Category: Fraud and ID Theft

Background
The proliferation of counterfeit and pirated goods poses considerable challenges for legitimate trade and the sustainable development of the world economy. Trade in these counterfeit and pirated goods causes significant financial losses for right holders and legitimate businesses. It also hinders sustainable economic development in both developed and developing countries and, in some cases, represents a health or safety risk to consumers.

As a result, in October 2007, the United States, the European Community, Switzerland and Japan simultaneously announced that they would negotiate a new intellectual property enforcement treaty, the Anti-Counterfeiting Trade Agreement, or ACTA. ACTA represents a significant achievement in the fight against the infringement of intellectual property rights, particularly against the proliferation of counterfeiting and piracy on a global scale, and provides a mechanism for the parties to work together in a more collaborative manner to achieve the common goal of effective Intellectual Property Rights (IPR) enforcement. When it enters into force with all participants, ACTA will formalize the legal foundation for a first-of-its-kind alliance of trading partners, representing more than half of world trade.

Read the rest of this entry »

The information below is an update to the following blog posting: How Will ICANN’s Newest Domain Name Program Affect Your Company’s Brand?

Trademark owners outside of the adult industry may sign up with ICM Registry to block trademarks from showing up on its new .XXX gTLD. Trademark owners have been making several common errors when applying for a .XXX gTLD.[1] If your company plans on submitting an application before the Sunrise B October 28, 2011 deadline, keeping these mistakes in mind can help you avoid paying multiple fees and having to reapply.[2]
Read the rest of this entry »

Internet Corporation for Assigned Names and Numbers (ICANN) has instituted a new generic top-level domain (gTLD) program that will create a means for prospective registry operators to apply for new gTLDs, and create new options for consumers in the market. Every domain name around the world ends with a top-level domain (TLD); these are the two or more letters that come after the dot following a web address. Read the rest of this entry »

Excellent overview of recent landmark phishing case along with joint NAFCU-Cyveillance podcast: http://blog.nafcuservices.com/2011/08/23/landmark-legal-case-if-your-members-have-been-phished-your-credit-union-may-have-to-pay/

A targeted scam or “Spear Phishing” attack making the rounds today invokes the National Security Agency and takes advantage of recent news about a hack of RSA’s two-factor security tokens. Cyveillance has now captured examples and reports of several variants of this email, most sent under the subject lines “Token Code Update” or “Security Token Update”. Read the rest of this entry »

If there’s any message you should take away about utilizing social media in a secure manner, it can be summarized in one word: education. Read the rest of this entry »

As reported in the upcoming release of the Cyveillance Intelligence Report, overall phishing attack volume declined during the second half of 2010 compared to the first half of the year, averaging over 19,000 confirmed, unique attacks per month. However, the level of sophistication and emphasis on targeted attacks continues to rise. As a result, despite the number of attacks going down, the ability of phishers to be successful has risen significantly as evidenced by the growing number of spear phishing attacks and Advanced Persistent Threats (APTs) reported during the half.

The amount of attacks seen monthly is down compared to the first half of the year and could be related to the recent decline in spam, but the overall volume confirms that the problem of phishing is still easily one of the top threats on the Internet. Specifically, the use of more sophisticated and targeted attacks result in greater success and lucrative opportunities for online criminals. A recent story regarding socially-engineered attacks against High Value Targets (HVTs) in the Canadian government provides a great example of the danger this new breed of attack poses to organizations.

Organizations should continue to monitor for suspicious activity related to the attack described in the article above as well as educate their users on the latest threats that plague the Internet. Users can minimize the potential for falling victim to email and Web-based attacks by never clicking on links within emails and only accessing their online applications through known Web sites and pages.

Recent law enforcement activity against a couple of high profile Russian cyber criminals reminds us that while some major cyber criminals continue to act with impunity, it appears that progress is being made on some fronts.

Cyveillance recently asked the United States Embassy in Moscow to comment on cooperation between our countries in the fight on cybercrime for publication on CyveillanceBlog.com. Below, the responses to our inquires from the U.S. Embassy in Moscow:

Cyveillance: Is there regular dialogue between the American and Russian governments at the diplomatic level on the topic of international cybercrime? If so, how often does such engagement occur?

U.S., Embassy in Moscow: Yes, on more than one level. For example, there is ongoing dialogue between U.S. and Russian diplomats concerning matters of Internet governance, of which law enforcement efforts against cyber crime are an integral part. These discussions typically occur in a multi-national setting such as the United Nations. Additionally there is ongoing dialogue and cooperation between our respective investigators on particular cyber crime cases. This dialogue occurs in several ways, including through periodic face-to-face meetings several times per year. In some instances, these discussions focus on a particular area of cyber crime. For example, there is a bilateral United States – Russia IPR Working Group which meets regularly to discuss issues related to intellectual property protection, including in cyber space, with special focus on enforcement.

Cyveillance: With the shutdown Russia-based Spamit this fall and the investigation into the activities of alleged spammer Igor Gusev, it appears Russian authorities may be taking steps to curtail cybercrime. From the U.S. Embassy in Moscow’s perspective, are these isolated incidents or does it appear that there may be a shift in the climate for cybercriminals in Russia?

U.S., Embassy in Moscow: We are hopeful that these examples mark the beginning of the creation of a much more difficult environment for cyber criminals, not only in Russia, but worldwide. As you know, cyber crime transcends national boundaries not only in the perpetrator-victim sense, but also in the sense that members of the same cyber-driven criminal organization are often based in several countries. It is more important than ever that each nation take steps to clamp down on cyber crime.

Cyveillance: Russia traditionally enjoys a population that is well educated in math and engineering. Some authors suggest that the lack of opportunities in traditional business environments may tempt talented programmers into criminal activity. Is the State Department aware of any formal efforts that will help encourage Russian technologists to pursue legal opportunities using their skills, as opposed to those offered by cybercrime?

U.S., Embassy in Moscow: President Medvedev has made technological development a very high priority in his administration’s vision for the future of Russia. One example of this is the plan to develop a cyber industry, along the lines of Silicon Valley, based in the town of Skolkovo near Moscow. The prioritization of economic development in the tech sector, provided it is coupled with a strong law enforcement response to cyber crime, should incentivize individuals with technical skills to seek legitimate career paths.

Cyveillance: While there have been some recent notable exceptions, Western cybercrime researchers and even some in law enforcement sometimes feel that Russian cybercriminals are out of reach and enjoy a de facto immunity from prosecution. What is the State Department’s position on the amount and quality of cooperation received from Russian officials in international cybercrime investigations?

U.S., Embassy in Moscow: There has been some cooperation on cyber crime matters, but there is a need for far more. That is an overarching goal of the ongoing dialogue between our countries on these issues. Certainly, enhanced cooperation in this area would support the goals announced by President Medvedev for technological development in Russia, as those who consider investing in that development will expect a consistently strong law enforcement response to cyber and other crimes to protect their investments.

Cyveillance: From the State Department’s perspective, how much of American success in combating cybercrime of Russian origin is amenable to American law enforcement’s efforts? Are there inroads that remain to be made at the diplomatic level first?

U.S., Embassy in Moscow: The United States plays a leadership role in combating cyber crime, but no one nation can tackle this multi-national problem. The United States has law enforcement partnerships around the world with dedicated and highly professional counterparts in the area of cyber crime. We are striving to strengthen our partnership with our Russian counterparts in this area, which is certainly in our mutual interest.

Cyveillance: Is there anything else the State Department thinks cybercrime researchers or the general public should know about efforts to combat cybercrime in Russia?

U.S., Embassy in Moscow: Cyber crime presents complex problems that require a complex, multi-faceted response. This includes coordinated efforts not only by the governments of the United States, Russia and other countries, but also by those in industry and academia. We appreciate the opportunity to participate in this important dialogue.

Many thanks to U.S. Embassy staff for taking the time to answer our questions.

For more information or to download the report, please visit this press release.

Link