E-CoMm3eRcE

Unauthorized Tapping Into Home WIFI - Teenager is facing a Jail term.

When I saw on this post, I can’t stop laughing on it!

Unbelievable, it is the first time I heard about that unauthorized tapping others’ home WiFi ended in the jail. When I first saw on the title, I get very excited and curious how it could happen by continue reading on the post. However, the post did not give much information; therefore, I have googled it to prove to myself and also others who are feeling the same like me right now.

It is a true story! It really happened, whereby a 17 years old teen in Singapore, Garyl Tan Jia Luo, is the first person to be charged with tapping into someone else’s wireless internet connection under the Computer Misuse Act. She is facing up to 3 years in prison for piggybacking his neighbour’s WiFi.

Piggybacking is actually means when someone finds an unlocked or open network and log into it without permission. So, now everyone knows what most of us have doing so far is actually called PIGGYBACKING. If piggybacking is a crime, I believe most of us will also end in a jail like Garyl. So, everyone may starts to ask, is it piggybacking really a CRIME? What’s wrong with piggybacking?

Whether piggybacking is a crime is actually depends on each country’s norms and regulation.

In my opinion, yes, it can be considered that piggybacking is a kind of wrong doings because by legally you do not pay for and use it without permission. It means that you are actually stealing someone else’s signal. Stealing is a kind of crime in the first place because you are taking services that you aren’t entitled to, whether or not the person concern about it. If someone left their car doors opens, that is not an invitation for you to take it or even to sit in it. Same situation applies there.

However, some might be thinking that the owner of the home WiFi has the responsibility too. The owner who sets up the WiFi, if unwilling to let others to have access on it, he or she should have set a security password on it as the WiFi has such function. However, the owner did not do so. Therefore, in another way, it is actually implies to the internet users that it is a free and open WiFi available to be accessed. It should not be a crime for that reason.

So, unauthorized access to someone else’s network is an unethical act unless it is a public available WiFi. Even though some owner may not concern about it, it is better not to do so because you may not know one day you might be the next Garyl.

Singapore teen faces 3 years' jail for tapping into another's wireless Internet

Singapore teen faces 3-year ‘computer misuse’ jail term

Wi-Fi Piggybacking? Watch out for the Fine

Wi-Fi piggybacking is OK, say silicon.com readers

FISHING?? Or Phishing?

Most of the average home computer users like us are always bamboozled by the technology jargon. Why is it they have to use such technology jargon? The best answer will be to WARN people about the most serious security problem! That is what we so called “GEEK SPEAK”, to confuse the net users. Lol…

So, what is PHSHING actually?

In computing, phishing is a form of criminal activity using social engineering techniques. Social engineering is a type of nontechnical attack that uses social pressures to trick computer user into compromising computer networks to which those individuals have access. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. It is often done by impersonating legitimate web sites such as eBay, PayPal and online banking. Phishing is typically carried out using email or an instant message.

Phishing is a significant and growing problem which threatens to impose increasing monetary losses on businesses and to shatter consumer confidence in e-commerce. Phishing attacks have the potential to become much more sophisticated, making user-based protection mechanisms fragile given the user population of non-experts.

Wants to know the victims of phishing in Malaysia?

In September 2004, a Citibank phishing e-mail started to spread around via e-mail in Malaysia, trying to warn the customers of possible fraud which affecting their accounts and urge them to log in to check the status.

Remark: Click to enlarge

In year of 2006, RHB Bank was also once became the target of phishing scam. Such fake e-mail is sent by unauthorized party to deceive the users.

Remark: Click to enlarge

Of course, the most recent case happened in Malaysia is Phishing scams e-mail from Maybank Malaysia. This took place during March 2009. The fake e-mails are widely sent to mislead customers and even the public who are not Maybank's customer.


Prevention is better than cure!! Therefore, there are several steps available for computer users like us to avoid being phished.

1. Don’t ever TRUST
Don’t ever trust e-mails that urgently requesting personal financial information. Phishers want you to react immediately and therefore include many upsetting or exciting statements which trigger fear or happiness. The most popular method is by presenting you as the winner of a lottery. (So don't be silly, there's no free lunch in the world).

2. Don’t CLICK anything

Avoid clicking any links directly from your e-mails. Rather, open a new browser to open the links. This is because users may overlook the links which sometimes being masked, meaning that the link you see does not take you to that address but somewhere different, and usually an illegitimate Web site.

3. Check the SENDER’s e-mail
When the users receive any e-mail asking them to verify their account information, the users should check the sender’s e-mail address. When the e-mail address is not the domain of a legitimate bank, then the possibility of a phishing e-mail is obviously ascertain.

4. Check for “Https” rather than “http”
Users should always check whether there is an “s” after the “http” in the URL. When there is a “https” appears, most probably that it is a phishing e-mail. To make the phishing e-mail messages look even more legitimate, they may place a link in the e-mail which appears to go to the legitimate Web site, however, it actually brings you to a phony scam site or possibly a pop-up window that looks exactly like the official site.



References:
Don't Click Anything

Anti-Phishing Game To Help Raise Awareness

Recognize Phishing Scam and Fraudulent E-mail

Mobile Device To Defends Against Phishing

Nowadays, computers become the most common technology devices for individuals, businesses and organizations. People use computers to create, store and manage information or data. Therefore, the basic computer security plays an important role in protecting our information or data from losses, damages or misuse by others. Similarly, securities toward online internet are also important. Organizations which conduct their businesses through internet are often attacked by certain security threats. Since the internet is available for everyone, so people can access easily to the internet in order to download or upload any software programs they desire; or communicate with others through social networking. Thus, organization should always ensure that their internet security protection is up-to-date in order to protecting their system from potential threats and attacks.

The following are some of the examples of potential threats and attacks:

1. Phishing is like a theft attempts to obtain your personal information and financial information by sending fraudulent e-mail messages that appear to come from legitimate business.

2. Virus is a piece of software, it will simply infect and spread over the operating system and consequently break down the server system.

3. Worm is a software program that can spread itself without any human intervention and also infect a computer or hand held device or instant messages.

4. Trojan Horse is a program that appears to have a useful function but that contains a hidden function that presents a security risk.

5. Denial of Service is an attack on web site which sends a flood of data packets to the target computer and inflects the network to shut down.

Basically, online security can be classified into three main security concepts which are as follow:

1. Confidentiality – the users such as individuals or companies should protect their private or sensitive information and allows only the authorized users to access into the system.

2. Integrity – to ensure that data or information is able to defend from misuse, damage or loss.

3. Availability – to ensure that the users are able to access the information which is authorized and from a reliable and timely sources.

References:

Turban, E., King, D., McKay, J., Marshall, P., Lee, J., & Viehland, D., (2008). Electronic Commerce: A Managerial Perspective 2008 (International Edition). Upper Saddle River, NJ: Pearson-Education International, pg 522, 524, 526.