Home  |   Log in, 加盟我们   |   Create account, 在此注册  


Cyber Crime Prevention

HOW CAN WE FIGHT BACK ON CYBER CRIME?

Security measures and co-operation

Companies have already invested substantial capital in advanced computer security technologies. The questions is - should they rely on reactive measures such as black-holing, router filter and firewalls, - are they really efficient and sophisticated enough to protect against cyber criminals? Companies need to be more intelligent, both in the technology they employ and in their use of resources. It is vital that the companies` decision makers wake up and understand the very real threats posed by cyber criminals. A failure to do so have far reaching consequences.

It is essential that companies in the future share information about attacks. They cannot fight alone; therefore a collaborative effort internationally is vital.

How to trace the cyber criminals and stop them, might be difficult - however, in some cases it is possible. Even though it will be hard to collect evidence, which can be stored on servers anywhere in the world - the cyber criminals should realize one thing; they shall not count on Internet to serve as a shield for their illegal activities.

Another critical element for many of them is often that they believe they enjoy anonymity when they use a false identity on a free email address.  Not so smart of them. The success in tracking them hinge largely on co-operation from Internet Service Providers (ISPs) once a warrant is obtained. Law enforcement agencies all over the world are today co-operating to address cyber crime - a work that is paying off.

Remember, it is not the computers that commit cyber crime. People do. It is people, criminals, who are the catalysts behind the keyboard and modems used to commit computer crimes. We must learn to understand how to identify cyber deviant behavior, how to identify the perpetrators, how to protect the innocent and how to determine organizational vulnerability.

SECURITY MEASURES

  • ESTABLISH A DEFENSE STRATEGY, that includes technical, organizational and operational control.
  • ESTABLISH USER POLICIES AND PROCEDURES FOR EMPLOYEES.  For employees` use of your organization's information technology, establish clear User Policies and Procedures. Educate your employees in identifying and avoiding Scam Emails and attempts of Cyber Crime. Make sure they understand their roles and responsibilities.

PRACTICE GOOD SECURITY HABITS  -  COMPUTER LEVEL 

  • EVALUATE YOUR ISP PROVIDER (Internet Service Provider). What services does your ISP offer? Do you feel that the ISP is concerned about security? Compare factors like security, privacy, services, user support, reliability, speed, costs, and recommendations, so that you find an ISP that supports all of your needs.
  • KEEP YOUR BROWSER AND COMPUTER UP-TO-DATE. Not securing your web browser can lead quickly to a variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control over your computer.
  • VISIT THE WEBSITE OF YOUR BROWSER COMPANY, and make sure that your Browser is as secure as possible with the newest updates.
  • INSTALL FIREWALL. Avoid hacking on your computer. Firewalls may be able to prevent some types of infection by blocking malicious traffic.
  • INSTALL ANTI-VIRUS SOFTWARE. Be prepared for Virus Attacks. Use and upgrade Anti-Virus Program and Software regularly, which recognizes and protects your computer against viruses. You may be able to detect and remove the viruses before they can do any damage. Attackers are continually writing new viruses, so it is important to keep your definitions up-to-date.
  • INSTALL SPYWARE PROTECTION. Effective privacy protection for scanning your memory, registry, hard, removable and optical drives for known Data-Mining, Aggressive Advertising, Parasites, Scum ware, Key logger, traditional Trojans, Dialers, Malware, Browser hijackers, Cookies, and tracking components.
  • COORDINATE VIRUS AND SPYWARE DEFENSE. In an attempt to protect your computer you may unintentionally introduce problems. It is important to remember that if you install multiple programs to scan your computer at the same time, you may limit these programs to perform their tasks. In the process of scanning for virus and spyware, the anti-virus and anti-spyware software may misinterpret the virus definitions of other programs, and they may also interpret the definitions wrongly as actual malicious code. This can result in false positives for the presence of viruses and software, and in some cases also quarantine and delete the other software.
  • INSTALL SPAM FILTER. Get rid of junk mail in your mailbox.
  • EVALUATE SETTINGS OF SOFTWARE. The default settings of most software enable all available functionality. Attackers may be able to take advantage of this functionality. Therefore it is especially important to check the settings for software that connects to Internet. Apply highest level of security that gives you the functionality your need.
  • INSTALL SOFTWARE PATCHES in order to keep software up-to-date, so that attackers cannot take advantage of know problems or vulnerabilities of the software. Many operating systems offer automatic updates.
  • REGULARLY SCAN YOUR COMPUTER. Spyware and hidden ad ware in software programs may affect the performance of your computer, and give hackers access to your computer. Use only legitimate software programs, and do not download programs you have found online. Set your anti-virus software to prompt you to run a full scan periodically.
  • ADJUST YOUR BROWSER PREFERENCES TO LIMIT COOKIES AND POP-UP WINDOWS. Adjusting the settings in your browser to reduce or prevent scripting and active content may reduce the number of pop-up windows that appear. You can also adjust your privacy settings to only allow cookies for the website you are visiting.
  • DELETE PROGRAMS YOU DO NOT USE. If you have unnecessary software programs on your computer you do not use, delete them.
  • SECURE YOUR WIRELESS NETWORKS. A wireless network allow you to connect Internet without relying on wires, and you can access the network from anywhere within the wireless area. Be aware of the following; because wireless networks do not require a wire between a computer and the Internet connection, it is possible for hackers within range to intercept an unprotected connection. Therefore; 1) Change default passwords, and it will be harder for hackers to take control of the wireless access point, and 2) Allow only authorized users to access your network, and 3) Encrypt the data on your network.
  • CREATE DIFFERENT AND UNIQUE PASSWORDS.
    • When you choose passwords, use your imagination and select words that will be difficult for attackers to guess.
    • A combination of numbers and characters is the best solution.
    • Use different passwords for different programs and devices.
    • Change your passwords every month.
  • ENCRYPT SENSITIVE FILES. When you encrypt the files, you ensure that unauthorized people cannot view data even if the have access to your computer. You may also consider full disk encryption, which will prevent starting the laptop without a pass phrase. Important to remember by encryption: if you forget or lose your passwords and pass phrases, you may lose your data!
  • ENCRYPT EMAILS WHICH CONTAIN PROPRIETARY INFORMATION. Encrypt e-mail, especially if it contains proprietary information.
  • DO NOT SHARE YOUR PASSWORDS WITH ANYONE. Keep your passwords, codes, usernames, and other computer/website access codes for yourself and do not share them with others.
  • TAKE BACK-UP REGULARLY. Make electronic and physical back-up of documents and photos regularly.
  • HANDLING AND STORING WORK-RELATED INFORMATION. Establish and follow corporate policies for handling and storing work-related information and customer data.
  • LOCK YOUR COMPUTER WHEN YOU ARE ABSENT. By locking your computer even for a few minutes, prevents anyone from being able to sit down and access all of your information.
  • DISCONNECT FROM INTERNET WHEN YOUR ARE NOT USING IT. If your computer always is connected to Internet, the likelihood of attackers or viruses scanning the network for available computers will target your computer becomes higher.
  • ESTABLISH GUIDELINES FOR PRIVAT COMPUTER USE. If other people, including your children, are using your computer, make sure they understand and know how to use your computer and Internet safely.
  • CREATE SEPARATE USER ACCOUNTS. Most operating systems give the option of creating different user accounts. If there are other people using your computer, you should consider creating separate accounts in order to protect your data for being accessed, modified or deleted by others.

FOLLOW GOOD PRACTICES  -  USER LEVEL

Take appropriate precautions when you use email and web browser to reduce the risks that your actions will trigger an infection.

  • Do not open emails from people you do not know. By responding, the scammers will know that your email address is active, and they will definitely continue sending you scam emails.
  • Do not click on links or open any attachments in emails from people you do not know. When clicking on attachments and links, you risk starting a process where a malicious program is automatically installed on your computer, in order to steal sensitive information from you.
  • Do not click on links with pop-up windows, because pop-up windows are often products of  spyware.
  • Always control the receiver's address before you forward an email
  • Be upgraded on how to fight back the threats of cyber crime, and spend time and money educating your employees combating cyber crime to ensure that any suspected abuse is immediately reported and rectified.
  • Educate your technical staff in training their colleagues and create a direct communication line between technical staff and other employees. Be sure that the security measures of your organization is understood and followed by all your employees.
  • Use strict protocols and procedures to limit the types of sensitive information that can be accessed.
  • Listen to experienced computer users, and take regularly back-up of important documents and photos.
  • Be wary of free download-able software, and do not download security software from a Website you do not know.
  • Do not follow links claiming to offer ant-spyware software, because these links may serve the opposite purpose and actually install spyware and virus.
  • Buy security software from your ISP (Internet Service Provider) or download only from your Internet Browser's Web Site.
  • Guard your personal information, and lock it up safely
  • Be critical to information on Internet. Web Sites can be fake.
  • Be suspicions when you receive good offers. If you believe the offer is too good to be true, it is usually too good to be true.
  • Be cautions about emails offering business or job opportunities.
  • Beware promises that claim that you can make money with little or no effort.
  • Beware of Imposters. Be especially suspicious if someone contacts you and ask you to verify your personal information, passwords and codes. Do not give sensitive information to anyone.
  • Have a primary and a secondary email address - one for people you know and one for other purposes.
  • Avoid giving out your email address unless you know how it will be used.
  • Report all suspicious or unusual problems with your computer to your IT-department.

GUARD YOUR PERSONAL AND FINANCIAL INFORMATION

  • GUARD YOUR PERSONAL AND FINANCIAL INFORMATION. Guard your personal information and financial information, and lock it up safely. Do not provide any sensitive information in an email. Do not provide it to anyone unless there is a legitimate reason to do so as part of a transaction.
  • ELECTRONIC PAYMENT. By electronic payment on Internet, always check the Web Site first before you give sensitive information, as credit card number, password or pin code.

Note: At the time that you are asked to provide your financial or other sensitive information, the letters in the beginning of the address bar at the top of the screen should change from »http« to »https« or »shttp«.

Your browser may also show that the information is being encrypted, or scrambled, so no one who might intercept can read it. But remember - while your information may be safe in transmission, there is no guarantee that the company will store it safely. See what their Web Site say about how your information is safeguarded in storage.

  • DO NOT BELIEVE IN ONLINE OFFERS ABOUT CREDIT MONITORING SERVICES. Scam emails often offer credit monitoring services. Do not open scam emails. Do not click on attachments or links. Delete scam emails.
  • DO NOT BELIEVE ANY ONLINE MESSAGES OR OFFERS THAT YOU HAVE BEEN SELECTED TO GET A LOAN AT VERY LOW INTEREST.
  • CHECK YOUR CREDIT REPORTS REGULARLY. If you find accounts that don't belong to you or other incorrect information, follow instructions for disputing those items

PROTECT YOURSELF AGAINST PAYMENT RISKS

Be very careful if you are asked to send payment in advance. Do not give your personal data online when you are asked to provide sensitive information as credit card number, bank account number, and social security number.

A supplier may sometimes ask for a deposit (usually 30%) before he accepts the order. It is not unusual between long-standing trading partners, but are you doing business with the supplier for the first time, make sure you have done sufficient background checks on the supplier before you agree to the deposit, or you can ask for a different form of payment, such as L/C (a letter of credit).

Secure transactions with known e-commerce sites are fairly safe especially if you use credit card. When you are informed by the Seller to transfer funds directly to him via bank-to-bank wire transfer, Western Union, or Money Gram, - do not transfer any money! Money sent via wire transfer can be picked up anywhere in the world, and leave little recourse for the victim.

Look carefully at the Seller who wants you to send checks or money orders immediately to a post office box, before you receive the goods or services you have ordered.