Wednesday, February 29, 2012

Phishing Email Scams - What They Are and How to Avoid Them

Phishing scams have been rapidly growing on the Internet for years. It is a means of online identity theft and fraud. Phishing emails typically look authentic and claim to be from a trustworthy company, usually a banking institution, credit card company, or other financial organization. Some phishing scams seek to steal personal information and financial data. Others can infect computers with viruses and try to convince people to participate unknowingly in scams, such as money laundering. Some well known companies that have been targeted by phishing email scams include eBay, Wells Fargo, Citibank, PayPal, Amazon and Bank of America.

Phishing scams tend to be pretty organized and well thought out. Phishers decide which businesses to target and then figure out how to get email addresses for customers of that business. They tend to mimic spammers in that they apply similar mass mailing and address collection techniques. The phishers use the seemingly authentic email messages to convince people to give up their personal information, many times by providing links to Web pages requesting this information. Then they use the information they’ve gathered to make illegal purchases, steal money from an account, open new accounts in your name, etc - committing fraud and/or identity theft.

There are several things you can do to protect yourself from phishing email scams. For starters, you should have adequate email protection and... make use of some good ole common sense. Here are a few other tips on how to spot phishing emails.
  • Don’t trust the “From” address of an email as it can be easily faked.
  • Be suspicious of emails that include upsetting, exciting, or are urgent requests attempting to get you to react immediately.
  • Don’t blindly trust clickable links in an email as it can be a phony site to steal your personal information. If in doubt, go directly to the company’s website by manually typing the address versus clicking on the link in the email.
  • Never send any personal information, such as social security numbers, online banking passwords, or credit card numbers to anyone via email.
  • Only enter your online banking password on a website in which you have manually entered into the browser’s web address (URL) field.
  • Watch out for misspelled words and incorrect company names. Sometimes an email contains spelling mistakes or misuses a company name. This can be a sign of a phony email and phishing scam.
  • Regularly check your banking, credit card, and other financial statements to make sure all transactions are legitimate.
  • Make sure your browser is up to date with the latest security patches installed.
  • Check a site’s security certificate before you enter personal information into a website.
Furthermore, report phishing emails scams to the groups listed below. You can go directly to these web sites or forward the email scams to the email addresses provided.
If you think you might have responded to a phishing scam, there are a few steps you can take to minimize the damage.
  • Immediately change your passwords or PINs on all of the online accounts that might have been compromised.  If you are not sure, change them all (it's probably time)
  • Contact the bank or online business directly concerning any fraudulent activity on your account.
  • If an account has been opened without your permission, close it immediately.
  • Place a fraud alert on your credit reports.
  • Examine your bank and credit card statements routinely for possible charges that you did not initiate.
Phishing is simply a high-tech scam that works like old-fashioned con jobs, where a hustler convinces a mark that he is reliable and trustworthy. Bottom line: If you receive an email that you think might be a phishing scan, delete it. Don’t click on any links in the message.

Thursday, February 16, 2012

Which mobile OS do I need? Part 2 of 2

Last time we discussed which mobile operating system would be best for you, as a consumer. In the end, it came down to personal preference. There are positives and negatives for each design. Easy-to-use and smooth design lends itself to an iPhone, while versatility and customization lead you to Android.
When it comes to smart phones in an enterprise situation, consumer preference can find itself on the back burner. Data/document management, overall security, and actual phone performance drive decisions.
RIMM (Blackberry) had long been the fearsome leader in the enterprise market. If you were a corporate professional, you were using a blackberry; simple as that. They led the way in messaging, email, and data management. Recently, however, there has been a noticeable shift in enterprise smart phone use.
The recent iPass Mobile Workforce Report Q4 2011 exposes a few of the trends seen in the changing market. The two biggest reasons for shifts in smart phone usage revolve around the changing business structure and a less structured business environment.
First, mobile business is not limited to email anymore. Apps rule the day and a desire to browse the internet help to explain how iOS and Android are gaining ground (or passing) RIMM. Second, corporations are less likely to issue their own smart phones to employees. There is a move to blend an employee’s personal phone with the business environment instead of rigid smart phone control as the idea of mobile working blurs the lines of business and personal.
As can be seen from the image below, iOS and Android saw huge upticks in market share with Apple leading the way. While Blackberry is holding on, the ever-changing workforce indicates that Android will soon overtake them for second in enterprise market share.
Figure 1. Mobile Mobile Workforce Report – iPass

Over the past couple of years, as Apple and Google have worked towards expanding their footprint, they have put great effort in to solving business issues as an effort to make themselves worthy RIMM competitors. Most notably, we see the importance of document control and overall security concerns as features that are changing the OS market share. Important features include things like the use of complex passwords and the ability to wipe a phone’s data remotely are present on RIMM and iOS early on have been integrated in to Android in recent updates. And, of course, exchange/mail support has been standardized across the board.
However, there are areas where the “newer” enterprise participants lag behind Blackberry. Android and Windows Phone 7 properly run each application in a sandbox preventing what outside information may be accessed by an application (and giving you notice of what it may access). You can choose to not install apps should they violate any perceived privacy.
From InformationWeek, we can see that enterprise readiness of each operating system still fights with Blackberry’s RIMM in feature-set. With iOS, while it does provide encryption preferred by enterprise environments, the keys for that encryption are found on the phone. An attacker would have access to such things and puts a big dent in iOS’ enterprise credentials. For Android, you need the newest of the new phones running the Ice Cream Sandwich operating system for proper encryption. Windows phones don’t even attempt such features currently.
Past the nitty-gritty importance of security and enterprise integration, the choice of operating system always comes down to a few personal choices. Within the scope of business, I would focus on usability and comfort.
With concerns on comfort, no physical keyboard on iPhones means that those looking for some actual keys to press will have to look at Android for their phone. It is often overlooked, but excess typing on a screen can be uncomfortable, especially in a work environment. As for usability, iOS features like Siri and the ever present massive app store (combined with the previously mentioned walled garden) put the iPhone ahead of the pack in expected performance. You can find an app to do what you want and you know the phone will perform flawlessly repeatedly. Knowing that the app and phone will do what you want, when you want is the bottom line decision maker for enterprise customers.
There are countless areas to grade and measure when making a decision. But, the negatives that may appear from Android strike me as insignificant when looking at device encryption and security. Android has caught up to RIMM and iOS in regards to passwords and wiping ability and they lead the pack in device encryption and data protection. That is hard to ignore. While usability and style may be second to an iPhone, it looks as though Ice Cream Sandwich running on a Galaxy SII is the enterprise choice to make. You cannot choose style when security is put in to question.

Wednesday, February 8, 2012

Which Mobile OS do I need? Part 1 of 2

In an effort to make the world complex beyond our wildest dreams, cell phone choices have exploded over the past decade. It was not that long ago that cell phone choice was made between the gray Motorola brick or the black Motorola briefcase phone. Then, you could choose between smaller and smaller or, in true futuristic technology, a flip-phone. These days, the term “smartphone” has invaded our brains like a Justin Bieber song.
Phones put out by Apple or Samsung rival the laptops and desktops of 15-20 years ago. And, you can get lost trying to decide which one is for you. You need to choose your carrier, you need to choose the hardware (phones come in all shapes and sizes), and the often overlooked operating system.
Many people are looking for the coolest looking phone with the carrier they currently use and that’s the end of it. However, choosing the operating system that works for you can help to improve your phone experience in ways you did not think of previously.
RIM used to be the 900 pound gorilla throwing around its Blackberry OS weight in the business and personal environment. This has changed with the impressive leaps that Apple and Google have made in the past 5 years or so. Mobile phone OS is dominated by iOS and Android (Apple and Google) with Windows Phone 7 (Microsoft) attempting to carve out its own niche.
Apple’s iOS is currently at 5, Android on Ice Cream Sandwich, and Windows Phone at Mango 7.5. The current top end phones to choose from are the Apple iPhone 4s, Samsung Galaxy Nexus, and Nokia Lumia 800. There are arguments that can be made for days about the available hardware and the carrier choices between these phones, but we are focused on only the operating system for now.


Figure 1. Techstify.com Phone Comparison


The biggest defining factor between the operating systems is a nebulous description of each system’s “openness”. Terminology is thrown around and, sometimes, you can get lost in the bias of whoever is selling you a device. Is the “walled garden” for you? What is the “walled garden”? Where do I find a “walled garden”?
The “walled garden” is used to describe the system that Apple has designed with its iOS. The operating system is setup in a particular way, with particular settings, and any customization is done within Apple’s guidelines. Android, on the other hand, is far more open with countless customizable options and changes available for everything under the sun. Mango 7.5 and Microsoft have tried to stake out a safe middle zone, but drift towards the idea of a “walled garden”. They want you to use the phone in a certain way.
The most defining factor is a user’s ability to install third-party apps on a new phone. Android allows this with the click of a button while Apple and Microsoft do not allow it. To do such a thing on the iPhone or Lumia, you would need to jailbreak the phone (something for another blog). For this reason, Android is more vulnerable to malware. Apple’s App store and Microsoft’s Marketplace approve everything to fit within their requirements.
This is the biggest differentiating factor, the most controversial, and the first stop in deciding what phone is for you. It is a matter of personal preference. The “walled garden” provides you with a consistent, simple experience where you know the apps are tested and approved for your phone and operating system and this is balanced by a more restrictive environment. A more open environment means more choice, but you balance that by risking a less than perfect experience. Every app may not work perfectly on your phone.
When choosing a phone and/or operating system, this is the biggest decision to make. Past that, the available options are too numerous to list.
Highlights of available differences include the virtual assistant, Siri, for the iPhone 4s. Natural voice assistance can be found elsewhere, but it is not integrated in to the phone to the extent Apple has gone. Android provides excellent Google Maps functionality with turn-by-turn directions. The mobile Windows OS has impressive social media and xBox integration, but lags behind the other two in customizing options, available Apps, and various functions like over-the-air syncing and tablet support.
Check out the below table for an extensive comparison of the various features available between the three operating systems.
In the end, it is hard to provide an answer for what comes down to a personal choice. There are positives and negatives to each operating system. Microsoft is just getting its feet wet in the mobile space, so it may be wise to choose a more establish player (Apple and Google). They provide a new flavor, but it is hard to argue with the success that Google and Apple have had in the past few years. They’ve already experienced the mobile phone growing pains that Microsoft is just starting to go through.
And, as mentioned before, a choice between Google and Apple is a choice between simplicity and expected performance or variety and customs. Even after all of that, this is just one part of a decision that also involves a phone that you like and a carrier that you can tolerate.
In the second half of this blog, we’ll look at the phone operating systems and their impact on the corporate and small-business world.
Figure 2. Redmondpie.com OS Comparison