Online Survey Company Is Fraud Or Not-how to know

Today, when there is hot dispute is already going on between the star news and online paid survey company Speak Asia after publishing the negative news about Speak Asia and their business behavior. sintuhack strongly feel that sintuhack should post an article to help you find the possible online fraud survey companies which are asking for money any how.


1. Whois Lookup:
A/c to sintuhack try to who is look up for the domain of official website of paid survey company you can easily find the following details.sintuhack also suggest you to know
Who is the owner of website domain?
From since long the website is active, means since how long the company is in survey business?
What is the registered official address? Where the company office is actually located.
All these info helps a lot to decide weather the company you are researching about is just another online scam or not.


2. SEO Research:
Seo research on the paid survey website can easily tell you the fact about how the website is popular in the world. You can look for number of backlinks, Google page rank and alexa rank for this. From alexa traffic analysis you can also find the location of main traffic toward the website so you can know where the website is doing more business in the world.


3. Online Complains and Scam Discussion boards:
One thing more a/c to sintuhack use google to know page rank of that website.
If you search in Google with the words like complain, fraud, scam along with the company name, you can easily find the various blogs or websites where people might have discussed about their issues or complaints with the company. Although every good company will also have some issues with clients but too much of them can really alarm you about possible online scam.


4. Make money online blogs and forums.
Here sintuhack talking about the blogs and forums where people are generally from the similar niche and discuss about how to make money online. It would be great source to find the exact information about such paid scams. If you are new to online money making niche and much not aware of the scams you can also post comments (here also) and threads in forum in similar niche to get reviews of experts in the same niche.


5. Think smartly, wisely and independently.
And last sintuhack guide you to use internet smartly wisely and independently
Think smartly to detect online scams
Its my own experience that people always get trapped in scams because they are always in search of quick rich formula and hence they generally do not think for the most important questions. So think like you want to investigate about the company and not want to invest in it, this way you can find most answers easily.

Read More

Pharming -- a new Way for Internet fraud

Hackers appear to have an increasing interest in reaping financial reward from their actions and creations. If, until now, phishing -- using e-mails to lure users into entering data into spoofed online banking Web sites -- was one of the most widespread fraud techniques, 'pharming' now poses an even greater threat.
Basically, pharming involves interfering with the name resolution process on the Internet. When a user enters an address  this needs to be converted into a numeric IP address as 21.15.63.87. This is known as name resolution, and the task is performed by DNS (Domain Name System) servers. These servers store tables with the IP address of each domain name. On a smaller scale, in each computer connected to the Internet there is a file that stores a table with the names of servers and IP addresses so that it is not necessary to access the DNS servers for certain server names.
Pharming consists in the name resolution system modification, so that when a user thinks he or she is accessing to bank's Web page, he or she is actually accessing the IP of a spoofed site.
Phishing owed its success to social engineering techniques, but since not all users take the phishing bait, its success was limited. Also, each phishing attack was aimed at one specific type of banking service, further reducing the chances of success. Pharming on the other hand, can affect a far greater number of online banking users.
In addition, pharming isn't just a one-off attack, as is the case with phishing e-mails, but remains present on the computer waiting for the user to access the banking services.
The solution against this new kind of fraud lies, as ever, in anti-virus security solutions. Pharming attacks depend on an application in the compromised system (this could be an exe file, a script, etc). But before this application can run, obviously it needs to reach the operating system. Code can enter the system through numerous channels; in fact, in as many ways as information can enter the system: via e-mail (the most frequent), Internet downloads, copied directly from CD or floppy, etc. In each of these information entry points, the anti-virus has to detect the file with the malicious code and eliminate it, provided it is registered as a dangerous application in the anti- virus signature file.
Unfortunately, the propagation speed of malware today is head-spinning, and there are more malicious creators offering their source code to the rest of the hacker community to create new variants and propagate even more attacks. The virus laboratories don't have enough time to prepare the malware detection and elimination routines for new malicious code before they start spreading to PCs. Despite the efforts and improvements from virus labs, it is physically impossible for them to prepare an adequate solution in time against some of these threats that can spread in just a few minutes.
The solution against these kinds of threats should not, therefore, depend, at least not in the front line of protection, on a reactive solution based on viral identifier files but rather systems that detect the actions that theses threats carry out. In this way, every time there is an attempted attack on the computer's DNS system (as in the case of pharming applications), the attack is recognized and blocked along with the program carrying out the attack.
However, there is an added danger with pharming, which lies in anonymous proxy servers. Many users want to hide their identity (their IP address) when using the Internet and use online proxy servers so that the connection is made under the server IP and not the client IP. In a worst case scenario, one of these proxy servers could have its name resolution system poisoned so that users trying to access their bank Web site, could actually be viewing a spoofed site, even though their local name resolution system is operating perfectly.
In any event, the threat that pharming poses is a serious one, although one that is easily resolved. Only with systems that can detect and block changes in IP address resolution systems in computers can we hope to prevent the avalanche of malicious code that will soon be upon us

Read More

Pharming Security

PHARMING-- BY request of one my reader,i am trying to explain what is Pharming.Due to short of time i cant explain all about pharming.
Pharming is the exploitation of a vulnerability in the DNS server software that allows a hacker to acquire the domain name for a site, and to redirect that website's traffic to another web site. DNS servers are the machines responsible for resolving internet names into their real addresses - the "signposts" of the internet.


If the web site receiving the traffic is a fake web site, such as a copy of a bank's website, it can be used to "phish" or steal a computer user's passwords, PIN or account number. Note that this is only possible when the original site was not SSL protected, or when the user is ignoring warnings about invalid server certificates.


For example, in January 2005, the domain name for a large New York ISP, Panix, was hijacked to a site in Australia. In 2004 a German teenager hijacked the eBay.de domain name.


Secure e-mail provider Hushmail was also caught by this attack on 24th of April 2005 when the attacker rang up the domain registrar and gained enough information to redirect users to a defaced webpage.

Read More

Computer Hackers and Predators

How computer hackers and predators are threat for your computer security?

People with bad mind, not the computers, create computer threats. Computer predators victimize unaware people for their gain.  A predator having access to the Internet is exponentially bigger threat to your PC than the others. Computer hackers and predators are unauthorized users who break into others computer systems to steal, change or destroy valuable information, often by installing dangerous and harmful malware without your knowledge. The use of clever tactics and detailed technical knowledge help them to access the information you really don’t want to let them know.
What computer hackers and predators do to find you?
Everyone who uses a computer with a Internet connection is susceptible by the threats of computer hackers and predators. These online demons mainly use spam emails or instant messages, phishing scams, and bogus Web sites (fake or duplicate webpage which almost look like the original) to deliver dangerous and harmful malware to the computer and disable your computer security. They will also try to access your computer and thus your private information directly if you had not taken protection by configuring your firewall. They can also peruse your personal Web page or monitor your chat room conversations. Generally by using a fake identity, predators can fool you and make you into revealing sensitive personal and financial information.
Be aware: computer hackers and predators can do the following things to you.
With the help of malware transmitted by the hacker, he can get your personal as well as financial information without your knowledge. Then he can use this information for his benefit and it will harm you in the aspect of loss of money as well as private information and data. In either case, they may:
•    Know your usernames and passwords and will change it or use it according to him.
•    Using your info they can open credit card and bank accounts in your name
•    Steal your money and Ruin your credit
•    additional credit cards  or Request new account Personal Identification Numbers (PINs) o
•    Make purchases form offline stores.
•    Add themselves or an alias that they control as an authorized user so it’s easier to use your credit
•    Obtain cash advances from your credit card
•     Abuse your Social Security number
•    Sell your information to such person who will use it for illegal purposes
Especially predators can pose a serious physical threat. Be extremely cautious when agreeing to meet an online “friend” or acquaintance in person.
Ways to know that are you in the net or not?
Regularly check the accuracy of your personal accounts, credit cards bills and other documents. Are there any unexplained transactions?
Questionable or unauthorized changes?
 If so, the dangerous and harmful malware is already installed by predators or hackers in your computer.
What can I do about computer hackers and predators?
Read as much as possible about the articles on computer security threats on this blog and increase our knowledge about this. Although Hackers and predators pose equally serious and but very different threats you will wiser enough to avoid their tricks.
To protect your computer from hackers and predators:
•    Regularly check the accuracy of your personal accounts and deal with any discrepancies instantly.
•    Use extreme caution when entering any chat rooms or posting on personal Web pages
•    Put a limit on the personal information you post on a personal Web pages
•    Carefully monitor requests  on social networking sites by online “friends” or acquaintances for predatory behavior
•    Keep personal and financial information out of any type of online conversations
Take these steps to protect your computer from hackers right away:
•    Switch to 2 way firewall.
•    Update your operating system on regular basis.
•    Increase your browser security settings.
•    Only download software from trusted sites you trust.
•    First carefully evaluate free software then use and do same in the case of file-sharing applications before downloading them.
•    Practice safe email protocol.
•    Don't respond messages from unknown senders, even don’t open it.
•    Immediately delete messages you suspect to be spam.
•    Make sure that you have the best internet security products installed on your computer.
•    Always use antivirus protection
•    Also Get antispyware software protection
An unprotected computer is a like a free gift for computer hackers and predators. To protect your computer from hackers and predators also use a spam filter or gateway to scan inbound email or IM messages. While free anti-spyware and antivirus downloads are widely available, they just can’t keep up with the continuous onslaught of new malware strains due to their limited functionality. Previously undetected forms of malware can often do the most damage, so it’s necessary to have up-to-the-minute updated and guaranteed protection.

Read More

How to Avoid Phishing Scams

The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.

* Be suspicious of any email with urgent requests for personal financial information
o unless the email is digitally signed, you can't be sure it wasn't forged or 'spoofed'
o phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
o they typically ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.
o phisher emails are typically NOT personalized, but they can be. Valid messages from your bank or e-commerce company generally are personalized, but always call to check if you are unsure
* Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender or user's handle
o instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser
* Avoid filling out forms in email messages that ask for personal financial information
o you should only communicate information such as credit card numbers or account information via a secure website or the telephone
* Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser
o Phishers are now able to 'spoof,' or forge BOTH the "https://" that you normally see when you're on a secure Web server AND a legitimate-looking address. You may even see both in the link of a scam email. Again, make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links.
o Phishers may also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock has usually been considered as another indicator that you are on a 'safe' site. The lock, when double-clicked, displays the security certificate for the site. If you get any warnings displayed that the address of the site you have displayed does NOT match the certificate, do not continue.
* Remember not all scam sites will try to show the "https://" and/or the security lock. Get in the habit of looking at the address line, too. Were you directed to PayPal? Does the address line display something different like "http://www.gotyouscammed.com/paypal/login.htm?" Be aware of where you are going.
* Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.
o The newer version of Internet Explorer version 7 includes this tool bar as does FireFox version 2
o EarthLink ScamBlocker is part of a browser toolbar that is free to all Internet users - download at http://www.earthlink.net/earthlinktoolbar
* Regularly log into your online accounts
o don't leave it for as long as a month before you check each account
* Regularly check your bank, credit and debit card satements to ensure that all transactions are legitimate
o if anything is suspicious or you don't recognize the transaction, contact your bank and all card issuers
* Ensure that your browser is up to date and security patches applied
* Always report "phishing" or “spoofed” e-mails to the following groups:
o use the form on this page or forward the email to reportphishing@antiphishing.org
o forward the email to the Federal Trade Commission at spam@uce.gov
o forward the email to the "abuse" email address at the company that is being spoofed (e.g. "spoof@ebay.com")
o when forwarding spoofed messages, always include the entire original email with its original header information intact
o notify The Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov/

Read More

Bug disables 150,000 Gmail accounts

NEW DELHI, INDIA: Gmail, with its huge storage capacity, is considered a store house of personal information for many, where many valuable informations are securely kept. But think twice before relying too much on keeping all your informations there alone.

Because, Google's email service has been affected with a bug and almost 150,000 Gmail account holders have reportedly lost their e-mail, attachments and Google Chat logs lost.
Google said it is investigating a glitch in the service of Gmail, which has caused the huge data lose for many users.
The bug reset the affected accounts and showed a welcome message to some users. Google said in a statement that the bug had affected less than 0.08 per cent of all Gmail users. Yes, percentage wise it is a small amount, but 150,000 not a small number too!
It said that their engineers are trying to solve the glitch and as soon as possible the accounts will be restored soon.
“Affected users will be temporarily unable to sign in while we repair their accounts. For those Gmail users reporting missing messages, our engineers are working to restore them as soon as possible,” Google said in a statement.

Read More

Firefox spoofing flaw reported

Mozilla’s Firefox web browser is vulnerable to spoofing attacks, according to an Israeli security researcher. Aviv Raff reported on his blog on Wednesday that Mozilla Firefox v2.0.0.11 allows information presented in a basic authentication dialogue box to be spoofed, opening up the possibility of users being redirected to a malicious website. Earlier versions of the browser may also be affected.

According to Raff, when a web server returns a 401 status code, it causes Firefox to display an authentication dialogue box. The 401 status code is returned by the web server when it recognises that the HTTP data stream sent by a browser or bot is correct, but access to the URL requires further user authentication.

The authentication dialogue box displays the server URL in what is called the WWW-Authenticate header field. This URL is in part defined by the realm value and, according to Raff, it is possible for an attacker to create a specially crafted realm value that will look as if the authentication dialogue came from a trusted website. This is due to Firefox failing to sanitise single quotes and spaces in the WWW-Authenticate header field, after a legitimate realm value enclosed in double quotes has been given.

At least two possible attack vectors are opened by this reported flaw, according to Raff. Man-in-the-middle attackers could create a web page with a link to a trusted website such as a bank. When a victim clicks on the link on the malicious page, the trusted web page would be opened in a new window. A script would be executed to redirect the newly opened window to the attacker’s web server, allowing username and password details to be compromised.

Alternatively, an attacker could embed an image in an email or web page which, when clicked on, would return a specially crafted dialogue login from the attacker’s web server, again allowing authentication details to be compromised.

President of Mozilla Europe, Tristan Nitot, told ZDNet.co.uk that Mozilla is in the process of investigating the report, and so could not comment further at this time.

“We take security seriously,” said Nitot. “We are taking this report seriously, and are investigating.”

Read More

Computer security--Take Care When Downloading and Installing Programs

When you buy an appliance, you give little thought to it doing you or your house any harm. Why? Because there are organizations like Undearwriters Laboratories that set standards and certify products. When you see a certifier’s label, you have more confidence that a product will be safer than a competing product that does not carry the same label. You’re willing to accept the risk because you believe the product has met some standards and has been certified by a respected authority.
Unfortunately, the Internet is not the same. There are neither standards nor many certification organizations. Anyone who writes a program can distribute it through any means available, such as through the web or by sending you a copy. Speaking of that, have you ever received a CD-ROM in the mail? How do you know that it contains what the label says? The answer is: you don’t know. More importantly, it’s difficult to know.


No matter how you acquire a program, it runs on your computer at the mercy of the program’s author. Anything, any operation, any task that you can do, this program can also do. If you’re allowed to remove any file, the program can too. If you can send email, the program can too. If you can install or remove a program, the program can too. Anything you can do, the intruder can do also, through the program you’ve just installed and run.
Sometimes there’s no explanation of what a program is supposed to do or what it actually does. There may be no user’s guide. There may be no way to contact the author. You’re on your own, trying to weigh a program’s benefits against the risk of the harm that it might cause.
What’s the problem you’re trying to solve here? You are trying to determine if the program you’ve just found satisfies your needs (say it provides a service that you want or you’re just experimenting) without causing harm to your computer and ultimately the information you have on the computer. How do you decide if a program is what it says it is? How do you gauge the risk to you and your computer by running this program?
You address these same risk issues when you purchase an appliance; you may just not have realized that’s what you were doing. When you make that purchase, you buy from either a local store you know or a national chain with an established reputation. If there’s a problem with your purchase, you can take it back to the store and exchange it or get your money back. If it causes you harm, you can seek relief through the legal system. The reputation of the merchant, the refund/return policy, and the availability of the legal system reduce your risk to a point where you make the purchase.

Apply these same practices when you buy a program. You should

* Learn as much as you can about the product and what it does before you purchase it.
* Understand the refund/return policy before you make your purchase.
* Buy from a local store that you already know or a national chain with an established reputation.
Presently, it is not as clear what the legal system’s role is for a program that causes harm or does not work as advertised. In the meantime, the LUB practices are a good first step.
Today’s Internet has a feature that standard products don’t have, or at least have but to a lesser extent. This feature is free programs. There is a multitude of free programs available for all types of systems, with more available each day. The challenge is to decide which programs deserve your confidence and are, therefore, worth the risk of installing and running on your home computer.
So then, how do you decide if a program is worth it? To decide if you should install and run a program on your home computer, follow these steps:
1. The Do test: What does the program do? You should be able to read a clear description of what the program does. This description could be on the web site where you can download it or on the CD-ROM you use to install it. You need to realize that that if the program was written with malicious intent, the author/intruder isn’t going to tell you that the program will harm your system. They will probably try to mislead you. So, learn what you can, but consider the source and consider whether you can trust that information.
2. The Changes test: What files are installed and what other changes are made on your system when you install and run the program? Again, to do this test, you may have to ask the author/intruder how their program changes your system. Consider the source.
3. The Author test: Who is the author? (Can you use email, telephone, letter, or some other means to contact them?) Once you get this information, use it to try to contact them to verify that the contact information works. Your interactions with them may give you more clues about the program and its potential effects on your computer and you.
4. The Learn test: Has anybody else used this program, and what can you learn from him or her? Try some Internet searches using your web browser. Somebody has probably used this program before you, so learn what you can before you install it.

If you can’t determine these things – the DCAL tests for short – about the program you’d like to install, then strongly consider whether it’s worth the risk. Only you can decide what’s best. Whatever you do, be prepared to rebuild your computer from scratch in case the program goes awry and destroys it. Task 5 - Make Backups of Important Files and Folders tells you how to make a copy of your important information should you need it.
Your anti-virus program prevents some of the problems caused by downloading and installing programs. However, you need to remember that there’s a lag between recognizing a virus and when your computer also knows about it. Even if that nifty program you’ve just downloaded doesn’t contain a virus, it may behave in an unexpected way. You should continue to exercise care and do your homework when downloading, installing, and running new programs.

Read More

Tools to Track & Recover Your Stolen Laptop

Off late, in coffee shops, college campuses, hotel lobbies and even in cars, laptops and notebook computers are being targeted by criminals. And these incidents are increasing at an alarming rate.[sintuhack].As per FBI, 97% of the stolen laptops are never recovered. That is a staggering stat. But don’t worry, we can increase the odds of recovering / tracking your stolen laptop and that too for FREE![sintuhack]

Ways to Track and Recover your Stolen Laptop

1. Track your Stolen laptop with Adeona

Adeona from University of Washington provides an open source, [sintuhack].free and completely non-proprietary way to track your stolen laptop. [sintuhack].You can install Adeona on your laptop and go as there’s no need to rely on a single third party! What’s more, Adeona addresses a critical privacy goal different from existing commercial offerings. It is privacy-preserving. This means that no one besides the owner (or an agent of the owner’s choosing) can use Adeona to track a laptop. Unlike other systems, users of Adeona can be rest assured that no one can abuse the system in order to track where they use their laptop. You can read the detailed article on Adeona here

.[sintuhack].
2. Locate your laptop with LocateMyLaptop.com

LocateMyLaptop is a free service that offers a stealthy app on your laptop which reports its position whenever the computer is connected to the Internet.[sintuhack]. If it’s lost or stolen, you can issue a self-destruct command to erase all the data on the hard drive – but that requires upgrading to the Platinum Plan, which costs $3/month. But you do not need to pay anything until the disaster strikes. this is because, tracking of laptop is FREE, and you can upgrade to the platinum service only if your laptop gets stolen.

3. Browser Plugin to Track your stolen Laptop – Loki[sintuhack].

Loki is basically a service which can add location of users to any website.[sintuhack]. But it can be tweaked in such a way that you can log directly into Loki to see your laptop’s location on a map, or enable “sharing” – which blasts your location to a public Web page, to Twitter, Facebook, or a handful of other services.[sintuhack]. Only concern is, Loki is not always reliable as it sometimes fails to update the public page with laptop’s location.[sintuhack]. This issue is seen even when Loki browser plugin on the laptop knew where it is.[sintuhack]. Hopefully this issue should be fixed by the next release.[sintuhack]

4. Locate your stolen Laptop with LocatePC

LocatePC is FREE software which lets you track and finally get back your stolen computer or laptop back to you.[sintuhack]. LocatePC sends you a secret email message from your stolen computer or laptop with some crucial information. But again, we will be hoping that the thief will connect the laptop to the internet before formatting. Still, something is better than nothing right?[sintuhack]

Read More

computer security

Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done.

We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although you may not consider your communications "top secret," you probably do not want strangers reading your email, using your computer to attack other systems, sending forged email from your computer, or examining personal information stored on your computer (such as financial statements).
   Intruders (also referred to as hackers, attackers, or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems.

Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target.

Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.

Unfortunately, intruders are always discovering new vulnerabilities (informally called "holes") to exploit in computer software. The complexity of software makes it increasingly difficult to thoroughly test the security of computer systems.

Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them.

Read More