Over the past 10 years the Internet has grown with an exponential expansion of information that is available with the click of a mouse. eCommerce continues to boom with unprecedented growth continuing for years to come. It has opened up The World to anyone with access. You can communicate with anyone, anywhere, anytime!!!

That being said, it has also opened up exposure to those whose intentions are not in your best interest. The saying, "It's a jungle out there" is definitely an understatement. There was a time that we knew what the safe neighborhoods were that we could physically go to, but cyberspace is not like that. Anywhere, anytime, anyplace you can be subjected to email scams using the latest social engineering scheme, advertisements in reliable well-known sites such as Major League Baseball, Accuweather, Scifi (see our recent incident report), etc have been known to contain Mal-Ads that download malware onto your PC, SQL injections, any of which can contain malware that takes advantage of software vulnerabilities and then puts a Bot onto your PC which can then either steal your info and/or take over your PC and turn it into a Zombie (turns your PC into a email server sending email scams) and don't forget about Root Kits (to name just a scanty few)!!

Internet Security professionals are constantly assessing the areas that are the most risky in order to know how to most affectively address this problem. Do you know what they found to be the most risky element in the war on PC security? Are you ready for this? No matter if you have the latest Antivirus, Firewall, Spyware, tools, IT IS YOU!!!!

YOU ARE THE WEAKEST LINK!!!!

Why? It is a combination of users having no education on proper Internet/pc security protocols and if they do, social engineering techniques continue to evolve — not to mention social networking sites like Facebook and MySpace where people innocently expose their personal info with the idea of getting cyberspace friends — with Phishing being one of the fastest growing methods in 2008!

An online article published on 6/29/08 discusses 4 out of 5 Business PCs are not secure!!! View this report Study: Business PCs not fully secured What about your PC? Are you sure you're secure?!?

Here's what the professionals have been
saying about PC users recently...

• "Families use complex technology in the home, but due to their technical naivety are often unaware of the requirements to maintain the security and privacy of these technologies. A major business problem is employees doing dumb things with not only their technology in the workplace, but reinforcing bad behavior by practicing it at home." – Jack Holleran
• "There is no fundamental difference between an enterprise user and a home user. Both groups are largely technically ignorant and thus responsible for the majority of security incidents we see...Security training begins with awareness...Security awareness and training is most effective when conducted as an advertising campaign, speaking to the non-technical user...It's about making the effects of poor security intensely personal. I fear we have to return to aggressive fear, uncertainty, and doubt if we are ever to get the masses to protect themselves." – Winn Schwartau
  (Source: SC Magazine, May 2008 from their Debate section titled, "Business and home users must utilize the latest technology to stay secure")
• "Unfortunately spammers are technically savvy individuals who have the means, backup and resources to stay ahead of the good guys. Over the past two years, spammers and spam filter developers have been equally matched, but seeing their inability to beat the technology all the time, spammers have targeted the weakest link in the chain: human nature. Humans are oftentimes gullible and inquisitive, and spammers are taking full advantage." – Get educated about spam by David Kelleher
• "People are often the most overlooked element in any security strategy. This is unfortunate, because no matter how solid the technology and the processes, if the people are not engaged, data breaches happen." – Building a security culture by Gordon Rapkin
• "You need to teach users to have healthy skepticism...There was a case in April that had 2,000 executives opening an email which said: 'You have been sued in federal court'. They clicked on this link for documents and were instead taken to an external site and asked to download contacts. This download was malicious...to their computer and this gave thieves control of their machine...In the future, most of the emails trends that we'll see in social engineering will be more personal and more targeted...It will go after CEOs...or employees of particular places as opposed to the general attacks done now...They'll pretend to be family member claiming they need assistance...Additionally, companies such as Facebook and MySpace will have a greater role in these scam emails because victims are making public so much information." – Outwitting Scam Email by Eric Butternam  (Source: SC Magazine June 2008)

So, you think you are savvy in
the ways of Internet Security?

Here's what some of our students have said about that:

• "I used to consider myself the security conscious individual, but after only four of these classes I will be the first to admit I was wrong... we are not as concerned as we say we are or we would be doing something about it. So far this class is proving to be worth its weight in gold."
• "I've been working in the IT world for about ten years and wasn't sure if an introduction class would be necessary, but I'm glad I did."
• "I am a State Trooper. I have been working in the Computer Crime Unit for 7+ years. There are times when the Corporate/ IT folks come to me AFTER the fact and ask for suggestions for prevention. That's why I am here."

We have also seen recent references from several different sources stating that organized crime (not the Italian Mafia, but Worldwide) is getting more and more involved with this lucrative business if for no other reason than it's harder to trace than drug trafficking!

Software Vulnerabilities
The Second Most Risky Element

No matter how much you keep your various security software applications up-to-date, more and more software vulnerabilities continue to be discovered.

• High priority vulnerabilities have increased 28% from 2006 to 2007.
• 20% of the vulnerabilities discovered by the big manufacturers such as Microsoft, Apple and Oracle remained unpatched (50% of those don't have any fix at all!!)
• 90% of vulnerabilities can be accessed remotely (from anywhere in the world).
• 50% of all exploited vulnerabilities gain access.

Add to this that 410,000 NEW malwares (the code that used to exploit these vulnerabilities) were discovered in 2007, a 33% from the previous year and you have the makings of a very serious problem. (Source: IBM ISS X-Force 2007 Trend Statistics)

An Important Point To Note

There are volumes of this kind of information out there!!! We could go on and on and on to the point where your head will want to burst while at the same time making you somewhat frightened, and you should be. There is so much information coming out on a regular basis that it's sometimes difficult for us to keep up with it all! Access to your personal information has gotten to the point that the effort required can be done by anyone who truly wants to acquire it.

We've even had some of our student do "Field Tests" with either remote access, packet sniffing, or social engineering and they are always astounded as to just how easy it is to do!! (Student Assignments PDF File)

Can't I Just Have ID Theft Protection?

Recent news on the most famous of these companies, LifeLock, has not been pretty.

1. CEO, Richard Todd Davis broadcasted his SSN with confidence that his company would protect him. That did not happen because it was discovered that not only did someone get a payday loan for $500 but there are also more than 20 drivers licenses obtained using his personal information. Not only that but a simple background check using his SSN resulted in discovering that his entire profile had been compromised to the point where his birth date is inaccurate.
   http://www.wvgazette.com/News/200805172662
2. LifeLock in a rush to expose the person with the $500 payday loan "...went to his house with a camera crew and they yelled at him and browbeat him into signing a confession that they had already typed out". Once the police discovered this they had to drop the case because coercion is not admissible in court.
   http://blog.wired.com/27bstroke6/2007/07/police-say-life.html
3. Lifelock co-founder Robert J. Maynard, Jr, is a suspected ID thief and was in jail in 2003 for defaulting on a $16,000 Las Vegas casino loan.
   http://blog.wired.com/27bstroke6/2007/06/lifelock_founde.html
4. LifeLock Sued for Corporate Identity Theft — Namesafe has brought up charges against LifeLock alleging deceptive Internet advertising practices to steer legitimate Namesafe traffic to their site.
   http://blog.wired.com/27bstroke6/2008/06/lifelock-sued-f.html
5. LifeLock is also involved in several lawsuits, one of which is with the credit reporting agency, Experian. http://www.theunion.com/article/20080311/TODAYSFEATURE/649475587/-1/NEWS

It goes to show you that good advertising can fall short of the actual service rendered and rarely shows the real personality of the company. How can you trust a company to have your best interest in mind with news like this? Does this mean they're all bad? Not necessarily.

We are preparing a Special Report to be issued sometime in the near future that will compare these companies and why and when you should use them in addition to becoming personally informed.

INFORMATION YOU DIDN'T KNOW
YOU NEEDED TO KNOW

We are on a crusade to inform every user possible and keep them informed for one simple reason; KNOWLEDGE IS THE KEY TO POWER. It is your only weapon in the war that is being waged on the theft of your personal information. MICE Training & Education™ seriously advocates taking control of your personal information by being personally accountable to it and acquiring this vital information is the only way to do that.

You can do that by buying books, subscribing to industry magazines, searching online, or taking courses. Things are changing at too fast of a rate to trust that a book is up-to-date. Searching online can take hours of your time with no guarantee that you will be fully informed. Reading industry magazines will work but also takes time and can take too long to become fully informed. From what we've seen taking courses is the most prudent method, but being ensured that you are not taking a course that is only a disguised White Paper or that the courses are continually updated ensuring you are always currently informed is not always easy to ascertain. The course material for each of these classes is around 100 pages so you're guaranteed these are not White Papers disguised as courses, these are the Real Deal!

Debbie's courses are currently being taught through an online education institution and are ranked in the Top 100 of the hundreds of courses this online institution offers. They are available in many colleges throughout the world. Once completed you will be fully versed in what it takes to combat this problem. Her passion for this subject is only superseded by her ability to teach it. She receives constant praise not only for her knowledge but also her ability to teach this sometimes-technical subject. (Read the Reviews!)

Sometime in the next couple of weeks we will be celebrating not only the 10th Anniversary of MICE but also the launch of the eLearning Portal with a very special offer that will allow you to acquire this information at a very low cost. Once this offer expires it will never be offered again. STAY TUNED!!!