According to the Internet Crime Complaint Center (IC3), cyber crime was up in 2008, and if the first few months of 2009 is anything to go by, this trend is not only continuing, it is accelerating.
As the country slides into recession, early indicators for 2009—February to March 2009—shows an additional 50% increase in reported Internet fraud complaints.
“These numbers are shocking, but given that the vast majority of incidents go unreported, the threat of identification theft is actually much more serious than even these figures would lead us to believe,” says Justin Yurek, President of ID Watchdog, Inc. Common wisdom says that only one cyber crime in seven—or about fifteen percent—is actually reported.
Internet fraud includes everything from bogus sales on auction sites such as eBay and classified sites like craigslist.com, to smaller scale version of the Ponzi scheme perpetrated by disgraced New York financier Bernard Madoff.
As an example, a scam recently surfaced via e-mails that masquerade as originating from the FBI and other federal agencies seeking the recipient’s bank account information in order to “help with illegal wire transfer investigations.” Sweet.
The Recession Impact
Many observers put the continued surge in cyber crime down to the recession, and for several reasons.
As reported by the TechArena Forum , McAfee for one, in their annual McAfee Virtual Criminology Report—which examines emerging global cyber security trends, with input from leading academics, criminal lawyers, law enforcement authorities and security experts across the world—identified the following challenges:
The Cyber Credit Crunch — The cyber criminal is now trying to cash in on consumer anxiety to profit from old-fashioned “get rich quick” scams.
Meaning, that there are now people who voluntarily sign up to add malicious code to their websites, lured by the promise of easy money. At the same time, desperate job seekers are being recruited as “money mules” to launder cybercriminal gains under the guise of “international sales representatives” or “shipping managers.”
In addition, with the economic downturn driving more people to the web to seek the best deals, opportunities for cybercriminals to attack are on the rise as people are more easily drawn in.
Governments are distracted — As governments grow more and more preoccupied with the economic downturn, their fight against cyber crime slides down their agenda, inviting more and more audacious individuals onto the cyber crime field.
The Cybercop Shortage — It is a known fact that police forces on the cyber crime front line often lack the specialist skills required to effectively fight these criminals.
Furthermore, the lack of dedicated and ongoing training, sufficient remuneration, or even a clear career path, is causing cyber crime specialists to be lured into the more lucrative private sector or even into underground economies.
Criminality Concealed — Eastern Europe, Russia and China have become key safe havens for cybercriminals while Brazil has become one of the fastest growing scapegoat countries for cybercrime. Traffic is often re-routed (and often via Brazil) as a decoy causing considerable misdirection in the origin of attacks.
Information Silo — While law enforcement is bound to physical national boundaries, cybercriminals are free to cooperate across borders.
Law enforcement communication between countries remains inconsistent and limited. Local issues and priorities take precedence over global efforts and international laws are being implemented with regional variations that impede the ability to negotiate jurisdiction and extradition between countries.
This is an environment that plays right into the hands of the cyber criminal, much to the frustration of cyber police.
Microsoft’s Take
As reported by RedOrbit Microsoft shares McAfee’s view that the global recession could prove to be a starting point for an influx of more cyber criminals seeking to use their computer skills to earn extra money.
“Today these (cyber) attacks are no longer about vandalism, they are about cash,” says Roger Halbheer, Microsoft’s chief security advisor for Europe, the Middle East and Africa.
“Cyber crime has gone from cool to cash. And this will definitely grow in the future,” he told AFP (Agence France-Presse) during a recent international conference on terrorism and cyber security in Spain. “At the moment we are still at the cool side. But I’m expecting it to move to the cash side.”
He then went on to add that it is, “one of the things that scare me about the economic downturn because I expect cyber crime to grow.”
Also, the current economic crisis is causing a large number of layoffs, many of them from tech firms, meaning that more and more computer experts will have a lot of time on their hands, but no money. Tempting.
Fixing any and all security issues in software, does not solve the problem for, “Unfortunately the bad guys don’t give up and go away. Instead they increasingly focus on crimes of deception that prey on human vulnerabilities rather than software vulnerabilities.”
A Law Enforcement Perspective
Lt. Rocky Costa, who until recently headed up the Southern California High Technology Task Force agrees. “In fact, law enforcement has always seen a rise in all sorts of theft crimes when the economy goes south. The crooks look to fraud as the best way to separate folks from their money. People are most vulnerable when money is tight and they are looking to save their homes, savings, retirements, and often, their families.
“They become easy prey to the con-artist who has no sense of right and wrong, but knows how to capitalize on human weaknesses. You see the con artist makes a living studying people and their behaviors. They know their success rate will increase as the economy tumbles and/or the recession climbs. Since a vast number of folks use technology daily, it is only natural to expect technology to be another weakness and another method for exploitation.
“Historically, the number of street robberies goes up, along with shoplifting, and burglaries as the money becomes scarcer. Although we have not yet seen these increases at the lab, we fully expect them. However, with the current economy, even government must begin to cut back. When they do, technology based crimes slide down the priority list in favor of these more visible types of theft.
“People need to stay vigilant in the face is despair, holding onto their values and good judgment will be the only way they will be able to fully protect what they have left, until we all see around the corner.”
A Call to Action During the opening keynote at RSA Conference 2009 Art Coviello, President of RSA, The Security Division of EMC, cautioned that the global cyber-threat continues to escalate and online fraudsters are more organized, collaborative and effective than ever. He addressed major forces such as the economy and emerging technologies that are driving the information security industry to evolve and adapt—and how these forces provide an opportunity for “inventive collaboration” to effectively restructure the information infrastructure.
“To combat the cybercriminals requires far more purposeful collaboration on the part of the industry and a strong security ecosystem built around a common development process focused on risk,” said Coviello. “Today’s security technologies are applied as independent applications cluttering the information landscape and leaving perilous gaps of risk.”
Coviello cited three major forces driving the information security industry to evolve and adapt, including:
• the challenge posed by the criminal threat;
• the demand upon enterprises and governments to achieve unprecedented levels of productivity to restore value to the faltering economy; and
• the opportunity to rethink the approach to security based upon emerging technologies and trends such as virtualization, cloud computing and social networking.
According to Coviello, “We must embrace a common development process that allows us to create a more secure infrastructure today. Then with an eye on the future we can ensure that the new technical infrastructure is designed around that process, rather than forcing a process around a collection of technologies.
“We must develop a stronger and healthier ecosystem than the fraudsters and ensure the fluid and frictionless exchange of information on which our global economy depends. It’s not about changing the game; it’s about winning the game,” said Coviello.
Educating the Individual
However, it does not matter of safe our hardware and software becomes, if the individual citizen, desperate for money—and reaching for digital straws, as it were—believes that perhaps this Nigerian Prince really does exist and really does want to spit his $2 Million 50/50 if only he were to help him.
And by the same token, scouring the Internet for the best deal, and finding some that are (in fact) too good to be true, he may pounce on them, not only losing his money in the process, but also his credit card number and other private information.
The same holds true for many “work-at-home” opportunities that only require a small $300 payment for the material you will need to make “thousands a week from your kitchen.” You’ve seen them. Well, as often as not, you will not even receive the material, and by the time you’ve wised up, your card has been charged, your money gone.
The time to wise up is now.
Internet Commerce Made Safe
As we all know, at least during some of our more rational moments—the “too good to be true” deal is often precisely that. But that is not to say that there are no good deals out there. In fact, the Internet is probably the marketplace that to a large extent will pull the economy out of its slump, precisely because it is replete with good deals and true opportunities.
But how to tell the good from the bad?
According to the IC3, the best way to guard against Internet facilitated scams is to stay informed. Keeping informed of the latest scams on the Internet may enable Internet users to recognize and report these scams instead of losing money or their identity information in one of them. To learn about the latest scams, they recommend periodically checking the IC3, FBI, and the FTC websites for the latest updates.
Additionally, the IC3 and its partners have launched a public website, “www.lookstoogoodtobetrue.com,” which briefs the consumer about various consumer alerts, tips, and fraud trends. Pay it a visit. Make it a habit.
Also, when it comes to online auctions, and the potential of non-delivery of goods that you’ve paid for, the IC3 makes these specific recommendations:
• Make sure you are purchasing merchandise from a reputable source. As with auction fraud, check the reputation of the seller whenever possible, including the Better Business Bureau.
• Try to obtain a physical address rather than merely a post office box and a phone number. Also, call the seller to see if the number is correct and working.
• Send them an e-mail to see if they have an active e-mail address. Be cautious of sellers who use free e-mail services where a credit card was not required to open the account.
• Investigate other websites regarding this person/company. Do not judge a person/company by their fancy website; thoroughly check the person/company out.
• Be cautious when responding to special offers (especially through unsolicited e-mail).
• Be cautious when dealing with individuals/companies from outside your own country. Remember the laws of different countries might pose issues if a problem arises with your transaction.
• Inquire about returns and warranties on all items.
• The safest way to purchase items via the Internet is by credit card because you can often dispute the charges if something is wrong. Also, consider utilizing an escrow or alternate payment service after conducting thorough research on the escrow service.
• Make sure the website is secure when you electronically send your credit card numbers.
Bona Fide vs. Fraudulent Online Escrow Companies
If you have found a good online deal and are now ready to purchase, it would serve you very well to take IC3’s recommendation and engage an online escrow service.
The problem is that while there are several bona fide online escrow sites, they are nowhere near as many as there are fraudulent ones.
So, how can you be sure that the escrow company you’re considering using is in fact what it says it is?
You must research it. First, do a WHOIS search on the domain. This will show you how long the site has been up, where it is being hosted, how many times the site has been taken down. These are clues. If it smells fishy at all to you, go elsewhere.
Then Google the name of the escrow company to see what gives. This will lead you to forums and other articles. Study them well.
Then, when you have found a site that appears legitimate, travel the extra mile and take one of several additional steps:
• Firstly, while fraudulent sites can buy the necessary certificate to make it a secure site, they seldom do;
• Secondly, you can check at escrow-fraud.com to see if the site you have decided on is listed as a fraudulent site by them; they also maintain a list of bona fide sites;
• Thirdly, you can call the site’s customer service department to make sure they are based in the United States. If you have any doubts about that, ask them to call you back, and check the caller ID—if it is an international call, beware. Also, if the site does not have a customer service department, again, beware;
• Once you know that you’re talking to a U.S. based service department, ask any questions you can think of to ensure they are legitimate, such as which bank are they using for their escrow accounts, and who is their main contact at that bank (whom you can then call to verify that this online escrow company does in deed have an escrow account there);
• If the answer is a well-known American bank, and if the customer service rep can supply contact information at the bank, you are 99% there. Then, if you want to reach 100%, make that final call to the bank to rule out any vestige of doubt.
Now you have found an online escrow company you can trust; register with them and enjoy your purchase.
Escrow.com
To make your life a little easier, there is an online escrow company with the credentials to put your mind at ease.
Licensed by the state of California—as well as by the States of Idaho and Arizona, who require separate licenses—Escrow.com is the only on-line escrow company credentialed to serve every state in the Union, and who indeed does so 24/7.
While Escrow.com will handle transactions of any size, it may not make financial sense to turn to them for low cost items since their transaction fee is $25, and their commission is $63 per $1,000 value of the transaction if payment is by credit card and $32.50 per $1,000 for wire transfers.
But, if you value your sleep, Escrow.com would be indispensible for any transaction of $250 on up.
While Escrow.com is gaining increasing recognition as the Internet escrow company to turn to for peace of e-commerce mind, their staff, on a daily basis, also hunt and diligently work to shut down fraudulent impostors, which are encountered daily.
And they spring up like mushrooms, these impostors: there are days that Escrow.com staff discovers as many as ten new such sites.
The good news is that as these sites are tracked down, authorities are alerted and the sites are soon off the air.
Bay Weighs In
To quote the biggest online auction site of them all, eBay: “Pay safely – beware of fake escrow services when you consider using them to pay for your eBay item.
“For eBay transactions, you should use eBay’s only approved Escrow Company: www.escrow.com.”
Escrow.com Customers Weigh In
Zan Christensen operates a small craft mall and recently completed the sale of a domain name using Escrow.com.
“This transfer was the most convenient and easy to accomplish sale I could have imagined and hoped for, and the most pleasant surprise of how the process moved so smoothly and quickly! Other companies would do well to follow your business model—service, integrity, excellent help access and communication, and most importantly—safe!”
When asked how he came by Escrow.com, Zan says, “I went online and did some research on third party escrows, and I kept seeing over and over and over again: Escrow.com. It kept coming up in multiple discussions, and of course it is recommended by eBay and a whole bunch of domain name companies, selling companies.
“To make a long story short, after researching half a dozen other third party escrow companies and going through their websites page by page and reading thousands of paragraphs about how they operate—everybody is a little bit different—I settled with Escrow.com because I felt it was the safest and I saw that they are very structured, very organized and everything was step by step and validated and verified before the next step is processed, and it worked out great.
“And I definitely picked the right company: The ease of the interface between me and the site in setting up an account; the ease of creating a new transaction, setting out your parameters for the deal, and getting the other party to agree to them: it was so convenient.
“And fast. I received the go-ahead to transfer the name at 7:30 in the morning I had money in the 2:30 that afternoon.”
Elliot Silver buys and sells domain names, and specializes in developing GeoDomans. “Escrow.com is trusted by non-domain professional and domain professionals alike, they are easy to use, and it’s quick to do a transaction through them.”
When asked what he would recommend you do to establish Escrow.com’s credentials, Elliot said, “For one, they should know that Escrow.com is one of the very few online escrow companies that are approved to do business in California. Then I’d suggest that they Google Escrow.com—such as “Escrow.com Review” or “Escrow.com eBay”—and read the articles. That will dispel any fears.
“Also, they’ve been around for a long time, and they own the category. It is the industry-defining domain name. That’s who they are, and that is what they do. They are recommended by the biggest companies who do not handle escrow themselves. They all recommend Escrow.com as a third party.”
Escrow.com—A Soon-To-Be Household Name
As Escrow.com gains further and further recognition on its way to become a household name, it gets harder and harder for impostors to defraud the public for the excellent reason that they are not Escrow.com—the only name you know you can trust.
Here’s to good and safe Internet deals.
Ulf Wolf, based in Coeur d’Alene, Idaho, writes about cybercrime for Escrow.com.

Does your child have free access to the Internet every day? Do they love chatting? If they do, are they aware of the risks of Internet surfing? If not, then their safety is being jeopardized!

It is a common fact that the Internet is the whole world. Every day, people from all over the world access to collect information, research, or just simply to have fun. However, everything has its two sides. The Internet also caters malicious, violent, and even pornographic content that may jeopardize a child’s safety on the Internet. Yes, in the Internet you can get all the information you need, but there are a lot of people too that make bad content in the Internet. And these particular contents can be a threat to your kid’s safety on the Internet.

Never respond to suspicious mails that are being sent to your e-mail address. Tell Mommy or Daddy about these suspicious mails once you receive some of the kind. While chatting, remember to be vigilant and do not give any confidential information to anyone unless you know the person in real life. Never believe everything you see or read in the Internet, some of these might be fraud and some predators lie to children in order to have victims. Set these as Internet safety rules for kids, especially to your kids.

In order to keep the children’s privacy with Internet surfing, an option is to install child internet safety software to at least alleviate the risk of having your child as victims of criminals. Internet safety software filters out the contents that can be shown to people who search certain articles. If the software detects malicious or suspicious content, it blocks access to the web site. This gives the parents assurance that their children are safe whenever they use Internet access.

It is a parent’s responsibility to ensure that their children will grow well physically and morally. The Internet can affect the moral growth of children as they are free to be exposed in different content that the Information Highway can show them. The Internet is not a library. It is like a very big bin of information that is being put there, whether it is valuable, informative, malicious, or even violent. Internet safety for kids is a must. As suggested before, the parents can install software, brief their children about accessing the Internet and its dangers and how to deal with people they meet there, and set a few Internet surfing rules that are to be followed.

As a conclusion, it is imperative to parents to ensure their children’s safety because it is part of their parental responsibility. The Internet is a very wide place and it contains everything, both good and bad contents. Aside from that, billions of different people access it every day and put in new content in it. The Internet is forever growing and getting riskier every day. Your child is at risk, so don’t let them be in danger. This is no hyperbole. Ensure their safety online, now.

In a development on the latest scandal to rock Singapore’s corporate world, an ex-Citibank employee has been slapped with a hefty $40,000 fine for breaching bank and customer confidentiality. Valarie Lim, then a service relationship manager with Citibank, together with her superior who were both intending to ‘jump ship’ to UBS, was found guilty of retrieving confidential information from the bank’s computer database and then destroying the stolen documents in a desperate attempt to cover her tracks.

Her partner in crime Low Siok Liang had earlier been fined $173,000 on 22 similar charges, while four other employees are still being investigated.

This high-profile case which has garnered much media publicity has shocked the banking community, and brings to our attention the rise of such malicious data theft cases. In what could be a chain reaction spurred by the bleak economic situation, there has been an increase in white-collar cybercrime like staff stealing data or computer fraud. Retrenched or dismissed employees may take the opportunity to obtain valuable company information before they leave the company, especially when such information may open employment opportunities in competing firms.

In order to protect their interests, companies cannot afford to let their guard down. Fortunately, data theft or other forms of cybercrime can be verified by companies, as employees who do so inadvertently leave traces of evidence in their computers and in the cyber world, be it email communications or files exchanged.

In such cases, a computer forensics investigation will be able to expose the tracks of a breach. Through a detailed process, professional computer forensic investigators will be able to retrieve the consequential data. This could be in the form of web history, online transactions or system logs among others and could come from even physically corrupted data media, files corrupted by a virus attack or crashed hard disks. In this Citibank case, computer forensics was used to trace the two emails containing six confidential files Lim sent out to her personal e-mail account. It was even traced that she had logged into Citibank’s system to retrieve and print out information on three Citigold customers.

Companies risk too much being vulnerable to such threats. As soon as they suspect a breach, they should enlist the help of a qualified and professional computer forensics specialist to verify their suspicion. There should be NO attempts carry out any in house investigation without proper techniques and expertise. Evidence could be easily destroyed or altered by just booting up the suspected computer, as it over-writes critical information such as time-stamps.

Adroit Data Recovery Centre (ADRC) Pte Ltd is South East Asia’s leading data recovery centre equipped with the first Class 100 clean laboratory in Singapore. It is one of the few firms that is both qualified and equipped to setup, acquire and collect the digital evidence from all kinds of working or damaged media while observing the strictest process of computer forensic investigation.

ADRC’s team of qualified forensic experts is also equipped with the technical expertise of networking, system security and cryptography in order to perform a complete investigation. Moreover, ADRC is able to provide court-ready reporting of digital evidence for civil and criminal litigation through the installation of rigorous forensic methodologies in order to identify, acquire, preserve, analyze and document digital data (electronically stored information) for use as evidence in court or other legal or administrative proceedings.

Many people have been victims through the Internet. Lots of cases of different scams and crimes have been reported in various places in the world because of Internet-oriented crimes. There are numerous cases of child pornography and cyber-bullying over the past years. Indeed the Internet is getting more modern every minute. The risks and dangers are also growing, making the child’s safety on the Internet lesser.

Measures should be made to maintain the kids’ safety on the Internet. As I have mentioned earlier, child pornography is continuously growing in the World Wide Web. These kinds of crimes must be stopped and prevented. The predators are looking for victims; we should not let the worst-case scenario happen. To counter the growing Internet “crime rate”, organizations should begin in moving and devised ways to stop online crimes.

These following measures can help you in safety

One is by installing child Internet safety software. These kinds of software are available on the Internet as well. These applications block malicious content from being displayed in your child’s browser. It blocks the user from accessing certain sites that contain malicious, pornographic, and contents that are potentially harmful to your child’s moral growth. By providing your computer with these types of software it will assure your child’s safety more because it enables you to monitor his online whereabouts. It is very useful in filtering Web content against bad content.

Another option is manual way – telling your child Internet safety tips. Giving them instructions would lessen the risks of online communication. When chatting, tell your child not to give away personal information and documents to people whom you do not know in real life. When they are being cyber-bullied, and do not respond to them. Be aware that a person can remain anonymous in the Internet so it can be risky to trust a person too much in the Web. Avoid chat rooms that discuss sexual and malicious topics.

Set Internet safety rules for kids such as allotted online time, and asking permission before using the computer and accessing the Internet. Aside from assuring their safety, it also develops discipline in them. Choose Internet safety games for kids so you can be sure that the contents of the game are friendly and not malicious or violent. There are a lot of safe games being offered in the Internet which can also boost the hand-eye coordination and mental thinking without the violence and sexual themes. There are a lot of games that are safe, informative, and fun.

The Internet is a very big place. It can be compared to a huge file folder storing all information in Earth. It does not matter in the Internet if the content is good or bad for children. One must be aware, when surfing the Internet and one must know that the Internet has its risks and dangers too. A child’s safety and innocence must not be jeopardized. Certain measures must be made so that the children who are the treasures of the household, will be kept safe and far from harm.

ResolutionsMSP, a proven leader in providing global computer security solutions, has solidified itself as the most comprehensive provider of backup, data recovery and managed security platforms available today. Not only are its line of solutions revolutionary in their approach to security, but they are also assisting the next generation of businesses in achieving their cyber goals safely.

Each of ResolutionsMSP’s products uses a unique approach to security, ultimately offering the strongest protection possible against traditional security problems such as data loss, viruses, spyware and other malicious scripts. The ResolutionsMSP approach, developed by knowledgeable software architects and patented against imitators, can work with any computer or network’s operating systems or software packages. Consequently, ResolutionsMSP’s products are practical, one-stop solutions for businesses that want to stay productive and avoid preventable computer problems.

The first ResolutionsMSP product available to businesses is the ResolutionsMSP Managed Security Platform, an end-point security solution with “smart” technology that enables it to flexibly grow as desktops and servers are updated and upgraded. Benefits of the ResolutionsMSP Managed Security Platform are many and include centralized coverage reports, centralized desktop management protection, group and policy management, fault tolerance, centralized activity reports, low network bandwidth, reliable desktop protection, and automatic daily updates. As a web-based solution, ResolutionsMSP Managed Security Platform is easy to install and maintain, as it requires no special infrastructure or additional servers to operate at its full capacity.

The second ResolutionsMSP product on the market is the ResolutionsMSP Backup and Data Recovery, offering secure corporate protection against cybercrime, which is an exponentially-growing threat to companies of all sizes. Like ResolutionsMSP Managed Security Platform, ResolutionsMSP Backup and Data Recovery operates unobtrusively and requires no special maintenance. It features military-grade encryption, scheduling options and complete usability, especially beneficial to the small business without in-house IT personnel. As it operates, ResolutionsMSP Backup and Data Recovery recognizes and nullifies malicious scripts instantly and completely. This allows users of ResolutionsMSP Backup and Data Recovery to perform their computer-related responsibilities without fear of sudden crashes due to malware, spyware or adware.

The final ResolutionsMSP product is the ResolutionsMSP Suite, featuring Anti-Cybercrime 2010. The ResolutionsMSP Suite is geared toward the everyday consumer rather than the corporate customer and is wholly certified to work with Windows Vista. Other advantages of this high-end, but extremely affordable, option include hourly definition updates, on-access scanner capability, on-demand scanner capability, robust alerting, comprehensive reporting, proactive detection, complete malware protection, removal and quarantine, and easy-to-use installation. The ResolutionsMSP Suite can be used with desktops or laptops and provides individuals and families with the same patented protection of other ResolutionsMSP products at an affordable price.

Without a doubt, for consumers and businesses looking to protect their computer equipment and assets, ResolutionsMSP provides the most up-to-date solutions to avoid computer security issues. And it is ResolutionsMSP’s complete confidence, state-of-the-art technology and second-to-none reputation that have led them to earn the highest respect from peers and clientele.

For more information, please visit ResolutionsMSP.