Online Dating – Dangerous Ishq!


In this era of busy lifestyle, it is obvious that people have less time to dedicate to their personal lives and hence tend to become lonely. If I say that we live in the age of lonely hearts… I may not be wrong!

These lonely hearts always try to find some or the other way to escape their emptiness… With social media taking over… rather, leading the communication sector… it has proved to be the best tool and the most common way to find friends… and also that ‘special someone’.

Just like any relationship… online relationships too have their own success as well as unsuccessful stories. However, here the issue is that we begin getting closer and opening our heart to some one we never met… we don’t know at all about that person still we get in to the relationship and find a soulmate in that person… hence chances of things going wrong are comparatively more.

I consider such scams into two categories;

1. Personal

2. Cyber threats

When I talk about personal benefits, spying and money extortion tops the list. Any one who wants to spy an individual can fall in love with or make the individual fall in love online. People find this as an easy way to fool some one and earn money in the name of emotions and friendship.

I am sure many of us might have faced such situation wherein, we have met some one online who gradually becomes good friends and then at times love. Later that person may have asked for financial help stating that they are facing some unforeseen situations. Usually such online relationships are short-term though with a promise of long-term at the beginning. The intention is financial benefit. The day you deny helping such person, you do not love or rather trust that person!

As per FBI, chances of women being trapped in such romance Scams is double than men. Last year (2011) the losses reported from this type of fraud reached $50.4 million, with the average victim losing around $8,900 in the name of love. The FBI report also claims that at a rate of 15 complaints received per day, these scams saw daily reported losses of approximately $138,000, or more than $5,700 every hour.

 Most of the times, it is difficult to identify the intentions of the real people behind the fake profiles. The scam artists are innovative in terms of developing new tricks and excellent when it comes to creating characters online to run such frauds. They win trust and heart of victims and often leave them heartbroken and financially ruined.

 The second category of Online dating scams is cyber threats. With the growing cyber age… cyber terrorism, cyber espionage is on peak. Cyber criminals easily take advantage of people adapting to the online dating and relationships in order to exploit the vulnerabilities. Hackers know that in the name of love, fooling people is easy. Moreover, once the trust is won, it is easy to get access the victim’s financial information with an intention of identity theft. Such activities include less effort and help attain maximum output with zero percent physical interaction. No doubt, online dating is a billion dollar industry!

 These days online scammers have started a new scam campaign on Facebook wherein they alert you that someone has viewed your profile or has showed interest in you or has posted a message for you. Then to know more about it they ask you to click on the mentioned link (fraud). Once you click on that link, you welcome malware in your system that takes over your system by infecting it.  

 In addition, at times dating sites are hacked due to improper security measures deployed by the web site. Even if the user exercises utmost caution, the site itself may provide complete information about the member to the hackers including CC number, etc. in case the victim is a paid registered member. Recently, a military dating website – www.militarysingles.com was hacked into by hackers wherein they took confidential information such as passwords, email addresses, etc. from more than 170,000 records. 

 Moreover, in case the photographs are shared while in the online relationship, anyone can take advantage of those pictures. I hope you know about morphed images! People who fall prey of such scams not only face financial loss buy also embarrassment that is usually tragic.

 So, next time anyone who tries to find love online, always ensure of not sharing any kind of sensitive information while interacting on dating sites. Parents, especially of teens, should be cautious and ensure that the child is not getting in such practices. Remember that photographs are not the right proof to judge the genuinity of person and may not even show the real sender (scammer). There is a possibility that the love interest (scammer) of the victim may not even be the same gender that was informed at the beginning of the relationship. It is not that such scams may only happen when some one approaches to the victim. There is a possibility that the scammers may have created a profile on the dating site and then waits for a potential victim to contact them.

 At times, scammers send out random unsolicited emails stating that they are a loner or have a desire to begin a relationship in the hope that some gullible recipients will favourably respond. Many a times, such relationships also begin in chat rooms or messengers.

 Well, I know, anyone reading this may have a question in their mind – is it possible to find love online? I would say, anything is possible… however, I guess we ourselves are the better person who can think best for us! Or may be we are looking for love in wrong places!

THE CONSTANT UPWARD GRAPH OF MALWARE ATTACKS


In the recent spate in high-profile attacks, malware has been the tool of choice for hackers. 2011 seems to be a landmark year hackers with scam attacks, including the politically motivated online attacks on social networking sites like Twitter, Facebook, Android Market. These series of upsurge attacks are alarmingly the fact that nothing, rather no one is secure on internet. The World Wide Web continues to top malware infection wherein emails are a host to malicious attachments and links, while websites come in as a host to a wide variety of exploits and drive-by downloads targeting browsers and applications alike.

For online users, individuals or organizations, malware has always been a significant threat. A rapid rise is being witnessed that is more than capable of compromising, damaging or acquiring sensitive data which can either be personal or could lead to loss of intellectual property in the overall threat landscape. Statistics say that, rather than being hacked by using an exploit; IT users are more likely to be tricked into downloading malware. Hence, there is a continuous challenge in detecting and preventing such threats. Though, not all of these attacks are socially engineered, however, the technique is being used to evade security programs and is being applied to the web that increasingly triples the distribution of malware, of which 55% (Malware) is now delivered via Internet downloads, whereas only 14% is delivered through malicious emails. Which means that as there are more than a handful that don’t understand the complexity of web based threats, from a hacker’s perspective tricking users into installing malware is much preferred.

Also, the inappropriate use of SEO is on the rise. Attackers lure the users to the sites that contain the malware software and expose them to fake Anti-virus downloads, Trojans, worms and fake surveys. In addition to Search Engine Poisoning, the upturn in social networking sites makes them the prime focus of cyber criminals. As the information accessibility and services are interconnect and interdependent of each other, it opens more opportunities for more effective attacks on individuals and organisations.  The emerging Java threats due to Java plug-ins soon will be ruling the malware distribution. Also, URL Shortcut services and Location services contribute greatly in the business of malware distribution. URL Shortcut services will be witnessed.

Apart from creating new malware, Cyber-Criminals are effectively re-modifying the code of known deceased malware. A very good example would be that of the Ramnit Worm which has recently morphed into a financial malware. Moreover, there has also been an enormous increase in malicious programs accounting for at least 25% rise in fresh threats when compared to similar months in 2010. Trojans dominated the line of newly detected threats comprising of at least 70% of all newly created malicious software.

There was a whopping $114 Billion loss due to cyber crime itself cost the world last year. With over 2.9 million users falling as victims to cybercrimes, India alone stood at a loss of $7.6 Billion or Rs 36,200 crore out of which $4 Billion was the total financial loss while $3.6 Billion was the amount spent to resolve reported theft. Of the total amount reported a mere 21% of victims actually reported the crime to the police. Despite the efforts made by security vendors, only 16% had security software installed on their cell phone while 21% had on their PCs. Also, additional $274 billion was lost, based on the value victims placed on time lost due to their cyber crime experiences. More than two thirds of all adults who used the Internet more were victims of cyber crime. While most issues are more than preventable, over 54% of online users have experienced malware followed by 11% in online scams and 10% in phishing scams. In comparison to 2009 and 2010, there has been a decent increase in malware amounting to 19% in 2011.

There key reason for this increase in the cyber attacks is financial profit. Also, there been a whole automation in terms of the creation of malware due to the web attack toolkits that are growing at a rapid rate as the chosen weapon.

On the other hand, the way cyber crime is dealt by people online shown by the overall number of infected users itself signifies a defect. According to studies, in the last one year the overall number of users infected with regard to online cyber crime has tripled in comparison to offline crime. A major flaw is been noticed in the way users perceive online threats. There is a huge gap between awareness and the action that needs to be taken by IT users. Approximately, 80% of PC users are aware of cyber crime as a growing threat, however the necessary precautions are not being taken against it. At times, either the Security is outdated or the implementation of the necessary updates to protect users from complex threats id not up to the mark.

With respect to enterprises, cyber crime is increasing at an alarming rate with over $30 Billion being invested annually on corporate defences and cyber criminals are invariably being able to evade these conventional defences. In fact, even the most security conscious industries are vulnerable to online attacks such as HBGary, Epsilon, RSA and DigiNotar, Comodo– to name a few.

BEWARE! You are spied while banking on internet!


Technology has advanced to such an extent that we now trust our computers in money matters. Coincidently, more than we may trust humans!

It is observed that major internet savvy users have stopped going to bank. Right from filling the forms and online applications to transferring the cash and all the other banking formalities we have started using internet. Let me not talk about the pros of the same. We all are aware of them. However, the overshadowed cons due to favourable pros of this facility need to be brought under notice.

One of the biggest security concerns when using internet banking facility is Keyloggers. In simple words these especially creative people tracking the keys struck on a keyboard from remote, while someone is banking on internet. We might have heard people saying that they have lost money from their account or there are some unknown transactions showing on their bank accounts using their internet banking accounts. This means that their account is being hacked!

Now, a question might arise that how is this possible? This is done secretly so that the person using the keyboard is not aware that his/her actions are being spied on. Key logging can be done from hardware and software-based approaches to electromagnetic as well as acoustic analysis. With is they are able to trace the username, password of the online banking accounts. And can take advantage of that information. It is easily possible by writing simple software applications for key logging. Later, these programs can easily be distributed as a Trojan horse or as part of a virus in the network. To whom-so-ever this virus stuck, is a victim!

Here, something which is not simple for the Keylogger is to install a hidden keystroke logger without being caught and to download the data that has been logged without being traced. Usually these Keyloggers manually connect to a host machine to download logged keystrokes risks being traced. There is always a risk of sending a Trojan to a fixed e-mail address or IP address because it may expose the key logger’s identity. One of the other ways that keyloggers try is by unconditionally writing the crypto Trojan to the last few unused sectors of every writable disk that is inserted into the machine that remain marked as unused, using a USB token. And only the Trojan writer can decrypt the cipher text because only he knows the needed private decryption key.

Hence, we need an alternative to the conventional computer. In year 2008, IBM engineers invented virtual keyboard also known as laser keyboard. Its primary use is when you need to type without a physical keyboard present. It is also used as an additional safety measure from viruses, Trojan and  that might be present in the computer that logs every keystroke from the keyboard waiting for you to type in your password or credit card number. Virtual Keyboards are the best for internet banking. This online application protects your password from malicious Spyware and Trojan Programs.

Presently, there are several programs available in the market today that can be added to any desktop or laptop system to create a virtual keyboard environment. Also, it can be downloaded from internet. Once installed on your computer, it is easy to access. Some times the original keyboard (hardware) is used to active the virtual component and using mouse virtual keys can be typed. Couple of more alternative devices such as head mouse and eye mouse can also be used. Laser technology can also be used to operate the virtual keyboard.

Apart from Virtual keyboard, the other ways to have a safe banking experience online is by using Anti- Keylogger softwares, Live CD/USB, Anti-Spyware, Anti-Virus programs, Network monitors, Automatic form filler programs, One-time passwords (OTP), Security tokens, On-screen keyboards, Keystroke interference software, Speech recognition, Handwriting recognition and mouse gestures, Macro expanders/recorders and so on!

Well, the fact is that effectiveness of countermeasures varies as keyloggers use various techniques to capture data and the countermeasure needs to be effective against the particular data capture technique. Also, there are always possibilities of the Keylogger software authors updating the code to adapt to countermeasures that may have proven to be effective against them. With the increasing advanced innovations, there are more advanced versions of thefts invented…. Or Visa Versa!

The bottom line is BEWARE!

Hollywood… Forget about Bodyguards… Do you have Anti-Virus?


Celebrities are no stranger to encroachments… privacy has always been a serious issue for them… right from media to the over zealous fans to their jealous competitor costars… all seek unfettered access to their favorite stars. However,Hollywoodnow faces a new, freakish threat to their privacy!

 

After creating havoc in the top level corporations and governments, the known hacker group Anonymous is diverting its attention away towards the Hollywood’s elite. And for this they have honored themselves with a new title – HOLLYWOODLEAKS… thus has declared war on the entertainment industry!

 

Since past few days, Hollywood Leaks has been successfully accessing the private records of celebrities. They are simply facilitating the free flow of information what they find and interestingly, have no qualms about sharing it. They got access and distributed some of the precious data like the confidential script for the new Tom Cruise movie, ‘Rock of Ages’ and phone numbers of celebrities – Ashley Greene, Joey Fatone, Miley Cyrus, Lil Jon, and Mark Cuban. They even leaked Julianne Hough, the singer’s health insurance information, her cell phone number as well as her cell-phone pictures, including pictures of her with boyfriend Ryan Seacrest and even her unreleased album.

 

Eventually, they are also responsible in leaking topless pictures of VMA nominated rapper Kreayshawn and shared them with her some 300,000 odd Twitter followers. Toby Barrett’s twitter account was hacked. And recently, they hacked Gerald Butler’s e-mail address of his Gmail account along with email addresses of rappers Waka Flocka and Lloyd Banks.

 

Just like Anonymous or LulzSec, Hollywood Leaks revealed that they are in it for the Lulz – that is just for the felonious amusement atHollywood’s expense!

The group posted message to YouTube recently – “Attention Hollywood. We are Anonymous. We have been watching you. We have been listening to you. You have been allowed to run free too long. The time of Jew control media is over.” Later, the group tweeted “LOL at people calling us Anti-Semites. It’s for the LULZ.  Get over it.”

 

The hacker group has revealed that its intent is to target celebrities in Film, Television, and Music. And as we see, few top celebrities have already been targeted. The main purpose of these hack attacks seems that the hackers are looking for dirt, such as nude photos, embarrassing e-mails or memos, scripts under wraps, etc. In general, Hollywood Leaks wants to leave a trail of showbiz carnage in its wake.

 

Though it’s not the most devastating list of achievements of the group so far, however, their ominous sign-off:  “We do not forgive. We do not forget. Expect us.” … scares me a bit! I just wonder what next… rather whose next!

 

I am pretty sure thatHollywoodspin machine might be scared by now due to the Hollywood Leak’s operation and have got an idea of the hack group’s potential to wreak havoc on the industry! And it looks like they’ll continue to shake up the industry.

 

According to security experts, Hollywood Leaks have broken into these celebrities accounts may be simply by guessing some bad security questions. So dear allHollywoodmembers… stop only thinking about your physical security… Think about securing yourselves online…. A bodyguard for you online… A good Anti-Virus!

The Great Internet Robberies!


If I say that the current scenario of cyber attacks, hackers and the increasing threat to information security is very clear and dangerous, I am not wrong I guess.

These days nothing is hidden. Hackers inform well in advance about their hack attack schedules. Currently, I am waiting to know what will happen to Facebook… waiting for November 5, 2011, the day when Anonymous have claimed to target the famous social networking site- Facebook shut down!

When criminals inform about their action in advance, I feel this means that they seem to more intelligent, confident and with advanced form of knowledge than anyone else around.

Look at the havoc these cyber criminals have been successful in creating. Network infrastructure of many companies like Google, Sony, several government institutions have been compromised resulting in the loss of sensitive intellectual property. These days it seems as if every day major companies are being attacked. Rather every major company, every major institution have been penetrated. It’s difficult to pinpoint a particular person or group behind these attacks as there are so many different potential suspects to worry about – ranging from nebulous groups of hackers, to organized crime, to competing corporations, to nation-states and military agencies – and frequently even the motives for the security breaches are unclear. This leaves victims and also the investigators wondering who was behind an act and the reason behind the attacks. One thing is very much certain that cyber attacks and the vulnerabilities faced by companies as well as society (referring to social networking sites) are intensifying day-by-day and reaching pandemic levels. With this, the appropriate protection to prevent such thefts seems to be challenging.

I agree that security is always a cat-&-mouse game between hackers and security software providers. And with time, both – companies as well as hackers have grown sophisticated. Most of the security softwares are now capable of preventing basic threats, though the malware and viruses are now too sophisticated. At times, even the IT experts fall prey to cyber attacks. Interactive media is very dangerous and now as social networking is becoming the part of marketing strategy of almost each and every company, they are more likely to be victim. Millions of Botnet-infected computers are running in homes as well as businesses across the globe. Data from more than 12 million PCs including Fortune 1000 companies and 40 major banks is being compromised. The hackers not only just steal specific data or intellectual property, but take advantage of anything and everything they can access. Either hacker increasingly knows exactly what they want, while their targets often struggle to understand the threat or where it is coming from. Or attackers continue to rapidly develop new ways to access what they want, and as a result, the threats can come from anywhere. Or else, observers believe that almost everyone and every company ultimately is at risk, a result of today’s highly networked global economy and communications infrastructure.

At one end these hackers are rapidly building malware and on the other end the security experts are trying to stop attacks using the same sophisticated programming tools available. There seems to be a constant change in the boundaries between professional and private activities the network. Also, there seem to be too many different ways by which users can access information. This is resulting in increasing potential points of weakness, thus contributing to the growing vulnerability of even the most resource-rich companies.

The more hyped concept of cloud computing brings more security. More and more companies these days outsource their IT infrastructure to Internet-based utility computing models. Thus, monitoring and controlling access to information no doubt become more challenging. Risks are becoming more interdependent as we are more and more dependent on IT systems. The supply chain and telecommunication systems in business are more interconnected today than ever and everything, everywhere; all the time can not be protected.

The only way out to be on the safer side is to protect the IT infrastructure and the actual information or data that is supported by that infrastructure, whether the information is in motion, in use or in storage. Also, make sure that access of the information and services are restricted as per the specific requirement.

Risk of anything happening anytime is the current security scenario. However, we can’t just sit thinking it’s difficult and impossible to handle. As it is truly said that thinking your enemy is more powerful than you, it should not restrict you from being more prepared and strong. They only way out is keep fighting!

Previous Older Entries

%d bloggers like this: