The SmartSwipe Online Security, Shopping and Technology Blog

While I have been following online scams for quite awhile, every once in a while, I read about one that makes my blood boil. Yesterday, I heard about a phishing scam that made me pretty angry and today, I got enough confirmation to write an article about it.

There is a phishing email going around right now that says that people who were vaccinated against H1N1 have to go to the Centers for Disease Control and Prevention's (CDC) web site to create a "Personal H1N1 Vaccination Profile". And, when people click on the link to create their profile, they are directed to a site which will steal their personal health information and (in some cases) try to infect their computers with malicious software.

Once upon a time, there existed this little lovely town called Cybera. People in Cybera were using open source systems happily while having trust in those systems as they could see all what is happening to their precious data. But one day, the big ugly Googa monster came into Cybera with a very very open source platform called ComatOSe. Cybera's wise guys sat together and went through the ComatOSe source code. Here is what they found there:

And here is how the wise guys changed the ComatOSe:

And then they asked all Cybera people not to use it! Why? Because the ugly Googa monster was so strong that he could break any "encrypt" function and he could also filter any noise added. Not mentioning he could monitor all the onion activities too!

Alright, I do not really know how you would feel when you read in the news something like this: "ALIBI: Facebook Status Update Saves Teen from Jail". Would such a news increase your trust in a justice system? Though, this had happened in the US court system which does not surprise me at all. I wonder if any courts in other countries would fall for such an "alibi"! This makes me so disappointed, reading news about either how someone got convicted in a trial based on cyber-evidences or got away with something based on a cyber-alibi! I believe, the application of cyber-evidences by people who are not qualified for cyber-prosecution could completely compromise a justice system. I am not against using cyber-evidences in right shape and form. What concerns me is seeing that this new field of prosecution is being very badly misused. Just enough to say that if this type of prosecution is acceptable in a court system, then in that system, we can demonstrate the truth of the biggest lies! I guess I am going to study a bit about the theory of evidence and then I might be back with a more scientific blog on this matter.

Yep! It seems like I am going to kick it for a bit without my pseudo-identity. Into the wild! Now, the only thing I need to do is to find a magic bus. Chris McCandless chose to gave them all up, but I did not have a choice. So, here I roll pseudo-identity-less!

In my last article, I touched on Washington State's Computer Spyware Act. That piece of legislation immediately caught my interest, so I decided to research it further and share the results of my research with all of our readers. Needless to say, I am definitely a fan of this kind of legislation. As I wrote in my last article, "Detailed, on-point legislation like this is a necessary first step for combating cyber-crime. It is a huge step up from the maze of fraud charges and consumer protection statutes that some jurisdictions must navigate to shut down cyber-criminals."

Now that I have had a chance to read the entire act, I think I am even a bigger fan of this piece of legislation. Simply put, it is tough legislation that is built around 21st century crime. And, the more I read it, the more I realize that it is flexible enough to adapt to the next phase of cybercrime.

On October 19, 2009, Symantec released its Report on Rogue Security Software. This report is very short (under 50 pages), yet it is full of extremely useful information on the rise of scareware. As well, Symantec's web site (linked to above) has a huge amount of supplementary information on scareware.

We have been talking about scareware since Daniel McCann's second post on the SmartSwipe blog. So, the facts that scareware is booming and that it is one of the most unethical scams in an internet that is full of scams should not be new.

I was just reading RSA's latest online fraud report yesterday. One very [very] interesting thing in this fraud report and similar ones is that the amount of information in them which cyber-criminals can use for their business development is crazy. Information is the most powerful tool for these criminals. Any tiny bit of information especially the ones you find in these types of reports, help them significantly to plan their future attacks in a way more efficient way. Getting feedback on the success of attacks on different geographical locations, effectiveness of different techniques on different targets, also finding information on strengths and weaknesses of competitors, are what a business development department in a cyber-crime organization would enjoy [a lot]. Sometimes, I wonder how long it takes till we see the first cyber-crime stock market online. Maybe that day we realize how vulnerable our information infrastructure is.

I have always been a huge Star Wars fan. When I was in kindergarten, I decided that I was going to be a Jedi when I 'grew up'. Quickly realizing that the force was not strong in me, I got quite interested in astronomy and, at one point, badly wanted to become an astronaut.

As I grew, my dreams changed - I got bitten by the writing bug and devoted much of my teens and twenties to learning how to craft words. But, while I never actually pursued my dreams of becoming an astronaut, I still consider myself something of a space nerd. So, I eagerly seek out and digest every bit of astronomy related news that I am lucky enough to hear about.