The frustrating thing about identity theft is that you may have done your best to prevent it, but because of a careless oversight or a foolish act, you may have helped an identity thief to march off with your particulars and also your money.

Different Types And Different Consequences

Of course, not all identity theft is the same and it can also occur in different ways and affect you in different ways. However, it basically involves having some unauthorized person or persons making off with your method of identity or your ID which is then used to impersonate you. The graveness of this problem can best be seen when one considers that there are at least, it is believed, over ten million Americans that have had their identities stolen.

The different types of identity theft include acts of a criminal nature and also, frauds committed to rob you off your money. In the case of a criminal act, the identity thief will use your identity to commit an act of illegal nature including a terrorist strike, or obtain a permit in your name, or even use your identity to leave the country.

Criminal acts also involve laundering of money, taking part in organized crime as well as indulging in cyber crimes, and in addition, identity theft can also allow the identity thief to take part in smuggling of narcotics and even indulge in human trafficking.

The other consequence of identity theft is committing acts of fraud including bank fraud, credit card fraud as well as other kinds of frauds that result in significant financial losses to the victim.

Having understood the dire consequences that you will have to face if you allow identity theft to affect you, it is in your best interests to do all that is required to prevent such from happening. To begin with, you should not keep documents such as bank statements, and other pieces of paper that contain your personal information lying about where a thief can get hold of them. Instead, you should ensure that these documents are shredded after they have ceased to be of any use to you.

Another no-no is divulging your personal information to anyone who tries to elicit such information in different and very clever ways. Mostly, it is never necessary to provide your personal information to anyone and if you receive solicitation from a bank purporting to need your personal information, you should never fall for this simple ruse.

Also, you should ask for a Credit Report and go over it with a fine comb to see whether there are any suspicious transactions on it. In case you notice something wrong you should report the same and initiate action at the earliest to rectify the situation.

*** This article was reprinted from ArticleFestival.com

Word of advice: Do not open the attachment. Delete the email permanently.

SANTA CLARA, Calif., March 31 /PRNewswire-FirstCall/ — McAfee, Inc. today announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, participants from around the world — ranging from homemakers, government executives, and students to retirees — will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at http://www.mcafee.com/spamexperiment.

With a proven link between spam and cybercrime, the experiment aims to show the devastating effects of spam.

“Spam isn’t just a nuisance. It’s a tool used by cyber criminals to steal personal and business data,” said Christopher Bolin, chief technology officer for McAfee. “And, as scammers become more adept at writing spam in local languages it’s becoming more difficult for Internet users to detect spam. It’s vital that computer users understand the risks of leaving their computers unprotected.”

Cybercriminals use spam to take control of millions of compromised computers around the world. Spam emails entice individuals at work and at home to handover sensitive information — and even cash — to criminals.

“Cybercrime won’t go away without solving the problem of spam,” said Dave DeWalt, chief executive officer for McAfee. “McAfee is leading the fight against cybercrime and spam. This experiment will raise awareness of the problem by showing that a 30-day diet of spam is bad for your online health.”

S.P.A.M. Experiment participants are from ten countries spanning the globe, including Australia, Brazil, France, Germany, Italy, Mexico, the Netherlands, Spain, the United Kingdom and the United States.

To track the daily progress of the S.P.A.M. Experiment and read reports from the participants, please visit http://www.mcafee.com/spamexperiment.

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. It delivers proactive and proven solutions and services that secure systems and networks around the world, allowing users to browse and shop the Web securely. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector and service providers by enabling them to comply with regulations, protect data, prevent disruptions, identify vulnerabilities and continuously monitor and improve their security. http://www.mcafee.com.

McAfee is a registered trademark of McAfee, Inc., and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-McAfee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners. (C) 2008 McAfee, Inc. All rights reserved.

Source: http://money.cnn.com/news/newsfeeds/articles/prnewswire/AQM08131032008-1.htm

Consider this.

When an email is sent out by spammers to your email address, they do not really have any idea if it is valid or not. Your email address could just have been harvested from sites all over the internet where you signed in public message boards with your real email address, included in a list sold by a mailing list organization, stolen from unprotected computers using a virus where your email address is in other users’ address books, grabbed from a chain-letter type email with bulk email addresses, etc.  Spammers do not really know which of the millions of addresses on their lists are real or fictitious, and which are active or inactive. They send their messages using a scatter-gun approach trying to play lucky and hoping to hit the jackpot.

Then, you send the spammer a ‘remove me’ message. How delighted must the spammer be, receiving your ‘remove me’ request.

Now he knows your address is real. And that’s what he has been waiting for. You’ve just rewarded the spammer for his illicit activity.

By sending back a ‘remove me’, ‘unsubscribe’, or ‘opt-out’ request, you are confirming to the spammer that your address is valid and live, you are confirming that your ISP doesn’t use spam filters, and you are confirming that you actually open and read spams.

To the spammer’s eyes, you are a sucker, the perfect candidate for more spam. And you have just become the darling of spammers. A live and valid email address sells at a premium as a “confirmed deliverable” address to other spammers.

You don’t want to end up on endless spammers’ lists? Then, do not (repeat, do not) confirm to the spammer that your address is real and working. Do not send ‘remove me’ requests to spammers.

The most common type of spam is advertising-related accounting for roughly 36% of  all spam messages. This is followed by adult-related in subject (31.7%) and  finance-related (26.5%) of spam emails.

Scams and fraud-related emails comprise make up 2.5% of unwanted emails. Of this, identity theft, also known as phishing, makes up 73% of the figure.

Anti spam measures such as spam blockers provide some hope in the fight against unwanted email. In fact, MSN alone blocks some 2.4 billion spam emails every day. Similar technologies are employed by other companies like Yahoo and Google to block spam emails from entering their members inboxes.

How many emails are sent per day?

It is nearly impossible to know exactly how many emails are sent daily.

Quoting a CNN article which referred to an International Data Corporation (IDC) projection for 2005 of emails sent in excess of 36 billion per day, a Yahoo.com columnist wrote:

“But in 2003, the IDC reported that 31 billion emails were already being sent daily, and they expected the number to double by 2006…. As best as we can figure then, the number of emails sent each day… may be approaching 62 billion.”  #

I refer to being in a mailing list of someone, supposedly a friend, who appears to get a kick out of showing that s/he knows many people by the number of email addresses in the To: or Cc: field.

By entering bulk email addresses in the To: or Cc: field, the recipients online security is compromised. Knowing that email messages are not secure and could easily be intercepted while in transit, these are the type of emails that delight spammers. (Not to mention that malicious programs could be embedded onto emails that could easily grab email addresses while in the Inbox and siphoned to the programmers database.)

And what makes this worst is the practice of forwarding email messages to others without even scrubbing the email addresses shown in the previous message.  I think you’ve seen this type of forwarded messages. Jokes. Chain letters. “Feel good” emails. Even hoaxes of supposed virus outbreak, etc.

This practice should be banned. It is senseless, inconsiderate and plain stupid. It does not only feed to spammers the recipients email addresses, but the practice in fact is a breach of privacy.

How many times have we seen the names of people and their addresses in forwarded messages that we do not even know? Come to think of it. Did those people give their consent to have their email addresses be made known to others they do not even know?

Next time you think of emailing friends, please think of their online security and privacy. Be a true friend! Do not feed your friends to spammers!

For those who still subscribe to that definition, think again. The content or resulting benefits of the bulk email are not relevant. These days, it is not content but consent.

Here’s an article from the Spamhaus Project:

“The word ‘Spam’ as applied to Email means Unsolicited Bulk Email (’UBE’).

Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content.

A message is Spam only if it is both Unsolicited and Bulk.

- Unsolicited Email is normal email
(examples: first contact enquiries, job enquiries, sales enquiries)

- Bulk Email is normal email
(examples: subscriber newsletters, customer communications, discussion lists)

Technical Definition of Spam

An electronic message is ’spam’ IF:

(1) the recipient’s personal identity and context are irrelevant because the message is equally applicable to many other potential recipients;

AND

(2) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent.

Spam is an issue about consent, not content. Whether the UBE message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant - if the message was sent unsolicited and in bulk then the message is spam.

Spam is not a sub-set of UBE, it is not “UBE that is also a scam or that doesn’t contain an unsubscribe link”, all email sent unsolicited and in bulk is Spam.

This distinction is important because legislators spend inordinate amounts of time attempting to regulate the content of spam messages, and in doing so come up against free speech issues, without realizing that the spam issue is solely about the delivery method.

Important facts relating to this definition:

(1) The sending of Unsolicited Bulk Email (’UBE’) is banned by all Internet service providers worldwide.

(2) Spamhaus’ anti-spam blocklist, the SBL, used by more than 900 Million Internet users, is based on the internationally-accepted definition of Spam as ‘Unsolicited Bulk Email’. Therefore anyone sending UBE on the Internet, regardless of whether the content is commercial or not, illegal or not, needs to be fully aware that (A) they will lose their Internet access if they send UBE and (B) they will be placed on the Spamhaus Block List (SBL) if they send UBE.

Various jurisdictions have implemented legislation to control what they call ’spam’. One particular example is US S.877 (CAN-SPAM 2004). Each law addresses ’spam’ in different ways, and as a consequence, often has different definitions of what they cover, whether they call it ’spam’ or not. Spamhaus uses the industry standard “unsolicited bulk email” definition which underlines ‘it’s not about content, it’s about consent’. As such, arguments as to whether UBE messages are covered under CAN-SPAM or are compliant with CAN-SPAM, are entirely irrelevant.”

*** Reproduced with permission from Spamhaus Project at http://www.spamhaus.org/definition.html

The articles deal with topics like:

1. Where do spammers get my address?

2. What should I do to avoid spam?

3. I’m already on the spammer’s list. What can I do to stop it?

Although it’s next to impossible not to be spammed, we can at least try to minimize the risks of being spammed by observing the following rules:

1. Do not put your email address on a web page, especially in “mailto:” links. While there are some services available that claim to be able to generate HTML that creates mailto links that spammers cannot collect addresses from, the effectiveness of these techniques is highly questionable, and assumes that spammers and the people who write their software have brains smaller than that of a turnip. While it is attractive to believe that this is true, it is most likely not.

2. Avoid IRC, or if possible use a false user name while connecting to IRC. Note that this may be a violation of the IRC server administrator’s policy, so check this before you connect using a false user name.

3. Instant messaging services usually have several privacy settings, some of which may make it harder for spammers to find you - check with the documentation for your instant messaging software to see what privacy options are available.

4. If you participate in web based discussion groups, make sure you use a false email address.

5. If you participate in a mailing list, there may be nothing you can do to stop a spammer from getting your email address from that list. Spammers can sign up to mailing lists just as easily as you can, and if they do, they can get your address from any message you send to the list. You cannot use a false return address in email, because many things simply won’t work - for example, if you mistype the recipients address, you will never know your message didn’t make it. The only real options here are to not participate at all, or to accept the fact that you may be spammed as a result.

For more tips on how to avoid being spammed, visit the CAUBE.AU at http://www.caube.org.au/avoid.htm or http://cauce.org/archives/51-Is-there-any-way-to-make-them-stop.html

1. Leo Kuvayev / BadCow (Russian Federation)
Russian/American spammer. Does “OEM CD” pirated software spam, copy-cat pharmaceuticals, porn spam, porn payment collection, etc. Spams using virus-created botnets and seems to be involved in virus distribution. Partnered with Vlad - aka “Mr. Green”

2. Alex Blood / Alexander Mosh / AlekseyB / Alex Polyakov (Ukraine)
So many Alex & Alexey spamming! Alex Blood tied to Pilot Holding & bbasafehosting.com long ago, then Alex Polyakov posted he owned them. Massive botnet and child-porn spam ring, also pharma, mortgage, and more. May work with Kuvayev and Yambo.

3. HerbalKing (India)
Massive affilitiate spam program for snakeoil Body Part Enhancement scams. Also does replica luxury goods, pharma and porn. Spams via botnets, bulletproof hosting offshore and even sometimes uses fast flux hosting.

4. Vincent Chan / yoric.net (Hongkong)
Vincent Chan and his Chinese partners have been sending spam for years. They mainly do pharmacy, and are able to send out huge amounts daily. The use a vast amount of compromised machines, for sending, hosting and proxyhijacking.

5. Nikhil Kumar Pragji / Dark-Mailer (Australia / Queensland)
Through the Dark-Mailer Windows based proxy-botnet based spamware, this spammer is responsible for and behind a large portion of the world’s illegally send spam.

6. Ruslan Ibragimov / send-safe.com (Russia)
Stealth spamware creator. One of the larger criminal spamming operations around. Runs a CGI mailer on machines in Russia and uses hijacked open proxies and virus infected PCs to flood the world with spam.

7. Pavka / Artofit (Russia)
A Russian gang who have been spamming for years. Started with porn, now into many types of spam, always via hijacked PCs. Part of a large criminal group involving ROKSO spammers Leo Kuvayev & Alex Blood. Also see “Yambo Financials” ROKSO.

8. Russian Business Network (Russian Federation)
Among the world’s worst spammer, child-pornography, malware, phishing and cybercrime hosting networks. Provides “bulletproof hosting”, but is probably involved in the crime too.

9. Yambo Financials (Ukraine)
Huge spamhaus tied into distribution and billing for child, animal, and incest-porn, pirated software, and pharmaceuticals. Run their own merchant services (credit-card “collection” sites) set up as a fake “bank.”

10. Michael Lindsay / iMedia Networks (United States / California)
Lindsay’s iMedia Networks is a full-fledged spam-hosting operation serving bulletproof hosting at high premiums to well known ROKSO-listed spammers. His customers spam via botnet zombies with spam payloads hosted offshore, tunneled back to his servers.

Source: http://www.spamhaus.org/statistics/spammers.lasso quoting
Register Of Known Spam Operations (ROKSO) database + Spamhaus Blocklist (SBL) database.

How spam operates

There are many ways that e-mail addresses can be obtained online. However, one of the main ways that spammers obtain e-mail addresses is by deploying bots to harvest e-mail addresses (from Web pages and newsgroups etc.), to which they then send spam that can contain nuisances like hoaxes and serious threats such as pornography and viruses. This is one of the reasons for being very careful about how you use your e-mail address online.

Spammers use various ruses to trick users into opening their e-mails, anything from placing “Dear friend” or “Remember me” in the subject line - implying that the e-mail is from someone the user knows, to more generic subjects like, “Your money has been refunded” or “About your Web site.”

A lot of the time, once a spam e-mail is opened the spammers “research” work is done for them. Many spam e-mails contain files (including pictures) that, once downloaded in an e-mail, confirm that the e-mail address that has received the spam is active - opening the floodgates for a further stream of junk e-mail. Other spam e-mail will include an “unsubscribe” link which, when you follow it does not unsubscribe you. Instead, it confirms that the junk e-mail has been received, which again, makes the user’s e-mail address vulnerable to spam.

Because e-mail is a relatively cheap form of advertising, spammers can afford to send copies of their junk e-mail to tens of thousands of e-mail addresses. They know that a small percentage of the recipients will be duped into responding, even (in the case of advertising spam) buying their product. Spam ranges from pleas for financial assistance (like the Nigerian advance fee or 419 scam) to advertising for adult Web sites. It can contain offers to buy pirated computer software or cheap computer ink and pharmecutical products (like Viagra). Also on the rise are phishing attempts, where spam e-mail is sent by identity thieves, looking to steal Internet users’ personal and financial information.