Tech Firm Reveals Top Ten Security #Fails

Hosting company UKFast reveals the top ten cyber security howlers of 2012 that are leaving oblivious users at risk.

Manchester, United Kingdom, July 13, 2012 --( Hosting specialist UKFast has revealed the top ten cyber security gaffes of the year so far, highlighting the shocking levels of ignorance amongst the British public when it comes to online security.

Stuart Coulson, director of data centres at the Manchester-based firm explained that although some people may laugh at the major security mishaps of naive web users, many of us underestimate the value of the information we post online and the serious implications if it’s compromised.

Coulson said: “As a society we rely on technology more than ever nowadays. We communicate through social networks, pay bills and manage our bank accounts online, and carry a wealth of personal data around with us on our mobile phones.

“We are so comfortable sharing information on the net that people don’t realise that their over-sharing could hand cybercriminals access to their bank accounts and leave them vulnerable to identity fraud.”

Here’s UKFast’s shortlist of biggest cyber security blunders:

1. Not realising the value of images you post online

Accounts like @NeedaDebitCard are highlighting how oblivious to risk many users are, by retweeting photos Twitter users have posted of their credit and debit cards.

With card details in the image including cardholder’s name, number and expiry, cybercrims are left only to decipher the cv code on the back – which has only 1,000 possible combinations.

2. Sharing your contact details with the world

How many times have you seen a message like this pop up on your Facebook feed: “Hey guys, I’ve got a new mobile, my number is 07890 123 456. via Facebook for iPhone”?

This user has just informed the world – on their unsecured Facebook account which grants everyone access to their timeline – that they have a shiny new iPhone and how to send targeted spam to them on it. And if they have location services enabled, they are also telling phone thieves where they can find a shiny new smartphone.

Which leads us to...

3. Checking-in

Sharing your arrival in the Bahamas on FourSquare, tweeting with location services enabled from the airport as you set off for “two weeks in the sun” may seem like innocent boasting but in conjunction with a previous check-in at “home” you have just told the world where your house is. And that it will be empty, and free to burgle, for two whole weeks.

4. Type your password here

Moving away from social media, password security is a key factor of all online security but how freely do we give them away? Sites that offer free password strength checks are, more often than not, data-mining exercises that trick users into handing over their log-in details for everything from Facebook to your online bank account.

5. Password re-use

While on the topic of passwords, how many different passwords do you have? Having one password that you recycle across all of your online accounts means that once one account is compromised, hackers can use the same password to access every account – and do what they please online while pretending to be you.

6. QR codes

Now a ubiquitous marketing tool in most modern countries, the QR code is a 2D image that is scanned by a mobile device’s camera, launches the web browser and opens the webpage to which the code is linked.

These codes appear on stickers on the underground, flyers in the street and social media avatars and we scan them without knowing where they lead – could be to a marketing campaign, could be to a malware download.

7. Public computers

If you stay logged in on a public computer, whoever uses the computer after you has access to that account. Yes, this applies to the iPad that you logged into Facebook on in the Apple store.

8. Public wifi

When using public wifi your connection is unsecured. Anyone can simply jump aboard and find out what you are doing on your device. Public wifi is therefore definitely not appropriate for online banking.

9. Dodgy downloads

Despite warnings since the dawn of the internet, web users are still downloading files, software, or apps despite having no idea what they are or where they come from, potentially infecting their devices with malware or spyware for example.

10. Shortlinks

Link shorteners like are an essential part of sharing the latest news with the world on social networks, but how do you know where the link leads to? It could take you to a dodgy download or load a strictly NSFW website.
Alice Gibson
0844 576 3909