[access-uk] Re: online fraud
- From: <alex.thynne@xxxxxxxxxxxx>
- To: <access-uk@xxxxxxxxxxxxx>
- Date: Wed, 12 Mar 2008 10:41:14 -0000
thank you Tris for this and I will also take the opportunity to thank Andrew
and Jackie as well. I feel generally much more reassured, and the tip about
checking the url when purchasing I will remember and take on board. With
sincere thanks to you all
Alex
skype name: grytpype2006
windows live messenger name: alex.thynne@xxxxxxxxxxxxx
-----Original Message-----
From: access-uk@xxxxxxxxxxxxx [mailto:access-uk@xxxxxxxxxxxxx]On Behalf
Of Tristram Llewellyn
Sent: 12 March 2008 09:46
To: access-uk@xxxxxxxxxxxxx
Subject: [access-uk] Re: online fraud
Firstly, if you buy with a credit card the contract is between the the
credit card company and vendor, therefore within reason the credit card
company has the responsibility for the transaction if anything goes
wrong and usually goods are ensured during that transaction to you door.
Secondly, generally if you have an https in your address bar you can
normally assume that you have an SSL connection to the site you are on
and this will make you pretty safe however if you havve something in
your PC that is designed to steal data the SSL connection will not help
you, the SSL connection is designed to stop your transaction being
intercepted from outside. An SSL connection is one where you have an
encrypted connection directly to the website that you are on. This will
almost certainly be true when you are on your home PC, however if by
some chance you at your workplace or in a public wi-fi spot you cannot
assume the connection is directly between you and the site you are on
therefore you are open to evesdropping or deliberate attack. In the
workplace there will be a workplace server and you and this connection
will not be encrypted but the connection between the workplace server
and site will be because the workplace server will be able to issue
certificates on your behalf. You should never shop onlne on a public
wi-fi spot you are out in the clear and any SSL connection could be
compromised unless you use some form of VPN connection so that
everything you are sending in the clear is already encrypted.
One potential solution if you are really worried about your card details
you probably shouldn't use them with a site you don't trust. Quite a
useful way around this is something called "secure cards" from Paypal
(if you have an account). Paypal secure cards are a one time use
credit/debit card number you can use for sites you are completely sure
of or where you think you may be at increased risk of fraud. In this
case even if an attacker does steal the number it will be of no use to
them because it can only be used once in a transaction.
I have used online shopping fairly solidly for the last four or five
years and brought quite a few things including big ticket items. I have
so far not had a problem. The only thing that would concern me is that
some of the online shop fronts can be vulnerable to attack and that the
usual username and password login isn't really quite safe enough in this
modern day age. I would like to see more retailers use something like
OpenID or the Verisign key fobs so when you logged in whoeveer you were
going to could be more sure you are who you say you are (if that makes
any sense).
Regards.
Tristram Llewellyn
tristram.llewellyn@xxxxxxxxxxxxxxxxxxx
Technical Support
Sight and Sound Technology
-----Original Message-----
From: access-uk@xxxxxxxxxxxxx [mailto:access-uk@xxxxxxxxxxxxx] On Behalf
Of alex.thynne@xxxxxxxxxxxx
Sent: Wednesday, March 12, 2008 8:55 AM
To: access-uk@xxxxxxxxxxxxx
Subject: [access-uk] online fraud
Hi
I was listening to something on BBC breakfast about the 25% rise in
credit/debit card fraud and online fraud. The person being interviewed
said
that if you purchase something online you should generally be safe,
particularly so if you see a padlock when you go to the ordering page.
I've
heard of SSL security and secure sites, but is there anything else that
I
should watch out for that jaws is telling me. I don't have any sight at
all
so it sounds as if this padlock thing is an icon or a picture of some
sort
on screen, so anything that people can give me that reassures me would
be
gratefully accepted.
Alex
skype name: grytpype2006
windows live messenger name: alex.thynne@xxxxxxxxxxxxx
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
Other related posts:
