online crime

[y66]

Internet security is broken, and nobody seems to know quite how to fix it.

 

Despite the efforts of the computer security industry and a half-decade struggle by Microsoft to protect its Windows operating system, malicious software is spreading faster than ever.

 

In October, researchers at the Georgia Tech Information Security Center reported that the percentage of online computers worldwide infected by botnets — networks of programs connected via the Internet that send spam or disrupt Internet-based services — is likely to increase to 15 percent by the end of this year, from 10 percent in 2007. That suggests a staggering number of infected computers, as many as 10 million, being used to distribute spam and malware over the Internet each day, according to research compiled by PandaLabs.

more

[macaw]

I love the IQ tests that come in the form of emails.

 

These are my two favorites:

 

1) You can give your credit card information to a falsified email address to buy dangerous drugs which are available legally by prescription only, and then you put those drugs in your mouth and swallow them.

 

and

 

2) You give your credit card and personal information to a falsified email address to buy a fake diploma so you can lie on employment applications.

 

Isn't it just amazin' B)

[Gerben42]

Don't forget:

 

3) You can send money to someone you don't know on a different continent, because when you do, you will be part of a profitable enterprise and you will be rich.

[kenberg]

Yes, a fool and his money are soon parted. But it can get tricky sometimes. I tell students that when they send me email it is important that the subject line be clear so that I in fact open it. An email from blonde_terror with the subject line "Can you help me" may get skipped over.

 

Here are some on the edge things:

 

I once was invited to join a google discussion group on a topic in mathematics. I did. A mistake. I eventually got myself off but it took some work.

 

I recently have been invited to "be a friend" or some such with a couple of different people on one of these facebook or similar things. Only their facebook handle is shown. Perhap's it's real. I ignore it. Anyone wishing to set up such a thing needs to send me an email so I know who I am dealing with.

 

I was going to set up a Paypal account. I initiated contact so I am pretty confident it was real. Somewhere in the application they asked for my social security number. No way. I closed the application. I would like a Paypal account but I got nervous.

 

I almost deleted a recent email, at the last moment I chose to open it. It was authentic.

 

I used to check my spam folder to make sure it didn't misjudge something authentic. I seldom do anymore. If a friend decides to send me useful information about how to enlarge my penis I probably will not receive it.

 

 

On the more clearcut side, not involving computers, there was this from a few years ago. Some guy was arrested for playing the following scheme: He would explain to people that there was a way to avoid taxes by shipping their money offshore. They gave him their money. He shipped it offshore! Whatta plan!

[PassedOut]

Yes, a fool and his money are soon parted.

This was true long before the internet. I remember the days when no one had the means to identify the sex of a baby before birth. An enterprising firm advertised a service to identify the sex of an unborn child based on a mailed-in urine sample from the pregnant woman.

 

The lure in this case was a 100% money back guarantee. The firm had many happy customers. And only 50% of the receipts had to be returned.

[JoAnneM]

I many times delete emails when there is NO subject line filled in. Just shows how we are different. And my Mcafee spam filter is regularly putting mail into its box from contacts in my address book. I mark them as friends each time so it doesn't happen again, but it is annoying and I do have to monitor that directory.

 

I think the Paypal signup that asked for your social security number was not legitimate. For a while I was getting fake emails from Comcast with a link to go verify my personal information. Those are really dangerous because people don't stop to think. I have also received them from banks, but not my bank, which I wouldn't answer anyway.

 

However a really sad story is that a woman in our town actually responded to one of those letters promising her millions from the son of an African king, she started sending them money, and eventually drained their accounts and then drowned herself in the river. I have no idea why her husband didn't know what was going on. She send them over $100,000.

[matmat]

The weird emails i try to open under a different operating system. Luckily i have access to both unix and linux machines, which makes this easier. most of the crap out there is geared toward micro$oft.

 

the dangerous solicitations are the so-called, i believe, fishing links. These send you to a page that looks exactly like amazon/ebay/paypal/whatevercommonsiteyoumight use, but their intent is to steal your private info. the key to this one is to learn how to look at the address of the site (URL) and recognize when what you perceive to be "ebay" is really some sort of strange website in upper zanistan.

 

also, available web-browsers have all sorts of nice bells and whistles that block strange scripts, eliminate ads, etc. I pretty much use firefox for everything and it seems to curb most (not all) of the problems.

[Hanoi5]

And only 50% of the receipts had to be returned.

 

They were quite good then.

[Fluffy]

I have always used web mail, so I don't have to pay attention to viruses, works very well for me.

 

I am surviving with microsoft, and no anti virus at all. when I get a virus somehow, I just check for the specific cleaner on anti-virus sites.

[luke warm]

I was going to set up a Paypal account. I initiated contact so I am pretty confident it was real. Somewhere in the application they asked for my social security number. No way. I closed the application. I would like a Paypal account but I got nervous.

paypal is wonderful, i don't think i could even clothe myself without it (and ebay), but they never asked me for my ssn... that does seem strange and i don't blame you for shying away

[blackshoe]

And only 50% of the receipts had to be returned.

 

They were quite good then.

Actually, a smart crook would "report" all results as female. Then he'd only have to return 48% of the payments.

[Gerben42]

So how much should citizens be protected from things that might possibly harm them if they don't use their brain? If people would stop to think and not respond to these silly emails, there would no longer be a gain in sending them, and no one would bother trying.

 

What bothers me more is all these sites that feel they need so much information from me just to allow me access to their services. I don't want to register just to watch a video or download some demo software!

[brianshark]

Spam will never stop until everyone has to pay 0.1 of a cent or whatever to send an email.

[helene_t]

Spam will never stop until everyone has to pay 0.1 of a cent or whatever to send an email.

Right. There are a number of problems that need to be solved before that happens, though.

 

- There must be an infrastructure that allows you to enclose 0.1 cent in an email with transaction fees being a small fraction of that. Of course, such schemes exist already, but there needs to be a universal standard to everyone can send money to everyone.

 

- The micropayment scheme must be 100% secure. If it happens too often that people get infected by viruses who make millions of 0.1c payments on their behalf then we are worse off than we started. Maybe it would be better if the 0.1c is not payed to the recipient but to some charity chosen by the ISP, to reduce this problem.

 

- You may not want to charge your friends for sending email to you. OK, if it's only 0.1c then it's no big deal, but if something like 1c is necessary then it could otherwise be expensive to volunteer to be an editor of a large non-profit mailing list. But that would mean that there must be a secure way of identifying your friends. These exist already but for some reason people don't use them. No, I don't use them either.

[Al_U_Card]

Well, if you calculate the cost of spam-filters and virus cleaners etc. that comes out to a very small amount per e-mail.

 

Indirect suppression of spam. Everything costs something, somewhere.

[kenberg]

The spam problem is not so huge for me, at least on my personal mail. This morning there, as of 8 AM, I have 9 messages. But all of them are at my request or agreement. For example, Borders (books) sent an announcement of what they are offering. So did Expedia (travel). Steve Robinson sent me bridge news. The NYTimes sent me world news. (I list these last two in order of importance). All of these would cease if I asked.

 

My university email account, perhaps surprisingly, lets through more junk. I get many ads for how I can get a degree without the inconvenience of studying. I get daily messages in Cyrillic. (A friend who can read then tells me I am being asked to attend seminars in Russia! I'll pass on that.) I can see how the oit folks might not want to prejudge whether this is real.

 

So the spam filters seem to be coping. I do worry about a casual slip in security though. Example:

 

I was recently in Florida on vacation. I played in a tournament (with Helene) using a laptop that worked through wifi (if I have my tech terms right). So I thought maybe I should check up on some financial things while online. No, maybe I shouldn't. I am not so sure of the security and maybe I don't want to find out the hard way.

 

 

More and more, it seems a moment of carelessness could be really costly. I imagine there are times when I am overly cautious, but it is better than being underly cautious.

[H_KARLUK]

This year I'm 53 years old. In my childhood there were milkmen selling milks with horses. There were also opportunists to make quick money.

 

They paid a small amount money or bought candies to innocent kids. Then convinced some of them to break any windowpane. Sellers were ready to fix with a correct timing.

 

They might think : "Sell something, if it's like stone you cannot win too much. There must be some malformation and trickery to multiply the profit from same good."

 

Electronics and programming languages helped humanbeings to buy the time. It's an age that communication is faster than old times.

 

Sorry, but there will be always insatiable people and their more advanced inequitable methods in all fields of life . No matter the date will be 3000-4000 digits etc years. The matter is more quick money without too much effort-which i disagree. In addition the question is to be a selfseeker or not.

 

I think there is a word : law usurpation. Please correct me if i am wrong. Sorry, English is 2nd language here.

[bid_em_up]

Yes, a fool and his money are soon parted.

And all this time, I thought it was:

 

"A fool and his money are soon partying"

 

;)

[PassedOut]

"A fool and his money are soon partying"

 

;)

My dad told me about his budgeting process as a young man: "I spent 90% on wine, women, and song. The rest I spent foolishly."

 

:P

[mycroft]

0.1/mail would be fun. How do you do it? How do you deal with zombies? Right now they set up their own mailserver that does relays, and a mail client that does generation; if they have to pay for email, they'll just put in enough extra hack code to get the user's email address and send as that user.

 

First he's going to know is the $1500 bill for the spamsend, or his account is disabled for spamming and is going take lots of work to re-enable.

 

Now, that's a pretty reasonable (from the internet's perspective) way of dealing with zombie computers - cut 'em off at the source, and don't let them back on until they've learned internet security. But even with internet security, there are still zero-day holes and likely mistypes that experienced players can get caught with - and there's nothing you can do about that last 0.1%. I don't think it's reasonable for the user.

 

Also, there are good, honest mailing lists that have hundreds, if not thousands, of subscribers (same with RSS feeds). If the hosts are hit with a $10/email charge, they're dead. Right Now.

 

Plus there's the whole "internet routes around damage" thing.

 

There's just too many problems with micropay emails and current useful technology to make it work, at least that I can see.

[JoAnneM]

I have always used web mail, so I don't have to pay attention to viruses, works very well for me.

 

I am surviving with microsoft, and no anti virus at all. when I get a virus somehow, I just check for the specific cleaner on anti-virus sites.

So, yours are probably one of the millions of computers that has been hijacked to send out these spam emails, and you don't even know it.

[Gerben42]

I think a better way is to set up some retraceable mail, and that at some point any mail that is not of this kind is automatically discarded by all servers. Add that to laws that say "thou shalt not spam" and some juicy penalties...

[JoAnneM]

This is totally off topic but I tried to edit my last post - I had changed a sentence and left an awkward word, and when I clicked "edit" it only brought up the "quote" I had used and nothing I had typed.

 

Is there a special trick to this?

[Fluffy]

I have always used web mail, so I don't have to pay attention to viruses, works very well for me.

 

I am surviving with microsoft, and no anti virus at all. when I get a virus somehow, I just check for the specific cleaner on anti-virus sites.

So, yours are probably one of the millions of computers that has been hijacked to send out these spam emails, and you don't even know it.

You need a mail server for that, I could be beeing spied actually (I don't care with this computer), but I ain't sending trash mails.

[JoAnneM]

How come my computer won't show your avatar? Your's is the only one.