Review a local e-commerce site

E-commerce essentially covers all online activities aimed at inducing Internet users to purchase products and services online.

For example, Air Asia Berhad is one of the local e-commerce website. It is also a low-cost airline based in Kuala Lumpur, Malaysia. It operates scheduled domestic and international flights and is Asia's largest low fare, no frills airline. AirAsia pioneered low cost travelling in Asia. It is also the first airline in the region to implement fully ticketless travel and unassigned seats. Its main base is the Low Cost Carrier Terminal (LCCT) at Kuala Lumpur International Airport (KLIA).

Therefore, Air Asia provide online services such as booking ticket, information about destination, shopping chat, travel services, corporate services and so on. It allows customers from around the world to gain more information about them and its products. Potential customers can browse online catalogues without having to leave their homes or offices.

Furthermore, customer can book the ticket through this website http://booking.airasia.com/skylights/cgi-bin/skylights.cgi . Customer can fill in the detail such as date, number of guest, the destination and whether you want to one way or return. In the booking categories, it also provide more information about the way of online payment. Through the shopping chat, AirAsia offers a choice of credit cards to fit the needs of your lifestyle in different countries such as AirAsia-Citibank Credit Card and AirAsia-Citibank Gold Card are offer for Malaysia guest. Moreover, Air Asia also provide latest news about the famous places in the travel services categories.

In the conclusion, Air Asia is a successful and famous company in Malaysia. Most of the local customers like to fly with Air Asia plane because it provide a lot of information in their website and the cheaper price in Malaysia.

E-Government in Malaysia: Its Implementation so far and Citizen's Adoption Strategies

Malaysia is implementing electronic government, generally known as ‘e-government’. The implementation of e-government was initiated by the introduction of the Multimedia Super Corridor (MSC) in 1996. The e-government initiative launched the country into the Information Age.

Implementation of E-Government Projects in Malaysia

Most of the e-government project implementations are currently in progress. The e-government projects are:

1) Generic Office Environment (GOE)
2) Electronic Procurement (eP)
3) Human Resource Management Information System (HRMIS)
4) Project Monitoring System (PMS)
5) Electronic Services Delivery (eServices)
6) Electronic Labor Exchange (ELX)
7) E-Syariah.


The implementation of e-government would bring benefits to the public administration and Malaysian society in several ways as shown below:

• E-government improves efficiency since the use of information technology enables improvement in mass processing tasks and public administration operations. Hence, e-government applications can generate savings on data collection and transmission.

• E-government improves services, as the main element in reforming government operations is to adopt a customer-focussed approach. The e-government application is developed based on best understanding of citizen requirements. These applications will provide a seamless online service and thus improve traditional government services.

• E-government would help to achieve specific outcomes. The internet can help stakeholders share information and ideas and contribute to specific policy outcomes. For example, online information can boost training programme, sharing health information can improve resource use and patient care.

Citizen's Adoption Strategies

The main challenge in e-government in Malaysia is the technological challenge, which includes issues like standards, data integration, legacy maintenance and privacy and security. In order to make the right decisions and avoid falling behind, governments must identify and resolve the different issues that have arisen from the transition period during which traditional and e-government co-exist. Rather than just focusing on introduction of ICTs, government should decide, guide and control the transformation of government into e-government. The use of ICT to strengthen the involvement of citizens and businesses in public decision-making must be progress at the same time. In short, implementing good strategies must be addressed carefully. Otherwise, e-government will remain misleading.

Things to take note to prevent e-auction fraud when a consumer participating in an e-auction

No messy garage sales; No disturbing phone calls from classified ads. Simply bring items to one of locations (local pick-ups available). With over 140 million users, eBay is the perfect place to sell your items.







Definition of Internet auction fraud includes the following wrong doings:

-Non-delivery of items
-Misrepresentation of the value of an item
-Triangulation: involvement of three parties in which perpetrator steals goods from online merchant
-Fee stacking: adding extra charges once bidding is complete
-Sale of black-market goods
-Multiple bidding by same buyer under different aliases
-Shill bidding: false bidding by the sellerThe IFCC says that in 2000, auction fraud cost consumers $4 million.

As of April 2001, the IFCC has received 4,000 online auction complaints which have cost roughly $3.2 million. The Center found that there are six major categories of e-auction fraud. Though the sale of beanie babies (plush children's toys) accounts for the greatest percentage share of auction fraud (27%), it does not command the greatest overall loss for consumers

Following tips to the public on e-auction.

- check the reputation of the e-auction site and their policy to protect their customers and customer's personal data

- know the buyers/ sellers- If possible, deal with the buyers/ sellers in person.

- If there is any doubt on the identity of the buyers/sellers, don't make payment or ship out the goods.

- Get the details of the sellers/buyers before making payment or sending out the goods.

One thing that could have helped Motwane is to check the seller’s reputation. Many auction sites have a section where every seller’s feedback score is reflected. Some sites assign a community-ranking system to every user’s profile. Reputable sellers will have overwhelmingly positive comments or messages from people they’ve done business with in the past.

On the other hand, if the seller has many negative comments attesting their failure to ship the item on time, then insist on using a method of delivery. Like many sites provide buyer protection, such as courier delivery, because in such cases even if you don’t get what you pay for, you will always get a refund from the website.

Also, if the seller doesn’t have a high rating (or no rating at all) but you still want the item, check him or her out the old fashioned way. Look them up in the Yellow pages or local directory services. See if they come from where they say they come from. Also, search for their name in Google or Yahoo.

Despite that there have been cases where people have gone out giving credit card number via email. So this is one important thing to beware of -- make sure that while paying, never wire money to anyone’s account under any circumstances. Use one of the methods authorised by the website, such as paisa pay and also read the rules of insurance before making the purchase. Again, never, under any circumstance, give out credit card numbers or bank details via email.

“Documentary Letters of Credit are the appropriate payment method for items over $10,000, especially if the transaction is one time only or conducted between strangers,”

“eAuctions frequently offer automobiles, boats, planes, machinery, earth moving and farm equipment, which people would export for more money if the payment options were available. PayPal’s recent changes protect the buyer from fraud, but now the seller feels penalized and loses control of their property. Commercial banks have successfully completed global transactions like this for hundreds of years, and they are experts at avoiding fraud, so eAuction sellers should use their services.”

Until eAuction sites include generic commercial banking terms for Documentary Letters of Credit on their payments page, traders can use the following guidelines to structure transactions (alternatively, these guidelines are available on InterNetLC.com’s website: http://www.internetlc.com/):

EITHER 1: The seller should specify that they will accept a Documentary Letters of Credit in the body of their ad. The winning bidder uses PayPal for the deposit, and has ten days to open the Documentary Letter of Credit with a commercial bank for the balance.

INCOTERMS:

FOB (for an ocean shipment),
CPT (for an air shipment).
EXW (Ex Works - seller makes the goods available at a specified location .

[e.g. factory, warehouse] to the buyer. Seller is not responsible for loading the goods in the vehicle provided by the buyer, or for clearing the goods for export.)
Before the Seller accepts the bid, it’s a good idea to call the local U.S. Department of Commerce Export Assistance Center or World Trade Center to ask if there are any export formalities required on this item. eBay provides some “Know Your Customer” information as well as access to lists of prohibited items for export to which countries, but independent expert advice is important.

OR 2: The buyer opens a Documentary Letters of Credit at an international commercial bank, and completes all the import paperwork BEFORE they start bidding.

The buyer waits to see an advertisement that indicates in the written description that Documentary Letters of Credit are welcome, and bids on the item. If they win the bid, the seller can use the above list to see that the terms match before accepting the bid.

When the bid is accepted, the buyer gives their bank the seller/payee information, the Documentary Letters of Credit is amended and activated, and the transaction proceeds.

TIP 3: If the seller wants to be paid before the item is shipped, when they receive the Letter of Credit from their bank they should contact a company like InterNetLC.com, which provides pre-shipment short-term financing, as well as prepares all the international trade finance documents, for a minimal fee and percentage. “We look over the paperwork, and provided it is correct, we can usually implement the funding decision within five working days. Unfortunately we have no control over the deposit monies, which will be processed at PayPal’s discretion,” Dunlop concluded.

The Application of Pre-Paid Cash Card for Consumers

What is Pre-Paid Cash Card?
Prepaid cash card is using our existing money, rather than a credit card, which we borrow the money and then pay it back later. Prepaid cash card draw funds from our bank account, usually a checking account.

The advantages of prepaid cash card are:
1) Secure and safe financial transaction cards. It always needs a personal identification number to be keyed in for the transaction to be authorized. If someone steals the card information, or the physical prepaid cash cards, we do not need to worry about them using your money.

2) Portable access point to the checking account. Automated teller machines (ATM) are everywhere now, and we can use prepaid cash cards at ATM to withdrawal funds from our checking account in cash, deposit funds into our checking account, and even make an account balance inquiry. We don't have to go to the bank anymore to get money out of our checking account, and we don't need to have a personal computer handy to check the balance.

The downsides of prepaid cash card are:
1) Cannot use prepaid cash card to make "card not present" purchases, such as by buying something online.

2) Cannot use prepaid cash card in "quick pay" terminals that have a card reader but no keypad to enter a personal identification number.


Examples of Pre-Paid Cash Card:

Touch ‘n Go Card (Malaysia)

Touch ‘n Go card is an electronic purse that can be used at all highways in Malaysia, major public transports in Klang Valley, selected parking sites and Theme Park.

Touch ‘n Go uses contactless smartcard technology. The card looks similar to a credit card. User can continue using the card as long as it is pre-loaded with electronic cash. User can reload the card at toll plazas, train stations, Automated Teller Machines, Cash Deposit Machines, Petrol kiosks and at authorised third party outlets. Reload denomination is ranging from RM20 to RM500.

Touch ‘n Go enhances the speed of paying for low value but high frequency transactions. Apart from the speed, it is also very convenient because user no longer need to prepare for small change or wait in queue at the cash lane to complete the transaction.


Octopus Card (Hong Kong)

Octopus is an electronic payment system using a contactless smartcard, which use at Hong Kong. Octopus is a trademark of Octopus Cards Limited.

In the beginning they aimed to develop a simple way to pay fares on public transport in Hong Kong.

Then they extended their reach into simple micropayments for purchases in retail outlets and a simple way for cardholders to gain access to buildings and schools and to identify themselves.

Today, over 1,000 service providers accept Octopus, and new uses are regularly being added. Octopus' success is important to Hong Kong people not only because it's part of everyday life - it's also made everyday life so much easier.

Corporate Blogging: A new marketing communication tool for companies

According to Wikipedia, a corporate blogging is published and used by an organization to reach its organizational goals. The advantage of blogs is that posts and comments are easy to reach and follow due to centralized hosting and generally structured conversation threads. All current browsers (including Firefox, Opera, Safari and Internet Explorer 7) support RSS technology, which enables readers to easily read recent posts without actually visiting the blog, which is very useful for low-volume blogs.

There are some of the benefits which the the corporate blogging had brought into as follow:

You can made contacts with people I would never have met. The blog opens new opportunities.

Blogs are flexible enough to allow a dialogs, a conversation, a sharing of ideas, the revelation of the parties true insights and resources without corporate filtering.

A blog allows us to have an open dialog with customers. This open dialog allows us to align ourselves with our customers (ex: whatever they are passionate about, we are passionate about).

It has given us a much better two-way conversation with our consumers than we'd have without it.

Safe cost of capital to start a new business or marketing a new product as do not need to spend advertising expenses.

Wider range of exposure as it can access by anyone anywhere.

Flexibility of time in making business transactions.

Ouch ! ! ! Credit Card Debts: Causes and Prevention

Credit is a method of selling goods or services without the buyer having cash in hand. A credit card is only an automatic way of offering credit to a consumer. Today, every credit card carries an identifying number that speeds shopping transactions. Imagine what a credit purchase would be like without it, the sales person would have to record your identity, billing address, and terms of repayment.

Each issuer produced one card with one set of features. Today, credit cards come in multiple levels with ranging interest rates, fees and reward programs, so before you fill out an application, it's important to know which will best suit your financial situation and lifestyle.

CAUSES

Credit card debts result from when a client of a credit card company purchased an item or services through the card they use. Debts accumulate increase with interest and penalties for late payment had made the total amount due become larger.
Credit card debt is said to be increasing in the industries areas. Sometime the late fees, over the limit fees, high annual percentage rates, and universal default overcome customer who frequently do not pay off their debts, and the customer declares bankruptcy.

The real culprit behind the scenario is the desire to spend money. Many other culprits seem to be the causes of credit card debts such as lack of concern that their unable to meet the credit card payment obligation. There is no creditor hounding us for the payment and lack of self-discipline in dealing with credit management. We never know how to spend wisely and every single cent spend go toward keeping up with the minimum payment. Unfortunately this distressing situation is the common norm of many people.

Another negative consequence of using credit card is that you will never feel like you are spending the real money. The pleasant feeling you experiences when you purchase the items are disconnected from the unpleasant feeling of making the credit card payment when received the statement. To get control of your credit card spending you need to examine what money really means to you. Studies show that people with low self-esteem tend to purchase more the thing they don't need.

PREVENTION

1.Repay sensibly to payoff what you owe. Small step can be a huge different.
Learn how to make a realistic repayment plan and follow the five ways to reduce your debts.
Pay more than the minimum payment each month, if you ever hope to pay off your credit card debt. You must also pay on time or a finance charge will be added onto the total, creating a larger minimum payment for the next month — and a larger finance charge added to the total again if you don’t pay it. Get a system for credit card debt reduction. You need your own deadline each month for paying bills.Negotiate with credit card companies. The amount of credit card debt in this country has made creditors realize that if they don’t want people backing down from their obligations completely. If you have a limited budget for debt reduction, write letters to each of your creditors acknowledging the situation, and tell each one when you can begin repayment. If you have a limited budget for debt repayment, write down what you can pay each creditor each month.

2.Get Financial Healthy
It seems the better consumers get at paying off their credit card balances each month, the nastier the companies get.
Don’t be a revolver
The first rule of credit cards is avoiding the nefarious “balance.” Carrying a balance means paying far more than you should for everything your charge to your card. And it is one of the fastest ways to fall deep in debt.
Read Everything
Read every form for any potential credit card account with a magnifying glass.
Avoid Late Fees
One late payment and you are immediately socked with a late fee.
Fight Back
If your credit card issuer is squeezing you, complain. Competition among credit card companies is fierce. Use that leverage to get what you want. Often you can get a late fee waived or your interest rate lowered just by asking. Most companies will make adjustments at least once.
Shop around
There is a lot of fish in the sea. There is no reason to hold a card that has a high interest rate or a short grace period. Go “rate surfing.” Get the interest rate you want. Get a card with no annual fee. Compare the rates and terms of several cards.
Check Your Credit Report
An especially dirty trick played by the companies is not reporting a good customer’s on-time payment history to a credit bureau, lest competitors steal their customers. So if you are planning on getting a mortgage or other loan, it is a good idea to ask whether the company is reporting your good payment record to the credit-rating bureaus when you check your credit report. But check a few months before applying for a mortgage, which gives you time to correct any mistakes.
Stop spending
Ultimately, this rule will make the most difference in your financial life. Make it hard to use your card. Don’t leave home with it. Financially healthy people do not use credit cards for borrowing money and paying it back over long periods of time at high interest rates. They do not buy things they can’t afford. Many people mistakenly believe they’re on top of things as long as they make their minimum payments religiously and on time. But they’re not. Keep a card on hand for emergencies. The rest of the time, keep it frozen in the middle of a carton of milk.

Mobile Payment Systems in Malaysia: Its Potentials and Consumers' Adoption Strategies

Have you ever experiance mobile payment? Do you know what is mobile payment? According to Wikipedia, Mobile payment (also referred to as mobile web payment or WAP billing) is the collection of money from a consumer via a mobile device such as their mobile phone, SmartPhone, Personal Digital Assistant (PDA) or other such device.

Mobile payment can be used to purchase any number of digital or hard goods, such as:
Music, videos, ringtones, games, wallpapers and other digital goods. Books, magazines, tickets and other hard goods.

Previously, we can see that there is quite popular on purchase ringtones and games through mobile payment. Now it has getting more and more use for Malaysian.

For instance, Mobile Money International Sdn Bhd had desinged Mobile Money to make payments, allowing registered users to pay for goods and services at anytime, anywhere using only a mobile phone Personal Identification Number via SMS. It gives the freedom to shoppers to buy products online and pay the merchant using his/her mobile phone without being physically present at the store.


The Mobile Payment is the only global, cross-industry alliance of leading organizations from the wireless and financial industries dedicated to realizing the full potential for mobile payments.

I believe that more and more organization in Malaysia will take the opportunity by inviting the others organization with an interest in expanding the global market for mobile commerce to work toward simple, secure and interoperable mobile payments. Leveraging their combined expertise to collaborate on industry requirements and maximize the opportunity for mobile payments.

In order to attract the user from using mobile payment a reward had been given to the user as the return of using mobile transaction.

A free shopping application is provided as it can be downloaded to user mobile phone device to purchase services and products.

It is save and secure as it has security to protect payment details and consumer identify.

It also save cost as the transaction fee is lower than the normal price.

Electronic Currency

What is Electronic Currency?

Electronic Currency also known as Electronic money, E-money, Electronic Cash, Digital Money, Digital Cash or Digital Currency.It refers to money or scrip which is exchanged only electronically. Typically, this involves use of computer networks, the internet and digital stored value systems. Electronic Funds Transfer (EFT) and direct deposit are examples of electronic money. Also, it is a collective term for financial cryptography and technologies enabling it.

How Do The Existence of E-Currencies Mean Good Profit ForR You?
---------------------------------------------------------------
Multinational corporations, small businesses and individuals regularly
exchange e-currencies with each other in other buy and sell
their goods and services across the widest possible economic and
Geographic borders. In 2004, about 1.9 TRILLION US dollars worth of
e-currencies was traded DAILY by trade merchants and individuals ,over the Internet.

Most e-currency trading across 129 geographical locations worldwide is
managed by a Company called Global Digital Transfers Inc (based in
Vanuatu), which maintains the intermediary e-currency DXGOLD, and
recruits individuals to manage, invest and profit from its vast daily exchanges.
DXGOLD is 100% secure, and loss-proof.

BITPASS
Micropayments, small digital payments of between a quarter and a fraction of a penny, made (yet another) appearance this summer with Scott McCloud's online comic, The Right Number, accompanied by predictions of a rosy future for micropayments.

Bitpass was an online payment system for digital content and services. Kurt Huang was a co-founder; Doug Knopper was hired as CEO in November, 2005. Bitpass was a California corporation with headquarters in Silicon Valley. It was founded in December, 2002 and partnered with major technology and financial services companies such as Microsoft, PayPal, the Royal Bank of Scotland and First Data.

On January 19th, 2007 Bitpass announced that they were shutting down, and operations officially closed on January 26th, 2007. No immediate reason for closure was given.

For the content buyer, Bitpass worked like a pre-paid telephone card: the buyer signed up for the service and put money into an account using a credit card or PayPal. This stored-value amount could be used to purchase digital content or services.
Transaction fees were paid by the content provider. For payments under $5, the charge was 15% of the price paid by the buyer (Bitpass Professional merchant account fee).

The Bitpass system allows you to control access and authentication to protected content. Using a series of web services, you can determine if a customer/subscriber has access to a set of web pages or content. Sell and control access to protected content from your own website. Now includes DRM services for selling protected media content.

WHY BitPass will Fail?

BitPass will fail, as FirstVirtual, Cybercoin, Millicent, Digicash, Internet Dollar, Pay2See, and many others have in the decade since Digital Silk Road, the paper that helped launch interest in micropayments. These systems didn't fail because of poor implementation; they failed because the trend towards freely offered content is an epochal change, to which micropayments are a pointless response.

The failure of BitPass is not terribly interesting in itself. What is interesting is the way the failure of micropayments, both past and future, illustrates the depth and importance of putting publishing tools in the hands of individuals.

In the face of a force this large, user-pays schemes can't simply be restored through minor tinkering with payment systems, because they don't address the cause of that change -- a huge increase the power and reach of the individual creator.
BitPass' predecessors failed for a variety of reasons and of course "poor implementation" was among them. Efforts like the ones Shirky mentions were plagued with problems: Elaborate and intrusive sign-up forms, flaky business models, mandatory plug-ins, blood-sucking hook-ups to bank accounts, vendor start-up fees, greedy profit splits, etc. Some even claimed to offer "micropayments" while refusing to support transactions below 99¢.

Another factor contributing to micropayments’ dismal first round was the simple fact that until very recently, few users were willing to pay for content while they still felt that they were paying with their time. Without broadband, the climate for paid content was hardly hospitable.

Similarly, users who had just brushed away the styrofoam packing from their first home computer (and there were a lot of them in the '90s) were still factoring in the cost of that initial investment. Selling premium content to those users was as futile as selling pay channels to TV owners in 1952.







‘

PHISHING: EXAMPLES AND ITS PREVENTION METHODS

Phishing is a type of deception designed to steal your valuable personal data, such as credit card numbers, passwords, account data, or other information.
Con artists might send millions of fraudulent e-mail messages that appear to come from Web sites you trust, like your bank or credit card company, and request that you provide personal information.
As scam artists become more sophisticated, so do their phishing e-mail messages and pop-up windows.
They often include official-looking logos from real organizations and other identifying information taken directly from legitimate Web sites.
Example of a phishing e-mail message, which includes a deceptive URL address that links to a scam Web site
To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site.

PayPal is one of the many examples that phishers has tried to impersonate. PayPal was spelled wrongly in this phishing attempt in the e-mail and the presence of an IP address in the link is both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. Other signs that the message is a fraud are misspellings of simple words and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests.

PREVENTION METHODS

Keep your information more secure

Before you download files, help protect your computer. First of all, keep your software safety net up-to-date which means update Windows automatically and regularly download the latest antispyware and antivirus updates, and then scan your computer right away. Secondly, improve your computer's overall security with lay the protective groundwork, set your antivirus program to scan all incoming files and e-mail attachments before you open them, use a spam filter and Install and run a program to help detect and remove spyware.

How to handle suspicious e-mail

If you think you've received a phishing e-mail message, do not respond to it, approach links in e-mail messages with caution, don't trust the sender information in an e-mail message, verify the identity and security of the Web site (picture 1.1 and picture 1.2) , type addresses directly into your browser or use your personal bookmarks, don't trust offers that seem too good to be true, report suspicious e-mail, don't enter personal or financial information into pop-up windows and don't enter personal or financial information into pop-up windows.

picture 1.1

picture 1.2

Protect your personal information from ID theft
Strong passwords, make it lengthy and combine letters, numbers, and symbols with the fewer types of characters in your password, the longer it must be, use the entire keyboard or use words and phrases that are easy for you to remember, but difficult for others to guess. In addition, password strategies to avoid which means avoid sequences or repeated characters, avoid using only look-alike substitutions of numbers or symbols, avoid your login name, avoid dictionary words in any language, use more than one password everywhere and avoid using online storage.

Protect your privacy with online payment services

How to shop online more safely? Before you select a store, do a background check andeExplore the Web site for third-party seals of approval such as:
or

Before you enter your credit card number, the company should only require personal information that's necessary to complete the purchase and the Web site should use secure technology.

For detailed or futher information, please log in http://www.microsoft.com/protect/yourself/phishing/identify.mspx

The Threat of Online Security: How safe is our data?

Security is a major concern for Internet users. The threat to online security is one of the main barriers to electronic transaction via the Internet medium. Types of online security threats included Internet Attacks, Vulnerabilities, Malicious Code, Phishing, Spam, Viruses, Trojan horse, Hacker, Cracker, and Identity and Data Theft.

In order to get confidential data or information of a company, hacker will create virus or tools to hack into the company’s computer. Those hackers normally spread out the viruses through e-mail attachment. Viruses can be generally categorized into Trojan horse, worm, spyware and etc. Surfing internet website may also expose the risk attacked by the viruses.

Nowadays, many people surfing internet via Wi-Fi. Wireless devices pass through many different, potentially non-trustworthy networks from which service is derived and data is exchanged. Information can be stolen or altered without the end user's knowledge.

Beside that, simply "refreshing" a browser to re-establish the connection may unintentionally introduce risks. Re-establishing connections and transactions without re-authenticating principals on both sides of the transactions can be dangerous. Requests can be redirected and malicious code stealthily downloaded with expected Web data. Most Web sites are not currently configured to deal with inconstant service failures, as is common with wireless connections.

Below are the online security predictions for 2008:

1. Bots will dominate 2008: The number of computers infected by botnets will increase sharply in 2008. In an effort to become harder to detect, bot-herders are changing their tactics and decentralizing via peer-to-peer architectures. They are increasingly using instant messaging as their main vehicle for spreading botnets.
2. Smarter malware: There are new levels of sophistication in malware. Malware will target virtualized computers, and increasing use of obfuscation techniques to hide in plain sight, including steganography and encryptions, will help criminals conceal their activities.
3. Gamers under fire: Gamers already are a prized target, and stealing their account credentials continues to be a primary objective of online criminals. Gamers historically are more concerned with optimizing their PCs for high performance rather than for tight security. In 2008, virtual assets will equal real world money for Internet criminals.
4. Social networking sites in the crosshairs: Social networking sites will become increasingly popular and, as a result, more vulnerable. The large number of aggregated potential victims and relatively small concern for computer security make these sites a windfall for cyber thieves.
5. Key dates for opportunity: The U.S. presidential election and the 2008 Olympics in Beijing offer high-profile opportunities for destructive attacks and corruption or outright theft of information.
6. Web 2.0 services and sites will come under targeted attacks: While it is relatively easy to implement Web 2.0 services, it can be quite challenging to configure them to be totally secure. Therefore, many Internet sites using these services are easy targets with little outward indication that a site is compromised.
7. Windows Vista at risk: As businesses and consumers buy new computers, Vista's market share will grow. Although it is designed as Microsoft's most secure operating system, 20 vulnerabilities were reported in 2007, according to the National Institute of Standards and Technology. As more people use it, the more attackers will target it.
8. Mobile devices will still be safe: Mobile devices are still safe, despite rumours of mobile malware. Smartphone and other mobile devices will not be a real opportunity for criminals in 2008. Proof-of-concept malware for mobile devices has not yet translated into any meaningful attacks. The only significant mobile vulnerability reported in 2007 was to the Apple iPhone.

Prevention of Online Security

Several approaches can be applied in an attempt to prevent Internet criminal activity, which can categorize as `hard' prevention and `soft' prevention.

(i) ‘Hard’ Prevention

`Hard' prevention, in the sense of intrinsic features within the architecture, protocols and software, that prevents difficult, actions of a criminal nature from being performed. `Hard' prevention is an attractive idea. Unfortunately, it is largely impracticable. This is because most criminal activities are only differentiable from non-criminal ones on the basis of the content or purpose of transmitted data, and hence little scope exists for designing Internet architecture or protocols in order to ensure that the Internet simply cannot be used for criminal purposes.

(ii) ‘Soft’ Prevention - Definition, Awareness and Education

`Soft' prevention, comprising disincentives against criminal activity, and in particular clear definition of criminal offences, public awareness-raising and education, the perceived likelihood of discovery, the perceived likelihood of effective investigation, and the perceived likelihood of successful prosecution.

Awareness of the existence of a criminal offence, and education can only be successful if the message is clear. Hence it is fundamental to the prevention of crime that members of the public understand what the activities is that are proscribed, and where the boundaries lie. Many 'white-collar' crimes (such as ‘insider trading’) suffer in this regard, as do so-called 'computer crimes'. A further need is that the definition of criminal offences, and the punishment meted out to wrongdoer will reflects public opinion.

How to Safeguard Our Personal and Financial Data

It's now easy to steal a person's identity for financial gain. According to the Federal Trade Commission estimates there are nearly 10 million victims of cyber fraud every year.

The dangers come in many forms: viruses and worms, malicious software that embeds itself in a user's computer, online lures and scams, scam Web sites that exist solely to steal personal information. Therefore it is important to take extra security precautions to safeguard the data in order to prevent lost of private and confidential information.

Step 1 Software

Choose the software that have the ability to scan all downloads, e-mails, attachments and other files for malicious content. The National Cyber Security Alliance recommends software that can recognize current and older viruses, effectively reverse damage and update automatically.

Step 2 Firewall

Firewalls help keep hackers from using your computer to send out your personal information without your permission.

Firewall is like a guard, watching for outside attempts to access your system and blocking communications from to the source you don’t permit. For your firewall to be effective, it needs to be set up properly and updated regularly.

For a free trial of a firewall, check out download.McAfee.com or www.Symantec.com/downloads. McAfee and Symantec also offer anti-virus software.

Step 3 A filtering technology

A filter is use to scan inbound and outbound information. A filter can scan the text of an e-mail and block it if it contains certain words, set to accept e-mail from known users only and be used to test the header of an e-mail to see if it might be forged or disguised by a spammer to avoid detection. Some current filtering software encrypts passwords and information to keep it away from malicious Web sites and hackers.

Step 4 Choose your PIN number wisely

While you want to choose something you will remember, please do not choose something that a clever thief could figure out just by learning your birth date or your child’s name. It is advice that a combination of uppercase or lowercase letters, numbers, and symbols will offer more security.

The application of 3rd party certification programme in Malaysia

-WEBTRUST SERVICES-
Security With WebTrust, an enterprises can ensure that access to its electronic commerce system and data is restricted only to authorized individuals in conformity with its disclosed security policies.

The WebTrust Program's Security standards provide a comprehensive solution for e-businesses by independently verifying a web site's compliance with online security best practices.

Information that is provided to another party is susceptible to unauthorized access during transmission over the Internet and while it is stored on the other party's computer systems.

The WebTrust Security Principle sets out an overall objective for the security of data transmitted over the Internet and stored on an e-commerce system


MSC Trustgate.com Sdn Bhd was established in 1999 as a licensed Certification Authority (CA) operating out of the Multimedia Super Corridor in Malaysia under the Digital Signature Act 1997(DSA). MSC Trust gate was provide security solutions and trusted services to help companies build a secure network and application infrastructure for their electronic transactions and communications over the network.

Their commitment in delivering high quality services has brought us recognitions with the enterprises, government, and many leading e-commerce sites, and service providers' digital certification services, including digital certificates, cryptographic products, and software development both locally and internationally.

MSC Trust gate was state-of-the-art data center located in Cyberjaya is one of the most advanced in ASEAN and conforms to IT security standard, Orange Book Tier 4. All of the consultants undergo a stringent certification process and continuous training programs and are well experienced in deploying large-scale projects. In present, MSC Trust gate has 12 million in paid up capital.


Among the projects they have implemented are:
@-E-banking Security Deployment and E-procurement Integration
@-User Authentication and Customer Clearance Approval System
@-Public Key Infrastructure (PKI) to assist all type of companies and institution conducting their business over the internet. The state of the art back-end infrastructure that costs RM14 million is probably one of the best in the region.


-Secure Transaction with Digital ID-

To ensure the confidential information remains private in transit, need to use Digital ID to sign and encrypt the transactions.

Digital ID from MSC Trustgate.com is governed by the Digital Signature Act 1997. Without a legitimate Digital ID in your electronic transaction, your contract is not admissible in court in the case of dispute.

Product Keywords : security, transaction, digital id

-MyKad PKI (MyKey)-

Malaysian government has put in place a smart National Identity Card (“MyKad”) for every citizen. MyKad with PKI capability allows its holder to conduct online transaction with government agencies and private sectors.

MyKey, is the MyKad PKI solution that works with your physically MyKad, allowing you to authenticate yourself online and to digitally sign documents or transactions and is accepted by the Malaysian government.

MSC Trust gate are the prime PKI developer and integrator for Mikado and offer various MyKad PKI modules for developer who wishes to develop MyKad applications.

MyKey modules
- MyKey Application Programming Interface (API)
- Signing module
- Verification module
- MyKad Client Kit

Product Keywords : national, identity, card

-SSL Virtual Private Network (SSL VPN)-

SSL (pronounced as separate letters) Short for Secure Sockets Layer, a protocol originally developed by Netscape in 1996 as a way of ensuring the security of e-commerce transactions, which was for transmitting private documents securely via the Internet(World Wide Web) is Secure HTTP (S-HTTP).

Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.


Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers .By convention, URLs that require an SSL connection start with https:

instead of http: SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard.SSL has become a low-cost alternative to IPSec-based virtual private networks.

-Global Server ID (128-bit) -

Global Server ID adopts today's strongest encryption commercially available for secure communications. Powered by 128-bit SSL encryption technology, the GSID authenticates your web sites and enables secure communications and transactions between the site and its visitors.

Every purchase of GSID comes with a VeriSign Secured Seal that you can display on your web site. The seal is an instant proof that your web site is genuine because you have been verified by the Certification Authority, and your customers can conduct business with you free of worry.


Product Keywords : global, server, id