Credit Card Debts: Causes & Prevention

Credit card is a type of payments system that a small plastic card issued to users of the system. Most credit cards are issued by local banks or credit unions. It is a card entitling its holder to buy goods and services based on the holders promise to pay for these goods and services.

Credit cards debt results when a client of a credit card company purchases an item or service through the card system. Debt accumulates and increases via interest and penalties when the consumer does not pay the company for the money he or she has spent. The late payment penalty itself increases the amount of debt the consumer has.

There are some causes that bring out the credit card debts,

1. Reduced income/same expenses.
Too often we delay bringing expenses in line with a reduction in income and are not cut down in line with the reduction in income. This obviously leads to a rise in debt. The sooner you adjust to your new reality, whether it be temporary or permanent, the better off you'll be.

2. Saving little or not at all
You should save for at least 4-6 months of living expenses in case an unfortunate tragedy happens. You will often hear the phrase "Pay Yourself First." Having enough savings for a rainy day is always a worthwhile investment. Do it and you shall be better off!

3. Gambling.
Either way there is a guaranteed exchange of money from you to "the house." It can be addictive, hard to stop and loans are freely available. Gambling establishments may be the only place you can mortgage your house while intoxicated and have it be legal. Do not spend tomorrow's saved money today just because you expect a promotion in your job.

4. Poor Money Management
Poor money management is one of the best reasons why so many families accumulate lots of debt. A monthly spending plan is essential. But not having a monthly spending plan and not keeping track of your monthly bills makes you unaware of where your money is going. You will be surprised at how powerful you'll feel when you are making thoughtful decisions about where and when to spend your money.

5. Underemployment
If you are underemployed meaning you are not getting enough working hours at your job, you should also cut down on your lifestyle to match your current income. People who experience under employment may continue to think of it as only temporary or if they are coming off unemployment feel a false sense of relief. Those people should get those expenses in line with their current income.

6. Big medical expenses
Almost all doctors accept credit cards in the USA. While you need treatment now, you do not have the cash. So what do you do? You use your credit card because you do not have enough savings in the bank. The medical industry wants to get paid at the time service is rendered. They know that if they don’t the chances of their getting paid drops. This means more debt for you, less for them. To be fair, they are not in the lending business, but this only masks a bigger problem

7. Divorce
Fees for the divorce attorney, division of assets between you and your spouse, proceeds given to children, etc are an easy way to rack up a huge debt. Filing for a divorce may force you to quit working for sometime which leads to reduction in income.

8. No money communication skills.
It is important to communicate with your spouse or significant other and your children about finances. Keep the lines of communication open and discuss financial goals and spending styles. Many people find out that their spouses have racked up thousands of dollars in credit card debt and they had no idea that the accounts even existed.

9. Banking on a windfall

Spending tomorrow's money today is very tempting. Especially if you believe that tomorrow will come no matter what. A planned job bonus may not be a sure thing. The lesson is don't spend the money until the check clears.

10. Financial illiteracy

Many people don't understand how money works and grows, how to save and invest for a rainy day, or even why they should balance their checkbook. You are responsible for your life and your money. Financial mistakes are increasingly expensive and complicated to resolve. Get educated and get in control.

To prevent the debts of credit cards, try to keep your cards at a manageable level. There are some preventions:

1. Photocopy the credit card offer, including the interest rate and terms. Create a letter to your credit card company/companies stating that you are thinking of switching to their competition because they are offering a far more reasonable interest rate. Credit card companies do not want to lose your business and they will match or even offer a lower rate than the competition has offered.

2. If you can afford it, pay doubles the minimum payment. The minimum payment usually pays just enough to cover the interest and a little more that pays down the balance. Paying extra will pay your balance more quickly.

3. Pay off smaller balances first. It is common for a person to try to focus on their cards with larger balances first. Pay off the smaller ones. It will take less time and you will feel a sense of satisfaction when you have actually completed your goal.

4. Cut up your cards so that you are not tempted to use them. Save one card for emergencies.

5. If you have equity in your home, look into paying off credit card debt with a refinance or fixed-rate home equity loan. Do not use a home equity line of credit, the rates will rise as the prime rises and suddenly you may find it impossible to keep up with your bills.


By:
Lim Hooi Ting 0701396

Looming Internet Security in 2008

Web-based services, including social networks MySpace and Facebook, are becoming prime targets for hackers seeking your personal information.

As Internet users display more of their personal information on social networking Web sites, and office workers upload more sensitive data to online software programs, computer hackers are employing increasingly sophisticated methods to pry that information loose. In many cases, they're devising small attacks that can fly under the radar of traditional security software, while exploiting the trust users place in popular business and consumer Web sites.

In September, the names and contact information for tens of thousands of customers of Automatic Data Processing (ADP) and SunTrust Banks (STI) were stolen from Salesforce.com (CRM), which provides online customer management software for those two companies. The incident occurred after a hacker tricked a Salesforce employee into disclosing a password.

A security researcher reported Nov. 8 that hackers had hijacked pages on News Corp.'s (NWS) social networking site MySpace, including the home page of singer Alicia Keys. Clicking nearly anywhere on the page would lead viewers to a Web site in China that tries to trick them into downloading software that can take over their PCs.

Exploiting Trust

These kinds of targeted attacks on Web-based services may constitute the top company security check (BusinessWeek.com, 11/12/07), according to security experts. "One of the biggest challenges of 2008 will be, how do you do business online when you know there's a bad guy in the middle?" says Chris Rouland, chief technology officer in IBM's (IBM) Internet security systems division. "The personal computer isn't the target of 2008; it's the browser," he says.

Although a rash of e-mail-borne virus outbreaks in recent years have made most PC users wary of opening attachments or clicking on links in suspicious messages, it may be harder to prevent attacks that exploit the Web-based lists of friends and business contacts that users store in widely used services and social networks.

By targeting a relatively small number of users at a time can elude efforts to detect the hackers. Hackers also are employing more professional approaches to maximize damage without being caught. These include division of labor by hacking expertise and wider use of black-market sites to hire programmers and purchase professional malware-writing tools.

Hackers Shift Attacks

Factor in the growing variety of places where people are connecting to the Internet—from work, from home, from Wi-Fi hot spots—and the growing array of devices they're using to do so, and the coming year could present a potent brew of problems.

Although traditional PC software such as Microsoft's (MSFT) Windows operating system and Office programs still present the broadest target because of their hundreds of millions of users, hackers are increasingly attacking online services. Worse, traditional virus attacks that crash PCs or issue floods of commands to overwhelm Web sites are being augmented with malicious software that can swipe personal information, such as bank and credit-card numbers.

Cellular and Corporate Caution

For consumers, it's not just their profiles on social networks that can be mined for personal information. Sophisticated smartphones that run full-fledged operating systems and e-mail applications, and hence store more valuable data, could present tempting targets. Security researchers have found numerous ways to break into prominent mobile-phone platforms from Symbian and Microsoft, and quickly demonstrated ways to hack (BusinessWeek.com, 7/23/07) into Apple's new iPhone.

Cyberthieves are also attacking corporate databases in search of undisclosed financial data or proprietary design and engineering information that can be sold.

Viruses: More Sophisticated Bait

Hackers are also unleashing viruses that can recruit armies of consumer PCs into larger networks of remote-controlled machines. These "botnets" can distribute spam, attack database software, or keep a record of users' keystrokes. One of the worst, Storm Worm, has infected tens of millions of PCs this year.



By:
Lim Hooi Ting 0701396

The application of 3rd party certification programme in Malaysia

A certificate authorities (CAs), is a third parties who issue digital certificate to provide verification that your website does indeed represent your company.


Currently, MSC Trustgate.com Sdn Bhd, which is a licensed Certification Authority (CA) operating within the Multimedia Super Corridor is the most popular 3rd party certification program in Malaysia. MSC Trustgate was incorporated in 1999 to meet the growing need for secure open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region.

Trustgate is licensed under the Digital Signature Act 1997 (DSA), a Malaysia law that sets a global precedent for the mandate of a CA. As a CA, Trustgate’s core business is to provide digital certification services, including digital certificates, cryptographic products, and software development.

There are few main services provided by MSC:

1. SSL Certificate for Internet, Intranet and Server Security Secure Site SSL Certificates protect the transfer of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption. It includes VeriSign Secured Seal.

2. Managed PKI
Managed Public Key Infrastructure (MPKI) service is a fully integrated enterprise platform designed to secure intranet, extranet, and Internet applications by combining maximum flexibility, performance, and scalability with high availability and security.

3. Personal ID
Digital ID is an electronic credentials that uses private key and public key to facilitate the following operations:
-Authentication: you are who you claim you are
-Privacy: your confidential data remains private
-Authorization: control user access rights to important data
-Integrity: be sure data is not altered behind your back
-Non-repudiation: have the evidence in the event of a dispute

Digital ID from MSC Trustgate.com is governed by the Digital Signature Act 1997. Without a legitimate Digital ID in your electronic transaction, your contract is not admissible in court in the case of dispute

4. MyTRUST for Mobile Signature
With MyTRUST, a SIM card can be turned into a Mobile Digital Identity for secure mobile banking and other financial services. Mobile digital signature provides non-repudiation on transactions under the Digital Signature Act, 1997. It runs on Wireless PKI platform and Mobile Operator infrastructure. PKI-enabled SIM cards are preloaded with MyTrust application and a digital certificate from a licensed Certification Authority. Users are able to digitally sign any transaction with ease and convenience via their mobile phone

5. MyKad PKI (MyKey)
Malaysian government has put in place a smart National Identity Card (“MyKad”) for every citizen. MyKad with PKI capability allows its holder to conduct online transaction with government agencies and private sectors. MyKey, is the MyKad PKI solution that works with your physically MyKad, allowing you to authenticate yourself online and to digitally sign documents or transactions and is accepted by the Malaysian government.

6. SSL VPN for Remote Access Services
MSC Trustgate offers simple and cost effective remote access solutions for mobile workers, branch offices, partners and others you want to give access to your network resources, without affecting the security of your enterprise.

And many more services.


By:
Wong Zheng Hwa 0701815

How to safeguard our personal and financial data?

Security Tips

Given the assortment of nasty behavior befouling the Internet, what's a PC user to do? BusinessWeek.com consulted the experts, who offered the following advice:

• Don't give away any valuable or sensitive personal information on your MySpace or Facebook profile, or within messages to other members of the network. And don't click on any links in social network messages from people you don't know.

• Have the habit to log out before you close your browser which contains your personal information.

• No reputable company will ask for your password, account number, or other log-in information via e-mail or instant message.

• Use one of the many antivirus, antispyware, and firewall programs on the market. Often, vendors offer all three functions in a single package. And many Internet service providers offer them free with your monthly subscription.

• Upgrade your browser to the most current version. From Microsoft, that's Internet Explorer 7. Mozilla Firefox is on version 2, as is Apple's Safari browser.

• Pay attention to the messages from Windows that pop up on your screen, especially in the new Vista operating system. They often contain helpful security information that many users overlook.

• Turn on Windows' automatic-update function to get Microsoft's regular security patches

By:

Chua Sin Yee 0701651

Phishing

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing, probably influenced by phreaking, and alludes to baits used to "catch" financial information and passwords.

Common Phishing techniques:
1.Link manipulation
2.Filter evasion
3.Website forgery
4.Phone phishing



Phishing examples

In an example PayPal phish, spelling mistakes in the e-mail and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. A legitimate Paypal communication will always greet the user with his or her real name, not just with a generic greeting like, "Dear Accountholder." Other signs that the message is a fraud are misspellings of simple words, bad grammar and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests. Note that many phishing emails will include, as a real email from PayPal would, large warnings about never giving out your password in case of a phishing attack. Warning users of the possibility of phishing attacks, as well as providing links to sites explaining how to avoid or spot such attacks, are part of what makes the phishing email so deceptive. In this example, the phishing email warns the user that emails from PayPal will never ask for sensitive information. True to its word, it instead invites the user to follow a link to "Verify" their account; this will take them to a further phishing website, engineered to look like PayPal's website, and will there ask for their sensitive information.

Another example,

An example of a phishing e-mail, disguised as an official e-mail from a (fictional) bank. The sender is attempting to trick the recipient into revealing secure information by "confirming" it at the phisher's website. Note the misspelling of the words receiveddiscrepancy. Such mistakes are common in most phishing emails and . Remember not to use any of the links that your phishing email has provided.







Prevention Methods

There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing.

One strategy for combating phishing is to train people to recognize phishing attempts, and to deal with them. Education can be effective, especially where training provides direct feedback.One newer phishing tactic, which uses phishing e-mails targeted at a specific company, known as spear phishing, has been harnessed to train individuals at various locations.

People can take steps to avoid phishing attempts by slightly modifying their browsing habits. When contacted about an account needing to be "verified" (or any other topic used by phishers), it is a sensible precaution to contact the company from which the e-mail apparently originates to check that the e-mail is legitimate. Alternatively, the address that the individual knows is the company's genuine website can be typed into the address bar of the browser, rather than trusting any hyperlinks in the suspected phishing message.

The Anti-Phishing Working Group, an industry and law enforcement association, has suggested that conventional phishing techniques could become obsolete in the future as people are increasingly aware of the social engineering techniques used by phishers.They predict that pharming and other uses of malware will become more common tools for stealing information.

By:
Teng Yann Guan 0701652