The Hack - With such a high number of online users becoming a target for identity thieves in one form or other, there is a dire need for an alternative stronger method of authenticating online users.As Hackers are getting more clever, the process of resetting the account passwords should also be secure. Though awareness of identity theft and its misuse is not high, it is nevertheless a very serious issue as many countries have now passed cyber laws that enforce strict enforcement. One such example is the case of hacking by couple of students of a state university's ERP system in 2007. They had to face 20 years in prison. Imagine if your gmail or facebook account is used to commit a cyber-crime without your knowledge as your account has been hacked! Though for no reason of yours, you may have to face legal hassles in proving your account has been hacked. And even if your account was hacked and you were able to recover or gain control of your account, it may already have caused some damage and it is your duty to then inform law enforcement agencies about it. All of this is an unknown pain waiting to happen to an ordinary citizen. Considering it is so easy to hack username and passwords.
You may wonder what that is...And so did I, when i first came across this very dangerous computer virus being mentioned on an anti-virus update. Looked up the Net and found that this virus has already infected millions of computers capturing every keystroke users have typed, taken screen shots, scrapped web browsers for saved passwords, browsing history, etc. Thus the alarm raised by India's CERT-in is not without reason. Particularly targeting SME's where awareness of online security is not particularly high, Golroted can collect information from a user's computer and send the information to a preconfigured server. The inside story is that couple of scammers based out of an African country, targeted Indian companies, obtained information about their business contacts to scam them one after the other. The scammers would initially target local affiliates or branches and gain enough information from them to get into the company’s global office.