03.22.06
Posted in security, privacy, fraud, hacking at 5:44 pm by HowardG
Cyber-attacks, hacks, and acts of online vandalism perpetrated by loners in attempts to direct attention to themselves were at one time the biggest threat companies had to worry about. For those individuals, breaking into a company’s network produced no direct gain. Instead, they did it for the glory of becoming a cyberspace anti-hero, or at least to relieve the boredom of their humdrum lives. But today, those misguided fools are the least of a company’s network security worries. Malicious attacks are increasingly being carried out for very specific reasons. Cyber criminals are using bot-nets, denial-of-service extortion attacks, and sophisticated identity theft techniques for financial gain. Read the rest of this entry »
Permalink
03.01.06
Posted in security, privacy, fraud at 11:27 am by HowardG
The Internal Revenue Service released what it calls its “Dirty Dozen” list of tax scams for 2006 this month (http://www.irs.gov/newsroom/article). The scams range from tax filers making frivolous claims that income tax is illegal, to misuse of trusts and offshore transactions. While most of the top twelve involve fraud perpetrated by taxpayers, number three on the list is phishing, a scam whereby an identity thief attempts to take advantage of an innocent taxpayer and obtain personal financial data.
According to the IRS, criminals using phishing attacks sometimes pose as IRS representatives to gain the trust of an individual taxpayer. Typically, the scam revolves around a fictitious e-mail correspondence sent out, which appears to be from the IRS. Read the rest of this entry »
Permalink
01.22.06
Posted in security, privacy, law at 4:19 pm by HowardG
The Federal government has been attempting to force Google and other major search engines to turn over information from their databases. Since September 11, the Bush administration has rankled privacy advocates with a host of new measures that infringe on the rights and privacy of citizens, in the name of the fight on terrorism and under the banner of the Patriot Act.
In court papers filed in the U.S. District Court of San Jose, the Department of Justice noted that Google has not complied with a subpoena it issued last year. Read the rest of this entry »
Permalink
11.11.05
Posted in security, spyware, privacy at 2:53 pm by HowardG
A small group of individuals doing business under multiple company names has been disseminating spyware by offering consumers free music files, browser upgrades, and ring tones. Embedded in the free programs, however, were small trojans that downloaded dangerous spyware onto each target computer. In other instances, the group also disseminated its malware by causing a program to be installed in consumers’ computers, which would flash warnings about their computer’s security and spyware. Ironically, the warning itself was in fact spyware, and when concerned consumers would click on the warning, they would download spyware into their systems.
One of the group’s products was called Elitebar, a deceptive type of adware that propagates through social engineering methods, Java scripting errors and dialog boxes.
The U.S. District Court for the Central District of California in Los Angeles, at the request of the FTC, shut down the operation as of November 10, 2005. The courts have frozen the organization’s assets, and the FTC will ask that the deceptive practices be barred permanently. The agency claims that the practices are unfair, deceptive, and violate the FTC Act.
According to the FTC complaint, the defendants created software code that tracked the behavior of Internet users, hijacked home page settings, inserted toolbars and advertising side-frames, and generated pop-up ads. The complaint further stated that the malware often interfered with proper functioning of targeted computers.
The case was made with the assistance of Microsoft Corporation, Webroot Software, and Google Inc. The FTC recommends that consumers take steps to address the spyware risk, including setting browser security to detect unauthorized downloads, using anti-virus software and a firewall, downloading free software only from trusted sites, avoiding clicking on links inside pop-up windows or from spam links claiming to offer anti-spyware software, and to consider deploying a legitimate anti-spyware software solution from a trusted company. In addition to deploying anti-spyware programs, consumers and companies can combat spyware by avoiding use of peer-to-peer sites and instant messaging, which are often conduits of spyware.
The FTC action against the group reflects only a small portion of the growing spyware problem. EarthLink reports that the average PC has 28 spyware programs; a Dell report shows that 12 percent of tech support calls were due to the presence of spyware. In most cases, users do not realize they are downloading spyware. It is often downloaded into the computer automatically in the form of a trojan, along with some sort of nominally useful free program. Spyware can also be launched when users click on email attachments or share files through peer-to-peer networks. In can also take the form of “active code” and hidden inside a Web page, so that it launches automatically when the page is viewed. Because of the latter variation, many companies have taken the step of deploying URL filtering, which blocks many sites that are known to host spyware.
Permalink
10.17.04
Posted in security, identitytheft, privacy at 6:18 pm by DarrenS
The lack of complete security of important data is resulting in numerous cases of unauthorized access and theft. In October 2004, according to ChoicePoint, a service provider of information for identification and credential verification, thieves obtained up to 145,000 consumer profiles by using fake identities. Read the rest of this entry »
Permalink
02.27.04
Posted in security, spyware, privacy at 11:05 am by Jessica
Imagine walking into your home after a long, hard day at work. You change into your most comfortable (though not most flattering) pair of sweats, grab a box of your favorite cookies, order a pizza with extra grease, and plop down in front of the TV to watch your favorite sitcom. Imagine now that while you were gone, someone broke into your home, installed hidden cameras, and was watching everything you did. It’s demeaning. It’s embarrassing. It’s legal. Read the rest of this entry »
Permalink