Scams

The Price that Facebook has to Pay

4 August 2008 By Saran

Facebook and other popular social networking sites today have another thing to consider and this is concerned with the security risks that they may become susceptible with. Bear in mind, one thing that hackers and malicious-minded geeks want to do is to test the mettle of successful sites and Facebook happens to be one of them today.

Such a task is something that has to be addressed by successful developing companies such as Facebook. With a growing network and rising popularity, hackers and scammers pry on their success to be popular as well. But knowing how much developers have invested in these sites, you can almost be assured that they have thought of that. But considering the level of security is another thing since it only takes one minor flaw to make life a living hell for online and social networking sites.

We have seen sites in the past encounter such problems. While it would be best to avoid waiting to be another victim, Facebook and other social networking sites would do well to make sure they don’t limit their investment in this aspect. After earning millions from successful sponsorships and adsense earnings, the least they can do is put a portion of these earnings into site security.

Social networking sites such as Facebook, MySpace and LinkedIn are fast emerging as some of the most fertile grounds for malicious software, identity thieves and online mischief-makers. And while some of the talks given here at Black Hat, one of the larger hacker conferences in the country, would probably make most people want to avoid the sites altogether, it turns out that staying off these networks may not be the safest option, either.

Source

Financial Institutions – Prime Phishing Targets

22 March 2008 By Saran

Banks and other financial institutions are the most attacked institutions in the world which accounts for millions in losses according to RSA, one of the IT Industry’s leading security firms. The rise has been foreseen and predicted for many years yet banks are simply not taking it too seriously. Phishing involves the leeching of client information from bank networks for use in scams and fraud. This type of attack sits next to identity fraud and credit card fraud as the most expensive financial loss generators for the banking industry. The phishing attacks target mostly US based firms with the UK ranking second. Many countries are following as targets for phishing by hackers who aim to use the information they obtain for personal gains.
The banking industry is considered to be one of the most secure and IT dependent industries in the world but the diversity and sheer number of attacks is taking its toll on their systems prompting them to take notice. Credit Card fraud alone accounts for billions in losses worldwide that is suffered by financial institutions adding to that the newer types of attacks making it an IT Security Managers worst nightmare. In Europe, Germany is hailed to be the financial hub in the region yet it has managed to repel attacks which isn’t the same with it’s other neighboring countries. More strict legislation might be needed to deter criminals who now opt to use computers rather than a gun which is safer and involves less effort.
The Credit card Fraud problem is being addressed by the implementation of PCI DSS which is to secure and prevent hackers from getting card customer information while it is in transit over the network. The attacks now focus on more public domain which is the internet through social networks which is where most phishing attacks usually occur.

New Email Scam

13 December 2007 By Saran

A new twist into the old email scam books, the fraudulent scam that asks for money from unsuspecting friends and acquaintances listed in your address books. True, many have been victimized by the said ploy wherein people gain access to your address book and sending out email that solicits cash funds to be wired to a location somewhere around the world. The scam began in Africa when a journalist began receiving unexpected calls and email regarding his misfortune in the African continent where he was supposedly on vacation and stuck in a hotel without any cash funds or other form of identification.

The incident used Yahoo which the perpetrator has broken into and taken the liberty of obtaining all the names and email addresses contained in the popular email facility service’s files. These addresses were then sent fake email messages telling the unfortunate story of you getting into misfortune somewhere and that you are in dire need of cash which you are supposed to pay back as soon as you return from the said trip ending the ordeal. It is a fake emergency message though and there have been many reports of similar cases happening using all the email services around. How the thieves got into the address book getting the necessary information is still a mystery and the guy who reported it first (who happens to be in the journalism business) had to go through a long process of getting all the account information from yahoo through phone after a lengthy conversation to prove that he was actually who he claimed to be. So, people be alert for the said scam and be sure to verify all incidents with the senders as well as alert all members of the family and your friends of such crazy behavior.