Thursday, May 19, 2005

Cyber-Crime and E-Forensics...

Companies such as Intelligent Computer Solutions are making the Computer Forensic investigators more effective. In fact, they are making it more difficult for those hackers, attackers and others to steal corporate information and assets, abuse acceptable use policies and to harm the reputation of organizations.

Intelligent Computer Solutions (ICS) is the technology leader in the design and manufacture of high-speed Hard Drive Duplication equipment, Software Cloning Solutions and Diagnostic Systems. Having developed the hard drive duplication technology (and holding a US Patent C,131,141), ICS has gained international name recognition for 14 years of customer service and for providing its customers with cutting edge solutions.

Intelligent Computer Solutions is a prominent supplier of Law Enforcement & Computer Forensic Systems to Law Enforcement personnel ranging from local police departments to Federal and International agencies. ICS units are being used today by government agencies in the US, Canada, Europe, the Middle East, China, Australia and New Zealand.


Online Fraud and other internal mischief is keeping the industry busy working with clients on a number of issues including:

"Consumers and businesses alike must remain constantly vigilant about personal and financial information," said Patricia Kachura, senior vice president for ethics and consumer affairs at The DMA. "E-mail scams are becoming more sophisticated and scammers are becoming more organized, and efficient in exploiting illegally obtained personal information to the fullest extent possible."

Financial fraud, for example, costs consumers and businesses billions of dollars annually. Based on a 2004 poll of 5,000 people in the U.S., the industry analyst firm Gartner calculated that $2 billion a year is lost to banking scams, including online fraud and phishing.

The top five spam scams for April as identified by the NCFTA include:

1. Web Mobs: Web mobs are well organized groups of computer-savvy criminals who form hierarchical networks on the Internet in order to commit identity theft and fraud with personal identification and financial information. After gathering victim information via phishing schemes, the Web mob buys and sells the information among its members or through online auctions. They use Web sites and chat forums to discuss and exchange techniques and tools.

2. Cross-Site Scripting (CSS): CSS vulnerability is caused by the failure of a Web site to validate the intended address of user input, such as personal or financial information supplied to make an online purchase, before returning that data to the client's Web-browser. Instead, that information is sent to another, unauthorized site. This is called cross-site scripting and is caused when an intruder causes a legitimate Web server to unknowingly send a page to a victim's browser that contains malicious script or HTML. The malicious script runs with the privileges of a legitimate script originating from the legitimate Web server and redirects the information to the intruder's Web server. More information on this practice is available at http://www.cert.org/archive/pdf/cross_site_scripting.pdf.

3. Pharming Attacks: Pharming is the redirecting of a Web request to another location entirely. On a computer hijacked by pharmers, for example, a user will type a URL (such as their bank's Web address), but will unknowingly be redirected to a designated phishing site that looks very familiar. Because the user did not click on any obscure link, the site will appear to be legitimate.

4. Phishing: Phishing is by far the most abundant scam witnessed by the NCFTA to-date., Bank and credit card phishing scams are constantly evolving, making it more difficult to identify the forgery. Source codes which have been used to determine where "phished" information was being sent after it was harvested, are now being hidden by phishers. Phishers are also disabling mechanisms such as 'right-click' on the phishing sites for the purpose of masking the compromised URL.

5. Spyware - Trojans & Malicious Code: This is software that surreptitiously performs certain tasks on your computer, typically without the user's consent. This may include collecting personal information about you, or infecting your computer with a Trojan or malicious code. Such instruments can cause your computer to be used for other criminal conduct, such as Denial of Service attacks, or to act as part of a spam relay network.

Spyware and Trojans are downloaded onto a user's computer in two ways. First, the most frequent way is by accessing Web sites containing them. Secondly, such tools can infect a computer through a spam e-mail that includes a link to a site containing spyware or Trojans. In some instances a user need not even open the e-mail attachment for it to execute or load to your computer without one seeing it occur.

These identified spam scams are based solely on limited NCFTA data. However, this information is shared with the FBI, which, with assistance from The DMA's Slam Spam project, provides law enforcement authorities with a much more robust understanding of the top spam scams.

No comments: