Friday, July 26, 2013

What it feels like to be a victim of Online crime

I normally like to view the internet as a fairly benign and safe place, but I have been a victim of cyber crime  three times in recent years. I don't think this will have a major impact upon my habits, but I suppose it is natural that it will make me a bit more cautious online.

Here are the details of the incidents:

I normally only use eBay to buy items, but a few years ago I was getting rid of some old gadgets and decided to see if I could sell them via eBay. Shortly after I placed the items for sale I got two emails enquiring about details of the laptop that I had for sale. This puzzled me since I wasn't selling any laptop. Shortly after this I got an email from eBay customer support saying that they were suspending my rights to sell on eBay due to suspicious activity on my account.

I still am not sure exactly what happened, but I think that someone was advertising laptops for sale on eBay such that the payments would go to the criminals and the irate customers would contact me when the laptops never arrived. I changed the password on my eBay account, and while I have never suffered any more fraud on eBay this is mainly because my bad first experience dissuaded me from ever selling anything on eBay again. In any case, if I did try to sell something, I am sure my seller reputation rating would be very low

Around the same time also suffered when somebody gained access to my Skype account. At the time I had set up a facility whereby my Skype credit would automatically get topped up whenever the balance fell too low. I would normally only need to top up my account every few months and so I was surprised to be notified that it was topped up twice in two days.

I investigated this and found that someone was making lots of calls from my account to phone numbers in the UK and Nigeria. Since none of these calls were to numbers I recognise or know, I assume they were fraudulent. I was keen to stop this and so I immediately changed the password on my account (it was already an obscure and hard to guess password)  and cancelled the instruction to automatically top-up so that my exposure would be limited to the current balance. This stopped the flow of calls being charged to my account.

I tried to make contact with Skype customer support to inform them what happened and have them investigate further. However, they showed no interest in making any enquiries. I am surprised at this because I would assume that the people involved ate still defrauding Skype customers. The amount of money I lost was not very significant, but I must admit that my opinion of Skype and their security controls was damaged by the way they reacted (or failed to react) to this incident.

Earlier this month some malicious individuals gained access to my Twitter account. I am not sure exactly who gained access, but it seems that they used the access to send some strange Direct Messages with links to malware to my Twitter followers.

The first I knew about this was while I was out in a pub with a friend and I started getting messages from friends querying why I was sanding such strange Twitter messages. I decided to postpone investigating until I returned home, but when I got home I already had an email from Twitter customer support  saying that they noticed suspicious activity on my account and had disabled it. The email had a helpful link to instructions on how I could change my password and re-enable my account.

Overall the impact on me was relatively minor and I must say I was impressed with the speed and efficiency with which Twitter dealt with the issue.

I took a few lessons from these incidents:
  • Malicious people will try to gain access to your online accounts even when there is no direct potential to steal money with this access (e.g. Twitter).
  • Different online companies have a very different level of reaction to abuse of accounts on their system.
  • When you are a victim of fraud, you can end up being seen by companies as of dubious honesty. This is just a sad fact of life.
  • It is always important to stop malicious people gaining access to your account, but it is more important if their is a potential for this access to cost you money.

Wednesday, July 10, 2013

Cycling around the Ring of Kerry

Last weekend I took part in the 30th annual Ring of Kerry Cycle. The distance of 180km was the longest cycle I have done, but it did not feel very tough because of the lovely weather, the beautiful scenery and the fact that I was cycling in the company of over 8,500 cyclists of varying levels of fitness.

The most famous participant was the Taoiseach Enda Kenny who gave an excellent example to all Irish people that it is possible to find time for exercise. I bought the commemorative jersey which is quite attractive and even includes a map of the route in case you forget.

The terrain was relatively flat apart from one significant climb over Molls Gap near the end of the route. I took it quite easy (average speed just over 22km/hour) and as a result I didn't have any aches or pains the day after.

Someone told me that whenever someone completes the ride it is inevitable that they come back every year afterwards to repeat it. I think they are probably right.