Instant Messaging – Reducing The Risks
Posted by cotojo on September 12, 2007
The internet has revolutionised the way in which we communicate with email replacing snail mail and the introduction of real-time Instant Messaging (IM).
The most popular and widely used IM services are MSN Messenger, Yahoo Messenger, AOL AIM, and ICQ. Regardless of which of these you may use, they all provide an interface for one-to-one communication or group conversations.
These programs however have opened up a whole new area for spammers and hackers to target. Using IM you can obtain the latest weather reports, movie listing etc, but you are dealing with a ‘chat robot’, also known as a ‘bot’. Now the software behind this can in some instances fool you into believing that the responses are from a real person, especially the more sophisticated versions used by hackers.
These IM programs are free to use, but are also extremely vulnerable to exploitation. They allow you to transfer files quite freely, which may already be infected with a destructive virus, Trojan horses or worms, and to have unencrypted chat sessions, which to many hackers is an open door. Some IM clients also allow peer-to-peer file sharing which potentially means that other users have access to the hard discs of other users.
Protecting yourself is a simple combination of common sense, vigilance and a few essential security tools, such as a firewall and real time anti-virus program.
Because IM is real-time, malicious attacks spread very quickly and can do an enormous amount of damage in a very short period of time.
The default security settings in IM programs are very low to make it easier to use, but this also leaves you more open to attacks. There’s also a new breed of IM worms. To your friends it appears as though they’re receiving a message from you, but the truth is the message is generated by a worm, and may contain a link to a Web site that automatically downloads another bit of malicious code.
IM is a prime target for online scams, identity theft and other predatory behavior.
These tips will help to make IM more secure:
Use a strong password and change it frequently.
Regularly update your IM software, operating system and security programs.
Do NOT enter any personal information.
Do NOT open any attachments or click on any web links sent to you by an unknown person.
If you know the identity of the person who sent you a link, hover your cursor over it to check that it is a legitimate link.
Be very careful of if a person on your allowed list starts sending odd messages, best advice is to shut down your IM program immediately.
Spim is spam sent over IM containing offensive language or links to web sites which cam also trigger an avalanche of pop-up ads, Spyware and Trojans.
There are ways to limit this, but the settings that enable you to do this mean that anyone not on your ‘buddy’ list will be blocked. This is a good thing, it protects you.
MSN Messenger: Once you’re logged in, click on Tools then Options, and select Privacy. Check mark the ‘Only people on my Allow List can see my status and send me messages’ box. The Privacy tab also allows you to add or remove people on the Allow List, as well as allowing you to see which other MSN users have added you to their contact list.
Yahoo Messenger: Click the Login menu and select Preferences. Select Privacy in the left pane of the Yahoo Messenger Preferences window, and tick the ‘Ignore anyone who is not on my Friend list’. To prevent spim through Yahoo, choose the ‘Do not allow users to see me online and contact me’ in the ‘When people see my ID on Yahoo Web sites’ section.
AOL Instant Messenger: Click My AIM, Edit Options, Edit Preferences to open the preferences window. Select Privacy in the left pane, and then tick the ‘Allow only users on my buddy list’ option under the ‘Who Can Contact Me’.
ICQ: Click the Main button, select Security and Privacy Permissions. Click Communication Events in the left pane, and then fill in the radio buttons under either the yellow check mark icon (this will limit these actions to users on your contact list) or the red X icon (which will prevent anyone from sending you these things). Click Spam Control in the left pane, fill in all the check boxes in the right pane, and select ‘All users’ next to the item labeled ‘Do not accept Multi Recipient Messages from’.
This entry was posted on September 12, 2007 at 3:53 pm and is filed under Instant Messaging, Security. Tagged: cookies, ICQ, identity theft, IM, Instant Messaging, malicious, MSN, Real-Time, Scams, Security, spam, surfing, trojans, virus, windows, Yahoo. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.