NewsBits for September 25, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Lloyds TSB phishing scam nipped in the bud Net fraudsters have targeted Lloyds TSB customers in the latest fake email scam. Reg readers report receiving emails this week purporting to be a security check from Lloyds TSB, which are in reality attempts to trick users into handing over sensitive account information to fraudsters. Evidence suggests many copies of the fake email have been blasted out randomly to Net users using spamming software. The scam-mail invites Lloyds TSB customers to input their debit card details on a bogus site, whose URL has been cunningly disguised to resemble the real thing. http://www.theregister.co.uk/content/55/33047.html - - - - - - - - - - New 'Nigerian' Internet Scam Targeting Americans Agents at the U.S. Secret Service office in Orlando, Fla., believe a Problem Solvers investigation has uncovered a new, more sophisticated variation of the so-called "Nigerian 419 Advance Fee" scam targeting Americans who sell items over the Internet, according to Local 6 News. The variation of the "Nigerian" scam involves authentic-looking cashier's checks that are issued for high-priced items. "We are talking about very sophisticated criminals," bank security expert Laz Claro said. http://www.local6.com/technology/2503937/detail.html - - - - - - - - - - Bluffton man pleads guilty to child pornography charges A Bluffton man pleaded guilty in federal court Monday to possession and distribution of child pornography, according to the United States Attorney's Office for the District of South Carolina. Scott G. Hammett, 34, used a personal computer to download and distribute images of child porn, according to a press release sent Tuesday. The plea came during a change of plea hearing, the release said. http://www.islandpacket.com/news/briefs/story/2892800p-2664645c.html - - - - - - - - - - Scyamore man indicted on child porn charges A 54-year-old Sycamore man was indicted Tuesday on federal child pornography charges. Dennis C. Eichelberger, 456 S. California, Apt. A., is accused of possessing more than 242 pictures of child pornography and transporting child pornography across state lines via computer. http://www.kcchronicle.com/today/KCC/news/293544087086822.html - - - - - - - - - - Child Porn on Office Computer Police say 58-year-old Glenn Pusey of Bear allegedly viewed and downloaded the material on his state computer. He was arrested yesterday at his office in Dover and is free on bond. Police charged Pusey with one count of sexual exploitation of a child, ten counts of using a computer to unlawfully depict a child engaging in a prohibited sexual act, and ten counts of possession of child pornography. According to police, the images were downloaded during the past year. Computer specialists found the images on the hard drive after Pusey reported a computer problem. http://abclocal.go.com/wpvi/news/09252003_nw_dechildporn.html - - - - - - - - - - Telemarketer Faces Child Porn Charges Federal prosecutors say they found child pornography on two computers belonging to a Cherry Hill telemarketer. Authorities unsealed an indictment Wednesday charging Mark Kleinman with mail fraud and child porn possession. Authorities say Kleinman had telemarketers call maintenance workers across the country and bribe them to buy products at inflated prices. The indictment also alleges Kleinman sent hospitals 33-cents of plastic gloves, billed them 80 dollars and then sent past due notices to those that didn't pay. http://kyw.com/Local%20News/local_story_267140045.html http://www.augustachronicle.com/stories/092503/met_124-3656.shtml - - - - - - - - - - Web site says teacher tried to solicit sex Warren Consolidated Schools officials are investigating claims that one of their high school teachers was "caught" by a private computer sleuth trying to solicit sex online from what he believed was a 13-year-old girl. A picture of a Warren Mott High School math teacher has been posted on the computer Web site Perverted-Justice.com as an alleged "wannabe pedo(phile)," accused of trolling Internet chat rooms last Saturday for sex. http://www.zwire.com/site/news.cfm?newsid=10213265&BRD=988&PAG=461&dept_id=141265&rfi=6 - - - - - - - - - - Sobig linked to DDoS attacks on anti-spam sites A senior anti-spam activist is calling on law enforcement authorities to track down the perpetrators behind a widespread and sustained attack on anti-spam sites. The call, from Steve Linford of Spamhaus, comes along with fresh evidence that the assaults have been enabled bythe infamous Sobig worm. http://www.theregister.co.uk/content/56/33059.html - - - - - - - - - - California spam law may face court challenge When California Gov. Gray Davis signed one of the nation's most sweeping antispam laws this week, he didn't end a debate over how the proposal would affect businesses in the richest, most technology- savvy U.S. state. Davis merely shifted it from the Sacramento statehouse--the scene of tense negotiations among antispam activists, direct marketers and technology companies--into the court system. http://zdnet.com.com/2100-1104_2-5082049.html http://www.usatoday.com/tech/news/2003-09-24-spam_x.htm Legislators Take Shots at Spam http://www.wired.com/news/politics/0,1283,60589,00.html - - - - - - - - - - House vote stymies TIA spy plan The U.S. House of Representatives has approved a spending bill that eliminates money for the Terrorism Information Awareness project, effectively putting an end to the controversial Pentagon antiterrorism plan, which sought to assemble computerized dossiers on Americans. The 407 to 15 vote on Wednesday approved a conference bill drafted by a joint House-Senate committee. http://zdnet.com.com/2100-1105_2-5082253.html http://www.washingtonpost.com/wp-dyn/articles/A63587-2003Sep25.html http://www.wired.com/news/privacy/0,1848,60588,00.html http://www.usatoday.com/tech/news/techpolicy/2003-09-25-tia-office-closed_x.htm - - - - - - - - - - Panel seeks to protect agencies from information sharing risks The House Government Reform Committee on Thursday passed legislation to protect federal agencies from security and privacy risks posed by Internet file-sharing technology. The bill (H.R. 3159) would require federal agencies to develop and implement a plan within six months to address threats to computer systems from downloading "peer-to-peer" file sharing programs. The panel passed the vote by voice vote. http://www.govexec.com/dailyfed/0903/092503njns1.htm - - - - - - - - - - PwC: Fraud cases actually more than reported Computer crime THE levels of commercial crime in Malaysia can be very much higher than reported as many companies fear reporting fraud perpetrated gainst them would damage their reputation, a white collar crime investigator revealed. Head of the investigations practice at PricewaterhouseCoopers (PwC) Malaysia Chan Yim Fun said that although recent figures had shown that reported commercial crimes had been on the increase, there were more fraud cases that had gone unreported. http://biz.thestar.com.my/news/story.asp?file=/2003/9/25/business/6312800 - - - - - - - - - - Sheriff targets Internet crime Debbie Madonna learned how quickly a child can stumble into an inappropriate Internet site when her youngest son Andrew, 14, visited the World Wrestling Federation on the Web a few years ago. "He couldn't have been more than 8 or 9, and he hit on a link and ended up in a more adult site. It was too adult for him, and he stopped watching wrestling after that," said Madonna of Plymouth. Officers from the Wayne County Sheriff's Department Internet Crime Unit last week launched a series of workshops on Internet crime. http://www.detnews.com/2003/wayne/0309/25/e03-279866.htm - - - - - - - - - - Site Warns of Online Dangers to Children The D.A. offers tips on how parents can track molesters and monitor computer use. Halting youth cyber-crime is another goal. A 14-year-old girl began an online conversation with a Los Angeles County man, who lured her to a meeting and then molested her. Two Pasadena teachers seduced two female students by sending sexually explicit e-mails. http://www.latimes.com/technology/la-me-skateside25sep25,1,19648.story Chat room charge sign of times http://www.globetechnology.com/servlet/story/RTGAM.20030925.wmsnn0925/BNStory/Technology/ More chat room closures feared http://www.vnunet.com/News/1143885 Pervert! You're using the Internet http://www.theregister.co.uk/content/6/33032.html - - - - - - - - - - Author of report critical of Microsoft loses job The chief technology officer for a technology firm that works closely with Microsoft Corp. lost his job after he helped write a study critical of the insecurity of Microsoft software. Daniel E. Geer Jr., an expert with nearly three decades studying technology and computer security, learned Thursday he was no longer employed by AtStake Inc. of Cambridge, Mass. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6860311.htm http://www.securityfocus.com/news/7069 OS monopoly poses security risk, report claims http://www.computerweekly.com/articles/article.asp?liArticleID=125151 http://techupdate.zdnet.com/techupdate/filters/specialreport/0,14622,6025221,00.html http://money.cnn.com/2003/09/25/technology/microsoft_usa.reut/index.htm Punters blamed for Windows security peril http://www.macworld.co.uk/news/main_news.cfm?NewsID=6953 Want PC Security? Diversify http://www.wired.com/news/infostructure/0,1377,60579,00.html http://www.eweek.com/article2/0,4149,1276333,00.asp Bust PC builder lands ICM with huge piracy bill http://www.theregister.co.uk/content/51/33041.html - - - - - - - - - - Studios Moving to Block Piracy of Films Online If Hollywood executives have learned anything watching their peers in the music business grapple with online file sharing, it is how not to handle a technological revolution. While the major labels in the music industry squabbled among themselves about how best to deal with Internet piracy and failed to develop consumer-friendly ways to buy music online, the movie industry has gone on a coordinated offensive to thwart the free downloading of films before it spins out of control. http://www.nytimes.com/2003/09/25/business/media/25STUD.html Sinking the Pirates of the Internet http://www.washingtonpost.com/wp-dyn/articles/A63120-2003Sep25.html - - - - - - - - - - Watchdog to target text spammers Premium-rate phone service watchdog ICSTIS is to clamp down on unscrupulous text spammers after seeing the number of complaints rocket over the last year. In a stern warning to the industry, ICSTIS said it will no longer tolerate misleading and unsolicited text messages that trick people into calling premium rate numbers by stating that they have won a cash 'prize' or 'award'. http://www.theregister.co.uk/content/51/33039.html - - - - - - - - - - Smart cards track commuters Civil rights campaigners have expressed concerns about the new smart travelcards introduced for London commuters. An 'oyster' travel card, sitting on top of a card reader. Under the new system, Transport for London will be able to track a commuter's movements and it plans to retain information on journeys made for "a number of years" http://news.bbc.co.uk/2/hi/technology/3121652.stm - - - - - - - - - - Status Quo for Travel Privacy Airlines and other travel companies are looking over their privacy policies and practices this week in response to the uproar -- and two class action lawsuits -- directed against JetBlue for violating its privacy policy in turning over 5 million passenger records to a defense contractor. Most, however, are saying they do not plan to make any changes to their policies, even though they are weaker than JetBlue's stated policy. http://www.wired.com/news/privacy/0,1848,60584,00.html - - - - - - - - - - Anti-fraud system scores high with bank HFC Bank has significantly decreased its losses from credit card fraud thanks to software that tracks potentially illegal activities. The bank has cut the average loss per card and increased the number of counterfeit accounts it can identify before they are used from zero in 2000 to 40 per cent this year. http://www.vnunet.com/News/1143855 - - - - - - - - - - Citrix password manager secures single sign-on Citrix has launched a single sign-on application designed to take the headache out of password management. Citrix launched a single sign-on software package on Thursday that automates the log-in process for enterprise applications. The MetaFrame Password Manager can be used as part of the Citrix MetaFrame Access Suite or as a standalone single sign-on product. http://news.zdnet.co.uk/internet/security/0,39020375,39116676,00.htm - - - - - - - - - - Protecting company data from ex-employees While companies are relatively accustomed to requesting the return of building keys and ID cards from departing employees, they are less vigilant when it comes to electronic data. Can this lead to problems? Yes! When employees are terminated involuntarily, emotions can run high on both sides of the table. http://www.usatoday.com/tech/columnist/ericjsinrod/2003-09-25-sinrod_x.htm - - - - - - - - - - Software crime: Would you admit to an accidental breach? Today the BSA urged users to confess to any breaches of software licensing in order to protect themselves from future prosecution. And while we have every reason to take them at their word it raises a number of questions, best outlined by the scenarios below. http://www.silicon.com/leader/500012/1/6169.html - - - - - - - - - - Keep Your Identity Safe Computer crime Leading security expert tells you how to keep your personal information secure. On tonight's "Screen Savers" I'm talking about the software and tactics law enforcement agents use to fight cybercrime. But keeping your information secure starts at home. Here are a few simple things you can do to keep yourself and your small business safe from identity theft. http://www.techtv.com/screensavers/story/0,24330,3528776,00.html - - - - - - - - - - Linux Security: Good Enough It's really simple. Linux has OK security , Windows doesn't. "Any questions?" asks Linux Center Editor Steven J. Vaughan-Nichols. Linux is fundamentally more secure than Windows. There, I've said it. It's not that Linux is some bulletproof wonder of security. It's not. If you want an operating system that really been built from the ground up to be secure what you want is OpenBSD. The crew behind it has made safe, sane security job number one before Bill Gates could spell security if you spotted him the 's' and the 'y.' http://www.eweek.com/article2/0,4149,1274651,00.asp - - - - - - - - - - Who writes viruses? This year's deluge of worms may be the prelude to something more sinister. Who takes the time and effort to pull off malicious stunts, like viruses, malware, worms, Trojans, or any other deliberately damaging actions? And why? After all, there are risks involved. Who are these people and what do they gain? The common stereotype is a bored but brilliant teenager from a dysfunctional family. The very name "script kiddies" implies that. http://insight.zdnet.co.uk/0,39020415,39116671,00.htm - - - - - - - - - - Key requirements for building trust Certification is just one part of boosting online business: creating trust is the real challenge. Doing business online is about more than having the technology in place to undertake transactions. You also need trust: if you don't know who you are dealing with, you're unlikely to do business with them, or you risk finding yourself entangled in invalid transactions. Alongside the ability to transact, you need guarantees about the identity of your online partner. http://www.vnunet.com/Comment/1143861 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.