Agape Blog

With the ongoing cyber related threats turning bigger, more sophisticated and deadlier, it is time to rethink & relook every single click you make while surfing on the Internet.

It is critical to know these lurking threats so that you don’t fall prey to scamsters and fraudsters and compromise your security and money. Below is a list of some of the common tricks played by scammers.

1) `You have not paid for the item you recently won on eBay. Please click here to pay.’
2) `You’ve been let go. Click here to register for severance pay.’
3) `This mail is (name of the person) from tech services. Your PC is infected.’
4) `Someone has a secret crush on you! Click on this link to find who it is!
5) `Did you see this video of you? Check out this link!’
6) `Please confirm this order’
7) `Check out our new Discount menu’
`I’m traveling and I’ve lost my wallet. Can you wire some money?

For detailed information visit http://infotech.indiatimes.com/quickiearticleshow/4249057.cms

Travelers are especially vulnerable to hackers because they often use computers and Wi-Fi networks in hotel lobbies, cafes and airports.

Here are some steps you can take to protect yourself:

Create a strong password. As e-mail is easier to hack with weak password.

Another solution is to create a dedicated e-mail account for use on the road, with a password that is different from passwords you use for bank and credit card information. Let your contacts know you’ll be using that account while on vacation. You can stay in touch, but if someone does hack into your account, they only get your vacation pictures.

If using a shared computer, try to cover your tracks. On Microsoft’s Explorer, when you log off, go to “Tools” and “Delete Browsing History” to remove traces of your passwords and the Web sites you’ve visited.

Sniffing a wireless network is really easy to do — any teen in junior high can do it. Such vulnerabilities can yield mayhem with attacks known as “Packet Sniffing,” ”Man in the Middle” attacks and “MAC Spoofing.”

Also when you are using your laptop in a public place, you obviously want up-to-date security programs.

You should also disable file-sharing on your laptop, and also a good idea to turn off Bluetooth, printer-sharing and disable ad hoc network connections.

You should not send any sensitive data while in travelling. That’s because many e-mail services and browser connections essentially broadcast in the clear, meaning someone can eavesdrop on information sent to and from your computer. If you want to be careful, that means avoiding banking, shopping and checking credit card accounts. Even though these sites usually encrypt your data, there are some workarounds a determined hacker could use.

If you want to take your computer security a step up, consider a VPN, or Virtual Private Network i.e. it’s a tunnel, where all your communication is encrypted. A passive attacker can’t intercept.

Anup Srivastava
Executive: Fraud Management Services
Agape Inc

Have you heard of this? A number of scams are coming to light now-a-days through the web. One of them is known as the Craigslist scam. Craigslist is a centralized network of online communities with free online classified advertisements like jobs, housing, personals, for sale, services, community, gigs, résumés, and great resource for selling things, finding apartments, locating services and meeting people etc. It is an upcoming and a great service but it never comes with some risk. If you deal with people you aren’t meeting face to face you risk getting scammed.

The buyer and seller on Craigslist are not alert to the danger or deception. Most of these scams follow the same pattern that we see on eBay and other online auction sites. Try posting some easily-mailed valuable item for sale and the first response you get will probably be someone trying to trick you into believing it’s true.

Advice on avoiding scams to people using Craigslist service-

• Deal locally with folks you can meet in
• Never wire funds online, money gram or any other wire service - anyone who asks you to do so is a scammer.
• Fake cashier checks & money orders are common, and banks will cash them and then hold you responsible when the fake is discovered weeks later.
• Never give out financial information (bank account number, social security number, eBay/PayPal info, etc.)
• Avoid deals involving shipping or escrow services and know that ONLY A SCAMMER WILL “GUARANTEE” YOUR TRANSACTION.

Michelle Mitra
Executive: Fraud Management System
Agape Inc

Fraudulent activities (Lottery Scam E-mail) on the Internet are increasing with an alarming rate. However, you must always be aware of the existence of fraudsters on the Internet - cunning operators completely focused on financial gain and their tactics vary.These are frequently circulated with the Purpose to :

1). Persuade the victim to part with personal information to allow the scammers to carry out Identity Theft.
2). Persuade the victim to part with money as an up front payment in order to release a winning Lottery prize which does not exist.

The following points are some tips to look for in order to identify and avoid lottery fraud and scams :
• You did not buy a ticket.
• You are asked to pay money up front for fees or taxes in order to release your “win.”
• You do not live in the country and you are not a citizen of the country of that lottery.
• You are normally asked to contact an “Agent” or “Processing Officer”
• Contact email addresses may be used that are obviously not from a company, such as blahblah- lotto@hotmail.com - How many legitimate companies do you think would use that type of email for their business?
• You are told you must reply within a given time or the money will be given to someone else.
• Spoof websites can be difficult to spot.
• To convince the recipient, emails attached with fake Winning Certificate on behalf of Beneficiary

The following are a few suggestions on how to protect yourself.
• Never provide personal or financial information.
• Don’t be drawn into making an ‘up front’ payment for a lottery prize that probably doesn’t exist.
• Beware of links which could lead you to so-called ‘spoof sites’ set up to extract information from you, like updating personal records which could provide the means to reach or even access your account.
• Whenever you want to discuss your account with e-lottery, we will always verify your identity by asking specific security questions. Our customer care team do not have access to your full password.

So if you ever have any doubts about an email – Be Careful. If you ever have concerns about lottery scams don’t hesitate to CONTACT US ON OUR 365*24*7 TOLL FREE NUMBER at 1800 209 6789 (For India Only) Or visit us at www.agapeinc.in. We are always here to help you.

Jayesh Bellani
Executive: Fraud Management System
Agape Inc

If you should ever be forced by a robber to withdraw money from an ATM machine, you can notify the police by entering your PIN in reverse. Though it hasn’t been tried in many places, this technology if present will help the banks and its customers.

Let’s say for example, if your pin number is 5678 then you would put in 8765. The ATM recognizes that your pin number is backwards from the ATM card you placed in the machine. The machine will still give you the money you requested, but unknown to the robber, the police will be immediately dispatched to help you.

Now the question arises that 1) what if the pin number happens to be a palindrome? Say 3333, 1221, 6226 and so on. 2) what if the ‘reversed’ pin happens to be somebody else’s pin. 3) Even if the police is dispatched for help, it would take them some time to get to the ATM and by then the harm would have been done. 4) ATM machines are not that intelligent to recognize whether a pin has been reversed entered; it only recognizes the correct pin matching the card.

Each card is paired with a unique pin number, entering the wrong pin would clearly not be matching with the card and therefore no transaction would go through.

Sherwin Azavedo
Manager: Cyber Crime Complaints
Agape Inc.

In wake of cyber terrorism, US President Obama stated last June in its new cyber security plan “The new approach starts at the top, with the commitment from me: From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be, as a strategic national asset,” in his briefing he said “Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy, and resilient. We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage”. Obama noted that cybersecurity is a “matter of public safety and national security”.

A month after his declaration, many government and some other websites in the US & South Korea have been crippled by a distributed denial of service attack. What’s interesting is the way the virus seemed to succeed in an unexpected way by sending erstwhile allies. The attack was largely built from the MyDoom virus, first exposed in 2004, so presumably the cadre of infectable machines was low (some 50,000 to 65,000 machines were infected), and seem to be located mainly in China, Korea and Japan. The purpose of most “Distributed Denial of Service” attacks is to create nuisance.

Investigators in the U.S. face a steep task in trying to trace the attack to its source. The assault involved more than 1,00,000 zombie computers (it is a a home-based PC that a remote attacker has accessed and set up to forward transmissions including spam and viruses to other computers on the Internet) linked together in a network known as a “botnet.” Most of those computers were in South Korea, but others were in Japan, China, the U.S. and possibly other countries. The assault began July 4 and targeted dozens of government and private sites in the U.S., including some federal agencies that were shut down for days. Treasury Department and Federal Trade Commission Web sites were knocked out by the blizzard of digital requests.

The officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved the Pyongyang government.

It’s a high time that need compulsory & requisite attention on cyber security to protect the confidentiality, integrity, and availability of information in today’s highly networked systems environment.

To log online Cyber Crime Complaint call our Toll Free No. at 1800 209 6789 (For India Only) Or visit us at www.agapeinc.in.

Jayesh Bellani
Executive: Fraud Management System

What to do if there is a need to conduct a forensic investigation on iPhone device? In view of the fact that the iPhone is quickly becoming the market leader in mobile devices, the need for law enforcement agencies to perform forensic analysis of these devices is beginning to surface. It incorporates desktop-like features in an easy-to-use mobile package as a result of which many are likely to use it as a primary device for various forms of data and communication.

The wide availability, popularity & the expanding capabilities of iPhones make them attractive weapons to perpetuate an attack. This is fueling a discussion about how to deal with these devices when it comes to forensic investigations since existing forensic tools are miserably missing their skill to perform deep level of recovery. The object is to pinpoint that digital evidence can be easily modified, and the tricky step to make sure, your panel is taking suitable steps in the handling of the device. At this time, this area appears to by lacking for solutions.

Agape Inc put forward “Agape I-Phone Restore” which is specially dedicated software tool for iPhones that allows for the extract, decode, analyze and reporting of data. It extracts the data from 2G & 3G iPhone. It offers helpful features as follows:-

• Data integrity reserved by SHA512 to make use of proof in court of law purpose

• Performs bit to bit data acquisition

• Data recovery of entire raw user disk partition

• Extract voicemail, images, email, and other personal data

• Extract map lookups, cache, and other data stored in file system

• Extract complete system files from iPhone

• Extract address book, text messages, media files, and all other possible data from iPhone database

• Supports Text & ASCII data viewing

• Generate report in XML and HTML format

• Support Windows 2000, XP, Vista

For Further Product Information & price information mail us at: info[at]agapeinc.in (replace [at] with @) or visit us at www.agapeinc.in

To log online Cyber Crime Complaint call our Toll Free No. at 1800 209 6789 (For India Only)

Jayesh Bellani
Executive: Fraud Management System

Agape Inc, India’s first ever cyber forensic company launches Tech Pathways for Indian Market. Technology Pathways is a leading edge provider of computer security tools and services for the Corporate IT, government and legal communities.

This launch will underscore the ongoing commitment of Agape Inc to provide expanded services within its products and services as new security standards and methods evolve.

The ProDiscover® family of security products combines high quality, performance, and ease of use at affordable prices Technology Pathways provides products and services for:
• Incident Response - Quickly investigate and positively determine if any compromises have been made to your systems as the result of an incident – without taking your system out of service.
• System Audits – Effectively audit systems throughout the network to insure that they have not been compromised
• Internal Investigations – Investigate and monitor internal computer systems to insure compliance with the law or corporate policies.
• Computer Forensics – Thoroughly examine all data on a computer system, locate any evidence that is stored on that system and safely preserve that evidence for use in a court of law.
• Digital Discovery – Find and produce evidentiary quality electronic documents for civil proceedings.

For Further Product Information & price information mail us at: michelle[at]agapeinc.in (replace [at] with @).

To log online Cyber Crime Complaint call our Toll Free No. at 1800 209 6789 (For India Only)

Jayesh Bellani
Executive: Fraud Management System