Brandon Hladysh's business was in trouble. Mr. Hladysh, a junior at Baker College of Flint, in southern Michigan, was supposed to be managing the computer network of a small company, but hackers had attacked, and several of his computer servers were down. In a battle with unseen enemies on the network, Mr. Hladysh and his colleagues thought they were losing.
It was scant consolation that the struggle wasn't real. It was the end of the first day of the National Collegiate Cyber Defense Competition, held last month in San Antonio.
The Baker College group was one of 56 teams that had entered state and regional contests this spring. "It's sort of like March Madness, but with computers," said the competition's director, Dwayne E. Williams, an assistant director of the Center for Information Assurance and Security, at the University of Texas at San Antonio. The top six, including Mr. Hladysh's team, had been flown to San Antonio for the national finals, with tickets paid for largely by a grant from the Department of Homeland Security.
The need for colleges to graduate students who understand computer security is growing. The Internet Crime Complaint Center, a partnership of the FBI; the National White Collar Crime Center; and the Bureau of Justice Assistance, in the Department of Justice, reported more than 90,000 crimes in 2007, with reported financial losses of almost $240-million. The goal of the competition is to increase interest in computer security and improve training for network defenders.
Monday, May 5, 2008
Saturday, May 3, 2008
More Colleges Warn Students About Identity Theft Following SunGard Security Breach
Last week The Chronicle reported that at least 18 colleges were hurriedly trying to inform tens of thousands of students that their identities were at risk of being stolen after the software vendor SunGard announced that a thief took off with a laptop owned by one of its consultants.
Since then, at least three more colleges have revealed that confidential data about their students was on the laptop, too. The institutions are: Meridian Community College, in Meridian, Miss.; Virginia Tech, in Blacksburg, Va.; and St. John Fisher College, in Rochester, N.Y. Meridian advised 4,454 former students to take steps to protect their credit. St John Fisher did the same for nearly 2,000 current and former students. Virginia Tech has not disclosed how many people have been affected by the security breach.
Since then, at least three more colleges have revealed that confidential data about their students was on the laptop, too. The institutions are: Meridian Community College, in Meridian, Miss.; Virginia Tech, in Blacksburg, Va.; and St. John Fisher College, in Rochester, N.Y. Meridian advised 4,454 former students to take steps to protect their credit. St John Fisher did the same for nearly 2,000 current and former students. Virginia Tech has not disclosed how many people have been affected by the security breach.
Thursday, April 24, 2008
Major College Software Vendor Puts Students at Many Campuses at Risk of Identity Theft
At least 18 colleges are scrambling to inform tens of thousands of students they are at risk of having their identities stolen after SunGard, a leading software vendor, reported that a laptop owned by one of its consultants was stolen.
The complete extent of the problem is still unknown, though many of the campuses that have been identified are in Connecticut and New York. The laptop contained students' names and Social Security numbers. In some cases, the exposed data also included financial aid information, e-mail addresses, birth dates, and driver-identification numbers.
Now college officials are accusing SunGard of waiting too long—about one month—to inform them of the security breach. The Connecticut attorney general has opened an inquiry into the incident. And there are widespread concerns that SunGard may not be adequately protecting college data.
SunGard Higher Education, the division of the company that employed the consultant, said it found out on March 13 that the laptop was stolen. Colleges said they weren't told of the theft until the second week of April. A spokeswoman for the company, Laura Kvinge, said that was not an undue delay, noting that the company needed to analyze backup data to determine the affected colleges before alerting them.
The complete extent of the problem is still unknown, though many of the campuses that have been identified are in Connecticut and New York. The laptop contained students' names and Social Security numbers. In some cases, the exposed data also included financial aid information, e-mail addresses, birth dates, and driver-identification numbers.
Now college officials are accusing SunGard of waiting too long—about one month—to inform them of the security breach. The Connecticut attorney general has opened an inquiry into the incident. And there are widespread concerns that SunGard may not be adequately protecting college data.
SunGard Higher Education, the division of the company that employed the consultant, said it found out on March 13 that the laptop was stolen. Colleges said they weren't told of the theft until the second week of April. A spokeswoman for the company, Laura Kvinge, said that was not an undue delay, noting that the company needed to analyze backup data to determine the affected colleges before alerting them.
Sunday, April 20, 2008
Senior Citizen Fraud: How To Protect Yourself
A Canadian couple is arrested for allegedly bilking victims across the U.S. by selling bogus credit card protection plans over the phone.
A Maryland financial planning/estate lawyer pleads guilty to defrauding his own clients.
A California man is convicted of stealing nearly $5 million from residents of a retirement home through an investment scheme.
What's the common thread here? All of the victims were elderly, and many lost their life savings.
A Maryland financial planning/estate lawyer pleads guilty to defrauding his own clients.
A California man is convicted of stealing nearly $5 million from residents of a retirement home through an investment scheme.
What's the common thread here? All of the victims were elderly, and many lost their life savings.
Fraudulent Grand Jury Summons Containing Malware
The IC3 warns consumers of recently reported spam email containing a fraudulent subpoena notifying recipients they are commanded to appear and testify before a Grand Jury. The e-mail attempts to appear authentic by containing a court case number, federal code, name and address of a California federal court, court room number, issuing officers' names, and a court seal. Recipients are directed to click the link provided in the e-mail in order to download and print associated information for their records. If the recipient clicks the link, malicious code is downloaded onto their computer.
The e-mail also contains language threatening recipients with contempt of court charges if they fail to appear. Recipients are also told the subpoena will remain in effect until the court grants a release. As with most spam, the content contains multiple spelling errors.
If you receive this type of notification and are unsure of its authenticity, you should contact the issuing court for validation.
Be aware; if you receive an unsolicited e-mail, especially from an unknown sender, it is recommended you do not open it. If you do open the e-mail, do not click any embedded links, as they may contain a virus or malware.
The e-mail also contains language threatening recipients with contempt of court charges if they fail to appear. Recipients are also told the subpoena will remain in effect until the court grants a release. As with most spam, the content contains multiple spelling errors.
If you receive this type of notification and are unsure of its authenticity, you should contact the issuing court for validation.
Be aware; if you receive an unsolicited e-mail, especially from an unknown sender, it is recommended you do not open it. If you do open the e-mail, do not click any embedded links, as they may contain a virus or malware.
Saturday, April 19, 2008
Same Password for Everything? Not a Good Idea
SAN FRANCISCO — Using the same password for multiple Web pages is the Internet-era equivalent of having the same key for your home, car and bank safe-deposit box.
Even though a universal password is like gold for cyber crooks because they can use it to steal all of a person's sensitive data at once, nearly half the Internet users queried in a new survey said they use just one password for all their online accounts.
At the same time, 88 percent of the 800 people interviewed in the U.S. and the U.K. for the survey by the Accenture consultancy, which is to be released Thursday, said personal irresponsibility is the key cause of identity theft and fraud.
Researchers say the findings suggest that many users underestimate the growing threat from organized cyber criminals who can reap big profits from selling stolen identities.
Even though a universal password is like gold for cyber crooks because they can use it to steal all of a person's sensitive data at once, nearly half the Internet users queried in a new survey said they use just one password for all their online accounts.
At the same time, 88 percent of the 800 people interviewed in the U.S. and the U.K. for the survey by the Accenture consultancy, which is to be released Thursday, said personal irresponsibility is the key cause of identity theft and fraud.
Researchers say the findings suggest that many users underestimate the growing threat from organized cyber criminals who can reap big profits from selling stolen identities.
Thursday, April 17, 2008
Internet scams cost consumers $240M
WASHINGTON - Money lost in Internet-related crimes hit a new high last year, topping about $240 million, according to a government report showing increases in scams involving pets, check-cashing schemes and online dating.
The number of reported Internet scams dropped slightly from previous years, but the total lost jumped $40 million, according to the report released Thursday by the FBI and the National White Collar Crime Center.
The report, based on data from the Internet Crime Complaint Center, shows men lost more than women on average - $765 compared with $552 for women.
The report also shows the amounts lost increased with age. Victims in their 20s lost $385 on average while people over 60 reported they lost an average $760 per scam.
The most common crime reported was auction fraud, in which consumers did not get the right merchandise they paid for. A consumer might "pay $25 for a DVD that somebody actually recorded in the back of a movie theater," said FBI spokeswoman Cathy Milhoan.
The second most common crime was non-delivery of a purchased good, followed by confidence fraud, in which scammers ask consumers to rely on them, resulting in a financial loss.
About half the losses involved amounts less than $1,000 and one-third involved amounts between $1,000 and $5,000.
The number of reported Internet scams dropped slightly from previous years, but the total lost jumped $40 million, according to the report released Thursday by the FBI and the National White Collar Crime Center.
The report, based on data from the Internet Crime Complaint Center, shows men lost more than women on average - $765 compared with $552 for women.
The report also shows the amounts lost increased with age. Victims in their 20s lost $385 on average while people over 60 reported they lost an average $760 per scam.
The most common crime reported was auction fraud, in which consumers did not get the right merchandise they paid for. A consumer might "pay $25 for a DVD that somebody actually recorded in the back of a movie theater," said FBI spokeswoman Cathy Milhoan.
The second most common crime was non-delivery of a purchased good, followed by confidence fraud, in which scammers ask consumers to rely on them, resulting in a financial loss.
About half the losses involved amounts less than $1,000 and one-third involved amounts between $1,000 and $5,000.
Tuesday, April 15, 2008
Study Finds 'Alarming' Ignorance About Cybercrime
"Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes," the National Cyber Security Alliance warns.
At the RSA Conference on Wednesday, the National Cyber Security Alliance (NCSA) reported that U.S. consumers don't understand botnets, networks of compromised computers that have become one of the major methods for attacking computer systems.
"Botnets continue to be an increasing threat to consumers and homeland security," said Ron Teixeira, executive director of the NCSA, in a statement. "Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes not only on the victim's computer, but also against others connected to the Internet."
The NCSA survey involved 2,249 online consumers between the ages of 18 and 65, polled by Harris Interactive.
The NCSA said its study indicates that Americans understand that their computers can be subverted, thereby degrading security for others.
Among the study's findings: 71% are not familiar with the term "botnet"; 59% believe it's unlikely that their computer could affect homeland security; 47% believe it's not possible for their computer to be commandeered by hackers; 51% have not changed their password in the past year; and 48% do not know how to protect themselves from cybercriminals.
At the RSA Conference on Wednesday, the National Cyber Security Alliance (NCSA) reported that U.S. consumers don't understand botnets, networks of compromised computers that have become one of the major methods for attacking computer systems.
"Botnets continue to be an increasing threat to consumers and homeland security," said Ron Teixeira, executive director of the NCSA, in a statement. "Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes not only on the victim's computer, but also against others connected to the Internet."
The NCSA survey involved 2,249 online consumers between the ages of 18 and 65, polled by Harris Interactive.
The NCSA said its study indicates that Americans understand that their computers can be subverted, thereby degrading security for others.
Among the study's findings: 71% are not familiar with the term "botnet"; 59% believe it's unlikely that their computer could affect homeland security; 47% believe it's not possible for their computer to be commandeered by hackers; 51% have not changed their password in the past year; and 48% do not know how to protect themselves from cybercriminals.
Monday, April 14, 2008
Scambaiters Turn Tables on Nigerian E-Mail Scam Artists
Revenge is sweet — and thanks to tattoo ink, sometimes permanent — for a growing legion of "scambaiters" who have taken it upon themselves to punish the thieves behind those Nigerian e-mail scams.
Posting their exploits online, scambaiters are turning the tables on the scam artists, conning the cons who have bilked unsuspecting people out of countless millions of dollars in a common scam referred to as the "419 scam" or advance-fee fraud.
Typically, scammers start an e-mail relationship and get their victims to send money to people who claim to be dying or who need help to free a fictitious dead man's money purportedly tied up in a foreign bank account.
The scambaiters play along, goading the scammers to jump through extraordinary hoops in hopes of getting their hands on their victims' cash. One con artist gladly tattooed himself with a design that read "Bilked by Shiver" and sent the photographic evidence to Shiver Metimbers, the founder of 419eater.com, a Web site that documents the scambaiters' revenge.
Posting their exploits online, scambaiters are turning the tables on the scam artists, conning the cons who have bilked unsuspecting people out of countless millions of dollars in a common scam referred to as the "419 scam" or advance-fee fraud.
Typically, scammers start an e-mail relationship and get their victims to send money to people who claim to be dying or who need help to free a fictitious dead man's money purportedly tied up in a foreign bank account.
The scambaiters play along, goading the scammers to jump through extraordinary hoops in hopes of getting their hands on their victims' cash. One con artist gladly tattooed himself with a design that read "Bilked by Shiver" and sent the photographic evidence to Shiver Metimbers, the founder of 419eater.com, a Web site that documents the scambaiters' revenge.
Wednesday, April 9, 2008
FBI Posts 2007 Internet Scams Report
WASHINGTON — Pets, romance, and secret shoppers. They’re each among the top ruses used by Internet scam artists in 2007, according to a comprehensive report on online crime just issued by the Internet Crime Complaint Center, or IC3.
Here’s a rundown on how these scams generally work, along with other common frauds described in the report...
Here’s a rundown on how these scams generally work, along with other common frauds described in the report...
Malicious Hackers Send Users of Community College's Home Page to Porn Site
Some users who tried to view Blue Mountain Community College’s Web site this week saw pornographic images instead. A computer attacker had redirected one of the Oregon college’s Web addresses to a site promising “adult webcam girls.”
The incident happened while administrators were switching to a new Web address, bluecc.edu Malicious hackers hijacked the old address and set it so that users who had bookmarked the old address, or who found the site through a Google search, got a surprise, according to a report in the East Oregonian.
The incident happened while administrators were switching to a new Web address, bluecc.edu Malicious hackers hijacked the old address and set it so that users who had bookmarked the old address, or who found the site through a Google search, got a surprise, according to a report in the East Oregonian.
At Least 86 Campuses Have Been Hit in E-Mail 'Phishing' Scam
An informal survey conducted this week on an e-mail list for campus computer-security administrators showed that at least 86 campuses have been hit in an e-mail scam aimed at colleges.
As we reported last week, malicious hackers are sending e-mail messages to students, professors, and staff members at colleges around the country that seek to trick them into giving away their college-network password and other personal information. The approach is known as “phishing,” and until recently the most common targets were online banking and payment services rather than college networks.
As we reported last week, malicious hackers are sending e-mail messages to students, professors, and staff members at colleges around the country that seek to trick them into giving away their college-network password and other personal information. The approach is known as “phishing,” and until recently the most common targets were online banking and payment services rather than college networks.
Scammer uses police web site
The Waynesville Police Department became the victim of a bizarre scheme to get money and personal information from people in at least two states and South America.
Someone pretending to be an FBI agent cloned the police department’s Web site and used it, and pictures of fake FBI badges, as credentials in the scheme, Detective Ryan Singleton said.
He made the story public on Tuesday to warn people. Police have alerted federal authorities.
Police learned of the scheme on Sunday when would-be victims called to check on the strange directions they were getting in e-mails and telephone calls.
One woman, who lives in the eastern part of the state, said she was told she had a package from London waiting for her at the Waynesville Police Department. The caller told her the package contained money and that she had to pay $2,700 to get the package. Her sister, who happened to be a Wake County sheriff’s deputy, called the Waynesville Police Department to check the story.
Someone pretending to be an FBI agent cloned the police department’s Web site and used it, and pictures of fake FBI badges, as credentials in the scheme, Detective Ryan Singleton said.
He made the story public on Tuesday to warn people. Police have alerted federal authorities.
Police learned of the scheme on Sunday when would-be victims called to check on the strange directions they were getting in e-mails and telephone calls.
One woman, who lives in the eastern part of the state, said she was told she had a package from London waiting for her at the Waynesville Police Department. The caller told her the package contained money and that she had to pay $2,700 to get the package. Her sister, who happened to be a Wake County sheriff’s deputy, called the Waynesville Police Department to check the story.
Tuesday, April 8, 2008
VA 1st state to require Internet safety class
Students are warned about photos, behavior
MIDLOTHIAN, VA -- On a screen at the front of a classroom, Gene Fishel flashed an online social-networking profile of "hotlilflgirl," which said she was 15, enjoys being around boys and wants to meet new people.
The next image revealed the real "hotlilflgirl" - a mug shot of a 31-year-old man who was convicted of sexually abusing 11 children he met online and was sentenced to 45 years in prison.
"Not little, not fly and not a girl," said Fishel, a Virginia assistant attorney general. He warned his audience about the dangers of sharing personal information on the Internet and agreeing to meet Web acquaintances in person.
Fishel's presentation at James River High School recently was one of many being held this school year in the state, the first to mandate that public schools offer Internet safety classes for all grade levels.
MIDLOTHIAN, VA -- On a screen at the front of a classroom, Gene Fishel flashed an online social-networking profile of "hotlilflgirl," which said she was 15, enjoys being around boys and wants to meet new people.
The next image revealed the real "hotlilflgirl" - a mug shot of a 31-year-old man who was convicted of sexually abusing 11 children he met online and was sentenced to 45 years in prison.
"Not little, not fly and not a girl," said Fishel, a Virginia assistant attorney general. He warned his audience about the dangers of sharing personal information on the Internet and agreeing to meet Web acquaintances in person.
Fishel's presentation at James River High School recently was one of many being held this school year in the state, the first to mandate that public schools offer Internet safety classes for all grade levels.
Monday, April 7, 2008
Men fall harder than women for Internet fraud, study finds
When it comes to being taken in by Internet fraudsters, men have a knack for losing cash, according to a new report from the Internet Crime Complaint Center.
Data compiled from more than 206,000 complaints received last year by the U.S. Internet Crime Complaint Center (IC3) shows that men lost $1.67 to every $1 lost by women in online fraud.
The IC3 is the clearinghouse for online crime complaints in the U.S., and its database is used by regulators and law enforcement to get a picture of criminal trends and, in some cases, help hunt down the criminals. It is a joint effort run by the FBI and the National White Collar Crime Center.
Data compiled from more than 206,000 complaints received last year by the U.S. Internet Crime Complaint Center (IC3) shows that men lost $1.67 to every $1 lost by women in online fraud.
The IC3 is the clearinghouse for online crime complaints in the U.S., and its database is used by regulators and law enforcement to get a picture of criminal trends and, in some cases, help hunt down the criminals. It is a joint effort run by the FBI and the National White Collar Crime Center.
Parents bone up on Net safety
Nearly every hand went up when a group of students at Roberson High were asked if they had ever accessed a social networking site. When that same question was posed to parents and educators, less than half could say the same.
The divide that exists between parents and their children on the Internet is part of the problem when it comes to protecting children on the Web, said officials at an Internet safety symposium Saturday at the Asheville-Buncombe Technical Community College.
“I didn’t have computer class in high school,” said Alan Flora, a criminal specialist with the State Bureau of Investigations Computer Crimes Unit. “For those of you sitting in the audience saying, ‘Blah, blah, blah is all I hear,’ I am with you. I challenged myself. I basically got in there and started surfing, and I am now working in the computer crimes unit.”
The divide that exists between parents and their children on the Internet is part of the problem when it comes to protecting children on the Web, said officials at an Internet safety symposium Saturday at the Asheville-Buncombe Technical Community College.
“I didn’t have computer class in high school,” said Alan Flora, a criminal specialist with the State Bureau of Investigations Computer Crimes Unit. “For those of you sitting in the audience saying, ‘Blah, blah, blah is all I hear,’ I am with you. I challenged myself. I basically got in there and started surfing, and I am now working in the computer crimes unit.”
Friday, April 4, 2008
E-Mail Scam Targets Colleges
An e-mail scam has hit thousands of users at dozens of colleges over the past few weeks, leaving network administrators scrambling to respond before campus computer accounts are taken over by spammers.
Students, professors, and staff members at the affected colleges received e-mail messages that purport to come from the colleges' help desks, asking users to reply with their log-in and password, and in some cases other personal information including birth date.
But the messages actually come from malicious hackers who use the information to send spam messages from the accounts. And administrators worry that the compromised accounts could be used to do further damage to the university networks.
Students, professors, and staff members at the affected colleges received e-mail messages that purport to come from the colleges' help desks, asking users to reply with their log-in and password, and in some cases other personal information including birth date.
But the messages actually come from malicious hackers who use the information to send spam messages from the accounts. And administrators worry that the compromised accounts could be used to do further damage to the university networks.
Thursday, April 3, 2008
Wednesday, April 2, 2008
Agents target online predators
She looked like an easy target for an Internet predator. She told her adult “buddy” she was 14 and she lived in the area. After an explicit chat online, they agreed to meet in person. When the man showed up at the meeting place, however, the teenage girl wasn’t there. Instead, it was Buncombe County Sheriff’s Detective Jeff Sluder and a team of deputies waiting with handcuffs. Undercover stings are one of the ways law enforcement agents statewide are working to rout the growing number of criminals who use the Internet to prey sexually on children.
Web bullies loom as growing threat to kids, teens online
Bullying has taken on a new life on the Internet. What used to take place on the walls of the girls bathroom and on neighborhood playgrounds is now happening via social networking sites, instant messages, chat rooms, blogs and text messages. While the dynamic between children is much the same, the methods are far different from what many adults experienced growing up. And when it happens over the World Wide Web, the impact on children may be even more severe — in rare cases, to the point of suicide.
Cyber Busters group likens online world to ‘wild West,’ aims to protect kids
About a week ago, Maria Adolphson saw something on her son’s Web page that concerned her. Once or twice a week she checks her 17-year-old son’s MySpace page. She looks to see who he’s talking to, who his friends are and what he’s talking about. This time she found a stranger trying to lure her son to a shadowy adult encounter. Someone claiming to be a 28-year-old woman had contacted Taylor, telling him she liked his profile and to go to a Web site if he wanted to see more of her. The Web site took Adolphson to partially nude photos of the woman.
WCU ID security breached
The news arrived by mail, and it was unsettling. Someone had hacked into a computer and had access to the Social Security numbers of 555 graduates of Western Carolina University who had signed up for a newsletter.
Universities fend off phishing attacks
In an ongoing attack, students and faculty at nearly a dozen universities and colleges have been targeted by phishing e-mails since the middle of January. The e-mail messages masquerade as missives from each school's help desk, asking that the student confirm their username and password as well as requesting more personal information, including date of birth and country of origin.
Subscribe to:
Posts (Atom)
