Instant Messaging - Expressway for Identity Theft, Trojan Horses, Viruses, and Worms
Never before with Instant Messaging (IM) has a more vital
warning been needed for current and potential IM buddies who
chat on line.
John Sakoda of IMlogic CTO and Vice President of Products stated
that,
“IM viruses and worms are growing exponentially….Virus writers
are now shifting the focus of their attack to instant messaging,
which is seen as a largely unprotected channel into the
enterprise.”
Because Instant Messaging operates on peer-to-peer (P2P)
networks, it spawns an irresistible temptation for malicious
computer hackers. P2P networks share files and operate on
industry standard codec (encyrption codes) and industry standard
protocols, which are publicly open and interpretable. Anti virus
software does not incorporate protection for Instant Messaging
services.
Like sharks in a feeding frenzy, these hacker mercenaries view
Instant Messaging clients as their personal “Cash Cow” because
of the ease by which they can access your computer via the
publicly open and interpretable standards, unleash a Trojan
horse, virus, or worm, as well as gather your personal and
confidential information, and sell it to other depraved
reprobates.
Please, don’t be nave enough to think it won’t or couldn’t
happen to you!
Want to see how easy it is for hackers to access your Instant
Messaging chat and what can happen to you as a result?
Did you know that some hacker-friendly providers offer processor
chips that can be bought on the Internet? (I guess it would be
pretty hard to walk into a store and ask the clerk to help them
find a processor chip that could be used to illegally hack into
a victim’s computer for the sole purpose of spreading malicious
code or stealing someone’s identity!)
Did you know that hacker-friendly providers actually offer
hacker software that enables these criminals to deliberately
disable security on computers, access your personal and
confidential information, as well as inject their Trojan horses,
viruses, and worms?
Hacker manuals are also conveniently accessible via the
Internet. One of these manuals shows how to DoS other sites.
DoSing (Disruption of Service) involves gaining unauthorized
access to the “command prompt” on your computer and using it to
tie up your vital Internet services. When a hacker invades your
system, they can then delete or create files and emails, modify
security features, and plant viruses or time bombs onto your
computer.
“Sniff” is a tool (originally intended to help telecommunication
professionals detect and solve problems) that reprobate hackers
use to tamper with the protocol and “sniff out” data. When
hackers sniff out your IM data packet from Internet traffic,
they reconstruct it to intercept conversations. This enables
them to eavesdrop on conversations, gather information, and sell
it to other depraved criminal entities.
Don’t set yourself up to be the next Identity Theft Victim
because you like to chat using Instant Messaging.
Identity theft is one of the most sinister of vulnerabilities
you can inadvertently be subjected to. Identity theft is defined
by the Department of Justice as
“…the wrongful obtaining and using of someone else’s personal
data in some way that involves fraud or deception, typically for
economic gain.” Identity theft is the by-product of hacker
mercenaries obtaining your social security number (including
those of your spouse and children), your bank account, your
credit card information, etc., from the Internet. You become a
virtual “Cash Cow” for hackers as your information is then sold
to other felons for financial gain. Using your information,
these criminals then:
access your bank account funds create new bank accounts with
your information create driver’s licenses create passports
Attorney General Ashcroft stated that,
“Identity theft carries a heavy price, both in the damage to
individuals whose identities are stolen and the enormous cost to
America’s businesses.”
A group hosting a website known as shadowcrew.com was indicted
on conspiracy charges for stealing credit card numbers and
identity documents, then selling them online. While this group
allegedly trafficked $1.7 million in stolen credit card numbers,
they also caused losses in excess of $4 million.
According to a Press Release issued by the Department of Justice
on February 28, 2005, a hacker was convicted of several counts
of fraud, one in which
“…he fraudulently possessed more than 15 computer usernames and
passwords belonging to other persons for the purpose of
accessing their bank and financial services accounts, opening
online bank accounts in the names of those persons, and
transferring funds to unauthorized accounts.”
Trojan Horses, Viruses, and Worms - The Toxic Trio
According to Dictionary.com, a Trojan horse is “…a subversive
group that supports the enemy and engages in espionage or
sabotage—an enemy in your midst.” The toxic cargo of Trojan
horses can include viruses or worms.
A Trojan horse is a program that Internet criminals use to
interrupt and interfere with your security software and produce
the following results
Terminates processes Removes registry entries Stops services
Deletes files
Hackers, who have gained access to your computer, because of the
easily accessible programs and software as mentioned above, are
enthusiastically incorporating this venomous little program into
their arsenal of weapons.
As recently as March 4, 2005, a new Trojan horse was discovered
that modified settings in Internet Explorer. Windows 2000,
Windows 95, Windows 98, Windows Me, Windows NT, Windows Server
2003, and Windows XP were the reported systems that could be
affected.
On January 28, 2005, a press Release issued by the Department of
Justice reported that a 19 year old was convicted for his
criminal activity by “…creating and unleashing a variant of the
MS Blaster computer worm.” Christopher Wray, Attorney General -
Criminal Division stated that,
“This … malicious attack on the information superhighway caused
an economic and technological disruption that was felt around
the world.”
By the way, “malicious” is defined by Webster as “…intentionally
mischievous or harmful”.
On February 11, 2005, in a Press Release issued by the
Department of Justice, reported that another criminal was
sentenced for circulating a worm. This worm,
“…directed the infected computers to launch a distributed denial
of service (DOS) attack against Microsoft’s main web site
causing the site to shutdown and thus became inaccessible to the
public for approximately four hours.” March 7, 2005,
Symantec.com posted discovery of a worm named “W32.Serflog.B”
that spread through file-sharing networks and MSN Messenger -
networks that operate on publicly open and interpretable
industry standards administered by P2P systems that host Instant
Messaging clientsnone of which are protected, regardless of the
anti virus software on your computer. The W32.Serflog.B worm
also lowers security settings and appears as a blank message
window on the MSN Messenger. SOLUTION
Avoid at all costs, P2P file sharing networks as they operate on
publicly open and interpretable industry standards. (Instant
Messaging services run on P2P file sharing networks.)
If you like the convenience of text chatting via Instant
Messaging, then why not consider an optimally secure VoIP (voice
over internet protocol), also known as a Computer Phone, that
incorporates the Instant Messaging feature. Make sure the VoIP
internet service provider does not operate on P2P file sharing
networks that use industry standard codec or industry standard
protocols that are publicly open and accessible. (Don’t forget,
these standards create the vulnerability which hackers are
capitalizing on because of their easy accessibility.)
Optimally secure VoIP service providers that incorporate a
secure Instant Messaging feature, operate from their own
proprietary high end encryption codec on patented technology
which is hosted in a professional facility. Simply put, when a
VoIP internet service provider is optimally secure, the Instant
Messaging feature on the VoIP softphone is also incorporated in
their optimally secure technology.
Here’s the bottom line.
If you are currently using Instant Messaging of any sort, you
need to make a decision:
a.Continue enticing hacker mercenaries and remain as a user of
an Instant Messaging service, or b.Take immediate corrective
action.
If you decide to take immediate corrective action:
1.Find an optimally secure VoIP internet solution provider that
includes the Instant Messaging feature in their proprietary
patented technology. 2.Find an optimally secure VoIP internet
solution provider that has their own proprietary high end
encryption codec. 3.Find an optimally secure VoIP internet
solution provider that has their own proprietary patented
technology. 4.Find an optimally secure VoIP internet solution
provider that hosts their proprietary patented technology in a
professional facility.
Here’s a place you can look over to see what an optimally secure
VoIP internet solution provider looks like–one that operates on
their own proprietary high end encryption codec with their own
proprietary patented technology hosted in a professional
facility, AND one that incorporates the Instant Messaging
feature. http://www.free-pc-phone.com
**Attn Ezine editors / Site owners ** Feel free to reprint this
article in its entirety in your ezine or on your site so long as
you leave all links in place, do not modify the content and
include the resource box as listed above