The Crow Glider Park October 24 2013 - YouTube
Son Paragliding: The Crow Glider Park October 24 2013 Boise ID Via -----> http://youtu.be/eQV8bTLADkY via @youtube
Saturday, October 26, 2013
NIST ITL Personal Identity Verification of Federal Employees and Contractors
National Institute of Standards and Technology Information Technology Laboratory
Personal Identity Verification of Federal Employees and Contractors
csrc.nist.gov/publications/nistbul/itlbul2013_10.pdf
On September 5, 2013, ITL released Revision 2 of FIPS 201 (FIPS 201-2), Personal Identity Verification of Federal Employees and Contractors. The revision includes adaptations to changes in the environment and new technology since the first revision of the standard. FIPS 201-2 also provides clarifications to existing text, additional text to remove ambiguities, and specific changes requested by federal agencies and implementers. The updated standard will not require anyone to replace their current PIV card, but will make the new cards, based on the revised specification, more flexible and effective.
Personal Identity Verification of Federal Employees and Contractors
csrc.nist.gov/publications/nistbul/itlbul2013_10.pdf
On September 5, 2013, ITL released Revision 2 of FIPS 201 (FIPS 201-2), Personal Identity Verification of Federal Employees and Contractors. The revision includes adaptations to changes in the environment and new technology since the first revision of the standard. FIPS 201-2 also provides clarifications to existing text, additional text to remove ambiguities, and specific changes requested by federal agencies and implementers. The updated standard will not require anyone to replace their current PIV card, but will make the new cards, based on the revised specification, more flexible and effective.
Friday, October 25, 2013
Investor Sentiment as a Contrarian Indicator by Wayne A. Thorp, CFA
Investor Sentiment as a Contrarian Indicator by Wayne A. Thorp, CFA
Via -----> http://www.aaii.com/journal/sentimentsurveyarticle
Via -----> http://www.aaii.com/journal/sentimentsurveyarticle
Sentiment Survey | AAII: The American Association of Individual Investors
Sentiment Survey | AAII: The American Association of Individual Investors
AAII Investor Sentiment Survey As Of 10/23/2013
Bullish 49.2% up 2.9
Neutral 33.2% up 4.4
Bearish 17.6% down 7.3
http://www.aaii.com/sentimentsurvey
AAII Investor Sentiment Survey As Of 10/23/2013
Bullish 49.2% up 2.9
Neutral 33.2% up 4.4
Bearish 17.6% down 7.3
http://www.aaii.com/sentimentsurvey
Thursday, October 24, 2013
Stocks - News & Commentary | Barchart Morning Call
Stocks - News & Commentary | Barchart Morning Call
OVERNIGHT MARKETS AND NEWS
December E-mini S&Ps (ESZ13 +0.37%) this morning are up +0.43% and European stocks are up +0.53% after a preliminary gauge of Chinese manufacturing activity grew more than expected. Gains were limited for European equities, however, after the Eurozone Oct PMI composite index expanded at a slower pace than expected. Asian stocks closed mixed: Japan +0.42%, Hong Kong -0.71%, China -0.74%, Taiwan +0.24%, Australia +0.31%, Singapore +0.41%, South Korea +0.50%, India -0.20%. China's Shanghai Stock Index closed lower on signs of tighter monetary policy after the 7-day repurchase rate, a gauge of funding availability in the banking system, jumped 65 bp to a 2-3/4 month high of 4.67%, which raises concern the PBOC is tightening liquidity to curb credit growth. Commodity prices are mixed. Dec crude oil (CLZ13 +0.35%) is up +0.35%. Dec gasoline (RBZ13 +0.43%) is up +0.26%. Dec gold (GCZ13+0.49%) is up +0.36% and Dec copper (HGZ13 -0.21%) is down -0.09%. Agricultural and livestock prices are mixed. The dollar index (DXY00 -0.09%) is down-0.09% at a fresh 8-3/4 month low as negative sentiment against the dollar persists. EUR/USD (^EURUSD) is up +0.17% at a 23-month high against the dollar and USD/JPY (^USDJPY) is down -0.03%. December T-note prices (ZNZ13 -0.06%) are down -3 ticks.
The Eurozone Oct PMI manufacturing index rose +0.2 to 51.3, slightly weaker than expectations of +0.3 to 51.4. The Oct PMI services index fell -0.3 to 50.9, weaker than expectations of unchanged at 52.2, while the Oct PMI composite index unexpectedly fell -0.7 to 51.5, a slower pace of expansion than expectations of +0.2 to 52.4.
The German Oct PMI manufacturing index rose +0.4 to 51.5, slightly better than expectations of +0.3 to 51.4, while the Oct PMI services index slipped -1.4 to 52.3, a slower pace of expansion than expectations of unch at 53.7.
The UK Oct CBI trends of total orders unexpectedly fell to -4 from 9 in Sep, weaker than expectations of +1 to 10. Oct CBI trends in selling prices fell to -2 from 3 in Sep, weaker than expectations of +1 to 4, while Oct CBI business optimism jumped to 24 from 7, better than expectations of +10 to 17 and matched the Apr 2010 level as the highest since Jan 1994.
The China Oct HSBC/Markit flash manufacturing PMI rose +0.7 to 50.9, a faster pace of expansion than expectations of +0.2 to 50.4.
U.S. STOCK PREVIEW
Today’s weekly initial unemployment claims report is expected to show a -18,000 decline to 340,000, adding to last week’s decline of -15,000 to 358,000. Meanwhile, today’s continuing claims report is expected to show a +11,000 increase to 2.870 million, reversing part of last week’s -43,000 decline to 2.859 million. Today’s Aug U.S. trade deficit is expected to widen mildly to -$39.5 billion from -$39.1 billion in July. Today’s Sep new home sales report is expected to show an increase of +1.0% to 425,000, adding to the +7.9% increase to 421,000 seen in August. The Treasury today will sell $7 billion in 30-year TIPS. There are 47 of the S&P 500 companies that report earnings today with notable reports including PulteGroup, T Rowe Price, Coca-Cola, Dow Chemical, International Paper, Raytheon, Ford, 3M, Amazon.com, Microsoft. There are no equity conferences scheduled during the remainder of the week.
OVERNIGHT U.S. STOCK MOVERS
International Paper (IP -0.34%) reported Q3 EPS of $1.05, much better than consensus of 93 cents.
Ford Motor (F -0.45%) reported Q3 EPS of 45 cents, better than consensus of 38 cents.
Ratheon (RTN +2.99%) reported Q3 EPS od $1.51, well ahead of consensus of $1.33.
Starwood Hotels & Resorts Worldwide (HOT -0.28%) reported Q3 EPS of 71 cents, stronger than consensus of 63 cents.
Terex (TEX -3.37%) reported Q3 EPS of 77 cents, well above consensus of 59 cents, and raised guidance on fiscal 2013 EPS view to $2.05-$2.25 from $1.90-$2.10, above consensus of $1.98.
Visa (V -0.55%) increased its quarterly dividend to 40 cents a share from 33 cents.
Assurant (AIZ -1.20%) reported Q3 adjusted EPS of $1.68, well above consensus of $1.50.
Spartan Stores (SPTN -0.48%) reported Q2 adjusted EPS of 55 cents, stronger than consensus of 49 cents.
Everest Re (RE -1.42%) reported Q3 EPS of $4.81, better than consensus of $4.76.
Fortune Brands (FBHS -0.93%) raised guidance on fiscal 2013 EPS view to $1.47-$1.49 from $1.35-$1.43, stronger than consensus of $1.43.
Citrix (CTXS -1.04%) climbed 6% in after-hours trading after it reported Q3 EPS of 70 cents, better than consensus of 69 cents.
Swift Transportation (SWFT +1.24%) reported Q3 adjusted EPS of 29 cents, right on consensus, but reported Q3 revenue of $1.03 billion, better than consensus of $1.01 billion.
Skechers (SKX -0.71%) reported Q3 EPS of 53 cents, weaker than consensus of 61 cents.
Lam Research (LRCX -3.44%) reported Q1 EPS of 81 cents, better than consensus of 72 cents.
Symantec (SYMC -2.34%) fell over 10% in after-hours trading after it reported Q2 EPS of 50 cents, stronger than consensus of 44 cents, but then lowered guidance on fiscal 2014 EPS view to a loss of -1%-to up 1.5% from up 5%-7% against fiscal 2013.
AT&T (T +0.14%) reported Q3 adjusted EPS of 66 cents, better than consensus of 65 cents.
MARKET COMMENTS
Dec E-mini S&Ps (ESZ13 +0.37%) this morning are up +7.50 points (+0.43%). The S&P 500 index on Wednesday fell back on profit-taking after closing higher for 5 consecutive sessions. Bearish factors included (1) valuation concerns after the S&P 500 rose to 15.9 times estimated earnings Tuesday, close to a 4-year high, (2) negative carry-over from a slide in global stock markets on signs the PBOC may favor tighter monetary policy after China’s 7-day repurchase rate surged 47 bp as it has refrained from adding funds to the markets over the past week. Closes: S&P 500 -0.47%, Dow Jones -0.35%, Nasdaq 100 -0.62%.
Dec 10-year T-notes (ZNZ13 -0.06%) this morning are down -3 ticks. Dec 10-year T-note prices on Wednesday closed higher and the 10-year T-note slid to a 3-month low of 2.47%. Supportive factors included (1) the slide in global stocks that fueled safe-haven demand for Treasuries, and (2) speculation that the economy is not strong enough for the Fed to begin tapering its monthly bond purchases. Closes: TYZ3 +5, FVZ3 +0.75.
The dollar index (DXY00 -0.09%) this morning is down -0.074 (-0.09%) at a fresh 8-3/4 month low. EUR/USD (^EURUSD) is up +0.0024 (+0.17%) at a 23-month high and USD/JPY (^USDJPY) is down -0.03 (-0.03%). The dollar index on Wednesday fell to an 8-3/4 month low but bounced back and closed little changed as the slump in stocks lifted the safe-haven demand for the dollar. USD/JPY fell to a 2-week low as the yen strengthened on concern the PBOC may be leaning toward tighter monetary policy after the China 7-day repurchase rate jumped +47 bp to 4.05% as the PBOC has refrained from adding funds to markets over the past week. Closes: Dollar index +0.034 (+0.04%), EUR/USD -0.00049 (-0.04%), USD/JPY -0.755 (-0.77%).
Dec WTI crude oil (CLZ13 +0.35%) this morning is up +34 cents (+0.35%) and Dec gasoline (RBZ13 +0.43%) is up +0.0066 (+0.26%). Dec crude oil and gasoline prices on Wednesday tumbled to 3-3/4 month lows and closed lower. Bearish factors that included (1) the +5.246 million bbl jump in weekly EIA crude inventories to a 3-1/2 month high of 379.78 bbl, larger than expectations of +3.0 million bbls, (2) the 6.3% w/w increase in U.S. crude oil production in the week ended Oct 18 to 7.896 million barrels a day, a new 24-1/2 year high, and (3) data from China Oil, Gas & Petrochemicals showing that China Sep crude stockpiles rose +1.4% m/m to a record 237.6 million bbl. Closes: CLZ3 -1.44 (-1.46%), RBZ3 -0.0671 (-2.57%).
GLOBAL EVENT CALENDAR10/24/2013
| US | 0830 ET | Weekly initial unemployment claims expected -18,000 to 340,000, previous -15,000 to 358,000. Weekly continuing claims expected +11,000 to 2.870 million, previous -43,000 to 2.859 million. |
| 0830 ET | Aug trade balance expected -$39.5 billion, July -$39.1 billion. | |
| 0830 ET | USDA weekly Export Sales. | |
| 1000 ET | Sep new home sales expected +1.0% to 425,000, Aug +7.9% to 421,000. | |
| 1100 ET | Treasury announces amounts of 2-year T-notes (previous $33 billion), 5-year T-notes (previous $35 billion) and 7-year T-notes (previous $29 billion) to be auctioned Oct 28-30 | |
| 1300 ET | Treasury auctions $7 billion 30-year TIPS. | |
| GER | 0330 ET | German Oct PMI manufacturing expected +0.3 to 51.4, Sep 51.1. Oct services PMI expected unch at 53.7, Sep 53.7. |
| EUR | 0400 ET | Eurozone Oct PMI manufacturing expected +0.3 to 51.4, Sep 51.1. Oct services PMI expected unch at 52.2, Sep 52.2. Oct PMI composite expected +0.2 to 52.4, Sep 52.2. |
| UK | 0600 ET | UK Oct CBI trends total orders expected +1 to 10, Sep 9. Oct CBI trends selling prices expected +1 to 4, Sep 3. Oct CBI business optimism expected +10 to 17, Sep 7. |
| JPN | 1930 ET | Japan Sep national CPI expected +0.9% y/y, Aug +0.9% y/y. Sep national CPI ex fresh food expected +0.7% y/y, Aug +0.8% y/y. Sep national CPI ex food & energy expected unch y/y, Aug -0.1% y/y. |
| 1930 ET | Japan Oct Tokyo CPI expected +0.5% y/y, Sep +0.5% y/y. Oct Tokyo CPI ex-fresh food expected +0.3% y/y, Sep +0.2% y/y. Oct Tokyo CPI ex food & energy expected -0.3% y/y, Sep -0.3% y/y. | |
| 1950 ET | Japan Sep corporate service price index expected +0.8% y/y, Aug +0.6% y/y. |
U.S. STOCK CALENDAR10/24/2013
| Company Name | Ticker | Time | Event Description | Period | Estimate |
|---|---|---|---|---|---|
| Mead Johnson Nutrition Co | MJN US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.799 |
| Noble Energy Inc | NBL US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.967 |
| Diamond Offshore Drilling Inc | DO US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.161 |
| PulteGroup Inc | PHM US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.365 |
| Precision Castparts Corp | PCP US | Bef-mkt | Q2 2014 Earnings Release | Q2 2014 | 2.83 |
| Bemis Co Inc | BMS US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.603 |
| T Rowe Price Group Inc | TROW US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.965 |
| Boston Scientific Corp | BSX US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.092 |
| McKesson Corp | MCK US | Bef-mkt | Q2 2014 Earnings Release | Q2 2014 | 2.043 |
| Alexion Pharmaceuticals Inc | ALXN US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.792 |
| Coca-Cola Enterprises Inc | CCE US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.8 |
| AutoNation Inc | AN US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.766 |
| Dow Chemical Co/The | DOW US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.536 |
| EQT Corp | EQT US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.488 |
| Hershey Co/The | HSY US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.008 |
| Celgene Corp | CELG US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.543 |
| International Paper Co | IP US | Bef-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.925 |
| Ball Corp | BLL US | 6:00 | Q3 2013 Earnings Release | Q3 2013 | 0.932 |
| Starwood Hotels & Resorts Worldwide Inc | HOT US | 6:00 | Q3 2013 Earnings Release | Q3 2013 | 0.634 |
| Xcel Energy Inc | XEL US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 0.771 |
| Zimmer Holdings Inc | ZMH US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 1.243 |
| Altria Group Inc | MO US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 0.636 |
| Raytheon Co | RTN US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 1.331 |
| Colgate-Palmolive Co | CL US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 0.726 |
| Ford Motor Co | F US | 7:00 | Q3 2013 Earnings Release | Q3 2013 | 0.375 |
| Xerox Corp | XRX US | 7:15 | Q3 2013 Earnings Release | Q3 2013 | 0.249 |
| 3M Co | MMM US | 7:30 | Q3 2013 Earnings Release | Q3 2013 | 1.754 |
| Southwest Airlines Co | LUV US | 7:30 | Q3 2013 Earnings Release | Q3 2013 | 0.336 |
| Cameron International Corp | CAM US | 7:30 | Q3 2013 Earnings Release | Q3 2013 | 0.831 |
| FLIR Systems Inc | FLIR US | 7:30 | Q3 2013 Earnings Release | Q3 2013 | 0.322 |
| Zimmer Holdings Inc | ZMH US | 8:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Boston Scientific Corp | BSX US | 8:00 | Q3 2013 Earnings Call | Q3 2013 | |
| FLIR Systems Inc | FLIR US | 8:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Assurant Inc | AIZ US | 8:00 | Q3 2013 Earnings Call | Q3 2013 | |
| PulteGroup Inc | PHM US | 8:30 | Q3 2013 Earnings Call | Q3 2013 | |
| McKesson Corp | MCK US | 8:30 | Q2 2014 Earnings Call | Q2 2014 | |
| Equifax Inc | EFX US | 8:30 | Q3 2013 Earnings Call | Q3 2013 | |
| Franklin Resources Inc | BEN US | 8:30 | Q4 2013 Earnings Release | Q4 2013 | 0.865 |
| Franklin Resources Inc | BEN US | 8:30 | Q4 2013 Earnings Call - Pre-Recorded | Q4 2013 | |
| Hershey Co/The | HSY US | 8:30 | Q3 2013 Earnings Call | Q3 2013 | |
| 3M Co | MMM US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Altria Group Inc | MO US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Ball Corp | BLL US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Raytheon Co | RTN US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Dow Chemical Co/The | DOW US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Ford Motor Co | F US | 9:00 | Q3 2013 Earnings Call | C3 2013 | |
| Celgene Corp | CELG US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| International Paper Co | IP US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Leggett & Platt Inc | LEG US | 9:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Mead Johnson Nutrition Co | MJN US | 9:30 | Q3 2013 Earnings Call | Q3 2013 | |
| Cameron International Corp | CAM US | 9:30 | Q3 2013 Earnings Call | Q3 2013 | |
| Xcel Energy Inc | XEL US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Noble Energy Inc | NBL US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Diamond Offshore Drilling Inc | DO US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Precision Castparts Corp | PCP US | 10:00 | Q2 2014 Earnings Call | Q2 2014 | |
| Bemis Co Inc | BMS US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Alexion Pharmaceuticals Inc | ALXN US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Coca-Cola Enterprises Inc | CCE US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Teradyne Inc | TER US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| Xerox Corp | XRX US | 10:00 | Q3 2013 Earnings Call | Q3 2013 | |
| EQT Corp | EQT US | 10:30 | Q3 2013 Earnings Call | Q3 2013 | |
| Franklin Resources Inc | BEN US | 10:30 | Q4 2013 Earnings Call | C4 2013 | |
| Cabot Oil & Gas Corp | COG US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | |
| Chubb Corp/The | CB US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.901 |
| Cliffs Natural Resources Inc | CLF US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.746 |
| Flowserve Corp | FLS US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.84 |
| Amazon.com Inc | AMZN US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | -0.103 |
| Express Scripts Holding Co | ESRX US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.083 |
| Western Digital Corp | WDC US | Aft-mkt | Q1 2014 Earnings Release | Q1 2014 | |
| Wynn Resorts Ltd | WYNN US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 1.665 |
| Microsoft Corp | MSFT US | Aft-mkt | Q1 2014 Earnings Release | Q1 2014 | 0.542 |
| Cerner Corp | CERN US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.355 |
| Cincinnati Financial Corp | CINF US | Aft-mkt | Q3 2013 Earnings Release | Q3 2013 | 0.63 |
| Johnson & Johnson | JNJ US | FDA Adcomm, simeprevir, Hepatitis C |
How to Protect Yourself from Phishing Attacks - UK Net Guide
How to Protect Yourself from Phishing Attacks - UK Net Guide
How to Protect Yourself from Phishing Attacks
What you Need to Know
- Phishing is the name given to attempts to acquire sensitive information from individuals and companies through sending emails disguised to look like they are bona-fide.
- As well as sending out fraudulent emails, sophisticated phishing efforts can also involve the creation of genuine-looking websites.
- Alongside fake emails from banks and credit card companies, fraudsters also mock-up fake emails from social networking sites such as Facebook and Twitter.
- Many scams work by getting you to click on a link, usually one designed to look like it will take you to a genuine site. If you have any doubts that an email is really from who it says it’s from, never click on any links.
- Poor spelling and grammar and threatening language may indicate that an email is not what it seems.
- Hovering over links in an email with a web cursor can allow you to see where a link will lead, so make sure this matches the destination advertised.
What is Phishing?
Phishing is the practice of attempting to obtain sensitive information from individuals and companies through false pretences, usually by emails disguised to look like they are bona-fide. For example, fraudsters may craft and send an authentic-looking email to customers of a certain bank, informing them that there is a problem with their account and asking for personal information. Since these emails can look and feel genuine, many people do respond in good faith, parting with sensitive data and so placing themselves at risk of fraud.
As well as sending out fraudulent emails, sophisticated phishing efforts can also involve the creation of genuine-looking websites, again designed to lull you into a false sense of security and part with personal information or money.
Increasingly, criminals are taking advantage of the relatively lax attitude to online security of users of social networking sites such as Facebook, for example by sending messages claiming to be from social networking site administrators requesting sensitive information.
What Should You Look Out For?
The techniques used by online fraudsters constantly evolve, and phishing is no exception. As such, while some efforts look crude and are unlikely to fool anyone remotely web-savvy, some phishing emails can look genuine, incorporating official logos and signiatures. However, there still may be some tell-tale signs that an email is not genuine. Microsoft advises that the following should set alarm bells ringing;
- Poor Spelling and Grammar: Given that most cyber-criminals are more comfortable with computer code than the English language and given that most big businesses have an in-house team of writers and editors checking all correspondence before it is sent out, poor spelling and bad grammar suggest an email could be a scam.
- The Use of Threatening Language: To get you to click on a link or reply with sensitive information, fraudsters may use threatening language. For instance, an email could warn that your social networking site may be closed down or your credit card could be cancelled if you don’t take immediate action.
- Links in the Email: Many scams work by getting you to click on a link, usually one designed to look like it will take you to a genuine site. If you have any doubts that an email is really from who it says it’s from, never click on any links.
- A Lack of Personal Information: A genuine email from your bank or a social networking site will almost always contain some personal information – for example ‘Dear John’ at the beginning. Any email that begins with ‘Dear Customer’, therefore should be immediately treated with suspicion.
Note, however, that these are just some of the most-obvious ways of telling whether an email is genuine or not. Again, fraudsters are always using increasingly-sophisticated techniques, so the days when you can tell a fake email a mile away are long gone.
Top Tips for Guarding Against Phishing Scams
Despite the growing sophistication of scammers, savvy internet users can still keep themselves safe from phishing attempts by exercising a bit of common sense and more than a little caution;
- Preview Links: A common trick used by fraudsters is to make the text displayed for a link appear to be genuine, when in fact the link leads to a completely different site. To preview where a link will take you, hover your mouse over it for a second or two. With most web broswers, this will cause the link’s destination to be displayed in the lower-left-hand corner of your screen. Be wary of simply hovering a cursor over a link for a second and seeing what is displayed here, since tricksters can manipulate this as well.
- Don’t Assume: Remember that, just because an email contains accurate personal information about you, that does not make it genuine; fraudsters have ways of finding out your date of birth or maiden name, so don’t assume that, just because this information is correct that means the email’s genuine.
- Use Your Browser: Never click on a link sent to you in an email, even if you are almost certain it is genuine. Instead, find the web address of the company or organisation purportedly contacting you and type this into the address bar of your web browser yourself. It may be less convenient, but it’s certainly a lot safer.
- Upgrade: Most up to date browsers, including the latest versions of Firefox and Internet Explorercan warn you if you type an address into the address bar that is a known phishing site. Again, to benefit from these security measures, it’s good to get into the habit of typing in web addresses manually rather than clicking on links.
Reporting Phishing
If you receive a dodgy-looking email, don’t just ignore it. Instead, you should report it, for example by forwarding the suspect mail to the Anti-Phishing Working Group. Additionally, you should forward the email to the company that is being spoofed – for instance, if you received an email claiming to be from your bank, let them know.
Further Reading
- For more on protecting yourself from the dangers of the internet read our guide to protecting your computer from viruses.
- Microsoft also offers help on recognising phishing email messages with this informative guide.
- Criminals sometimes take a more long winded approach to phishing by forming online relationships with their targets. Read our guide to safe online dating for more details of such scams.
Cyber attacks targeting the energy sector on the rise
Cyber attacks targeting the energy sector on the rise
Alert Logic examined the rise of cyber attacks targeting the energy sector—an industry thought to be particularly at risk due to the highly confidential and proprietary information they possess, as well as the prevalence of BYOD and contractor access.
“The energy sector is a big part of the global economy and therefore has extremely high-stakes security risks compared to other industries,” said Stephen Coty, director, security research with Alert Logic.
“Daily survival of the population and businesses alike depend on the availability of energy resources, making energy companies a prime target for hackers. This Security Bulletin calls out the specific threats to energy companies and provides recommendations for fine tuning existing information security defenses," Coty added.
The energy sector is at an elevated risk of brute force and malware/botnet attacks:
67 percent of energy companies experienced brute force attacks, versus 34% of entire customer set. Attackers look for opportunistic points of vulnerability in networks housing confidential business information. Breaches of geophysical data, in particular, are intended to damage or destroy the data used in energy resource exploration. Brute force attacks are also used to steal a company’s intellectual property for the purpose of industrial espionage.
61 percent of energy companies experienced malware/botnet infiltration attacks, versus 13% of entire customer set. These attacks seek access to physical infrastructure systems that control pipelines and other key energy plant operations. Alert Logic found that technologies such as SCADA systems are vulnerable to hacking, while the emerging business practices of BYOD and BYOA (bring your own applications) in the workplace can be carriers of viruses and other malware.
“Unlike an attack on an e-Commerce site or SaaS application provider, a malware infiltration attack on an energy company could grow to catastrophic proportions if hackers were able to block or flood the oil and gas pipeline infrastructure,” Coty said. “This industry doesn’t see the typical web application attacks. It experiences a greater magnitude of security threats that could have global repercussions for years to come.”
Alert Logic examined the rise of cyber attacks targeting the energy sector—an industry thought to be particularly at risk due to the highly confidential and proprietary information they possess, as well as the prevalence of BYOD and contractor access.
“The energy sector is a big part of the global economy and therefore has extremely high-stakes security risks compared to other industries,” said Stephen Coty, director, security research with Alert Logic.
“Daily survival of the population and businesses alike depend on the availability of energy resources, making energy companies a prime target for hackers. This Security Bulletin calls out the specific threats to energy companies and provides recommendations for fine tuning existing information security defenses," Coty added.
The energy sector is at an elevated risk of brute force and malware/botnet attacks:
67 percent of energy companies experienced brute force attacks, versus 34% of entire customer set. Attackers look for opportunistic points of vulnerability in networks housing confidential business information. Breaches of geophysical data, in particular, are intended to damage or destroy the data used in energy resource exploration. Brute force attacks are also used to steal a company’s intellectual property for the purpose of industrial espionage.
61 percent of energy companies experienced malware/botnet infiltration attacks, versus 13% of entire customer set. These attacks seek access to physical infrastructure systems that control pipelines and other key energy plant operations. Alert Logic found that technologies such as SCADA systems are vulnerable to hacking, while the emerging business practices of BYOD and BYOA (bring your own applications) in the workplace can be carriers of viruses and other malware.
“Unlike an attack on an e-Commerce site or SaaS application provider, a malware infiltration attack on an energy company could grow to catastrophic proportions if hackers were able to block or flood the oil and gas pipeline infrastructure,” Coty said. “This industry doesn’t see the typical web application attacks. It experiences a greater magnitude of security threats that could have global repercussions for years to come.”
Monday, October 21, 2013
Saturday, October 19, 2013
Internet Security: Stop - Think - Click: Seven Practices for Safer Computing
Internet Security Stop - Think - Click: Seven Practices for Safer Computing
OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
Access to information and entertainment, credit and financial services, products from every corner of the world — even to your work — is greater than earlier generations could ever have imagined. Thanks to the Internet, you can order books, clothes, or appliances online; reserve a hotel room across the ocean; download music and games; check your bank balance 24 hours a day; or access your workplace from thousands of miles away.
The flip-side, however, is that the Internet — and the anonymity it affords — also can give online scammers, hackers, and identity thieves access to your computer, personal information, finances, and more.
But with awareness as your safety net, you can minimize the chance of an Internet mishap. Being on guard online helps you protect your information, your computer, even yourself. To be safer and more secure online, adopt these seven practices.
1. Protect your personal information. It's valuable.
Why? To an identity thief, your personal information can provide instant access to your financial accounts, your credit record, and other assets.
If you think no one would be interested in your personal information, think again. The reality is that anyone can be a victim of identity theft. In fact, according to a Federal Trade Commission survey, there are millions of victims a year. It’s often difficult to know how thieves obtained their victims’ personal information, and while it definitely can happen offline, some cases start when online data is stolen. Visit ftc.gov/idtheft to learn what to do if your identity is stolen.
Unfortunately, when it comes to crimes like identity theft, you can’t entirely control whether you will become a victim. But following these tips can help minimize your risk while you’re online:
- If you’re asked for your personal information — your name, email or home address, phone number, account numbers, or Social Security number — find out how it’s going to be used and how it will be protected before you share it. If you have children, teach them to not give out your last name, your home address, or your phone number on the Internet.
- If you get an email or pop-up message asking for personal information, don’t reply or click on the link in the message. The safest course of action is not to respond to requests for your personal or financial information. If you believe there may be a need for such information by a company with whom you have an account or placed an order, contact that company directly in a way you know to be genuine, like using a phone number from directory assistance. In any case, don’t send your personal information via email because email is not a secure transmission method.
- If you are shopping online, don’t provide your personal or financial information through a company’s website until have checked for indicators that the site is secure, like a lock icon on the browser’s status bar or a website URL that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some scammers have forged security icons.
- Read website privacy policies. They should explain what personal information the website collects, how the information is used, and whether it is provided to third parties. The privacy policy also should tell you whether you have the right to see what information the website has about you and what security measures the company takes to protect your information. If you don’t see a privacy policy — or if you can’t understand it — consider doing business elsewhere.
Words For The Wise
A hacker is a person who uses the Internet to access computers without permission. A spammer is someone who sends mass amounts of unsolicited commercial email. A virus is software that spreads from computer to computer and damages files or disrupts your system.
2. Know who you’re dealing with.
And know what you’re getting into. There are dishonest people in the bricks and mortar world and on the Internet. But online, you can’t judge an operator’s trustworthiness with a gut-affirming look in the eye. It’s remarkably simple for online scammers to impersonate a legitimate business, so you need to know whom you’re dealing with. If you’re shopping online, check out the seller before you buy. A legitimate business or individual seller should give you a physical address and a working telephone number at which they can be contacted in case you have problems.
Phishing: Bait or Prey?
“ We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.” “Phishers” send spam or popup messages claiming to be from a business or organization that you might deal with — for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message directs you to a website that looks just like a legitimate organization’s, but isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name. Don’t take the bait: never reply to or click on links in email or pop-ups that ask for personal information. Legitimate companies don’t ask for this information via email. If you are directed to a website or told to call a phone number to update your information, verify that the request is legitimate by calling the company directly, using contact information from your account statements. Or open a new browser window and type the URL into the address field, watching that the actual URL of the site you visit doesn’t change and is still the one you intended to visit. Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems. For more detailed information on How Not to Get Hooked by a "Phishing" Scam.
Free Software and File-Sharing: Worth the hidden costs?
Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.
But file-sharing can have a number of risks. If you don’t check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents. In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.
If you decide to use file-sharing software, set it up very carefully. Take the time to read the End User Licensing Agreement to be sure you understand and are willing to tolerate the side effects of any free downloads.
3. Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
Dealing with anti-virus, anti-spyware, and firewall protection may sound about as exciting as flossing your teeth, but it’s just as important as a preventive measure. Having intense dental treatment is never fun; neither is dealing with the effects of a preventable computer virus.
Anti-virus Software
Anti-virus software protects your computer from viruses that can destroy your data, slow your computer’s performance, cause a crash, or even allow spammers to send email through your account. It works by scanning your computer and your incoming email for viruses, and then deleting them.
To be effective, your anti-virus software should update daily with antidotes to the latest “bugs” circulating through the Internet. Most commercial anti-virus software includes a feature to download updates automatically when you are on the Internet.
What To Look For And Where To Get It
You can download anti-virus software from the websites of software companies or buy it in retail stores. Look for anti-virus software that:
- Removes or quarantines viruses.
- Updates automatically.
Anti-Spyware Software
Installed on your computer without your consent, spyware software monitors or controls your computer use. It may be used to send you popup ads, redirect your computer to websites, monitor your Internet surfing, or record your keystrokes, which, in turn, could lead to the theft of your personal information.
Clues that spyware is on a computer include:
- A barrage of popup ads
- A hijacked browser — that is, a browser that takes you to sites other than those you type into the address box
- A sudden or repeated change in your computer’s Internet home page
- New and unexpected toolbars
- Unexpected icons on the system tray at the bottom of your computer screen
- Keys that don’t work
- Random error messages
- Sluggish or downright slow performance when opening programs or saving files.
You can take steps to limit your vulnerability to spyware:
- Update your operating system and Web browser software. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit. Make sure to set your browser security high enough to detect unauthorized downloads.
- Download free software only from sites you know and trust. It can be appealing to download free software like games, file-sharing programs, customized toolbars, or other programs that may change or customize the functioning of your computer. Be aware, however, that many free software applications bundle other software, including spyware.
Firewalls
Don’t be put off by the word “firewall.” It’s not necessary to fully understand how it works; it’s enough to know what it does and why you need it. Firewalls help keep hackers from using your computer to send out your personal information without your permission. While anti-virus software scans incoming email and files, a firewall is like a guard, watching for outside attempts to access your system and blocking communications to and from sources you don’t permit.
Some operating systems and hardware devices come with a built-in firewall that may be shipped in the “off” mode. Make sure you turn it on. For your firewall to be effective, it needs to be set up properly and updated regularly. Check your online “Help” feature for specific instructions.
If your operating system doesn’t include a firewall, get a separate software firewall that runs in the background while you work, or install a hardware firewall — an external device that includes firewall software. Several free firewall software programs are available on the Internet.
Don't Become A Zombie Drone
Some spammers search the Internet for unprotected computers they can control and use anonymously to send unwanted spam emails. If you don’t have up-to-date anti-virus protection and a firewall, spammers may try to install software that lets them route email through your computer, often to thousands of recipients, so that it appears to have come from your account. If this happens, you may receive an overwhelming number of complaints from recipients, and your email account could be shut down by your Internet Service Provider (ISP).
4. Be sure to set up your operating system and Web browser software properly, and update them regularly.
Hackers also take advantage of Web browsers (like Internet Explorer or Netscape) and operating system software (like Windows or Linux) that are unsecured. Lessen your risk by changing the settings in your browser or operating system and increasing your online security. Check the “Tools” or “Options” menus for built-in security features. If you need help understanding your choices, use your “Help” function.
Your operating system also may offer free software “patches” that close holes in the system that hackers could exploit. If possible, set your operating system to automatically retrieve and install patches for you. If your system can’t do this, bookmark the website for your system’s manufacturer so you can regularly visit and update your system with defenses against the latest attacks. Updating can be as simple as one click. Your email software may help you avoid viruses by giving you the ability to filter certain types of spam. It may be up to you to activate the filter.
If you’re not using your computer for an extended period, disconnect it from the Internet. When it’s disconnected, the computer doesn’t send or receive information from the Internet and isn’t vulnerable to hackers.
5. Protect your passwords.
Keep your passwords in a secure place, and out of plain view. Don’t share your passwords on the Internet, over email, or on the phone. Your Internet Service Provider (ISP) should never ask for your password.
In addition, hackers may try to figure out your passwords to gain access to your computer. To make it tougher for them:
- Use passwords that have at least eight characters and include numbers or symbols. The longer the password, the tougher it is to crack. A 12-character password is stronger than one with eight characters.
- Avoid common words: some hackers use programs that can try every word in the dictionary. • Don’t use your personal information, your login name, or adjacent keys on the keyboard as passwords.
- Change your passwords regularly (at a minimum, every 90 days).
- Don’t use the same password for each online account you access.
One way to create a strong password is to think of a memorable phrase and use the first letter of each word as your password, converting some letters into numbers that resemble letters. For example, “How much wood could a woodchuck chuck” would become HmWc@wcC.
6. Back up important files.
If you follow these tips, you’re more likely to be more secure online, free of interference from hackers, viruses, and spammers. But no system is completely secure. If you have important files stored on your computer, copy them onto a removable disc or drive, and store them in a safe place.
7. Learn who to contact if something goes wrong online
Hacking or Computer Virus
If your computer gets hacked or infected by a virus:
- Immediately disconnect your machine from the Internet. Then scan your entire computer with fully updated anti-virus and anti-spyware software, and update your firewall.
- If your computer is infected and you can’t get it to recover in any other way, you can buy software to “wipe” — or erase — the hard drive. You’d then have to reinstall the operating system, and any other files you wish to use.
- Take steps to minimize the chances of another incident.
- Alert the appropriate authorities by contacting:
- your ISP and the hacker’s ISP (if you can tell what it is). You can usually find an ISP’s email address on its website. Include information on the incident from your firewall’s log file. By alerting the ISP to the problem on its system, you can help it prevent similar problems in the future.
- the FBI at www.ic3.gov. To fight computer criminals, they need to hear from you.
Internet fraud
If a scammer takes advantage of you through an Internet auction, when you’re shopping online, or in any other way, report it to the Federal Trade Commission, at ftc.gov. The FTC enters Internet, identity theft, and other fraud-related complaints into a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
Deceptive Spam
If you get deceptive spam, including email phishing for your information, forward it to spam@uce.gov. Be sure to include the full header of the email, including all routing information. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group — a consortium of ISPs, security vendors, financial institutions and law enforcement agencies — uses these reports to fight phishing. For more detailed information on 10 Scams to Screen from Your Email.
Divulged Personal Information
If you believe you have mistakenly given your personal information to a fraudster, file a complaint at ftc.gov, and then visit the Federal Trade Commission’s Identity Theft website at ftc.gov/idtheft to learn how to minimize your risk of damage from a potential theft of your identity.
Parents
Parental controls are provided by most ISPs, or are sold as separate software. Remember that no software can substitute for parental supervision. Talk to your kids about safe computing practices as well as the things they're seeing and doing online.
OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
Subscribe to:
Posts (Atom)
BookMark
