Beware of Fishing (Phishing)!

Hey, guys! Today I gonna share a case of phishing to you guys. What is phishing? It is pronounced as 'fishing' due to it was quite similar to fishing. During fishing, we need to provide a bait then wait for the fish to eat our bait and finally pull the fish up from the water interface. In phishing, all the steps occur in fishing are almost the same except the method and items is a bit different. The bait is replace by the email, SMS, MMS or even phone call whereas the fish is internet users, individual or organization community.

The case of phishing that I gonna share here is the email phishing. Few days ago, I just received an email from HSBC bank and the content of email shown in figure 1.

Figure 1: Phishing email

This email mentioned that I had a change in my personal information or submitted incorrect information during my registration for HSBC bank. However, I felt a bit of suspicious to this email because I don't even have any account in this bank yet nor register myself in this website before. Therefore, I consider it as a fraud email. Somehow, I was quite curious to the link that suggested in the email. Thus, I copy the link and put it to the URL of my browser and I notified that the link's protocol is a HTTPS.

As I learned from my Technology and Information System class, HyperText Transfer Protocol Secure (HTTPS) protocol is consider as a secure channel which used to transfer our personal information such as credit card number, personal identity and etc rather than using HyperText Transfer Protocol (HTTP). Most of the phishing email will give the link that used HTTP rather than HTTPS. However, these bad guys use HTTPS to perform their evil plans. After I browse through the link and I found out that its interface is almost the same as the interface in the real HSBC bank web page. Below are the figure of real and fake HSBC web page.

Figure 2: Real HSBC web page

Figure 3: Fake HSBC web page

The fake HSBC web page is similar to the real HSBC web page as we can see from the figure 2 and 3. The difference of both web page is not much because most of the functions included in real HSBC web page can be found in the fake HSBC web page and almost all of the functions can be use too. From this case, we can see that the phishing technique of the hacker is getting mature than before.

Besides that, I will ended my case here because I do not perform any further action beyond this point. Since I have share my case, thus I will also share some tips for you guys to avoid from becoming victim of phishing.

Below are the tips of prevent from phishing:
1. Do not simply click on the link of any email from unknown/known senders (especially spam mail) including bankers, organization or even your best friends.
2. If you really want to browse through the link, please copy it and paste it into your browser URL.
3. You can also use some URL checker to check for the link and see whether it is a suspicious link. Here is one of the free online URL checker, McAfee TrustedSource.
4. Check the link whether is HTTP or HTTPS. HTTP is the most common channel used by the hacker whereas HTTPS is far more less use than HTTP.
5. If you receive a instant messaging message that have link from your friends, then do not click on it. Some of the link may have virus or annoying message.
6. If you receive any unknown caller phone, please do not simply give your information to them unless you have confirm their identity.

My conclusion for this case is this phishing email might look real and it might threat some internet users. Therefore, I hope you guys can learn from my case and try to avoid from threaten by phishing message again. Ok, that's all for today. Thanks for reading.

*Above point of view are personal thought thus it might not be 100% correct.

My Life

Hey, guys! I have been a long time not updating my blog. This time I'm gonna share some of my feeling for this whole month.

August is a busy month because almost all kind of events, test and quizzes also happen in this month. As a result, I seldom update this blog. After this month, I will have a New Year Break(a.k.a Raya Break). Hopefully, I can have some good rest during this break. By the way, I got a good news to you guys. I gonna have my practical training at Panasonic Research and Development Center, Cyberjaya starting from 3th January 2011. The validation period is just last for around 6 months.

I heard from my senior that Panasonic is a tough and cruel company for those that having practical training(including myself). There are numerous of rules and regulation plus policies that we must followed in the company such as no medical leave for practical training students, no annual dinner for practical training students and etc. Sometime, there might be OT too but PT students still won't get any extra payment other than allowance.

However, I promise myself and believe that this would be part of the obstacles before we can reach our dream and life. Ok, that's all for today. Before I end my share for today, I would like to wish all Muslims Happy Aidilfitri and be careful during the way back to the kampung.

How to protect your computer?

Nowadays, lots of computer user definitely will login to their social network account, checking e-mail, playing online game and even watching streaming video or music too. But during this time, we might be threaten by the scammers or attackers for exposing our computer security to them. Thus, we need to have some basic knowledge in order to protect our computer from those attackers.

First, let's discuss about a quite famous type of attack which is cross-site scripting attack(XSS). This is a method of attacking your computer through scripts such as JavaScript and this script definitely will be found from the Internet and even from your social network application such as Facebook, Twitter, etc. In this case, we take Facebook as the example of JavaScript embedded page. Recently, scammers have set up illegitimate Facebook pages offering things like a free $500 gift card if you cut and paste some code into your browser's address bar and this probably would be a threat to you guys too. That code actually is JavaScript and you guys should not add those code to your browser because once you add it to your browser then your pc already compromise by the scammers. According to Chris Boyd, a security researcher with Sunbelt Software, "Scammers use this technique to open up unwanted surveys, fill your social networking profiles with spam or even to send you to phishing pages."

To avoid from this attack, you guys can use a free firefox plugin NoScript that allows you to control which websites can run or cannot run JavaScript in your browser. Apart from that, you can disabled JavaSript through your Adobe Reader too. According to Symantec(2009), nearly half of all Web-based attacks were associated with malicious PDF files. Thus, if you make adjustment to your Adobe Reader setting for not allows PDF to execute JavaScript then the risks of being attack by the scammers will also reduce.

The second threat that I gonna discuss is pop-up messages. Sometime, when you are visiting to a legitimate website and suddenly a scary-looking warning message pops up. The message is contain some sort of message as your computer already been infected by the viruses/malwares but when you trying to close up the message then more windows keep popping up and convincing you to scan your computer as soon as possible. If you follow its instruction then the scan will give you a result of found some security problems in your computer and offers you to buy a software which can solve the problem. The software is a rogue antivirus software. The antivirus software probably is a nonfunctional software and the only function of the software is to put your money into their pocket.

Currently rogue antivirus program become one of the most annoying security problems and to the victim, the pop-ups can seem like an infection to your computer. Every time you try to close a warning window, another one appears and it keeps popping up unless you don't close the warning window. My advice is never buy the software from them and the software not just won't work but it may caused your system to crash too. You should either press on Alt-F4 to close your browser directly or press Ctrl-Alt-Delete to open your system's task manager to shut down your browser. By closing the browser, the pop-up problem generally ends at there. If the pop-up problem still remains then you can have a try on this software-Malwarebytes.

Okey, my sharing ends at here today. For more details of how to protect your computer, please click on here. Thanks for reading. (This article adopted and modified from PCWorld: Security Secrets the Bad Guys Don't Want You to Know)

New Sem Coming Soon

Imperceptibly, my semester break is going to end soon. This also means that I need to submit my FYP title after this. However, I would use this few days to enjoy my "Home Sweet Home" life because I'm going to have my study until initial of December 2010 and I will be seldom back to my hometown afterward.

Before starting my new sem, I'm going to set up a new study target for myself and my GPA target is at least 3.33 for this new sem. Hopefully, this target can be achieve by the end of my coming sem. Most of my friends watch World Cup 2010 recently and sometime, I accompany my friends to watch all this match. Most of the World Cup result can be describe in a word of Unexpected. Lots of the World Cup gambler lose their money due to the unexpected World Cup result. However, I do hope those gamblers realize that gambling not a good habit because most of time gambling will bring us to the result of sad rather than happiness.

Apart from that, I just tried to format my laptop today but my laptop always appear BSOD(Blue Screen of Death) once it enter the Window Setup mode. Thus, I failed my formatting again. This also means that I need to send my laptop for warranty again. Hopefully, the fault can be fix as quickly as possible.

Ok, that's all for today. Thanks for reading.

Nice trip!

Hey, guys! Long time not updating my blog. This is my first time of sharing personal expression in my blog. However, this would be a good try for me to share my story to you guys.

Few day ago, I just back from Kampar to my hometown. This trip remains for 4 days and 3 nights and the locations of trip including Cameron Highland and Penang.

For the visit of Cameron Highland, me and my friend go to there to have some picture and enjoy the mother of nature. This visit is quite haste due to the departure time to Cameron Highland was on 11:15am. Thus, the arrival time to the Cameron Highland was around 2:00pm. On the way to the Cameron Highland, we stopped by at the Cameron Highland waterfall and take some photos.

Quite a number of tourist visit this waterfall and some even have some joy at there.

The water is crystal clear and not much polluted by human activities.

Before we continue our visit, we founded a temple then we decided to have some pray at there first.

After that, both of us visit the Rose Valley(玫瑰山谷) at Tringkap. The valley not much change since my first visit on year 2005(if not mistaken).

This is the map of the Rose Valley. This valley still have plenty of rose and other kind of flowers with fruit trees too. Furthermore, it also has a small animal corner which have peacocks, chickens, and turkeys.

After that, we went to have a lunch at Cameron Highland. This is my first time to have KFC at Cameron Highland because most of the food in Cameron Highland were almost the same price as the KFC set. I will more prefer to have fast food than usual food in Cameron Highland because the price of the fast food are almost the same as usual food in Cameron Highland.

After that, we went down to the foothill of Cameron Highland because the time was quite late already. It was around 4pm during that time. On the way to foothill, we went to have some tea at Cameron Bharat Tea Restaurant(I don't know its name is true or not since we don't memorize its name). Lastly ,we went back to Kampar.

For the next day, we went to Penang. This time, our trip partners had become 4 including me and my partner thus the journey was much more fun than the previous journey. We take off at 8:30am from Kampar and we arrive there at around 12:45pm. We directly went to Kek Lok Shi(极乐寺) and visit the Malaysia's biggest Kuan Ying statue. This statue was once been criticize by some stupid blogger. This statue was marvelous and it has been listed as one of the attractive tourism in Penang.

Here are the most famous temple in Penang, Kek Lok Shi.

There are some fresco in the temple and it was quite beautiful. The most interesting part was the ceiling lamp alike as the disco ceiling lamp.

This is the Malaysia's biggest Kuan Ying statue and currently it is undergoing construction. However, we still manage to take some photos of it not from the most close distance. There are 2 ways to visit this statue. One is riding cable car and another one is driving to the uphill of Kek Lok Shi.

After the visit, we went to the hawker stall near Kek Lok Shi to have our lunch and our lunch menu was Penang Laksa. It was fantastic and quite cheap too. Even my friend who don't like to eat seafood also felt not bad of it. After we had our lunch, we went to the Penang Hill. Unfortunately, Penang Hill has been closed due to the renovation project is undergoing.

Hence, we decided to visit our next hot spot which is the Snake Temple. The Snake Temple was quite historical and we still able to see the snake live in the Snake Temple although we don't see a lot of snake at there. May be it was due to the snake been moved into the snake museum at the corner of Snake Temple. Before we leave the Snake Temple, we visit the well beside of the Snake Temple. According to the representative of the well, she said that the well will never dried up no matter how bad the weather are.

This is the main gate of Snake Temple.

The snakes are real and it is still alive. If you guys dare enough to touch the snake, then have a try and it is on your own risk.

Then, we depart to visit the Queensbay Mall and the mall quite huge compare with Seremban mall. Too bad, the mall not so crowded on that day. It might due to the weekday's period and not in the peak time. Afterward, we went to Batu Ferringhi to take some photos and enjoy the beautiful seaside for a moment.

The Batu Ferringhi's beach was quite nice and beautiful compare with the Port Dickson's beach.

Lastly, we went to our last scenic spots to have our lunch at the hawker stall which near to the Gurney Mall.

All these hawker stall are not far from the Gurney Mall and it is situated at the left hand side from the main gate of Gurney Mall. The exact name of the location is Gurney Drive and most of the locals have their meal at there too.

We have our dinner at here and the meal was Char Kuey Teow(炒果条). At last, we leave Penang and back to Kampar on 6:25pm.

Okey, that's all for today. I will keep updating my blog with more interesting stories once I have time. Thanks for reading.

Movie Time

Hey,man!Long time no updating my blog.Today I will recommend a quite nice movie to your guys.I think you guys sure have watch Kick Ass but today I will recommend another hero movie.This hero is a normal person or citizen.He don't have any super power or powerful weapons.At the end of the story,you will feel the touch of the story.

The movie that I would like to recommend is "Defendor".Read carefully!Is Defendor,not Defender.Kiss Ass is a revenge story whereas Defendor is a story of peacekeeper.For not trembling you guys,you guys go and have a watch of this story.Hope you guys enjoy it.

Next,I would like to discuss about my holiday life.This holiday would not be my totally holiday because I need to learn new programming language and seeking for the topic of my final year project.I need to submit my proposal for my final year project on next semester which not far from now.Anyone else can give me some recommendation for the topic of final year project?My final project will be major in the part of networking/and security of Computer Science.

I hope I will found my topic before end of May because this proposal sure takes a lot of time for preparation.If you guys have any suggestion for my final year project,please leave it in my message box.Thanks for your reading.Please stay tune for my next post.

缘分

哈咯，大家好！好久不见哦！不知不觉，我已有超久的一段时间没发文章了。这一次我所写的题材是“缘分”。我想每个人一旦提到缘分，就会想起缘分所谓的是男女之间的感情吧！其实缘分可以分为几种类型，也就是亲情之缘、友谊之缘、悟道之缘、生死之缘、因果之缘。

何谓亲情之缘？此缘指的是家人或亲朋戚友之间的缘分。如一个人天生就缺乏此缘，那他/她很大可能来自于一个不圆满的家庭。所谓的不圆满的家庭是此人在小时候，就会拥有父母离异(离婚)或父母阴阳隔别的家庭。

何谓友谊之缘？此缘指的是朋友之间的缘分。缺乏此缘的人一生中将会缺乏要好的朋友，就算此人拥有一大批的朋友，到头来他/她的朋友在某一天还是会变成死对头或远离他/她而去的。

何谓悟道之缘？这缘指的是能够领悟与瞭解人世间(凡间)的所有事物并得到真正道德的人。
此缘是可以修得的，也就是通过不断的精神与体能磨炼和修行方能修得的缘分。修得此缘的人将会在来世得到好因果或脱离他/她来世的报应。除此之外，修得此缘也会使我们脱离打入畜生道。(畜生道也就是来世投胎成畜生)

何谓生死之缘？这缘可是所有人的最主要的缘。一个人一旦缺乏此缘，那他/她就会英年早逝。
当然，这也包括那些因为流产、夭折或堕胎而导致无法来到人世间的胎儿。此缘也称之为本命缘。因为这缘分通常都是前世的因果所造成的。

何谓因果之缘？这个缘分是由个人的善行德性积累而修得来的。这也意味着不论我们在这一世做了什么事情，我们都会得到一定的回报。回报可分为好报或恶报。此报并不一定会在今世得到，但是你总会有机会得到它的。

我想你们看了以上的段落后，会发现我没把婚姻之缘列入吧！何谓婚姻之缘？此缘指的是夫妻之缘。你是否会和你现在的伴侣组织一个家庭，也是要看此缘的。如果你和你现任的伴侣缺乏此缘，所谓的组织家庭计划将会失败。就算结为了夫妻，最后还是会闹得离婚收场的。

但是，有些时候这些意外也不一定是此缘所造成的。玄学里有提出另一个观点，也就是择日问题。当某人准备结婚时，他/她必须选择适合他们的日子与时间，也就是所谓的好日子与好时辰(日子与时辰必须与伴侣相配，通常都是算男方的本命)。否则，噩梦将会从结婚的那一天开始。但是，所谓的副作用(如意外，无时无刻地吵架等)快则一天就显现，慢则数年后。

注：本人所谓的修为并不一定是完全地投入佛教的怀抱，也就是成为僧或尼姑;这修为包括好乐善事，最主要的是你尽你所能的去帮助该帮助的人，这样你就会发现世界是酱美好的。

由此可见，我们的人生是由缘所环绕而成的。缘分总是无所不在，它是充满在我们的每时每刻里。虽然本人的观点有点偏向佛教的观点，但是只要是对玄学有深入研究的人就会发现玄学书里有记载着缘分的。

因此希望大家能好好的修得你们的缘分与珍惜它。最后，我在此送上一副对联。缘分得来已不易，何况是无缘之局。