Saturday, October 15, 2005

Criminal Activity on Dating Sites

I was reading an article by Christopher T. Heun (InternetWeek) on the amount of fraud on dating sites. He quotes an industry analyst that approximately 10 percent of the profiles on any given site are fake.

Recently, I've seen victims duped into cashing fraudulent money orders and or cashier checks by someone that met in a chatroom or on a dating site. Dating sites are another place where fraudsters go to harvest victims.

In the article, Dan Larkin (Internet Crime Complaint Center) states "People are already going to [dating Web sites] in a somewhat vulnerable position and the bad guys play on that. The reality is, people either don't know they're a victim or don't want to report it."

Dating sites are often used to recruit people into cashing fraudulent instruments and reshipping scams. These involve fraudulent financial instruments, or merchandise purchased with them. They are then asked to ship the merchandise, or negotiate the instrument into cash and wire the money to the fraudster.

In both scenarios, once the transactions are determined to be fraudulent, the victim is often left responsible for the financial loss. Even worse, they might face criminal charges.

Of course, there are also the mail order bride scams that can be found on these sites. Sometimes these scams are also set up on sites created by the fraudsters themselves. Here is an excellent link with information on how to spot these scams:

http://www.dangersofinternetdating.com/mailorderb.htm

There are also a lot of sexual and violent crimes are initiated on the internet. The "Home Page" of the link above is a really good site for anyone, who desires to protect themselves, or someone they know from the dangers of dating on the internet.

http://dangersofinternetdating.com/

In the busy world of today, there are a lot of people using the internet to find companionship. Whenever something becomes popular, it seems to attract the criminal element. In the end, being aware and informed is probably the best defense against becoming a victim.

Tuesday, October 11, 2005

How to Impact Fraud, Phishing and Financial Misdeeds

In the past couple of years, we have seen massive data intrusions. Here is one of many posts, I've done on this: Identity Theft at Large Corporations . Recently, I was reading an article in Wired, which makes a lot of sense. It was written by Bruce Schneider, a well-known security expert.

He makes a valid point, which is; laws that only address criminal activity are only part of the solution. The war against identity theft will never be won until businesses that are entrusted with people's personal information are held accountable for substandard security practices and (in some cases) selling people's personal information to criminals.

Let's face it, we are in the information age and personal information is routinely sold for a lot of money. Besides marketing, there is a booming spy (be your own detective) market that is largely unregulated. Just about anyone can sift personal information using these programs and even buy "keylogger" software. Keyloggers, which are marketed as a means to spy on your employees, boss, errant child or wife also can be used by identity thieves to steal personal and financial information.

Here is an excerpt from his article:

"Push the responsibility -- all of it -- for identity theft onto the financial institutions, and phishing will go away. This fraud will go away not because people will suddenly get smart and quit responding to phishing e-mails, because California has new criminal penalties for phishing, or because ISPs will recognize and delete the e-mails. It will go away because the information a criminal can get from a phishing attack won't be enough for him to commit fraud -- because the companies won't stand for all those losses. If there's one general precept of security policy that is universally true, it is that security works best when the entity that is in the best position to mitigate the risk is responsible for that risk. Making financial institutions responsible for losses due to phishing and identity theft is the only way to deal with the problem. And not just the direct financial losses -- they need to make it less painful to resolve identity theft issues, enabling people to truly clear their names and credit histories. Money to reimburse losses is cheap compared with the expense of redesigning their systems, but anything less won't work."

Many of these data intrusions were accomplished by simple theft involving deception, or unprotected data. As a result, many a person has been victimized due to lacks of diligence by entities, who were profiting monetarily. As long as these entities continue to get off "cheap" and the criminals have little to fear, this activity is going to flourish.

I think Bruce's observations are right on the money!

To read the article in "Wired" click on the title of this post.

Monday, October 10, 2005

Safe Charity Resources for South Asia Earthquake

The devastation and death toll continues to rise in South Asia. Many of the areas affected (in this mountainous region) are not accessible by roads. In keeping with the theme of my blog, I am providing resources (directly from Yahoo news and the Network for Good), where one can donate safely and ensure that the money gets to the people who need it the most.

As in previous disasters (Katrina, Tsunami etc.), fraudulent charities will probably be set up by people without morals. For my previous post about this go to: Is Fraud Around the Corner in the South Asia Earthquake?

Here are a list of charities, most of which, are deploying to the area to assist:

Doctors without Borders
Mobilizing to provide medical assistance, blankets, water, sleeping mats and tents.

International Federation of Red Cross and Red Crescent Societies
Dispatching teams to assess damages and the needs of victims.

International Rescue Committee
Assessing immediate needs on the ground and preparing emergency response.

Mercy Corps
On the ground providing emergency relief, including water and tents.

Oxfam
On the ground assessing the response effort and responding to victims.

UNICEF
Sending emergency staff to distribute aid and make further assessments of the damage.

To go to the "Network for Good" website, click on the title of this post.

Sunday, October 09, 2005

Is Fraud Around the Corner in the South Asia Earthquake?

The death toll in Katrina just recently went over 1,000. Already, the death toll in yesterday's earthquake in Kashmir has reached 20,000. This will cause untold suffering for the people in the Kashmir area, who have lived under the threat of war and terrorist activity since 1947, when Great Britain gave Pakistan and India their independence.

There are reports of rescue teams and ordinary citizens using their bare hands trying to dig survivors out of the rubble.

"President Pervez Musharraf (Pakistan) said there were difficulties reaching remote areas. He thanked foreign countries for expressions of sympathy, but said what Pakistan needed most were blankets and tents, transport helicopters and medicines."

These people deserve our help and hopefully the world is going to be generous. What I fear is that as in every disaster, we have seen recently, the cyberscum (fraudster) element are already gearing up to siphon off as much of the charity money as they can get their hands on. As I write this, I'm guessing that fraud charity websites are probably being designed and domain names (relevant to the earthquake) are being bought up to be later sold to the highest bidder.

Although, it hasn't hit the internet yet (to my knowledge), we are probably going to see Advance fee fraud (419) letters circulating regarding this. Someone will probably claim to have inherited millions of dollars from a Saudi terrorist killed in the earthquake and will solicit assistance (via e-mail) getting this "fortune" out of the area.

The FTC (Federal Trade Commission) addressed charity fraud in the wake of Katrina and published some helpful tips, which will probably be relevant to this disaster, also. Here they are:


"Donate to recognized charities you have given to before. Watch out for charities that have sprung up overnight. They may be well-meaning, but lack the infrastructure to provide assistance. And be wary of charities with names that sound like familiar, or nationally known organizations. Some phony charities use names that sound or look like those of respected, legitimate organizations.

Give directly to the charity, not the solicitors for the charity. Solicitors take a portion of the proceeds to cover their costs, which leaves less for victim assistance. Do not provide personal or financial information, including your Social Security number or credit card and bank account numbers to anyone who solicits from you. Scam artists use this information to commit fraud against you.

Check out any charities before you donate. Contact the Better Business Bureaus Wise Giving Alliance at http://www.give.org/. Do not give or send cash. For security and tax record purposes, contribute by check or credit card.

Write the official name of the charity on your check. You can contribute safely online through international charities like www.redcross.org/donate."

Ask for identification if you are approached in person. Often, paid fundraisers are required to identify themselves as such and to name the charity for which they are soliciting.

Should you suspect fraud, report it to the authorities. In the United States, you can file a report directly with the FTC at http://www.ftc.gov/.

Please give to the people of South Asia wisely by being AWARE of the "cybercriminals", who would try to profit from the suffering of human beings!