Instant Messaging - Expressway for Identity Theft, Trojan Horses, Viruses, and Worms

Never before with Instant Messaging (IM) has a more vital warning been needed for current and potential IM buddies who chat on line.

John Sakoda of IMlogic CTO and Vice President of Products stated that,

"IM viruses and worms are growing exponentially....Virus writers are now shifting the focus of their attack to instant messaging, which is seen as a largely unprotected channel into the enterprise."

Because Instant Messaging operates on peer-to-peer (P2P) networks, it spawns an irresistible temptation for malicious computer hackers. P2P networks share files and operate on industry standard codec (encyrption codes) and industry standard protocols, which are publicly open and interpretable. Anti virus software does not incorporate protection for Instant Messaging services.

Like sharks in a feeding frenzy, these hacker mercenaries view Instant Messaging clients as their personal "Cash Cow" because of the ease by which they can access your computer via the publicly open and interpretable standards, unleash a Trojan horse, virus, or worm, as well as gather your personal and confidential information, and sell it to other depraved reprobates.

Please, don't be naïve enough to think it won't or couldn't happen to you!

Want to see how easy it is for hackers to access your Instant Messaging chat and what can happen to you as a result?

Did you know that some hacker-friendly providers offer processor chips that can be bought on the Internet? (I guess it would be pretty hard to walk into a store and ask the clerk to help them find a processor chip that could be used to illegally hack into a victim's computer for the sole purpose of spreading malicious code or stealing someone's identity!)

Did you know that hacker-friendly providers actually offer hacker software that enables these criminals to deliberately disable security on computers, access your personal and confidential information, as well as inject their Trojan horses, viruses, and worms?

Hacker manuals are also conveniently accessible via the Internet. One of these manuals shows how to DoS other sites. DoSing (Disruption of Service) involves gaining unauthorized access to the "command prompt" on your computer and using it to tie up your vital Internet services. When a hacker invades your system, they can then delete or create files and emails, modify security features, and plant viruses or time bombs onto your computer.

"Sniff" is a tool (originally intended to help telecommunication professionals detect and solve problems) that reprobate hackers use to tamper with the protocol and "sniff out" data. When hackers sniff out your Instant Messaging data packet from Internet traffic, they reconstruct it to intercept conversations. This enables them to eavesdrop on your conversations, gather information, and sell it to other depraved criminal entities.

Don't set yourself up to be the next Identity Theft Victim because you like to chat using Instant Messaging.

Identity theft is one of the most sinister of vulnerabilities you are inadvertently be subjected to. Identity theft is defined by the Department of Justice as

"?the wrongful obtaining and using of someone else's personal data in some way that involves fraud or deception, typically for economic gain."

Identity theft is the by-product of hacker mercenaries obtaining your social security number (including those of your spouse and children), your bank account, your credit card information, etc., from the Internet. You become a virtual "Cash Cow" for hackers as your information is then sold to other felons for financial gain. Using your information, these criminals then:

· access your bank account funds
· create new bank accounts with your information
· create driver's licenses
· create passports

Attorney General Ashcroft stated that,

"Identity theft carries a heavy price, both in the damage to individuals whose identities are stolen and the enormous cost to America's businesses."

A group hosting a website known as shadowcrew.com was indicted on conspiracy charges for stealing credit card numbers and identity documents, then selling them online. While this group allegedly trafficked $1.7 million in stolen credit card numbers, they also caused losses in excess of $4 million.

According to a Press Release issued by the Department of Justice on February 28, 2005, a hacker was convicted of several counts of fraud, one in which

"?he fraudulently possessed more than 15 computer usernames and passwords belonging to other persons for the purpose of accessing their bank and financial services accounts, opening online bank accounts in the names of those persons, and transferring funds to unauthorized accounts."

Trojan Horses, Viruses, and Worms - The Toxic Trio

According to Dictionary.com, a Trojan horse is "...a subversive group that supports the enemy and engages in espionage or sabotage---an enemy in your midst." The toxic cargo of Trojan horses can include viruses or worms.

A Trojan horse is a program that Internet criminals use to interrupt and interfere with your security software and produce the following results

· Terminates processes
· Removes registry entries
· Stops services
· Deletes files

Hackers, who have gained access to your computer, because of the easily accessible programs and software as mentioned above, are enthusiastically incorporating this venomous little program into their arsenal of weapons.

As recently as March 4, 2005, a new Trojan horse was discovered that modified settings in Internet Explorer. Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP were the reported systems that could be affected.

On January 28, 2005, a press Release issued by the Department of Justice reported that a 19 year old was convicted for his criminal activity by "?creating and unleashing a variant of the MS Blaster computer worm." Christopher Wray, Attorney General - Criminal Division stated that,

"This ? malicious attack on the information superhighway caused an economic and technological disruption that was felt around the world."

By the way, "malicious" is defined by Webster as "...intentionally mischievous or harmful".

On February 11, 2005, in a Press Release issued by the Department of Justice, reported that another criminal was sentenced for circulating a worm. This worm,

"?directed the infected computers to launch a distributed denial of service (DOS) attack against Microsoft's main web site causing the site to shutdown and thus became inaccessible to the public for approximately four hours."

March 7, 2005, Symantec.com posted discovery of a worm named "W32.Serflog.B" that spread through file-sharing networks and MSN Messenger - networks that operate on publicly open and interpretable industry standards administered by P2P systems that host Instant Messaging clients-none of which are protected, regardless of the anti virus software on your computer. The W32.Serflog.B worm also lowers security settings and appears as a blank message window on the MSN Messenger.

SOLUTION

Avoid at all costs, P2P file sharing networks as they operate on publicly open and interpretable industry standards. (Instant Messaging services run on P2P file sharing networks.)

If you like the convenience of text chatting via Instant Messaging, then why not consider an optimally secure VoIP (voice over internet protocol), also known as a Computer Phone, that incorporates the Instant Messaging feature. Make sure the VoIP internet service provider does not operate on P2P file sharing networks that use industry standard codec or industry standard protocols that are publicly open and accessible. (Don't forget, these standards create the vulnerability which reprobate hackers are capitalizing on because of their easy accessibility.)

Optimally secure VoIP service providers that incorporate a secure Instant Messaging feature, operate from their own proprietary high end encryption codec on patented technology which is hosted in a professional facility. Simply put, when a VoIP internet service provider is optimally secure, the Instant Messaging feature on the VoIP softphone is also incorporated in their optimally secure technology.

Here's the bottom line.

If you are currently using Instant Messaging of any sort, you need to make a decision:

a. Continue enticing hacker mercenaries and remain as a user of an Instant Messaging service, or

b. Take immediate corrective action.

If you decide to take immediate corrective action:

1. Find an optimally secure VoIP internet solution provider that includes the Instant Messaging feature in their proprietary patented technology.

2. Find an optimally secure VoIP internet solution provider that has their own proprietary high end encryption codec.

3. Find an optimally secure VoIP internet solution provider that has their own proprietary patented technology.

4. Find an optimally secure VoIP internet solution provider that hosts their proprietary patented technology in a professional facility.

Need Help?

Here's a place you can look over to see what an optimally secure VoIP internet solution provider looks like--one that operates on their own proprietary high end encryption codec with their own proprietary patented technology hosted in a professional facility, AND one that incorporates the Instant Messaging feature. http://www.free-pc-phone.com

**Attn Ezine editors / Site owners ** Feel free to reprint this article in its entirety in your ezine or on your site so long as you leave all links in place, do not modify the content and include the resource box as listed above.

Dee Scrip is a well known and respected published author of numerous articles on VoIP, VoIP Security, and other related VoIP issues. Other articles can be found at http://www.free-pc-phone.com

The Southern Ledger

NYPD, Port Authority agree on WTC security plan The Associated Press - 4 hours ago NEW YORK (AP) — Police and the World Trade Center site's owner sketched out a security agreement Thursday that settles a turf war over who will protect ... NYPD, Port Authority agree on WTC security plan Newsday NYPD wins in bitter WTC security battle New York Daily News Port Authority cops, NYPD will share security duties at Ground Zero The Star-Ledger - NJ.com EmpireStateNews.net - New York Times all 230 news articles

China Daily

Napping Air Force Crew Broke Security Rules Washington Post, United States - 3 hours ago In May, an Air Force unit at Minot, the 5th Bomb Wing, was given an "unacceptable" grade in security of nuclear weapons, according to the review by the ... Air Force Missile Launch Crew Fell Asleep ABC News Air Force says officers fell asleep at nuke switch CNN US missile crew falls asleep with launch codes Reuters AirForceTimes.com - KFYR-TV all 255 news articles

UBS hit with New York auction-rate security suit CNNMoney.com - 8 hours ago The lawsuit charges UBS (UBS) with falsely marketing and selling auction-rate securities as safe, cash-equivalent investments at a time when the market for ...

Hartford Courant

CT Scores a Pile of Homeland Security Cash Hartford Courant, United States - 6 hours ago By Jesse A. Hamilton on July 24, 2008 3:30 PM | Permalink | Comments (0) The Senate homeland security committee, chaired by Sen. Joe Lieberman, put out some ... Conn. homeland security grant increases Hartford Courant JESSE HAMILTON | The Hartford Courant Hartford Courant all 10 news articles

Security Researcher Amit Klein Can Discuss Kaminsky DNS Cache ... MarketWatch - 11 hours ago WHO: Amit Klein, noted internet security researcher and CTO of Trusteer, is an expert DNS issues and endpoint security. He has discovered and reported ... Trusteer Cloud-Based Service Protects Financial Institutions and ... MarketWatch all 17 news articles

ABC News

Study: Banking Web sites have security design flaws CNET News, CA - Jul 23, 2008 A new study about security problems with financial Web sites may have you thinking twice about doing online banking. Atul Prakash, a professor in the ... Bank Web sites full of security holes, University of Michigan ... NetworkWorld.com 75% of bank websites have major security flaws TECH.BLORGE.com Design flaws make online banking vulnerable: study NDTV.com First Coast News - Hard OCP all 174 news articles

Telegraph.co.uk

‘Special Task Force’ to ensure security requirements are ... Daily Times, Pakistan - 6 hours ago By Muhammad Ali LAHORE: Pakistan will host the September’s ICC Champions Trophy despite security concerns. The ICC’s executive board gave Pakistan green ... ICC head moves to allay Pakistan security fears ABC Online ICC confirms Pakistan as Champions Trophy venue despite security fears The Canadian Press Aussies not convinced about security in Pak Expressindia.com The Age - International Herald Tribune all 1,198 news articles

The Associated Press

Rapper DMX pleads not guilty to felony charges The Associated Press - 4 hours ago Authorities allege the 37-year-old rapper, whose real name is Earl Simmons, gave the name "Troy Jones" and an incorrect Social Security number to a ... DMX Pleads Not Guilty, Performs for Press E! Online Rapper DMX denies theft charges, sings at court Reuters DMX Charged With Identity Theft The BoomBox Showbiz Spy - San Francisco Chronicle all 297 news articles

Security Bank Corporation to Record Non-Cash Goodwill Adjustment ... MarketWatch - 8 hours ago The adjustment of goodwill is a non-cash charge that will not adversely impact Security Bank Corporation's daily operations, FDIC deposit insurance coverage ...

Democrats blast Bush administration for targeting workers, not ... San Francisco Chronicle,  USA - 4 hours ago In all, 306 illegal immigrants ultimately were charged with Social Security fraud for using illegal Social Security numbers, and also a higher offense, ... Immigration raid tactics draw congressional ire The Associated Press Expedited Trials of Illegal Immigrants Are Questioned Washington Post Congress panel hears debate on Postville raid DesMoinesRegister.com Jewish Exponent all 72 news articles