Analyzing securewebsites

EC05.02b Internet Security Issues 1

E-Commerce I

Analyzing Secure Websites


Secure websites

DefinitionSecurity confirmation


What is a secure website?

A secure website is one that uses data encryption to protect all information.


How can you tell a site is secure?There are three ways to confirm that a website is secure:

Click the VeriSign icon to verify that the certificate is valid.

A secure page should include a small padlock symbol displayed on the bottom line of your browser.

On a secure page, in the browser address box, the URL will begin with an https: prefix rather than the standard http: prefix. The s means that the page is secure.


Identity theft

DefinitionTypes of identity theft

Examples of identity theft Protect against identity theft


Definition

Any instance where a person uses someone else's identification documents or other identifiers in order to impersonate that person.

It intrudes into many areas of people’s daily lives.


Types of identity theft

Financial fraud - includes bank fraud, credit card fraud, computer and telecommunications fraud, social program fraud, tax refund fraud, mail fraud, and several more.



Criminal activities - involves taking on someone else's identity in order to commit a crime, enter a country, obtain special permits, hide one's own identity, or commit acts of terrorism.



Credit card fraud is identity theft in its most simple and common form. It can be accomplished either by a thief who steals your account number or when your pre-approved credit card offers fall into the wrong hands.


Common modes of identity theft:Dumpster diving - Dug out of trash cans and

dumpstersMemorized or copied by sales clerks and waiters Removed from mailboxes in the form of tax

notices, financial account statements, and other bills

Removed from your employer's files, either secretly or with the help of an inside accomplice

Removed from hospital records, usually with the help of an inside accomplice

Removed from your financial lender's files

Examples of identity theft


Common modes of identity theft:Removed from your landlord's files Purchased (or found free) in online (or offline)

databases Collected from "cloned" Web sites - someone

may recreate a legitimate merchant Web site in order to capture your personal information and credit card information when you place an order.

Stolen from a merchant database through computer hacking (not as simple as other forms of theft)

Snatched using software that mirrors keystrokes to capture credit card account information

More Examples of identity theft


Ways to protect yourself

DON'T give out your Social Security number unless it’s critical.

DESTROY any unwanted credit card offers. ONLY include your name and address on

checks. SHRED (cross-cut) any sensitive documents

before discarding. DON'T carry your Social Security card, passport,

or birth certificate in your wallet or purse. REVIEW your credit report annually to verify its

accuracy.


More Ways to protect yourself

NEVER give out personal information on the phone to someone you don't know and who initiated the call.

REVIEW your credit card statement each month to make sure there are no unauthorized charges.

DON'T mail bills or documents that contain personal data (like tax forms or checks) from your personal mail box.

If you're ever denied credit, FIND OUT WHY. REACT QUICKLY if a creditor calls about charges

you didn't make. GUARD deposit slips as closely as you do checks.


What is Netiquette?

"Netiquette" is network etiquette, the do's and don'ts of online communication.

Netiquette includes both common courtesy online and the informal "rules of the road" of cyberspace.

In other words, Netiquette is a set of rules for behaving properly online.


Core Rules of Netiquette

Rule 1: Remember the Human

Rule 2: Adhere to the same standards of behavior online that you follow in real life

Rule 3: Know where you are in cyberspace

Rule 4: Respect other people's time and bandwidth

Rule 5: Make yourself look good online

Rule 6: Share expert knowledge

Rule 7: Help keep flame wars under control

Rule 8: Respect other people's privacy

Rule 9: Don't abuse your power

Rule 10: Be forgiving of other people's mistakes

http://www.albion.com/netiquette/corerules.html


Sources

“Electronic Commerce.” 1999. http://www.wapa.gov/CorpSrvs/procurmt/ecomm.htm (2 Jan 2006).

Stein, Lincoln D. “WWW Security FAQ: What’s New.” 2000. http://www.w3.org/Security/Faq/www-security-faq.html (2 Jan 2006)

Strom, David. “The Challenge of Electronic Commerce: Selling Lemonade has Never Been This Tough.” 2000. http://www.strom.com/pubwork/ecommerce.html (2 Jan. 2006).

“Bureau of Industry and Security.” US Department of Commerce http://www.bis.doc.gov/ComplianceAndEnforcement/E-Commerce.htm (2 Jan 2006)

Electronic Commerce NC WiseOwl http://www.mywiseowl.com/articles/Electronic_commerce (2 Jan 2006)

Kennedy, Dennis, An Internet Tool Kit for E-Commerce Law Jan 15, 2001 The John Marshall Law School (2 Jan 2006)

Analyzing securewebsites

Education

Transcript of Analyzing securewebsites