Can you imagine your life without the use of the internet or a cellphone? Probably not! Emails and other electronic devices have become such critical vehicles for communicating and doing business, that it is hard to imagine how we ever lived without them. Unfortunately, as great as the Internet and other electronic devices may be, they have also become vehicles for scams, viruses and more recently in the workplace, a tool used by employees to engage in character assassination of each other via social networks, online harassment and cyberstalking.
Last week I sat in horror and listened as one of my international clients relayed a story that was so mind blowing, I felt like I was watching a cloak-and-dagger espionage movie! Obviously the story is too long to relay in this forum, but here is the abridged version. My client was a victim of email spoofing! Exactly! I didn't know what is was either but apparently email spoofing "is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source." In other words someone could send an email pretending to be you, and the receiver would have no reason to believe that it was not you, because the sender would be using your email address! Yep it could happen! Needless to say my client was in the hot seat and almost lost her job when she was confronted by the president of the company for supposedly sending mass emails to the entire staff highlighting the fact that he (the president) was "clueless, incompetent, lacked vision and was running the company into the ground." Luckily for my client, someone in the information technology department decided to run a trace on the Internet Protocol (IP) address of the email and was able to track it to its real sender - a disgruntled employee who was recently demoted - go figure!
Having been a victim of online harassment and cyberstalking myself recently, (and for those of you who may not know what cyberstalking is, ladies and gentlemen "cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organization. It may include false accusations, monitoring, making threats, identity theft, damage to data or equipment, the solicitation of minors for sex, or gathering information in order to harass. The definition of 'harassment' must meet the criterion that a reasonable person, in possession of the same information, would regard it as sufficient to cause another reasonable person distress." Wikipedia) I knew exactly what my client was going through.
So this week I interviewed Royal Bahamas Police Force Cyber Crimes guru, Sergeant Dale Strachan, to shed some light on this growing problem. Here is what he had to say:
Question: Have you seen a rise in cyber crimes in The Bahamas, for example on Facebook, Twitter and other social networks?
Answer: Yes. We have seen a rise in cyber crime in the following areas:
i. Threats of harm or death;
ii. Emailing of slanderous images or comments;
iii. Email hacking;
iv. A crime called phishing (where a website is created to look like the original, but it is actually a fraud). This fake site is use to gather personal information from unsuspecting persons to defraud them of money. Complaints are mainly from foreign victims reporting that a financial institution in The Bahamas posted the site.
Question: Why do you believe we are experiencing such a spike in cyber crimes? What seem to be the motive(s) of the perpetrators?
Answer: The fact that the perpetrator thinks his/her identity will remain anonymous seems to be the driving force. Ultimately the perpetrator's intent is to embarrass the victim or put him or her in fear.
Question: Is sending malicious or defamatory emails a crime in The Bahamas? Define malicious, define defamatory.
Answer: Yes both are crimes. Malicious is defined as nasty, hateful, mean, wicked, cruel emails continually being sent to the annoyance of the receiver. Also referred to as annoying email, malicious emails are similar to a common offence known as annoying telephone calls. We can add that emails threatening or implying harm or death are also an offence and amount to threats of harm or threats of death. Defamatory is defined as slanderous, derogatory emails that are distributed to others and used as a vehicle to attack a person's character.
Question: What recourse does the receiver of malicious or defamatory emails have? Can they seek police help?
Answer: Depending on the offence committed, victims have the following recourse:
o Police action can be taken;
o You can have the person bond over to keep the peace;
o You can take civil action in a court or file a lawsuit;
o You can report the email address of the sender to the hosting company as abuse and it will be removed.
Question: How can you track the sender of a malicious email?
Answer: The sender is tracked by the header information (contained in the original email.)
Question: What suggestions can you give persons to safeguard their email accounts?
Answer: Many persons in The Bahamas reported that their email accounts were hacked. Our investigation proved that the following methods were used to obtain their personal information:
o Individuals received a "pop up" asking them to reset their password information. The "pop up" claimed that if the password was not reset that the individual would loose his/her account. Once the password is reset hackers have full access to your account.
o Individuals received a "pop up" asking for personal information, specifically the question that was used when you created your account. Once you answer these questions you give hackers access to your account
o Using a public computer: When you "log off" of a public computer, persons can come after you, run password recovery software and extract your information.
o Using computers at a friend's house or the work place, to access you email account: Again the password can be extracted using recovery software. In the workplace many companies have software installed on computers that monitor employee action online. This software also captures password information.
o Your wireless network: When you put a password on a website wirelessly, anyone with access to your network also has access to all of the computers on that network and they can "sniff" traffic to capture your password.
o Be aware of putting other people's jump drives in your computer. These jump drives may contain programs that auto run with one purpose - to extract all password information that might reside on you computer.
o Do not accept the browser's suggestion to save a password.
o Set the cache on your browser to delete on exit.
Stacia Williams offers keynotes, workshops and personal coaching on a wide range of: Personal Branding, Image Management, Customer Service, Leadership, Business Etiquette & International Protocol Topics. You can contact Stacia Williams at 325-5992 or email Stacia@totalimagemanagement.com or visit staciawilliamsblog.com.
Click here to read more at The Nassau Guardian
