Agape Blog

Online frauds and cyber crimes are causing enormous loss to many businesses. Given below are the links that focus more on the increasing problem in the cyber space.

1. Aviad Ofrat, CEO of Cellebrite discusses about mobile forensics as well as the Universal Forensic Extraction Device. Read more

2. RM3 billion lost to fraud: a loss that reflects the size of the problem for businesses regardless of size. Read more

3. Most UK individuals prefer to report online fraud directly to a dedicated e-crime agency. A thing that surely needs to be learned from the Brits. Read more

SalvationDATA is now redesigning its HD HPE PRO to HPE SP. This new product, maintains all its original capabilities, allows you to work on hard drives with spacers. Also it will have one “head comb” added to the HPE SP for separating multiple heads when the head stack replacement takes place (much easier than using the original plastic separator). The team at SalvationDATA have been working on it for a period of time, and hopefully they will have it released on in November 2008.

Anyone who is interested in this new product and wants to purchase or know more about it or have any suggestion on this new tool can contact SalvationDATA.

Online frauds have increased and continues to increase at a rapid rate. One of the ways that the spammers have adopted recently is by targetting the social networking sites.

Initially, Orkut was a very large breeding ground for virus attacks. But now it has moved to MySpace and Facebook. In what is seen as a first-of-its kind attack on the social networking site Facebook, spammers have begun using two internet protocol (IP) addresses to infect unsuspecting users with a Trojan virus. The virus is disguised in a manner that entices the user as it is masquerading as official emails sent by the popular Web 2.0 social-networking site. When a user is added to another user’s friend list on the social network, as protocol Facebook sends an email to notify their users of this. However, the spammers included a zip attachment that purports to contain a picture in order to entice the recipient to double-click on it. The attached file is actually a Trojan horse, which is a virus that can corrupt the hard disk of the victim. This email is sent from a domain that closely resembles facebookmail.com, an official domain used by Facebook to notify its users.

One IP address is used to send the spam, while the other directs the user to attack site. This makes it difficult for the site vendor to block the malicious spam easily. Earlier, when spammers used one IP address to launch a spam or phishing attack, vendors found it easy to block the lone address. But with two IP addresses being the norm of the day, it is an indication that the spammers are now more sophisticated in their modus operandi.

Cyber crime is up again for 2007. Hardly news, of course; it is no secret that this plague is spreading farther and deeper by the hour. And same as last year Internet Auction Fraud continues to lead the peak of Cyber crimes with a percentage of 35.7%, according to Internet Crime Complaint Center (IC3).

What far too many users fail to realize is that when something is purchased via an Internet auction, it is not bought from the auction house (say eBay or Amazon) but from an individual or company. The auction site - acting as a go-between - merely provides a forum where individuals can trade with one another, and it usually adopts - and prominently displays - a firm policy of washing their hands of legal responsibility for any loss suffered from using their service.

Once the bidding has concluded, the payment for and delivery of the goods bought and sold is negotiated between the purchaser and seller. If the item is not delivered after it is paid for or is not what was represented on the auction site, the auction house will not refund any money. It is up to the buyer to approach the seller to negotiate a fair and proper settlement.

Therefore, keep the following in mind when dealing with on-line auctions, or whenever you buy anything online:

1. Understand as much as possible about how the auction works.
2. Find out what actions the web site/company takes if a problem occurs.
3. Learn as much as possible about the seller apart from an e-mail address. Use Search Engines, ask references, clarify from partners of the seller, etc.
4. Examine the feedback on the seller. From previous customers or testimonials or from known sources.
5. Determine what method of payment the seller is asking from you and where he/she is asking to send the payment.
6. Make sure the online payment system is SSL certified.
7. Look out for the settlement conditions if a problem occurs with the auction transaction. Carefully read Conditions of Use and Privacy Notice.
8. Ask the seller about when delivery can be expected and the warranty conditions.
9. Find out if shipping and delivery are included in the auction price.
10. Never give out your Social Security Number to the seller.

The date was 26 October 2008 and the time was 19:00 hrs. Whats that? Well that was the time when we launched the Beta version of our or should i say India’s first and best Mobile phone recovery tool. Its called as AgapeMobiTool. AgapeMobiTool is forensically valid software for acquiring & decoding data stored in Mobile phone & SIM. It maintains chain of events to find information from a device for investigation purposes.

Individuals who are interested in testing the demo version are FREE to download it from the link given below.

Download Link: AgapeMobiTool Beta version

Currently the demo version is a 7 day trial version which can be used for a maximum of 5 times. Here are some quick features of AgapeMobiTool:

1. Acquisition of data from 2G and 3G GSM/CDMA SIM cards including text messages, phonebook, and call logs.
2. Recovers deleted data from GSM/CDMA SIM cards.
3. Supports with Infrared, Bluetooth & Serial Cables.
4. Acquisition of data from mobile phone memory including pictures, videos, audios, themes.
5. Text, Hex & ASCII data viewing options available.
6. Generates report using XML style sheet.
7. Data acquisition rate for SIM is about 4kbps.

Soon, AgapeMobiTool will be released in Enterprise, Professional & Standard edition with a forensic kit that will be consisting of all the components that are required for the investigation process.

With the arrival of various internet based applications which allow people to express themselves, the web has definitely become democratic. But using the same for carrying out personal or malicious activities, and that too using your office computer can land you in deep trouble. With companies using special softwares to monitor everything, the employees feel paralyzed, as every activity of theirs  is tracked. It becomes a debatable topic on who is right and who is wrong. And are such monitoring softwares really required, and if yes how should they be used so that the employees do not feel as though someone is watching them.

I have written an article which provides answers to all such questions. Here is a link to the same:

Having focused on DNA forensics last week, this week i am presenting links that highlight more on the importance of other methods of forensics and how to make maximum use of forensics in crime investigation.

1. Can a forensics consultant rip off government? Thats what the Punjab government feels while establishing the Forensics Science Agency (FSA). Read more.
2. Data recovery is the process of retrieving computer data that, for any number of reasons, has become inaccessible using normal methods. In such cases some special methods are used to recover the data. Read more to know such methods.
3. Investigating Digital Crime. This is a book written by Robin Phillip Bryant in which he introduces comprehensive ways focusing on how criminals have adapted digital technologies. Rob Harle presents his review on the same. Read more.

Is it really possible to catch an email stalker? What if they use an anonymous email account like Gmail or Yahoo? What if they are really computer savvy? Is it still possible? The short answer is Yes. An email stalker can be caught.

The first thing you must realize about an email stalker is that they want you to know who they are. So the typical email stalker will take steps to cover their tracks. They may use free anonymous accounts with fictitious information and even proxy servers or IP spoofing. But one thing they cannot hide is their obsessive compulsive antisocial behavior that causes them to stalk you in the first place. Make no mistake to take this casually as such behavior should be taken seriously. And that same abnormal behavior of the stalker can be predicted and used to trap them into revealing their identity.

If you are a victim of an email stalker then the last thing you should do is ignore it and hope it goes away. If it doesnt, you should consult an expert as nailing the stalker is risky and not any individual can do it. In this type of situation trained investigators experienced in tracking down and identifying cyber stalkers can use the predictable behavior of the obsessive stalker to set traps and trick the stalker into revealing themselves.

The digital age has brought many advantages to individuals and businesses alike since it started. However, it has also brought a whole host of problems with it as well. More people can tap into technology for fraudulent or criminal means, which has, of course, made business far more vulnerable than it ever has been before. This is why the idea of using digital forensics in the public sector has become more and more prevalent over the past few years.

Specialists in digital forensics can determine whether any incident of misuse or criminal activity has taken place on a computer which enables the company and the police if necessary to take the appropriate action. Outsourcing such work is actually more cost effective than running internal departments.

It is not just employers that may benefit from digital forensics in the public sector today though. It may also help employees to prove their innocence in terms of an allegation that has been made and has essentially been reason for the termination of employment.

Did you know that Data loss is now being reported almost on a weekly basis. And our natural assumption is that the cause of these breaches is due to criminal or malicious intent. Of course, this is one of the reasons but have you ever considered that with more flexible and mobile working conditions, employees are putting data at risk too.

With companies facilitating their employees with the ability to work from home can lead to serious threats to sensitive data. Imagine what would happen if:
1. An employee leaves his or her laptop on the reception after a long day out seeing customers?
2. A memory stick falls out of the pocket of an employee while catching the last train.
3. A kid of an employee sends a drafted email to unwanted recipient.
4. Or maybe the kid deletes some important data accidentally?

So the obvious question is: How can technology be adopted to protect the company’s assets but at the same time not impact upon the employee’s productivity? To answer this and many other related questions, Julian Jago, security solutions director, Netstore will be addressing via a webcast today. The time for the same is 14:30 - 15:30 (UK Time).

Registration for the webcast is free and Paul Fisher would be chairing the discussion.