Typosquatting – where a person registers a domain name similar to a real domain name, but with a typo, in hopes that web surfers reach it by accident. These sites are usually filled with paid advertising links that generate revenue for the typosquatter, not to mention the web surfer has been tricked into believing he is on the correct site. This diverts traffic away from the intended site. Sometimes they are routed to a competitors site or a pornographic site.
Cybersquatting – is when someone registers a domain name, in bad faith, violating the rights of the trademark owner. They usually intend to extort payment from the trademark owner, and they keep the names to sell later to the highest bidder.
Pagejacking is when the offender copies part of an existing website, and then puts it up on a different website to make it look like the original. Pagejacking is used in phishing schemes, where the fake page gathers account numbers, passwords, and personal information from the unsuspecting user.
The Uniform Domain Name Dispute Resolution Policy (UDRP) is a cost-effective and faster alternative to a lawsuit, when there is a domain name dispute that needs to be resolved. This was set up by the Internet Corporation for Assigned Names and Numbers (ICANN), the group responsible for domain name registration.
SPAM – and how to avoid it
Spam is accounted for around 80% of all U.S. email. 20% of U.S. residents actually buy products from spammers, and this makes it worthwhile for them to continue to harass us with unsolicited emails. There are no laws to prohibit spamming, but there are laws to regulate spam. There are also laws that prevent email harvesting (programs that read through websites looking for email address to add to their database). Many states require opt-in or opt-out options in the email. There are laws that prohibit false headings and laws against spammers that identify their message as coming from someone else. Trademark and unfair competition laws have been used against a spammer whos message reads that it is coming from someone else, and in one case a man was sentenced to 3 years in prison and $16 million in fines. Unfortunately it is very difficult to enforce the statewide spam laws because a sender really has no way of knowing all the states he is sending his spam to by the list of email addresses he has.
There are some things you can do to limit the spam you are getting.
- Do Not Reply to Spam! Most times it just confirms they have reached a valid email address and they’ll continue to send junk to you.
- Do not post your email address on your website – use a form that doesn’t display the email, or turn the email address into an image rather then displayed as text.
- Use a different email address if you must use one in news groups or forums
- Use a spam filter
- Never, ever buy from a spammer – this encourages them
Email Spoofing is changing the email header so it looks like its coming from someone else. This is sadly easy to do. This is also used to try to trick people into giving out personal information. This is illegal under the CAN-SPAM Act.
Phishing is a scam where an official-looking email is sent to an unsuspecting user to try to trick them out of their username, password, or other information. They are usually directed to click onto a link that goes to a fake (spoofed) version of a real organizations website. This is called Pagejacking. The address bar can even be altered so it appears to be the official website. If you ever get an email requesting that you verify information by clicking on a link, you should instead GO DIRECTLY TO THEIR WEBSITE WITHOUT CLICKING ON THE LINK, to verify it. Lately phishing is even occurring in instant message programs that appear to be coming from a friends IM signature. Always be cautious in this situation.
Vishing is short for ‘Voice phishing’ and is the latest scam. It may start with an email or it may start with a phone call. These calls can be very believable because often the caller already has your credit card number and just needs you to verify the 3 digit security code on the back of your card. Or it could be an automated system asking you to type in your credit card or account number to verify who you are, which sounds realistic enough.
Keystroke Phishing is when a Trojan program is unknowingly downloaded onto your computer that tracks the keystrokes you enter into the computer, and sends it back to the scammer, who hopes to get a username and password from it.
Identity Theft is where a person gathers your personal information and poses as you to get credit, merchandise, services, or to use the identity to commit other crimes. They obtain this personal information by phishing, database cracking, or survey. Survey is seemingly innocent questions about mother’s maiden name, children and pet names, and birth dates that can give access to a surprising amount of passwords and usernames. Once a phisher has your credit card number it can be sold to someone who then creates a credit card to use on an ATM machine. Identity theft is spreading on the internet, but surprisingly it is still safer to give out your credit card number on the internet then to give it to an unknown salesperson or waiter. 97% of all identity theft crimes are caused from offline instances, not online. For instance, two places that identity thieves get your information from are your mailbox, and your trash can.
Protect Yourself from Identity Theft
- Cross-shred documents
- Review your credit report twice a year
- Be aware of billing cycles and put vacation holds on mail
- Never reveal your Social Security number unless absolutely necessary
- Don’t carry seldom used credit cards or unnecessary id’s
- Be aware that identity stealers are not always strangers
- Don’t give out personal information over the phone, mail or posts on the internet
- Take out the hard drive from a computer and destroy it before discarding. Even if deleted, personal information can still be recovered from a computer’s hard drive
Cookie Poisoning is the modification of cookies that are put on your computer by an attacker to gain information about a user.
Spyware is software that is downloaded onto a users computer without his knowledge and used for malevolent purposes. It can be downloaded simply by going to a website (called Drive-by Downloads), or it can be downloaded unknowingly while installing another program. Spyware can crash computers, slow performance, track emails and visited websites, and track keystrokes that capture the users personal information. Programs such as Spybot, Spy Sweeper, and Ad-Aware can be good for checking and removing these unwanted harmful programs from your computer.
Malware is the malicious software that is developed for the purpose of doing harm. Malware examples are Computer Viruses, Worms, and Trojan horses. A Worm is a self-replicating virus that continues to duplicate itself taking up memory and resources. A Trojan horse is a hidden program that later gains control and causes damage to your computer.
Wardriving is the practice of driving around in a vehicle with a Wi-Fi enabled laptop looking for available signals to use. Wardriving steals internet access and is considered a crime of telecommunications theft. Wireless signals can be transmitted 500 feet or more and should be protected with passwords.
Pod Slurping is stealing data by use of iPods, or downloading malicious software via iPods.
Cyberstalking is a crime where the attacker harasses the victim using electronic communication such as email, IM’s, chat rooms, discussion groups. Cyberstalkers rely on the anonymity of the Internet thinking they can not be caught. This may continue to actual physical stalking. Federal law imposes a $1,000 fine or 5 years imprisonment for anyone transmitting in interstate commerce a threat to injure or kidnap someone.
Securities Fraud is where someone uses the internet message boards to hype up a stock to drive up the market so he can then sell and make money. It’s called the ‘Pump and Dump’ scheme and is illegal under federal and state laws.
The Fair Housing Act states that you can not discriminate on the basis of race, gender, family status, religion, and national origin. Now that there are many internet postings for rentals by third parties, the question is being raised if the same rules apply to internet postings and who should be held responsible. The safe harbor provisions of §230 have protected these types of websites from libel or copyright infringement liability provided they remove offending posts when they are notified of the posts. The few times it has been brought up, it was settled out of court and it was agreed to comply with the Fair Housing Act Policy and remove the offending posts.
The USA PATRIOT Act was enacted in response to the September 11th attack in 2001. This act allows electronic messages to be intercepted if it is believed to be of terrorist or criminal activity. It also allows for the retrieval of Internet Service Providers information without going through a court order.
Online Gambling is prohibited or regulated in most states. Many gambling websites originate outside of the country though, and are impossible to shut down. The big worry with online gambling is that minors have access and it enables the pathological gamblers. To try to control this spreading problem, the Unlawful Internet Gambling Enforcement Act was signed into law and makes it illegal for credit card companies, online payment systems, and banks to process payment to online gambling companies. There have also been instances where online casinos and gambling websites owners have been caught in the U.S. and charged with racketeering and mail fraud.
Free Speech and the Internet
The first amendment to the U.S. Constitution guarantees the right to free speech. But there are instances when that can provoke a lawsuit. The four main causes of action against speech on the internet is:
Defamation: “A published intentional false communication that injures a person or company’s reputation”
Breach of Contract: If an employee signs a confidentiality agreement and then posts information about products, sales, management, other employees, or rumors, than he may have breached his confidence and trust to the company and be held in Breach of Contract.
Tortious Interference with Business: To file tortious interference there must be an existing contract or business relationship, intentional interference between the company and the business relationship, an effect caused by the action, and damage as a result to the action
Securities Fraud: Attempts to manipulate the price of stock by giving false information or talking it up, so that the stock price goes up, and then selling it (Pump and Dump Schemes), is illegal
Children and the Internet
The Child Online Protection Act (COPA) makes it a crime to publish “any communication for commercial purposes that includes sexual material that is harmful to minors, without restricting access to such material by minors.”
When a harasser uses the internet to cause substantial emotional distress to his or her victim, this is considered Online Harrassment. It can take the form of email, chat rooms, instant messaging, newsgroup posts, or message board posts. The largest amount of online harrassment occurs by teenagers who often do not yet understand the impact of their actions and are not yet able to control their emotions.
Online harassment is a crime in some states. If you are harrassed online, you should archive the conversation and report them to the ISP and local law enforcement.
When writing in a blog or posting to a message board, keep in mind that you can not write things about people that are not true. You can write something bad about a person, but you can’t write something that is untrue and may affect his or her reputation. Truth is a defense to a charge of libel (written) or slander (spoken), if it can be proven true.
Blogs can feel like a personal diary, but one should keep in mind when writing in it, that it’s not just a way to vent feelings. The world can read it. There have been many instances of employees getting fired because the boss didn’t like being embarrassed in the blog, even if it is on the employees personal computer in their own time. Courts weigh freedom of speech with the right to protect the company’s public image. Companies should add blogging policies to clarify this to employees on hiring and avoid the confusion.
Hate speech is protected under the first amendment in the U.S. except when hate speech crosses into threats and intimidation, racial slurs, or racial hostility. Hate speech is prohibited in most other countries. Unfortunately the U.S. has become a safe harbor for hate group websites. Civil lawsuits are a powerful remedy that can financially cripple a hate group organization.
Communism and the Internet
Web speech under Communism is difficult to control. Communist China government has 11 agencies overseeing Internet use. They have taken actions to block certain keyword searches and websites, they keep records of users and the web pages they visit. There is video cameras and high tech software in the internet cafés and bars to prevent customers from viewing the ‘forbidden’ sites. A user must enter an id number in order to use an internet cafe computer. A blogger is required to sign up under his or her real name, although they can write under a pseudonym. Examples of banned websites are: a pornographic site, a superstitious site, or websites that criticize government or the Communist Party. Dozens of people have been sent to prison for posting or downloading from such sites.