Online Identity and your state of presence....
Who is the Dick on my site? A very interesting presentation by Dick Hardt. The use of key words, abbreviations and logo's kept the viewers attention. In the presentation Dick told his story of development and the need for identity security. He told a brief history of how identity could be established both in the real world (drivers licence) and online (?). He proposed a system of the user being in control of what sort of information they give out and to whom (also how often).
Phishing- Usually done by the creation of a bogus email (in the same format as an official email from an institution such as a bank) requesting confidential information such as credit card numbers, passwords, or other personal data.
An example is an eBay phishing email including the eBay logo in an attempt to gain credibility. The email warns that a billing error may have been made on the account and urges the eBay member to login and verify the charges.
Pharming- A more effective way of getting identity information as many computers can be attacked innocently by a code being sent in an email that alters the files on the local computer. The computer will then send the user directly to a bogus website regardless if the address that has been entered for the proper site is correct. The user is none the wiser that they are using a fake site.
An example 'Pharming' attack hits 50 banks
Hackers made an extra effort with this one...
By Jeremy Kirk, IDG News Service
Published: 14:46 GMT, 22 February 07
"Once lured to the Web site, an unpatched computer would download a Trojan horse in a file called "iexplorer.exe," which then downloads five additional files from a server in Russia. The Web sites displayed only an error message and recommended that the user shut off their firewall and antivirus software.
If a user with an infected PC then visited any of the targeted banking sites, they were redirected to a mock-up of the bank's Web site that collected their login credentials and transferred them to the Russian server, Gonzalez said. The user was then passed back to the legitimate site where they were already logged in, making the attack invisible."
Privacy Invasion- A type of invasion of privacy occurs when an individual is falsely portrayed in a highly offensive manner. Another type of invasion occurs when private or embarrassing facts are revealed about an individual without relation to a legitimate public concern (tabloid magazines). This is where someone intrudes upon a person in a situation in which that person has a reasonable expectation of privacy (stalking).
Identity Theft- Some examples of different types of identity theft involve
• using another business name (that is not yours) to obtain credit
• posing as another person when caught for a crime
• using someone elses identity to obtain goods and services
• using someone elses information to assume their identity in daily life
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment