There is no doubt that everyone who even occasionally uses the Internet should be aware of its dark side. We all know the advantages of Internet, there are so many of them that it would be extremely hard to list them all. However it doesn’t mean that we should neglect the troubling facts that new scams and frauds are born almost every day. Internet fraud is popular among scam artists all over the world.

Certainly it’s a pity when adult is trapped in one of such scams and his or her financial stability is either at risk or completely destroyed. At least adults should know better, scam artists often play on people’s emotions and desires. If adult became a victim of a scam thanks to his or her own greed or lust, well it’s his/her fault. Read the Bible or the holy book of any other major religion and you’ll see that almost all of them describe the sins in similar ways. So if somebody tries to collect the lottery million dollar “winning” or is too lazy to use the basic rules for safe online banking, that’s his/her problem.   

But when we’re talking about children, it’s a whole different story. When adults are looking at the scam offers, they know on the subconscious level that something is not right. The voice of their experience warns them about possible trouble. Whether they listen to this inner sense or not, it’s their choice.

Children don’t have any substantial experience yet in dealing with real life situations. Hence it’s our responsibility as adults to make sure kids know about possible traps that they can encounter online.  

You probably think this article will be about heroin, cocaine, marijuana, LSD or something similar, right?

Not even close, my friend. It will be about something you’re very well familiar with yet you never thought about it as a drug (though you really should).

Introducing: Virtual Drug

By the way, marijuana and LSD are not as dangerous as they sound. There are some legal substances that are more dangerous. According to the study published this year in “The Lancet”, alcohol and tobacco are much more dangerous than marijuana or LSD and are included in the list of the 10 most dangerous drugs in the world. As you know both alcohol and tobacco are legal, and marijuana is forbidden in most countries. Just a food for thought. You can clearly see from this example that if something is legal it doesn’t necessarily mean it’s harmless and vice verse.

Why did I decide to emphasize this fact? Because today we’ll be talking about something that is as legal as it gets yet at the same time it has high level of risk based on all the risk factors that are usually considered during the analysis of the risk level for potentially dangerous substances.

There are many risk factors that could be considered for such analysis, and the factors could vary. But here are the 3 major factors that are considered in one form or another in all such analysis.

· What is the level of physical harm the drug could potentially cause to the user?
· What is the level of addiction? (In other words, how easy and safe would it be to withdraw from further usage if the user would decide to stop?)
· What is the overall drug impact on society at large?

Soon you will find out what I consider the worst drug on the planet. But first let’s establish a few statements.

Statement 1. Most drugs could be useful in a small dosage.

In order to agree on this it’s enough to remember that many drugs are used as a pain-killers. And some have unique healing qualities that are hard to find in other medications. For example, according to several researches, THC can help to prevent cancer. Let’s not forget that it’s the main active ingredient of marijuana.

Statement 2. The over-dose can seriously harm the individual or cause the lethal outcome.

I don’t feel that for this statement we need to search for any proof – just look at thousands of people dying every year from drugs.

If you think about it, any substance or influence that has high impact on individuals based on those major risk factors and 2 statements mentioned above, should be considered a drug.

So why do we usually limit our comprehension of drugs to physical substances only?

For example, what about all those ads that you see on your TV each and every day that are brainwashing you? (Yes, I know, you can order TiVo or similar services and fast-forward all this trash, but it’s rather expensive and is not used by a large percentage of general public).

Now let’s look at another service that is used by the majority of people on the planet. I’m talking about Internet. Yes, the Internet, this information super-highway. Is it good or evil? It certainly has over-grown its initial purpose of providing the easy ways of worldwide communications a long time ago and now can be not only extremely useful but extremely dangerous as well.

Remember, many drugs can be useful in small dosage, but they are deadly in big portions. The same is true about the Internet.

Paradox, but its danger lies in its extreme usefulness and self-sufficiency. Internet resembles the snake biting its own tail. In a small dosage it’s very helpful – you can get virtually anything on the Internet – from information on any subject to any product.

However, the strongest side of the Internet is at the same time it’s weakest spot.
Since people can find whatever they want on the Internet nowadays, a rare person can restrict himself/herself from not using it for more than a few hours per day.

Let’s scrutinize the Internet through a prism of the 3 major risk factors we listed earlier.

  1) Physical harm or influence on a health of the individual.

There is a whole range of direct and indirect health problems that can be caused by the Internet. Direct health problems derivate from the fact that Internet is most frequently accessed through computers. And sitting in front of the computer screen for long hours without often breaks will lead to diminishing eyesight, headaches, neck and shoulder pain.
But at least direct physical problems are not lethal. Now let’s look at indirect ones. On the Internet, you can get both legal and illegal products with almost the same ease.

Hacking manuals? Drugs? Illegal weapons? Money laundry? Pornography? People can get anything, and it’s much more difficult for authorities to track the source of delivery than if the trade would take place in a physical world.

And people get a sense of pseudo-safety since they do not physically participate in the trades, and they don’t see criminals with guns and all other usual attributes of such “meetings”. In reality if they are buying/selling “stuff” from their homes it doesn’t mean they can’t get in trouble or seriously hurt/killed participating in such “deals”.

There are numerous other ways that Internet can be used to trick people into different scams (through phishing, spamming, etc). And people can be seriously hurt.

Not to mentioning online predators who use popular social networking sites and chats to find new victims. Of course there are filters that could be used to limit children exposure to sites with sexual content and to potentially dangerous chats and forums. But they are not 100% effective – child can simply go to the computer without filter.

Sure, you can say that these examples have nothing to do with the Internet, all those crimes could happen in the offline world too. And my answer to you would be: Internet made all those things much easier, more accessible, lightening fast and available worldwide. At the same time it provides the false sense of pseudo-safety. All things combined, it increased crime ten-fold.

I hope now you can see that based on the “physical harm” risk factor this virtual drug deserves to be placed on the highest position.

  2) Now let’s look at another risk factor – addiction.

How many times per day do you check your email? How many hours per day do you spend online? Come on, be honest. And if you would be unable to check news or chats, see your favorite sites or check emails every day would you feel uncomfortable? Wouldn’t you try to find wireless access asap to login your laptop? Even when you’re on vacation? I rest my case. For many people it’s almost impossible today to live without the Internet.

Which brings us to the last risk factor:

  3) Drug impact on society at large.

None of the currently existing physical substances has even remote impact on society as Internet does.

And I am not talking here about the positive influence of the Internet, far from it. Millions of people around the globe have buried themselves in the virtual world trying to avoid a harsh reality of the physical one.

Millions and millions have been scammed out of their last pennies through different MLM schemes, Forex/stocks super-returns schemes, spending tens of thousands of dollars buying “how to become filthy rich in 1day” type of “manuals”, etc.

Countless millions of Internet users spend all their “free” time and sleepless nights online trying to build their online businesses. While there is nothing wrong with this approach, it doesn’t hurt to remember that only 5% of such businesses succeed and you need a substantial set of skills to become successful online or a budget to hire people with those skills. And the rest 95% lose all their money, hope and in many cases – their families too. Not many spouses are willing to put up with their better halves spending all the time on the computers…

Here you have it – brief introduction to the Virtual Drug – the most dangerous drug of the 21st century….

According to the 2007 study conducted by Javelin Strategy & Research, the average loss of a victim of identity theft through spyware installs, viruses, different hacks, etc increased from $5,981 last year to $7,561 this year.

So we’d better learn all possible ways to protect our bank accounts…

In the previous article about anti-identity theft measures I mentioned that you can employ the credit card monitoring services that will alert you when fraudster will try to steal money from your credit card.

Today let’s explore 2 more methods that can help you to protect your money from identity thieves.

Those measures are specific for the USA, but I’m sure there are similar services in other
countries too.

Method 1: Opt-Out from Pre-Approved Credit Card Offers

Ok, so what can you do to sleep better at night? Well, you can get rid of all those
pre-approved credit card offers that pile up in your mailbox. If you need new credit card,
it’s better to apply to a specific credit card, and not the random one you found in your
mailbox. Keep in mind that the credit cards that are sent to you have the advertisement and mailing cost included in the rate they are offering, so you might be better of making your own research first, and to apply to a card with good APR (don’t pay too much attention to initial offer, look at the real rate. When initial offer is over, you’ll still have to live with that credit card.)

If you want a new credit card with low rates, etc, here is a good place to start your credit card research:
http://www.1ezhost.biz/creditcards.html

If you doesn’t plan to apply for a new credit card in the nearest future then the mounts of pre-approved offers in your mailbox are not only unnecessary, they could be quite
dangerous. Substantial percentage of identity theft frauds is possible because of the
stolen paper mail.

You can stop vendors from sending you all those offers by calling
888-5OPTOUT (in the USA). I’m sure there are similar services in other countries too, just look on the Internet for the “opt-out option for pre-approved credit cards” (or similar) and add the name of your country to a search string.

Method 2: Freeze Your Credit

When identity theft became a massive phenomenon, banks and government tried to work out the solution that would help people whose identity was already stolen.

One of the worst things with identity theft is not when somebody got access to victim’s credit card number and made several purchases through this card. After all, credit card
balances are usually rather limited.

The worst thing is when fraudsters gather enough information about the victim to be able to apply for new credit cards on this person’s name, and provide different mailing address. So it could be a long period until the victim realizes that he has many more open credit cards that he actually applied for. Quite often it’s happens when person tries to apply for a loan, and bank declines his request, states that victim’s credit score is way below the acceptable minimum and shows him and outstanding balances for all the credit cards he “used”.

To help victims, credit agencies suggested to implement credit freez. Basically, this means that no one with the credentials of identity theft victim would be able to apply for any credit card or loan until credit freeze is raised.

Of course, the worst case scenario wouldn’t happen if a person use credit monitoring
services I mentioned earlier, many people still don’t use it.

Credit freeze is convenient, it could be raised for a small fee for a limited time, and
then applied again. The only problem is, in most states it was unavailable to a general
public, this law was only applied to identity theft victims.

Kudos to California. It was the first state that implemented credit freeze (in 2003).And
double Kudos to California for allowing general public also use this law to their advantage.

Other states agreed to apply this law for identity theft victims, but were not so quick to
apply it to the rest of consumers. Many states implemented this law in 2007.

At the beginning of 2008, several more states (Arkansas, Massachusetts, Maryland,
Tennessee and Utah) will join the group. The latest will be Washington, it will allow
credit freeze at September 1, 2008. Overall, by 2008 credit freeze will be implemented in
40 states.

Here is the how you can find information whether credit freeze is available in your state
or not, and if it’s available, how to apply.

Go to http://consumersunion.org/securityfreeze.htm

I’m not sure whether credit freeze is available in other countries or not. If it’s not
available, then contact your politicians. It’s one of the most efficient measures to
prevent identity theft. Hackers will always be several steps ahead of any online security
system that could be invented. So it’s better to pay a few bucks to lift a credit freeze
when you actually need a credit card or loan, and then apply it again than leave your
credit unprotected.

The old school for hacking websites pretty much concentrates on finding [tag]security vulnerabilities[/tag] either in a code of the website (i.e dynamic urls are not properly validated, or functions/ procedures used in web application contain a possibility for buffer overflow, or form’s data entries allow to execute SQL injections, etc).

There are 3 main purposes for such attacks:

1) steal products/ services offered on a website,

2) steal information stored in the databases (both personal information and credit card details)

3) proceed further and use initial vulnerability to gain additional privileges on a server and ultimately, to obtain root access to the server.

Let’s talk today about second purpose of website hacking – obtaining both physical mailing
address, and credit card records that could be used for Identity Theft or simply re-sold on
the Internet.

When hacker tests different methods to get unauthorized access to the website or web application, he most likely use slave computers for this purpose (also called slave bots) or proxy servers or the combination of two.

Granted, it might be difficult for investigators to establish the real source of attack, such as ip that was used for the attack execution, but still it could be potentially risky for hackers.

So the easiest way to get their foot in the door of the target system would be for hackers to obtain the login details of a legitimate user, and use those details to perform their further operations.

And it looks like this approach, combined with advanced fishing scams, became very popular lately. In addition to malware, spyware, viruses and worms we now have rather new phenomenon called ransomware.

Ransomware is what the name implies it is – a type of malware that could be used to take hostages and demand a ransom for a victim.

Only in this case “a hostage” is not a person, it’s a computer. Ransomware encrypts all the files on a victim’s machine, so average computer user is not able to decrypt them, and have to pay a ransom to get access to his/her own files again.

Of course if a person performs regular backups of his machine, this scheme won’t work.

Computer user would be able to easily restore all the files from a backup. But this scheme is very successful, so it’s just gives to show you that only a few people regularly backup computer files.

This exact scheme was used in a Monster.com ransom scam that became well-known lately.

Intruders first obtained access to the employer accounts on Monster. How they did it, is not important now – may be they tricked the account holders to open emails with malicious
attachments and installed Trojans on their computers, and then sniffed all the information

that was exchanged between that machine and the other ones. May be they sniffed out the
packets (note that Monster uses http for login screens, not https, hence login data are
past as a plain text) or they might use any other of the numerous hacking methods. The point is, they obtained unauthorized access to the employers’ accounts.

And people who contacted those employers were looking for the job, so they readily provided all their contact details to those employers including phone numbers, mailing addresses, etc.

After collecting approximately 1.6 million records of job applicants, attackers crafted very well written personalized emails to those applicants and tricked victims to open those emails. When email was open, a Trojan was installed on the victim’s machine. Financial information was stolen or files were encrypted and ransom demanded to “free up” the files.

And there is an evidence that similar scheme is now used at another website for job seekers – CareerBuilder.com.

What is the point of this story? It looks like pure hacking has been slowly replaced by the wholesale approach that doesn’t require too much skills – it’s enough to find the way to get millions of records, trick the recipients, install malware or ransomware, steal credit cards or bank accounts data or just encrypt the files on the victims computer– and voila – attackers got some serious cash in their bank accounts.

Be aware of this new wave of data stealing – I would call it “web hacking without hacking”,
and be extremely careful while opening emails from “employer” or any email from un-known
recipient, for that matter.

Privacy became more of a wish in our times than something that does really exist. Let’s
briefly look at the bigger picture of this [tag]privacy invasion[/tag] issue. We’re under total video surveillance, not only from different cameras, but also from space. You can be videotaped anywhere and anytime.

And it’s not just government video surveillance, take a look at such relatively new features as Google’s “StreetView” and other video programs where your house (and all its PRIVATE land) can be photographed from the space and the photo can be seen by anybody curious enough to peak in your private life. Note that you didn’t give anyone permission to take pictures of your private property. And if your property is behind the fence, then without the space video-invasion it would be difficult to look inside your property without your direct permission (or breaking the law).

But that’s only part of the problem. Don’t you love airport security checks where you have to take off your shoes (be thankful that not your pants)? Sure, it’s explained by the greater good, and it might be necessary, but what I’m worried about is that people are losing the very sense of privacy. If you think about it, any security measures can be explained by a greater good. But where is the border between the security requirements and the total violation of human rights?

Though the line about taking of your pants is a joke, X-ray naked scans can become a reality for the nearest future. It was already tested in UK and US. It looks like everything has been done so people forget even the idea of privacy. I mean how people can maintain self-respect if they can be virtually stripped for no reason at all?

And don’t kid yourself that your naked photo will be stored separately from the file with
your name, address, etc. It’s just doesn’t matter, because all this information can be easily analyzed and records can be matched. In other words, your naked picture can be easily matched to your name.

Do you still have illusion of privacy? May be you think something like this, “I might be scanned, but at least my thoughts remain private”? Don’t kid yourself. Look at government wiretapping that is often done without a warrant. Can it really help to find potential terrorists or it’s just a great substantiation for the eavesdropping on all your calls? May be both, but my guess is that terrorist are capable to encrypt their calls much more effectively than average citizen who has no idea about wiretapping and eavesdropping.

And even that’s not all! Some advocates of “privacy compromise” suggest that all end users should have a second layer of authentication including our biometrics.
Biometrics is just another set of parameters that can be added to the huge data banks that are already used to make a decision about every aspect of your life. It might be and extra security layer for the commerce security. (Though who said that the biometrics can’t be stolen the same way as any other data from the hacked databanks?) But if used for the access to the public services it certainly one further step to the elimination of privacy.

Another suggestion is that we should completely give up our anonymity and authenticate everything, from computers and applications to every ingress and egress connection, in order for the authorities to be able to track down the source of hacker’s attack.
That might help to track down hackers, but combined with space video surveillance, and wiretaps it puts us under almost total 24/7 control.

I’m saying “almost” because now you at least don’t have a computer chip built in your passport. But it’s going to change very soon. Bush administration suggested to implant radio frequency ID (RFID) chips (that can be read remotely) into each passport issued after October 2006. And other governments (including UK and Britain) have similar plans. This means that your name, nationality, sex, date of birth, place of birth,
photograph (and in the nearest future biometrics) will be readily available anytime for anyone with a badge.

What is worse, this information can be stolen by identity thieves by aiming powerful antennas at the person. The encryption keys used to somehow protect the privacy, are not sufficiently secure…

So for those who think that authentication for every network packet is necessary, I say it’s better be done using other measures such as IP v6. It’s not perfect, but at least it allows us to preserve some privacy. Otherwise we totally give up all our rights and let government track virtually all our steps. And it doesn’t mean that we have something to hide, we just want to preserve human dignity that separates us from the animals.

Where is the borderline between security measures and giving up all our rights, and when will be the end of this madness? Here’s something we need to remember: there couldn’t be any freedom or democracy or human dignity in any country if there is no privacy left in it and if its people are under total surveillance.