User:Nehanalla9/sandbox

Hello,

We are working on Wikipedia article Shoulder surfing (computer security). Following are the suggested outline of the article which we are going to improvise.

Occurrences
Prevention
1. Being cautious at the ATM
Outcomes
1. Fraud
2. Misrepresentation of Identity
3. Curiosity
References
See also

We have collected some articles on Shoulder Surfing for improvisation. I am going to work on Tips to prevent Shoulder Surfing Attack part.

Prevention[edit]

While making transactions, making sure to sit against the wall to prevent anyone to look into the system^[1]. Being careful about the environments, as there will be video cameras too^[2]. Using privacy screen protectors on the systems like the way bankers use to blank out the screen to others except our-self^[3]. Using one hand to cover the keypad while entering the pin at ATM^[4]. Being careful about our surroundings^[5]. Better not to access to personal accounts when in public^[6]. If in a crowded place, locating for a quiet place to work^[7]. Not revealing our passwords to anyone^[8].

The awareness to the users at the public ATM can be provided while a shoulder surfing is occurring. Then a decision can be made by the user if the information he is entering in the public is sensitive and if it has to be hidden. Flashing border can be used to notify and alert the user. When a person enters the area near to the user, the borders of the machine flashes by alerting the user. It can even be detailed with colors. Like red color can be used if the person entered is looking towards the display and green when the person is still near that vicinity but not looking towards the display. Another way is creating a 3-D shadow on the display of the user peeping into the display^[9].

While making important pecuniary transactions, making sure to be far from the people. These crimes are not well recorded as many of the people are not reporting to the police.^[10]. Do not reply to phishing e-mails and even to the pre-texting phone calls. No bank or financial companies will ask for sensitive information through calls or e-mails. Avoid mailing the sensitive information. If ever there is a situation to send the financial documents, send them through certified mailing institutions and make sure to have a proof that the financial institution has received all the documents. If the account has already been compromised, immediately stop all the transactions to that account^[11]

Being cautious at the ATM[edit]

While using the ATM, it is recommended to stand close to the machine while entering the details. As already mentioned in the above, it is better to shield with the hand while entering the pin on the keypad. Sometimes, there may be a camera that is fixed near the keypad to record the actions being done on the keypad. If the ATM that is being used is in a crowded place and if there is someone who is trying to trace, it is better to stop the transactions at that ATM and leave. Never take any help from the strangers though they look well-mannered. Never get being distracted. People sometimes fix devices that record all the card details. These details are later used by the one who fixed the device by making fraud transactions. When in such situation, call to the card banker and report the issue while being still near the ATM. It is always a better thing to save the bank’s 24/7 customer service number. After a transaction, the very first thing to do is, always get the money and the card in the bag. Do not just throw the ATM receipts in the trash. Always tear them or at least destroy the sensitive information on the receipts^[12]. Never write the checks in a hurry. It is better to avoid writing checks at the peek time of the shopping season. Using only one card for shopping is sometimes better which not only helps in monitoring the money spent, but can also be easy to know the suspicious activity on the other accounts if happened^[13].

References[edit]

^ A Survey on Shoulder Surfing Resistant Text Based Graphical Password Schemes. (2015). IJSR International Journal of Science and Research (IJSR), 4(11), 2418-2422. doi:10.21275/v4i11.nov151759
^ Wiese, O., & Roth, V. (2015). Pitfalls of Shoulder Surfing Studies. Proceedings 2015 Workshop on Usable Security. doi:10.14722/usec.2015.23004
^ Manu Kumar, Tal Garfinkel, Dan Boneh, Terry Winograd, 2007, ‘Reducing shoulder-surfing by using gaze-based password entry’,Proceedings of the 3rd symposium on Usable privacy and security, ACM4
^ P. Shi, B. Zhu, and A. Youssef. A new pin entry scheme against recording-based shoulder-surfing. InProc. of 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2009), Athens/Vouliagmeni, Greece, June 2009. IEEE Computer Society.
^ Zhi Li, Qibin Sun, Yong Lian, and D. D. Giusto, 2005, ‘An Association-Based Graphical Password Design Resistant to ShoulderSurfing Attack’, IEEE International Conference on Multimedia and Expo (ICME).
^ Peipei Shi, Bo Zhu and Amr Youssef. Concordia Institute for Information Systems Engineering. “A Rotary PIN Entry Scheme Resilient to Shoulder-Surfing.”. Internet Technology and Secured Transactions, 2009. ICITST 2009.
^ Cheryl, Hinds and Chinedu Ekwueme, 2007, ‘Increasing security and usability of computer systems with graphical passwords’,Proceedings of the 45th annual southeast regional conference, ACM.
^ H. Tao and C. Adams. 2008. Pass-Go: A Proposal to Improve the Usability of Graphical Passwords. Int’l Journal of Network Security, 7, 2008, 273-292
^ Goucher, W. (2011). Look behind you: The dangers of shoulder surfing. Computer Fraud & Security, 2011(11), 17-20. doi:10.1016/s1361-3723(11)70116-6
^ Authored by Jose Rivera, LegalMatch Legal Writer. (n.d.). Shoulder Surfing Thefts. Retrieved November 21, 2016, from http://www.legalmatch.com/law-library/article/shoulder-surfing-thefts.html
^ Drake, E. (2007). 50 plus one tips to preventing identity theft. Chicago: Encouragement Press.
^ Shoulder Surfing. (n.d.). Retrieved from http://www.yourmoney.com/credit-cards-loans/how-to-avoid-shoulder-surfing-crimes-at-cash-points/
^ Committing Shoulder Surfing Identity Theft? (n.d.). Retrieved December 12, 2016, from http://www.spamlaws.com/shoulder-surfing-identity-theft.html

[1] A Survey on Shoulder Surfing Resistant Text Based Graphical Password Schemes. (2015). IJSR International Journal of Science and Research (IJSR), 4(11), 2418-2422. doi:10.21275/v4i11.nov151759

[2] Wiese, O., & Roth, V. (2015). Pitfalls of Shoulder Surfing Studies. Proceedings 2015 Workshop on Usable Security. doi:10.14722/usec.2015.23004

[3] Manu Kumar, Tal Garfinkel, Dan Boneh, Terry Winograd, 2007, ‘Reducing shoulder-surfing by using gaze-based password entry’,Proceedings of the 3rd symposium on Usable privacy and security, ACM4

[4] P. Shi, B. Zhu, and A. Youssef. A new pin entry scheme against recording-based shoulder-surfing. InProc. of 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2009), Athens/Vouliagmeni, Greece, June 2009. IEEE Computer Society.

[5] Zhi Li, Qibin Sun, Yong Lian, and D. D. Giusto, 2005, ‘An Association-Based Graphical Password Design Resistant to ShoulderSurfing Attack’, IEEE International Conference on Multimedia and Expo (ICME).

[6] Peipei Shi, Bo Zhu and Amr Youssef. Concordia Institute for Information Systems Engineering. “A Rotary PIN Entry Scheme Resilient to Shoulder-Surfing.”. Internet Technology and Secured Transactions, 2009. ICITST 2009.

[7] Cheryl, Hinds and Chinedu Ekwueme, 2007, ‘Increasing security and usability of computer systems with graphical passwords’,Proceedings of the 45th annual southeast regional conference, ACM.

[8] H. Tao and C. Adams. 2008. Pass-Go: A Proposal to Improve the Usability of Graphical Passwords. Int’l Journal of Network Security, 7, 2008, 273-292

[9] Goucher, W. (2011). Look behind you: The dangers of shoulder surfing. Computer Fraud & Security, 2011(11), 17-20. doi:10.1016/s1361-3723(11)70116-6

[10] Authored by Jose Rivera, LegalMatch Legal Writer. (n.d.). Shoulder Surfing Thefts. Retrieved November 21, 2016, from http://www.legalmatch.com/law-library/article/shoulder-surfing-thefts.html

[11] Drake, E. (2007). 50 plus one tips to preventing identity theft. Chicago: Encouragement Press.

[12] Shoulder Surfing. (n.d.). Retrieved from http://www.yourmoney.com/credit-cards-loans/how-to-avoid-shoulder-surfing-crimes-at-cash-points/

[13] Committing Shoulder Surfing Identity Theft? (n.d.). Retrieved December 12, 2016, from http://www.spamlaws.com/shoulder-surfing-identity-theft.html

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]