The threat of online security: How safe is our data?

With the massive use of internet in today’s world, we often upload personal details, information, pictures, and other relevant data through internet activities such as blogging, online purchasing, as well as with online banking. But, have you ever think about the safety and security of uploading these data? How safe is it to do so? What are the potential threats we might face?

Basically, there are two types of threats which are the Technical Threats and Nontechnical Threats.

Technical Threats

Technical threats are threats that arise with the use of software and systems knowledge. Among the common technical threats encountered are:

• Denial of Service (DoS) attack or Distributed Denial of Service (DDoS) attack

Denial of Service (DoS) attack is an attack on a website in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources. On February 2000, a teenager managed to cripple the web sites of Amazon, Yahoo and other companies by using simple DoS tools (see this CNN article). Similar to DoS, Distributed Denial of Service (DDoS) attack is an attack in which the attackers gain illegal administrative access to as many computers on the internet as possible to send a flood of data packets to the target, but by using multiple computers. Both of the threats attempt to make the computer resources unavailable to its intended users.

• Virus


Virus is a computer program that can inserts itself without the permission or knowledge of the host. But, in order to propagate and harm the user’s computer, it requires the owner to activate or run the program. For instance, “I LOVE YOU” virus appears in the form of an e-mail with an attachment, which will be forwarded to everyone in the address book after downloading and opening the attachment. Subsequently, it damages the victims' computer such as deleting files or corrupting the hard drives (see this BBC article).

• Worm


A worm is a type of virus. However, unlike the virus, it is a computer program that can replicates itself across a network without any human intervention. For example, the “MSN Messenger worm” is a message and link which is sent by friends who are being infected with the computer worm. Once clicking on the link, it will take you to a web site and then automatically downloads the worm and infect your computer. Whether you are online or offline, the worm will automatically send the message and link to everyone in your address book. Besides that, worms can also damage your computer by installing other malicious code that copies information from your computer and use it for other online crimes.

• Trojan Horse


Although Trojan horse programs are classified as viruses, but they are not a virus since Trojan horse do not replicate itself. Trojan horse is a program that appears to have a useful function but that contains a hidden function that presents a security risk. It is designed to allow a hacker to gain access into a user’s computer, enabling the hacker to destroy information stored in the computer such as client’s or customer’s information, credit card details, bank account number and so on.

Nontechnical Threats

Nontechnical threats is an attack that use some form of trickery or persuasion to trick people into revealing information or performing actions that can compromise the security of a network. Social engineering is a type of nontechnical threats. It is a collection of techniques used to manipulate people into performing actions or exposing confidential information. One of the examples of social engineering is phishing. (If you are interested to know more about phishing can refer HERE).

Phishing: Examples & It's Prevention Methods

What is Phishing?

Phishing, a term used in computer security, is a fraudulent attempt to scam internet users into giving out their personal and private information such as credit card details, social security number, PIN number, account username and password. Usually, phishing attempts appear through a look-alike of an established and legitimate organization, mimicking a trustworthy popular website. It is actually a fake website having a similar outlook as the valid site engaging in identity theft. Phishing is usually done through e-mails and can appear to be from any bank, credit card companies or an online store.


These are among the examples of common excuses given by phishers in an e-mail:

• They are about to undergo system update and maintenance, and so, you are required to give them your password in order for them to update your webmail.

• They are about to delete all accounts to create more spaces (for messaging service). To maintain your account, you are then required to fill in information such as username and password or else there is the threat of deactivation and losing of your account permanently!

• There are also false scam alerts that ask you to cooperate with them in fighting these scams. What they do is they require you to provide important information as an excuse to install a scam alert in your e-mail which is totally fake!

• Some (those mimicking banks and credit card authorities) require you to click on their links to verify your e-mail and access your bank account which is said to be done for protection purpose.

• Some claimed that your e-mail has been used to send spam mails and therefore your account is to be suspended. You are then required to confirm your ownership by replying their message with your personal information.

• Some even claimed that you have won some rewards such as a cruise or a lottery and you are asked to click on their link for more information regarding your prize.

• Others might con you through a disaster relief fund or perhaps a money scheme sham.

Examples of phishing e-mails:

eBay phishing mail

Maybank phishing mail

Skype phishing mail

Phishing is a common threat to all of us using the internet, and so, the best way to protect yourself from being phished is to learn how to prevent it.

Here are few tips on how to do it:

• NEVER click on links in an e-mail that request you to provide personal information no matter how trustworthy they may seem to look. With all the necessary credibility elements present, it can still be a scam. Remember!! A legitimate organization would never request such important information from you via the e-mail.

• Use an anti-virus software and update it on a regular basis. An anti-virus software might help in detecting phishing e-mails. Besides that, perhaps you could also do a regular scan of your computer from time to time.

• Install a personal firewall as well as the latest security update for your web browser and operating system. It is advisable to use a web browser that has a phishing filter, preferably Internet Explorer and Morzilla Firefox.

Always be careful and be alert to phishing mails!
Don’t let yourself be a victim of phishing!

A Review on a post on Internet Security from My E-commerce blog

After reading the post ‘Favourite Passwords Used Online’ from ‘My E-commerce’ blog, I totally agree with the list of most common passwords. To my surprise, I realized that even my passwords are within the list as well! And so, provided below are some important information regarding password which is crucial to the protection of our private information. Hope it does bring you great help!

What is Password?
First of all, password is a series of characters that enables a user to access a computer system. From another angle, it helps secure the computer system from unauthorized access. Password is made up of at least four to six characters, including letters, numbers and symbols, but never spaces. Often, it is used in combination with some form of identification, such as username or e-mail address.

Reason People Love to Use Common Passwords
Okay, so why people are fond of using these few passwords? The main reason would be people like passwords that are easily remembered, in case they themselves could not recall and thus being unable to log in to their computer systems. However, these passwords can be easily guessed, which therefore could allow others to break into your computer systems without much difficulty.

Risks of Using Common Passwords
The convenience of using passwords that could be easily remembered, however, turns out to be painful and costly when it is exposed to malicious users. For individuals, it could be exposure of financial information, health data and private documents that we strongly do not want others to find out. Hackers could even use your identity to open new credit card accounts, apply for a mortgage, or engage in online transactions. For organizations, it could be leak of trade secrets, financial data, intellectual property, customer lists, etc.

How to Create Strong Passwords?
Make it lengthy
A strong password should contain at least 8 or more characters. The lengthier it is, the more protective it is. Otherwise, think of a phrase or sentence that is easy to remember. It should be not only long in length, but hard to be guessed as well.

Combine letters, numbers and symbols
Make use of the entire keyboard if you can! Fully utilize the “Shift” so that you have small and capital letters, numbers, as well as symbols at the upper row. For example, substituting an ‘e’ with a ‘3’, or ‘s’ with ‘$’. The more complex your password is, the harder the hackers could guess your passwords.

Avoid using names and words from dictionary
Any of your and your loved one’s names, birthdays, or similar information should first be eliminated out of your consideration for forming any password. These are easily obtained and would be the first thing the hackers would try on. Besides, there are effective password cracking tools, which could be easily downloaded for free from the Internet, that help guess passwords based on words in dictionaries.

Change your passwords regularly
It helps keep hackers unaware. How often this should be done depends on the strength of your password. A short and weak password is recommended to be changed every week; a long and strong password can last for years.

Use different passwords for different accounts
This is to avoid all of the information to be stolen at once. If the same password is used for all the accounts, the hacker can have access to all the accounts and steal all the information once he gets your compromised password.

With the given information above, I believe that many of you are going to change your passwords immediately!

Safeguard on Personal and Financial Data

With the advancements of technology, a lot of internet services such as Facebook and PBeBank enables and provides sharing of personal details and financial transactions. Without a proper safeguard on these data, it can lead to internet fraud and scam that will cause financial loss and inconvenience to the internet users.

Here are some suggestions available in the prevention of it:

Strong Password Protections
Choose strong passwords that are barely predictable and hardly expected by others. This can include using a combination of numbers and letters like w4t3r (water). Although most users would usually choose something that can be easily remembered, however this might not be a wise decision as to be easily remembered also implies that it has a higher chance of being easily predicted. Therefore never ever use personal information that can be easily accessed or predictable such as your birth date as your password.

Use and Update Anti-Virus Software and Firewall
Use an anti-virus software and a firewall to protect yourself against viruses and Trojan horses that may cause your data to be stolen or modified. With the help of a firewall, you can protect your computer against improper access from unauthorized person. A firewall blocks and filters some of the illegal access from hackers. Besides that, by having the antivirus software installed and frequently updated, new threats such as viruses, worms and other malware may be eliminated and thus safeguarding your personal and financial data as it should be.

Avoid Accessing Financial Information in Public
Prevent yourself from logging in to check and make financial transactions when you are using a public network such as in a coffee shop that offers wireless access or through public computers. For example, Starbucks and cyber cafes. Although this might seem convenient to users, but the strength of their safeguard such as firewall is unknown. Besides, the open environment might allow the public to observe and perhaps see the private and confidential data you are working with.

Avoid Access to Unknown Sites
Avoid giving your personal information to other unknown parties online, whether it is via e-mail or publish of personal data in blogs or websites. Besides that, also remember to make sure you are in the right legitimate website before entering personal information or making a financial transaction, not a phishing website.

Avoid Granting the Use of Personal Computer to a 3rd Party
Remember that your own computer contains a lot of private and confidential information such as passwords saved, history and cookies that will retain the data from the web page that have been accessed. Thus, if your computer is being stolen or being used by a 3rd party, private information may be easily retrieved and duplicated. Therefore, avoid putting sensitive information in the computer and if there is any lock, it is advisable to impose them to the folder.

The History and Evolution of E-commerce

E-commerce

Electronic commerce, commonly known as e-commerce, refers to the trading of products and services electronically. In other words, e-commerce allows people to buy and sell over the Internet. It covers a wide range of different types of businesses, from household products to machines used in corporations. You name it, they have it!

History and Evolution of E-commerce

• 1970s

The emergence of e-commerce started in the 1970s when Electronic Fund Transfer (EFT) and Electronic Data Interchange (EDI) were introduced. Dated back in the early 1970s, EFT had two functions: enabling banks and financial institutions to do electronic transactions among themselves or with associated businesses, as well as, payment of salaries to employees by employers. When it came to the late 1970s, EDI helped producers and distributors in cutting costs by allowing exchanges of information and documents between companies electronically.

• 1990s
During the 1990s, the Internet has been opened for commercial use. The development of Mosaic, the first point-and-click web browser, and Netscape, the first downloadable browser, had made a remarkable growth to the global Internet community technology. This was when the Internet became popular and users started to participate in the World Wide Web (WWW). This in turn resulted in the rapid growth of the use of personal computers (PCs).

Below is the summary of the evolution of e-commerce:

• 1984 – EDI was standardized so that companies could complete transactions with one another reliably.
• 1990 – The first web browser, WWW, was written by Tim Berners-Lee.
• 1992 – People first bought things over the Internet when CompuServe offered online retail products to its customers.
• 1994 – Netscape, a simple browser to surf the Internet and a protected online transaction technology called Secure Sockets Layer was introduced.
• 1995 – Amazon.com and eBay.com were launched.
• 1998 – Fast and always-on Internet service was provided to subscribers across California by using DSL, or Digital Subscriber Line.
• 1999 – Business.com published that retail spending over the Internet has reached $20 billion.
• 2000 – The dot-com bust.
• 2003 – Amazon.com posted first yearly profit.
• 2008 – US eCommerce and Online Retail sales projected to reach $204 billion, an increase of 17 percent over 2007.

In our opinion, the emergence of e-commerce indicates a significant advancement of mankind. It benefits all parties along the supply chain management from manufacturers to customers, in various ways. As the e-commerce continues to be improved, we believe that it is possible that there will be a day where everything will be just a click away and all we need to do is just sit back and click. It may not overtake the traditional method of commerce entirely, considering some limitations of the Internet; however, it would surely affect the concept of commerce significantly.

Revenue Model for Google, Amazon.com & eBay

Google is known to be one of the most informative, user friendly, fastest and most trafficked website in the world of internet. In fact, Google has become one of the global technology leaders which is widely recognized.

Google generates most of its revenue (more than 90%) through online advertising. With the volume of their site traffic, they focus on delivering relevant and cost effective advertising. They offer targeted advertising solutions and global Internet search solutions.

One of Google’s advertising program is Google AdWords which is a pay-per-click (PPC) advertising tool. Ads are displayed as sponsored link with regards to the information searched for. For every ad clicked, Google earned a fee from their advertisers. Google recognizes most of their advertising fee from Google AdWords.

Another advertising program run by Google is AdSense. AdSense allows the display of ads on websites and blogs which can be on a per-click or a per-thousand-ads-displayed basis. Google generates affiliate fees from the site owners whenever user clicks on the ads displayed on the websites.

Amazon.com is an e-commerce company and is known as one of the world’s leading online retailers.

Starting off as an online bookstore, it expanded into a variety of products categories online store. With the various wide range of products sold, it is obvious that Amazon generates most of its revenue through sales. Amazon attracts millions of customers worldwide.

Also, Amazon generates around 40% of its sales from affiliates from their “associates affiliate program”. Associates receive a commission for referring customers to Amazon through links. Amazon then generates revenue from the sales of these customers.




eBay is one of the world’s largest online marketplace. It engages in online auction and shopping of a variety of goods and services globally. eBay generates most of their revenue through sales of their products and also through transactions fees. For every successful transaction, eBay earns a transaction fee made by the bidders.

Besides that, eBay also earns part of their revenue through PayPal (online payment) and Skype (communications) which are owned by eBay too.

PayPall earns their revenue through online payments. Using the world’s most advanced fraud prevention system and with their safe payment solution, PayPall has gained users trust worldwide and has become a global leader in online payment solutions.
PayPall’s payment volume accounted for nearly 9% of the worldwide e-commerce.

Skype engages in internet communication whereby it allows users worldwide to talk online unlimitedly. Skype earns their revenue through calls made to and from landline and mobile phones, voicemails, call forwarding and ringtones.

Other acquisitions by eBay include shopping.com, Kijiji, Stubhub, rent.com and StumbleUpon

An E-Commerce Success: Amazon.com

With the advancement of information technology, the use of e-commerce has improved tremendously in the past few years and has in fact become very popular nowadays. Many businesses have successfully gained an awesome profit by selling their products online. The examples of these businesses are Amazon.com, Ebay.com, Lelong.com, Dell, and so on.
Among those examples, the company I want to highlight here is Amazon.com. Amazon.com was founded by Jeff Bezos in 1994, and launched in 1995. It is a pure dot-com company whereby they only operate their business through the internet. Amazon.com started out with selling books online and then quickly diversified by adding other items. It has become the first best known online retailer in the internet world.

Causes of Success

• Customer Orientation

Amazon.com is a customer oriented based company. The customer-centricity has been part of its mission since the day of its operation. They start with the customer and work backwards in considering matters such as whether the boxes are easy to open, what packaging material they use, how much packing material is in the box, and etc. Due to the efficiency in dealing with the customer and continuous focus on their needs, Amazon.com has successfully become the top among other entire online retailers.

• Continuous Innovation

As we know, if a company does not listen to their customers, they will fail. But if the company only listens to their customers, they will also fail. The ideas to investigate might come from customers who are a really important source of information. However, it is also important for the company to innovate and create something new or improved through research and development. Amazon.com runs a lot of test in its usability lab almost continuously. The project teams of the company can request usability testing, and the usability team also goes out and tests stuff of interest for the purpose of coming out with new products.

• Customer Loyalty Enhancing

Amazon.com maintains its customer loyalty by providing user friendly interface with convenience and easy to use features. For example, easy to search, useful information related to product, customize options, e-mail confirmation, and also convenient and reliable payment system to their customers. In addition, Amazon.com also provides guarantees and adopts return policy.

• Variety of Products

In the beginning, Amazon.com did not sell other things but books online. Due to the changing environment and meeting with the customer needs, it started to offer a variety of products which are suitable for different groups of people. The range of products includes videos, music, cell phones, hardware, software, video games, electronics, health care products, clothing, furniture, toys and even food items.

An E-Commerce Failure: Pets.com

In this era of modern technology, many businesses are turning to e-commerce in selling their products and services online. From e-commerce, many companies have successfully achieved a good profit in marketing their products. Among the success companies are Amazon.com, Ebay.com and so on. However, there are also companies which did not do well in selling their products via e-commerce. The examples are Webvan, Kozmo.com, eToys.com and so on.

The company that I am going to illustrate here is Pets.com. Pets.com was engaging in an online business that sold pet accessories and supplies directly to consumers over the World Wide Web. It was launched in February 1999 but unfortunately it folded in November 2000. Pets.com was well-known for its widely popular sock puppet spokesdog.

Causes of Failure

• Excessive Advertising Cost

Pets.com made significant investments in infrastructures such as warehousing which needed critical mass of customers to break even. Acquiring customers in volume they needed to break even requires a period of time which was not an easy task. In addition, Pets.com did not have independent market research preceded the launch of their website. Pets.com only offered products that could be more easily obtained at a nearby mall. There wasn’t much distinctiveness in the products sold which therefore reduced the intention of customers buying from them through online.

• Excessive Advertising Cost

Despite its success in building brand recognition, it is uncertain whether a substantial market niche existed for Pets.com. Pets.com earned revenues of $619,000, yet they spent $11.8 million on advertising. This excessive advertising did not benefit Pets.com, rather it helped the entire online pet industry to increase sales. Hence, making their products even more competitive.

• Lack of Workable Business Plan

Pets.com also decided to compete with low prices just like its competitors. This led to the selling of merchandise at prices below cost for the duration of its operations. Pets.com also built a customer base by offering discounts and free shipping, but it was impossible to turn these sales into a profit because the shipment cost has ate to its profits.

Member Profile 4: Koo Kian Siong (Chris)

Hi, my name is Koo Kian Siong and I am 21 years old. I come from Kota Tinggi, Johor, a beautiful town I would say. I am taking up a degree course of Bachelor of Commerce (Hons) Accounting at University Tunku Abdul Rahman. I am currently a Year 3 semester 1 student. I am quite lazy, and I do things very slowly, and so, some of my friends call me “turtle”.

My hobbies are singing, listening to music, watching drama, surfing the internet, eating and sleeping as well.

The most common websites I visited are www.google.com, www.facebook.com, www.friendster.com, www.hotmail.com, and www.youtube.com. I always use google.com to search information as it is very convenient to me. In addition, facebook.com and friendster.com are the ways for me to update myself on the status of my friends. Normally I will visit hotmail.com to check my e-mail and send e-mail to others as well. When I am looking for some funny video clips or music videos then I will go to youtube.com.

The top 5 internet activities I always do are chatting with my family and friends, playing online games, watching drama, searching information and blogging as well.

Lastly, nice to meet you all here...

Member Profile 3: Chew Fei Ying (Zowie)

Hi, my name is Chew Fei Ying. My friends call me flying eagle because ‘fei ying’ has the same pronunciation as flying eagle is Chinese! I am petite with a head of curly hair. I come from a family of five members, my parents and two elder brothers. I am lucky enough to be the youngest at home.

Being born is the era of technologies, most of my free time is spent in front of the computer. I like playing computer games, chatting with friends, checking my e-mails, blogging and looking for information for education and learning.

I often visit thestar.com.my for the most recent happenings in Malaysia and around the world. Educationmalaysia.blogspot.com is one of my favourite websites too. I get to know the latest updates on our education systems and various opinions from different people. Then, it is the pyschology.about.com. I have interest in psychology besides accounting. It is fun to get to know more about people around you. The next website would be facebook.com, I like indulging in the gossips among friends there. The last website I would like to squeeze into my top 5 list is the gaming website, shockwave.com. After all, we need to relax ourselves on and off.

Besides that, I love collecting chocolate candy wrappers. Yes, I am more interested in the wrappers than the chocolates! Occasionally, I go to KTV with my friends too. We like to sing, regardless of we could sing well…

Lastly, nice to meet everyone here…

Member Profile 2: Wong Chin Yeen (Eric)

Hi, I am Wong Chin Yeen, currently studying in Universiti Tunku Abdul Rahman Year 3 semester 1. The course I am pursuing is Bachelor of Commerce (Hons) Accounting. My hometown is in Ipoh, Perak. One of the subjects that I am studying is e-commerce which one of the tasks in this assignment requires us to set up a blog.

My hobbies are surfing the net, watching movies, listening to music, and sing karaoke.


The top 5 sites that I visit the most is FaceBook which I always gossip on some current news posted by some of my friends, do some questionnaire, and play mini games to occupy my free time when I am bored.


The second site is Google Finance which I always use to check on the market movement and news for the current economy market as well as for a particular company in US.


The third site I visit the most is Wble which I use to download some study materials and check for recent updates that are posted by the lecturers regarding the subjects I am taking this semester.


The fourth site I visit the most is Hotmail which is my main email that I check frequently for updates and forward emails.


The fifth site I visit the most is YouTube which I used to look for funny video clips, news as well as the latest movie trailer available.

The top 5 internet activities that I used to do is searching for something which I don’t understand in life which needs to be further researched and seek for opinion, secondly gossiping on some current news posted by some of my friends, thirdly chatting and keeping contact with my friends using MSN Messengers, fourthly checking email as well as forwarding and replying emails, the last is reading the current news and the market movement available in the internet.

Member Profile 1: Angeline Cheng Siow Pei

Hello everyone there. My name is Angeline Cheng. I’m 21 years old and am currently taking up my degree course in Universiti Tunku Rahman which is located in Sungai Long, Selangor. I just stepped into my 3rd year in Bachelor of Commerce (Hons) Accounting. I will be graduating by May 2010 if everything goes on smoothly.

Here’s a little something about me:
My hobby is to surf the net. I love music, both listening to them and singing them. My friends and I have a craze for karaoke. Besides that, I have a great passion for food too. I just love to eat, all kinds of food, especially Japanese. Also, I occasionally dream of experiencing the different culture in various countries. Someday I would like to travel around the world.

I love going into Facebook because it is an interactive social network website of all my friends with lots of features. It provides personal profile updates of every one of them. It also allows photo uploading, application games, joining of groups and even online chatting.

The next website I visit the most is Google. I find Google very useful in searching up for information and images from many different sources on almost every topic. It helps me tremendously in doing my assignments.

Also, I visit The Star Online quite often too. Without purchasing for a newspaper, I can update myself on what is happening around the world by just reading up the current news online. It’s just so easy!

Next, I also frequently visit Blogspot. I blog about events regarding my personal life. Besides that, I read up blogs from my friends too. It is also one of the ways for me to keep my friends update and vice versa.

Lastly, one of the most visited sites by me is UTAR’s website, which is my current Uni’s official website. It gives me information about my Uni and updates me with current news and events taking place.

The top 5 internet activities I usually engaged in are chatting online via messenger, checking my mailbox for e-mails, blogging about my personal life, “googling” for information on various subjects and of course, playing online game as a mean of entertainment after a long day’s work.

To any one of you who might have any comments and suggestions regarding e-commerce or our website, please feel free to do so.
Lastly, have a great day!! :)