Streaming media hosting security: a few tips on how to get hacked or phished
Here are some general guidelines that are just common sense for our clients. If you want to know how Gravitylab protects your customer information and video assets, take a look at our security policies.
What is malware? How do people get it?
Malware is software in the shadows designed to disrupt or intercept information on a computer or network. If you’ve caught a case of malware, it is a problem that must be addressed before work on that system or network can continue. Malware can collect info you send back and forth to the internet, send messages that look like they’re from you, or simply pop up ad you into the abyss.
Signs that should make you cautious:
Any email that contains the words ‘shocking’ or ‘money’ from someone who would not use those words normally
Visiting a website that claims to give you something for nothing.
Downloading a browser add-on that claims to do something that seems unlikely
Downloading a video codec for anything that you got from a torrent
The features don’t exist.
A couple best practices to keep your account safe:
Do not click links for no reason or without reading them.
Never click out of context links in emails, even if they come from a friend or a company you know.
Don’t download things (ex: a .rar or .exe file) if you aren’t sure what they are.
Pick a unique, strong password. Use combinations of at least six letters, numbers and punctuation marks and don’t use this password for any other accounts.
Never give out your login info (e.g.: email address and password). Sometimes people or pages will promise you something for nothing if you share your login info with them. These types of deals are almost always a mistake.
On any password login screen, make sure the url contains the site you thought you were using, e.g.: https://members.gravlab.com/
How can I avoid getting phished?
Some common vectors of attacks are emails that contain these words; free, rare, secret or exclusive digital goods (ex: coins, chips, gifts, etc.).
When evaluating whether an email from us is fake, keep in mind Gravitylab will never ask you for:
Your streaming or hosting account password
Your social security number or tax identification number
Messages claiming that your account will be deleted or locked unless you take immediate action.
When in doubt, type https://members.gravlab.com/ into your browser to visit us.
Some free resources:
Web-based Application Security Scanners: http://mosaicsecurity.com/
Spybot Search and Destroy: http://www.safer-networking.org/
Free software based firewall from Comodo: http://personalfirewall.comodo.com/