It has been quite a while since my last article and I apologise for the long delay. I devoted most of my time during November and the first couple of weeks in December to research and the blog unfortunately got neglected. I then took a break for a week to spend time with friends and family during the festive season. (I'm not a cyborg and even cyber cops need to take a break so once in a while). The only thing I regret is that I did not download any e-mails during this time, so you can expect I had quite a lot of e-mails in my inbox (the majority was spam anyway). 2007 has come to an end and 2008 lays ahead of us. Looking at all the security related articles since the start of 2008, I get the idea that the cyber security industry is preparing for one rough ride in terms of computer security in 2008. But enough about that, let's get to this week's article and the first one of 2008.
One Sunday on my way to church, I noticed that one of the cars parked in front of the church still had its headlights on. I was about to go to the consistory to ask someone to announce it, when my mother told me not to bother, because she reckoned many people will see it and eventually report it. I decided not to take my mother’s advice and reported it anyway. However it was not announced before the sermon started, so I guessed they already informed the owner about it. When the sermon was over I was really disappointed to find out that the owner was not informed and that the car actually belonged to an elderly couple. Of course, all their attempts to get the car running were in vain, the battery was completely dead.
Apparently I was the only one who reported this incident. I find it hard to believe that no one else saw this car, because its bright headlights were shining in the direction of the street where most people could see it, in fact many other members of our church had to pass this car just like I did. But what does this have to do with spam? I will explain in a moment.
Reporting several spam e-mails a day, without a single response from a service provider, host or registrar can be demoralising to say the least. People who report spam on a regular basis will probably agree with me. It can become so demoralising that you find it hard to see any sense in reporting spam to anyone. The lack of cooperation from the responsible parties, gives us a damn good excuse not to report spam, now doesn’t it? Sorry to blow your bubble, but that it is a lame excuse for not reporting spam.
Spam reporting is only one side of the coin. We also need to prevent spam. Spam can prevented in many ways. Protecting your e-mail address from unnecessary exposure should be your first priority when it comes to personal spam prevention and secondly you need to protect your computer with anti-malware software and a firewall to prevent your computer from becoming a spam-relaying zombie. A good junk mail filter can be added to your defence, to make it easier to manage all the unsolicited e-mails pouring into your mailbox. The spam you report are used in various ways, depending on who you report it to. Some anti-spam organisations use it to close spammer websites and the internet access accounts of known spammers, some use it to improve anti-spam software, some use it for anti-spam research to find better ways of preventing it and some organisations use spam reports for all the aforementioned reasons.
I know some individuals who are so passionate about fighting spam that they will even report other people’s spam for them. Many people feel that this is not a good idea, because of various reasons, one of them being the fact that only the original recipient can tell what is spam and what is not, because only you know what you signed up for and what not. Then again, this is not totally true. There may be merit in this argument, but it is not that hard to distinguish unsolicited commercial e-mails from legitimate opt-in e-mails. I know that some unethical companies are not always willing to remove your e-mail address from their database, which turns an opt-in e-mail into an unwanted e-mail, in other words SPAM! That being said, I still feel that it is quite easy to spot an unsolicited junk e-mail these days.
Some people feel that when you report spam without benefiting directly from it, you do it for altruistic reasons only. My personal opinion is that this is a bad overgeneralization of loyal spam reporters who report spam to see justice being served. Crime statistics at the end of a year often reveal a rise or decline, but a decline in child abuse for instance does not necessarily mean that less children were abused during the past year, what about all the child abuse incidents that were never reported? The same is true for spam, a decline in spam reports during a certain period does not necessarily mean that spammers sent less spam during that period. People need to be aware of the problem of spam and people need to understand how big it really is. In order to raise awareness about a problem, it needs to be reported, so that it can be accurately measured. I think our current awareness about the spam problem is only the tip of the iceberg.
Reporting spam will not make your spam disappear overnight and if anyone told you that they can take away your spam, then they are lying. Spam filters do not stop spam from being sent, they only stop it from being delivered and spammers will always find a way to circumvent your defence systems. The fact that you are receiving spam already puts you in a catch-22 situation. An active e-mail address is a commodity in the spam industry and your e-mail address can be sold to several spammers worldwide. Once a spammer gets shut down, he either sells his e-mail database to other spammers or he finds a new ISP to distribute spam once again. The cycle repeats itself time and again and it is likely that your e-mail address may land in the hands of a spammer operating from a spam haven (in other words a country where there is no anti-spam laws). The only way to solve your spam problem completely, is to put all the spammers who have your e-mail address in jail, destroy these databases before they get distributed to other spammers and shut down the botnets distributing the spam. A single botnet may consist of thousands of infected computers, scattered all over the globe, so you can see it is quite a feat to accomplish.
I recently read about an incident where a Russian registrar claimed they couldn’t take any action against a spam-relaying zombie, because their legislation does not provide any means by which they can act against the offending party. I’m not up to par with Russian anti-spam legislation, so I’m not sure if they were telling the truth, but nothing stops them from prohibiting spam and malware distribution through an Acceptable Use Policy. But what if a company does not worry about people abusing their networks? You will obviously need a higher level of authority to force them to take action against the perpetrators and in order to do that you need proper anti-spam laws.
Anti-malware developers can’t keep up with the rapid evolution of malware. This means more computers get infected much faster, resulting in large botnets being created on the fly, ready to distribute spam in next to no time. Malware infected computers are one of the biggest sources of spam, so if anti-malware companies are finding it hard to stay ahead from the malware creators, then think for yourself how hard it is to keep spam distribution in control, yes in control, we are not even speaking of eliminating it.
So what does the story of the elderly couple with the flat battery have to do with spam reporting. First of all, if we all have the attitude that someone else will report spam, then we will never get even close to solving the problem. Secondly, registrars and ISPs should stop hiding behind a bunch of lame excuses, they should stop ignoring spam reports and start taking action against the offenders. The registrars and ISPs who fail to take action against the spammers are like the minister who failed to announce the registration number of the car that was parked in front of the church, with its headlights still burning. If things continue like this we will have a flat Internet overloaded by a bunch of unsolicited junk.
In my next article I will discuss some of the most common causes of spam and steps that can be taken to prevent spam 'contamination'.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud, raising awareness about spam and assisting users in the removal of malicious software.
Thursday, January 03, 2008
Wednesday, November 14, 2007
Reconciling Parental Control Software with Internet Security Principles
By Coenraad De Beer
Conventional parental control software is a security risk on its own. Parents often fail to identify the underlying risks of Internet monitoring software, but what do you use if you want to monitor your child's activity on the Internet?
Parental control software remains a useful tool to monitor your child's online activity and at the same time block inappropriate content. The fact that you are an adult does not necessarily mean you like to view offensive content, so the software can also be utilised to block offensive content on sites you often visit. Unfortunately, with the monitoring part of the software comes an inherent security risk of sensitive information that may fall into the wrong hands.
If you want to use parental control software, you need to use it responsibly, especially if you install it on a computer that is shared by several members of your household. The trustworthy members of the family need to be aware of the software and the need to have administrator privileges to disable the software before working on the computer. Parents often forget to disable the software before doing online shopping or banking, effectively allowing the key-logger component of the software to log important information such as social security numbers, credit card numbers and passwords.
Many Internet monitoring software packages take screenshots at certain intervals to capture the contents of the screen at a specific point in time. This is also dangerous if you forget to disable the monitoring part of the software, before logging into a secure area of a website. Screenshots can be taken of sensitive information that's normally only accessible behind a secure login area. All this information (keystrokes and screenshots) is stored on your hard drive, exposing it to possible exploits from crackers or spyware.
Well-written parental control software will obviously encrypt the information it logs, but crackers often decipher the encryption code in next to no time. The last thing you need is a spyware infection or an intruder on your system that can bypass the encryption of the parental control software. You don't want a stranger going through your logs if you accidentally forgot to disable the software before entering sensitive information on the Internet. So the most important thing to remember is to disable the monitoring software before you use the computer and remember to enable it again when you're done, otherwise there is no point in having the software on your computer in the first place.
Some parental control software allows you to create different profiles for different members of the family. You can for instance have a "Child" profile that blocks inappropriate content and monitors your child's activity on the web, a "Teen" profile that does not block any content, but only monitors your child's activity and a "Parent" profile that does not monitor your activity or block any content. The "Teen" profile can be activated when your teenager wants to use the computer, or you can activate the "Parent" profile if you are present while your children surfs the Internet. The "Child" profile should be used to limit Internet access while you are not at home to keep an eye on your children's Internet activity.
Kaspersky Lab recently integrated a parental control module into their Internet Security suite. It does not log keystrokes or take screenshots, it only monitors HTTP traffic. To know what your child is doing on his or her computer, you only need to monitor their Internet use. It is easy to see which games they are playing and which software they are using by examining certain areas of your system, like the Program Files folder and the Add and Remove Programs section of the control panel. Clever kids will know how to wipe this information, but most programs make connections to the Internet these days, so just by examining the HTTP traffic generated by these programs, you can easily tell which programs your child is using and which websites they are visiting.
The parental control module of Kaspersky Internet Security logs all the websites visited by your children, all the remote images loaded from e-mails that they read and all the servers they connect to for online gaming and software updates. If the logs contain entries from winamp.com, then your child is probably using Winamp to play music or movies. Entries from ea.com, might indicate that your child is playing some games developed by Electronic Arts. Your children will also download software from certain sites, which will give you another indication of what kind of software they are using. The fact that the software monitors HTTP traffic, means that you are not only limited to the traffic generated by a web browser or e-mail client, it monitors all Internet activity from any application.
The way that Kaspersky Lab approaches parental control and monitoring software, does not compromise your online safety like your conventional child monitoring software, because there is no security holes created by keystroke logging and capturing of screen data. The logs of your HTTP traffic may still contain tracking information that you may not want to reveal to advertising companies (and their spyware programs), but the beauty of this module is that it is integrated into an Internet security suite, so you are automatically protected against unauthorised access and malicious software infections, thanks to the firewall the anti-malware shields of the software. Traffic through secure servers (HTTPS) is normally encrypted, so the monitoring software only sees the encrypted data during a secure online session like Internet banking or online shopping. I still recommend that you turn of the parental control module before transmitting sensitive information over the Internet.
Up to know I basically discussed the monitoring part of parental control software. The control part allows you to block indecent content as well. Blocking inappropriate content minimises the risk of malware infections. Porn sites are often loaded with spyware, so keeping your children away from these sites, does not only protect them from exposure to harmful content, but it also protects your computer from dangerous infections. Your child's porn surfing may be the cause of a dangerous spyware infection, something you may not be aware of (especially if you don't have any spyware protection installed). You could easily log into your online banking account or enter sensitive information on the web, without realising that there are spyware lurking on your computer, watching your every move. Parental control software is not designed to protect your computer against malware infections, but preventing your children from accessing inappropriate websites, helps them to stay away from potentially dangerous websites, which is the number one rule in malware prevention.
Proper parental control software should allow you to set up filters to block specific inappropriate content, giving you complete control over what you allow your child to access on the Internet. Kaspersky Internet Security allows you to do exactly this. Lets say you want to block access to sites containing the word "murder" in the URL. You simply add the filter "*murder*" to the Parental Control Blacklist and it will block all websites containing the word "murder" in the URL. You can also blacklist specific URL's to prevent access to certain online chat rooms, web mail services or social community websites. Websites that carries your approval can be added to a white list to prevent the software from accidentally blocking it, or you may want to allow only specific pages from a site that's currently on the blacklist. The flexibility of the software allows you to fine tune the parental control software to your own specific needs, enhancing the online safety of your children.
So what is the message I'm trying to get across here? As I said at the beginning of this article, parental control and monitoring software remains a useful tool to keep an eye on your children's Internet activity when you are not present. As a parent you need to understand that parental control software poses certain security risks of you do not manage the software in a responsible way. I feel that developers of parental control software should move away from keystroke logging and screen capturing and focus on HTTP monitoring instead. Parental control software developed by a company who specialises in Internet security, gives you peace of mind that the software was designed with security as a top priority. The next step for Kaspersky Lab may be to make the module optional. Not everyone wants parental control software, but if I want to add this functionality to my computer, I'd rather buy it from a developer who has been in the Internet security industry for years, than buying the software from a developer who does not have a clue about Internet security.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security and analysts of Cyber Security Software. Read our review of Kaspersky Internet Security 7.0 for an in depth look into one of the most comprehensive Internet security suites in the security software industry.
Conventional parental control software is a security risk on its own. Parents often fail to identify the underlying risks of Internet monitoring software, but what do you use if you want to monitor your child's activity on the Internet?
Parental control software remains a useful tool to monitor your child's online activity and at the same time block inappropriate content. The fact that you are an adult does not necessarily mean you like to view offensive content, so the software can also be utilised to block offensive content on sites you often visit. Unfortunately, with the monitoring part of the software comes an inherent security risk of sensitive information that may fall into the wrong hands.
If you want to use parental control software, you need to use it responsibly, especially if you install it on a computer that is shared by several members of your household. The trustworthy members of the family need to be aware of the software and the need to have administrator privileges to disable the software before working on the computer. Parents often forget to disable the software before doing online shopping or banking, effectively allowing the key-logger component of the software to log important information such as social security numbers, credit card numbers and passwords.
Many Internet monitoring software packages take screenshots at certain intervals to capture the contents of the screen at a specific point in time. This is also dangerous if you forget to disable the monitoring part of the software, before logging into a secure area of a website. Screenshots can be taken of sensitive information that's normally only accessible behind a secure login area. All this information (keystrokes and screenshots) is stored on your hard drive, exposing it to possible exploits from crackers or spyware.
Well-written parental control software will obviously encrypt the information it logs, but crackers often decipher the encryption code in next to no time. The last thing you need is a spyware infection or an intruder on your system that can bypass the encryption of the parental control software. You don't want a stranger going through your logs if you accidentally forgot to disable the software before entering sensitive information on the Internet. So the most important thing to remember is to disable the monitoring software before you use the computer and remember to enable it again when you're done, otherwise there is no point in having the software on your computer in the first place.
Some parental control software allows you to create different profiles for different members of the family. You can for instance have a "Child" profile that blocks inappropriate content and monitors your child's activity on the web, a "Teen" profile that does not block any content, but only monitors your child's activity and a "Parent" profile that does not monitor your activity or block any content. The "Teen" profile can be activated when your teenager wants to use the computer, or you can activate the "Parent" profile if you are present while your children surfs the Internet. The "Child" profile should be used to limit Internet access while you are not at home to keep an eye on your children's Internet activity.
Kaspersky Lab recently integrated a parental control module into their Internet Security suite. It does not log keystrokes or take screenshots, it only monitors HTTP traffic. To know what your child is doing on his or her computer, you only need to monitor their Internet use. It is easy to see which games they are playing and which software they are using by examining certain areas of your system, like the Program Files folder and the Add and Remove Programs section of the control panel. Clever kids will know how to wipe this information, but most programs make connections to the Internet these days, so just by examining the HTTP traffic generated by these programs, you can easily tell which programs your child is using and which websites they are visiting.
The parental control module of Kaspersky Internet Security logs all the websites visited by your children, all the remote images loaded from e-mails that they read and all the servers they connect to for online gaming and software updates. If the logs contain entries from winamp.com, then your child is probably using Winamp to play music or movies. Entries from ea.com, might indicate that your child is playing some games developed by Electronic Arts. Your children will also download software from certain sites, which will give you another indication of what kind of software they are using. The fact that the software monitors HTTP traffic, means that you are not only limited to the traffic generated by a web browser or e-mail client, it monitors all Internet activity from any application.
The way that Kaspersky Lab approaches parental control and monitoring software, does not compromise your online safety like your conventional child monitoring software, because there is no security holes created by keystroke logging and capturing of screen data. The logs of your HTTP traffic may still contain tracking information that you may not want to reveal to advertising companies (and their spyware programs), but the beauty of this module is that it is integrated into an Internet security suite, so you are automatically protected against unauthorised access and malicious software infections, thanks to the firewall the anti-malware shields of the software. Traffic through secure servers (HTTPS) is normally encrypted, so the monitoring software only sees the encrypted data during a secure online session like Internet banking or online shopping. I still recommend that you turn of the parental control module before transmitting sensitive information over the Internet.
Up to know I basically discussed the monitoring part of parental control software. The control part allows you to block indecent content as well. Blocking inappropriate content minimises the risk of malware infections. Porn sites are often loaded with spyware, so keeping your children away from these sites, does not only protect them from exposure to harmful content, but it also protects your computer from dangerous infections. Your child's porn surfing may be the cause of a dangerous spyware infection, something you may not be aware of (especially if you don't have any spyware protection installed). You could easily log into your online banking account or enter sensitive information on the web, without realising that there are spyware lurking on your computer, watching your every move. Parental control software is not designed to protect your computer against malware infections, but preventing your children from accessing inappropriate websites, helps them to stay away from potentially dangerous websites, which is the number one rule in malware prevention.
Proper parental control software should allow you to set up filters to block specific inappropriate content, giving you complete control over what you allow your child to access on the Internet. Kaspersky Internet Security allows you to do exactly this. Lets say you want to block access to sites containing the word "murder" in the URL. You simply add the filter "*murder*" to the Parental Control Blacklist and it will block all websites containing the word "murder" in the URL. You can also blacklist specific URL's to prevent access to certain online chat rooms, web mail services or social community websites. Websites that carries your approval can be added to a white list to prevent the software from accidentally blocking it, or you may want to allow only specific pages from a site that's currently on the blacklist. The flexibility of the software allows you to fine tune the parental control software to your own specific needs, enhancing the online safety of your children.
So what is the message I'm trying to get across here? As I said at the beginning of this article, parental control and monitoring software remains a useful tool to keep an eye on your children's Internet activity when you are not present. As a parent you need to understand that parental control software poses certain security risks of you do not manage the software in a responsible way. I feel that developers of parental control software should move away from keystroke logging and screen capturing and focus on HTTP monitoring instead. Parental control software developed by a company who specialises in Internet security, gives you peace of mind that the software was designed with security as a top priority. The next step for Kaspersky Lab may be to make the module optional. Not everyone wants parental control software, but if I want to add this functionality to my computer, I'd rather buy it from a developer who has been in the Internet security industry for years, than buying the software from a developer who does not have a clue about Internet security.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security and analysts of Cyber Security Software. Read our review of Kaspersky Internet Security 7.0 for an in depth look into one of the most comprehensive Internet security suites in the security software industry.
Wednesday, October 31, 2007
Website Owners - The Next Target of 419 Scammers?
By Coenraad De Beer
A couple of weeks ago I did an article on a 419 scammer who used Google to find possible victims. I analysed a very interesting 419-scam e-mail today that made it quite clear that the swindlers are slowly starting to change their tactics. The old methods are not working as well as they should, so scammers are looking for new and improved methods to claim new victims. Believe me, the dumb, idiotic scammers with their hilarious con stories are becoming smarter by the day.
The typical "Dear sir/madam" e-mails may soon be something of the past if all 419 scammers start to operate like Ferdinand Traore from Togo. Ferdinand sent an e-mail to a website owner after pulling his name, surname and e-mail address from the "Contact us" page of his website. Below is a copy of the e-mail that he wrote (The e-mail has not been edited in any way. I only changed the name of the website owner to John and his surname to Doe, to protect his identity).
"Dear John Doe,
Please forgive my using this means to reach you but I cant think of any other way of letting you know the urgent matter at hand. I acted as personal attorney to the (late) Engr. M.A. Doe, who lived and worked here for more than twenty years as a major contractor and businessman.
On the 18th of Novermber 2004 he and his wife and only daughter were involved in an automobile accident while visiting a neighboring country on vacation. They were buried two weeks after and I have exhausted all means of reaching who may have been related to them. This has been made more difficult because no mention was made of any relative while he was alive.
To the best of my knowledge, before his death, he had an investment deposit totalling more than Eighteen Million Five hundred thousand United States Dollars($US18.500.000.00) with the major bank here and now they have asked me to provide a next of kin if there is, or the estate will then revert to the government and so it would be lost.
My proposal is that you allow to be presented for this role so that documentation can be processed and payment made in your favour. This is a project which will see us partner to realise. I would be willing for us to discuss terms of participation in order to protect our various interests.
I want to assure you right away that I have positioned this deal to not last for more that two weeks. I shall be willing to discuss futher on this if write back or send to me your direct telephone number so we can discuss in the type of confidential atmosphere which this matter requires.
Awaiting your immediate response.
Ferdinand Traore (Esq).
Traore Chambers & Associates,
Rue Du Commerce Avenue B.P.120,
Lome-Togo"
You can easily be drawn into this e-mail because at first glance you may think it is a relative who died. If this happens, the scammer achieved his first goal, to get your attention. If he has your attention he can play with your mind. The plot is simple, a lawyer contacts you in search of a next of kin for a deceased person who has the same last name as yours, very convenient don't you think? The deceased person was loaded with cash, making the proposal very attractive to the unwary victim.
You may argue that there is nothing special to this e-mail, besides the fact that he addressed the victim directly on his name and not via the generic "Dear sir/madam" introduction. Furthermore the spelling and grammar is horrible, so it is easy to spot the scam in this e-mail. It is a classic inheritance scam e-mail, with the promise of a ridiculously large sum of money. Ferdinand sent the e-mail from ferdinandtraore.4to1957@yahoo.co.uk but the victim had to reply to ferdinandtraore.tgo1957@yahoo.co.uk, another common characteristic found in 419-scam e-mails. All the signs are there, so what is so special about this specific e-mail?
It is not the e-mail that's unique, but the methods used by the scammer to collect information about the victim. A closer look at the visitor statistics of this website revealed a visit from Togo, with the same IP address (41.207.162.4) as the one found in the e-mail header. So there was no doubt about the identity of this visitor, it was most definitely our friend Ferdinand Traore (oops did I forget to add the "Esq" suffix after your name? Sorry Ferdinand). The traffic came from a Google search for a specific surname, in this case not the surname of the website owner, but a surname that appeared on one of his web pages.
The scammer appended "co.za" to the search string, which tells me he was looking for South African websites (or South African website owners). He also placed "2007" in front of the surname. Why? Websites contain copyright notices, often followed by the name of the website designer. Most copyright notices contains a year and active websites change this number each year, some web designers do this via a script and others do it by hand. The scammer was probably looking for websites containing a 2007 copyright notice. This would certainly keep the search results fresh and minimise the risk of using outdated contact information.
In the previous article I mentioned a 419 scammer who targeted American citizens using specific e-mail services like Yahoo! and AOL. This scammer searched for the latest contact details of certain South African website owners. I'm sure they expand these searches to other countries as well, but one thing is for certain, they are using specific contact information to send targeted and relevant e-mails to possible victims. Later today someone else reported a scam e-mail, with the exact same plot. Once again the scammer knew the name and surname of the victim and addressed him accordingly. The victim of this e-mail was a job seeker who posted his resume on several online recruitment websites. So the scammers are using several online resources to harvest personal information about their victims.
E-mails addressing you personally are no longer a guarantee that it came from a trustworthy source. The fact that the sender knows your name and last name does not necessarily mean that he legitimately obtained this information or that he has legitimate intentions. People should look deeper into the e-mail for other obvious signs exposing the true nature of the e-mail. I mentioned a couple of common characteristics earlier in this article that will help you to identify other e-mails just like this one. But not all these characteristics are present in every e-mail scam, making it hard to define a single set of rules that will apply to all e-mail scams. Common sense is the only true weapon that's dynamic enough to adapt to the different methods used by e-mail scammers today.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops. Visit our 419 Scams page for more information about 419 scams and different 419 scam examples. Stay up to date with the latest in cyber security, by subscribing to our cyber security related RSS Feeds.
A couple of weeks ago I did an article on a 419 scammer who used Google to find possible victims. I analysed a very interesting 419-scam e-mail today that made it quite clear that the swindlers are slowly starting to change their tactics. The old methods are not working as well as they should, so scammers are looking for new and improved methods to claim new victims. Believe me, the dumb, idiotic scammers with their hilarious con stories are becoming smarter by the day.
The typical "Dear sir/madam" e-mails may soon be something of the past if all 419 scammers start to operate like Ferdinand Traore from Togo. Ferdinand sent an e-mail to a website owner after pulling his name, surname and e-mail address from the "Contact us" page of his website. Below is a copy of the e-mail that he wrote (The e-mail has not been edited in any way. I only changed the name of the website owner to John and his surname to Doe, to protect his identity).
"Dear John Doe,
Please forgive my using this means to reach you but I cant think of any other way of letting you know the urgent matter at hand. I acted as personal attorney to the (late) Engr. M.A. Doe, who lived and worked here for more than twenty years as a major contractor and businessman.
On the 18th of Novermber 2004 he and his wife and only daughter were involved in an automobile accident while visiting a neighboring country on vacation. They were buried two weeks after and I have exhausted all means of reaching who may have been related to them. This has been made more difficult because no mention was made of any relative while he was alive.
To the best of my knowledge, before his death, he had an investment deposit totalling more than Eighteen Million Five hundred thousand United States Dollars($US18.500.000.00) with the major bank here and now they have asked me to provide a next of kin if there is, or the estate will then revert to the government and so it would be lost.
My proposal is that you allow to be presented for this role so that documentation can be processed and payment made in your favour. This is a project which will see us partner to realise. I would be willing for us to discuss terms of participation in order to protect our various interests.
I want to assure you right away that I have positioned this deal to not last for more that two weeks. I shall be willing to discuss futher on this if write back or send to me your direct telephone number so we can discuss in the type of confidential atmosphere which this matter requires.
Awaiting your immediate response.
Ferdinand Traore (Esq).
Traore Chambers & Associates,
Rue Du Commerce Avenue B.P.120,
Lome-Togo"
You can easily be drawn into this e-mail because at first glance you may think it is a relative who died. If this happens, the scammer achieved his first goal, to get your attention. If he has your attention he can play with your mind. The plot is simple, a lawyer contacts you in search of a next of kin for a deceased person who has the same last name as yours, very convenient don't you think? The deceased person was loaded with cash, making the proposal very attractive to the unwary victim.
You may argue that there is nothing special to this e-mail, besides the fact that he addressed the victim directly on his name and not via the generic "Dear sir/madam" introduction. Furthermore the spelling and grammar is horrible, so it is easy to spot the scam in this e-mail. It is a classic inheritance scam e-mail, with the promise of a ridiculously large sum of money. Ferdinand sent the e-mail from ferdinandtraore.4to1957@yahoo.co.uk but the victim had to reply to ferdinandtraore.tgo1957@yahoo.co.uk, another common characteristic found in 419-scam e-mails. All the signs are there, so what is so special about this specific e-mail?
It is not the e-mail that's unique, but the methods used by the scammer to collect information about the victim. A closer look at the visitor statistics of this website revealed a visit from Togo, with the same IP address (41.207.162.4) as the one found in the e-mail header. So there was no doubt about the identity of this visitor, it was most definitely our friend Ferdinand Traore (oops did I forget to add the "Esq" suffix after your name? Sorry Ferdinand). The traffic came from a Google search for a specific surname, in this case not the surname of the website owner, but a surname that appeared on one of his web pages.
The scammer appended "co.za" to the search string, which tells me he was looking for South African websites (or South African website owners). He also placed "2007" in front of the surname. Why? Websites contain copyright notices, often followed by the name of the website designer. Most copyright notices contains a year and active websites change this number each year, some web designers do this via a script and others do it by hand. The scammer was probably looking for websites containing a 2007 copyright notice. This would certainly keep the search results fresh and minimise the risk of using outdated contact information.
In the previous article I mentioned a 419 scammer who targeted American citizens using specific e-mail services like Yahoo! and AOL. This scammer searched for the latest contact details of certain South African website owners. I'm sure they expand these searches to other countries as well, but one thing is for certain, they are using specific contact information to send targeted and relevant e-mails to possible victims. Later today someone else reported a scam e-mail, with the exact same plot. Once again the scammer knew the name and surname of the victim and addressed him accordingly. The victim of this e-mail was a job seeker who posted his resume on several online recruitment websites. So the scammers are using several online resources to harvest personal information about their victims.
E-mails addressing you personally are no longer a guarantee that it came from a trustworthy source. The fact that the sender knows your name and last name does not necessarily mean that he legitimately obtained this information or that he has legitimate intentions. People should look deeper into the e-mail for other obvious signs exposing the true nature of the e-mail. I mentioned a couple of common characteristics earlier in this article that will help you to identify other e-mails just like this one. But not all these characteristics are present in every e-mail scam, making it hard to define a single set of rules that will apply to all e-mail scams. Common sense is the only true weapon that's dynamic enough to adapt to the different methods used by e-mail scammers today.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops. Visit our 419 Scams page for more information about 419 scams and different 419 scam examples. Stay up to date with the latest in cyber security, by subscribing to our cyber security related RSS Feeds.
Thursday, October 18, 2007
419 Scammers Using Google Search to Find New Victims
By Coenraad De Beer
I've heard of phishing scammers using Google Maps to reveal the location of a victim, but I haven't heard of scammers using Goole Search to find the e-mail addresses of possible prospects for advance fee fraud. However I was surprised to find such a search last week when I browsed through the visitor statistics of cybertopcops.com.
419 Scammers are starting to use technology more often to swindle innocent victims. We see advanced and professionally designed e-mails and websites, clever social engineering skills and scam e-mails targeted at specific people. That was probably the aim of the scammer who used Google Search to find Yahoo! and AOL e-mail addresses of people in the USA, who are desperately in need of funds. Yes the exact search string used by this scammer was "email address of people in the usa that are in need of fund @yahoo or aol mail". The scammer landed on our Lottery Scams page where we refer to the fact that scammers often use Yahoo! and AOL e-mail accounts to distribute fraudulent e-mails. We recently made some changes to this page and as a result it's no longer appearing in the results for this specific search string.
A couple of things immediately caught my attention when I stumbled across this visit. The visitor was from Nigeria, with the IP address 196.1.179.153, one that is often involved in e-mail scams and spamming. His/her Internet service provider was Nitel, the principal telecommunications company in Nigeria. What struck me the most was the search string used by this visitor. Did the scammer really think he/she would find the e-mail address of a US citizen, looking for funds on the Internet, using a Yahoo! or AOL e-mail address and on top of that, leaving it on the web for anyone to use? It's like going to Amazon, hoping to find specials on 419 Scam Victims, or having a victim delivered to you on a silver tray. But is a search like this, really that far-fetched?
If you browse through the results of this search, you will find quite a couple of e-mail addresses, lying around for advance fee fraud scammers to use as they please. A couple of interesting theories came to mind when I analysed the search string.
I understand that it is hard to base solid theories on a single incident, so these are only a couple of possibilities from a personal point of view. 419 scammers send e-mails to many countries, not just America, they send e-mails to Gmail and other e-mail accounts, not just Yahoo! and AOL and they send e-mails in bulk, like a spammer with a shotgun approach, they often have no idea who the recipients would be.
What can we learn through this behaviour? Do not post your personal e-mail address in any public area on the web. Do not reveal your financial status on the web. Scammers will use this to their advantage. If they have your e-mail address in their possession and at the same time know about your financial problems, then they can send you a highly targeted and convincing e-mail, putting them in the right place at the right time. I still think it was wishful thinking by the scammer to do such a narrow search, hoping to find a victim that fits this profile. However, this scammer inadvertently revealed one of their harvesting methods, so lets take the necessary precautions and make it harder for scammers to find new victims.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud, raising awareness about online scams and assisting users in the removal of malicious software.
I've heard of phishing scammers using Google Maps to reveal the location of a victim, but I haven't heard of scammers using Goole Search to find the e-mail addresses of possible prospects for advance fee fraud. However I was surprised to find such a search last week when I browsed through the visitor statistics of cybertopcops.com.
419 Scammers are starting to use technology more often to swindle innocent victims. We see advanced and professionally designed e-mails and websites, clever social engineering skills and scam e-mails targeted at specific people. That was probably the aim of the scammer who used Google Search to find Yahoo! and AOL e-mail addresses of people in the USA, who are desperately in need of funds. Yes the exact search string used by this scammer was "email address of people in the usa that are in need of fund @yahoo or aol mail". The scammer landed on our Lottery Scams page where we refer to the fact that scammers often use Yahoo! and AOL e-mail accounts to distribute fraudulent e-mails. We recently made some changes to this page and as a result it's no longer appearing in the results for this specific search string.
A couple of things immediately caught my attention when I stumbled across this visit. The visitor was from Nigeria, with the IP address 196.1.179.153, one that is often involved in e-mail scams and spamming. His/her Internet service provider was Nitel, the principal telecommunications company in Nigeria. What struck me the most was the search string used by this visitor. Did the scammer really think he/she would find the e-mail address of a US citizen, looking for funds on the Internet, using a Yahoo! or AOL e-mail address and on top of that, leaving it on the web for anyone to use? It's like going to Amazon, hoping to find specials on 419 Scam Victims, or having a victim delivered to you on a silver tray. But is a search like this, really that far-fetched?
If you browse through the results of this search, you will find quite a couple of e-mail addresses, lying around for advance fee fraud scammers to use as they please. A couple of interesting theories came to mind when I analysed the search string.
- 419 scammers are targeting people living in the United States. Why? Perhaps they have a better success rate with Americans;
- They prefer people using the e-mail services of Yahoo! and AOL. Why? The spam filter of Yahoo! and AOL is not as effective as Gmail's and it is probably easier for scammers to get through to people who use these e-mail services. Also note that the scammer did not look for Hotmail e-mail addresses. According to 419eater.com, some scammers do not like to converse with Hotmail users; and
- They specifically target people in need of financial assistance. Why? People with severe financial problems are often desperate and will do anything to improve their financial position. 419 scammers exploit this desperation, making it easier to convince these victims.
I understand that it is hard to base solid theories on a single incident, so these are only a couple of possibilities from a personal point of view. 419 scammers send e-mails to many countries, not just America, they send e-mails to Gmail and other e-mail accounts, not just Yahoo! and AOL and they send e-mails in bulk, like a spammer with a shotgun approach, they often have no idea who the recipients would be.
What can we learn through this behaviour? Do not post your personal e-mail address in any public area on the web. Do not reveal your financial status on the web. Scammers will use this to their advantage. If they have your e-mail address in their possession and at the same time know about your financial problems, then they can send you a highly targeted and convincing e-mail, putting them in the right place at the right time. I still think it was wishful thinking by the scammer to do such a narrow search, hoping to find a victim that fits this profile. However, this scammer inadvertently revealed one of their harvesting methods, so lets take the necessary precautions and make it harder for scammers to find new victims.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud, raising awareness about online scams and assisting users in the removal of malicious software.
Monday, September 24, 2007
PC Security DIY Part I: Malware - The Most Wanted Cyber Criminal
By Coenraad De Beer
More or less 3 weeks ago, several anti-scammer websites fell victim to DDoS (Distributed Denial of Service) attacks by the Storm botnet. The comments made on blogs and news sites about these attacks, made it clear once again that cyber security experts are well aware of the dangers of malware infections, which are the backbone of any botnet, as well as the impact these infections have on the online industry. The fact that security experts realise these problems is all good and well, but it does not really help addressing the problem. Normal computer users need to understand the implications of malware infections as well, but more importantly, they have to carry the consequences of their actions if they refuse to take appropriate preventative measures against malware.
Before we start, I would like to explain a couple of terms to users not familiar with DDoS attacks and botnets. A botnet is a network of software robots controlled remotely by crackers. A software robot in this specific case is a compromised computer, infected with specific malware types like Trojan horses and worms. A compromised computer is also called a "zombie computer". A botnet is therefore a collection of compromised or "zombie" computers. I am not going into the details of a DDoS attack, but a Denial of Service attack basically happens when a botnet sends thousands, even millions, of communication requests to a web server. This results in a bottleneck of incoming traffic, causing the server to crash, or making it so slow that it cannot serve the website to normal visitors anymore. An attack from a big botnet will therefore have a much larger impact on a web server than an attack from a smaller botnet. Okay, now that we have the jargon out of the way, lets delve deeper into the impact of malware infections on the Internet as a whole, but also for the individual Internet user.
The Internet is often referred to as the information superhighway. Off course the Internet as we know it today, is much more than just an information superhighway, the Internet has become a digital world where many offline tasks can be done online as well. You can work, play, recruit, date, shop, chat, watch TV, listen radio and do many other things online. But for the sake of this article I will stick to the term information superhighway, because the rules of the road fit perfectly in with what I want to illustrate. According to Wikipedia, it is estimated that up to one quarter of all personal computers connected to the Internet, are part of a botnet. This estimate is not that hard to believe, I will even go so far to say that this figure may even be bigger than a quarter of the Internet's population, especially if you take into account the rate at which malware infections spread through the Internet. Ignorance plays a big role in malware infections, but don't leave negligence out of the equation. If it only stopped at ignorance and negligence, large and influential companies are able to address the problem, but they are unwilling to sacrifice profit for the safety of other Internet users.
Internet Service providers are in pole position to address the increasing threat of malware infections, the one thing that's making botnets grow larger and larger by the day. Unfortunately they are only interested in making money instead of providing a safe and quality service to their loyal and honest customers. No they would rather keep the clients distributing malware, sending out spam or taking part in Denial of Service attacks, because it means loss of revenue for them if they decide to suspend the services or terminate the accounts of these clients. Most ISPs will state in their Terms of Service that they do not tolerate this kind of behaviour, but it is only done to make them look great on paper, they seldom enforce these terms. John Masters, anti-spam activist and a dedicated supporter of Cyber Top Cops, sent me an e-mail the other day, suggesting that we should roll out penalties against people who use unprotected computers connected to the Internet. Although I realise the difficulty of getting something like this into place, I personally think it is a great idea and I wholeheartedly agree, but before we start to punish the user, start with the ISP for not taking action against the user.
It makes a lot of sense to fine people who use unprotected computers on the Internet. This is why I referred to the information superhighway earlier in this article. The Internet can be compared to a real highway, where several road safety rules apply. Driving on a highway with a vehicle that's not roadworthy does not only put your own safety at risk, but also the safety of other road users. If a traffic officer pulls you off the road and find that your vehicle is not roadworthy, you will most probably receive a fine (unless you bribe the traffic officer). If you continue to drive like this you may end up with a suspended driver's licence. The same principle applies to computer security. If you use an unprotected computer on the Internet you're not only putting your own safety at risk, but the safety of other Internet users as well. If your ISP becomes aware of the fact that you're connecting to the Internet without appropriate, up to date anti-malware software installed on your computer, you are supposed to be fined for putting the safety of all other Internet users at risk. They should suspend your services if you continue to connect to the Internet with an unprotected computer.
Your computer may be distributing malware, sending out spam, phishing e-mails and advance fee fraud scams. Your computer may even be used in Denial of Service attacks. So you end up becoming an accomplice in Internet crime. You unknowingly become a spammer, a scammer or a malware distributor. By using an unprotected computer you contribute to cyber crime instead of fighting it. That's not all, the malware may be monitoring your keystrokes, capturing everything you type, stealing passwords, e-mail addresses, account numbers, social security numbers, credit card numbers, names, telephone numbers, physical addresses... can you see where I'm going with this? These programs are able to compile a complete profile about yourself, this information is then transmitted back to the operator of the malware, who may use it to commit fraud in your name, in other words steal your identity. The perpetrator may even clean out your bank account, open credit cards or take out loans in your name and guess who is going to receive the bills at the end of the month, you!
What are the practical implications of implementing a penalty system for reckless Internet users? First of all, the ISP needs to have solid evidence, proving that the guilty party was really using an unprotected computer. Secondly, if the user had anti-malware software installed on his/her computer, the ISP needs to prove that the software was outdated. Finally, if the user had up to date anti-malware software installed, the ISP needs to prove that the software was not appropriate for preventing malware infections. This means that anti-malware software needs to comply with certain safety standards before they can be accepted as approved anti-malware solutions. This will effectively force all anti-malware developers to put their software through specific tests, conducted by a computer security standards authority. This will also cause anti-malware application prices to rise, which may pull the plug on the development of free anti-malware solutions, unless the developers certify these free applications as well. The ISP should use special software to check whether these approved anti-malware applications are installed on the client's computer. The software should send out several warnings to the clients who do not comply with these standards, giving them a reasonable amount of time to attend to the problems and providing detailed instructions on how to resolve them. Access to the Internet should only be terminated if the user fails to respond to these warnings.
Many people might ask, how should I update my anti-malware application if my Internet access is terminated? Your Internet access should only be terminated if you fail to respond to the warning notifications sent to you. If you end up with a terminated Internet access account, it means you ignored the notifications and you should have thought about the implications of your actions before you decided to ignore them. Other may claim that they are computer illiterate and cannot install software or keep them up to date. Most anti-malware applications update themselves and it does not take a rocket scientist to install them. With most of these installations you simply need to click on the "Next" button until you see a "Finish" button. If you can surf the Internet, then I'm sure you know how to click a button. I understand that not every Internet user is a computer expert, so if you find it difficult to install software, join an online forum like BleepingComputer.com, GeeksToGo.com or TechGuy.org and ask for assistance. It is extremely important to secure your computer before it gets infected with malware.
I just painted a pretty grim picture, didn't I? The burden placed on Internet Service Providers to check up on clients, to prove that clients are using unprotected computers, to penalise those who disobey the rules and to close down the accounts of regular offenders. Then there is the problem of high anti-malware prices and no more free anti-malware solutions for the people who cannot afford expensive anti-malware protection. But this is where the Internet is heading if we do not take action now. Online fraud is causing consumers to loose confidence in Internet shopping. Phishing scams are making users afraid of signing up for Internet banking services. People are weary of online payment and trading services like PayPal and eBay, no matter how safe they claim to be. Spammers are stealing bandwidth and the Internet user have to cough up for the costs. Expensive hardware and software is needed to fend off Denial of Service attacks. Malware is at the root of all these problems. It is the biggest contributor to cyber crime and eliminating malware is like removing a species from the food chain. This will be a big blow to spam and bot networks, resulting in less spam and phishing scams, fewer Denial of Service attacks and fewer stolen identities, passwords and credit card numbers. All the money saved through proper prevention of malware, including malware related problems like spam and Denial of Service attacks, can be utilised to build better protection against malware and assist companies to continue the development of free anti-malware solutions for home users.
So what is the bottom line? Internet Service Providers need to take responsibility for their networks. Customers are paying for Internet access, free from spam and malware attacks. It is the responsibility of the ISP to keep spam and malware infections within acceptable limits. Proper legislation needs to be put into place and governments need to take action against ISPs if they allow these threats to rise beyond acceptable limits. How do ISPs keep these threats within acceptable limits? Listen to the complaints sent through to your abuse departments, stop ignoring them, terminate the services of regular offenders and publish these actions for everyone to see. Make examples of those who do not want to listen and soon enough you will have people sticking to the rules. People will continue to do what they want if they know there is no punishment for their wrongdoing.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, providers of free malware removal assistance and helpful Internet security tips for the novice user. In the next instalment of the PC Security DIY article series, we will look at the foundation of Internet Security, using a secure browser and e-mail client and getting into safe browsing and e-mail reading habits.
More or less 3 weeks ago, several anti-scammer websites fell victim to DDoS (Distributed Denial of Service) attacks by the Storm botnet. The comments made on blogs and news sites about these attacks, made it clear once again that cyber security experts are well aware of the dangers of malware infections, which are the backbone of any botnet, as well as the impact these infections have on the online industry. The fact that security experts realise these problems is all good and well, but it does not really help addressing the problem. Normal computer users need to understand the implications of malware infections as well, but more importantly, they have to carry the consequences of their actions if they refuse to take appropriate preventative measures against malware.
Before we start, I would like to explain a couple of terms to users not familiar with DDoS attacks and botnets. A botnet is a network of software robots controlled remotely by crackers. A software robot in this specific case is a compromised computer, infected with specific malware types like Trojan horses and worms. A compromised computer is also called a "zombie computer". A botnet is therefore a collection of compromised or "zombie" computers. I am not going into the details of a DDoS attack, but a Denial of Service attack basically happens when a botnet sends thousands, even millions, of communication requests to a web server. This results in a bottleneck of incoming traffic, causing the server to crash, or making it so slow that it cannot serve the website to normal visitors anymore. An attack from a big botnet will therefore have a much larger impact on a web server than an attack from a smaller botnet. Okay, now that we have the jargon out of the way, lets delve deeper into the impact of malware infections on the Internet as a whole, but also for the individual Internet user.
The Internet is often referred to as the information superhighway. Off course the Internet as we know it today, is much more than just an information superhighway, the Internet has become a digital world where many offline tasks can be done online as well. You can work, play, recruit, date, shop, chat, watch TV, listen radio and do many other things online. But for the sake of this article I will stick to the term information superhighway, because the rules of the road fit perfectly in with what I want to illustrate. According to Wikipedia, it is estimated that up to one quarter of all personal computers connected to the Internet, are part of a botnet. This estimate is not that hard to believe, I will even go so far to say that this figure may even be bigger than a quarter of the Internet's population, especially if you take into account the rate at which malware infections spread through the Internet. Ignorance plays a big role in malware infections, but don't leave negligence out of the equation. If it only stopped at ignorance and negligence, large and influential companies are able to address the problem, but they are unwilling to sacrifice profit for the safety of other Internet users.
Internet Service providers are in pole position to address the increasing threat of malware infections, the one thing that's making botnets grow larger and larger by the day. Unfortunately they are only interested in making money instead of providing a safe and quality service to their loyal and honest customers. No they would rather keep the clients distributing malware, sending out spam or taking part in Denial of Service attacks, because it means loss of revenue for them if they decide to suspend the services or terminate the accounts of these clients. Most ISPs will state in their Terms of Service that they do not tolerate this kind of behaviour, but it is only done to make them look great on paper, they seldom enforce these terms. John Masters, anti-spam activist and a dedicated supporter of Cyber Top Cops, sent me an e-mail the other day, suggesting that we should roll out penalties against people who use unprotected computers connected to the Internet. Although I realise the difficulty of getting something like this into place, I personally think it is a great idea and I wholeheartedly agree, but before we start to punish the user, start with the ISP for not taking action against the user.
It makes a lot of sense to fine people who use unprotected computers on the Internet. This is why I referred to the information superhighway earlier in this article. The Internet can be compared to a real highway, where several road safety rules apply. Driving on a highway with a vehicle that's not roadworthy does not only put your own safety at risk, but also the safety of other road users. If a traffic officer pulls you off the road and find that your vehicle is not roadworthy, you will most probably receive a fine (unless you bribe the traffic officer). If you continue to drive like this you may end up with a suspended driver's licence. The same principle applies to computer security. If you use an unprotected computer on the Internet you're not only putting your own safety at risk, but the safety of other Internet users as well. If your ISP becomes aware of the fact that you're connecting to the Internet without appropriate, up to date anti-malware software installed on your computer, you are supposed to be fined for putting the safety of all other Internet users at risk. They should suspend your services if you continue to connect to the Internet with an unprotected computer.
Your computer may be distributing malware, sending out spam, phishing e-mails and advance fee fraud scams. Your computer may even be used in Denial of Service attacks. So you end up becoming an accomplice in Internet crime. You unknowingly become a spammer, a scammer or a malware distributor. By using an unprotected computer you contribute to cyber crime instead of fighting it. That's not all, the malware may be monitoring your keystrokes, capturing everything you type, stealing passwords, e-mail addresses, account numbers, social security numbers, credit card numbers, names, telephone numbers, physical addresses... can you see where I'm going with this? These programs are able to compile a complete profile about yourself, this information is then transmitted back to the operator of the malware, who may use it to commit fraud in your name, in other words steal your identity. The perpetrator may even clean out your bank account, open credit cards or take out loans in your name and guess who is going to receive the bills at the end of the month, you!
What are the practical implications of implementing a penalty system for reckless Internet users? First of all, the ISP needs to have solid evidence, proving that the guilty party was really using an unprotected computer. Secondly, if the user had anti-malware software installed on his/her computer, the ISP needs to prove that the software was outdated. Finally, if the user had up to date anti-malware software installed, the ISP needs to prove that the software was not appropriate for preventing malware infections. This means that anti-malware software needs to comply with certain safety standards before they can be accepted as approved anti-malware solutions. This will effectively force all anti-malware developers to put their software through specific tests, conducted by a computer security standards authority. This will also cause anti-malware application prices to rise, which may pull the plug on the development of free anti-malware solutions, unless the developers certify these free applications as well. The ISP should use special software to check whether these approved anti-malware applications are installed on the client's computer. The software should send out several warnings to the clients who do not comply with these standards, giving them a reasonable amount of time to attend to the problems and providing detailed instructions on how to resolve them. Access to the Internet should only be terminated if the user fails to respond to these warnings.
Many people might ask, how should I update my anti-malware application if my Internet access is terminated? Your Internet access should only be terminated if you fail to respond to the warning notifications sent to you. If you end up with a terminated Internet access account, it means you ignored the notifications and you should have thought about the implications of your actions before you decided to ignore them. Other may claim that they are computer illiterate and cannot install software or keep them up to date. Most anti-malware applications update themselves and it does not take a rocket scientist to install them. With most of these installations you simply need to click on the "Next" button until you see a "Finish" button. If you can surf the Internet, then I'm sure you know how to click a button. I understand that not every Internet user is a computer expert, so if you find it difficult to install software, join an online forum like BleepingComputer.com, GeeksToGo.com or TechGuy.org and ask for assistance. It is extremely important to secure your computer before it gets infected with malware.
I just painted a pretty grim picture, didn't I? The burden placed on Internet Service Providers to check up on clients, to prove that clients are using unprotected computers, to penalise those who disobey the rules and to close down the accounts of regular offenders. Then there is the problem of high anti-malware prices and no more free anti-malware solutions for the people who cannot afford expensive anti-malware protection. But this is where the Internet is heading if we do not take action now. Online fraud is causing consumers to loose confidence in Internet shopping. Phishing scams are making users afraid of signing up for Internet banking services. People are weary of online payment and trading services like PayPal and eBay, no matter how safe they claim to be. Spammers are stealing bandwidth and the Internet user have to cough up for the costs. Expensive hardware and software is needed to fend off Denial of Service attacks. Malware is at the root of all these problems. It is the biggest contributor to cyber crime and eliminating malware is like removing a species from the food chain. This will be a big blow to spam and bot networks, resulting in less spam and phishing scams, fewer Denial of Service attacks and fewer stolen identities, passwords and credit card numbers. All the money saved through proper prevention of malware, including malware related problems like spam and Denial of Service attacks, can be utilised to build better protection against malware and assist companies to continue the development of free anti-malware solutions for home users.
So what is the bottom line? Internet Service Providers need to take responsibility for their networks. Customers are paying for Internet access, free from spam and malware attacks. It is the responsibility of the ISP to keep spam and malware infections within acceptable limits. Proper legislation needs to be put into place and governments need to take action against ISPs if they allow these threats to rise beyond acceptable limits. How do ISPs keep these threats within acceptable limits? Listen to the complaints sent through to your abuse departments, stop ignoring them, terminate the services of regular offenders and publish these actions for everyone to see. Make examples of those who do not want to listen and soon enough you will have people sticking to the rules. People will continue to do what they want if they know there is no punishment for their wrongdoing.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, providers of free malware removal assistance and helpful Internet security tips for the novice user. In the next instalment of the PC Security DIY article series, we will look at the foundation of Internet Security, using a secure browser and e-mail client and getting into safe browsing and e-mail reading habits.
Subscribe to:
Posts (Atom)
