press!: Technology

  • Sun
    20
    Apr
    2008

    NEWS: TECHNOLOGY: Someone is tracking YOU!

    Social networking websites are popular in Malaysia but many users are not aware that their identities could fall into the wrong hands, writes SUBASHINI SELVARATNAM AZURA, a college student, is chatting online on her notebook while sipping her latte at a cafe in Bangsar, Kuala Lumpur.

    Facebook is a popular social networking website with more than 69 million users worldwide, which Azura signed up for. A social networking website is similar to an online community that shares a common bond such as hobbies and politics (http:// socialnetworking. knowhownow.com /blog/what-is-socialnetworking/).Meeting people online and commenting on budding hip-hop artistes is Azura’s favourite pastime.

    She updates her user profile — which can be viewed by her friends and people on Facebook — regularly.

    She also publishes photos, shares videos and occasionally participates in fun quizzes on Facebook.

    Azura was introduced to the world of social networking websites by her friend, Anita, who uses Facebook to track her high school friends and participate in online community discussions.

    Unlike Azura, Anita does not post her mobile phone number and photos online. She has warned Azura about the pitfalls of doing so but the advice came too late because her friend is now swarmed with unsolicited calls and e-mails from strangers. She even found compromising photos of herself on the Internet.

    Azura was compelled to lodge a report with CyberSecurity Malaysia, a one-stop specialist centre that handles cyber security issues in the country.

    CyberSecurity Malaysia is under the purview of the Ministry of Science, Technology and Innovation.

    Social networking is supposed to be fun but it turned out to be a nightmare for Azura.

    Social networking websites are a major draw for thieves trying to steal identities and perpetrate fraud, according to an article on Telegraph.co.uk in the United Kingdom.

    A criminal, for example, could steal identities by creating a dummy Facebook account. The criminal sends invitation to 200 Facebook users to be his friend, and 87 of them accept the invitation.

    From the 87 “friends”, 82 would unwittingly leak personal particulars to the criminal including names of spouse, curriculum vitae and the maiden name of a user’s mother, a detail requested by banking websites for account access.

    The criminal then creates a phishing website or e-mail which is used to steal bank account particulars and credit card numbers by tricking users into believing that it is a genuine website or e-mail account.

    The article hit the nail on the head when it said “people link to others without thinking. Some people on Facebook have 1,500 friends. If you have that many links, you may be sharing details with the wrong people”.

    Friendster and MySpace are the two other popular social networking websites.

    Friendster is the leading social networking website in Asia with over 49 million users. Users of Friendster in Asia are between the ages of 16 and 30 years old and females make up the majority. MySpace is popular in the United States with a sizeable number of users in Malaysia.

    CyberSecurity Malaysia says there have been incidents involving local teenagers whose MySpace credentials have been stolen.

    Their MySpace accounts, which contain personal particulars, have been hacked and their phone numbers were posted online without their knowledge.

    Ironically, exposing “sensitive” information, pictures and videos that affect a victim’s reputation is done by someone who knows the victim personally. Although CyberSecurity Malaysia does not have figures on students who are victims of identity theft, it believes that they could be involved in professional relationships or romantic liaisons where the motive is usually harassment or revenge.

    That is a perfect recipe for identity theft, says Pikom (The Association of the Computer and Multimedia Industry) councillor for content and multimedia as well as iContent Group managing director Gerard M Pillai. He adds that identity theft occurs when someone uses a student’s personal particulars without permission to apply for credit cards, take out loans or even commit fraud.

    Since the fraudulent activities are done in the student’s name, he runs the risk of getting caught.

    By exposing personal particulars online, paedophiles or kidnappers could even attempt to trace students’ schools and even homes.

    If students are not careful, in extreme cases, they may face the prospect of having their names blacklisted by banks due to unauthorised debts through fraudulent credit card transactions.

    This makes it difficult for students to apply for loans.

    Monash University Malaysia School of Information Technology lecturer Dr Saadat Alhasmi says students are more vulnerable to identity theft because many post their personal particulars online without thinking of the consequences.

    The number of identity theft targets is anybody’s guess but Saadat believes that the likelihood of the incident is high as long as students publish their personal particulars online.

    Their reputation could be ruined and clearing their names may take months or even years.

    Andy Woo, country (Malaysia) manager for Sophos, a computer security company, says students are early adopters of social networking websites.

    They seldom think twice about using third-party applications (applications that are not developed by the creator) from social networking websites.

    According to a research by University of Virgina in the United States, 90.7 per cent of Facebook’s most popular applications have access to users’ private data.

    This could lead to identity theft, phishing attacks and spyware (a software that illegally tracks user’s web surfing habits) threats.

    Woo believes that the social networking websites need to address this problem by educating users on how to secure their profiles.

    Social networking websites could also improve their own default security settings.

    Symatec’s Norton manager for Asia-South region Effendy Ibrahim says, based on its Symantec Internet Security Threat Report Volume XII (January to June last year), people trust social networking websites and their security features implicitly.

    Criminals take advantage of this to exploit social networking users.

    It can take months for victims to realise that their identities have been stolen. By the time they discover the crime and report it to the authorities, the thief is long gone.

    PREVENTION THE BEST FORM OF DEFENCE

    PROTECTING yourself from identity theft is the best form of defence.

    For starters, do not reveal personal particulars such as mobile phone number and home address in your user profile because anyone from the same social networking website can view them.

    Users should also restrict access by applying the security features offered by social networking websites.

    Do not send personal particulars via e-mail, instant messaging or pop-up screen that appears on a website. Do not open e-mail attachments from strangers.

    The Social Networking blog (http:// socialnetworking.knowhow-now.com/ blog/) advises users to be cautious when making contact with other Internet users because they may not tell the truth about themselves.

    Be cautious if a new online friend wants to meet you in person. Do a background search of that person via online search engines, says the Federal Trade Commission in United States (http://www.ftc.gov/bcp/edu/ pubs/consumer/tech/tec14.shtm).

    The website also urges users not to post photos online because visuals can be altered and broadcast in ways that you may not be happy about.

    Chia Wing Fei, security response team manager at F-Secure Security Labs Kuala Lumpur, believes that parents can help prevent identity theft by educating their children on safe computing practices, especially on exchanging information online.

    They should teach their children to safeguard their personal particulars especially when registering for online services such as social networking sites, forums and e-mails.

    Victor Lo, technology principal consultant at Trend Micro Malaysia Sdn Bhd, another computer security company, says students must install the latest Internet security software in their computers and mobile devices to combat malware threats such as viruses, spyware and phishing attacks. The software must also be updated regularly.

    WHAT TO DO IF you are a victim of identity theft, you must inform:

    the police.

    CyberSecurity Malaysia via Malaysian Computer Emergency Response Team (MyCERT) (Tel: 03-8992-6969, Fax: 03-8945-3442, e-mail: cyber999@cybersecurity.org.my or mycert@ mycert.org.my, SMS: 019-281-3801 (24 hours), Mobile phone: 019-266-5850 (24 hours).
    the social networking website you signed up for.

     

    If someone is using your identification card number to create credit or new accounts, contact the National Registration Department.


    Inform your bank and close financial accounts that may have been compromised.

    Posted by AdministratorCategory: Cybersecurity, TechnologyComments: 0

  • Mon
    10
    Oct
    2005

    Model for ICT Institute


    By IZWAN ISMAIL 10.10.05

    THE proposed ICT Development Institute should look to successful models of similar establishments abroad yet localised enough to meet the demands in skillsets of the country’s information and communications technology sector.

    According to the Association of the Computer and Multimedia Industry Malaysia (Pikom), the proposed ICT Development Institute, announced in Budget Speech 2006, can learn from institutes in such countries as India and Germany for reference and guidance.

    “For example, India’s Institute of Technology and the Fischer Vocational Academy in Germany are highly regarded not just in their respective countries but are known worldwide. Many of their graduates can be found working for multinationals,” said Pikom’s councillor and chairman of Education and Training, Content Special Interest Groups, Gerry Pillai.

    Structure-wise, Gerry said the proposed institute should run a curriculum that is based on current standards, benchmarks and market expectations.

    The curriculum should reflect a knowledge-sharing environment with hands-on industry simulations being an everyday experience, he said, adding that for the institute to be relevant to industry needs, professionals and ICT organisations have to be represented on the board. In addition to supplying knowledge workers, the institute can organise discourse and regional seminars where such idea and knowledge-sharing can even enhance its capability.

    “The type of training and courses to be provided will largely depend on demands of the target audience, who will be recipients of the institute’s graduates. This demand has to be cross-linked with industry growth and market expectations,” Gerry said.

    Sound collaboration between the Government and industry players is vital in ensuring the relevancy of such an institute, said Oracle Corp Malaysia’s managing director V.R. Srivatsan. This, he said, can help in developing the skills roadmap for the 21st century workers so skills imparted are kept current at all times.

    “As technology keeps developing, we need to make sure that what’s being taught in the institute is leading-edge subjects that are going to keep the Malaysian knowledge workers ahead in the ICT world,” he said.

    Malaysia also needs to differentiate itself from the big providers of knowledge workers like India and China, and this can be done by increasing the value of the workers the country delivers.

    “We need to make sure the necessary skillsets that are required both today and going forward will support the vision of the Multimedia Super Corridor and companies in Cyberjaya. The institute will form a good basis to provide the related skills shortage, and as a stepping stone to create a culture of life-long learning in Malaysia,” he added.

    Microsoft Malaysia’s managing director Butt Wai Choon, meanwhile, said the proposed ICT Development Institute must take into account the need to create “industry-class” ICT knowledge workers.

    “It is all about having the right capabilities and the right spirit of competitiveness to bring the industry to a new level,” he said.

    The institute will not only call for the co-operation of global industry players, but also industry leaders in various sectors that optimise ICT such as banking, telecommunications, aviation, and shipping to provide both industry-level knowledge and to provide environments for budding technopreneurs to stage their developments and products.

    “We also foresee the involvement of business management trainers, marketing gurus, intellectual property lawyers, and even regulators to drive both awareness and skills development. The formation of a consultative council comprising all stakeholders such as the Government, industry, vendors, IT enablers and crucially developers should also be considered. This way we can hear the views, opinions and ideas from the entire spectrum of the industry, and get it right the first time,” said Butt.

    For Sun Microsystems (M) Sdn Bhd, the development of soft skillsets are also important for the students of the proposed institute.

    Its managing director Cheam Tat Inn said the programmes offered should include cross-border diversity and have inter-cultural communication components, and should also provide candidates with an internal perspective of self-discipline to help them drive towards personal excellence.

    The institute should also consider collaborating with existing competency centres which are already producing knowledge workers.
    “It should also be seen as a breeding ground for new commercial activities in the emerging economy. Universities in the Silicon Valley, for example, are positioned as breeding grounds where students are given new commercial opportunities via the development of the shared services and outsourcing,” he added.

    Source:http://www.ctimes.com.my/Highlight/20051010183512/wartrevamp

    Posted by AdministratorCategory: TechnologyComments: 0