What is Phishing

OK, for those of you who don’t know what phishing is, here’s a quick overview. This exploit originates via email and typically requests account information, such as usernames or passwords, a situation that could easily lead to identity theft. According to the United States Federal Trade Commission, nearly 255,000 cases of identity theft were reported in 2003, most of them attributed to the crime of phishing.

Phishing now crosses over to the web, where fake websites are created that look like legitimate sites like Banks. You fill in your details as usual to check your online banking account, only to be redirected to your original bank. Whats actually happened here is that you have entered all your information into a fake website that now has your login details. These are then used to steal your identity or funds from your bank.

What can be done to protect yourself?

Well, here’s a security concept for everyone: “if you can’t do it securely, then don’t do it at all.”

This particularly applies when it would be far more “convenient” to do it in an insecure fashion. I’m not talking convenience here, I’m talking security. So, how this applies to phishing is, don’t use email to send links or account information. Some sites are sort of getting around to this. One such is eBay. Now eBay will include a copy of all legitimate correspondence they send you in your email account at eBay.

Of course, the problem is if someone can match their website close enough to fool you into entering you eBay username/password on their server and do a man-in-the-middle attack on your account (and including their own phishing email in what you see) you’re still 100% compromised. And all that takes is time and skill to set up.

Given the limits of email right now (including SPF and such), it is impossible for the average user to know whether or not a specific email is legitimate or not. Sure, www.ebay.com is easy to verify, but is www.myebaysecurity.com also legitimate? Should I click on the enclosed link? SPF, rDNS, and everything else can confirm that that IP address is legitimately assigned to that name.

So, the easiest solution would be to not send email with links. Yes, I am aware that this will mean the end of the cute HTML email ads that you send/receive. That’s the part about “if you can’t do it securely then don’t do it at all.” There’s no use in crying about what you can’t do if you can’t do what you want to do in a secure fashion.

It’s 2005 and the technology has advanced enough for any financial site (that means any site that involves money being exchanged) to run its own web-email-type system. They wouldn’t even need it to be SMTP-capable. It would only be used for outside people reading their email from that business and sending email to employees inside that business and for employees at that business to send/receive email from the clients connected to it.

This isn’t to say that you’d have to check that email account all the time to see if you have email. Again, this is 2005. We have all kinds of means of alerting people when they need to check something. We can send a text message to their pager or mobile phone, we can leave a voice message on their pager, cell phone or home phone. It would even be possible to send a text only email without any links telling them that they have email at such-and-such bank/auction site/wherever and that they should go there to check it. Since they should already know the web site name (they have used it before, right?) they shouldn’t need to have it spelled out for them in the email.

It is economical for a bank to have a computer call phones and leave voice messages if you need to contact the bank (they already do this) but it is not economical for the phishers to do that (even if they’re running Skype or whatever). And it gets even easier if the bank (or whatever) allows you to choose the text message to be sent to your pager/cell phone.

The best part is that this would not require 51%+ of the email servers to be upgraded or modified or anything else. For this to work for a specific bank/site it would only require that they change. And the technology is 100% available (and Open Source) today.

It should be noted that this does not in any way describe any method for securing financial transactions done over the Web. This is just a method to kill phishing attempts and the losses associated with successful compromises.

Read more about Phishing here: http://en.wikipedia.org/wiki/Phishing

Note: I published this article earlier in the year and I have decided to re-post it due to demands I’m getting from people finding me from this site: http://www.realtime-websecurity.com – Since I re-designed my blog, I had removed this article, hence the re-post.

With the availability of chat  applications like Windows Live Messenger/MSN, Yahoo, Google Chat and chat rooms or  on Internet Web sites like dating sites, Twitter and Facebook, the temptation to meet new people online increases. According to research, online relationships provide individuals with an outlet to tell secrets and express themselves to a stranger anonymously, while allowing for the creation of another persona, or to flirt and get to know someone before they meet.

Men often create a well-groomed, professional, athletic persona, while women create a thin, beautiful and adventurous alter ego. When online, people create fictitious, seemingly perfect personalities that are desirable to others to fill social and psychological needs.Though, most come clean after a short period when it becomes time to meet the other person. In 40% of the cases, online cheating is with someone the person already knows.

Divorce and Relationship Breakdown

A recent survey found that Facebook and Twitter are now fuelling Divorce and the breakdown of relationships. The UK Newspaper ‘The Telegraph’ published this story about the divorce factor. However, this is not something new. Relationships have always been subject to online misuse. These Social Networking sites just make it easier for people to have infidelity whilst in a relationship.

Why it happens

Once the honeymoon phase of marriage or a courtship is over, couples sometimes get bored, begin to take each other for granted and stop doing the nice things they did for one another before getting married or involved. When that happens, (spouses or partners) are vulnerable and may seek affection and attention from someone else. Men are goal oriented. They can’t read (women’s) minds. Women should tell their husbands what they need. Most of the time, men just want to do what their wives need them to do. If a woman needs attention, she should tell her husband exactly what she wants.

Warning signs, consequences and recovery

There are warning signs that an individual might be having an online relationship such as an increase in time spent privately on the Internet, reluctance to let others access the computer, frequently erasing Internet histories and constantly deleting e-mails.

In addition to providing warning signs,there are tips to stop having an online affair:

• Admit Internet use is causing problems in the relationship
• Only use the computer for specific reasons — do not “surf” the Internet
• Move the computer to an open area
• Remove online messaging programs and change e-mail addresses
• Install computer monitoring software
• Spend more time with your loved one, family and friends
• Communicate more with your loved one. Don’t keep secrets

Sometimes people become addicted to the Internet. If an individual is addicted, then more intensive counselling to battle the addiction may be necessary.

The Signs of a Cyber Affair

I’m sure all of us who have been in relationships wonder what our significant other is doing when they are on-line. There is a distinct difference between that random thought that may enter your jealous mind, and a real reason to be thinking about what your loved one is doing or who they are chatting with on-line. If you ever have wanted to know if your loved one was guilty of infidelity, but don’t know how to go about finding out without asking them, then these few tips may help you out.

Lying is always an indicator of something gone wrong in a relationship and is often a sign of infidelity. If your loved one begins to tell you they are “just surfing the Internet,” and they do it in privacy, you may have something to worry about. You must ask yourself how many times this has been happening, There is a fine line before having friends of the opposite sex on the Internet and constantly being with them on-line. If he/she has nothing to hide, then he/she shouldn’t be lying to you in the first place, and you shouldn’t turn into the questioning and jealous loved one until the excuses begin occurring much more frequently.

You should also look for signs (listed below) to see if your loved one seems to be drifting away from you as well. Try to pay more attention to the inner workings of your relationship. See if husband/wife/partner still spends quality time with you willingly, or if he/she avoids speaking with you about anything besides superficial topics. If they are not paying as much attention to you, and you know they do not have a significant reason to want to be alone or more aloof, then this may also be a sign of infidelity. Are they simply avoiding you, or avoiding their friends as well? Usually if a person is cheating on their loved one, they continue to keep contact with their friends much more than the loved one. Sometimes, the best way to tell if they are cheating on you is through the little things.

No matter what happens, always make sure to talk to your loved one before making any rash decisions. Sometimes you may think you have the best clues and you could be completely wrong, so confront them and ask them what’s going on and why you are worried without accusing them. You still want to give them a chance to defend themselves so you can then decide if they are telling the truth, lying once again or if they come clean with the cyber affair. So whatever you decide, discuss your thoughts and feelings with your significant other before breaking off that relationship because of the cyber affair.

Experts say that a gut instinct is one of the most powerful signs of infidelity. Statistics say that 85% of women who feel their lover is cheating are correct. 50% of men who feel their lover is cheating are right. The first clue is seldom obvious. Typically, it’s a “feeling” that something is different. You notice minor changes in your lover’s behaviour. Even the most skilled cheater can’t hide these clues and only a lover in total denial can miss them. The first sign of infidelity can be a comment or incident that seems harmless but remains in your mind. The following is a short list of infidelity signs:

• Your spouse spends an excessive amount of time in the on-line chat rooms
• Long chats to the opposite sex on an Instant Messenger
• Minimizes/Closes or Hides Windows when you walk into the room
• Your spouse pays less attention to you
• Your spouse is preoccupied with on-line chatting, more distant emotionally
• Your spouse is insisting on chatting alone
• Your spouse has unaccounted time away from home
• Your spouse has a decreased interest in sex
• Your spouse becomes defensive during normal conversations
• Discovery of a post office box
• The toilet bowl seat is up, (men) and when you left home it was down
• The passenger seat in the car has been moved and is not in the usual position
• An unusual number of hang ups or wrong number calls
• Fragrances of colognes and/or perfumes are noticed on clothing of a cheating spouse
• Car mileage is unusual for claims made by cheating spouse
• Your spouse explains a late return home as a result of having to drive
  out of town on business, but yet the mileage on the car indicates less than ten mile driven
• Discover the recent opening of another checking account
• Unaccounted for hairs of a different colour on clothing
• Cigarette smoke on clothing that can not be explained
• Credit card transactions for unknown or unusual types of purchases
• Cosmetic, perfume or lipstick purchases listed but not received
• An increase in toll and/or long distance calls
• Increase in ATM withdrawals. Check the transaction record to ID the withdrawal
• Income tax returns revealing unexplained travel and business expense deductions
• Florist or jewellery bills
• Credit card gas purchases that are inconsistent for the amount of miles driven on the car
• Joins a health gym or weight reducing clinic
• Visits made to the tanning salon
• New hair style
• Wearing hair spray, colognes & perfumes more often
• Needs a pager, mobile phone, Protective of said devices
• Excessive buying of new and different clothes
• Sudden and unexplained change in clothing style
• The buying of sexy underwear or lingerie
• There is an unexplained aloofness or indifference in the relationship

Conclusion

Is cheating wrong? Well, yes if you are deceiving a partner or are being deceived. In a relationship, you must trust your partner or spouse, if you have any room for doubt, talk to each other. Try to sort things out before they escalate and get worse. If he or she is cheating, then either sort it out and learn to trust again, or end it. You will only be causing yourself much more pain in the long run.

Personal Service

If your still in doubt, contact me to find out how you or I can investigate your situation and find proof that your partner is or isn’t cheating.

Today, businesses wanting to guard against the potentially ultra-serious hazard of vitally important data being deliberately leaked to unauthorised people outside or even inside the organisation, need to get to grips with an alarming reality: a picture can also conceal a thousand words.

Or in some cases even up to around 5,000 words. More than enough to betray all your most precious and commercially sensitive data: locations of newly-discovered oil fields; formulae for synthesising newly-discovered molecules of breakthrough drugs costing millions or even billions to develop; designs of revolutionary products you’re planning on being the first to bring to market; ultra-sensitive lists of hard-won customers; you name it.

Data concealed in pictures? It may sound like the basis for a plot sequence in the next Mission Impossible movie, but it isn’t. It’s real. And unless you are prepared to let any Tom, Dick or Harry cruise around your precious data, you need to be aware of the threat it poses.

The technique is called steganography, from Ancient Greek words meaning hidden or covered writing, just as that lumbering dinosaur the stegosaurus is so named because its back was covered in those large bony plates whose real purpose is a mystery even today.

But steganography wasn’t a mystery to the Ancient Greeks; indeed they most likely invented it. The Greek historian Herodotus records that in 312 BC, Histaeus of Miletus commanded the head of his most trusted slave to be shaved and tattooed with a vitally important secret message on it. Once the slave’s hair had grown, hiding the message, Histaeus used him as an emissary to a friendly power via enemy territory to instigate a revolt against the Persians.

This example from history shows why steganographic writing is such a dangerous threat to security. Friends who betray us are always a more potent threat than people we recognise as enemies from the outset, and steganographic messages look friendly and innocent.

You could devise a simple steganographic message by agreeing with your recipient that your real message will consist of the first letter of every word of your apparent message. ‘Bring us your invoice by Monday’, for example, would really mean ‘BUY IBM’. In steganographic writing the apparent message is known as the covertext and the real message is called the plaintext.

The innocuous appearance of the covertext in the example illustrates why steganographic writing doesn’t tend to set alarm bells ringing. It looks innocent, whereas the message ‘BUY IBM’ encrypted in a simple code that consisted, say, of substituting each letter for the next letter in the alphabet – ‘CVZ JCN’ – obviously looks dodgy and would be certain to awaken the suspicions of even the most credulous member of an industrial espionage prevention team.

The point is that any encrypted message will tend to raise suspicions because even though it can’t readily be read you will know it’s been encrypted and will instantly conclude that something fishy’s going on.

In the highly competitive ocean of modern business, the threat of steganography has recently become a major issue in corporate life.

It’s actually been a significant threat for several years due to the increased computing power available on everyone’s desktop, but people have been distracted by publicity about cryptography and steganography has rather remained in the background.

It’s a particularly worrying threat now because of the enormous computing power on desktops today, the massive volume of electronic communications, and the number of freely available tools that allow even a routine user to employ steganographic techniques.

By far the biggest type of threat is the potential for concealing steganographic writing within computerised images. With Windows you can literally drag and drop your hidden text onto a picture and the deed is done.

As Gordon Gekko reminded us in the film Wall Street (1987), the most valuable commodity of all is information. And it’s precisely that which can so easily be given away today – or sold – using image-based steganographic techniques.

What’s actually happening when you carry out what looks like a simple drag and drop?

An electronic image is comprised of thousands of ‘picture elements‘ or ‘pixels‘. A pixel is a binary number that provides information on the colour or (in a black and white picture) the shade of grey that should be displayed in that particular pixel.

The binary number will look something like this: 10011011 etc depending on the pixel in question. The individual numbers (the 1 or the 0) are known as bits and the further along you go to the right the less significant the bits become in defining the precise colour of the pixel.

Why does the opportunity for steganography exist? Because while each pixel is defined by a series of bits, some of these bits can be changed without affecting the resulting pixel to any discernible extent. In a computerised image whose size is 256 by 256 pixels, making a total of 65,536 pixels, there would easily be room to conceal say, about 5,000 words of data.

This method of concealment is known as ‘bit twiddling‘. An obvious place to conceal a secret message would be within a computerised picture that does not show any apparent changes.

Bit twiddling is the most common way to conceal text within a computerised image. There are many more techniques, though, particularly when using image formats such as the now ubiquitous jpeg which many will have encountered through their digital cameras.

An apparently innocuous picture of – of example – an employee’s child’s first day at school taken with a standard family digital camera could easily be used to conceal a damaging leak. The leak could be so fatal that by the time the school term ends, thousands of other mums and dads at the business from which the information was leaked will have had to find new jobs – if they can.

Insider Threats are big business, and selling or leaking company information, customer credit card details and more can now all be hidden in a single image file and emailed or innocently be taken out of the building on a laptop or removable media.

What’s the best way to guard against the hazard of modern image-based steganographic betrayal?

The first step is to recognise that it is a potential problem and get help to understand what tools are likely to be available to a malicious team member. You also need to know the manner in which these tools can be used because they often leave little trace of their presence – some are even termed ‘zero footprint‘ by those who develop them.

Yet help is at hand because dedicated teams of experts have been making available tools to help detect steganography. The technique they use is known as ‘steganalysis’.

Steganalysis is as much an art as a science. The detection tools need to be used so that the appropriate steganalysis resource is used in the appropriate situation.

Admittedly, this is not easy, when the range of steganography tools and the steganalysis counterparts have proliferated and are proliferating just as the threat from viruses did when they first emerged into the IT environment.

At work I began my own anti-steganography work as a forensic technical exercise but was soon alarmed at what my experiments were told me, not just about the power of the steganography tools available but also about the degree of care that needs to be applied to combat this potent security hazard.

Taking the threat of betrayal by apparently innocuous pixels seriously will lead you to put into practice the measures necessary to defend against it. And you do need to take this threat very seriously indeed. The stegosaurus may be long extinct, but steganographic treachery is, unfortunately, here to stay.

If criminals or other malicious users steal this information, they can use your name to open new credit card accounts, apply for a mortgage, or pose as you in online transactions. In many cases you would not notice these attacks until it was too late.

Fortunately, it is not hard to create strong passwords and keep them well protected.

What makes a strong password

To an attacker, a strong password should appear to be a random string of characters. The following criteria can help your passwords do so:

Make it lengthy. Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.

Many systems also support use of the space bar in passwords, so you can create a phrase made of many words (a “pass phrase“). A pass phrase is often easier to remember than a simple password, as well as longer and harder to guess.

Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. Other important specifics include:

The fewer types of characters in your password, the longer it must be. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard. If you cannot create a password that contains symbols, you need to make it considerably longer to get the same degree of protection. An ideal password combines both length and different types of symbols.

Use the entire keyboard, not just the most common characters. Symbols typed by holding down the “Shift” key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard, and any symbols unique to your language.

Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.

In general, passwords written on a piece of paper are more difficult to compromise across the Internet than a password manager, Web site, or other software-based storage tool, such as password managers.

Create a strong, memorable password in 6 steps

Use these steps to develop a strong password:

1. Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as “My son Aiden is three years old.”

2. Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.

3. If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you’ve created to create a new, nonsensical word. Using the example above, you’d get: “msaityo”.

4. Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden’s name, or substituting the word “three” for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become “My SoN Ayd3N is 3 yeeRs old.” If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like “MsAy3yo”.

5. Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of “MySoN 8N i$ 3 yeeR$ old” or a password (using the first letter of each word) “M$8ni3y0″.

6. Test your new password with a Password Checker. A Password Checker is a non-recording feature on this Web site that helps determine your password’s strength as you type.

Password strategies to avoid

Some common methods used to create passwords are easy to guess by criminals. To avoid weak, easy-to-guess passwords:

Avoid sequences or repeated characters. “12345678,” “222222,” “abcdefg,” or adjacent letters on your keyboard do not help make secure passwords.

Avoid using only look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an ‘i’ with a ’1′ or an ‘a’ with ‘@’ as in “M1cr0$0ft” or “P@ssw0rd”. But these substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case, to improve the strength of your password.

Avoid your login name. Any part of your name, birthday, social security number, or similar information for your loved ones constitutes a bad password choice. This is one of the first things criminals will try.

Avoid dictionary words in any language – Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, and substitutions. This includes all sorts of profanity and any word you would not say in front of your children.

Use more than one password everywhere – If any one of the computers or online systems using this password is compromised, all of your other information protected by that password should be considered compromised as well. It is critical to use different passwords for different systems.

Avoid using online storage – If malicious users find these passwords stored online or on a networked computer, they have access to all your information.

The “blank password” option

A blank password (no password at all) on your account is more secure than a weak password such as “1234″. Criminals can easily guess a simplistic password, but on computers using Windows XP/Vista or Windows 7, an account without a password cannot be accessed remotely by means such as a network or the Internet. (This option is not available for Microsoft Windows 2000, Windows Me, or earlier versions) You can choose to use a blank password on your computer account if these criteria are met:

• You only have one computer or you have several computers but you do not need to access information on one computer from another one

• The computer is physically secure (you trust everyone who has physical access to the computer)

The use of a blank password is not always a good idea. For example, a laptop computer that you take with you is probably not physically secure, so on those you should have a strong password.

How to access and change your passwords

Online accounts

Web sites have a variety of policies that govern how you can access your account and change your password. Look for a link (such as “my account”) somewhere on the site’s home page that goes to a special area of the site that allows password and account management.

Computer passwords

The Help files for your computer operating system will usually provide information about how to create, modify, and access password-protected user accounts, as well as how to require password protection upon startup of your computer. You can also try to find this information online at the software manufacturer’s Web site. For example, if you use Microsoft Windows XP, online help can show you how to manage passwords, change passwords, and more.

Keep your passwords secret

Treat your passwords and pass phrases with as much care as the information that they protect.

Don’t reveal them to others – Keep your passwords hidden from friends or family members (especially children) who could pass them on to other less trustworthy individuals. Passwords that you need to share with others, such as the password to your online banking account that you might share with your spouse, are the only exceptions.

Protect any recorded passwords – Be careful where you store the passwords that you record or write down. Do not leave these records of your passwords anywhere that you would not leave the information that they protect.

Never provide your password over e-mail or based on an e-mail request. Any e-mail that requests your password or requests that you to go to a Web site to verify your password is almost certainly a fraud. This includes requests from a trusted company or individual. E-mail can be intercepted in transit, and e-mail that requests information might not be from the sender it claims. Internet “phishing” scams use fraudulent e-mail messages to entice you into revealing your user names and passwords, steal your identity, and more.

Change your passwords regularly – This can help keep criminals and other malicious users unaware. The strength of your password will help keep it good for a longer time. A password that is shorter than 8 characters should be considered only good for a week or so, while a password that is 14 characters or longer (and follows the other rules outlined above) can be good for several years.

Do not type passwords on computers that you do not control. Computers such as those in Internet cafés, computer labs, shared systems, kiosk systems, conferences, and airport lounges should be considered unsafe for any personal use other than anonymous Internet browsing. Do not use these computers to check online e-mail, chat rooms, bank balances, business mail, or any other account that requires a user name and password. Criminals can purchase keystroke logging devices for very little money and they take only a few moments to install. These devices let malicious users harvest all the information typed on a computer from across the Internet—your passwords and pass phrases are worth as much as the information that they protect. Windows has an OnScreen Keyboard that you can access if needs be. Press Start > Run and type OSK and click OK. Now use the mouse to type in a password.

Windows 7 On Screen Keyboard

What to do if your password is stolen

Be sure to monitor all the information you protect with your passwords, such as your monthly financial statements, credit reports, online shopping accounts, and so on. Strong, memorable passwords can help protect you against fraud and identity theft, but there are no guarantees. No matter how strong your password is, if someone breaks into the system that stores it, they will have your password. If you notice any suspicious activity that could indicate that someone has accessed your information, notify authorities as quickly as you can. If you need further help on what to do if you think your identity has been stolen or you’ve been similarly defrauded, then contact me.

When people take a sexually revealing picture or video of themselves and send it or them as text message attachments, it’s called “sexting.” And recently the practice has been increasing exponentially amongst kids. Kids “sext” to show off, to entice someone, to show interest in someone, or to prove commitment. The problem with that, is that the moment the relationship ends (and most of them do) someone is in possession of a highly compromising image that can be easily posted on a social networking site or sent around via email or text.

There have been some high profile cases of sexting — including High School Musical star Vanessa Hudgens, who sent a nude picture to her co-star/boyfriend, Zac Efron, that ended up all over the Internet and made headlines. And in July 2008, Cincinnati teen Jesse Logan committed suicide after a nude photo she’d sent to a boyfriend was circulated widely around her high school, resulting in harassment from her classmates.

Why It Matters

In a technology world where anything can be copied, sent, posted, and seen by huge audiences, there’s no such thing as being able to control images. Even if a photo was taken and sent as a token of love, the intention doesn’t matter — the technology makes it possible for everyone to see your child’s most intimate self. And in the hands of teenagers, when revealing photos are made public the subject almost always becomes the object of ridicule and name calling. Furthermore, sending sexual images to minors is against the law, and some states in the US and the UK have begun prosecuting kids for child pornography or obscenity.

Advice for Parents

Don’t wait – for an incident to happen to your child or your child’s friend before you talk to your kids about the consequences of sexting. Sure, talking about sex or dating with teens can be really uncomfortable, but better to have the talk before the fact.

Remind them – that once an image is sent, it can never be retrieved — and they will lose control of it. Ask teens how they would feel if their teachers, parents, or the entire school saw the picture, because it happens all the time.

Talk about pressures – to send revealing photos. Let teens know that you understand that they can be pushed or dared into sending something. Tell them that no matter how big the social pressure is, the potential social humiliation will be hundreds of times worse.

The buck stops with them. If someone sends them a photo, have them delete it immediately. Better to be part of the solution than the problem. Besides, if they do send it on, they’re distributing pornography — and that’s against the law.

If you can’t deal with this, have your kids go to a professional that can help (and you should go yourself).

Statistics

• 22% of teen girls and 20% of teen boys have sent nude or semi-nude photos of themselves
• 22% of teens admit that technology makes them personally more forward and aggressive
• 38% say exchanging sexy content makes dating or hooking up with others more likely
• 29% believe those exchanging sexy content are “expected” to date or hook up

Remember; revealing photos can be resent to a vast audience. If the person you or a kid sends an explicit image via mobile phone, or even email. These can be forwarded to someone else, and before you know it, the content is uploaded online or passed between peers and sending a sexual image to a minor, even minor to minor is illegal.

Evidence

As a parent, you may be worried what your kids are sending to each other. Where do your ethics come in to play regarding a kids privacy? Sometimes drastic measures will force you to intervene in a child’s life and development and for his or her protection.  For the worried parent there is software available that will help you. MOBILedit is a Forensic Application that works will all mobile phones and PDAs and requres a data cable (one of these usually comes with a new phone as standard, if not, they are cheap to buy).

MOBILedit is quite costly, but the trial is fully functional and will allow you to use the application for a short time. Which will be all you need to gather the information you need. This software can also be used to read test (SMS) messages from both sides of the conversation. This is useful if your child is being bullied, or is indeed a bully him or herself. The application can be used for many predicaments you and your child may come across, and a way of proving facts.

Do not use this software as just a spying tool, this would be unfair and you would be infringing on privacy issues if you have no just cause, so please use this software wisely. You can download the trial below.

Well, don’t be too caught up in your Twitter postings that you forget your safety. Remember that the Internet is still a prime target market for sexual predators, stalkers, fraudsters, scammers, hackers and people who want to do others harm. You might need these Twitter safety tips more than you realise, especially if you have just started to use twitter.

Just the other day, I chanced upon this TV interview of a young, popular actress who pointed out that someone has set up an account on Twitter, pretending to be her which leads me to…

Twitter Safety Tip # 1:  Don’t believe everything you read

Have we not learned from the past? The Internet, while not harmful by itself, is still a haven for individuals and groups that are up to no good.

After all, who can say that a 50-year-old pervert isn’t a cute, 15-year-old student from London when he sounds just like a 15-year old student from London? And that picture of him in that blue shirt just backs it up, right?

If you are inclined to believe this, then you need this Twitter safety tip more than anyone else. People who want to befriend you can easily make up lies on Twitter. Don’t think for a second that they wouldn’t take the time and effort to prattle away about their non-existent boring Algebra classes and upcoming winter dance if it meant making themselves more convincing.

Be aware that there are many fake profiles on twitter. Learn how to spot them. Firstly, you’ll notice that they have not posted much, and with links being shortened, its hard to see if your being sent to a real site or a dodgy site where you will be prone to a clickjacking attack/scam. Other things too look out for are the following and followers. Usually you can tell by looking if this is a real person or a fake. Also keep away from people sending tweets from API. Scammers/Spammers also follow each other, and may converse between themselves to make it look like they have actual friends. Be wary. A quick example of clickjacking. Click this link (its safe), but its shows you how an easy link can be spoofed.

The most common looking fake profile with low followers

Automated tweets from the Twitter API - Block these people

If you want to follow a celebrity, I suggest you look for the new Twitter Verified Account tag that’s added at the top right of a profile, and check out Valebrity for a huge list of validated celebs.

An official Verified Account

Last bits on this subject, there are lots of automated scripts out there that create fake profiles, bots that create fake posts and user accounts. So if you are unsure that this is a real person, do some investigating and look at their followers and see if any of them has ever had a proper conversation with this possible ‘fake’. If in doubt, don’t follow them back and block them.

A typical fake Profile. Notice there's no conversation, and low followers

Also beware of tweets and websites that claim Get 160,000 followers in a month, or words like that. Firstly, they don’t work, and secondly they are probably a scam.

Why? Well, once you click a link, you are directed to a website where you enter your Twitter login details. Now the scammers/spamers can send tweets from your account. Also, they may flood Twitter with thousands of messages. Twitter hates this and it will get your account locked and possibly deleted. If this happens and you still have access to your account, change your password immediately.

When visiting any website that is not directly affiliated or endorsed by twitter, be very careful when submitting your account details. You never know who owns the website or what they are using it for, so do some research first. Check the whois information for the site (this can also be faked), search twitter to see if other people are using the site (or even an app) and see if they seem to be sending spam tweets. If all is clear, then they are probably OK.

Never pay for a service that links to Twitter.

Twitter Safety Tip # 2: Don’t give out your location

I know that micro blogging is fun. There’s just something addicting about being able to post what you’re doing or what you’re feeling at this exact moment… and having hundreds, possibly thousands of followers seeing it.

If you have added people in Twitter who are not really your friends, then all the more reason to be careful. If you, for example, tweets that you’re stuck in the Starbucks near your home late at night, anyone could just take advantage of that information. Its only a matter of time until you turn on the TV and hear that someone is being stalked or has been attacked or murdered because they twitted their exact location, so be warned.

Lastly on this location tip. Be careful if you are using an iPhone and turn on the Location Option. It looks like this in a persons profile: 37.739705,-122.430799 and gives you the longitude and latitude of a persons iPhone. This can be used to track you. So turn this feature off.  In a test, I activated this feature on an iPhone with Twitterrific. With a laptop and mobile phone enabled with GPS Software I travelled miles away from home, where I left the iPhone switched on. I activated the Laptop and GPS, loaded my Twitter page and got the coordinates. I entered them into the GPS system and navigated the route to 20 meters from my doorstep. Anyone could do this with just a laptop and GPS Enabled phone. You can also go to Google Maps and copy and paste the longitude and latitude, this will also give the location. And with Street View, you can probably see where that person lives.

Twitter Safety Tip # 3: Don’t attract too much attention to yourself

Twittering that you have just received a gold bracelet from your boyfriend can also attract the wrong sort of followers to your account. Trust should not be so freely given on the Internet.

You might want to show it off on Twitter via TwitPic or some other image provider or host, but think about the possible risks. It might tempt others into doing something both you, and they, will regret.

As much fun as Twitter is, set a limit on how much private information you’re really broadcasting to the world. Many of you may be thinking, ‘yeah, whateverrrr’, or ‘yeah OK, this will never happen to me’. But never forego you’re safety,  and never let your guard down on the Internet. If you do, you’re a fool!

More protection…

When using twitter, I’d suggest using a 3rd party application like TweetDeck (which is my favorite twitter app) or CoTweet (which is my second fave). The reason for using a 3rd party application is that it uses Twitters API (Application programming interface) and you are less likely to get a trojan or virus from clicking on a users infected profile. Yes! You can also get a Trojan or Virus from using Twitter. A while back, Twitter was plagued by the ‘Mikeyy Worm‘ that infected you if you clicked on a profile that had been compromised by the Mikeyy worm. Incidentaly, the Mikeyy worm was actually written by Michael Mooney, a 17 year old kid and it crippled millions of Twitter accounts.

You can keep track of attacks on twitter here. And if you would like to report suspicious activity, a spammer or something that doesn’t look right, follow twitters Spam Team and then send them a tweet with your problem: http://twitter.com/spam and they should help. Also, if you have any real issues and you need support from Twitter, visit their ticketing system.

Twitter is not perfect and is riddled with security holes, and more are being discovered or exploited daily. For a platform that’s almost over 3 years old, the boffins at Twitter really should plug these holes, tighten up security and keep people safer. Don’t let this spoil your twitting experience though. As long as you keep safe whilst on twitter, and learn how to spot the fake profiles, you’ll have a great time.

If you have any Twitter tips you would like to share with us, please comment below and at some point I will include these in a list, and credit you.

Lastly, check out Sharon Hays’ Blog for tons of Twitter information. She’s a pure Twitter professional, lovely person and her blog will help you get used to Twitter if you are new. Also, checkout Twitter 101 for some excellent information.

Recent Twitter Bots/Scammers

I will update this section of this post as new scams, bots and strategies change, so keep popping back for updats…

You will notice that they are now having conversations. But with other bots and they use rubbish English like ‘Howz U doin‘,  ‘I did dat last wk‘ and so on. If you click on the people they are following, you will notice the same bad grammar and spellings. Some of these new spammers are also now mimicking or pretending to be up and coming actors/actresses and celebs.

3rd Party Application Spam

I’ve noticed that spammers are now creating profiles and posting tweets via TweetDeck and CoTweet as well as TwitterFeed. Again, there is no real conversation and the posts are riddled with useless links and random tweets. You may also notice that the spammers and bots are now using lists to make them look like normal people. Be wary.

New fake profile using TweetDeck and using Lists

True Twit

This is not a danger, but I wanted to update you with this cool utility. If you are plagued by Twitter spam (or Twam) and you have had enough, you can try True Twit. True Twit has been around a while now and what it does is to verify anyone following you. So, if for example, I follow you, I’m sent a DM to click a link to verify that I am in fact a cool human being and wants to follow you because I think your cool. I don’t have to enter any of my Twitter details either.

True Twit - Helping stop Twitter Spam

True Twit also has a few neat options behind the scenes, where you can send a verification note to anyone on your list to whom you think may is a spammer or may have a fake profile, they are then sent a DM to verify themselves. The message that is sent is customisable, or you can use the default message. You can also unfollow people too. Signup today and help stop the spam.

http://www.truetwit.com.

Stay tuned for more info…

Office 2010 in action

Compared to the screenshots of Outlook 2010 that were leaked to ZDNet’s iGeneration a month ago, not much has changed, but the effects of a new fade-to-Aero gradient in the header bar is much more obvious. In terms of the actual applications, Excel does not seem to have changed at all whereas Powerpoint has a new “Transitions” tab possibly indicating improved effects and animations behaviors. Outlook’s changes are pretty self explanatory. Each application’s “Ribbon button” is also colored differently, allowing easy differentiation between the applications.

Microsoft Office Outlook 2010 on Windows 7

Having said all that, I have no idea what’s going on with “Office 2010 The Movie“. A viral campaign for business applications? Sure, bring it on.

One of the most prominent features of stalking behaviour is fixation on victims. Their obsession can drive stalkers to extremes that make this type of investigation challenging and potentially dangerous. Although stalkers who use the Internet to target victims may attempt to conceal their identities, their obsession with a victim often causes them to expose themselves. For instance, they may say things that reveal their relationship with or knowledge of the victim, or they may take risks that enable investigators to locate and identify them. However, even when stalkers have been identified, attempts to discourage them can have the opposite effect, potentially angering them and putting victims at greater risk.

In 1990, after five women were murdered by stalkers, California became the first state in the US to enact a law to deal with this specific problem. Then, in 1998, California explicitly included electronic communications in their anti-stalking law. The relevant sections of the California Penal Code have strongly influenced all subsequent anti-stalking laws in the US, clearly defining stalking and related terms.

Any person who willfully, maliciously, and repeatedly follows or harasses another person and who makes a credible threat with the intent to place that person in reasonable fear of death or great bodily injury is guilty of the crime of stalking … “harasses” means a knowing and willful course of conduct directed at a specific person that seriously alarms, annoys, torments, or terrorizes the person, and that serves no legitimate purpose. This course of conduct must be such as would cause a reasonable person to suffer substantial emotional distress, and must actually cause substantial emotional distress to the person.

… “course of conduct” means a pattern of conduct composed of a series of acts over a period of time, however short, evidencing a continuity of purpose … “credible threat” means a verbal or written threat, including that performed through the use of an electronic communication device, or a threat implied by a pattern of conduct or a combination of verbal, written, or electronically communicated statements and conduct made with the intent to place the person that is the target of the threat in reasonable fear for his or her safety or the safety of his or her family and made with the apparent ability to carry out the threat so as to cause the person who is the target of the threat to reasonably fear for his or her safety or the safety of his or her family. It is not necessary to prove that the defendant had the intent to actually carry out the threat… “electronic communication device” includes, but is not limited to, telephones, cellular phones, computers, video recorders, fax machines, or pagers.” [California Penal Code 646.9]

The equivalent law in the United Kingdom is the Protection from Harassment Act 1997 (Chapter 40).

Note that persistence is one of the operative concepts when dealing with stalking. A single upsetting e-mail message is not considered harassment because it is not a pattern of behavior. Remember that anti-stalking laws were enacted to protect individuals against persistent terrorism and physical danger, not against annoyance or vague threats.

The distinction between annoyance and harassment is not easily defined. It is usually enough to demonstrate that the victim suffered substantial emotional distress. However, there is always the argument that the victim overreacted to the situation. If a victim is not found to be a “reasonable person” as described in the law, a court might hold that no harassment took place. Therefore, when investigating a stalking case, it is important to gather as much evidence as possible to demonstrate that persistent harassment took place and that the victim reacted to the credible threat in a reasonable manner.

The explicit inclusion of electronic communication devices in California’s anti-stalking law is a clear acknowledgement of the fact that stalkers are making increasing use of new technology to further their ends. In addition to using voice mail, fax machines, cellular phones, and pagers, stalkers use computer networks to harass their victims. The term cyberstalking refers to stalking that involves the Internet. This chapter briefly describes how cyberstalkers operate, what motivates them, and what investigators can do to apprehend them.

How Cyberstalkers Operate

Cyberstalking works in much the same way as stalking in the physical world. In fact, many offenders combine their online activities with more traditional forms of stalking and harassment such as telephoning the victim and going to the victim’s home. Some cyberstalkers obtain victims over the Internet and others put personal information about their victims online, encouraging others to contact the victim, or even harm them.

CASE EXAMPLE (ASSOCIATED PRESS 1997):

Cynthia Armistead-Smathers of Atlanta believes she became a target during an e-mail discussion of advertising in June, 1996. First she received nasty e-mails from the account of Richard Hillyard of Norcross, GA. Then she began receiving messages sent through an “anonymous remailer,” an online service that masks the sender’s identity.

After Hillyard’s Internet service provider cancelled his account, Ms Armistead-Smathers began getting messages from the Centres for Disease Control and Prevention in Atlanta, where he worked. Then she got thousands of messages from men who had seen a posting of a nude woman, listing her e-mail address and offering sex during the Atlanta Olympics.

But police said there was little they could do – until she got an anonymous message from someone saying he had followed Ms Armistead-Smathers and her 5-year-old daughter from their post office box to her home.

People say “It’s online. Who cares? It isn’t real. Well this is real,” Ms Armistead-Smathers said. “It’s a matter of the same kind of small-minded bullies who maybe wouldn’t have done things in real life, but they have the power of anonymity from behind a keyboard, where they think no one will find them.”

In general, stalkers want to exert power over their victims in some way, primarily through fear. The crux of a stalker’s power is information about and knowledge of the victim. A stalker’s ability to frighten and control a victim increases with the amount of information that he can gather about the victim. Stalkers use information like telephone numbers, addresses, and personal preferences to impinge upon their victims’ lives. Also, over time cyberstalkers can learn what sorts of things upset their victims and can use this knowledge to harass the victims further.

Since they depend heavily on information, it is no surprise that stalkers have taken to the Internet. After all, the Internet contains a vast amount of personal information about people and makes it relatively easy to search for specific items. As well as containing people’s addresses and phone numbers, the Internet records many of our actions, choices, interests, and desires. Databases containing social security numbers, credit card numbers, medical history, criminal records, and much more can also be accessed using the Internet. Additionally, cyberstalkers can use the Internet to harass specific individuals or acquire new victims from a large pool of potential targets. In one case, a woman was stalked in chat rooms for several months, during which time the stalker placed detailed personal information online and threatened to rape and kill her. Some offenders seek victims online but it is more common for stalkers to use chat networks to target individuals that they already know.

Acquiring Victims

Past studies indicate that many stalkers had a prior acquaintance with their victims before the stalking behavior began (Harmon et al. 1994). The implication of these studies is that investigators should pay particular attention to acquaintances of the victim. However, these studies are limited because many stalking cases are unsolved or unreported. Additionally, it is not clear if these studies apply to the Internet. After all, it is uncertain what constitutes an acquaintance on the Internet and the Internet makes it easier for cyberstalkers to find victims of opportunity.

Cyberstalkers can search the Web, browse through Windows Live Messenger (MSN), Skype, Digsby, Yahoo, ICQ and AOL profiles, and lurk in Yahoo, IRC and AOL chat rooms looking for likely targets – vulnerable, under-confident individuals who will be easy to intimidate.

CASE EXAMPLE: One stalker repeatedly acquired victims of opportunity on AOL and used AOL’s Instant Messenger to contact and harass them. The stalker also used online telephone directories to find victims’ numbers, harassing them further by calling their homes. This approach left very little digital evidence because none of the victims recorded the Instant Messenger sessions, they did not know how to find the stalker’s IP address, and they did not contact AOL in time to track the stalker.

Of course, the victims were distressed by this harassment, feeling powerless to stop the instant messages and phone calls. This sense of powerlessness was the primary goal the cyberstalker. This stalker may have picked AOL as his stalking territory because of the high number of inexperienced Internet users and the anonymity that it affords.

As a rule, investigators should rely more on available evidence than on general studies. Although research can be useful to a certain degree, evidence is the most reliable source of information about a specific case and it is what the courts will use to make a decision.

Anonymity and Surreptitious Monitoring

The Internet has the added advantage of protecting a stalker’s identity and allowing a stalker to monitor a victim’s activities. For example, stalkers acquainted with their victims use the Internet to hide their identity, sending forged or anonymous e-mail and using ICQ or AOL Instant Messenger to harass their victims. Also, stalkers can utilize ICQ, AOL Instant Messenger, and other applications (e.g. finger) to determine when a victim is online. Most disturbing of all, stalkers can use the Internet to spy on a victim. Although few cyberstalkers are skilled enough to break into a victim’s e-mail account or intercept e-mail in transit, a cyberstalker can easily observe a conversation in a live chat room. This type of pre-surveillance of victims and amassing of information about potential victims might suggest intent to commit a crime but it is not a crime in itself, and is not stalking as defined by the law.

Escalation and Violence

It is often suggested that stalkers will cease harassing their victims once they cease to provoke the desired response. However, some stalkers become aggravated when they do not get what they want and become increasingly threatening. As was mentioned at the beginning of this chapter, stalkers have resorted to violence and murder. Therefore, it is important for investigators to be extremely cautious when dealing with a stalking case. Investigators should examine the available evidence closely, protect the victim against further harm as much as possible, and consult with experts when in doubt. Most importantly, investigators should not make hurried judgements that are based primarily on studies of past cases.

Investigating Cyberstalking

There are several stages to investigating a cyberstalking case. These stages assume that the identity of the cyberstalker is unknown. Even if the victim suspects an individual, investigators are advised to explore alternative possibilities and suspects. Although past research suggests that most stalkers have prior relationships with victims, this may not apply when the Internet is involved since stranger stalking is easier. Therefore, consider the possibility that the victim knows the stalker, but do not assume that this is the case:

Interview victim – determine what evidence the victim has of cyberstalking and obtain details about the victim that can be used to develop victimology. The aim of this initial information gathering stage is to confirm that a crime has been committed and to obtain enough information to move forward with the investigation.

Interview others – if there are other people involved, interview them to compile a more complete picture of what occurred.

Victimology and risk assessment – determine why an offender chose a specific victim and what risks the offender was willing to take to acquire that victim. The primary aim of this stage of the investigation is to understand the victim-offender relationship and determine where additional digital evidence might be found.

Search for additional digital evidence – use what is known about the victim and cyberstalker to perform a thorough search of the Internet. Victimology is key at this stage, guiding investigators to locations that might interest the victim or individuals like the victim. The cyberstalker initially observed or encountered the victim somewhere and investigators should try to determine where. Consider the possibility that the cyberstalker encountered the victim in the physical world. The aim of this stage is to gather more information about the crime, the victim and the cyberstalker.

Crime scene characteristics – examine crime scenes and cybertrails for distinguishing features (e.g. location, time, method of approach, choice of tools) and try to determine their significance to the cyberstalker. The aim of this stage is to gain a better understanding of the choices that the cyberstalker made and the needs that were fulfilled by these choices.

Motivation – determine what personal needs the cyberstalking was fulfilling. Be careful to distinguish between intent (e.g. to exert power over the victim, to frighten the victim) and the personal needs that the cyberstalker’s behavior satisfied (e.g. to feel powerful, to retaliate against the victim for a perceived wrong). The aim of this stage is to understand the cyberstalker well enough to narrow the suspect pool revisit the prior steps and uncover additional evidence

Repeat - if the identity of the cyberstalker is still not known, interview the victim again. The information that investigators have gathered might help the victim recall additional details or might suggest a likely suspect to the victim

To assist investigators carry out each of these stages in an investigation, additional details are provided here.

Interviews

Investigators should interview the victim and other individuals with knowledge of the case to obtain details about the inception of the cyberstalking and the sorts of harassment the victim has been subjected to. In addition to collecting all of the evidence that the victim has of the cyberstalking, investigators should gather all of the details that are required to develop a thorough victimology as described in the next section.

While interviewing the victim, investigators should be sensitive to be as tactful as possible while questioning everything and assuming nothing. Keep in mind that victims tend to blame themselves, imagining that they encouraged the stalker in some way (e.g. by accepting initial advances or by making too much personal information available on the Internet) (Pathé 1997). It is therefore important for everyone involved in a cyberstalking investigation to help the victim regain confidence by acknowledging that the victim is not to blame. It is also crucial to help victims protect themselves from potential attacks. The National Center for Victims of Crime has an excellent set of guidelines developed specifically for victims of stalking.

Victimology

In addition to helping victims protect themselves against further harassment, investigators should try to determine how and why the offender selected a specific victim. To this end, investigators should determine whether the cyberstalker knew the victim, learned about the victim through a personal Web page, saw a Usenet message written by the victim, or noticed the victim in a chat room.

It is also useful to know why a victim made certain choices to help investigators make a risk assessment. For example, individuals who use the Internet to meet new people are at higher risk than individuals who make an effort to remain anonymous. In some instances, it might be quite evident why the cyberstalker chose a victim but if a cyberstalker chooses a low risk victim, investigators should try to determine which particular characteristics the victim possesses that might have attracted the cyberstalker’s attention (e.g. residence, work place, hobby, personal interest, demeanor). These characteristics can be quite revealing about a cyberstalker and can direct the investigator’s attention to certain areas or individuals.

Questions to ask at this stage include:

Does the victim know or suspect why, how, and/or when the cyberstalking began?

What Internet Service Provider(s) do(es) the victim use and why?

What online services does the victim use and why (e.g. Web, free e-mail services, Usenet, IRC)?

When does the victim use the Internet and the various Internet services (does the harassment occur at specific times suggesting that the cyberstalker has a schedule or is aware of the victim’s schedule)?

What does the victim do on the Internet and why?

Does the victim have personal Web pages or other personal information on the Internet (e.g. a Facebook profile, Twitter, Myspace or Bebo Web page, customized finger output)? What information do these items contain?

In addition to the victim’s Internet activities, investigators should examine the victim’s physical surroundings and real world activities.

When the identity of the cyberstalker is known or suspected, it might not seem necessary to develop a complete victimology. Although it is crucial to investigate suspects, this should not be done at the expense of all else. Time spent trying to understand the victim-offender relationship can help investigators understand the offender, protect the victim, locate additional evidence, and discover additional victims. Furthermore, there is always the chance that the suspect is innocent in which case investigators can use the victimology that they developed to find other likely suspects.

Risk Assessment

A key aspect of developing victimology is determining victim and offender risk. Generally, women are at greater risk than men of being cyberstalked and new Internet users are at greater risk than experienced Internet users. Individuals who frequent the equivalent of singles bars on the Internet are at greater risk than those who just use the Internet to search for information. A woman who puts her picture on a Web page with some biographical information, an address, and phone number is at high risk because cyberstalkers can fixate on the picture, obtain personal information about the woman from the Web page, and start harassing her over the phone or in person.

Bear in mind that victim risk is not an absolute thing – it depends on the circumstances. A careful individual who avoids high risk situations in the physical world might be less cautious on the Internet. For example, individuals who are not famous in the world at large might have celebrity status in a certain area of the Internet, putting them at high risk of being stalked by someone familiar with that area. Individual who are sexually reserved in the physical world might partake in extensive sexual role playing on the Internet, putting them at high risk of being cyberstalked.

If a cyberstalker selects a low risk victim, investigators should try to determine what attracted the offender to the victim. Also, investigators should determine what the offender was willing to risk when harassing the victim. Remember that offender risk is the risk as an offender perceives it – investigators should not try to interpret an offender’s behavior based on the risks they perceive. An offender will not necessarily be concerned by the risks that others perceive. For example, some cyberstalkers do not perceive apprehension as a great risk, only an inconvenience that would temporarily interfere with their ability to achieve their goal (to harass the victim) and will continue to harass their victims, even when they are under investigation.

Search

Investigators should perform a thorough search of the Internet using what is known about the victim and the offender and should examine personal computers, log files on servers, and all other available sources of digital evidence as described in this book. For example, when a cyberstalker uses e-mail to harass a victim, the messages should be collected and examined. Also, other e-mail that the victim has received should be examined to determine if the stalker sent forged messages to deceive the victim. Log files of the e-mails server that was used to send and receive the e-mail should be examined to confirm the events in question.

Log files sometimes reveal other things that the cyberstalker was doing (e.g. masquerading as the victim, harassing other victims) and can contain information that lead directly to the cyberstalker.

CASE EXAMPLE: Gary Steven Dellapenta became the first person to be convicted under the new section of California’s stalking law that specifically includes electronic communications. After being turned down by a woman named Randi Barber, Dellapenta retaliated by impersonating her on the Internet and claiming she fantasized about being raped.

Using nicknames such as “playfulkitty4U” and “kinkygal30,” Dellapenta placed online personal ads and sent messages saying such things as “I’m into the rape fantasy and gang-bang fantasy too.” He gave respondents Barber’s address and telephone number, directions to her home, details of her social plans and even advice on how to short-circuit her alarm system.

Barber became alarmed when men began leaving messages on her answer machine and turning up at her apartment. In an interview (Newsweek 1999), Barber recalled that one of the visitors left after she hid silently for a few minutes, but phoned her apartment later. “What do you want?” she pleaded. “Why are you doing this?” The man explained that he was responding to the sexy ad she had placed on the Internet.

“What ad? What did it say?” Barber asked. “Am I in big trouble?”

“Let me put it to you this way,” the caller said. “You could get raped.”

When Barber put a note on her door to discourage the men who were responding to the personal ads, Dellapenta putting new information on the Internet claiming that the note was just part of the fantasy.

In an effort to gather evidence against Dellapenta, Barber kept recordings of messages that were left on her machine and contacted each caller, asking for any information about the cyberstalker. Two men cooperated with her request for help, but it was ultimately her father who gathered the evidence that was necessary to identify Dellapenta.

Barber’s father helped to uncover Dellapenta’s identity by posing as an ad respondent and turning the e-mails he received over to investigators.

Investigators traced the e-mails from the Web sites at which they were posted to the servers used to access the sites. Search warrants compelled the Internet companies to identify the user. All the paths led police back to Dellapenta. “When you go on the Internet, you leave fingerprints – we can tell exactly where you’ve been,” says sheriff’s investigator Mike Gurzi, who would eventually verify that all the e-mails originated from Dellapenta’s computer after studying his hard drive. The alleged stalker’s M.O. was tellingly simple: police say he opened up a number of free Internet e-mail accounts pretending to be the victim, posted the crude ads under a salacious log-on name and started e-mailing the men who responded. (Newsweek 1999)

Dellapenta admitted to authorities that he had an “inner rage” against Barber and pleaded guilty to one count of stalking and three counts of solicitation of sexual assault.

When searching for evidence of cyberstalking it is useful to distinguish between the offender’s harassing behaviors and surreptitious monitoring behaviours. A victim is usually only aware of the harassment component of cyberstalking. However, cyberstalkers often engage in additional activities that the victim is not aware of. Therefore, investigators should not limit their search to the evidence of harassment that the victim is already aware of but should look for evidence of both harassment and surreptitious monitoring.

If the victim frequented certain areas, investigators should comb those areas for information and should attempt to see them from the cyberstalker’s perspective. Could the cyberstalker have monitored the victim’s activities in those areas? If so, would this monitoring have generated any digital evidence and would Locard’s exchange principle take effect? For example, if the victim maintains a Web page, the cyberstalker might have monitored its development in which case the Web server log would contain the cyberstalker’s IP address (with associated times) and the cyberstalker’s personal computer would indicate that the page had been viewed (and when it was viewed). If the cyberstalker monitored the victim in IRC, he might have kept log files of the chat sessions. If the cyberstalker broke into the victim’s e-mail account the log files on the e-mail server should reflect this.

Keep in mind that the evidence search and seizure stage of an investigation forms the foundation of the case – incomplete searches and poorly collected digital evidence will result in a weak case. It is therefore crucial to apply the Forensic Science concepts presented in this book diligently. Investigators should collect, document, and preserve digital evidence in a way that will facilitate the reconstruction and prosecution processes. Also investigators should become intimately familiar with available digital evidence, looking for class and individual characteristics in an effort to maximize its potential.

Crime Scene Characteristics

When investigating cyberstalking, investigators might not be able to define the primary crime scene clearly because digital evidence is often spread all over the Internet. However, the same principle of behavioral evidence analysis applies – aspects of a cyberstalker’s behavior can be determined from choices and decisions that a cyberstalker made and the evidence that was left behind, destroyed, or taken away. Therefore, investigators should thoroughly examine the point of contact and cybertrails (e.g. the Web, Usenet, personal computers) for digital evidence that exposes the offender’s behavior.

To begin with, investigators should ask themselves why a particular cyberstalker used the Internet – what need did this fulfill? Was the cyberstalker using the Internet to obtain victims, to remain anonymous, or both? Investigators should also ask why a cyberstalker used particular areas of the Internet – what affordances did the Internet provide? MO and signature behaviors can usually be discerned from the way a cyberstalker approaches and harasses victims on the Internet.

How cyberstalkers use the Internet can say a lot about their skill level, goals, and motivations. Using IRC rather than e-mail to harass victims suggests a higher skill level and a desire to gain instantaneous access to the victim while remaining anonymous. The choice of technology will also determine what digital evidence is available. Unless a victim keeps a log, harassment on IRC leaves very little evidence whereas harassing e-mail messages are enduring and can be used to track down the sender.

Additionally, investigators can learn a great deal about offenders’ needs and choices by carefully examining their words, actions, and reactions. Increases and decreases in intensity in reaction to unexpected occurrences are particularly revealing. For example, when a cyberstalker’s primary mode of contact with a victim is blocked the cyberstalker might be discouraged, unperturbed, or aggravated. How the cyberstalkers choose to react to setbacks indicates how determined they are to harass a specific victim and what they hope to achieve through the harassment. Also, a cyberstalker’s intelligence, skill level, and identity can be revealed when he modifies his behaviour and use of technology to overcome obstacles.

Motivation

There have been a number of attempts to categorize stalking behavior and develop specialized typologies (Meloy 1998). However, these typologies were not developed with investigations in mind and are primarily used by clinicians to diagnose mental illnesses and administer appropriate treatments.

When investigating cyberstalking, the motivational typologies can be used as a sounding board to gain a greater understanding of stalkers’ motivations. Also, as described earlier in this chapter, some stalkers pick their victims opportunistically and get satisfaction by intimidating them, fitting into the power assertive typology.

Other stalkers are driven by a need to retaliate against their victims for perceived wrongs, exhibiting many of the behaviours described in the anger retaliatory typology. For instance, Dellapenta, the Californian cyberstalker who went to great lengths to terrify Randi Barber, stated that he has an “inner rage” directed at Barber that he could not control. Dellapenta’s behavior confirms this statement, indicating that he was retaliating against Barber for a perceived wrong. His messages were degrading and were designed to bring harm to Barber. Furthermore, Dellapenta tried to arrange for other people to harm Barber, indicating that he did feel the need to hurt her himself. Although it is possible that Dellapenta felt some desire to assert power over Barber, his behavior indicates that he was primarily driven by a desire to bring harm to her.

Summary

Cyberstalking is not different from regular stalking – the Internet is just another tool that facilitates the act of stalking. In fact, many cyberstalkers also use the telephone and their physical presence to achieve their goals. Stalkers use the Internet to acquire victims, gather information, monitor victims, hide their identities, and avoid capture. Although cyberstalkers can become quite adept at using the Internet, investigators with a solid understanding of the Internet and a strong investigative methodology will usually be able to discover the identity of a cyberstalker.

With regard to a strong investigative methodology, investigators should get into the habit of following the steps described in the chapter (interviewing victims, developing victimology, searching for additional evidence, analysing crime scenes, and understanding motivation).

The type of digital evidence that is available in a cyberstalking case depends on the technologies that the stalker uses. However, a cyberstalker’s personal computer usually contains most of the digital evidence, including messages sent to the victim, information gathered about the victim, and even information about other victims.

It is difficult to make accurate generalizations about cyberstalkers because a wide variety of circumstances can lead to cyberstalking. A love interest turned sour can result in obsessive and retaliatory behaviour. An individual’s desire for power can drive him to select and harass vulnerable victims opportunistically. The list goes on, and any attempt to generalize or categorize necessarily excludes some of the complexity and nuances of the problem. Therefore, investigators who hope to address this problem thoroughly should be wary of generalisations and categorizations, only using them to understand available evidence further.

Spam may be cheap for the people who send it, but it can be a serious expense for your business. According to a study conducted earlier this year by Nucleus Research Inc., spam management costs Businesses more than £/$ 150 billion annually in lost productivity — £/$ 1400 per employee.

Here’s a quick look at the various ways that spam drains your company’s bank account and how you can calculate the real cost to your business.

Anti-Spam Technology: Spam-fighting products and services are a big business, and anti-spam vendors aren’t generating their revenue from the people sending junk email. Most companies not only spend thousands of dollars on anti-spam software and hardware solutions, but they also drop cash on employees and consultants to plan, deploy and maintain the technologies.

Lost Productivity: Spam wastes employees’ time. The average employee spends 16 seconds reviewing and deleting each spam message, according to Nucleus Research. The company estimates that at businesses that quarantine spam (where junk messages are placed in a directory for review and confirmation by recipients), each user spends an average of 4.5 minutes per week reviewing messages. Deleting messages, however, turns out to be the most expensive spam strategy. The average employee at companies that delete spam messages loses an average of 7.3 minutes per week looking for lost legitimate messages.

Wasted Storage: Companies that quarantine spam must add extra storage capacity to accommodate suspicious mail so that users can review it at their leisure. But many users never bother to review their quarantined messages, so the email just sits there, consuming storage space and money.

Internet Service Cost Pass-Alongs: This number is difficult to calculate. Still, it would be naive to believe that ISPs aren’t passing along junk email’s tremendous costs to their customers. In an October 2007 report, anti-spam software vendor Symantec Corp. estimated that 70 percent of all email was spam. The traffic burden created by junk email forces ISPs to add extra network and server capacity, as well as to install their own anti-spam solutions.

An Intangible Cost: Spam has a broader economic impact as well, hitting many businesses and nations that are least able to bear the burden. Consider Nigeria, for example. Nucleus Research noted that while fraud and corruption have been rampant in Nigeria for some time, the country may be forever kept in the digital darkness because of the volume of deceptive email sent by local spammers. The research firm noted that most spam filters block any mail with “Nigeria” in the title or text, effectively keeping anyone communicating with, from, to or about Nigeria from doing it via email.

Nigerian scams are also known as 419 Fraud, so named from the code given to Email fraud in Nigeria.

Your Cost: If you’re interested in seeing just how much spam is costing your business, use Computer Mail Services Inc.’s spam-cost calculator. For a second opinion, check out the Sendio spam-cost calculator.

Other spam-cost calculators are available at NetworkWorld.com, Network Computing and Commtouch.

Unfortunately, many businesses fail to take advantage of encryption technology, fearing that it’s ‘too complex’ and ‘difficult to use’ on a routine basis. In reality, encrypting vital data isn’t much more difficult than running a virus scanner or a data-backup program. Here’s how to get started.

The Basics

There are two basic ways to encrypt data. One approach is to use asymmetric PKI (public-key infrastructure) encryption. PKI cryptography is based on a pair of cryptographic keys: One is private and known only to the user, while the other is public and known to the opposite party in any exchange.

PKI technology provides privacy and confidentiality, access control, proof of document transmission, and document archiving and retrieval support. While most security vendors currently incorporate some type of PKI technology into their software, differences in design and implementation prevent interoperability between products.

The other method of encrypting data is symmetric key protection, also known as “secret-key” encryption. Generally speedier yet less secure than PKI, symmetric encryption uses the same key to both encrypt and decrypt messages. Symmetric technology works best when key distribution is restricted to a limited number of trusted individuals. Since symmetric encryption can be fairly easy to break, it’s primarily used for safeguarding relatively unimportant information or material that only has to be protected for a short period of time.

Applying Encryption

The easiest way to use encryption is to purchase a business application or a hardware product that incorporates some form of encryption technology. Microsoft’s Outlook or Outlook Express email client, for example, provides built-in encryption support. Meanwhile, vendors such as Seagate Technology LLC and Hitachi Ltd. have started incorporating encryption technology into their hard drives.

Since most software applications and hardware products don’t include any type of internal encryption technology, business owners and managers need to look for stand-alone encryption products. This can be a confusing process, one that’s best approached by first determining the business’s precise security requirements, then finding an encryption product that fits each need.

Microsoft Vista Enterprise and Ultimate users can take advantage of BitLocker Drive Encryption, a full disk tool that offers powerful 1024-bit encryption. Another Windows offering is EFS (Encrypting File System), which uses symmetrical PKI technology to provide file encryption.

Beyond Microsoft, leading encryption vendors and products include PGP, free – open-source TrueCrypt, DESlock+, Namo FileLock and T3 Basic Security.

What to Encypt

So how do you know what to encrypt? Here are some places to start:

• Hard Drives: A business may choose to encrypt entire hard drives as a way to reduce or eliminate data theft.
• Individual Files: In cases where full disk encryption is overkill, file-by-file encryption provides added security on an “as-needed” basis. Many leading encryption products offer drag-and-drop encryption capabilities.
• Laptops: Unlike office systems, laptops are easy to lose and are prone to casual theft. By ensuring that the system’s data content is unreadable, a business can limit its loss to the cost of the laptop. A growing number of government regulators and insurance companies are demanding that businesses encrypt any data that leaves their premises and over 5000 Laptops were left in the back of a taxi cab last year.
• Removable Media: Memory sticks, thumb drives and similar portable storage technologies provide portability, convenience, and an opportunity for data loss and theft. As with laptops, encryption limits a business’s loss to the cost of the device itself. A growing number of removable-media devices come with built-in encryption support.
• File Transfers: Sending files over unsecured wired or wireless links can expose sensitive information to data thieves. Encryption provides an additional layer of security, even when a secured network is used.
• Email: Encrypted email is kept secure during the transmission process and while sitting in its recipient’s mailbox.
• IM (Instant Messaging): A growing number of businesses are using IM to swap confidential business information. Encryption helps secure these critical transmissions.

Encryption’s Limitations

Like any technology, encryption software isn’t perfect. Even the best products consume both processor speed and storage space. Users can also lose or forget passwords, thereby potentially locking systems forever.

Before purchasing any encryption tool, carefully research the product. Make sure that the offering addresses your company’s needs, is compatible with your systems and has a good track record concerning reliability and support. If possible, check with your friends and colleagues for their opinions on various encryption tools.

Lastly, if you do use any of the products available for encryption, including Windows EFS, please remember to backup and store your public and private keys. If not, you will probably lose your data.