The new law aims to close a number of loopholes in preceding anti-fraud legislation, which the Government said was unsuited to modern fraud. Until now there has been no single, general fraud law in English law, but an untidy mess of eight specific statutory crimes, such as 'obtaining property by deception,' and a vague common law offence of 'conspiracy to defraud'. Scotland does have a common law crime of fraud, committed when someone achieves a practical result by a false pretence.
No, you're not imagining things. You have been getting a lot of spam lately. That's because digital miscreants are using contaminated images and stealthy malware to unleash unsolicited email at unprecedented levels, according to new research from San Carlos, Calif.-based Postini Inc. and UK-based Sophos. Attackers use these tactics to hijack computers and turn them into spam relays, often without the user's knowledge. "Bot activity is the major driver here," said Daniel Druker, Postini's executive vice president of marketing. "Bot-infected machines become part of these zombie PC armies that are used to push out spam."
Everybody's seen it by now. Spam is up like gangbusters in the last few months. And not just in volume; a lot more of it is getting through filtering mechanisms that had previously been pretty reliable. It's an aggravating and depressing situation. A number of factors have contributed to the situation, and what they all have in common, unfortunately, is that spammers are getting much more sophisticated.
Your organization has a computer and Internet use policy. Fine. It’s been reviewed by corporate counsel, approved by senior management, and implemented over the years. The policy is comprehensive - it includes policies on expectations of privacy, employee monitoring, and the ownership of corporate electronic assets. Now, during the course of an internal investigation, you want to read an employees' e-mail, examine the contents of his company-supplied computer, and review his telephone calls made on the company-owned cell phone. You are all set, right? Umm... not so fast. A pair of recent cases in the United States raise the fundamental question, "do you have a reasonable expectation of privacy at the workplace?" In the United States at least, most people confronted with this question would answer a resounding no, right? I mean, the company policy makes it clear that the computer and network are company property, and that we shouldn’t expect any privacy there.
More than 20 FBI offices are said to have been involved in the investigation into the global identity theft ring, which is claimed to have carried out a phishing attack against a major financial institution between August and October 2004.
Source: Big Brother.com - Posted by Benjamin D. Thomas
UK citizens will be tracked by RFID tags embedded in their clothes and have their movements monitored by unmanned "flying eyes in the sky" using facial recognition systems within 10 years, the nation's data protection watchdog has claimed.
In a new report entitled A Surveillance Society, information commissioner Richard Thomas predicts a world in 2016 where technology is extensively and routinely used to track and record people's activities and movements.
Source: Institute For Infocomm Research - Posted by Eric Lubow
Networking researchers and engineers rely on network packet traces for understanding network behavior, developing models, and evaluating network performance. Although the bulk of published packet traces implement a form of address anonymization to hide sensitive in-
formation, it has been unclear if such anonymization techniques are sufficient to address the privacy concerns of users and organizations. In this paper we attempt to quantify the risks of publishing anonymized packet traces. In particular, we examine whether statistical identification techniques can be used to uncover the identities of users and their surfing activities from anonymized packet traces. Our results show that such techniques can be used by any Web server that is itself present in the packet trace and has sufficient resources to map out and keep track of the content of popular Web sites to obtain information on the network-wide browsing behavior of its clients. Furthermore, we discuss how scan sequences identified in the trace can easily reveal the mapping from anonymized to real IP addresses.
The word spam comes from a gag in a comedy series in which all the dishes in a restaurant include a brand of canned luncheon meat called spam as the main ingredient. By way of comparison, this term started being used to describe the huge number of unwanted messages received by any email account. Although it is not usual, spam may contain viruses or other malicious codes, or email addresses which lead to web pages equipped to download programs in an unauthorized manner. This was presumably the method used by the famous worm Sobig.F which was granted the title “the fastest spreading virus in computer history.”
Latest data indicates that one in every 204 e-mail messages contains a virus, and that 99 percent of viruses enter companies via SMTP mail or HTTP web-browsing. And its not just viruses that cause problems. For example, the SQL Slammer worm hit thousands of servers around the world, exploiting buffer overflow vulnerability and causing denial of services in SQL servers which resulted in losses estimated, according to Computer Economics, at 705 million euros. Due to the increasing sophistication of Internet-borne threats, Panda Software proposes a layered protection strategy in which the Internet gateway plays a vital role, as is the strategic network point used to send and receive e-mails, all type of content... and 99 percent of viruses.
Source: SecurityFocus - Posted by Benjamin D. Thomas
Contactless credit cards, which allow data to be read without swiping through a reader, pose a serious privacy and security risk because some information is not stored encrypted, according to a paper written by five university and industry researchers.
The researchers claim that nearly 20 million radio-frequency identification (RFID) credit cards in circulation today could be vulnerable to skimming attacks, which could harvest names and credit-card details from the cards of passers-by. A skimming attack uses a normal reader, or one that has been enhanced to read cards from a greater distance, to grab unencrypted data from the card.
