Brian Krebs is an investigative journalist and former Washington Post staff reporter, where he covered Internet security, technology policy, cybercrime and privacy issues for the newspaper and website.
His first book SPAM Nation chronicles the activities of two leading Russian figures of the Pharmaceutical SPAM racket, Igor Gusev and Victor Vrublevsky, who leaked detailed information about the other in an effort to destroy the other.
Brian left the Washington Post after editorial management at WP decided that Cybercrime was an area that was a little too risky for its appetite.
Brian went on to found his own Website www.krebsonsecurity.com a daily blog dedicated to in-depth cyber-security news and investigation. Brian has become one of the most informed and prolific writers on the subject of Cybercrime.
Why is SPAM Nation worth reading? Because YOU and YOUR USER IDENTITY are under constant threat from billions of SPAM emails and social engineering scams generated by a sophisticated, determined, patient and growing cadre of Cyber criminals.
If you are a salesperson or marketer in the security business, then this book is required reading.
This book is a worthy read for the general public as it details the feud that developed between key Cybercrime characters and the supporting cast of corrupt banks, less than diligent ISP’s, crooked beauracrats and victims of toxic counterfeit drugs bought over the Internet from “Canadian Pharmacies”.
These two individuals (Vrublevsy and Gusev), are responsible for a large percentage of SPAM that has plagued YOU, your inbox and everyone else’s inboxes for the past 10 years.
It provides insight into motives, modus-operandi and the environment, sponsored by corrupt bureaucrats who enable Cybercrime to flourish in Eastern Europe, Russia and parts of Asia.
If you have not received a letter from your bank or institution where you hold a credit account offering free credit protection services, advising that you that your credentials may have been stolen and that your account may be compromised in the past 12 months, it is almost certain you will receive one in the next 12 months.
Pharma Spam provided the trainer-wheels for the first generation of hackers. They made $millions selling counterfeit pharmaceuticals, manufactured in India, sold via online “Canadian” Pharmacies to Americans who could not afford or could not acquire drugs for any number of serious illnesses and addictive needs.
The Botnets that infected and continue to compromise millions of PC’s, causing them to generate billions of Spam emails daily still exist. They provide a platform to develop and launch more sophisticated phishing and spear-phishing attacks.
Hackers have perfected their craft in what history will record as the “Wild-West” days of the Internet.
Ten years ago, these miscreants were making $millions.
Now they are making $Billions.
An increasing variety of clever scams, including impersonation of senior executives using look-alike URL’s to launch phishing and spear phishing attacks (social engineering), to gain access to the corporate network and commit fraud; extortion, identity theft, credit card theft, website ransom and Intellectual Property theft.
The epilogue, A Spam-free World: How you can protect yourself from Cyber-crime, is worth the price of the book ten times over.
If you don’t want to read the book, then please observe Brian’s 3-simple rules to protect your identity… and never click on a suspicious link or a link unless you can expose and validate that the underlying hyperlink is genuine.
Rule 1: If you didn’t go looking for it, do not install it.
Rule 2: If you installed it, update it.
Rule 3: If you no longer need it, remove it.
If you are interested in any subject related to Cybercrime, follow @Briankrebs on Twitter, make #Cybercrime a Twitter hashtag that you track and read daily and visit Brian’s website, it’s a must.
Finally, if you have never heard of and don’t know what “social engineering” is, then you had better do some research in a hurry, before you become the next victim of identity theft and fraud. Just because you may run a small business, does not mean that you wont be attacked. This stuff is automated and no business or individual is immune.
There is no virtually no guaranteed security and certainly no privacy if you are online.
Identity is the new security perimeter and we need to defend it using all of the tools, technologies and processes available. If you have not recently changed and strengthened your passwords, then Brian's article is a must-read on password do's and dont's.
It starts with you. You are responsible for protecting yourself against compromised user idenity.
This just in from Queensland Police following a rapid increase in the incidence of Cybercrime.
“In the last month we have noticed a dramatic increase in not only the number of scams circulating, but the sophisticated nature of these scams. We are concerned and need to ensure the community is taking every possible step to prevent this from happening to them.
“The theft of personal and business data will continue. Whether these thefts be aimed at the individual or at larger organisations as part of strategic ransomware attacks, these crimes are highly profitable for criminals and will without question, continue to rise,” Acting Detective Superintendent Terry Lawrence of the Fraud and Cyber Crime Group said.
• Do not open attachments or click links in emails or social media messages that are unsolicited or unexpected. Delete them.
• Be wary of any free downloads or website access. They may install harmful software without your knowledge
• Keep your security up to date on your electronic devices ie download anti-virus software from a trusted source.
• Never send money or give credit card, passwords, online account details or documents to anyone you do not know.
• Be careful of the information on your social media profile. A birthday, middle name and address can be enough for a scammer to build a profile on you and steal your identity.
You might also find this .pdf entitled Ouch from members of the SANS Institute of value in warning friends and family of the dangers in what will be the biggest Cybercrime Christmas in history.