Friday, June 20, 2008

The Threat of Online Security: How safe is Your Data?

The Threat of Online Security
Innovative software, Web sites, and devices attract attention because they make communicating easier, accomplishing tasks faster, or being online more entertaining. But hackers generally follow to exploit the latest mass market. That’s why computer security researchers say some of our newest technical fascinations—iPhones, social networks, and Internet phone services, to name a few—could present tempting targets in 2008. Sellers of security technology have a financial stake in fanning computer users' fears, but it's useful to know where the bad guys might strike.

Wayward Web Sites
The new generation of sites generally referred to as Web 2.0 act more like traditional PC software: The sites are fast, responsive, and speed up page loading. That means browsers are working harder than ever to pull the data that keeps sites current. Couple that with market imperatives to keep pushing out new features to users, and the emerging Web could present a dangerous brew of software flaws that’s ripe for hackers to exploit.

Not So Social Networks
Social networks like MySpace (
NWS) and Facebook have attracted tens of millions of members, and they store on their servers a trove of information about each one. The sheer size of those targets could make them tough for hackers to ignore. In October, 2005, a self-spreading worm took a day to infect 1 million MySpace users, defacing their profile pages. So far, problems on Facebook have mostly been the impaired of unsolicited biddings to join users’ networks. But more serious threats could be on the horizon, security researchers say.

A Target in Your Pocket
Sophisticated cell phones that boast lots of storage, Wi-Fi networking, and souped-up computing capacity offer lots of people the chance to use them as ersatz PCs. But all that data zapping forth from smart phones means cyber criminals are sniffing around for ways to crack into them. Phones with software from
Symbian and Microsoft (MSFT) have already been attacked, and security researchers have demonstrated ways to hack into Apple’s (AAPL) iPhone. Google’s newly announced Android mobile-phone software could be next.

Bigger, Badder Botnets
One of the more insidious types of computer virus commandeers a user’s PC, gang pressing it into a network of “bots” that can spew spam, record users’ keystrokes to steal bank account numbers and passwords, or launch attacks against Web sites. Such botnets are getting bigger in size and harder to take down. Case in point: the “Storm Worm” virus that has infected tens of millions of machines this year.


Cybersquatters on the Campaign Trail
One of cyber crooks’ favorite ways to snare unsuspecting victims is to set up a phony Web site where users end up when they mistype a popular address. Remember Whitehouse.com? (The President's site is Whitehouse.gov.) As the Presidential election cycle heats up, so-called cybersquatters are ready to pounce. One has already posted ads to a fake site that’s one letter off from the address of Barack Obama’s official campaign site. In 2008, researchers say hackers could post malicious code or set up phony solicitations for campaign donations.


Virtual Worlds, Real Danger
Internet users are spending actual cash to outfit avatars, stockpile weapons, and decorate abodes in online virtual worlds such as
Linden Labs’ Second Life and Blizzard Entertainment’s popular World of Warcraft game. So far, Second Life meddlers—so-called griefers—have only resorted to virtual vandalism. But they'd cause serious trouble if they find a way to pluck real cash from users’ accounts.


Your "Bank" is on Line
VoIP phones offer low-price long-distance calling and the ability to place calls from a PC address book in a snap. But the communications protocol used by many VoIP providers is vulnerable to attacks, and leaves holes that the bad guys can use to cloak their identities, security experts say. Worse, many Internet phone carriers haven’t turned on technology that can encrypt conversations over their systems. Most people don’t respond to those phony e-mails asking them to verify their bank account number. But what about a phone call that sounds like it’s coming from the fraud-prevention department? That kind of ruse could be harder to resist.


Hackers Go Pro
In the past few years, hackers have banded together and worked with organized crime to harvest the most valuable data exposed on the Internet. Next year could witness an even more complete merger between the computer and criminal undergrounds. Developers for hire and professional hacking kits are available through online markets. And criminals are on the lookout for intellectual property that resides on companies’ servers. In 2005 and 2006, hackers stole as many as 94 million credit- and debit-card numbers from the computers of retailer TJ Maxx (
TJX). More efficient groups could make break-ins like that even more prevalent.

Security Tips (make your data secure)
Given the assortment of nasty behavior befouling the Internet, what's a PC user to do? BusinessWeek.com consulted the experts, who offered the following advice:
Don't give away any valuable or sensitive personal information on your MySpace or Facebook profile or within messages to other members of the network. And don't click on any links in social network messages from people you don't know.
No reputable company will ask for your password, account number, or other log-in information via e-mail or instant message.
Use one of the many antivirus, antispyware, and firewall programs on the market. Often, vendors offer all three functions in a single package. And many Internet service providers offer them free with your monthly subscription.
Upgrade your browser to the most current version. From Microsoft, that's Internet Explorer 7.
Mozilla's Firefox is on version 2, as is Apple's Safari browser.
Pay attention to the messages from Windows that pop up on your screen, especially in the new Vista operating system. They often contain helpful security information that many users overlook.
Turn on Windows' automatic-update function to get Microsoft's regular security patches.

Thursday, June 19, 2008

An example of phishing case and its prevention

i A new spoofed Citibank spam email is doing the rounds in an attempt to part unwitting victims from their credit card details, PIN number and email account details.Citibank has warned customers about a spam email scam that informed recipients their Citibank account would be suspended unless they accepted new terms and conditions. A link in the email directed them to a fake, but convincing, Citibank website that requested the customer's name and bank card details.Citibank took the unusual step of issuing a statement to all its customers saying: "Although the e-mail appears to come from Citibank regarding 'Your Checking Account at Citibank,' it does not, and Citibank is in no way involved in the distribution of this e-mail." But one silicon.com reader, Remo Cornali from Italy, has forwarded on a new fraudulent Citibank scam, which has begun to spread over the weekend.



It uses a new twist on the traditional 'phishing' technique of spamming thousands of users with a scam email that links people to a fake banking website to steal their personal and financial details. Instead, it says the person has received a payment of $217 via Citibank's online wire service, citi.com. One giveaway that all might not be as it seems, however, is the appalling spelling and grammar.In the email, it state that "Your email is not registred with us, you need to setup account with us and verify your identity. Please fill this form to be enrolled to citi.com service. Once you register, the money will appear in your citi's account balance in your overview page. You can withraw the outstanding balance to your credit or debt card's bank account."



As ever, there is a twist, and anyone foolish enough to enter their details can probably expect their card to cleaned out fairly swiftly and their email account used for further scams. Cornali said the server set up to collect the financial details is in South Korea.For the phshing case, the Citibank has been loss the trusthworthy and confident of the customer.Futhermore, the customer feel unsecure to save their money in the Citibank.


For the prevention, we have to verifying the authenticity and security of wed site, not shooping online while using an unencrypted or open wireless network, reviewing credit card and financial statement for unauthorised charges, securing computers before shopping online by keeping antivirus, antispam and firewall software up-to-date, never replying to-email or pop-up meassage from companies that ask for personal, financial or passward information.Last but not least,never follow ing direction asking you to reveal information or delete a fole that is received in e-mail or pop-up meassage from seeming trusted companies.

Sunday, June 15, 2008

Identify and compare the revenue model for Google, amazon.com and eBay.

Every company has its own Business Model in helping the company to generate revenue from various ways in order to sustain in the future. Business model must specify two things which are the value proposition and revenue model. Value proposition is the benefits that a company can derive from using e-commerce. On the other hand, a revenue model is a description of different techniques used in a company on how that particular company will earn revenue. There are five common techniques which are usually used in the commercial world nowadays. These include sales, transaction fees, subscription fees, advertising fees and affiliate fees.


From what I had noticed from Google, Amazon and eBay’s website, I found that each of this website has its own way to generate income. Google, a search web with its search engine attracted many loyal web searchers by providing simple and easy usability web search services for its web searchers. The number of internet users is growing since the day Google had officially launched. Whenever the web searcher click on the result from the Google’s search results or Google content network, Google automatically earned affiliate fees either through a cost-per-click scheme or a cost-per-view scheme.


While being a company which its primary business activity is in the web search arena, Google also earn advertisement fees from the advertisement from those companies that wish to advertise their products to the public. After Google purchased a radio advertising company “dMarc” which provides an automated system for companies to advertise their products on the radio, its allowed Google to combined two main advertising media which are the internet and radio.

Besides, Google also earned other source of revenue such as the revenue from the web-based e-mail service which known as Gmail or Google Mail. It helps Google generate revenue by displaying links and advertisement that are tailored to the content of the e-mail messages displayed on screen.

Secondly, the eBay website, a website that provide an electronic market place for the sellers to list all items they wish to sell on internet and buyers to bid on items they interested based on the items listed by the sellers. Items posted by the sellers will be arranged based on its own category and buyers will browse through all the listed items.
Basically the services that eBay actually provided is the auction services and eBay earned its revenue from affiliate fees and transaction fees. eBay generate affiliate fees as the buyers click on the items posted by the sellers for auction purposed. Once the item is successfully sold, a final value fees will be charged against the seller’s final sale price. Usually it is ranges from 1.25% to 5% of the final sale price. The more the sellers sell his/her products, the more the eBay can earn this final value fees from the sellers. This is considered as part of the transaction fees.
Moreover, eBay generate its revenue from other source of income which are the insertion fee, additional listing options fee and final value fee. Insertion fee is a non-refundable fee. It is charged against the sellers once an item is listed on eBay. The amount of insertion fee charged is depending on the seller’s opening bid on the item. If the seller which to promote his/her item in a different way such as highlighting or bold the name of the listed item, an additional listing options will be charged against the seller.

Lastly, the Amazon website, a website that sell goods and products to its consumer by using an internet basis. It is most likely a supermarket, the only different is it held on the internet, the sellers and buyers will not be meeting each other and every transaction will be on computer and internet based. Since it is not much different with a supermarket, they way Amazon generates income also most likely a supermarket style.

Amazon earn its revenue in sales, once Amazon sells its goods and products, it earned revenue from what it had sold. Follow by the transaction fees, Amazon earned income on the variable basis, depending how many goods or products it had sold. The more the goods and products are being sold, the more income the Amazon earned. Besides these two ways, Amazon does advertise some of the companies’ advertisement. By dong so, Amazon manage to earned the advertising fees.

In short, Google, eBay and Amazon has their own ways in generating their revenue. The major different between Google, eBay and Amazon is on the services provided by each of the website. Google is a website that is totally different from eBay and Amazon because Google provide service for its users for searching the information which is globally available whereas eBay and Amazon only provide services for its users for searching items that are available in its database. Another major different between Google and others is Google do not provide places for business dealing such as making the sellers and buyers to meet up whereas eBay and Amazon major function is the selling and buying process.

By making comparison between eBay and Amazon, although both of these two websites providing a quite similar services but they are different. For eBay, it is a auction based where else for Amazon, it is a deal transaction based. Meaning to say, for eBay, the selling and buying process is between individual and individual. Individual posted items they wish to sell off and another individual buy for that particular item. For Amazon, the selling and buying process is between business/firm and individual. Firm sells the goods and products for a fixed price and whether or not to purchase the item is all depends on the consumers themselves.

As a conclusion, Google, eBay and Amazon run their business on different ways and having the different business line but the way they generate revenue more or less are the same, which fall back to the five common techniques, sales, transaction fees, subscription fees, advertising fees and affiliate fees.