Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-03-09 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Safer Online Shopping Guide

Published: 2006-03-09
Last Updated: 2006-03-14 04:38:15 UTC
by John Bambenek (Version: 1)
0 comment(s)
Mostly because I was interviewed a few days ago about it and then realized there should be a basic guide like this, I wrote a one-pager designed towards end-users on basic ways to shop online safely.  For people in the business, this should all be known and well-used stuff, but unfortunately the general consumer doesn't necessarily practice these steps.  While online shopping in the end doesn't impact the consumer as much as it could (the banks end up eating fraud) they are the first, last, and best line of defense against information disclosure of consumer info.  Here's the guide.

While this goes a long way to protecting the low-hanging fruit, the industry has a long way to go to build an intelligent infrastructure to prevent massive identity theft from online transactions.  Send comments to bambenek -at- gmail -dot- com.  I do accept gratuities in the form of adult beverages if you are even in scenic and beautiful Champaign, Illinois.

Note: Thanks for the feedback, fixed some typos and added some clarifications. 

If you want to put this on your website or distribute to users, feel free that's what this is for. Distribute it far and wide, translate it, do whatever you want.  Just credit me and the ISC because we like the good press, you don't need advance permission from me. :)
Keywords:
0 comment(s)

Spam ahoy!

Published: 2006-03-09
Last Updated: 2006-03-10 17:22:07 UTC
by John Bambenek (Version: 1)
0 comment(s)
This PR release slides nicely right into our current poll on how much spam a typical organization receives.  The Messaging Anti-Abuse Working Group has estimated that about 80%-85% of all e-mail is spam or malicious.  36% of respondents in our poll reported more than 75% with the rest being split between 50-75%, 10-50% and less than 10%.  This highlights the need to practice safe shopping online (see below, don't buy from spammers, it's bad for you) and to filter malicious e-mail.  Phishing, spyware, and e-mail viruses have all become vectors of doing one thing, seperating consumers from their money.  While I'm not going to be a doomsayer and say e-mail is dead, I will say this behavior will only increase and continue as long as it is successful.
Keywords:
0 comment(s)

Microsoft Patch Tuesday Advance Notice

Published: 2006-03-09
Last Updated: 2006-03-10 13:50:12 UTC
by John Bambenek (Version: 1)
0 comment(s)
Microsoft released their advance bulletin today.  Looks like it will be a light month with only one critical update for Microsoft Office and only an important updated for Windows itself.  All in all it looks like a light month this month.
Keywords:
0 comment(s)
Diary Archives