|
|
|
archives If you want an RSS feed try this
Saturday, October 02, 2004Identity theft : for realOpinion: While I have been talking and ranting on about identity theft over the last few months its sobering to read a real account of such an incident by Kelly Martin. His observations on the effort needed to try and recover his identity and the assesment of the enforcement agencies capability to deal with the epedemic of this kind of Fraud is nothing short of scary. Related Links Online Theft Kelly Martin Security Focus. posted by Robert Campbell 8:00 PM Sender Policy Framework : anti-SPAM system gets OK from top ISPs
 The world's largest ISPs commit to SPF in an attempt to stop the tide of SPAM. AOL Yahoo, Earthlink, and Comcast have all signed up to making thier users adopt SPF as a self regulated means to help control the proliferation of SPAM. SMAP according to some experts now ammounts to 60% of all email transmitted on the 'net. SPF is a means by which any receiving SMTP server should be able to check that the email its being asked to accept is coming from a server that is legitimately allowed to send email for the domain in the emails 'from' part of the header. In this way 'spoofed email addresses should become a thing of the past. SPF should be relatively easy to implement, as it relies on the Internet's DNS for a large part of the process. an increasing number of email servers will support SPF today, including BorderWare MXtreme which already supports SPF and along with its exceptionally secure mail handling mechanisms should make it the email firewall of choice. One has to ask wether or not any of the major banks have implemented SPF on their mail systems. It seems not. Related Links BorderWare MXtreme SPF handling. Net giants adopt anti-spam system : BBC News Online Sender Policy Framework Anti-Forgery solution SPF Not Poisonous to Phish : by Brian McWilliams posted by Robert Campbell 3:17 PM Banks and APACS form banksafeonline.org.uk
 In a move to help educate users of the dangers of online banking scams APACS has set up a new organization Bank Safe On Line. I personally get at least half a dozen 'phishing scam emails' a week, the latest purportedly from Wells Fargo is pictured here. Note the subject of the email has been modified. The text [SPAM 80] as been added to the subject by our MXtreme email firewall. Related Links banksafeonline.org.uk A new way to go phishing APACS - the UK payments association Banks sound alarm on online fraud : BBC Online National Hi-Tech Crime Unit North East Fraud Forum APACS Card Watch web site with special focus on 'plastic card fraud' Chip and PIN programme in the UK CIFAS - The UK's Fraud Prevention Service posted by Robert Campbell 9:20 AM Monday, September 27, 2004HFC email blunder
 In a rather stupid and avoidable mistake the HFC Bank sent emails to a large number of its customers customers revealing all their email addresses. While this is probably, as we have indicated very stupid its not likely to have compromised anyone's identity or increased their risks in any significant way.Unfortunately many commentators, the BBC's MoneyBox among them, have blown this somewhat out of proportion. According to the BBC online article the HFC bank itself has admitted a breach of the data protection law and has compensated their customers with £50. That nearly always sensible opinion column The Register also comments as does the FT Well we haven't actually seen the email and we're guessing from the rumors that the mistake is simply that everyone on the mailing list appeared in the cc: field of the email. That wouldn't be enough to break any data protection guidelines and certainly would not be enough to compromise anyone's identity. What will have compounded the apparent blunder will have been the lax use of the 'out-of-office-reply' which we believe was the real culprit in disseminating compromising data. This is yet another demonstration that email risks are not just confined to the currently hot issues of SPAM and Virus protection. The subject of email security needs to be considered in a more holistic way. If HFC had a BorderWare MXtreme in place they could have easily prevented this embarrassing incident and simultaneously dealt with SPAM, Viruses up to 38 other email vulnerabilities Related Links HFC bank in mass e-mail blunder : MoneyBox BBC HFC Bank's press room HSBC Borderware MXtreme email firewall posted by Robert Campbell 1:00 PM Wine Discoveries : new customer, new payment method
 Wine Discoveries based in Stonegate
East Sussex recently relaunched their new web site with the help of ecommnet and 3bweb. The company's motto Great wine from small producers reflects the passion and care the company puts into its business. ecommnet provided all the e-commerce functions within the site using a mix of SecureTrading for on-line credit card clearance and CactusShop for the catalogue and order processing functions. Alex Bremer our erstwhile graphics designer from 3bweb produced the graphics and design.Always keen to develop mutual working relationships we accepted part payment for the development in liquid form that is to say several cases of wine. We can highly recomend the mixed case of reds and whites; my own personal favorite is Domaine la Maurerie Saint Chinian 2001 "Esprit du Terroir" Related Links posted by Robert Campbell 11:34 AM
|
