crunch with me

"The thief has come to steal, to kill and to destroy!" - this line comes with a biblical truth.  Although it speaks about Satan stealing man’s salvation, eternal joy and destroying an abundant life, we could say, too, that a lot of men have come to steal, kill and destroy a fellow human being.  Sad but true.  Theft is rampant these days, an in various ways.

I ran across David Airey’s blog.  And read about how a cracker stole and held his davidairey.com domain for ransom.  In his site, he stated how it was taken away, how it was recovered and how much damage it caused him.  In this form of theft alone, David is not the only victim.  I’m sure there were others who didn’t quite know how to retrieve their stolen goodies.

I used to work as a Customer Finance Assistant where I get to handle banking information,  SSNs and details valuable to one’s finances, business, properties and one’s life even.  I heard sad stories of people with hacked online accounts, of people who had to pay for something they did not purchase with their card themselves, but they pay anyway just to maintain a good credit standing.  Poor thing.  But that’s a lot better than a stolen identity.  Criminals will steal just anything valuable, all in the name of money.

LifeLock.com is an interesting website to find about this topic.  LifeLock is America’s #1 Identity Theft Prevention Program.  Works like an insurance, they guarantee to shield your identity up to $1,000,000.  They’ll prove to be the most advanced, safest and easiest to use in cases of Identity theft.  They have an Identity Theft Quiz form.  They offer protection services for a minimal fee and even discounts.  Try visiting their website to get your own LifeLock promotion code and subscribe to their services.

Happy New Year to one and all.  Here’s a new year news… Gmail has been hacked!!!

At least that’s what I heard.  But when I did a little research, it’s actually more of a mailer security flaw and cracker-victim issue.  The cracker-slash-criminal who knows how to tweak someone else’s settings by trespassing into your gmail account, and a victim who is innocent of what is being stolen from him.  A true to life invasion of privacy!  Once your email account is accessed, the cracker can manipulate the settings and all your emails, be it personal or business will be routed to the criminals’ hands.

How does it works? A victim visits a webpage while being logged into his GMail account. Not realizing he’s visiting a bad page, the page does a multipart/form-data POST to one of the GMail interfaces and sets a filter into the victim’s filter list. The attacker writes a filter, like a message rule or something, which simply looks for emails with attachments and forwards them to an email of their choice - their email.. tsk tsk. This filter/query will automatically transfer all emails matching the rule. Of course, future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.

That’s it.  I highly suggest that you do not use free emails for important mails like domain access, online banking information,  and even community accounts like friendster or myspace.  I need not enumerate what a cracker could do to you… they’ve got cracked minds.

May this year be a cracked free year for you! ^_^