Instant Messaging - Expressway for Identity Theft, Trojan Horses, Viruses, and Worms

Never before with Instant Messaging (IM) has a more vital warning been needed for current and potential IM buddies who chat on line.

John Sakoda of IMlogic CTO and Vice President of Products stated that,

"IM viruses and worms are growing exponentially....Virus writers are now shifting the focus of their attack to instant messaging, which is seen as a largely unprotected channel into the enterprise."

Because Instant Messaging operates on peer-to-peer (P2P) networks, it spawns an irresistible temptation for malicious computer hackers. P2P networks share files and operate on industry standard codec (encyrption codes) and industry standard protocols, which are publicly open and interpretable. Anti virus software does not incorporate protection for Instant Messaging services.

Like sharks in a feeding frenzy, these hacker mercenaries view Instant Messaging clients as their personal "Cash Cow" because of the ease by which they can access your computer via the publicly open and interpretable standards, unleash a Trojan horse, virus, or worm, as well as gather your personal and confidential information, and sell it to other depraved reprobates.

Please, don't be naïve enough to think it won't or couldn't happen to you!

Want to see how easy it is for hackers to access your Instant Messaging chat and what can happen to you as a result?

Did you know that some hacker-friendly providers offer processor chips that can be bought on the Internet? (I guess it would be pretty hard to walk into a store and ask the clerk to help them find a processor chip that could be used to illegally hack into a victim's computer for the sole purpose of spreading malicious code or stealing someone's identity!)

Did you know that hacker-friendly providers actually offer hacker software that enables these criminals to deliberately disable security on computers, access your personal and confidential information, as well as inject their Trojan horses, viruses, and worms?

Hacker manuals are also conveniently accessible via the Internet. One of these manuals shows how to DoS other sites. DoSing (Disruption of Service) involves gaining unauthorized access to the "command prompt" on your computer and using it to tie up your vital Internet services. When a hacker invades your system, they can then delete or create files and emails, modify security features, and plant viruses or time bombs onto your computer.

"Sniff" is a tool (originally intended to help telecommunication professionals detect and solve problems) that reprobate hackers use to tamper with the protocol and "sniff out" data. When hackers sniff out your Instant Messaging data packet from Internet traffic, they reconstruct it to intercept conversations. This enables them to eavesdrop on your conversations, gather information, and sell it to other depraved criminal entities.

Don't set yourself up to be the next Identity Theft Victim because you like to chat using Instant Messaging.

Identity theft is one of the most sinister of vulnerabilities you are inadvertently be subjected to. Identity theft is defined by the Department of Justice as

"?the wrongful obtaining and using of someone else's personal data in some way that involves fraud or deception, typically for economic gain."

Identity theft is the by-product of hacker mercenaries obtaining your social security number (including those of your spouse and children), your bank account, your credit card information, etc., from the Internet. You become a virtual "Cash Cow" for hackers as your information is then sold to other felons for financial gain. Using your information, these criminals then:

· access your bank account funds
· create new bank accounts with your information
· create driver's licenses
· create passports

Attorney General Ashcroft stated that,

"Identity theft carries a heavy price, both in the damage to individuals whose identities are stolen and the enormous cost to America's businesses."

A group hosting a website known as shadowcrew.com was indicted on conspiracy charges for stealing credit card numbers and identity documents, then selling them online. While this group allegedly trafficked $1.7 million in stolen credit card numbers, they also caused losses in excess of $4 million.

According to a Press Release issued by the Department of Justice on February 28, 2005, a hacker was convicted of several counts of fraud, one in which

"?he fraudulently possessed more than 15 computer usernames and passwords belonging to other persons for the purpose of accessing their bank and financial services accounts, opening online bank accounts in the names of those persons, and transferring funds to unauthorized accounts."

Trojan Horses, Viruses, and Worms - The Toxic Trio

According to Dictionary.com, a Trojan horse is "...a subversive group that supports the enemy and engages in espionage or sabotage---an enemy in your midst." The toxic cargo of Trojan horses can include viruses or worms.

A Trojan horse is a program that Internet criminals use to interrupt and interfere with your security software and produce the following results

· Terminates processes
· Removes registry entries
· Stops services
· Deletes files

Hackers, who have gained access to your computer, because of the easily accessible programs and software as mentioned above, are enthusiastically incorporating this venomous little program into their arsenal of weapons.

As recently as March 4, 2005, a new Trojan horse was discovered that modified settings in Internet Explorer. Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP were the reported systems that could be affected.

On January 28, 2005, a press Release issued by the Department of Justice reported that a 19 year old was convicted for his criminal activity by "?creating and unleashing a variant of the MS Blaster computer worm." Christopher Wray, Attorney General - Criminal Division stated that,

"This ? malicious attack on the information superhighway caused an economic and technological disruption that was felt around the world."

By the way, "malicious" is defined by Webster as "...intentionally mischievous or harmful".

On February 11, 2005, in a Press Release issued by the Department of Justice, reported that another criminal was sentenced for circulating a worm. This worm,

"?directed the infected computers to launch a distributed denial of service (DOS) attack against Microsoft's main web site causing the site to shutdown and thus became inaccessible to the public for approximately four hours."

March 7, 2005, Symantec.com posted discovery of a worm named "W32.Serflog.B" that spread through file-sharing networks and MSN Messenger - networks that operate on publicly open and interpretable industry standards administered by P2P systems that host Instant Messaging clients-none of which are protected, regardless of the anti virus software on your computer. The W32.Serflog.B worm also lowers security settings and appears as a blank message window on the MSN Messenger.

SOLUTION

Avoid at all costs, P2P file sharing networks as they operate on publicly open and interpretable industry standards. (Instant Messaging services run on P2P file sharing networks.)

If you like the convenience of text chatting via Instant Messaging, then why not consider an optimally secure VoIP (voice over internet protocol), also known as a Computer Phone, that incorporates the Instant Messaging feature. Make sure the VoIP internet service provider does not operate on P2P file sharing networks that use industry standard codec or industry standard protocols that are publicly open and accessible. (Don't forget, these standards create the vulnerability which reprobate hackers are capitalizing on because of their easy accessibility.)

Optimally secure VoIP service providers that incorporate a secure Instant Messaging feature, operate from their own proprietary high end encryption codec on patented technology which is hosted in a professional facility. Simply put, when a VoIP internet service provider is optimally secure, the Instant Messaging feature on the VoIP softphone is also incorporated in their optimally secure technology.

Here's the bottom line.

If you are currently using Instant Messaging of any sort, you need to make a decision:

a. Continue enticing hacker mercenaries and remain as a user of an Instant Messaging service, or

b. Take immediate corrective action.

If you decide to take immediate corrective action:

1. Find an optimally secure VoIP internet solution provider that includes the Instant Messaging feature in their proprietary patented technology.

2. Find an optimally secure VoIP internet solution provider that has their own proprietary high end encryption codec.

3. Find an optimally secure VoIP internet solution provider that has their own proprietary patented technology.

4. Find an optimally secure VoIP internet solution provider that hosts their proprietary patented technology in a professional facility.

Need Help?

Here's a place you can look over to see what an optimally secure VoIP internet solution provider looks like--one that operates on their own proprietary high end encryption codec with their own proprietary patented technology hosted in a professional facility, AND one that incorporates the Instant Messaging feature. http://www.free-pc-phone.com

**Attn Ezine editors / Site owners ** Feel free to reprint this article in its entirety in your ezine or on your site so long as you leave all links in place, do not modify the content and include the resource box as listed above.

Dee Scrip is a well known and respected published author of numerous articles on VoIP, VoIP Security, and other related VoIP issues. Other articles can be found at http://www.free-pc-phone.com

Dose.ca

Canada may abandon bid for Security Council seat: media AFP - 1 hour ago OTTAWA (AFP) — Canada may abandon its bid for a two-year-term seat on the UN Security Council in 2010-2012, to avoid potential embarrassment in the event it ... National security – it’s now a private matter Canada Free Press Harper Must Answer Canadians’ Questions on National Security Liberal.ca (press release) Bernier affair calls background checks into question Niagara Falls Review AHN - Globe and Mail all 389 news articles

Alalam News Network

US says Iran security pledge not on table in atom row Reuters - 4 hours ago By Tabassum Zakaria and Matt Spetalnick JERUSALEM (Reuters) - The United States said on Wednesday six world powers had no plans to offer Iran security ... Russia says "Six" could guarantee Iran security Reuters.fr Russia urges security guarantees for Iran Xinhua Russia urges international partners to provide security guarantees ... International Herald Tribune PRESS TV - RIA Novosti all 60 news articles

eFluxMedia

Top immigration official outlines security database changes Chicago Tribune, United States - 22 hours ago AP CHICAGO - A top US Immigration official says it's necessary to increase fees to fund a security database that tracks foreign students. ... Video: ICE Agents Raid Meat Packing Plant AssociatedPress Agriprocessors Facing More Problems WHO-TV Immigration raid in Iowa largest ever in US The Associated Press DesMoinesRegister.com - World Socialist Web Site all 709 news articles

TechSpot

Microsoft delivers four security fixes VNUNet.com, UK - 10 hours ago The most dangerous of the vulnerabilities is the Jet Database flaw, according to security firm Symantec. "This is a relatively light month with four ... Microsoft Patch Tuesday: Six Vulnerabilities Fixed In Four Bulletins InformationWeek Microsoft fixes critical Windows, Word flaws Computerworld Microsoft Patches Zero Day Flaw in Windows IT Jungle Heise Online - CRN all 47 news articles

UN News Centre

UN chief calls for more coherent approach to security sector reform Tehran Times, Iran - 1 hour ago UNITED NATIONS (APP) -- UN support for security sector reform in countries struggling to rebuild after suffering through conflicts must become more coherent ... Vietnam advocates security reform discussion at UN forums VietNamNet Bridge DEVELOPING EFFECTIVE, ACCOUNTABLE SECURITY INSTITUTIONS ‘OUR ... ReliefWeb (press release) Security Council presidential statement emphasizes security sector ... ReliefWeb (press release) all 10 news articles

Mock attack defeats lab security San Jose Mercury News,  USA - 17 hours ago By SCOTT LINDLAW AP Writer SAN FRANCISCO—Mock terrorists defeated security personnel in a recent drill at Lawrence Livermore National Laboratory, ... Nuke Insecurity? Washington Post Livermore lab fails terror test Contra Costa Times all 28 news articles

UPDATE 1-Fragmented security industry wants EU standards Reuters - 8 minutes ago By Ingrid Melander BRUSSELS, May 14 (Reuters) - Common standards are needed across Europe to boost a fragmented security market, major companies involved in ...

Malaysia Star

'Iran will not give up enrichment' Jerusalem Post, Israel - 16 hours ago Iranian President Mahmoud Ahmadinejad "is quite prepared, as is the rest of the leadership, to ignore the various security council resolutions that require ... Any UNSC measure on Iran’s dossier weakens IAEA: Soltaniyeh ISNA CHRONOLOGY - Iran's nuclear programme Reuters US: Iran proposals not to settle woes PRESS TV Tehran Times - Antiwar.com all 264 news articles

Seagate Disk Gets NSA's Security Seal of Approval InternetNews.com - 2 hours ago By Judy Mottl: More stories by this author: The National Security Agency (NSA) has qualified Seagate Technology's (NYSE:STX) Momentus 5400 FDE.2 hard drive ... Security concerns spur agencies to limit use of thumb drives Federal Times all 2 news articles

'I was attacked by flat security guard' Independent Online, South Africa - 3 hours ago By Asa Sokopo A Rosebank (Cape Town) woman has told of her terror when attacked by a security guard at her block of flats moments after she asked him to ...