Be Safe!

Some ARM-LP tips to be safe online…


Follow this simple three step program...
Three Steps


  1. Use someone’s middle name — not your own
  2. Write it with a single Capital letter and at least one number or special character
  3. Add phrases, whether silly or not
  4. Use spaces in the password.

For example?

A Sensible Password Phrase with 31 characters Yos3f 1s my d@ughter’s husband
A Silly Password Phrase with 36 characters M@rni3 is n3!ther my cat n0r my dog


Email scams are a very serious problem. Malware is used to find email addresses stored within the iNfected computer, and then to use those addresses in two nefarious ways:

1. to create credible forged From fields in the emails that they send, so that these emails are more likely to be opened, and

2. as intended targets for an email scam

For example?

Sara sends Judith an infected email. Judith opens it, the malware infects her computer, and freely searches her address book. It finds 942 addresses, among them those of Rabbi Monica and Cantor Joel. Judith’s computer sends an infected email to Rabbi Monica. The email appears to be sent by Cantor Joel, however, and even though his email server detects the malware it is unaware that it was sent via Judith’s computer – and so is Judith.


Php.Net offers these important perspectives (your browser will open a new tab)...
1. The Internet is filled with people trying to make a name for themselves by breaking your code, crashing your site, posting inappropriate content, and
2. Many cracking programs do not discern by size, they simply trawl massive IP blocks looking for victims.

Form spoofing is one of the easier ways to be victimised by criminals online.

Websites use forms to collect information. Your website, for example, may have a contact form to collect a user’s email address, after which it will send an email to someone in your community. Most contact forms simply have a place to input text. Some may use buttons or checkboxes to collect additional input.

Email contact forms are common, convenient, and do add some level of security. They can, however, be much more secure – and they should be.

A completely secure system is impractical, and so it is probably impossible. Are you going to install biometric validations, such as retinal scans or fingerprints? Likely not – and even if you did, a relatively simple form might take 10 minutes to fill out. It’s impractical, and so it is probably impossible.

You need to balance usability and risk, but it’s reasonably simple to spoof a form — and reasonably easy to target harden the form.




Security By Design

Your obligation to your users is to make form spoofing extremely difficult. It’s vital that your contact form be designed to produce maximum security with minimal inconvenience.

  • Some contact forms permit users to email multiple contacts. Avoid this.

Your user can only send a single email on the form. Permitting multiple contacts from the same form simply sends one email to many people. Where is the convenience in this?

  • Your content management system has form design options. Use these with caution.

Form design plugins are amazing technologies. Coding for security, however, is not necessarily a top-of-mind consideration. Speak to your IT expert to assess whether additional PHP scripting should be added to make the form more secure.

Security By Obscurity

In other contexts, this should be avoided. In this discussion, however, security by obscurity simply means that your forms use a practical, unobtrusive security system to let the user simply fill out the form and move on.

Complexity can invite security breaches: inconvenience is something users will try to find a way to overcome, even if it makes them safer.

[/su_tab] [/su_tabs]


Skip to toolbar