Phishing:An examples and prevention methods

Phishing is a crime technique to steal the identity of a target company to get the identities of its customers (by turban e-electronic commerce 2008 a managerial perspective) It is also recognized as a scam.

An Example of phishing is an eBay phishing email such as the eBay logo, the attacker attempts to gain authority. In the purporting email warns the victim that there is a billing incorrect may have been made on the account and urges the eBay victim to login
and confirm the charges.

Besides that, another example is Citibank phishing. The attacker will trick the victims by instructed them to visit a fake website and enter personal financial details for their confirmation shake of security online banking. The attacker will then use to disturb the very security and integrity they claim to be protecting.

Prevention Methods is if there is a suspicious email received that instructs you to login to any account for any reason should be viewed with suspicion, users should report and send it to the US Federal Trade Commission at spam@uce.gov or you can just click the “Report As Junk” button on your email program. Or verify the authenticity of the email by call the bank or commerce site to seek for confirmation. However, scammers may use phone number to trick victims in the suspicious email as well.

There are few ways to prevent from attacked by phishing such as using Phishing Filters,
Look for online websites for known phishing sites,try to avoid for any suspicious emails asking for private information which you feel unsecured.Phishing Filter helps identify and warn about possible phishing scams. There are ways that these can be used such as

Built-in filters.It built into the browser and scan web addresses and pages for characteristics that are known as phishing scams and also will warn the users if any sites visited are found disbelieving.Other than that, , according to Microsoft Online service is the most triumphant phishing sites appear and disappear in 24-48 hours. These services provide up-to-the-hour information about reported phishing Web sites.

Reference;

http://antivirus.about.com/od/securitytips/a/stopphish.htm

www.cwu.edu/~balea/page5.html

How to safeguard our personal and financial data?

Nowadays, computer and internet are very common to everyone. We will rely on computer to save our personal data and using online financial services to do financial transactions such as online purchases or online banking in order to safe time. Before we do any financial transaction in the website, we need to register to become a member to fill in some personal information. The information is including name, date of birth, gender, address, telephone, e-mail address, occupation and interests. “Personal Financial Information” means any record containing a customer of a financial institution, whether in paper, electronic, or another form, that is handled by behalf of the institution or its affiliates.

But, is it security to protect consumer avoid embezzled by other people? Therefore, there are some ways I suggest to safeguard our personal and financial data.

1. Use strong password or pass-phrase to protect your access data. When using the computer, password plays an important role to many aspects. We do not reveal any personal information or particularly passwords to anyone. After using any of the Financial Data Center or member services, must remember to log out properly before leaving the Financial Data Center. Besides that, if share information with another users or use our services on a public computer such as in a public library, school computer lab or Internet cafe, must remember to close the browser window. That is to prevent other users from reading your personal information and mail. Besides that, we also need to avoid using passwords that are easy for someone to guess, such as the your personal identity card numbers. Then, it is also strongly suggested to change regularly and different passwords make to different accounts.

2. Install and update antispyware and antivirus programs. To safeguard our personal and financial data, we can install an antivirus program such as Symantec and Norton antivirus, AVG antivirus or other more in order to protect ourselves against viruses and Trojan horses that may steal or modify the data on our own computer. Besides that, we always need to make sure our antispyware and antivirus programs is up to date.

3. Install a firewall. Firewall can also prevent the unswanted data coming into computer and unauthorized data leaving from computer. Most new computers come with firewalls integrated into their operating systems. If we have an older computer or using dial-up, then we may need to buy a firewall separately and install it ourselves.

4. Regularly scan your computer for spyware. Spyware or adware hidden in software programs may affect the performance of your computer and give attackers access to our data. Use a justifiable anti-spyware program to scan our computer and remove any of the infected files.

5. Avoid unused software programs. We need to always make sure that we do not clutter our computer with unnecessary software programs. If there have programs on our computer that we do not use, consider uninstalling them.

6. Use separate local or network accounts. By using separate accounts, individuals can be assigned very specific access rights and privileges. Using separate accounts with differing access levels limits the potential for accidental or malicious data exposure.


7. Identify where the data is stored. When we need to store any sensitive or confidential data temporarily on a memory stick, laptop, or other device, remove that data from the device when we have finished, and ensure that data has been completely erased and not just deleted.

References:

http://www.msisac.org/awareness/news/2007-03.cfm

http://finance.yahoo.com/banking-budgeting/article/103893/Six-Ways-to-Safeguard-Your-Online-Assets

The Application of 3rd Party Certification Programme In Malaysia

VeriSign is the most trusted mark on the Internet of the 3rd party certification programme.
VeriSign secures more than one million Web servers worldwide, more than any other Certificate Authority. The world’s 40 largest banks and over 93% of Fortune 500 companies choose VeriSign SSL Certificates.
Over 75% of Web sites using Extended Validation SSL choose VeriSign, including biggest names in e-commerce and banking. Over 90,000 domains in 145 countries display the VeriSign Secured Seal, the most recognized trust mark on the Internet.

Benefits

VeriSign offers the strongest SSL encryption
High-level encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That’s over a trillion times a trillion times stronger.
Only True 128-bit SSL Certificates with Server Gated Cryptography (SGC) enable every site visitor to experience the strongest SSL encryption available to them.

VeriSign is the leading SSL provider of SGC-enabled SSL Certificates, enabling 128- or 256-bit encryption for over 99.9% of Internet users.

VeriSign is the leading SSL Certificate Authority
It makes it easy to keep track of all your SSL Certificates and maintain the security of your online services with VeriSign® Certificate Center, a single-point control online management portal. If you already have a SSL certificate, Verisign also offers payment processing solutions. You will need a merchant account in addition to these solutions. You will also need to have a shopping cart that will integrate with Verisign. When you use the Verisign payment processing gateway, you are ensuring that your customer’s information will not be stolen while they are being redirected to your merchant account processing system. The payment processing solutions all offer the ability to use the Verisign Seal on your website.

VeriSign helped lead the development of Extended Validation to give Web site visitors a visible sign of trust and security in the browser bar on high security browsers.

The threat of online security: How safe is our data?

Online security is any kind of protection when using the Internet. Online security is important because the Internet is not a safe place unless we have adequate protection against the many varieties of threats that exist in cyberspace. The best form of online security is to install software from security vendors. There are several levels of online security software, that includes antivirus, antispyware, and firewall components to a comprehensive online security suite that includes anti spam and anti phishing features.

However, there are also some threat of online security which include accidental actions, malicious attacks and online fraud.

Accidental actions contribute to a large number of computer security risks. This category encompasses problems arising from basic lack of knowledge about online security concepts and includes issues such as poor password choices, accidental business transactions, accidental disclosure, and outdated software.

Attacks that specifically aim to do harm are known as malicious attacks. They can be further broken down into attacks caused by malicious code and those caused by intentional misrepresentation. Some examples of malicious attacks is computer viruses, data theft, and Denial of Service (DOS) attacks. The most common form of malicious code is a computer virus which is a program of code that replicates by attaching copies of itself to other programs. Denial of service attacks is another form of malicious code, are carefully crafted and executed. Denial of Service Attacks are not new, but they are growing in difficulty. Traditional DOS attacks usually involve one computer attacking another, but the use of multiple computers in a highly organized attack is becoming increasingly common.

Online fraud is a broad term covering Internet transactions that involve falsified information. Identity theft is a major form of online fraud. Personal identity theft on the Internet is the newest form of fraud that has been witnessed in traditional settings for many years. For example, in traditional settings, thieves open credit card accounts with a victim's name, address and social security number, or bank accounts using false identification. In the online world, electronic commerce information can be intercepted as a result of vulnerabilities in computer security. Data theft is the term used to describe not only the theft of information but also unauthorized perusal or manipulation of private data.

References:

http://www.jvexchange.com/antifraud/

How to safeguard ourpersonal and financial data

Nowadays, there are number of cases that personal data has been lost, compromised or stolen. For example a theft of a laptop from a Federal employee’s home enclosed personal data involving 26.5 million veterans.

Therefore, users should be fully alert to make sure that they do not fall becoming the next victim of cyber fraud. There are few steps for safety online that should be needed to examine.

1. Install and update antispyware and antivirus programs. Every user should have regular updates of existing antispyware.Nowadays there are numerous application vendors and even Microsoft offers users for regular updates. Symantec and Norton antivirus are well demanded for antivirus protection.

2. Install a firewall. It is a software program which allows authorized personal to access into their personal data. Major computers do come with firewall which it’s already integrated in the operating systems. A DSL or a cable modem is much preferred because they have another built-in firewall. For those old PCs or dial up users, you may need to purchase and install it.

3. Avoid accessing financial information in public. Think twice before even logging on to check your bank balance in a coffee shop which provides WiFi access although they’re convenient yet they are unknown. Without this, hackers or crackers could easily access their personal info without them knowing it.

4. Update your browser. Regularly update your browser could help plug up and enhance security holes so…. Make it a habit.

5. Look for "locks." Look for a small padlock icon on the lower right corner of window browser as it indicates that the website is a secure page to be log on. Also, the web address should be “https”.

6. Don't open mystery attachments. Do not click or even open an attachment sent by unknown party or user as they could contain viruses and wares that can harm or even links that lead to unsuspecting site which they’ll ask to input financial information.

reference;
http://us.i1.yimg.com/us.yimg.com/i/us/fi/gr/market_watch

E-Com Failure & Its Causes

Webvan was founded in the heyday of the dot-com boom in the late 1990s by Louis Borders, who also co-founded the Borders bookstore in 1971. Webvan's original investors included Goldman Sachs and Yahoo!, who encouraged it to rapidly build its own infrastructure (the first-mover advantage strategy popularized by Amazon.com) to deliver groceries in a number of cities.Some journalists and analysts blamed this serious error of judgment on the fact that none of Webvan's senior executives (or major investors) had any management experience in the supermarket industry, including its CEO George Shaheen who had resigned as head of Andersen Consulting (now Accenture), a management consulting firm, to join the venture.
Webvan tried to embrace a total customer satisfaction model involving a 30 minute window delivery without considering that many working customers would like their groceries delivered at home at night.
While Webvan was popular, the money spent on infrastructure far exceeded sales growth, and the company eventually ran out of money. For example: Webvan placed a $1 billion (USD) order with engineering company Bechtel to build its warehouses, bought a fleet of delivery trucks, purchased 30 Sun Microsystems Enterprise 4500 servers, dozens of Compaq ProLiant computers and several Cisco Systems model 7513 and 7507 routers, as well as more than 80 21-inch ViewSonic color monitors and at least 115 Herman Miller Aeron chairs (at over $800 each).

Why did they fail?
What are the patterns and warning signs? How can we detect the warning signs
in organizations before it is too late?
Four Explanations
behaviors that lead to failure:
1. Executive Mindset Failures - Breakdowns in how
executives perceive reality for their companies
2. Delusions of a Dream Company - How people
within an organization face up to their reality
3. Lost Signals - How information and control
systems in the organization are mismanaged
4. Patterns of Unsuccessful Executive Habits - How
organizational leaders adopt unsuccessful behaviors
As part of its shutdown process, all non-perishable food was donated to local food banks. Webvan's legacy consists of thousands of colored plastic shipping bins for groceries that are still sitting in customers' basements and closets, and a lucrative severance package for ex-CEO Shaheen

Benefits & Limitations Of E-Commerce

Benefits Of Ecommerce
E Commerce is one of the most important facets of the Internet to have emerged in the recent times. Ecommerce or electronic commerce involves carrying out business over the Internet with the assistance of computers, which are linked to each other forming a network. To be specific ecommerce would be buying and selling of goods and services and transfer of funds through digital communications.
Ecommerce allows people to carry out businesses without the barriers of time or distance. One can log on to the Internet at any point of time, be it day or night and purchase or sell anything one desires at a single click of the mouse.
The direct cost-of-sale for an order taken from a web site is lower than through traditional means (retail, paper based), as there is no human interaction during the on-line electronic purchase order process. Also, electronic selling virtually eliminates processing errors, as well as being faster and more convenient for the visitor.
Ecommerce is ideal for niche products. Customers for such products are usually few. But in the vast market place i.e. the Internet, even niche products could generate viable volumes.
Another important benefit of Ecommerce is that it is the cheapest means of doing business. The day-to-day pressures of the marketplace have played their part in reducing the opportunities for companies to invest in improving their competitive position. A mature market, increased competitions have all reduced the amount of money available to invest. If the selling price cannot be increased and the manufactured cost cannot be decreased then the difference can be in the way the business is carried out. Ecommerce has provided the solution by decimating the costs, which are incurred.
From the buyer’s perspective also ecommerce offers a lot of tangible advantages.
1.Reduction in buyer’s sorting out time.
2.Better buyer descisions
3.Less time is spent in resolving invoice and order discrepancies.
4.Increased opportunities for buying alternative products.

Limitations of e-Commerce (e-Business) - you should understand some of the limitations and be able to explain these to a potential client because not everyone is convinced the internet will be a major way to conduct business - example TV has been around for a long time - but only a small percentage of all companies advertize on TV !!

Technical Limitations
Costs of a technological solution .Some protocols are not standardized around the world so its effects the reliability for certain processes
Insufficient telecommunications bandwidth .The software tools are not fixed but constantly evolving (ie. Netscape 3,4,4.7,4.75 etc.) integrating digital and non-digital sales and production information access limitations of dial-up, cable, ISDN, wireless
some vendors require certain software to show features on their pages, which is not common in the standard browser used by the majority
Difficulty in integrating e-Commerce infrastructure with current organizational IT systems

Non-Technical Limitations .
1.Customer fear of personal information being used wrongly privacy issues
2.It affects the security and privacy and is cause vulnerability to fraud and other crimes
3.Users might have lack of trust afraid the information being unsecure