Exercise 2.4 online Identity and your state of presence
Dick Hardt! what an interesting presentation he put forth. It was funny and enjoyable to watch. Dick commented on how we have many persona's (usernames and passwords) which in itself can lead to us loosing our identity. That there is too much information moving around about you without that information being checked as to whether you want that information to go to a paricular third party.
I feel that he was trying to tell me that if we all take his advice and use his security system we will be safe.
I feel that he was trying to tell me that if we all take his advice and use his security system we will be safe. 
Phishing according to Wikipedia, the free encyclopedia, "is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication."
Users are tricked into entering their details into a website that looks and feels like the real site they wanted to visit. Phishing was first used in 1996.
Below is an example of an ebay phishing example set to people it looks legitimate. This information was retrieved (30th August 2009) from http://www.privacyrights.org/ar/phishing.htm#examples.org/ar/phishing.htm#example
Subject:
eBay Account Verification
Date:
Fri, 20 Jun 2003 07:38:39 -0700
From:
"eBay"
Reply-To:
accounts@ebay.com
To:
Dear eBay member, As part of our continuing commitment to protect your account and to reduce the instance of fraud on our website, we are undertaking a period review of our member accounts. You are requested to visit our site by following the link given below http://81.180.59.10/index.htm Please fill in the required information. This is required for us to continue to offer you a safe and risk free environment to send and receive money online, and maintain the eBay Experience. Thank you Accounts Management As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.
Copyright © 1995-2003 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy .
eBay Account Verification
Date:
Fri, 20 Jun 2003 07:38:39 -0700
From:
"eBay"
Reply-To:
accounts@ebay.com
To:
Dear eBay member, As part of our continuing commitment to protect your account and to reduce the instance of fraud on our website, we are undertaking a period review of our member accounts. You are requested to visit our site by following the link given below http://81.180.59.10/index.htm Please fill in the required information. This is required for us to continue to offer you a safe and risk free environment to send and receive money online, and maintain the eBay Experience. Thank you Accounts Management As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.
Copyright © 1995-2003 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy .
Pharming
Pharming is according to wikipedia, the free encyclopedia, an attack "aimed to redirect a websites traffic to another, bogus website". It aims to capture usernames and passwords. In the example opposite main window has the correct address but the smaller window does not. The customer may feel confident with this site as two windows opened, also notice there is no https:// on the new window that has opened. This example comes from:
The site suggests you ignore the opened window and type in the address in a new window of your own making.
Privacy invasion
Privacy invasion is the lawful surveillance of a persons dwelling. James Otis in 1761 stated that "A Man's House is his Castle" and gave an impassioned speech about upholding the right of privacy when he refused to enforce the new policy which allowed customs collectors to search a merchant's establishment.
With this there has been a number of successful cases against privacy invasion;
- http://www.itnews.com.au/News/107675,google-sued-for-street-view-privacy-invasion.aspx A Pennsylvania couple are suing Google for posting pictures of their hoe on Google Street View...
- http://www.zdnet.com.au/news/security/soa/Email-snooping-seen-as-privacy-invasion/0,130061744,120218854,00.htm Email snooping seen as privacy invasion.
The above image came from: http://www.cartoonstock.com/newscartoons/cartoonists/mbc/lowres/mbcn574l.jpgIdentity Theft
Identity theft is a type of fraud which involves stealing money or gaining other benefits by pretending to be someone you aren't. Your identity can be stolen by people accessing information about you through rubbish you have disposed of (dumpster diving) or by lossing your purse or wallet. What a mine of readily available information those items have. Also through the use of emails, as seen in this example below.
Following are examples of scams collected by the Identity Theft Resource Center. These are copies of the actual text as received via email on some of our own “lure” email addresses.
ITRC was given permission by the Red Cross to publish details of this scam.
New Scam Targeting Military Spouses
National Headquarters2025 E Street, N.W.Washington, DC 20006http://www.redcross.org/Contact: Devorah GoldburgPhone: (202) 303-4461goldburgd@usa.redcross.org Washington, Tuesday, May 29, 2007 — The American Red Cross has learned about a new scam targeting military families. This scam takes the form of false information to military families as described below:
The caller (young-sounding, American accent) calls a military spouse and identifies herself as a representative from the Red Cross. The caller states that the spouse's husband (not identified by name) was hurt while on duty in Iraq and was med-evacuated to a hospital in Germany. The caller stated they couldn't start treatment until paperwork was accomplished, and that in order to start the paperwork they needed the spouse to verify her husband's social security number and date of birth. In this case, the spouse was quick to catch on and she did not provide any information to the caller.
In 2007 8.4 million Americans reported identity theft
http://www.bankofstanly.com/bos/p/security/identity-theft-examples.html
http://www.bankofstanly.com/bos/p/security/identity-theft-examples.html
No comments:
Post a Comment