Posts Tagged 'theft'

Keeping a tab on your tabs

Are you a multitasking short attention spanned surfer like me? Or perhaps like the masses of web surfers it might be a good idea to un-check that java script option in your browser. A new phishing tactic is relying on your absent mindedness to gain access to your precious accounts. The phishing site appears to be harmless until it attempts to run a time delayed java script. The script alters the appearance of one of your tabbed browser screens (ie. from your gmail account login page to a fake gmail login page). Thus when you return to that tab you wrongly assume it is safe to enter in your account information.

Crafty indeed. I hardly check URLs in tabbed screens when I return to them but I certainly will from now on. This attack can be used on any website you visit so be sure to keep tabs on your tabs.

Advertisements

Bill aims to cut down the spam

Perhaps some relief is in sight for your email inbox. Canadian Industry Minister Tony Clement has proposed two bills aimed at protecting web surfers from identity theft and spam. Unfortunately spam has just become a part of everyday life and for the most part attempts to reduce or eliminate it have been futile. It’s estimated that spam costs Canadians over $3 billion in network security and lost productivity costs. It’s certainly a step in the right direction. Now if we could only get other countries on board we could free up some bandwidth and make the Internet fast again.

Korean Data Leak Courtesy of Chinese Hackers

They just never quit do they? South Korea is the latest victim of a major data breach courtesy of Chinese hackers. Korean retailer Shinsegae, in addition 24 other companies, reported the theft of approximately 20 million customer accounts and private data. Police tracked down 3 South Koreans for attempting to sell the information online. The original Chinese hackers are still at large.

The government security agency plans on launching a probe into whether the corporations implemented adequate security measures to prevent such a theft. Otherwise, somebody gonna get fired. To date this has been the worst data breach in the country’s history.

“Shinsegae issued a statement of apology after data on 3.3 million of its customers was leaked from its online shopping mall.” (link)

South Korea cracks down

Under increasing pressure South Korean officials have finally cracked down on peer to peer file sharers. In total 39 people were indicted for illegally shared files. I’m guessing there was a lot of movies, software, porn, manga, and of course lots and lots of Starcraft maps. Financial analysts estimate that billions of dollars are lost to digital theft each year. Perhaps this “token” gesture is meant to quiet international pressure. Let’s be honest, it’s a very small step, but it’s a step nonetheless. Maybe there is hope that Asian countries can get serious about piracy? Let’s just wait and see how much Starcraft II gets pirated in the spring.

Destroying data by destroying old hard drives

When I read this article I asked myself, “Is it worth it? Am I really willing to go to this length to destroy my old hard drives?” Of course not. Don’t get me wrong, identity theft is always in the back of my mind. I shred old credit card bills and any junk mail with my name and address on it, but when it comes to hard drives, I don’t think I’m willing to take a hammer to it. It got me thinking of ways to render a drive useless without going to that length. Here are a few ideas I came up with.

Drop the drive while it’s powered on. Do this a few times and it should do the trick. Do the physical damage without the trouble of a hammer or drill.

Remove the PCB. Now a trained data recovery engineer could still recover data, assuming the drive is an older model. With the proper equipment and know how you could reprogram the firmware on a matching pcb, configure it to work with your drive, and use some software to extract the data. However I’m guessing that most run-of-the-mill thieves are this technically capable. Most modern drives come programmed from the factory to work uniquely with each batch of hard drives. In order to do a straight swap and get it working the thief would have to have a hard drive from the same batch, same model, and of course the knowledge.

Format it … and do other stuff. A quick format, chkdsk, defrag might do the trick. As well a low level format or even software that zeroes out the data. Depending on the size of the drive it might take a while. Delete the partition, create a new partition with a different size, copy junk data to the drive, format it again. This just complicates a software recovery and even corrupts some of the data by overwriting portions of old data.

Do a system restore. This is just another way to over write data. You can play around with installing other operating systems as well. Linux, Ubuntu, OSX, Windows 98, go nuts.

Open the drive and scratch up the platters. Most modern drives will require a special torx (or star) tool to remove the screws. Essentially you can do the same by physically dropping the drive while it’s power on. The heads will come in contact with the platters while spinning at 5400 rpm (or 7200).

Is your laptop taking pics of you?

Being able to secretly watch women in various states of undress was the fantasy of many Porky’s fans (hell, it probably still is). But when it comes to doing so with modern technology instead of excitedly peering through a hole in the wall of the women’s shower, the stakes are higher as concerns about privacy and identity theft become more common. One such Peeping Tom learned that the hard way recently, after installing software on a woman’s computer that allowed him to use the camera on her machine to secretly take some 20,000 photos of her and her friends.

It all started when Marisel Garcia started having laptop problems while visiting friends in Gainesville, Florida, last month. Her friends recommended going to a student at the University of Florida who was known for his computer-fixing skills, 23-year-old Craig Matthew Feigin. She left the machine with him overnight and went on her way—until she noticed her computer having new issues several weeks later. In addition to reduced battery life, Garcia told the Gainesville Sun that her laptop’s light turned on every time she got near it—a light that many of us know signals that the built-in camera is in use. (link)

U.S. cracks TJ Maxx data theft case

The US authorities have charged 11 people in connection with the theft of credit-card details in the country’s largest-ever identity theft case.

They are accused of stealing more than 40 million credit and debit card numbers before selling the information.

They allegedly hacked into the computer systems of several major US retailers and installed software to access account details and passwords.

Prosecutors said the alleged fraud was an “international conspiracy”.

‘Increasing vulnerability’

Three of those charged are US citizens. The others come from Estonia, Ukraine, Belarus and China.

The 11 suspects are alleged to have obtained card numbers, account information and password details by driving around neighbourhoods and hacking into wireless equipment. (link)


Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 30 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express