Posts Tagged ‘Security’


Are you one of those who never Reads to the TOS of any website, but readily clicks on the ‘I agree’ button just to proceed. Some terms and conditions are valid, some are stupid, but they can also border on the absurd and cause a busload of problems, warns ET. This was widely reported about a year back – about 7,500 people unknowingly sold their souls to Brit online gaming software retailer Gamestation. As a prank, the retailer added an ‘Immortal Souls’ clause into their terms and conditions (T&C ), legally awarding them the ‘souls’ of customers who bought from them.

But when do terms and conditions become something more than standard operating procedure – when do they become ransom notes? The consumer is forced to agree to the terms in order to proceed – whether it is to use a service or install software. Take for example, the terms and conditions as stated by one of the most popular DTH service providers in India.

“We reserve the right at any time, without prior notice to you, to add or vary all or any of these terms and conditions or to replace, wholly or in part the offers made to you or to withdraw them completely.” Take a moment to read that again. By agreeing to these terms, you are literally agreeing to anything and everything they may ask of you, now or in the future, as long as you’re availing their services. There aren’t too many ways out of it, other than opting for another service provider altogether. But needless to say, we do need to start reading through the terms more often. These are some of the things to look for before you click ‘I accept’.

Photo sharing & printing websites

You own intellectual property rights to your photographs. But what happens if you upload them to a photo sharing website? Who owns them if you upload them to a stock photo site? Or to a photo printing website? In a 2011 report by, it was found that several photo sharing/ printing websites retain the right to use your photographs in any way they see fit in a “perpetual and irrevocable” manner. Check before uploading.

Sharing personal info on email

Notice how the text ads in your email inbox are creepily ‘right on the money’ ? All the baby clothing store ads appear if you’ve had a baby. Camera stores appear if you’re a photographer and local restaurants pop up if you’re discussing a dinner date with a friend.

Targeted ads – especially those that are accurately targeted with location and demographics – can earn a lot of money. You, by agreeing to the terms, become the conduit.

Buying online or booking tickets

This is one area where there can be a lot of ambiguity. Do manufacturer warranties apply on products you buy online? What happens in case of a defect or if you need to return the item?

In case of airline tickets, prices are volatile, and you need to read the fine print to make sure that you can return the tickets and get a refund if you need to. Many ‘special fare tickets’ are sold on the condition that they may not be returned/refunded.

Online shopping

Did you ever give a thought to how your name and email address finds its way to various websites you never even heard of? Whenever you sign up for newsletters, sign up to comment on an article you read or sign up for a community forum, your information could be misused.

Not only will the offending website start sending you email spam (special offers, notices), they could even sell your email ID to third parties without your consent.

Free mobile apps Many so-called free apps for your smartphone or tablet are ad-supported . But read through the terms – the app could be accessing your personal information – mainly to deliver targeted ads. Also, as mobile ads will be delivered whenever the app is active, which means they count towards your data usage at the end of the month.

Protecting Twitter & Facebook accounts

Increasing trend points towards websites allowing you to sign in and start using their services, simply by using your existing Twitter or Facebook ID. The advantages are that a registration process is skipped, encouraging more users – but the website still gets to identify visitors and get more info about them. This is officially allowed using Facebook connect and Twitter Sign in.

But beware, because you might find automated posts and tweets being sent on your behalf. Check what kind of permissions you are granting to the website or app before you allow access to your Facebook or Twitter account – if it says “allow app/site to post/ send tweet” or “Grant permission to post on your behalf to Facebook”, cancel and run.

Ever wondered which are the most riskiest Web domains you may not want to visit? Domains which host (or are rather used to host) maximum malware or codes that can launch a virus, phising or a botnet attack on your PC ? As per the recent research from a leading Security agency here’s the top riskiest Web domains you may want to know and be aware of who knows you may be a victim of the same ;( (


    1) Cameroon (.cm)

Topping the list is Africa’s Cameroon (.cm) which has overthrown Hong Kong (.hk) as the Web’s riskiest domain. Entering for the first time in the list, Cameroon, a small African country that borders Nigeria, jumped to the number one spot this year with 36.7% of the .cm domain posing a security risk.

According to the report, because the domain .cm is a common typo for .com, many cyber criminals set up fake typo-squatting sites that lead to malicious downloads, spyware, adware and other potentially unwanted programmes. Last year’s riskiest domain, Hong Kong (.hk) dropped to 34th place with a risk rating of only 1.1%.

    2) Samoa (.ws)

Samoa (.ws) Domains with an overall risk percentage of 17.8%. Last year the domain posed a security risk of 3.8%. The report rates Samoan-registered domains risky primarily for their phishing and malicious download activity. Among country domains, the People’s Republic of China (.cn) and Samoa (.ws) have remained in the top 5 riskiest domains since last year.

    3) Information (.info)

The information (.info) domain is the most “spammy,” domain with 17.2% of its sites generating junk mail.

The domain has an overall risk of 15.8%, as compared to 11.7% in 2008. The risk associated with .info registered domains is largely spam related.

    4) Philippines (.ph)

This domain has an overall risk level of 13.1%, compared to 7.7% last year. Philippines (.ph) registered sites are more similar to China than Samoa, with risk weighted towards spam and phishing than related to downloads.

    5) Former Soviet Union (.su)

This domain poses a security risk of 5.2%. The report says risky registrations using the former Soviet Union (.SU) domain are evenly distributed between phishing and risky download activity.

    5) Russia (.ru)

Russia (.ru) domains asan overall risk percentage of 4.6%. Last year, the domain posed a security risk of 6%.
Russian (.RU) registered site risk is distributed in a roughly 3:2:1 ratio for malicious downloads, phishing and spam.

    6) Singapore (.sg)

The .sg domain has an overall risk of 4.6%, compared to 0.3% last year. According to the report, Singapore (.sg) registered sites were evenly distributed between spam and download activity.

The ratio’s calculated here are based on the global share of malware or codes, virus, phising or a botnet attack generated this year, no offence to any country or existing domain Holders, my sincere Disclaimer 🙂