Cybercrime

Cybercrime / Most Commented

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more

When the Defendant is a Domain Name: The Power of In Rem Proceedings Under the ACPA

A recent decision by a federal court in Virginia illustrates some interesting legal issues that arise from the global nature of the domain name system. It also highlights a powerful mechanism under the Anticybersquatting Consumer Protection Act ("ACPA") by which a plaintiff can proceed with a legal action to recover a domain name without regard to the court's personal jurisdiction over the registrant.  more

New Study Revealing Behind the Scenes of Phishing Attacks

The following is an overview of the recent Honeynet Project and Research Alliance study called 'Know your Enemy:Phishing' aimed at discovering practical information on the practice of phishing. This study focuses on real world incidents based on data captured and analyzed from the UK and German Honeynet Project revealing how attackers build and use their infrastructure for Phishing based attacks. "This data has helped us to understand how phishers typically behave and some of the methods they employ to lure and trick their victims. We have learned that phishing attacks can occur very rapidly, with only limited elapsed time between the initial system intrusion and a phishing web site going online..." more

What is ‘Pharming’ and Should You Be Worried?

The sky is falling! The sky is falling! ...or is it? What is this thing called "pharming"? Put simply, it's redirection of web traffic, so that the server you think you're talking to actually belongs to a criminal. For example: you think you're talking to www.examplebank.com because it says so in the browser's address bar, but actually you're connected to www.mafia-R-us.ru. This can happen in three main ways: 1. DNS Hijack: a social engineering attack on the Internet infrastructure... more

CENTR Statement on IDN Homograph Attacks

Recently a proof of concept attack was announced on the Internet that demonstrated how a web address could be constructed that looked in some web browsers identical to that of a well known website. This technique could be used to trick a user into going to a website that they did not plan on visiting, and possibly provide sensitive information to a third party. As a result of this demonstration, there has been a number of voices calling for web browsers to disable or remove support for IDNs by default. ...CENTR, a group of many of the world's domain registries - representing over 98% of domain registrations worldwide - believes such strong reactions are heavily detrimental... more

Creating a Police State From the Ashes of the Internet

Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more

Survey Predicts Attacks on the Network Infrastructure Within 10 Years

Pew Internet Project has released a report called "The Future of the Internet" based on a recently conducted survey where 1,286 internet experts are said to have looked at the future impact of the internet and assessed predictions about how technology and society will unfold. The following is and excerpt from the report predicting at least one devastating attack will occur in the next 10 years on the networked information infrastructure or the United States power grid. more

Zuccarini To Receive 30 Months in Prison

In a Press Release issued yesterday, February 26, 2004, it has been announced that Zuccarini (background here) will receive 30 months in prison for violating the Truth in Domain Names Act. At least two of the domain names mentioned in the press release, DINSEYLAND.COM and BOBTHEBIULDER.COM appear to have been registered by third parties and are pointing to pages of links... more

New TLDs, Swiftly: This Is No Beauty Contest!

In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more

IP And The Internet: A Growing Need to Police Online Content

The Internet and corresponding online world have radically expanded the landscape Intellectual Property professionals need to investigate when monitoring for possible infringements of their trademarks, brands and other intangible assets. With few barriers to entry, coupled with the ability to operate anonymously, the Internet has rapidly become a significant target for unscrupulous individuals hoping to take advantage of the easily accessible Intellectual Property assets of legitimate businesses. more

Diverting Traffic On The Web: Trademarks And The First Amendment

What's at the heart of cybersquatting may also be at the heart of free speech on the Internet: the diversion of Internet users looking for plaintiff's web site to defendant's web site. Cybersquatters register domain names to accomplish this, while meta-infringers (as we will call them) use HTML code and search engine optimization techniques. Meta-infringers do this by creating keyword density by using competitor's trademarks and permutations thereof in their website in order to rank higher in the search engine results when someone searches on the competitor's trademarks. more

Domain Name Issues In Russia

How are domain names dealt with in Russia? This article discusses current issues related to the registration and assignment of domain names in ".ru" zone (Russian top level country code domain) and trademark protection on Internet. more

If It Walks Like A Duck And Quacks Like A Duck It’s Probably A…?

It is time to revisit the old question regarding whether or not a domain name is actually 'property' and what this means to domain name registrants, registrations, ISPs and ICANN itself. What type of rights does a domain name confer? What responsibilities will the act of registering domain names suddenly bestow? more

With No Privacy Standards Who Knows Who Is Abusing The Whois Database

John Banks is a loan officer in New York. John's supervisor recently warned John about the potential number of bad loans he may be carrying as part of his portfolio. To dump some of the bad loans he might be carrying, John came up with a scheme. He pointed his web browser to www.whois.org and entered terms denoting disease or poor health such as 'cancer' and 'illness'. This query on the Internet's WHOIS database reported results of names and addresses of domain name owners who had developed websites devoted to providing information on certain serious illnesses. John compared these names and addresses with those in his portfolio of loans. For the matches, he canceled the loans and required immediate payment-in-full. more

Trend Towards Liberalization Of Country Domain Names: Enters .CN

On Monday 17 March, domain name registrations under the new Chinese Internet address, .cn, were available for the first time to registrants both inside and outside of China. As China's equivalent of .uk, or .us, the .cn domain space will be the Internet address of choice for Chinese consumers and for corporations interested in operating in one of the largest Internet markets. more