Exids IT Solutions

Popularity: 1% [?]

I came across this interesting article today that I think you should all read:

There’s much that remains murky about a Justice Department proposal to require Internet companies to retain records detailing their users’ online activities for up to two years. But anyone who uses the Internet — and that’s just about everyone in America — ought to be concerned.

The plan was pushed by Attorney General Alberto Gonzales, FBI Director Robert Mueller and other government officials at a recent meeting with executives from AOL, Google, Microsoft and other Internet firms. It would require companies to keep data on searches, e-mail traffic and unspecified details about users’ Web habits for possible use in terrorism and child pornography investigations. It could apply to Internet firms large and small, as well as providers of Internet access, including private employers, hotels, libraries, universities and operators of wireless hotspots.

Any plan would presumably have to be approved by Congress. To date, the Justice Department has not put forward a concrete plan or draft legislation.

Making it easier for law enforcement to catch terrorists and pedophiles is a good thing. But the government’s proposal poses security risks that could outweigh benefits. And it raises serious concerns about privacy, cost and usefulness.

The proposal would require companies to store and make searchable terabytes upon terabytes of data at a cost that no one is able to forecast but that is certain to be huge. How many additional servers would a Yahoo or an AT&T have to keep? What about a mom-and-pop ISP? And who will pay for all of it?

What’s more, these large data troves are certain to become targets of hackers, identity thieves and unscrupulous insiders. As the raft of recent data breaches has shown, there are plenty of companies, organizations and government agencies that do a lousy job at securing data. Forcing them to keep more of it would put everyone at risk.

Perhaps worst of all, the proposal would create a Big Brotherish Internet where everyone’s activities are recorded for future review. Initially, only those investigating terror and child pornography cases would be able to access the data. If history is any guide, other types of crimes would eventually be added. Private litigants in divorce and other civil cases would demand access too. Before long, users could lose trust in the Internet and begin to curtail their online activities.

The government already has the authority to demand that Internet companies keep records on individuals in connection with specific investigations. And so far, law enforcement officials have not made the case why that authority is insufficient. Perhaps they should start there, before trapping all of cyberspace inside a giant net of suspicion.

The government didn’t invent the idea of data retention. Many Internet companies have been tracking and storing the activities of their users for years, giving rise to many of the same privacy concerns, security risks and consumer fears. The government’s data-retention proposal would merely exacerbate them.

To bolster privacy and public trust on the Internet, online firms should consider being much more forthcoming about what personal information they collect and store and how they use it. And as they lobby to deflect new government data-retention mandates, they should also lobby for stronger laws to protect the data they already hold.

The source of this article is: http://www.mercurynews.com/mld/mercurynews/news/opinion/14759508.htm

Popularity: 1% [?]

What goes around comes around.  Almost.  It seems that the FTC has decided enough is enough when it comes to nasty companies doing nasty things to peoples computers and blow the whistle.

The accused is Sanford Wallace, the owner of the company Smartbot.net.  He has been fingered for creating malicious software that is designed to exploit a flaw in Microsoft’s Internet Explorer web browser…  the same browser that 85% of internet users utilize.

The grounds of such a suit are that Mr. Wallace and his firm has been “installing” this software without user’s permission.  In fact, once a user has unknowingly been infected, the CDROM tray opens and a message on your screen appears that says:

“FINAL WARNING!! If your cd-rom drive’s open . . .You DESPERATELY NEED to rid your system of spyware pop-ups IMMEDIATELY! Download Spy Wiper NOW!”

Ironically (and fortunately for Mr. Wallace), his company is the sole beneficiary of the proceeds made from any purchases of Spy Wiper.  A pretty good business model when you consider that the only thing they need to get rich if for you to visit a website designed to infect you!

This type of tactic is not uncommon, in fact, it’s common place.  Since the advent of affiliate marketing, anti-spyware software companies have been happy to give up a portion of their profits to anyone who refers someone to buy them.  If you are a programmer, you have great incentive to create spyware that holds a user for ransom – ransom that will be paid in full when you buy the software recommended to remove the spyware.  Luckily, the software you recommend to remove the spyware happens to be the same software you make a chunk of money off.

The U.S. District Court judge that ordered the re-payments should take a long and hard look at this growing epidemic, and consider a more bold punishment.  A slap on the wrist is all Wallace has suffered.  The millions in profits he’s being forced to give up was never really his in the first place.  It’s like taking the loot back from a bank robbery and telling the robbers not to do it again.

Popularity: 1% [?]

I received an email from someone today claiming that I will receive a $20.00 credit to my Chase Manhattan Bank account for taking a quick 5 question survey.

Obviously this is a scam.  First of all, the type of scam being used is a Phishing scam.  There is a link in the email that I am asked to click on to be taken to the chase bank web site.  Now, at first glance when you look at the link, it appears to take you to the chase bank website, however, upon further inspection it becomes clear that the website you will be taken to is actually http://www.compexbrno.cz/~mp3/update/chase-rewarding/clients-asp/cgi/index.html.

I took a screen shot to show you this.  If you place your mouse over the hyperlink, a box opens revealing where the link really points to.

If you don’t know what phishing is, and would like to learn more about it, watch this video on how to detect a phishing scam.

This is the email I received

Dear Valued Customer,

CONGRATULATIONS !!!

You have been chosen by the Chase Manhattan Bank online department to take part in our quick and easy 5 question survey. In return we will credit $20 to your account – Just for your time!

Helping us better understand how our customers feel benefits everyone. With the information collected we can decide to direct a number of changes to improve and expand our online service.
The information you provide us is all non-sensitive and anonymous – No part of it is handed down to any third party groups.
It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.

We kindly ask you to spare two minutes of your time in taking part with this unique offer!

To Continue click on the link below:

http://www.chase.com/?CustomerID=8972347&SecureID=xjskid893oe99280-2oeujdywhhhekwod0pqlwoe0

Many Thanks and Kind Regards – Chase Manhattan Bank Customer Department

Popularity: 1% [?]

So what does it take to beat a scammer at their own game?  Many people quiver with excitement when they hear about an opportunity to stab back at people whose only purpose is to get rich off of other man kind’s misery.

Well, let me tell you, I started writing this article on how to catch a scammer, and about part way through I felt dirty.  So I stopped, and instead thought you would find more interesting in learning about ways you deal with a situation when you think you are being scammed.  Here are a few tips:

1. If possible use a public computer terminal if the matter is serious (so they cannot track your IP address)
2. Use a public email address like a hotmail or yahoo account for all correspondence.
3. Never give away personal information.  Particularly information related to anything financial, your identity, or your location of where you live.
4. Always ask for confirmation of your emails when they are sent off.  Doing this covers your tracks and can be used later down the road against them.

These are a few of many tips that can server you well if you are dealing with someone you believe may be scamming you.  If you have any questions or comments, please post the below for everyone to see.

Popularity: 1% [?]

With so many types of spyware floating around on the internet, it’s virtually impossible to own one anti-spyware program that can remove everything.  This would require software companies to spend hundreds of thousands of man hours, and more importantly, they would need to be able to analyze every infected computer on the internet which is near impossible.

So what do you do when you come across spyware, and you cannot remove the infection?  Or what if Norton Antivirus keep warning you of an infection and you just can’t make it go away?  There’s only one real solution and it involves a human – you need to remove it manually!

So what the hell does that mean?  REMOVE A VIRUS MANUALLY?

It means that you either need a geek to rip out the viruses and spyware using advanced techniques an utilities, or learn how to yourself.  If you are a tech, you immediately must pick up a copy of PCsecuritySecrets.  There’s a section dedicated to advanced removal techniques – and not using automated software.

PCsecuritySecrets walks you through a proven, 100% guaranteed fix for manually removing ANY variant of Malware, Spyware, Virus or Trojan.  You can even kill a root kit!

If you are an average computer user, you can still make use of the techniques; it requires a little time a due diligence in learning the material.  The information presented is very simple and straight forward.  It avoid technical jargon that can put you off of reading it and succeeding at eradicating the malware.

Don’t waste any more time!  Check it out here.

Popularity: 1% [?]

Here’s another sample of a fraud email sent from Mr. Lo Ping Wing.  Excuse the formatting, this is how I recieved the email. 

I am Mr.Lo Ping Wing, Bank Official of Macau Chinese bank, Macau Branch,Macau, China. I have urgent and very confidential business proposition for you. An Oil consultant/contractor with the China Petroleum and Chemical Corp. made a numbered time (Fixed) Deposit for twelve calendar months, valued at US$128,000,000.00 (One Hundred and Twenty eight Million Dollars) in my branch. Upon maturity, I sent a routine notification to his forwarding address but got no reply. After a month, we sent a reminder and finally we discovered from his contract employers that the consultant died from an automobile accident. On further investigation, I found out that he died without making a WILL, and all attempts to trace his next of kin was fruitless, and I beleive this might be due to the reasoning that he might have used a fictitous Identity to open the account.I therefore made further investigation and discovered that the consultant did not declare any kin or relations in all his official documents, including his Bank Deposit paperwork in my Bank.
This sum of US$128,000,000.00 is still sitting in my Bank and the interest is being rolled over with the principal sum at the end of each year. No one will ever come forward to claim it. According to Laws of Republic of China, at the expiration of 5 (five) years, the money will revert to the ownership of the Chinese Government if nobody applies to claim the fund. Consequently, my proposal is that I will like you as a foreigner to stand in as the next of kin to the deceased consultant so that the fruits of this old man’s labor will not get into the hands of some corrupt government officials. This is simple, I will like you to provide immediately your full names and address so that the attorney will prepare the necessary documents and affidavits that will put you in place as the next of kin. We shall employ the services of an attorney for drafting and notarization of the WILL and to obtain the necessary documents and letter of probate/administration in your favor for the transfer. A bank account in any part of the world that you will provide will then facilitate the transfer of this money to you as the beneficiary/next of kin. The money will be paid into your account for us to share in the ratio of 90% for me and 10% for you.We can recommend a Luxembourg bank where that can contact you if we send your email to them as regards opening an online account with them. There is no risk at all as all the paperwork for this transaction will be done by the attorney and my position as the Bank Official guarantees the  successful execution of this transaction. If you are interested, please reply immediately via the private email address above. Upon your response,I shall then provide you with more details and relevant documents that will help you understand the transaction. Please send me your confidential telephone and fax numbers for easy communication. Please observe utmostconfidentiality, and rest assured that this transaction would be most profitable for both of us because I shall require your assistance to invest my share in your country. Awaiting your urgent reply via my email address.
Thanks and regards.

Mr.Lo Ping Wing

Popularity: 1% [?]

Here’s an example of a phishiing email sent by WellsFargo.  For more information on phishing, visit this page.

The Fraud Email is in Italics Below:

Dear WellsFargo Customers Upgrade 2006

Due to concerns, for the safety and integrity of the wellsfargo
account we have issued this warning message.

It has come to our attention that your WellsFargo account information needs to be
updated as part of our continuing commitment to protect your account in this year 2006 and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.

Read the rest of this entry »

Popularity: 1% [?]

This is more of a reminder to myself then anything, but I’d also like to feel out if there are any “takers” on this topic.

If anyone is interested in how a spammer can verify your existence, please remind me one day to elaborate on how you can give you identity away through something as simple as opening an email.

For now, I will leave this topic alone – if anyone is interested, just post a comment and I will be sure to write about this fun little tactic spammers use in the future!

Or maybe I will just write about it when I’m not so lazy

Popularity: 1% [?]

If his client was a successful and an “accomplished family man”, why is he looking for an “extended relative” in a different country??  Maybe he was just a rich accomplished loaner that happened to have a wife, kids, but isolated them from everyone so that he could make millions as a writer under a pseodo name so that he would never have to leave his house except for the one day that the bombs went off and…  Nevermind.

Or maybe I’m just missing the whole point altogether.

Sample Fraud at it’s semi-finest – Enjoy

BERNARD CHAMBERS
305-307 Neasden Lane, Neasden
LONDON, NW10 1QR
Tel: +44-776-782-0633
Email:bernardmarissac@netscape.net

Compliments,
 
I know that this mail will come to you as a surprise, Please accept the content in good faith. I do not intend to cause any grief to you and your family. The reason for sending this mail is very fundamental to the doctrine of human privileges and right. My name is Barrister Bernard Marissa a legal practitioner with the Bernard Chambers based in London and the personal Attorney to late Mr. Richard, a national of your country who died along with his wife and two sons who died in the Tube explosion between King’s Cross-and Russell Square in London.
 

Read the rest of this entry »

Popularity: 1% [?]