LISTCRIME WAYS TO FIGHT BACK AGAINST CYBER CRIME

LISTCRIME
YOUR ONE STOP CYBER CRIME INFORMATION SHOP

WAYS TO FIGHT BACK
AGAINST
CYBER CRIMINALS

Listcrime is a one-stop-shop for reliable, up-to-date information about cyber crime, we at Listcrime.com want to give home users and small businesses the advice they need to use the Internet safely. For the most part, references within this web page appear as links to the actual site that the information came from. I revert to customary referencing when citing non-WWW based sources. A bibliography of any sources not linked will appears at the end of this web page.

2) HOW TO BEAT SPAMMERS AT THEIR OWN GAME (Citizens)

1. When you get junk email from BADGUY@internet.com, send back a brief request for more information, or with a specific question. Make it sound very real, and be polite, as if you are a prospective customer of whatever service they are offering.

2. You will get a reply in which the sender will usually include his web page address and/or normal email address.

3. Take the second or third corresponding email from the real Bad Guy and copy it and forward it to his internet service provider See: Reading email headers.

4. Send a complaint to the sender and cc it to his service provider.

USE MULTIPLE E-MAIL ADDRESSES

Consider creating multiple e-mail addresses or accounts. Use one address for family and friends only. Do not post this address online or give it to merchants. Your second address can be used online and for purchases. If you begin to receive unwanted e-mail at this address you can delete that account while not affecting your primary address.

MASK YOUR E-MAIL ADDRESS

If you need to post your e-mail address on a publicly available Web site, you can mask your address. Masking is also called "munging" your address. What this does is make it difficult for spammers' computers to automatically collect your e-mail address, but fairly simple for other people to be able to use your e-mail address.

SIMPLE MASKING

Add a phrase, or a character, that is obviously not a part of your e-mail address. Then users simply remove that part of your address to contact you. So if your e-mail address is "jsmith@example.com," you could mask it as "jsmith@nospam.example.com." This technique can be used on Web pages, in UseNet newsgroup postings, and in some mailing lists. But, if you need to get an automated response, this will not work. So you would still sign up for a mailing list with your regular address, but remember to change the signature that goes out with your e-mail messages.

COMPLEX E-MAIL ADDRESS

An e-mail address containing both numbers and letters can help prevent spam. Many spammers use "dictionary attacks" to e-mail many possible name combinations at large Internet Service Providers (ex: Verizon, Comcast, Earthlink...) or e-mail services (ex: Google, Hotmail, or Yahoo), hoping to find a valid address.

UNIQUE SCREEN NAME

Also, use a unique screen name that is not associated with your e-mail address if you chat online. Screen names are accessible to spammers so don't make it too easy for them to guess your e-mail address

3) HONEYPOTS (Private companies)

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network but which is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource that would be of value to attackers

Companies should start posing as pirate sites that offered downloads of credit cards, copyrighted movies and music but would actually track users who accessed it, then report their IP addresses back to the company.

4) UNDERCOVER ONLINE INVESTIGATIONS (Law Enforcement)

Carefully managed undercover operations conducted by well-trained officers are among the most effective techniques available to law enforcement for actually catching and prosecuting these BAD GUYS who operate and particpate in IRC Channels or Web Sites. Undercover operations, when executed and documented properly, collect virtually unassailable evidence regarding a suspect’s predilection to fiancial crimes. These operations allow law enforcement to go on the offensive and let the BAD GUYS knows we are looking over their shoulders. Despite their obvious worth, undercover investigations generate significant concerns regarding legal, coordination, and resource management issues.

The U.S. Attorney General has established guidelines for Department of Justice law enforcement agencies conducting Internet and/or online undercover operations to answer these concerns. The guidelines are designed to foster information sharing, coordinate investigations, and ensure the probative quality of undercover operations.

5) AGGRESIVE INTERNET SERVICE PROVIDERS (Companies)

No i'm not referring to the NSA warrantless surveillance controversy

http://ispcolumn.isoc.org/2002-01/Uncommon.html

Most Undernet servers are operated by Internet service providers (ISPs) and Web site hosting companies. What should the ISP do? Many responsible ISPs see it as appropriate to conduct an investigation in response to complaints. As a provider of Internet access, web site hosting, email, voice services, television programming, and other-related services, ISPs offers its customers access to voice, video and Internet connectivity networks. ISPs reserves the right to take certain preventative or corrective actions up to and including termination of a customer’s access to networks in order to protect our their networks and provided services. To communicate what activities may not be acceptable, ISPs have Acceptable Use Policy (“AUP”) which supplements and expands each customer's respective Service Agreement.

ISPs often include provisions in their service contracts with their customers to allow them to terminate the service if they believe that their investigation substantiates the complaints on the basis of a breach of contract. Nearly all ISPs have language in their contracts that provide for restrictions on site content and remedies for illegal and unwarranted behavior. Users see this and realize the ISP isn't completely neutral-something more than a conduit, something less than a censor. Once disconnected, the customer is often blacklisted by the ISP to ensure that the customer cannot return later and continue with their actions. Surely this is an appropriate response to such anti-social actions?

For a communications network to be truly useful there are a number of basic attributes Privacy is also an essential attribute, as the message must not be divulged to any other party than the intended recipient, nor should even the existence of the message be made known to any other party. There are many valid arguments as to why ISPs shouldn't be involved with censorship of any kind. Many believe they are just a conduit. The ISP position may be analogous but certain services—such as chat and hosted Web sites—may be illegal and harmful, and the ISP would be expected to take some action.

A common carrier is not a law enforcement agency, nor is it an agent of the judiciary. It may be entirely appropriate for a common carrier to investigate, under terms of strict privacy, a customer's activities and inspect the contents of traffic passed across the network if it has reasonable grounds to suspect that the integrity of the network itself is under threat. Equally, it is probably inappropriate for a common carrier to extend the scope of such investigations on the basis of external allegations of activities that are not related to the integrity of the service itself.

The assumption that an ISP is, in some way, responsible for the actions of its customers has been extended further in some countries, such that the ISP is, in part, responsible for the content carried over its network, including content that originates with a customer of its service

Any Internet customer (and that includes individuals and businesses who buy services from Internet Service Providers (ISPs) or other connectivity providers, and ISPs and other entities who in turn buy connectivity from or have peering with other ISPs or carriers/backbone providers), all of these entities should examine the Terms Of Service and Acceptable Use Policies of the companies that they are getting connectivity from. If these policies seem to lack strong enforcement against abuse of the network OR you have actually encountered this companies reluctance to deal with an abuse problem, terminate your connectivity purchases from this organization and get service from some other company who will take positive and aggressive action when there is abuse.

Perhaps its time to recognise that ISPs are indeed common carriers and have a clearly bounded set of responsibilities with respect to both content and the actions of clients of the service. Perhaps its time to consider how best to enforce social norms on the Internet without compromising the basic integrity of the carrier as a neutral party to the content being carried across the network.

<<<BACK NEXT >>>

PAGE RESOURCES:

http://www.schneier.com/crypto-gram-0307.html#1

http://www.symantec.com/norton/cybercrime/bots.jsp

"An Inquiry Into The Nature And Causes Of The Wealth Of Internet Miscreant"

CONTACT US ABOUT US DISCLAIMER

COPYRIGHT ©LISTCRIME 2008 ALL RIGHTS ®RESERVED