Tuesday, May 21, 2013

Cyber Insecurity

My “$2.500,000.00” DIATRIBE

I wrote this FLOG May 9. Today is May 21 and I've just now posted it. After reading and re-reading this too-long FLOG, I put it on the back-burner and let it stew. It was, as diatribes are, a rambling regurgitation—in this case with no solution to a very serious problem. That’s not my mission. I continued to study cyber security and decided that like the Internet it was changing about every nano-second and what I write today will be preempted tomorrow. 

People ask me often what I write and I say, “checks.” 

Whimsy has been my passion for many years. If we can’t have a sense-of-humor, we might as well fold up our tent and go home. Most of what I write has one reader - me.  Writing is my therapy - if I can’t laugh at my stuff I don’t know who can.

To indulge my admittedly questionable sense of humor,  I’ve already changed the name of email to f-mail (the "F" in this case does not stand for Flog), the Internet to the Outer-net and Social Media to Antisocial Media.  I wanted to establish the HFSP (Hackers, Frauders and Scammers Police) and clinics for those with SMTDs (social media transmitted diseases), and begin sharing with other computer consumers ideas that might head off the plague that is infecting internet users world-wide. But, truth is I don’t know enough about this critical matter to write about it intelligently.

In the 1970’s I had a client in the direct mail advertising business when the ancestors of the current crop of hackers, frauders and scammers became prolific in sending millions of similar messages to our mailboxes. A group of friends agreed to save all the “smutmail” and we shuffled it like a deck of cards and inserted it in random envelopes to return to the senders. Sometimes we sent along leaves or grass or cigarette butts or condoms or litter that could fit easily into a return envelope. There was no proof of any reduction in what was called “junk mail”, but we entertained ourselves and others followed our lead.

What provoked this Flog was an email I received from Yemi Susan.  I don't know a Yemi Susan, so I immediately smelled a rat.  Email crimes had been on my mind so I cautiously opened the email to see what the latest scam was.  I was disappointed to find a rehash of a years-old scam:

I am here to inform you that IMF -- International Monetary Fund have decided to release and send your $2.5 million fund through Our Western Union hereby we wish to inform you that (IMF) and (ECOWAS) have instructed us to send you the sum of $2.500,000.00.USD and we have send you $5,000 dollar already as first collection.

I Mrs. Yemi Susan hereby inform you that we have processed your payment and your first payment of $5000.00 is available for pick up by receiver (YOU); Your First payment is still ON-HOLD. because you have to pay the IMF certificate stamp fee of $49 dollar Only as it was required by IMF.

Below are the first instrumental payment Tracking details. Track your first payment online now using the MTCN, Senders First Name & Last Name as directed below:

Click on below link or copy it and past to track your payment online.

Oh, Yemi Susan- you're just not trying.

On May 18, Mean Eileen, Editing Queen sent me this:

By Byron Acohido USA Today Fri May 17, 2013 8:42 PM

SEATTLE Phishing continues to plague Internet users. Wal-Mart on Thursday issued an alert about an email phishing scam, recognizable by the misspelling in the from field — “Wallmart,” spelled with with two Ls.

Phishers rely on social engineering to trick Internet users into quickly clicking on a tainted attachment or infected Web link.

Global losses from phishing in 2012 hit a record $1.5 billion, a 22-percent increase over 2011, according to RSA 2013 Fraud Report. The total number of phishing attacks in 2012 was 59 percent higher than in 2011, reports RSA, a risk management company.

Meanwhile, the number of phishing sites disguised as social networking sites has grown by 125 percent, reports Symantec in its 2013 Internet Security Report.

A couple of quotes from what I’ve been reading:

  • “Cyberspace is a 21st Century battlefield where the annual cost of crime has climbed to more than $1 trillion worldwide”www.business.gwu.edu.
  • “Every developed economy on the globe—and every citizen in them – is dependent on digitized information—from the food we eat , to the medical care we receive, to the jobs we perform every day, to our bank accounts, the entertainment we all enjoy, transportation—it goes on and on.” -- Wes Bush, Chairman and CEO, Northrop Grumman Corp.
  • The FBI’s top cyber expert, “We’re not winning.”

Mean Eileen  (aka The Sledgehammer of Reason) has a few pointers;
  • Don't chuck your computer - just pay attention.  You drive on roads with texters, drunks and parents who are trying to break up fights in the back seat - while doing 70mph on the freeway.  Just as you have to be careful when you are driving, you have to be careful using the internet.
  • If it sounds too good to be true, it is.  If you didn't sign up for a sweepstakes - you can't win a sweepstakes.  If you get an email from Nigeria, just delete it.  If you get an email from a mysterious hot babe who wants an even hotter relationship with your average self, just delete it.  If you didn't order a plane ticket and you get an email confirming your purchase, just delete it (check your credit card statement to make sure your card isn't compromised - deal with bogus charges directly with your credit card company).
  • The IRS will never, ever, contact you via email ... if you get an email from the IRS it is absolutely a scam - just delete it.   Believe me, if the IRS wants to have a word with you, they will use a more direct means of communication.
  • No bank or credit card company will ask you to click on a link...if you get something you are unsure of, log out of your email and go directly to your bank's website. 
  • A legitimate e-business that takes payments will have a payment page with a URL that starts with https://  (as opposed to http:// - the extra "s" is for secure).  This means the page is encrypted and information submitted is encrypted as well.  Don't submit debit/credit card numbers on a site that does not have a security certificate (https://).
  • Beware of requests for charitable contributions - know who you are dealing with.  Log directly into charity websites (i.e., www.redcross.org), and don't get suckered by tragic tales of helpless children.  Do your research before you part with your dough.

No comments:

Post a Comment