicable to different variants of EAP authentication - EAP/TLS, PEAP,LEAP etc.

SMS Auth: TRAI has mandated that in any public hotspot the owner must architect the user authentication process to prove the identification of the user against a photo identity card. Now an indirect process of complying this is SMS Auth. In this process an access PIN is system generated and consequently system delivered to the User’s mobile phone number upon successful user authentication. Now this indirectly takes care of the user’s identity verification against any valid photo-identity proof because the same has been done before this mobile phone number was allotted against the user’s name by the service provider.

Logging: Logging is a Facility to generate data and record the same to identify who with what MAC address and IP address had associated with which access point when for what duration. Most of the access points would generate such data. It is not a good idea to store the log data in the device itself. This will allow a hacker to remove all the traces of work very easily. It is required that the logs be stored on a Syslog server.

LWAP: Light Weight Access Points are APs those do not store the configurations locally on the devices. Rather the configurations are done and maintained in a central device called Controller. These are particularly required in a large wi-fi network. Centralised configuration ensures tight security policy enforcement all across.

AAP: Autonomous access points store configurations locally. These should be used in homes and very small office networks only.

I think it will be very helpful for you and please don't forget to say thanks to my friend Sudipto.

Thanking you

Urproblemmysolution team

What is latest cyber attack

2010-06-13T02:28:00.003+05:30

What is the Latest cyber attack?

Dear Friends,

In this world both good and bad mentality persons exist. Someone wants to safe his country and someone pays money to criminals for committing crime and they get the benefit and steal all the requirements. This thing is happenning in the world and now in the cyber world. The countries with evil power are attacking the network system of their neighbour. So here is an example for you which has been published very recently. So pl read it and raise hatred to them.:

South Korea – Two South Korean government websites were struck by the second cyberattack in a week, but suffered no major damage, the government said Saturday.

Most of the computers trying to access the websites were traced to China, the Ministry of Public Administration and Security said in a statement.

The Korean Culture and Information Service and the Justice Ministry were the targets of the so-called denial of service attacks on Friday, in which large numbers of computers try to connect to a site at the same time to overwhelm the server, the statement said.

The security ministry said it quickly blocked access by 274 computers with Internet Protocol addresses — the Web equivalent of a street address or phone number — mostly in China.

On Wednesday, similar attacks originating from China occurred on a site run by the security ministry.

The statement said it was investigating who was behind the attacks.

Last year, government websites in South Korea and the U.S. were paralyzed by similar cyberattacks that South Korean officials believed were conducted by North Korea.

South Korean media have reported that North Korea runs an Internet warfare unit aimed at hacking into U.S. and South Korean military networks to gather information and disrupt service. Source (news.yahoo.com)

So after few years all of we will see that a country has taken responsibility to make cyber terrorists.

With Thanks

urproblemmysolution Team

The First Birth Aniversary of our Blog

2010-06-12T15:42:00.002+05:30

To my Thousands of Readers and Commentators/Experts,

I, Sujit Mukerherjee, Adminstrator of this blog started this project a year ago solely for the purpose of making Netizens around the globe aware of the acuteness and seriousness of Cyber Crime that is pervading around us and spreading so quickly that it has become increasingly difficult for Law Enforcement alone to fight this menace. You Netizons have to fight too - almost on a daily basis. That was the reason for the birth of this Blog.

The Blog has received such a fantastic response - thanks to all of you who have contributed through articles and comments.

There is an important announcement to make. I started this Blog on the 12Th of June 2009, and four days later someone booked a domain by the same name - who has nothing todo with this Blog. Please ignore that domain.

"urproblemmysolution" is my brainchild and I wanted to extend this Blog later to a proper domain (dotcom), but that will not happen. Someone already booked that domain name. Please remember that the dotcom site has nothing to do with us. I will announce a domain name through this blog on a future date whenever I'm ready to move this blog to a proper domain name.

Till then please continue reading this blog and bless me with your valuable comments and articles - just as you have been doing so far.

Wishing this Blog a very happy Birthday and Thanking you profusely,

This is your Admin Sujit Mukherjee.....

PS: Today on the first Aniversary of this Blog I have given birth to another Blog that I'm sure will provide very interesting reading material for all of you.

Please await my first posting at www.dailypapercutting.blogspot.com

Cybercriminals and Phishers are in the FIFA 2010 World Cup

2010-06-09T20:58:00.005+05:30

My Dear Friends,

I have already discussed about details of wifi except one part and I think now you are thinking that what is that part. I will tell you that later. But now I am going to tell you what is the latest threat to the netizens related to the forthcoming world cup i.e: FIFA WOrld Cup 2010.

Not only me most of the invabitants of the earth are mad about FIFA WORLD CUP as Maradona, Messi, Kaka, Drogba, Roonie, Robinho many many players will show their skill in this world football championship and most of us will try to enjoy this game through television direct telecast or reach to South Africa to see the games directly by sitting in the gallery and their are 6 official partners and Visa is one of them.

Cybercriminals and phishers are using this sentiments of football lovers. Now definitely a question has come in your mind that what are they doing with these? So I will tell you now what are they doing with these. The cyber criminals and phishers are using malwares with the attachments in the form of tickets and lottery winning mails in the name of Visa and so on. They are also sending you the world cup playing charts of different teams with an attachment and when you open it a malware will be installed in your computer and your computer will be used as zombie by the cyber criminals. For knowing about zombie you are requested to read my previous postings. Not only that the phishers will take your money in their previous style.

Here are two pictures for you, enlarge it. So be cautious. Don't open any unknown mail about FIFA world Cup 2010 and don't download any attachment from this mail as this includes zero day vulnarability, which will not be traced by any antivirus.

Thanking You

Urproblemmysolution Team

Case Studies on Unsecured Wifi and Law of the Countries

2010-05-19T09:31:00.003+05:30

Dear Friends,

I think now definitely a question may arise in you mind that what will happen with unsecured wifi and what are the lime lighted case studies on unsecured wifi. Now I will discuss you all these things.

Here are few case studies in a nutshell:-

1) In UK a copy righted film was downloaded by hacking an unsecured wifi connection of a hotel/restaurant and then the film distributor company filed a suit on the basis of IP address and UK Police traced that hotel and the hotel/restaurant owner was imposed a huge amount of fine by the honourable UK Court.

2) In USA a person was found outside of a building for unsecured wifi connection and he was arrested by USA Police.

3) In India in Ahmadabad blast case the miscreants used unsecured wifi connections of different institutes and hospitals four times for sending mail. The institutes had to face the consequences.

There are so many cases to discuss but I will not discuss all those cases here as those cases here but now I think at the same time you should know what Govt. of different countries are thinking about this. So lets start with India.

In India if anyone's unsecured wifi is used to commit crime initially burden of proof will lie on him and he will be legally liable for commiting crime or a criminal conspiracy of that crime.
TRAI had asked the government to direct all Internet Service Providers (ISPs) to instruct their customers to have ‘proper authentication measures’ so that this facility is not misused. “All ISPs may be instructed to ensure that their subscribers using wireless devices must use effective authentication mechanisms and permit access to internet to only authorised persons using wireless devices,” the regulator said in its earlier communication to the DoT. (Source:- The Economic Times)
Additional Commissioner of Mumbai Police K Venktesan told Business Standard: “If the Wi-Fi connection in a particular place is not password protected or secured then the policemen accompanying the squad will have the authority to issue a notice to the owner of the connection directing him to secure it.”The police could issue a notice under section 149 of the Criminal Procedure Code (CrPC) to anyone found not securing their Wi-Fi connection and user may face criminal investigations. (Source:- www.zdnet.com)

In UK I think you have understood from the case studies.

In German Internet users in Germany, whose wireless networks are left password unprotected, can be fined up to 100 euros, according to a recent ruling by Germany’s top criminal court. (zdnet.com)

In Australia The Queensland Police plans to conduct a ‘wardriving’ mission around select Queensland towns in an effort to educate its citizens to secure their wireless networks. When unsecured networks are found, the Queensland Police will pay a friendly visit to the household or small business, informing them of the risks they are exposing themselves to. (zdnet.com)

Now I think some of you thinking to cause casualty to others unsecured wifi but my friends don't think for that as the hackers are keeping the wifi connection unsecured for trapping the persons who uses unsecured wifi.

Now its upto you what you will do.

Thanking you

Urproblemmysolution team

Unsecured wifi and we--------Part-6

2010-05-17T23:02:00.003+05:30

What is MIC

Dear friends,

This is the second part of one of our readers, valuable comment for making the series more easily understandable and as this is valuable command I am publishing it in front page for all of you.

Sitanshu said...

Dear All,

This is second part of the previous article I posted. Consider is the next page of the same article.

TKIP Message Integrity Check (MIC)

Similar to TKIP, the Message Integrity Check (MIC) had also many versions before 802.11i defined it as a single standard. Once this was done, MIC became known as Michael although the acronym MIC still remains. Today with 802.11i, ratified MIC is Michael and vice versa. The protocol itself was created to help fight against the many message modification attacks that were prevalent in the WEP protocol. The IEEE 802.11i standard describes the need for MIC in the following quote: “Flaws in the IEEE 802.11 WEP design cause it to fail to meet its goal of protecting data traffic content from casual eavesdroppers. Among the most significant WEP flaws is the lack of a mechanism to defeat message forgeries and other active attacks. To defend against active attacks, TKIP includes a MIC, named Michael.” The MIC was created as a more secure method of handling integrity checking compared to the IVC in WEP.

The MIC is a hash that is calculated on a per-packet basis. This means a single MIC hash could span multiple frames and handle fragmentation. The MIC is also on a per-sender, per-receiver basis. This means that any given conversation has a MIC flowing from sender A to receiver B and a separate MIC flowing from sender B to receiver A.

The MIC is based on seed value, destination MAC, source MAC, priority, and payload. Unlike IC, MIC uses a hashing algorithm to stamp the packet, giving an attacker a much smaller chance to modify a packet and have it still pass the MIC. The seed value is similar to the WEP protocol’s IV. TKIP and MIC use the same IV space, although they have added an additional four octets to it. This was done to make the threat of using the same IV twice in a short time period less likely.

The MIC is also encrypted inside the data portion, which means it is not obtainable through a hacker’s wireless sniffer. To add to this, the TKIP also left the WEP IVC process, which then adds a second, less secure method of integrity checking on the entire frame. To combat message modification attacks, the TKIP and MIC went a step further and introduced the TKIP countermeasures procedures. This is a mechanism designed to protect against modification attacks. It works by having an access point shut down its communications if two MIC failures occur in 60 seconds. In this event, the access point would shut down for 60 seconds. When it comes back up, it would require that all clients trying to reconnect change their keys and undergo a re-keying. Some vendors allow one to define these thresholds, although the MIC standard calls out these values.

To prevent noise from triggering a TKIP countermeasure procedure, the MIC validation process is performed after a number of other validations. The validations performed before the MIC countermeasure validation are the frame check sum (FCS), integrity check sum (ICV), and TKIP sequence counter (TSC). If noise was to interfere with the packet and modify it, one of these other checks would be able to find it first, thus preventing the frame from incrementing the MIC countermeasure counter.

Pl keep in touch for more interesting articles on this topic.

Thanking you

Urproblemmysolution Team

Unsecured Wifi and we---------Part-5

2010-05-16T16:52:00.003+05:30

What is TKIP

Dear Friends,

The topic has become interesting here as one of my valuable reader has shared his valuable knowledge with us for explaining more easily about some codes which are used in Wi-fi. TKIP is one of them and for that I have decided to post that technical term in front page for all of us and making this topic more attractive. So lets have a look on that comment

Sitanshu said...

Dear Sujit/Sudipto,

Thank you for a fantastic article on WLAN Security.

I thought that our readers deserve a bit more. There are many advanced users who would like to know more about TKIP, MIC, WPA, WPA2.

I'm therefore posting this article to explain to our valuable advanced readers the inner details of TKIP and MIC.

TEMPORAL KEY INTEGRITY PROTOCOL (For upgrading a WEP based Wi-Fi Network)

The (TKIP) Temporal key Integrity Protocol was an interim solution developed to fix the key reuse problem of WEP. By key reuse we mean that a single key was used to encrypt all packets in the transmission. Once you examined enough packets as mentioned in an earlier posting you could build the key using XOR operations (WEP Key Builder uses that concept)
TKIP later became part of the 802.11i and subsequently part of WPA and WPA2 standards. I have mentioned in a previous posting that both WPA and WPA2 are interim steps towards moving to 802.11i.

TKIP was included in the 802.11i standards for backwards compatibility. The 802.11i standard did not want to use a cipher based RC4, so they chose AES (Advanced Encryption Standard). TKIP was put into 802.11i for the sole reason of helping older devices transition to 802.11i. To do this, 802.11i needed to support a protocol that could easily upgrade WEP to something safe enough to include in 802.11i.. WEP as we all know was weak and flawed. Using TKIP protected against attacks and reduced the overall risk of operating a wireless network.
Today, Cisco differentiates its versions of TKIP and the standard one by calling it the Cisco Key Integrity Protocol (CKIP).
The TKIP encryption portion works in a two-phase process. The first phase generates a session key from a temporal key, TKIP sequence counter (TSC), and the transmitter’s MAC address. The temporal key is made up of a 128-bit value similar to the base WEP key value. The TKIP sequence counter (TSC) is made up of the source address (SA), destination address (DA), priority, and the payload or data. Once this phase is completed, a value called the TKIP-mixed transmit address and key (TTAK) is created. This value is used as a session-based WEP key in the second phase.
In the second phase, the TTAK and the IV are used to produce a key that encrypts the data. This is similar to how WEP is processed. In WEP the first 24 bits of the IV are added in front of the WEP key and then used to create an encryption key that is applied to the data. Then the IV is inserted into the packet header.
The basis of TKIP came from the WEP protocol. In the 802.11i standard, TKIP is referred to as a cipher suite enhancing the WEP protocol on pre- RSNA hardware. This is espoused because RC4 is still used as a cipher, although the technique in which it is used has improved greatly.

The article continues.....

Thanking you

Urproblemmysolution Team

Unsecured Wifi and we---------Part-4

2010-05-16T00:14:00.003+05:30

What is history behind 802.11 in wifi

Dear friends,

So far you have spent your time by reading the three parts of this topic and at this stage I should tell you an interesting history behind this wifi. You have seen some numbers in the articles of my friend Sudipta and some of my friends may have thought that why those numbers are used here. Now I will tell you that thing. So pl read it.

We often hear words, tongue twisting Acronyms for Terms and Terminologies in the world of Computers and other related Technologies. Often these words and numbers do not seem to have any meaning. But they ALWAYS DO…..

Since this series of postings are on the Topic of “Wi-Fi Networks” , you hear the read about the number and letter string 802.11x all the time. Here is the History behind it.

The first meeting that IEEE held for “Network Communication Standards” was in – February of 1980. Therefore, the Working Group Committee for Network Communication Standards was given the number 802. Thereafter, a Subgroup number 11 was assigned for “Wireless Network Communication Standards”. That is the history behind 802.11 naming standard.

After this there have been several Wi-Fi Network Communication Standards. These standards were assigned letters “a”, “b”, “c”, and so on all the way to “m”. That is how you get 802.11a, 802.11b, 802.11c …..802.11m

This is little trivia behind 802.11 xs.

Hope that was interesting reading for you.

Pl keep in touch with us for more interesting article on this topic.

Thanking you

Urproblemmysolution Team

Unsecured Wifi and we----------Part-3

2010-05-14T18:47:00.003+05:30

What is Secure in Wifi.

Dear Friends,
As I promised you earlier that my wifi series posting will be interesting to all you so my friend Sudipta of Future Netwings (www.futurenetwings.com) again has come to stretch his hand to make you understand why WPA-2 is secure and how much secure. So lets have a look:

WPA2 compliments TKIP and the improved data integrity control algorithm with more secured encryption mechanism called Advanced Encryption Standard (AES) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). In other words, this means an improved encryption algorithm. Experts say that AES-CCMP is robust enough to be used for government data security purposes.

WPA2 also has two flavours - WPA2-PSK and WPA2-802.1x Just like WPa-802.1x WPA2-802.1x would require integration of the Access Points with a Directory server using RADIUS.

Release time: July 2004
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: For Corporate WPA2-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA2-PSK may also be used alternatively.
Suitable for Home/Small Business: WPA2-PSK is sufficient for home/SMB.
Cracking: Though there are rumours, it is safe to consider WPA2 as not crackable.

Therefore, for Home/SMBs the order of choice needs to be WPA2-PSK>WPA-PSK>WEP. In addition to this one should also do MAC- binding in the APs for the clients.

However the Corporates should implement 802.1x versions of WPA or WPA2. We have found EAP-TLS implementations with WPA2 and an in-house certificate server very strong in terms of security.

Pl keep in touch with my forthcoming interesing articles on wifi.

Thanking you

Urproblemmusolution Team

Unsecured Wifi and we------Part-2

2010-05-13T16:30:00.006+05:30

Dear friends,

I promised you that some interesting topics on wifi would be forthcoming for you so I decided to explain it in part 2 about why the WEP and WPA are unsecured in a easy way and one of my team members Mr. Sudipta Pal of Future Netwings (www.futurenetwings.com) has tried to explain this before you in an easy and understandable manner. So please read it:-

WEP - Wired Equivalent Privacy.

This is the most primitive wireless encryption technology that uses static Pre Shared keys (single/multiple). WEP has three versions - 64 bit or 128 bit or 256 bit.
An WEP key is formed by concatenating a pre shared key with another quantity called IV (Initialization Vector).
Standard 64-bit WEP uses a 40 bit key (also known as WEP-40), which is concatenated with a 24-bit initialization vector (IV) to form the RC4 traffic key.
A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F). Each character represents four bits of the key. 26 digits of four bits each gives 104 bits; adding the 24-bit IV produces the final 128-bit WEP key.
A 256-bit WEP system is available from some vendors, and as with the 128-bit key system, 24 bits of that is for the IV, leaving 232 actual bits for protection. These 232 bits are typically entered as 58 hexadecimal characters. (58 × 4 = 232 bits) + 24 IV bits = 256-bit WEP key.

Release time: 1997
Encryption: WEP
Authentication: Open (none) or Shared using the pre-shared, static WEP key.
Suitable for Corporate: No, WEP can be cracked in few minutes. Please refer to http://www.youtube.com/watch?v=SRC1Z-ZSEr8 for a video on this.
Suitable for Home/Small Business: No A home should never use this because if a criminal activity happens, the homeowner may not have the political muscles to fight the charges.
Suitable for Corporate: Corporate should never use WEP. However, if at all WEP needs to be used in order to support legacy wireless applications; one should implement technologies like EAP-TLS in order to compensate for the weaknesses of WEP. WEP alone is worse than not having any security at all. Because it leads to false sense of being secured.
Cracking time: Few minutes

WPA (Wireless Protected Access)

WPA is built upon WEP, making it more secure by adding extra security algorithms and mechanisms to fight intrusion. Perhaps the most important improvement over WEP is a dynamic security key exchange mechanism and much more improved authentication and encryption mechanisms.
WPA is also better than WEP in its data encryption abilities. While WEP uses the same static security key for both encryption and decryption of all communication (the key never expires), WPA implements a mechanism involving a number of security keys. This is done through so-called Temporal Key Integrity Protocol (TKIP). This is a revolutionary improvement because even if the intruder obtains one security key, he will not be able to use it for long. This system changes the security key used for data transmission every specified amount of time to prevent cracking attempts.
When we talk about security keys, we implicitly talk about a working mechanism of security keys. The TKIP mechanism shares a starting key between devices, but each device then changes its encryption key for the ongoing communication.

WPA has two variants: WPA-PSK (Pre-Shared Key) and WPA-802.1x

WPA-PSK uses a user defined password to initialize the TKIP, temporal key integrity protocol. There is a password and the user is involved, for the most part that means it is flawed. The TKIP is not really crackable as it is a per-packet key but upon the initialization of the TKIP, like during an authentication, we get the password (well the PMK anyways). A robust dictionary attack will take care of a lot of consumer passwords.

WPA-802.1x involves physical transferring of the key and encrypted channels, it requires one to implement the authentication of the users based on Active Directory or other LDAP based directories.

Release time: April 2003
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: May be, WPA can be cracked though it takes much longer time compared to WEP. For Corporate WPA-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA-PSK is not recommended for corporate.
Suitable for Home/Small Business: Since most of the homes/SMBs cannot afford a Directory server, the only choice they will have is WPA-PSK. A home may opt for this since most of the security best practice guidelines consider this as sufficient. The users in this case need to do MAC binding along with WPA-PSK.
Cracking time: 30 minutes to one hour if the PSK is based on dictionary words. It would take few days if non-dictionary words are used. A brief guide may be accessed at: http://docs.alkaloid.net/index.php/Cracking_WEP_and_WPA_Wireless_Networks

I think you have enjoyed it.

Thanking you

Urpromlemmysolution Team

Unsecured Wifi and We-------- Part -1

2010-05-09T18:18:00.003+05:30

My dear friends,

After long long and long interval I am again in front of you with an interesting topic, which I feel important to tell you. That is un-secured wifi. I think most of you know what wifi connection is. Wifi connection is a method of connecting your computer with the internet. You can connect your computer or any network device in two ways i.e.:- wired and wireless (wifi). So now it’s clear to all what is wifi connection. In your wired connection none can use your connection unless you are connected with internet or you have allowed someone to use your computer systems and in the same way in wifi connection you are not allowed to use anyone’s network connection if it is secured i.e.:- when you are going to use someone’s wifi network it seeks authentication with key or password, though there are some conditions i.e.:- level of encryption.

So now let me tell you some important issues about un-secured wifi networks. First of all you should know what is unsecured network. Unsecured networks are those which do not seek any password or key or authentication to connect to the network. So you are thinking that when a wifi connection seeks all the above requirements they are secured. But not my friend and that’s why I mentioned earlier about some conditions. The conditions are level of encryption. Wifi networks have generally three types of level of encryption i.e.:- WEP, WPA1 and WPA2. WEP and WPA1 can be cracked easily. So the wifi networks with WEP and WPA1 are not secured. WPA2 is secured.

So now definitely a question has arose in your mind where un-secured networks are found. These are found outsite the hotels, restaurants, corporate areas and in the IT sectors, cafes, airports, outside someone’s residence nursing homes, hospitals, colleges etc, and study says that 30% wifi networks are secured in the world and rests are unsecured. So it’s a huge drawback for wifi networks.

To be continued and be in touch for some interesting forth coming topics on the same subject.

With thanks
Urproblemmysolution Team

How to trace email sender

2010-03-08T00:04:00.001+05:30

My Dear Friends,
I discussed you earlier about many type of cyber crimes, where we become a victims, like phishing mail, spoof mail, threat mail, cyber stalking mail and so on. But my friends if we know the or trace out sender then we can take precautionary measures and at least we can help those police officers, who does not know any thing about finding the sender of the offensive mail.
So, let talk about that. Before finding out the sender we should find out the header file of the mail and I think you know to find out the header file of the mail. Then copy the header file of the mail and open the link www.ip2location.com/emailtracer.aspx
You will find a open box (Pl c the picture above) there and then paste that header file, which you copied earlier and now click on "Find Location" and now you will see the IP address of the sender and also the path through which it came to you.
Now you give the sender's IP to the Police for there enquiry or investigation. I think this will help you lot from the cyber criminals, specially those who make you fool by there phishing mails.

Here is Video Tutorial from other links and I thought it is helpful for everybody and thats why this for you.

http://www.metacafe.com/watch/1355889/how_to_trace_email_sender_and_locate_him_with_the_satellite/

Pl copy it and paste it on your browser and enjoy.

Thanking you,

Urproblemmysolution team

A HI-Tech Crime with Bank ATMs

2010-02-25T16:10:00.001+05:30

My Dear Friends,
Now I am going to tell you another true story about a hi-tech crime by low profile criminals with bank ATMs. Perhaps you are thinking that I am going to tell you about ATM hacking by using spy cam of skimmer. No my friends I will not tell you that but I will tell you how the low profile criminals have discovered the vulnerability of bank ATMs, where you take out your ATM card after swiping it in the card reader. Now I will request you to take a careful look at the above picture and Now you will see three rounded unmarked keys and the criminals are using vulnerabilities of these three keys. Mainly they are using two keys by the both sides of 0 (zero) in the key board. Perhaps you are thinking what can they do with these two keys as they they are not usable. But my friends here is the vulnerability of the Bank ATMs. I don't want to discuss much more than this here as this may be misused by criminals.

Now I will tell how you are victimised in this ATM counter.

Step 1:- You have entered in the ATM room for withdrawing your money.
Step 2:- You have swiped your ATM card and taken it out from card reader.
step 3:- You have been asked to put your PIN number.
step 4:- You have given your PIN number but the monitor is not showing you the cross mark on the screen its invisible.
Step 5:- You will see your screen is dark and then you will be perplexed and think that the ATM machine is not functioning so you will come out and someone may request you to come out from there quickly as he is in hurry.
step 6:- That person will be able to withdraw money from there and in the mean time you have left the place already.
step 7:- you will find another ATM for your urgent withdrawal and there you will find that your balance has been deducted by rs. 10000 or 20000.

Now you will be surprised and contact with your bank and they will tell you yes you withdrew this amount as the system was showing the successful transaction and bank ATM authority has checked their physical balance, which also show the successful withdrawal.

Now what will you do?

You will go to police station and police will not believe it as I think most of the police personnel are not aware of this crime.

So you will have to remain cautious for this for saving your own hard earned money. So what will you do? If this situation (Step 4 and 5) comes to you in any ATM counter don't come out from that room (ATM Counter) stay there at least 10 minutes as your session is still pending there otherwise the miscreants will utilize your session and withdraw money from your account.

How they are I will not tell you this thing is happening and be cautious.

This is not cyber crime but this is a computer related crime and thats why I have told you. So my friends be cautious about these type of criminals and this is happening in the crowded places, where there is a huge ATM withdrawl everyday.

Disclaimer:- This is for awarness purpose if anyone misuses it he will be completely liable for this.

Thanking you,

Urproblemmysolution Team

What is New in Phishing

2010-02-15T23:20:00.002+05:30

My Dear Friends,

I already brought before you different types of phishing earlier and all my writings were on the basis of originals facts, which happen in daily life, and these are not from any books or from any lectures or from those who don't do anything but shows that they do everything. So what I am going to bring before you a new type of phishing, which I detected after getting a information from someone.

This is actually Phishing in the form of Extortion. These type of mail goes to the renowned persons in the society. He may be a Doctor, businessman or any big corporate personality and in the place of sender's email id it will be a email id of an extremist group.

Now just have a look on the email id. maoist.in@yahoo.com, maoist.in@gmail.com, alkaidaagent@yahoo.com and so on. Actually they are using the name of the extremist group of the target country for sending mail to their target persons and they are claiming money from them by telling that they had been appointed for killing him within a stipulated period and if he (the target) pays him a certain amount they will disclose him the name of that person and will not kill him but if the target does not pay they will kill him on that very day.

After getting the mail if the target person responses they will give him the account number and there after they will withdraw the money from their through ATM counter and the person in whose account the money will be deposited by the victim he is also a victim in this case as they are using his Bank Account like other phishing cases.

Now definitely you are thinking who is the culprit behind it. Yes my friend I think you are guessing about the right man. They are none other than the ...........
No no I don't want to tell the name of that Continent and that community people as they may say again we are. Really my cheat brothers I don't want to take your name here and thats why I am not telling. I hope one day you will come in the life of civilized society.

So my friends I will request you not to get affraid on these type of mails as these are phishing mails in the form of extortion and I will also request you to spread this news to all of your friends about this recent phishing mails.

Best of luck.

Thanking you,,

Urproblemmysolution team.

How to Avoid Keylogger

2010-02-13T14:24:00.000+05:30

My Dear Friends,
I think all off you have got a good lesson from my last case study and every one is anxious about their net banking and even using their mobile phone. I am telling you one thing that after detecting this case when my friends and others knew the mode of operation of hackers they got scared when their mobile phones were not responding even after seeing the full signal tower on their phone.
But now I will tell you how to bypass the keylogger, which steals all of your keystrokes and even screen shots, in your computer for doing any net transaction or opening your official and very personal email id. Keylogger can be installed by remotely also and thats why this is very very dangerous for all as sometimes you can't fell its presence in your computer. So you can only get relief from keylogger if you install KeyScrambler in your Mozilla Firefox browser and don't forget to use Mozilla as your browser in case of secured net banking or opening email id as mozilla has all the qualities to give you security. You should know that even Virtual keyboard is now a days not out of danger from Keylogger
Now I will tell you how to install this add on on your browser. Open Mozilla browser ->Tool->Add on->Get Add on->write KeyScrambler->Browse and now you follow the direction. And now your key board is secured from Keylogger.
Please do this and get the result. Don't forget to say thanks.

Thanking you

Urproblemmysolution Team

A CASE STUDY ON NEW HI-TECH CYBER CRIME

2010-02-06T23:44:00.000+05:30

My Dear Friends,
After long long interval I am going to tell you a true story about net banking fraud in a new style. This is in my career a totally new type of hi tech crime. I don't know whether this was detected earlier by any one or not? But I thought this should know everybody who use net banking system and use mobile phone. In this case the name the mobile service provider is not given but I think now after this if any of the mobile service provider read my blog they will definitely rethink their security system as here I don't find any security drawback of the bank.
So my friends let go to the case history:-
GIST: - One person’s **** bank account was hacked by hackers. The amount is RS. 3,00000/- plus . His mobile number was **********
Fact in Net Banking:- If someone wants to transfer some money from his account to other he will have to add him in his net banking profile as third party and during this period bank will send a URN number to his registered mobile number, which he registered with bank and a person can change this number only at the time of his personal presence with wriiten application in bank. So the bank thinks their net banking security is very strong as those can’t be hacked.
What complainant did for his net banking security: - Only he had access to his net banking even his wife did not know about this and for that reason when he was transferred to other state he did not change his mobile number with his bank by thinking that if someone hacks his bank account from his office or anywhere hacker can’t do that as he will not get the URN no. He thought so as now a day’s most of the company uses key logger for monitoring their employees activity.
Investigation revealed that the account was hacked from Nigeria in three different dates.
How Hackers Got Success:-
STEP 1:- The hackers collected the user name password of the complainant anyhow, may be by using phishing page or remote key logger. But the complainant did not confess about any phishing link update.
Step 2:- They learnt the details of profile of complainant where his mobile number were noted.
Step 3:- They learnt from their Indian agent the details of mobile subscriber and then they reported as a case of mobile lost in a Mobile Service Provider Store/Web World in Mumbai and deactivated the number (which was in Other State and used by the complainants daughter) there then the re-issued the same number from there with a different ESN number.
Step 4:- Then they added five accounts as third party (Beneficiary) by hacking his account and got the URN no in their mobile and transferred the amount to those five accounts, who withdrew the amount from ATM counter.

So my friends what are you thinking now? Are you secured or can u keep yourself safe from criminals for misusing your mobile phone and doing crime ? Now you think and I am promising I will again come back to you with another interesting hi-tech cyber crime for your knowledge.
Disclaimer:- Though the fact is true this is for the knowledge of netizens and if anyone misuses it he will be completely liable for this.

Thanking you
Urproblemmysolution

How to stop Credit Card Fraud Physically

2009-12-23T14:17:00.000+05:30

Dear Friends,
After long interval I am going to post a valuable comment of one of my valuable reader for you about how to stop Credit Card fraud physically i.e from clonning or skimming. Here it is for you:-

Sitanshu said...
Dear Sujit,

I wanted to post an article on countering Counterfeit Credit/Debit Card Fraud.

A world class security expert Mr. Tom Patterson has developed a technology that will stop Counterfeit credit/debit card fraud. The technology uses the fact that the Magnetic Sripe on a card is unique like DNA. No two cards have the same microstructure on the magnetic stripe.
MagTek Inc. where Mr. Patterson is the CSO has used this fact to combine the Personal Data of the Card holder and the uniqueness of the Magnetic Stripe holding that data to create a unique DIGITAL ID for each card holder. This way even you duplicate someone's card the Duplicate Produced will never match the original card's digital signature created by this Technology. The Technology is called "MagnePrint".

As long as any card uses Magnetic Stripe on the back using standard format (3 Lines) is concerned this technology will counter duplication. The Technology could be used for "Driver's License", "Credit Cards", "Debit Cards", University Exam Cards etc. It is cheaper than RFID and very very easy to use.

Hope your viewers will enjoy the article.

Warm Regards,
Sitanshu Ray

He also sent me a link from you tube about credit card skimming. I checked it and for that I would request you to visit the link and enjoy the video in the following link

http://www.youtube.com/watch?v=U0w_ktMotlo

paste it on your browser and visit

With Thanks
Urproblemmysolution Team

Latest Case in Phishing

2009-10-15T15:26:00.001+05:30

What is Latest in Phishing

Dear Readers,

After long interval I am again going to tell you a new threat of phishing. Earlier I already discussed you about different phishing attacks in the phishing topic and there you learnt that they send you mail for updating your bank account, they send you offer for being their bank employee for collecting their money, they send you offer letter by claiming your details including your family members name, they tell you about your email id has got lottery of huge amount but later on you have to get your custom clearance by paying a certain amount and finally you get nothing and you lose your money, they tell you that a trust has nominated you for paying a certain amount and finally you get the same result like the last example and all these are phishing mails, which causes you a huge monetary loss.

Now I will tell you what the latest threat is. You have got an email from your bank security mail id that someone may have compromised your bank account and we found a suspicious net transaction of RS. 10000 from your bank and we stopped the transaction for suspicion but if you think that it is a right transaction then allow it or stop it by accessing your account on the following link. And if you click on it you will find a cloned webpage of your bank and then you will access it by putting your user id or password and first time they may tell you that your user id or password may not be correct and that’s why they are not opening but put the same user id and password second time that will open and ask you for allow or stop and then they will tell you thanks your suspicious transaction has been stopped as you desired. Now you think that you have got the relief.

But what already happened here, they got your user name & password and they asked you for logging in 2nd time for confirming your user name and password and have already started to operate your account and finally after 24 hours they have transferred your bank amount to their person and if you don’t realize it within 24 hours your amount will be withdrawn by fictitious bank account holders, who opened the accounts by providing fake names and addresses, from ATM counters. This is the actual fact in reality.

Thanking You

Urproblemmysolution Adminstrator

What are the signs of Identity Theft

2009-09-16T00:45:00.000+05:30

What are the signs of Identity theft?

Dear Friends,

You have learnt so far that what is Identity theft and how your identity is theft by criminals and we requested to see two films namely “The Net” and “The Net 2” for knowing the original incident in the world as well as cyber world and now we are going to tell you the signs of Identity theft i.e.:- how your will start suspect that your identity might have been theft. So let give a look on the following points:-

• Accounts you didn't open and debts on your accounts that you can't explain.
• Fraudulent or inaccurate information on your credit reports, including accounts and personal information, like your Social Security number, address, name or initials, and employers.
• Failing to receive bills or other mail. Follow up with creditors if your bills don't arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
• Receiving credit cards that you didn't apply for.
• Being denied credit or being offered less favorable credit terms, like a high interest rate, for no apparent reason.
• Getting calls or letters from debt collectors or businesses about merchandise or services you didn't buy.

With Thanks

Urproblemmysolution Team

What is Identity Theft

2009-09-11T01:57:00.000+05:30

What is Identity Theft?

Hallo Friends,

Sorry for being absent from you for a long period. We had already discussed most of the cyber crimes which occurs in cyber world to our personal life and as our motive is to make aware the netizens about the danger of cyber world and how to remain safe from them without knowing any good computer knowledge and just from applying the common sense so we will now bring before you another dangerous cyber crime which may make your life hell even you are not aware of anything about the complaint against you. Yes friend it is Identity theft.

So let us discuss you what does it mean? Suppose your name is Bill Clinton and you have your credit card, social security number, separate bank account, office identity card and so many things which will speak for your identity and someone has stolen all the data of your personal information and reaching all those places before you and taking all the advantages which you should get or doing crime in your name and in this situation cops has reached in your house for arresting you. What will you feel now? We think it will not be a good experience for you and your family. So we can tell that when someone steals someone’s identity that is called identity or ID theft. Let discuss in the voice of cyber world.

Identity theft is a phrase that is used to describe any kind of fraud that results in the loss of personal data, such as passwords, user names, banking information, social security numbers or credit card numbers.

There are two main types of identity theft – account takeover and true name theft. Account takeover identity theft refers to the type of situation where an imposter uses the stolen personal information to gain access to the person’s existing accounts. Often the identity thief will use the stolen identity to acquire even more credit products by changing your address so that you never see the credit card bills that the thief runs up.

True name identity theft means that the thief uses personal information to open new accounts. The thief might open a new credit card account, establish cellular phone service, or open a new checking account in order to obtain blank checks. The Internet has made it easier for an identity thief to use the information they've stolen because transactions can be made without any real verification of someone’s identity.

I would request you to see two great Hollywood movies over this for your better understanding. They are “The Net” and “The Net 2”.

With Thanks

Urproblemmysolution Team

How Identity is theft

2009-09-11T01:53:00.000+05:30

How Identity is theft

Hallo Friends,

We have discussed about identity theft and now we will brief you how your identity is theft.

1) Social networking: - This is as good as bad for everybody in the net as most of the person who does not think for evil side of the net supplies their personal details to their new unknown friends.

2) Untrusted web form fill up and Job Sites, where we put our personal details for getting job.

3) Skimming:- This happens for Credit cards. (PL search for details about skimmer and skimming in this blog for)

4) Phishing:- All of you have already been discussed in this blog in details. So please search for it.

5) Old-Fashioned Stealing:- They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records, or bribe employees who have access.

6) Pretexting:- They use false pretenses to obtain your personal information from financial institutions, telephone companies, and other sources.

Again I would request to see the Hollywood Movies “The Net” and “The Net 2”

With Thanks

Urproblemmysolution Team

What is Infectious Website

2009-09-02T22:13:00.000+05:30

What is Infectious Website

Dear Friends,

We have already discussed many topics in our blog and now we are going to tell you about infectious website. We think now you are thinking that is it possible? Website and that is infectious, its cant be possible. But my dear friends it’s possible. Now definitely a question has come to your mind that so what is infectious website.

A infectious website is that website which contains virus or harmful materials for your computer and when you run that website your computer will face problem and if you have strong antivirus or use good browser like Mozilla or IE or Google Chrome they will alert you that you are going to visit an infectious website which can cause problem to your computer. Now if you don’t visit its ok but if you continue there is every possibility of installing virus or Trojan in your computer even your antivirus can’t stop it to install it. So we think you have understood how danger it is. But there are also some websites for which browser will not alert you about its infectiousness but they are infectious. Now you should realize which is dangerous and which is not though it is infectious. The infection report which shows the containing about virus, Trojan and worm and other vulnerable software are dangerous but the others are not so vulnerable.

How the websites get infectious?

When a website is taken control by outsider and installs some hidden vulnerable software or Trojan in its content, it gets infectious or when the web administrator installs it with its content for attacking the target machine which visits its site and this happens in case when you visit some porn site or hackers own site and in this cases your browser even cant alert you about its vulnerability.
Even our experience says that one well known Management and Engineering College’s website is also vulnerable and if you visit you will be attacked by Trojan and virus and those will be installed automatically.

Now see the scan report of that website and we are not telling the name of that College.

Diagnostic page for thatverycollege.org

What is the current listing status for thatverycollege.org?

Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 5 time(s) over the past 90 days.
What happened when Google visited this site?

Of the 4 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-08-19, and the last time suspicious content was found on this site was on 2009-08-18.

Malicious software includes 8 trojan(s), 2 scripting exploit(s), 2 virus. Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including chura.pl/.

This site was hosted on 1 network(s) including AS32244 (LIQUID).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, thatverycollege.org did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
This was the scan report of thatverycollege.org website

How to Scan a Website?

Now definitely you are very much eager to know what the easiest way to scan a website is. Google helps us to scan a website through their scan system and here is the tool of Google.
http://www.google.com/safebrowsing/diagnostic?site=www.example.com (replace www.example.com with your own site address). It will show whether Google found anything suspicious on your site.

Thanking you
Urproblemmysolution Team

What Is Virtumonde

2009-08-30T22:23:00.000+05:30

What is Virtumonde?

Dear Friends,

In our earlier posting we discussed about Fake Antivirus and it may be in case of Spyware i.e.: Fake Anti-Spyware but now we are going to discuss you who is the villain behind all these. We think now you have understood what its name is, yes it is Virtumonde. So let us make you clear what Virtumonde is? This is a Trojan which came in the world of internet I the year 2004 for playing a dangerous game with us i.e.: netizens.

What do they do?

If they are installed they come in the form of pop up by showing that your computer is infected and u need to scan it by a particular anti-virus or anti-spyware and the said pop-up will also come on your screen when you are offline and not only that they disable your automatic system update and the function of your original antivirus. Do you know if you are infected by this Trojan they don’t allow your browser to surf those sites which guides you to remove this Trojan, disable the registry editor, msconfig, task manager, Firewall? So we think now you have understood how danger this is.

Its Removal.

It is tough to remove this Trojan from computer if once infected but you can get help or try by reading the guidelines of www.bleepingcomputer.com but we are not sure about this when one of our friend’s computer was infected we advised him to format the computer after taking a backup of some important files and he did so. But mind it if your anti-virus is updated they will alert you that your system is infected with vundo or Virtumonde Trojan.

So friends take care keep on touch with us for some more cyber crime prevention awareness which you don’t know.

With Thanks

Urproblemmysolution team

Fake Antivirus

2009-08-28T02:39:00.000+05:30

Fake Anti virus

Dear friends,

We think most of we love our PC or Laptop and for that we always want to keep our computer clean from all kinds of dangers and for that all the experts say that we should use Antivirus. So we think all of we know what is antivirus and what it does for our computer and as we all are afraid of virus both in human and computer life we always keep our self from viruses. For this two types of men in the world are running their business. One of them want to do good for us and the other person pretends to do good for us but actually they do nothing for us rather they causes harm to our both in economical and living age.

So now we thing you have guessed what we are going to say. Yes it is like fake medicine which does not work in your body but can cause harm to you and it happens to their life who are trapped by the dishonest businessman. So fake antivirus is that antivirus which comes to you in disguise of antivirus but work nothing for you installing Trojan, Spyware and Adware to your machine.

When you will understand its presence, what are the dangers and what to do?

When you see that a pop up is blinking in your screen that your machine/computer is infected by ………..viruses and for removing this virus you will have to install that particular antivirus as no other antivirus can remove this. Don’t be tensed just use your original updated antivirus and scan your machine and do nothing for that fake antivirus even don’t click on them

You see a pop up is blinking and asking you like “do you want to free scan your machine from viruses?”. Don’t do this as if you do that they will show you so many viruses had already been installed in your machine and the message like earlier noted and not only that if you do that they will install some viruses in our machine and for that you will have to either purchase their product or formatting your machine and during purchasing you will have to give them your credit card number which will be misused by them .

So when you get this type of message don’t get nervous just avoid them and don’t show your interest on them but by mistake if you click on them there is every possibility to install virus or Trojan or spyware or adware in your computer. So always keep your computer scanning regularly and update it regularly. Computer experts says this type of anti-viruses as “rogue antivirus” and this is the system the dishonest cyber businessmen and cyber criminals are applying this in the cyber world. So be cautious.

With thanks

Urproblemmysolution Team

Some steps to save your computer

2009-08-26T01:07:00.000+05:30

Dear Friends,

After long interval again here are some tips for you for keeping your computers safe from hackers/crackers which is given to us by one of our readers for the sake of all netizens who has to visit internet for their works.

1. Install Anti-Virus Software - This should not even have to be listed, if you don’t have anti-virus software installed, you’re asking for trouble! And if your reason for not installing anti-virus software is because it’s too expensive, then that can reason can be shot down because there are several free anti-virus programs out there that are considered better than commercial software packages

2. Update All Software - Installing an anti-virus program by itself is not enough. There are hundreds of new threats that are found daily and the anti-virus programs release updates regularly to combat the new threats. Make sure you anti-virus program is set to update automatically so that you don’t have to rely on your memory to do it. Also, this goes for all the software on your computer. The most important software to keep up to date is your Windows operating system. It is essential to have Automatic Updates turned on and set to download and install updates automatically.

3. Install only Trusted Software - If you’re not sure what a piece of software does from it’s name, then don’t install it. Also, don’t install anything you didn’t intend to install in the first place. Sometimes programs will ask you to install other programs during the install of the first application. Be careful of that because it’s usually spyware. Install software from big names sites only, such as Microsoft or Adobe.

4. Avoid P2P File Sharing Software – If used with great caution, P2P software is quite useful for movies, songs and software, but if you’re not very technically savvy, you might end up downloading a song that has a keystroke logger attached to it that will send anything you type to some other computer over the Internet. It’s almost impossible to tell that this is occurring unless your anti-virus or anti-spyware programs pick it up in their scans.

5. Delete Unknown Emails – If you receive emails from random people’s names, do not bother to open the email, just delete it. If you have any doubts after reading the name and the subject, it’s probably not someone you know. Never download or open attachments unless you are sure it’s from someone you know. Give the person a call quickly and ask them if you’re not sure. Most large companies that you create online accounts with will not send you attachments unless you specifically ask for them through their web site. Also, be wary of any emails from sites pretending to be banks, auction sites, etc asking for you to verify bank account info or address info. No bank ever does that.

6. Do not click on Ads - Avoid clicking on ads if you can. Especially those ads where something is flying around and if you shoot the duck, you win some prize! Ads have become more sophisticated in that they try to make the ad interactive so that you’ll be tempted to play it like a game.

7. Run Virus Scans Regularly – If you’re not in the mood to scan every day, at least run a scan once a week. Actually, setup a schedule for your computer in your anti-virus software to run a scan late at night or whenever you don’t use your computer and that way you won’t be bothered with a slow computer.

8. Be careful what you attach to your computer – This is a more common way to transfer viruses than you might think. Everyone now has a USB flash stick that they carry around on their key chains, ready to snap into any computer. But who knows what your viruses are on your friends computers and what accidentally got transferred to their USB stick. A lot of virus programs will auto launch right when the USB stick is put into the computer, so you don’t even have to open or download any of the files to be infected.

9. Avoid Shady Web Sites – If you need to look at porn, then make sure you do it in a virtual environment. You are DEFINITELY going to get some virus or spyware if you browse porn sites on your computer. Virtualization basically allows you to run programs like Internet Explorer in a virtual environment that does not effect your current operating system. If you want to find out more, search for “Virtual PC” or “VM Ware” in Google. Otherwise, simply avoid going to shady web sites!

10. Turn On or Install a Firewall - If you’re running Windows XP, make sure Windows Firewall is turned on. A firewall prevents hackers from gaining access to your computer by limiting the number of ports that are open to the public. Also, when buying a wireless router, make sure it has a built in firewall. Having a software and hardware firewall is better than just having one or the other.

11. Secure Your Wireless Network – Most wireless routers are set to no security when you install them. Be sure to log into the router and at least set the basic security that requires a password. There are stronger encryption options, but if you don’t understand those, then simply set a password on the router, otherwise anyone can connect to your home network and access everything.

12. Use a Complex Password for Login – This means that you should already have a password to login to your computer. Not having a password at all is not a good idea. Create a password for all user accounts and make sure it’s complex. Complex means it should have numbers, upper case characters, lower case characters, and symbols. This makes it way more difficult for a hacker to get into your computer.

With Thanks

Urproblemmysolution team

How to restore Hijacked Browser By Microsoft.Com

2009-08-18T00:13:00.001+05:30

How to restore a hijacked browser

Dear Friends,

Now we will give the tips for restore the hijacked Browser which is published in microsoft.com.So friends now pl read it and take its help if youe Browser is hijacked.

The following six tips can help restore your browser's settings:

Stop cascading pop-up windows.

If endless pop-up windows appear on your screen, you'll probably want to stop the deluge first. To do this in Microsoft Windows Vista, Windows XP, or Windows 2000 while using Internet Explorer:

1.	Press CTRL+ALT+DEL, click Task Manager, and then click the Processes tab.
2.	Click IEXPLORE.EXE, and then click the End Process button.

This closes all instances of Internet Explorer. Then you can re-open the program to continue browsing as usual. To help prevent future attacks, you should also have a pop-up blocker turned on. To turn on the pop-up blocker in Internet Explorer 7:

1.	Click Tools menu, click Internet Options, and then click the Privacy tab.
2.	In the Pop-up Blocker box, select the Block pop-ups check box. Click OK.

If you still experience the other effects of a hijacked Web browser, try the following:

Install preventive software such as the kinds mentioned in the preceding Preventing browser hijacks section. Many browser hijacking programs can be identified and removed by downloading, installing, and running these programs.

Run the Malicious Software Removal Tool. This can catch some, but not all, kinds of hijacking software.

Reset Internet Explorer settings. If you're using Internet Explorer and your home page has been changed, you can often reset it yourself.

•	Close any Internet Explorer or Windows Explorer windows that are currently open.
•	Open Internet Explorer.
•	Click Tools, and then click Internet Options.
•	Click the Advanced tab, and then click Reset.
•	In the Reset Internet Explorer Settings dialog box, click Reset.
•	When Internet Explorer finishes restoring the settings, click Close, and then click OK.
•	Close Internet Explorer.

Disable add-ons. Many browser hijackings come from add-ons, also known as ActiveX controls, browser extensions, browser helper objects, or toolbars. These items can improve your experience on a Web site by providing multimedia or interactive content, such as animations. However, some add-ons can cause your computer to stop responding or display content that you don't want, such as pop-up ads.

To learn how to disable add-ons in Windows Vista or Windows XP Service Pack 2 (SP2), read How do browser add-ons affect my computer?

Removing unwanted programs with the Add/Remove feature. If you're ready to try some advanced removal methods, the Microsoft Help and Support article Unexplained computer behavior may be caused by deceptive software provides additional steps you can take, including how to use the Add/Remove feature, the built-in program remover, and the program finder in Windows Explorer.

Empty the Recycle Bin. When you've finished these steps, especially if you've removed an unwanted program. Then restart your computer.

With Thanks

Urproblemmysolution Team

What is Browser Hijacking

2009-08-16T09:56:00.000+05:30

What is Browser Hijacking

Dear Friends,

Today we will discuss about Browser Hijacking and its details. So we think before discussing Browser Hijacking you must know some definitions which will help you to understand this easily and we think if the netizens know this they will realize if this thing happens to them as now a days due to the strong anti viruses the cyber criminals are using this method to get the data of netizens during net surfing for exploiting them.

So Let’s start our discussion with the definitions:-

Browser: - What is Browser? It is we think known to all. It is an application program that provides a way to look at and interact with all the information on the World Wide Web. So web browser is a client program that uses HTTP (Hypertext Transfer Protocol) to make requests of Web servers throughout the Internet on behalf of the browser user.

Plug-in:- What is Plug-in? Plug-in applications are programs that can easily be installed and used as part of your Web browser. They are called helper applications and run as run as a separate application and require that a second window be opened. They add additional software to your computer when web page is accessed.

Active X: - What is Active X? ActiveX is a set of object-oriented programming (OOP) technologies and tools that Microsoft developed for Internet Explorer to facilitate rich media playback. ActiveX is Microsoft's technology for signing plug-ins.

Computer Parasites: - What is this? Computer parasites are unsolicited malicious programs, which are installed to the system without user knowledge and consent. Most of these threats silently run in background, so you can't notice them. If you have running suspicious processes, strange toolbars in your web browser, changed system settings, undesirable pop-ups or your system runs too slowly and unstably, then there is a huge possibility that your computer is infected with some parasites. Parasites affect mostly Microsoft Internet Explorer web browser.

And now we will come to our main point that is to make you understand clearly what Browser Hijacking is. We think we need not tell you what is hijacking as even the children of today know the term hijacking from the televisions and films. So we think you have already guessed what Browser Hijacking is. Suppose you wanted to go to London but but but you were forced to go to Lahore by the ………………….So who are they? Are they friends or foe? Definitely they are foe and they are criminals yes they are Hijackers. In the same way you opened your browser for visiting Google and your browser is opening page for Alkaida or Pornography. What is this? This is Browser hijacking.

What cyber world says about Browser Hijacking is that it is a malicious program, usually a web browser plug-in that modifies web browser settings in order to change default home, search or error page and redirect a user to undesirable Internet sites. The most generally accepted description for browser hijacking software is external code that changes your Internet Explorer settings. Generally your home page will be changed and new favorites will be added. Most browser hijackers take advantage of Internet Explorer's ability to run ActiveX scripts straight from a web page. Generally, these programs will request permission to install them via a popup that loads when you visit a certain site. If you accidentally give them permission to install, IE will execute the program on your computer, changing your settings. Others may use security holes within Internet Explorer to install themselves automatically without any user interaction at all. Worse, these can be launched from popup ad windows which the user has not even intended to view. (Source www.2-spyware.com)

With Thanks

Urproblemmysolution Team

How To Feel Browser Hijacker In Your Computer

2009-08-16T09:46:00.000+05:30

How To Feel Existance Of Browser Hijacker In Your Computer

Dear Friends,

We have learnt so far what Browser hijacker is and we will learn what they do in our computer. How we will fill that we have been attacked by Browser Hijacker.

- Changes web browser’s default home page to a particular web site without asking for user permission.

- Changes web browser’s default search page to a predetermined web site without user consent.

- Sets own error page instead of web browser’s default one, which is displayed when the entered web site address is not valid.

- Redirects a web browser to a predefined site whenever the user enters invalid address or performs an Internet search.

- Modifies essential web browser settings, decreases default security level and adds undesirable or insecure resources to the trusted sites list.

- Creates numerous links to advertising pages, places desktop shortcuts to marketing sites, adds multiple bookmarks to the web browser’s Favorites list.

-A seemingly endless barrage of ads pops up on your screen.

-New toolbars or Favorites are installed that give you icons and links to Web pages that you don't want.

-Your computer runs sluggishly. Malicious software can slow down your computer.

With Thanks

Urproblemmysolution Team

How Browser Hijacker Comes to you

2009-08-16T09:34:00.000+05:30

How Browser Hijacker Comes To You

Dear Friends,

Now we will tell you how they come to your computer as this will help us to stay away from installing Browser hijacking programs in our computer

1. Usually browser hijackers are installed by unsafe freeware, shareware or advertising-supported programs such as various browser add-ons or toolbars. Even some reputable products’s Instant Messenger can change default web browser settings. Uninstalling the host application in most cases doesn’t remove bundled parasite.

2. Lots of spyware and adware parasites have integrated browser hijackers that get silently installed during the host parasite’s installation process. Removing a particular spyware or adware doesn’t affect a browser hijacker.

3. Some widely spread browser hijackers get into the system using Internet Explorer ActiveX controls or exploiting certain web browser vulnerabilities. Their authors run insecure web sites (mostly with pornographic or illegal advertising content) filled with malicious code or distribute unsafe advertising pop-ups. Whenever a user visits such a site or clicks on such a pop-up, harmful scripts instantly install a parasite. A user cannot notice anything suspicious, as browser hijackers do not display any setup wizards, dialogs or warnings.

It is known that some browser hijackers are dropped by specific viruses, worms or Trojans.

So dear readers now you have realized that if you don’t do this you are safe from Browser hijacking.(Source www.2-spyware.com)

With Thanks

Urproblemmysolution Team

For The Help of Police Officers

2009-08-13T22:25:00.000+05:30

Police Officers Take a Note Please

Hi friends,

We posted here earlier about the hacking of Pay Pal Account and how to remain safe from that and now we are going to post a very useful comment of one of our reader, who is now in CBI. We think we need not to introduce you what is CBI. So please everybody read it and know that you are secured from cyber criminals who hack your Pay Pal Account as they may be caught with the help of Pay Pal by the police. And here is the Valuable command of Mr. Sanjoy Goutam of CBI India:-

Gautam said...

PayPal is pleased to collaborate with the Government judicial authorities for repression of crimes committed by or to the detriment of their users.

Requests for information from law enforcement and the orders of
acquisitions data the court should be directed to PayPal (Europe)
s.àr.l. et Cie S.C.A, 5th Floor 22-24 Boulevard Royal L-2449. These
can be sent to the Fraud Investigation Team

Requests for information by the police include:

• Send by fax on letterhead of the applicant
• Sign in charge of the investigation
• Direct to PayPal (Europe) s.àr.l. et Cie S.C.A.
Each request for information should include the following information:

• The e-mail address.
• All addresses and telephone numbers of the person you investigated.
• Your name, address, department, telephone and fax.
• Specific details about the information you need and how they are
needed for your investigation
*** Please note that PayPal has more than 70 million users and thus
more details
you provide will be more easy for us to identify the information you
have requested ***

PayPal (Europe) Ltd is an institution for the issuance of electronic
money regulated by the Financial Services Authority of the United
Kingdom and must abide by the Data Protection Act in accordance with
the laws. Therefore, for the release of financial details or
information on transactions carried out by our members, you must order
expressed by the court.

So many many thanks to Mr. Sanjoy Goutam from the heart of Urproblemmysolution Team.

What is File Binding

2009-08-13T01:35:00.000+05:30

What is File Binding

Dear Friends,

Now we will tell you that dangerous thing of internet and computer science which is enough to damage your dear computer by coming to your computer home as your invitee and now you have started your guess what it is. We will not keep you in suspense and so now we will tell you what it is and why we are discussing about this. But friends we are discussing about this for informing you how danger it is. Do you know paper filing? We thing most of you know this as this is part and parcel of official work and our personal job. When we keep different papers in a file in a office and then bind it or we can keep the papers serially in a file and bind it its called file binding in our regular life. And same activity is done by the cyber criminals when they use this conception to hack or damage your computer. Now lets explain it to you in a easy way so that you can understand and keep yourself aware from this danger.

Two or more file bind together in a single file is called file binding. Lets take an example. Suppose you have downloaded a picture from Internet. You double click on it to view the picture. As you double click on the picture, it will open in your default picture viewer and an executable file starts running in background silently. That may be a virus, worm, spy ware and add ware or Trojan.

That’s mean picture. jpg + virus. exe = picture1.jpeg or it may be game.exe + virus.exe = fungame.exe

File binding can be done with JAVA programming easily. But the simplest way to bind two or more files in a single file is by using winrar, where we can bind many files into a single file. . And this is the most dangerous for them who downloads movies , ebooks and so on. Not only that we can also set the program priority, means which program to run first.

So we think we have made you clear why we have discussed this before you as in our next discussions we will discuss about different types of wares.

With Love

Urproblemmysolution Team

How To Prevent Attack Of File Binding

2009-08-13T01:29:00.000+05:30

How to prevent attack of file binding?

Dear Friends,

We have told you what is file binding and now we are going to tell you how to prevent the attack of file binding as this will help you to know your file which you have collected from internet.

1. Always keep your anti virus updated.

2. Disable “ Hide Extension For Known File Types”

3. Use utility program like Registry Change Tracker.

4. Use a isolated folder in a different drive to stores downloads from internet

5. Always check the properties of the downloaded file before double click on it.

With Thanks

Urproblemmysolution Team

How to understand your email id is spoofed

2009-08-08T21:43:00.000+05:30

How to understand your email id is spoofed

Dear Friends,

We would request you to read it carefully as here you will find a point about a link on point no (2) and through that we have tried to tell you how to understand a dangerous link which is vulnarable to your computer as now a day the cyber criminals are not directly sending viruses due to strong antivirus programs but they are using links(url) to trap the netizens and spreading viruses and for that we would request you to read it be cautious.

Spoofed Email – Spoofing refers to email that appears to have been sent from someone other than the real sender. Virus writers and individuals who send junk email or "spam", typically want the email to appear to be from an email address that is not their own. Thus, the email cannot be traced back to the originator.

It is often impossible to know if you have received a spoof however to the careful observer there are several clues that help to separate a spoof from a legitimate communication.

Typically, you will know that your email has been spoofed if:

1) An email is from a commercial entity and the message requests that you provide your log in ID or your account will be suspended it is likely a spoofed email. Reputable commercial entities regularly contact their customers by email but they don't ask for log in ID because they already have it.

2) By highlighting links within the suspect email with the mouse cursor and to then looking at the status line at the bottom left of the screen. If the URL in the status line and the link your mouse is highlighting do not match up a spoofer is likely at work. Note that because JavaScript can be used to change the status line this method is not fool proof. Overall, this is a good technique because a lot of spoofers do not bother to use the JavaScript to change the status line.

3) You receive an email with a text file indicates a virus had been detected and removed/replaced

4) You receive a reply to an email from someone you never sent a message to

5) You receive an error message from a system administrator that you sent an infected file or that your message could not be sent to a particular user

6) You receive an email with a blank message.

With Thanks

Urproblemmysolution team

Fake SSL

2009-08-04T23:22:00.000+05:30

Dear Friends,

Here is a good comment from one of our reader and we think that this will help our other readers to enrich their knowledge in this field and they will also be cautios in future by reading this. So thanks to Mr. Sitangshu for sharing his knowledge with us and as it is a good one we have decided to bring it before all of you in the main posting of our blog. Again thanks to Mr. Sitangshu and here is his comment for all:-

Sitanshu said...

There were some very interesting guidelines on this title. I still thought that you may like to mention to your visitors about "Trusted Sites".

Trusted Sites are those sites that have a trusted securities certificate. Companies like VERISIGN for example issue "Trusted Security Certificates". That certificate means that the site is protected by SSL (Secured Socket Layer). To obtain such a certificate "VERISIGN" company would thoroughly investigate the ownership and history of the site. Once the site has received such a certification, their clients could be rest assured that they are opening a "Original Site" and not a "Fake Site".

But the irony is that hackers have managed to find a flaw even with the way a browser could be fooled into clicking into a site that is not SSL certified.

During a MITMA (Man in the middle attack phase), an attacker could wait for a person to click on a site that has an SSL certfication. But that site is a bogus site (meaning the person sending the link inserted the trusted site certificate, but the really is not SSL certified" . It has a "Site name that contains a Proper SSL certified site name followed by a blank followed by the rest of the name which is "the complete fake site name".

FAKE SITE = GOOD SITE PARTNAME + NULL + FAKE SITE NAME

Browser stops reading at the NULL character

So when you click on the link with that kind of site name with a null character in the middle of the name followed by the fake site address, you are really conned into entering into a fake site that the browser could not catch. Here you start entering your personal data like credit card number etc. and you become a victim.

I tried explaining a difficult concept in a few words. For more clarity please visit this link on a recent news item...

http://www.msnbc.msn.com/id/32258426/ns/technology_and_science-security/

Please keep writing. We are all indebted to you and your blog.

Sitanshu

August 4, 2009 8:41 AM

Microsoft's Guideline 2

2009-08-02T08:15:00.000+05:30

What you should know about opening files from the Internet or e-mail

The most common way for computer viruses to spread is through files that you get from the Internet or e-mail. So before you download a file or click an e-mail attachment, consider:

Does that file have a virus?

You won't know unless you check. Make sure you have an antivirus program installed and that it is up to date and set to scan all incoming e-mail attachments and downloaded files. Keeping your antivirus program up to date improves its chances of catching the latest known virus.
If you do not have antivirus software installed, you should purchase and install an up-to-date antivirus program to help protect your computer. For a list of popular antivirus programs, see Microsoft Antivirus Partners (http://www.microsoft.com/security/partners/antivirus.asp).

What do you know about that e-mail attachment?

Before you open an e-mail message or attachment, consider:
Do you know and trust the sender of the e-mail message? If you get e-mail from a person or business you’ve never heard of before, you should be cautious.
Have you exchanged e-mail with this person before? If you get e-mail from someone you know but have never corresponded with, ask yourself if there is any reason you’re getting this message now—especially if the message has a file attachment or contains a link to a Web site.
Do you have any reason to expect e-mail from this person? If you are surprised to see e-mail from this person, be cautious about opening the message.
Does the message on the subject line make sense coming from the sender? If the subject line is just gibberish or nonsense, you’ll be safer if you delete the message.
If the answer to all of the questions above is no, it's probably best to delete the message.
If you know the sender of the message but the message looks suspicious, don't hesitate to send a message to the sender asking if they really sent the e-mail to you. It’s much easier to check before you open the message than it is to clean viruses off of your computer.

Can I trust every Web site?

Not every Internet neighborhood is safe. Be cautious of a Web site if…
You were referred to the site by e-mail from someone you don’t know.
The site contains objectionable material, such as pornography.
The site makes offers that seem too good to be true. Is it just trying to lure you to the site?
You are asked to provide a credit card number but there is no indication that the Web site ensures its transactions is secure.
The site offers free membership but asks you to provide extensive personal information that does not seem necessary or that you do not want to provide.

More trustworthy sites tend to…
Be certified by an Internet trust organization such as BBBonline, TRUSTe, or WebTrust. Look for their logo on the site and click the logo to make sure it is authentic.
Provide a privacy statement that you can understand and that you are comfortable with.
Provide a way to contact the creator or organization—a physical location, phone number, e-mail address, or mailing address.
Have a clearly posted return policy (when applicable) that allows you to return the merchandise if you are not satisfied.
Offer proof of secure transactions, such as a statement that your credit card information will be encrypted, or a symbol in the browser status area that indicates the transaction is secure.

Is it safe to download that file?
You can help protect your computer by thinking carefully before you download a file.

Heed any warnings. When a Web site attempts to download a file to your computer, Internet Explorer will display a message about saving, running, or installing the file. If the message contains a yellow caution icon, then the file has been identified as a type that could pose a risk.
Make sure the message shows the file source (publisher name). If the publisher can't be identified, it is safer to delete the file unless you know for certain who created it.
Make sure you completely trust the Web site providing the file.
Make sure the file is something you requested or are expecting.

Consider the content. Picture, music, and plain-text files are less likely to be harmful. These file types have names that end with a three-letter extension such as .jpg, .gif, .mp3, or .txt. You should be very cautious with all other file types.

Microsoft's Guideline 1

2009-08-02T08:09:00.000+05:30

How to Trust a Web Site.

How do you know which Web sites you can trust? Some Web sites request personal information that you would rather keep private, display advertisements you do not want to see, or expose your computer to software that contains viruses or other security threats. It's difficult to be completely certain, but there are a few key things to look for.

· Is it certified by an Internet trust organization such as BBBonline, TRUSTe, or Web Trust?

Sites that display privacy certification logos have agreed to follow certain practices like providing a comprehensive privacy statement. If you read these statements, you should be able to determine what data the site collects and what the site does with that data (for example, share it with a third party or use it to display personalized advertisements). The certification does not mean that the site collects no data. It means that the privacy statement will tell you what data the site collects so you can decide if you want to use that Web site.

· Is the site from an organization you know and already trust?

For example, it a vendor you have a positive ongoing relationship with or a widely recognized brand or institution that you trust? The site should provide a privacy statement or a Terms of Use statement. Reading these statements should make it clear what will happen when you use the site. If you are not comfortable with the terms or behaviors (for example, you do not want to be tracked or to see advertisements), do not use the site.

· If you don't recognize the site, do you have other information to help you decide?

You should thoroughly research the site before using its services. Read the site's disclosures, ask friends and colleagues you trust, and search the Web for positive or negative articles about the site.

· Does it ask you to provide sensitive personal data?

If you are asked to provide sensitive personal data (such as your password, social security number, credit card number, or bank information), only do so if there is a valid reason and if the site uses a secure method to collect this data. Look for a statement indicating this information will be encrypted or look for the golden padlock symbol in your browser status area to indicate that the information will be transferred using secure methods.

· If it is a retail site, does it have a return policy?

When making a purchase on a Web site, verify that the site has a posted return policy and that the terms are acceptable to you.

Be cautious of a Web site if…

You were referred to the site by e-mail from someone you do not know.
The site contains objectionable material such as pornography.
The site makes offers that seem too good to be true. Are they just trying to lure you to their site?
You are asked to provide a credit card number without proof that the transaction is secure.
The site offers free membership but asks you to provide extensive personal information that does not seem necessary or that you do not want to provide.

What is Bot and Botnet

2009-07-29T19:52:00.000+05:30

What is Bot and Botnet

Dear Friends,

Today we will discuss with you about a dangerous virus named as “Bot”. Bots are similar to Trojans and worms but they perform automated tasks for their master (who created them). And when miscreants are hijacking and linking thousands of compromised computers, called “Botnets”, to launch coordinated attacks. A botnet in action is under the remote command and control of a criminal known as a "Bot Master." Bot is an abbreviation for ‘Robot’. A computer Bot is a remotely controlled malware program that is installed onto a computer without the knowledge or consent of the computer's owner. This type of program may have complete control over the operation of that computer and its Internet functions, but usually does not reveal its presence to the computer's owner or users, or try to interfere with the normal operation of that computer. When a Bot is installed onto a computer that computer will not only be remotely controlled, but will become an unwilling member of a network of similar Bots, known as a "Botnet".

With Love

Urproblemmysolution Team

How Bots are installed in Computer

2009-07-29T19:49:00.000+05:30

How Bots are installed in Computer

Dear Friends,

Computers are infected by bots through different techniques of cyber criminals and hackers. The hackers, crackers and cyber criminals install bot in your computer through hostile links in spam emails and instant messages, hostile JavaScript codes embedded into web pages (with or without knowledge of the website owners), trickery (Trojans - self infection) and social networking site exploits. Some of the tricks used to cause people to infect their own computers with Trojan Bots are phony e-cards and Postcards (favorite of the Storm Botnet), links to view videos where you are informed that you are missing a required or updated Flash player or Codec, and fake security scans that trick you into installing fraudulent security programs to remove the non-existent infections revealed in the fake scan or alert.

With Love

Urproblemmysolution Team

Feeling of Bots’ Presence and how to Get Relief

2009-07-29T19:45:00.000+05:30

Feeling of Bots’ Presence

Dear Friends

Now the question is when you will feel that ‘bot’ has been installed in your computer system secretly. If you find that your key board is not working properly. You are pressing “x” but it is displaying “t” or something other but previously it was working normally. This is an example of the danger side of ‘bot’ in your computer. The other signs include poor computer system performance, slower response times and longer start-up and shut-down times, dramatic loss in Internet connection speeds, loss of hard disk space, web browser frequently closes for no apparent reason, browser's home page resets and cannot be changed, new desktop icons and applications, like toolbars, suddenly appear, access to various computer security-related Web sites is blocked, pop-up ads appear even when the Web browser is closed. Some other signs are computer seems to be accessing the hard drive constantly, an unresponsive mouse and keyboard, when you open your email there are several bounce notifications from people you never tried to email, there is internet activity or your modem's activity light continuously flashes even when you're not even accessing the net, your virus checker is disabled and you're unable to update your antivirus program.

How to get relief from Bot

The national security agencies and cyber crime authorities of different countries are awaring the netizens for preventing the bot and as per the suggestion of cyber security agencies and cyber crime detection wings the netizens should install antivirus software, firewall, using strong passwords, and a good email and download behavior. Even now a day some very good antivirus companies like Norton have brought Antibot software for preventing bots in computer. There are also some free versions of Antibot in the net but I get scarred to use those for favorite personal computers and laptops.

With Love

Urproblemmysolution team

what is worm

2009-07-28T17:54:00.000+05:30

What is Worm?

Dear Friends,

We have already discussed about the details of Trojan and we will discuss about worm and how it endangers our computer and how we can get rid of from this. So lets start about where from it has come and what it is and how to get relief.

History: - Initially this term was used for good purpose but as the time passes it lost its importance to the world as the computer misusers misused it and changed its nature and character for their personal ill motive. The term "worm" actually comes from a science fiction story called The Shockwave Rider written by John Brunner in 1975. In short, the story is about a totalitarian government that controls its citizens through a powerful computer network. A freedom fighter infests this network with a program called a "tapeworm" forcing the government to shut down the network, thereby destroy its base of power.

But the world was not much aware about that word as it was not known to all but on 2nd November 1988 when Robert Tappan Morris, a Cornell University graduate student and son of Robert Morris, the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA), when brought it in the internet from MIT to conceal the fact that it actually originated from Cornell, it became famous (????) to all as it caused near about 6000 to 9000 computer damaged and collapsed the internet but when he realized that it is causing huge harm to the cyber and computer world he then contacting with one of his friend from Harvard send an anonymous message about how to prevent them and how to heal the infected computer from Harvard over the network but as the internet was clogged it was not reached to anyone, which resulted millions of dollar loss. But as per his version he wanted to gauge the measure of internet and how many computers are in touch with internet and even he did not realize at the time of creation that it may cause such huge loss and it is heard that it was programmed in such a way that it would keep continue counting how many computers in the net has got infected. So this is the history.

What actually worm is: - A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.

The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. Many worms come in the form of email file attachments, or as hidden additions to actual email messages, which trigger the execution of infectious code. And even some website contents may carry worm and when you click on them they will try to get installed if you don’t have good antivirus in your system.

Only a good Antivirus can stop and prevent the worm by its background scanning and keep the antivirus always updated.

With Thanks

Urproblemmysolution team

How Trojan Comes to you

2009-07-26T11:59:00.000+05:30

How Trojans enters in your computer.

Dear Friends,

In our previous discussion we already told you what is Trojan and what is the history of Trojan and there we published two pictures through which we explained that if you invite Trojan in your room i.e.: computer they enters there otherwise they don’t have any chance to enter there and you can keep yourselves free from them. So we have primarily understood how the most dangerous computer program Trojan enters in your computer and now we will bring before you the experts comment in a nutshell about how Trojans enters in your computer.
Here the ways or paths, which we give the Trojan to enter in our room and stay with us safely for causing danger to our computer and personal life:-

1) When we download software from an unknown website with an executable file. It comes in windows platform with .exe, .bat, .com, .vbs extension.
2) When we share file during chatting with known and unknown friends.
3) When we download crack file from different websites for validating the trial version of software as experts say that most of the crack files contains Trojan.
4) It comes through multi-extension file name such as .txt.vbs or .jpg.exe and the Trojan creators hide the last extension so that the downloader can’t see the original file status.
5) When we download or open any attachment file or picture from an unknown or untrusted sender.
6) When you blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts.

7) When we open porn sites and porn pictures.

So now you have understood which can stop you from being the victim of Trojan and we think you will follow this during net surfing and installing any file from any outside source.

With Thanks

Urproblemmysolution Team

Pl keep continue your visit www.urproblemmysolution.blogspot.com for knowing more about cyber danger.

Nuisense value of Trojan

2009-07-26T11:57:00.000+05:30

What casualty Trojan does in your computer.

Dear Friends,

Now we will tell you the danger site of Trojans in our computer. We think that you read about cookies and there we learnt that the websites keeps their evidences in the browser for identifying you in the next time when you visit or they keep some records for their creators as their needs and it may be for good or bad. In the same manner if Trojan is installed in your computer the Trojan creates backdoor for his creator for operating your computer from remote by sitting far from you. You just think that the door, windows and all holes of your room are closed and sealed and then can anyone do anything in your room? No it’s impossible as there is no hole to get entry there. But if he can manage to create a hole or open the window or door, he can do anything there by using his power and knowledge. So Trojan is that it creates backdoor in your computer through which the hacker or cyber criminals can hack your system and cause casualty. But you should keep in mind that Trojan can’t do anything without the control of any person or system it does that what its creator programmed it during creation. It just resides in your system hidden and when the said executable file is executed by any means it comes with its original nature. It can format your any drive as per their program or deletes your important data and they can do anything as controlled by their operator.
When they take control your computer is called a bot, since it is now their robot. All passwords, data, system settings, just about anything you can think of can be changed or monitored. Each keystroke you do can be captured. Your sound, screen functions, mouse, you name it can be altered. They can completely control your computer. So these are the vulnerable sides of Trojans.

With Thanks
Urproblemmysolution team.

Pl keep continue your visit www.urproblemmysolution.blogspot.com for knowing more about cyber danger.

Relief from Trojan

2009-07-26T11:52:00.000+05:30

How we can get rid of Trojans

Dear Friends,

We have discussed so far what is Trojan, history of Trojan, how it comes to you, what it does in your computer and now we will discuss you the last topic about Trojan i.e.: how to get rid of from Trojans. Anti-virus programs detect known Trojan horses. However, Trojan horse programs are easier to create than viruses and many are created in small volumes. These Trojan horse programs will not be detected by anti-virus software. The best defense against a Trojan horse is to never run a program that is sent to you. The others are as follows:-

1) Take back up of your important files and then format it and re-install the system.

2) Install good paid antivirus not the free version.

3) Keep the antivirus in auto scanning mode always.

4) Always allow your antivirus to scan your computer completely.

5) If you download any file or image or film don’t run it until you scanned it by your own good paid antivirus like Kaspersky and Norton. Don’t go against antivirus.

For knowing the recent Trojans you are requested to visit http://en.wikipedia.org/wiki/List_of_trojan_horses

With Thanks

Urproblemmysolution team.

Pl keep continue your visit www.urproblemmysolution.blogspot.com for knowing more about cyber danger.

History Of Trojan

2009-07-24T15:51:00.000+05:30

What is The History of Trojan

Dear Friends,

We think now you have understood what we are going to publish before you as the pictures above have made you clear about our discussion. It is that picture which reminds us the great story of Greek mythology. And yes it is. Now you will say why we are discussing the story here. It’s not the place of story discussion but we think we should, as what we will bring before you just now that name has come from this history and practical idea. So we think we have primarily got success to make you understand why the most dangerous and sensitive virus or program in computer world has been christened in this manner. And we have made you clear also that as we invite they come but if we don’t they will not. Yes our friends this is Trojan horse virus of the computer world. As our blog is only for preventing cyber crime and our principle moto is to make aware the netizens about the danger of cyber world and how to get rid of from them and how we can keep ourselves safe from there so readers pl don’t ask us how to write Trojan programs. We are against them who spread this type of danger to the cyber world.

With Love

Urproblemmysolution Team

What is Trojan To Computer

2009-07-24T15:48:00.000+05:30

What is Trojan horse or Trojan to computer?

Hallo Friends,

This was a discussion only and now we will tell you what is Trojan Horse Virus related to computer. It is heard that this virus came to the computer world in the year 1999 in the form of an executable file named "ie0199.exe" and was provided as an email attachment. It will come to you as a useful software but starts damage after its installation as just after its installation the virus writer take the control of your computer through the backdoor which he created by installing Trojan in your system. Trojan horses are not self-replicating. Their action starts just when they come in contact with their writer as the writers use Trojan as remote computer operating program. Until and unless they are interacted with their creator or user they dont work. Is it not functioning like the soldiers of Troy? They work the same way the ancient Trojan horse did: Once they're installed, the program will infect other files throughout your system and potentially wreak havoc on your computer.

So thank you friend this is for today and keep in touch with us we will post the rest interesting portion of Trojan or Trojan Horse virus in our next posting. There are many things to discuss about this in our next postings.

With Thanks
Urproblemmysolution Team

Best Cyber Security Expert Says

2009-07-23T17:06:00.000+05:30

Dear Friends,

Today is our most happiest day for our blog as one of the bset Cyber Security Expert of the World Mr. Gunnar has made his comment on one of our posting on blog and that is on the topic "Pay Pal member beware from phishers and and cyber criminals". This is the most valuable comment of our blog so far and so we have decided to post it on the front page for your kind notice and future guideline. And here it is for you:-

Gunnar said...

Hi there,
I am a friend of Sitanshu Ray who forwarded me that link of your interesting blog.
Phishing mails like this will never stop in a principal way and of cause they can be danger like in this case.
This Phishing mail you posted looks like an "invitation" of a (so called) drive-by-infection. This means, if you open the link from this mail, your computer might get infected by a virus/trojan in a second without interaction. They might use unfixed or new vulnerabiliys in the browser and/or plugins to do that and its very possible that your antivirus didnt "know" that used virus/trojan. In worst case, your computer is after this a part of a botnet or they "only" steal data out of your computer like passwords, banking data etc.
If you check the main URL of this like, you will see that the owner of the domain is "inContact Inc." - a call center. Call Center often act like this and offer there service to "normal" companys i.e. to send out spam etc.
On the inContact Website you can also see the address of them: 7730 South Union Park Avenue, Suite 500 Salt Lake City, UT 84047 or check the nic.com with the whois data.
But the problem is: It's hard to attest them, that they send the phishing mail by themself. They can easily say someone (unknown) did it. But there are also some possibility to make traps for them that could it be possible to sue them ... ;-)
Kind regards
Gunnar
July 22, 2009 10:16 AM

Pay Pal Members Beware of Phishers

2009-07-22T11:30:00.000+05:30

Pay Pal Members Beware From Phishers and Cyber criminals

Dear Friends,

Now we are producing before you about latest fraud emails which was seemed to be generated from Pay Pal and it came to one of our team member and then feeling it suspicious he mailed the entire content to Pay Pal and in response what Pay Pal said we are producing that before you for your future reference.

Here is the suspected mail from spammer with its header file which was sent to Pay Pal for verification:-

Form Message
customer subject: Please use a supported language when contacting us.
customer message: Additional Information: 'Again I recived this mail was
it from yours.?

paypal.feedback@echosurvey.com to me
show details ##:## PM (## hours ago)

Dear Kept Hidden ,( Here they used the name, which they did not use in previous mail)

On ##/##/#### I replied to the email message you sent regarding your

PayPal account. As part of PayPal's commitment to excellence, I want to
make sure I met your needs in my response. Would you please take a
minute to answer a few questions to let me know how I did?

http://surveys#.incontact.com/paypal/survey_paypal.taf?survey_id=####&us
er_id=D###D#D#-DD#C-###A-####-############

>To respond to our survey, please click on the web address above. If
that does not work, please cut and paste the entire web address into the
address field of our browser. NOTE: Please respond within five days so
that you can provide timely feedback to me, Judith . AFTER # DAYS, THIS
INVITATION WILL EXPIRE.
>
>If you wish to take the survey anonymously, click the link below:
>

>http://surveys#.incontact.com/paypal/survey_paypal.taf?survey_id=####'

Here is the response from Pay Pal about the above email:-

Dear Name Kept hidden,

Thank you for contacting PayPal.

Hello, my name is Hazel. From reading your email, I know you are
concerned about the suspicious email you received. I'm sorry if this
caused you any trouble, I'll be glad to explain this further for you.

Thank you for submitting this suspicious email, Mr. Hidden. We did
not send it, so please don't click any link in the email and delete it
if you haven't already. We also recommend that you log in to your PayPal
account and check your transaction history for any inaccuracies.

Please forward the original email to spoof@paypal.com and then delete
the email from your mailbox. Never click any links or attachments in a
suspicious email.

The majority of Unauthorized Access cases are a result of inadvertently
providing account information, such as bank or credit card account
numbers on a 'fake' PayPal website or in response to a 'fake' PayPal
email.

It is also possible that if you have other accounts (email, eBay, etc.)
that share the same password as your PayPal account, and one of those
accounts was compromised, your PayPal account can be at risk of being
compromised as well.

Remember these steps to help protect your PayPal account from
Unauthorized Account Access:

Emails - Make sure they are sent from PayPal

1. If you receive an email and are unsure whether it is from PayPal,
open a new web browser (e.g., Internet Explorer or Netscape) and go to
the PayPal website. Don't click on any link in an email which seems
suspicious to you.
2. Some spoof websites will send emails that pretend to come from
PayPal to entice you to log in at the spoof URL. Be extremely cautious
of emails that direct you to a website that asks for your information,
such as your bank or credit card account numbers.
3. Stay safe; don't respond to emails asking for any of the
following:
o Your password and email address combination
o Credit card numbers
o Bank account numbers
o Social security numbers
o Drivers license number
o First and Last Names

Email Greeting -

PayPal will never send you an email with the greeting "Dear PayPal User"
or "Dear PayPal Member." Emails initiated by PayPal will address you by
your first and last name, or the business name associated with your
PayPal account. Please note that the automatic response you get from us
may not address you by name.

Always log into the PayPal site

* PayPal will only ask for information after you have securely
logged in.
* For your security, PayPal will never ask you to re-enter your full
bank account, credit, or debit card number without providing you at
least the last two digits of the number. These digits let you know that
we already know the full number and are asking you for the rest of it.
Beware of any website or email asking for these numbers for
"verification" that does not prove that it knows the number by providing
at least the last two digits.

Website pages - make sure that they are hosted by PayPal

1. When using the PayPal service, always make sure the PayPal url
address listed at the top of the browser begins with "https." The "s"
ensures that the website is secure. Even if the URL contains the word
"PayPal" it may not be a PayPal webpage.
2. Look for the '"lock" symbol that appears in the lower right hand
corner of the browser. This symbol indicates that it is a secure site.

Do not download attachments, software updates, or any application to
your computer via a link you received in an email. PayPal will not ask
you to download anything for your account to work.

Passwords - keep it on PayPal

1. Use a unique password for the PayPal account and change it every
30-60 days.
2. The password should be one that is not used on any other site,
service, or login.

Thanks for sharing your concerns with us. We value what you have to say,
and we know situations like this can be difficult. If you have more
questions, visit our Help Center by clicking "Help" in the top right
corner of any PayPal page.

Sincerely,
Hazel
PayPal, an eBay Company

Copyright© 2009 PayPal Inc. All rights reserved.

Consumer advisory: PayPal Pte Ltd, the Holder of the PayPal™ payment
service stored value facility, does not require the approval of the
Monetary Authority of Singapore. Consumers (users) are advised to read
the terms and conditions carefully.

Beware From phishing mail Pay Pal Members

2009-07-22T11:11:00.001+05:30

Pay Pal Members Beware From Phishers and Cyber criminals

Dear Friends,

Now we are producing before you about two fraud emails which was seemed to be generated from Pay Pal and it came to one of our team member and then feeling it suspicious he mailed the entire content to Pay Pal and in response what Pay Pal said we are producing that before you for your future reference.

Here is the suspected mail from spammer with its header file which was sent to Pay Pal for verification:-

Form Message
customer subject: English
customer message: Additional Information: 'I received this mai on
##/##/#### and was it from yours?

"Dear PayPal member,

We're sorry. We are not able to process your recent reply to our email.
We are the processor for the email surveys for PayPal and are not
directly linked to the PayPal customer service center.

Please respond through the survey link imbedded in the original email
you received from us.

Thank you and we apologize for the inconvenience.

PayPal Survey Partner"

This is the header:-
Delivered-To: kept hidden##@gmail.com
>Received: by 10.115.60.18 with SMTP id n##cs######wak;
> Mon, ## Jul #### ##:##:## -#### (PDT)
>Received: by 10.140.203.3 with SMTP id
a#mr#######rvg.###.#############;
> Mon, ## Jul #### ##:##:## -#### (PDT)
>Return-Path: <>
>Received: from mail.benchmarkportal.com (mail.echosurvey.com
[###.###.##.###])
> by mx.google.com with ESMTP id
##si########pzk.###.####.##.##.##.##.##;
> Mon, ## Jul #### ##:##:## -#### (PDT)
>Received-SPF: neutral (google.com: 207.166.99.104 is neither permitted
nor denied by best guess record for domain of mail.benchmarkportal.com)
client-ip=###.###.##.###;
>Authentication-Results: mx.google.com; spf=neutral (google.com:
207.166.99.104 is neither permitted nor denied by best guess record for
domain of mail.benchmarkportal.com) smtp.mail=
>precedence: bulk
>in-reply-to: 94dd4f4c0907201044pa3ba0ct@mail.gmail.com
>return-path: <>
>Date: Mon, ## Jul #### ##:##:## -####
>Message-Id:
>from: "paypal.feedback"
>to:
>subject: Automatic Response'

Now what Pay Pal replied:-

Dear Name Kept hidden,

Thank you for contacting PayPal.

Hi Kept hidden! I have read your email and understand your concern over the
email you received. Let me assist you further.

If you think the email you received did not match the description I have
included below please forward the email you received to
'spoof@paypal.com'.

PayPal frequently issues surveys in attempt to find more ways to improve
our service and accommodate your needs.

* If you receive a survey from PayPal, or a third party vendor on
behalf of PayPal, it will arrive as a link sent to you through email *
* To get to the survey page, simply click on the link, or paste the
link into your browser's web address box

Please keep in mind that a medium like email allows anyone to send a
message to you. Before entering information into the survey you received
via email, you should verify the source of the email.

* To make sure that the email survey you received was from PayPal,
follow these tips:

1. You will NOT need to enter your password at any point during the
survey
2. The survey you received will never ask you for any personal
information
3. All surveys will address you by first and last name

We appreciate your input, and we thank you for using PayPal!

We know situations like this can be difficult, so thanks for working
with us. If you have more questions, visit our Help Center by clicking
"Help" in the top right corner of any PayPal page.

Sincerely,
A Name is there
PayPal, an eBay Company

Copyright © 1999-2009 PayPal. All rights reserved.
Consumer advisory - PayPal Pte. Ltd., the holder of PayPal's stored
value facility, does not require the approval of the Monetary Authority
of Singapore. Users are advised to read the terms and conditions
carefully.

More Tips for Pay Pal Account Security

2009-07-21T14:00:00.000+05:30

How To Keep Your Pay Pal Account More Safe?

Dear Friends,

One of our reader has given his valuable command over Pay Pal Account Security and it seemed to us that it should post on our blog so that our other readers get some more knowledge about their security tips for Pay Pal and we will suggest you to read our previous posting first and this is the continuation of that discussion and we think this will help you to keep your Pay Pal Account more and more safe from hacking or money loss.

Thanks

Here is the valuable comment of Kailash.

All About Opensource said...

"I would like to say thanks to all well wishers of this site and also Urproblemmysolution Team for maintaining a such a informative site.
In this post Urproblemmysolution Team almost cover all the things regarding paypal, though i just need to add few point like when ever trying paying something via paypal for any kind of subscription with multiple payment term please do not check the options like "Auto renewal" or "Auto recharge" or "auto payment option" .
Before paying or receiving any money in paypal please read T&C carefully that will take few min for first time but those few min can save your $$$$ being fraud by some cracker.
Keep Changing your paypal password in every 7 days or even after every two transaction.

FYI the official site of Paypal is www.paypal.com

p.s. On-Screen Keyboard can be accessible by type "osk" on "Run"

Cheers :) !!!
Kailash"

How to keep Pay Pal Account Safe from Hackers/Crackers

2009-07-19T16:45:00.000+05:30

How to keep Pay Pal Account Safe from Hackers/Crackers

Dear Friends,

In our last posting we discussed about the modern secured net transaction mediator Pal Pal and what it is and how it works and what type of security system they maintain for their customers and there we also told that their account is now also hacked by hackers/crackers. Before discussing the tips for preventing the hackers/crackers we think that we should give you some basic knowledge about some terms used here. So lets start.

1) Hacker/Cracker:- Hacker and Cracker these are two different terms and used for different categories of men in the net. Hackers means those persons, who can access your personal data and site or email unauthorisedly but they don’t create any danger to your life or your system and they show you how much unsecured is your system. They are good for the cyber world but on the other hand crackers do the same thing but cause casualty to your system or your personal data and money. So our fighting is against cracker and moto is not to give a chance to hacker for accessing our system or personal database in net. We think we are now clear about this.

2) Keylogger :- What is keylogger? This is the most dangerous spyware or a computer program, which studies your all keys when you supply any input to your computer or type it. It may be in hardware form also. This may be installed by cyber criminals in your machine through net if your antivirus program is not strong. This may be kept with some links and if click on that in net that may be installed in your computer and generally phishing links and some pornography links carry keylogger with them for installing them in your laptop or PC. Then they sent your data or user name password to the person, who installed that software in your computer through net. Detecting the presence of a keylogger on a computer can be difficult. So-called anti-keylogging programs have been developed to thwart keylogging systems.

3) On-Screen Keyboard :- This is the key board, which has already been installed in your computer for working with this if situation demands. How you will get it. You go to Start->All Programs->Accessories->Accessibility->On Screen Keyboard.

Now we say how to keep safe your Pay Pal Account. Here are the tips.

1) Create safe password by using safe password tips, discussed earlier.
2) Try to use gmail email id for registering your Pay Pal Account as this is more secure than others.
3) As Pay Pal e-transaction is very much secured so hacking pay pal site is very very tough and for that they use Keyloggers help. For getting rid of keylogger use On Screen Keyboard during typing email id and password in Pay Pal site.
4) Use a separate email id for registering Pay Pal.
5) Don’t share it with any other.
6) Please use paid antivirus for your computer.
7) Don’t use cyber café for this transaction as some cyber cafes use screen shot hidden software in their computers and you will not understand this.
8) Don’t use same password for your email id and Pay Pal Account as if anyone can hack your email id he also can hack your Pay Pal Account.
9) Once Pay Pal Account enquiry or transaction is over please delete all cookies (For knowing the reason pl read when cookie is dangerous) and Log out your Account.

Our other readers are also requested to comment over this for more security to the Pay Pal Account holder.

Thank you

Urproblemmysolution Team

What is Pay Pal Account

2009-07-19T01:29:00.000+05:30

What is Pay Pal (www.paypal.com) Account?

Dear Friends,

As per our words and promise we are going to discuss you about Pay Pal as this is the safest e-transactions in the world as if you visit the above noted website you will find it starts with “https” if you use normal browser and don't use faster browser and for that all the data passes through it to their server is in encrypted form. So we think we first introduce you what is Pay Pal. This is basically a mediator between you and the e-seller and for that they don’t charge any fees from you but they charge it from the seller and that is also a small percentage on sales value. Before that you will have to have an account with them. For opening the account you just need a valid email id, name and address, a valid telephone number. So now a question will arise in your mind that just with the help of that email id can I purchase anything from e-marketing? What should be your answer is it possible that you don’t have money in your account and you will purchase anything. So what you should do. You should keep a balance in your Pay Pal Account and from there you will spend and Pay Pal is taking responsibility to pay the amount to your seller where you don’t know seller directly but getting his product.

So in this stage a question may arise in your mind the why I will do so, I have credit card and debit card facility and I can purchase it by using those from net. Yes you can do that but mind it that all the net transactions are not done through secured channel. Some of them are unsecured and their there is every possibility of your credit card and debit card number get hacked and the hacker may misuse it and for that Pay Pal business is in boom. In our first part we discussed that a balance is needed in your Pay Pal Account and you can’t deposit money directly in your Pay Pal Account from out site the USA as the business is run from USA and for that you will have to transfer the balance to your Pay Pal Account from your credit card or some other cards as desired by Pay Pal. Only the American citizens can do the bank transfer and if you don’t have your credit card there is option to transfer the amount from your friend’s card also if your friend wants and for that I made a quarry to Pay Pal authority that why this system is continued by them and why the other countries don’t have the facility of bank transfer and in response they told that it is due to the security purpose and if a card is used the verification of person is possible and at the time of final transaction before purchase they use their Gausebeck-Levchin Test ( which we discussed earlier) for avoiding bot transaction and even I tried to access their site by using a proxy server but they denied. So you can say that it is secured.

We think now you have become angry on us and your anger is reaching in such a position that you will tell me then why you have posted this here if the system is so secured and you promised us that you will tell us the danger side of cyber world. Yes you are right that the system is very much secured but in spite of that the Pay Pal accounts are get hacked and the people are becoming victim over this and that is why we were discussing you the details of Pay Pal account system. In our next posting we will discuss you what are the dangers in Pay Pal account and why and how we can get rid of from there. So keep in touch with us.

Thanks

Urproblemmysolution team

What is Gausebeck-Levchin Test ?

2009-07-17T20:06:00.000+05:30

What is Gausebeck-Levchin Test?

Dear Friends,

We promised you in our last posting that we will post about Pay Pal as now a days Pay Pal is most trusted and believable transaction for e-marketing and e-payment for your personal liabilities and we will keep our word, which we promised before you and that is why we are going to introduce the Gausebeck-Levchin test and this is the security test of Pay Pal. All of we know that for opening a Pay Pal Account we don’t need money we only need a valid e-mail id so any one can open a Pay Pal Account and continue their transaction by using the stolen credit card number or debit card number and in these cases if it happens that the Account was opened by using a “bot” (Robot type computer program) and at the same time the transaction is generated by that robot programming then its not possible to stop the fraud and spammers So for preventing fraud during transaction Max Rafael Levchin, an Ukraine born computer scientist and co-founder of Pay Pal, introduced a CAPTCHA test during transaction and that is called Gausebeck-Levchin Test as the bot programming cannot read the words on the capture and only human can decrypt that. This is the first commercial implementation of CAPTCHA test.

So a question may arise in your mind that what is CAPTCHA test? CAPTCHA test is the abbreviated form of Completely Automated Public Turing Test to Tell Computers and Humans Apart. Actually it is a human verification test. When you enter in a yahoo chat room you find a box where few words are written in a typical manner and you have to put those words in the box below and if it matches then you get the permission to enter into the room and allow chatting. So you will ask why this is needed. This is needed as spammers may enter in the room for advertising their site by using “bot” programming and the spammers can’t pass the CAPTCHA test so the chatting personalities present must be there and there IP addresses will be tracked for future references.

We think this will help you in future and keep in mind before doing cyber crime where the CAPTCHA test exists.

Thank You

Urproblemmysolution team

Tips For Net Banking Users

2009-07-16T09:29:00.000+05:30

Safety Tips For Net Banking Users
Dear Friends,
Today we will discuss you the safety tips to net banking users as though phishing mail is a global problem now a days and inspite of that most of the net banking users are not aware of the danger side of Phishing mails and for that they are requested to go through the Phishing mail portion of this blog and there we have discussed about the prevention from phishing mails. But except phishing mail there are some other reasons for which the net banking users may be trapped by outsiders. You will say as you are using net banking facility so you know what the safety tips are. During the course of our discharging duty we got one very good software engineer from CAPGEMINI as a victim of phishing mail. So we know that most of you do not follow all this tips. So you are requested to keep in mind all the following tips before starting your net banking facility.

Here are the tips for you:-

1) First of all use your own PC or Laptop for your net banking don’t avail cyber café for net banking transaction.
2) Install there a good updated operating system and keep it in auto updated format when in net.
3) Install good updated antivirus and don’t use free version.
4) Always use SMS alert on any transaction through net.
5) Always use safe password (please go through the safe password tips in this blog) for using net banking.
6) Don’t keep your username and password saves in any file in your computer.
7) Don’t use office computer for net banking transaction as now a days most of the companies use key logger in their computer for studying their employees’ daily work.
8) Before using net banking please check your browser that they are showing ‘https’ as this is secured and if it is bank’s original website ‘https’ will be there. (For knowing ‘http’ vs ‘https’ pl read the discussion about this in this blog)
9) Please keep in mind that ‘The Bank’ never sends mail for updating your user id and password and you find any such mail please delete it and don’t open it and never update your net banking facility from any unsolicited mail.
10) Before starting net banking please type your user name and password in a notepad when your computer is in offline mode and then when you open net banking and copy paste these in your net banking system and then operate it.
11) Please check third party beneficiary list of your account and your profile at least once in a day and if you find any additional name then you delete it understand that it has been hacked and contact with your bank officials immediately.
12) Then you check the mobile no of your profile whether it has been changed or not as the hackers change it for receiving SMS after amount transfer.
13) Then you immediately change your user name and password by using the safe password tips discussed earlier in this blog.
14) Don’t share user name password even with your close person.
Please keep in touch with us as in our next discussion we will bring before you about safety and security of Pay Pal.

With Love

Urproblemmysolution Team

Important Tips For Cyber Cafe Users

2009-07-13T10:18:00.000+05:30

Important Tips For Cyber Café Users

Dear Friends,

We promised in our last posting that we will post some important tips for those who use cyber cafes for their net surfing. We believe that this will be helpful to all of you as most of all have to use cyber cafes for any urgent situation. So please read this and try to follow in your life.

Very important tips when using Public Terminals and Cyber Cafes

		Tip 1 E-Bay Users - Watch Out Don't walk away while logged in. Many web sites let you log in, but set cookies for an online session (such as eBay) so if you close the browser and reopen it, you don't have to re-logon. If you just close the browser and walk away, the next user (who may have been watching while you were surfing), could pickup where you left off. Be especially careful using a Microsoft Passport account as well, since it can also be persistent.
		Tip 2 Surfing at an Internet Cafe, the Public Library, Terminal at the Hotel, or any Terminal Accessible to Others - Watch Out 1. If you use a public terminal (e.g., Internet cafe) with a Windows XP installation, it could ask if you want to associate your passport account to the Windows XP account. Be sure to say "no"(we repeat, SAY "NO") if you get this prompt, or you'll be giving your passport account to everyone that uses that machine. 2. Normal surfing leaves an electronic trail of temporary files, cookies and a history of where you've been. When you're done with surfing, if you're using: · Internet Explorer, click on Tools and Internet Options, on the · General tab, click on Delete Cookies, Delete Files (and be sure Offline content is checked), and · Clear History. · If you downloaded any documents, delete them as well. If you edited any documents clear the "recently used documents" list. To this with Windows XP · right click on the taskbar at the bottom of the screen and then, · select Properties, · select the Start Menu Tab, and · click on Customize then · Advanced. On the Advanced tab, click on the · Clear List button for Recent Documents.
		Tip 3 Restrict Pop-Up Windows and Cookies Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within one's browser can reduce or even prevent scripting or active content. In turn, the number of pop-up windows that appear will be reduced. Some browsers offer a specific option to block or limit pop-up windows. Accessing Web-based E-Mail Accounts When connecting to a Web-based mail account via a cyber café (e.g., Yahoo!, gmail.com), for instance, do as follows: 1) Start the program Microsoft Notepad or Word or any word processing program installed and type your · User Name, · Password, then · Copy the user name AND password using Control C and then paste both into the appropriate fields (use CTRL V) when wanting to log into your web-based e-mail account The above procedure prevents Keyloggers or password stealers program from grabbing your username and password when trying to log-on from such a public terminal - The same logic applies if you log into a web site from your own computer. – 2) Refuse the option that may pop-up by the browser to save the password. 3) Use the site's log off option (disconnect, or close session option), in turn, this will prevent the next user at the cyber café from being able to access your account. 4) Exit the browser and then open it again before leaving the computer to the next user. These types of precautions should be taken because a lot of mail systems use cookies via Internet to maintain the session open while the user goes back and forth between Web pages. Thus, user names and passwords don't have to be requested constantly. Cookies store a value that means "open" to the current session and user, so if the session is not disconnected, anyone can use it. This is especially dangerous in cyber cafés, where several different users continuously work on the same computer, one after another. Thanks Urproblemmysolution Team

How Cookie Works

2009-07-12T22:15:00.000+05:30

How Cookie works

Hallo Friends,

Now you will ask us that in your last posting you discussed us that cookies are not computer programs so how will they work and how can they work and yes you are right its not a computer Program and nor a virus but in spite of that it works and how it works. Actually it works as a passive worker that means when it stays in your computer it helps the browser and server to work freely and smoothly. In our last posting we discussed about the types of cookies and if you read about that then this posting will help you to understand this topic.

The manner through which cookie moves data

· If you type the URL of a Web site into your browser, your browser sends a request to the Web site for the page. For example, if you type the URL http://www.google.com into your browser, your browser will contact Google's server and request its home page.

· When the browser does this, it will look on your machine for a cookie file that Google has set. If it finds an Google cookie file, your browser will send all of the name-value pairs in the file to Google's server along with the URL. If it finds no cookie file, it will send no cookie data.

· Google's Web server receives the cookie data and the request for a page. If name-value pairs are received, Google can use them.

· If no name-value pairs are received, Google knows that you have not visited before. The server creates a new ID for you in Google's database and then sends name-value pairs to your machine in the header for the web page it sends. Your machine stores the name-value pairs on your hard disk.

· The Web server can change name-value pairs or add new pairs whenever you visit the site and request a page.

There are other pieces of information that the server can send with the name-value pair. One of these is an expiration date. Another is a path (so that the site can associate different cookie values with different parts of the site).

You have control over this process. You can set an option in your browser so that the browser informs you every time a site sends name-value pairs to you. You can then accept or deny the values. (source howstaffworks)

Thanks

Urproblemmysolution Team

Cookie is Danger

2009-07-12T22:13:00.001+05:30

When Cookie is Danger

Dear Friends,

If you read about what cookies are then you will get there that Cookies can contain specific information about the user:

Username and password

Date of last visit

So your user name and password of a visiting site may be stored in your computer cookie of that site and you think someone has stolen it by using some software so is it vulnerable or not? You think it. So we need some general solution.

How can one describe the solution from cookies?

To increase your level of security, adjust your privacy and security settings to block or limit cookies in your web browser as follows:

Go to Options (tools in Firefox / Mozilla), click on Internet Options (Options),

Thereafter, click on Privacy, change cookie acceptance privacy level (e.g., do not accept third party cookies - move cursor up with mouse on vertical bar) or accept cookies until I close Firefox, and

Click on General, click on delete cookies to get rid of all temporarily stored cookies you have on the machine right now (Firefox, just check and see what you want, various options best is if you click Privacy, then click on Clear All).

If you don’t use Firefox please go to options in your browser and do the same thing as discussed above.

In our next posting we will give the Very important tips when using Public Terminals and Cyber Cafes please keep visit this blog for your future help.

Thanks

Urproblemmysolution Team

What is cookie

2009-07-10T19:06:00.000+05:30

What are Cookies?

Dear Friends,

In the midst of our discussion about the danger of cyber world we have decided to introduce you some important existences in internet which we have to face during net surfing and which we can’t avoid as we will have to allow them during net surfing, otherwise your desired web page may not be opened in your computer. We think now netizens have started their guess what it is. Yes it is cookies, which are deposited in the hard drives of our computer by the websites when we visit them in the internet. It is essentially your identification card. Actually this is a piece of information sent by web server to a user’s browser. It is a small text file that websites can leave on a visitor's hard disk, helping them to track that person over time. The browser saves the information and sends it back to web server whenever the browser returns to the website. Cookies can also be used for tracking the path of a user while visiting the web pages of a site. Now you will say why we are discussing it here and in response we will tell you that there are some misconceptions about cookies and there are some dangers from cookies as these are misused by website developers and webmasters.

Now let make it clear to you what cookies are:-

A cookie is a unique bit of information sent by a Web server to identify a particular machine and browser.
Cookies are stored in a text file whose exact name and location depend on the user's operating system and browser.
Cookies can contain specific information about the user:

Username and password
Date of last visit

Web servers use the stored information to identify the particular user by requesting authentication information from the user.
Cookies are browser-specific. A cookie set when you browse in Netscape Navigator will not be read if you visit the same site again using Internet Explorer. (source netmechanic.com)

What cookies are not: -

Cookies cannot store any personal information about the user that the user doesn't voluntarily supply to the Web site.
Cookies do not contain viruses, as it is not a program and it is a text file.
A server can only get data from the cookie it wrote to the cookie file - it can't go fishing for information on the hard drive.

There are two types of cookies: a Persistent cookie and a Session cookie. A Persistent cookie gets entered by your Web browser into the cookie folder on your computer’s hard drive. A Persistent cookie remains in that cookie folder, which is maintained and governed by your Web browser, after you close your browser program. A Session cookie is temporary and disappears after you close your browser. Ad serving cookies i.e. Dart cookie falls under Persistent cookie. Finally we can assure you that a cookie can’t be a virus. In our next article we will discuss how cookie works and when it becomes vulnerable.

Thanks

urproblemmysolution team

Your Problem My Solution.

Book on Cyber Crime Protection and Investigation

How To Write and lodge Complaint in Cyber Crime Cases

Beginners' Guide To Investigate Cyber Crime

How To Investigate Cyber Crime (Part-2)

How To Investigate Cyber Crime

How To Identify 419 Scammers Phone

How To Trace/Search Stolen Laptop Part-3

How to Find The Stolen Laptop Part-2

How To Trace Stolen Laptop Part-1

Case Study on Cyber Stalking

What are Different types of Phishing

Link of Identity Theft, Phishing and Cheating

Case Studies on Net Banking Hacking

How to secure your wifi

What is latest cyber attack

The First Birth Aniversary of our Blog

Cybercriminals and Phishers are in the FIFA 2010 World Cup

Case Studies on Unsecured Wifi and Law of the Countries

Unsecured wifi and we--------Part-6

Unsecured Wifi and we---------Part-5

Unsecured Wifi and we---------Part-4

Unsecured Wifi and we----------Part-3

Unsecured Wifi and we------Part-2

Unsecured Wifi and We-------- Part -1

How to trace email sender

A HI-Tech Crime with Bank ATMs

What is New in Phishing

How to Avoid Keylogger

A CASE STUDY ON NEW HI-TECH CYBER CRIME

How to stop Credit Card Fraud Physically

Latest Case in Phishing

What are the signs of Identity Theft

What is Identity Theft

How Identity is theft

What is Infectious Website

What Is Virtumonde

Fake Antivirus

Some steps to save your computer

How to restore Hijacked Browser By Microsoft.Com

How to restore a hijacked browser

What is Browser Hijacking

How To Feel Browser Hijacker In Your Computer

How Browser Hijacker Comes to you

For The Help of Police Officers

What is File Binding

How To Prevent Attack Of File Binding

How to understand your email id is spoofed

Fake SSL

Microsoft's Guideline 2

Microsoft's Guideline 1

What is Bot and Botnet

How Bots are installed in Computer

Feeling of Bots’ Presence and how to Get Relief

what is worm

How Trojan Comes to you

Nuisense value of Trojan

Relief from Trojan

History Of Trojan

What is Trojan To Computer

Best Cyber Security Expert Says

Pay Pal Members Beware of Phishers

Beware From phishing mail Pay Pal Members

More Tips for Pay Pal Account Security

How to keep Pay Pal Account Safe from Hackers/Crackers

What is Pay Pal Account

What is Gausebeck-Levchin Test ?

Tips For Net Banking Users

Important Tips For Cyber Cafe Users

Accessing Web-based E-Mail Accounts

How Cookie Works

Cookie is Danger

What is cookie