CNET writes about how Microsoft is partnering with law enforcement to go after cyber criminals. According to the article, Microsoft is to provide specialized tools to law enforcement agencies that would allow better tracking and investigation of computer crimes.

"We are looking at making our internal tools available to law
enforcement agencies," Stone said. [Greg Stone, the national technology officer at Microsoft Australia and New Zealand] "I’m not talking about commercial
shrink-wrapped products that we would put out onto the market. I am
talking about very specialized bits of technology, like artificial
intelligence and data mining, that would be safe in the hands of
extremely competent individuals".

Nice move by Microsoft - instead of hiring its own private investigators, give the tools to law enforcement, train them to use the tools, and reap the public relations benefits. Hopefully this would also put a dent into the growing level of cyber crimes.

[Via CNET News.com -]

The anti-spam community is celebrating the bankruptcy filing of Scott Richter, one of the most famous "Spam Kings." According to The Register, Richter’s OptInRealBig.com filed for bankruptcy after it was attacked by NY Attorney General Spitzer and Microsoft for his spamming operations. Apparently OptInRealBig.com has assets of $10M and liabilities of $50M, and after he settled with Spitzer for $19M the company was unable to pay his bills.

This case shows that lawsuits by state attorney generals and ISPs with legal muscle can help in eliminating the biggest spammers. I am not sure whether OptInRealBig’s bankruptcy is the entire story. A sophisticated spammer is very likely to have transferred assets offshore and maybe Richter just wanted to get rid of the lawsuits, charter a plane to a caribbean country, and continue his operations from there.

[Via Register, UK -]

Aaron Greenspan has a thought-provoking editorial about what are we doing to "make our nation’s databases are protected?" Answer is, "Nothing." He describes his experience with downloading a W-2 form (I assume for tax return purposes) from a payroll provider,

I learned this the hard way. In the process of downloading my 2004 W-2
from a Web-based payroll company, I discovered I could also download
the W-2 of every person who had ever been a customer, as far back as
1999.

As it happens, IRS Form W-2 is the perfect tool for blackmail,
containing one’s Social Security number, annual salary, home address,
employer’s federal identification number and employer’s state tax ID.
With one keystroke, without breaking into any systems, without
hacking–really, without even trying–I could have pretended to be
anyone I desired to be out of a potential pool of up to 100,000 people.

Although an isolated example, this story shows how little attention is paid by companies and government agencies to customer information security.

[Via CNET News.com -]

No surprise in the recently releases phishing statistics for the month of February.

There were 13,141 unique phishing e-mail messages
reported to the Anti-Phishing Working Group (APWG) during February, up
2% on the number reported to the group in January. The number of
phishing Web sites supporting these activities rose 1.8% to 2,625
compared with the prior month, according to the group. The APWG
compiles its data using information from Internet service providers,
network administrators, law enforcement agencies and individuals.

[Via ComputerWorld -]