You're safe as long as the site you are logging on to is encrypted.

Paypal is encrypted, but none of the microstock sites are. I'd be very surprised if your online banking site wasn't encrypted.

last year in Buenos Aires i cheked my gmail in a cyber and they stole my username and password. there was nothing important there, so not big deal, but it could be... so i learned.

Luc�a

I was assuming that she was using her own computer, and merely borrowing the internet connection.

Never do password-related or confidential stuff on a computer that you cannot control access to - hacking and snooping is altogether too easy.

I log on to everything on unknown computers, but I advise people I care about not to do so. I've worked with computers all my career and I keep up with the scams and security technology. The best defence you have is understanding. So here's some simple background so you know a little more about what to watch out for.

Keyboard loggers. There are tools readily available that record the keys pressed on the keyboard and put them in a file. These can be later retrieved and used to see what you typed. "www.mybank.com"...."myuseraccount"...."mypassword".  You cannot tell if these loggers are running on the computer.

Screen captures. These tools capture the screen, just like sitting a video camera up in front of the monitor. They're usually used in combination with keyboard loggers in case your bank has the half-way-measure of requiring you to click moving buttons with the mouse instead of typing your pin number on the keyboard.

Traffic sniffers. These log the traffic going back and forth between your computer and the Internet. These tools don't even have to be running on your computer - they can be between your computer and the Internet if you're using an Internet cafe's connection on your own laptop. These can be used to see your logon credentials in plain text if you're not using a secure connection.

One of my online banking facilities requests a random combination of characters from my pin number AND password each time I log on. For example, "Please enter the sixth, fourth and tenth characters from your password".  This ensures that even if someone is logging your keyboard strokes, capturing your screen and sniffing your traffic, they don't get your full password. This bank has had this technology in place for three years now and it's the only foolproof way to securely access private information on a public computer. I can't understand why it hasn't caught on yet.

And sharply_done is right. This stuff is all too easy. All of these tools are available from download.com !  But you're not right about the microstock websites having secure login. iStockphoto, Shutterstock and 123rf have stealth encryptioni. If you look at the code of the pages with a login form you'll see the credentials are sent to a page with the https prefix. It's not foolproof, but it helps. LuckyOliver actually has a fully secure and dedicated login page. Not so glamorous, but better.

So what to do?
- You can manually put the 's' after the 'http' on most sites to switch to encrypted traffic, assuming they have an SSL certificate. All the microstock websites do.
- Switch to a bank that uses partial passwords like the process described above
- Change your passwords regularly. If you know you're going to be using a public computer, change to a temporary password first and then change it back once you're on your own computer. If you beat them to it this will be effective.
- Educate yourself and those around you. The more people understand the scams and protect each other the less money there will be in it for the perpetrators.

Be safe out there!
-

OK cyber cafes are not safe unless you set up a temporay travelling e-mail acount to say hey I am still alive

How safe is using your own laptop in wireless cafe/zone?

The same as using their computers, infact less safe because multiple people can read what you send wirelessly versus only one person that has control of the wired computer.

Quote from: fintastique on May 20, 2007, 02:58

OK cyber cafes are not safe unless you set up a temporay travelling e-mail acount to say hey I am still alive

How safe is using your own laptop in wireless cafe/zone?

The same as using their computers, infact less safe because multiple people can read what you send wirelessly versus only one person that has control of the wired computer.

If  you use your own laptop and use only sites with SSL connection (or if possible use highly crypted VPN connection) it should be safe (since the all traffic from the your laptop browser to end point (e.g. your web mail server) is crypted.) )

But if you use non-ssl connection then you are not safe. But remember that you have good firewall on your laptop, because they can hack your computer and install some nasty spyware on it

@CJPhoto - Second, it doesn't really protect you. Real hackers or undesirables are going to use things other than cookies and temp files to get your information. They're going to use a keylogger and  screen capture software that the U3 software can't/doesn't stop.

does the virus cheaker on it not cheak for keyloggers aswell??

I dont use mine much but will probably remove the U3 stuff soon.