Monday, July 7, 2008

Corporate Blogging: A New Marketing Commnication Tool for Companies


Blogging has caused quite a buzz. From political activists to aspiring novelists, industry pros and avid hobbyists, everyone seems to be starting a blog. Corporate blogs are giving established companies and obscure brands alike the ability to connect with their audiences on a more personal level, build trust, collect valuable feedback and foster strengthened business relationships. More importantly, these companies are enjoying tangible returns in their blogging investment in the form of increased sales, partnerships, business opportunities, press coverage and lead generation.




Companies that employ a well thought out blogging strategy encourage the strongest community goodwill, and that goodwill, in turn, promotes significant marketing and sales gains. It is said that success breeds success.Thus, successful blogging breeds success in other marketing and sales initiatives.

Example for the successful company is Microsoft. The company is in the middle of the bridge at the moment. Once crossed, as Macromedia's example demonstrates, customers become blogging brand champions, better products are developed, even more links and higher search engine rankings are achieved. While crossing the corporate blogging cultural divide makes sense for some companies, especially product companies; we believe the idea may not make sense for every company.



Sales blogs - external

Purpose: To market or sell products/services, make citizens aware of public services, get donations for charities or political parties etc.
Blogger: The organization itself, or more specifically individuals within it writing on behalf of the organization.
Target groups: (Potential) clients/customers and citizens, that is persons and/or other organizations that are directly involved with the publishing organization, or those it wants to reach with the purpose above.

Relationship blogs - external

Purpose: To create, uphold or strengthen relationships.
Blogger: The organization itself, or more specifically individuals within it writing on behalf of the organization.
Target groups: Often smaller and more specified than with sales blogs. Examples are support blogs aimed at customers of a certain product, finance blogs for IR purposes, PR blogs for media, blogs trying to reach students, future employees, politicians/officials etc.

Branding blogs - external

Purpose: To strenghten the brand, the profile, of the publishing organization or individuals within it.
Blogger: Not necessarily the organization itself. Individual employees' or executives' blogging ("insider blogs"), if supported by the organization, can be viewed as a branding blog. The same goes for adverblogs and blogs that are not apparantly connected to the organization.
Target groups: See Relationship and Sales blogs.


Knowledge blogs - internal

Purpose: To give employees information and insights relating to their work assignments; news, business intelligence, reports about ongoing projects etc.
Blogger: The organization itself through one or more designated bloggers, or potentially all employees through a entirely open blog publishing model.
Target groups: All employees with a certain interest.

Collaboration blogs - internal

Purpose: To provide a working team with a tool for research, collaboration and discussion.
Blogger: The team.
Target group: The team.(There's only a fine line - if any - between this blog category and business wiki's. You could also see for example Relationship Blogs change into more wiki-like publications.)

Culture blogs - internal

Purpose: To strengthen organizational culture. Typically through informal content of social or non-work related character.
Blogger: The organization itself through one or more designated bloggers, or potentially all employees through a entirely open blog publishing model.
Target groups: All employees as employees, and not as professionals (developers, managers, assistants and so on).

References:
http://en.wikipedia.org/wiki/Corporate_blog
http://www.backbonemedia.com/blogsurvey/8-corporate-blogging-cult-divide.htm
http://www.backbonemedia.com/blogsurvey/
Prepared By Agu.

All right reservced by EnT02 Group Rui,Ean and Agu™

Review Post on Legal from Ecommerze.blogspot.com

Another spammer gets jailed

Another SMS scam



After reviewing all of these spamming and sms scam cases, i have some thought about all of these cases.


Firstly, about the email spamming, although Window Live Mail and Google Mail are work hard on their filtering of spam mail and junk mail, but some of these spamming are still able to reach us. I will normally receive about 10 spam mail daily, both from Window Live Mail and Google Mail. The content inside are mostly the same, such like Free Download Software, Donation, or some rubbish information such as Friendster are closing soon, Window Live Messenger account are finishing etc.All of these spamming are actually annoying and cannot be fully prevent, and these causes us a big problem by cleaning up a dustbin that will be filled up daily. According to my mates, all of them are receiving those spammer's present and its seems like unstoppable. We can do nothing on it but just don't open and view it to avoid any issue such as virus or trojan.


Friendster account and Window Live Messenger are also a hot issue that being hacked by spammer and hacker. We are hardly to image that how are them are able to reach us, but it does happen. This hacking or hijacking are infriging our privacy, especially Friendster, which might content our private information. Window Live Messenger are now become the channel for spammer to build up their zombie networks. They try to send out their trojan to those user which are cheated by them and become their media to continuously infect their contact list.




Ok, here comes the SMS scam. We heard many about the phone call from mystery numbers and telling you that you win a huge sum of money from lottery or lucky draw from oversea company. And i think i need not further explain the rest and you will know what i am talking about. Besides phone calling, SMS scam might be another big problem for all of us. Mobile phone, is another device that are hugely used by our people, compare with Internet. Now not only Internet, even our Mobile Phone are also facing such sms scam. For example, My friend and I are experienced from a call which sound like doing survey, but the speaker are spoke with China slang. We guess that we are picked by random generated number from software and we just ignore it. Moreover, we also receiving some sms claiming that petronas are closing or Astro are giving cash bonus, and suggest us to giving our personal information such as IC number or Bank Account Number.These scamming are not only annoying, but might be useful to cheat those people which are lower securing sense.

So, we are better keep our mind clean and beware of any of those scamming or little trick that might cause us big losses. By living in this high technology world, we are not only enjoying the convenience it brings, but also the problem that we people incurred.

Referemce:
http://images.google.com.my/

Prepared by Ruiz

All right reservced by EnT02 Group Rui,Ean and Agu™

Sunday, July 6, 2008

Thing To Take Note To Prevent E-Auction Fraud When A Consumer Participating In An E-auction









E-auction is a market mechanism by which buyers make bids and selleres place offers; its charecterized by the competitive and dynamic nature by which the final price is reached. Auctions, an established method of commerce for generations, deals with products and services for which conventional marketing channels are ineffective or inefficient.The online auction business model is one in which participants bid for products and services over the Internet. The functionality of buying and selling in an auction format is made possible through auction software which regulates the various processes involved.



Protecting Against E-Auction Fraud
The largest Internet auctioneer, eBay, has introduced several measures in an effort to reduce fraud.The following are some of eBay's antifraud meausures :


1. User identity verification.
-eBay uses the services of Equifax to verufy user for a $5 fee. Verified eBay User, a voluntary programme, ecourages users to supply eBay with information for online verification. By offering theirSocial Security number, driver's license number, and date of birth, users can qualify for the highest level of verification on eBay.

2. Authentication service.
-Product authentication is a way of determining whether an item is genuine and described appropriately. Authentication is very difficult to perform because it relies on the the expertise of the authenticators. Beacuase of their training and experince, experts can 9 for a fee0 often detect counterfeits based on subtle details. However, two expert authentications may have different opinions about the authenticity of the same item.

3.Gradind services.
-Grading is a way of determining the physical condition of an item, such as "poor quality " or "mint condition." The actual grading system depends on the type of item being graded. Different grading systems- For example, trading cards are graded from A1 to F1, whereas coins are graded from poor to perfect uncirculated.

4. Feedback Forum.
- The eBay feedback Forum allows registered buyers and sellers to build up their online trading reputations. It providees users with the ability to comment on their experinces with other individuals.

5. Nonpayment punishment.
- eBay implemented a policy against those who do not honor their winning bids. To help protect sellers, afirst -time nonpaymant results in friendly warning. A sterner warning is issued for a second-time offense, a 30-day suspension for a third offense, and indefinite suspension for a fourth offense.

References :
1.http://forums.ebay.com/db2/thread.jspa?threadID=1000107619&start=160
2.http://en.wikipedia.org/wiki/Online_auction


Prepared by Lew Pei Ean


All right reservced by EnT02 Group Rui,Ean and Agu™

Review of Lelong.com.my



The topic of this week is to review one of the local e-commerce website. I have choose Lelong.com.my as my idea to be sharing with all of you.

Lelong.com.my is founded by History Interbase Resources Sdn. Bhd in the end of 1998. Lelong.com.my is the pioneer of e-auction in Malaysia, and until now, Lelong.com.my still doing good to work out their principle, which is a mission statement of "Serving the community and bringing a high standard of quality into homes and businesses by providing an avenue for on-line trading at a low cost".


Ok ,I am talking too much, but what really Lelong.com.my is ? A means of identifying Lelong.com.my is to use an international comparison that everyone is familiar with. Styled and functioning similar to the international auction site, eBay.com, Lelong.com.my powers a robust and secure avenue for trading in Malaysia. Starting based on Consumer-to-Consumer (C2C) transactions, Lelong.com.my is now moving to becoming a channel for Business-to-Consumer (B2C) relationships. Many distributors have realised the power and ease of using the auction system and are now using Lelong.com.my to trade and grow their business.



So, as a local e-auction website, how can Lelong sustained for so long ? Firstly, Lelong.com.my are providing a double secure and verification system, which is much more secure and better than other e-auction website. Any user which are willing to post or trade item in Lelong.com.my are required to verify their member status and telephone numbers. In the verification of buyers, sellers or company, its required the user's MyKad and Bill heading to verify their status, which preventing them to fraud or phising. Besides, the telephone verification are needed to process the transaction and bidding. By using this 2 security and verification systems, both buyers and sellers are much more comfortable to trade at Lelong.com.my










So, How actually Lelong.com.my can be compete against eBay? As we known, eBay is a worldwide e-auction leader and have experienced work team with superior network from other countries, How do Lelong.com.my develop their competitive advantage over eBay.com.my ?

First of all, eBay were launched their services in Dec 2004, which compare to Lelong.com.my on 1998, Lelong.com.my has succesfully to build a user-friendly interface and reputation in Malaysia. As a local based e-auction website, the resident in Malaysia are keen to use Lelong.com.my rather than eBay. For example, i will visit Lelong.com.my more frequently than eBay because i have used to it. Habitually user will choose what they keen to use in past experience.

Secondly, Lelong.com.my have more choices than eBay.com.my. What i mean is due to more users are choosing Lelong.com.my as their channel to trade, they are more product available at Lelong.com.my and the market are bigger. Hence, user in Lelong.com.my have more choice and can find a more competitve price in Lelong.com.my rather than searching in eBay.


Reference:




Prepared by Ruiz

All right reservced by EnT02 Group Rui,Ean and Agu™

Thursday, June 26, 2008

The Application of Pre-paid Cash Card for Consumers

A prepaid cash card represents money on deposit with the issuer, and is similar to a debit card. One major difference between stored value cards and debit cards is that debit cards are usually issued in the name of individual account holders, while stored value cards are usually anonymous.

The term stored-value card does not necessarily mean the funds data is physically stored on the card. In many cases the data is maintained on computers affiliated with the card issuer. The value associated with the card can be accessed using a magnetic stripe embedded in the card, on which the card number is encoded; using radio-frequency identification (RFID); or by entering a code number, printed on the card, into a telephone or other numeric keypad


Besides, Prepaid cash card such as prepaid credit card can help you control your spending. It also a reload able debit card allows you to only spend up to the amount you have pre-deposited into the account. Hence, if you tend to overspend or would like to control you’re spending then a pre-paid cash card could more suitable for you rather than the traditional credit card with "attractive" credit limits. Moreover, a prepaid credit card can help the user to save the interest charge on the previous spending which is unsettled.By using the prepaid concept, you can now have greater control of your spending because the budget and limits are in your hand.With prepaid credit card, who else are gonna to queue for almost half hours at Sungei Wang Plaza to withdraw their cash to shopping ?




Touch N Go is another prepaid cash card which is broadly use in Malaysia. Touch N Go is an electronic purse that can be used at all highways in Malaysia, major public transports such as KTM( Keretapi Tanah Melayu), LRT and Monorail. Nowadays, Rapid KL are also accepting Touch N Go as one of their payment method.


Touch ‘n Go uses contactless smartcard technology. The card's size are similar to a credit card. User can continue using the card as long as it is pre-loaded with electronic cash. User can reload the card at toll plazas, train stations, Automated Teller Machines, Cash Deposit Machines, Petrol kiosks and at authorised third party outlets. Touch ‘n Go enhances the speed of paying for low value but high frequency transactions. Apart from the speed, it is also very convenient because user no longer need to prepare for small change or wait in queue at the cash lane to complete the transaction.

Reference

1.http://www.wisegeek.com/what-are-prepaid-credit-cards.htm

2.http://www.touchngo.com.my/WhatTNG.html


Prepared By Ruiz


All right reservced by EnT02 Group Rui,Ean and Agu™

Electronic Currency






Well, electonic currency is also known as e-money, electronic cash, electronic currency, digital money, digital cash or digital currency which is exchanged only electronically. The transactions involves use of computer networks, the internet and digital stored value systems. As for example are Electronic Funds Transfer (EFT) and direct deposit. As for security, the private currecny may use gold as extra security, such as digital gold currency.



Electronic currency is precious metal-backed internet currency. Individual open an account to deposits money with an online electronic currency company that then converts the amount into gold bullion. The account holder can transfer ownership of some or all of that gold into someone else's electronic currency account. Ownership can be repeatedly transferred. Electronic currency has been widely used by perpetrators of pyramid scams. Swindlers demand payment in e-currency because, unlike with checks or credits cards, the charges clear instantly and cannot be cancelled. Experts estimate that about half of e-currency transactions are related to scams or online games.


An electronic currency system may be fully backed by gold (like e-gold), non-gold backed, or both gold and non-gold backed. Two major types of electronic currency their backed base. One is backed by precious metal such as e-gold is backed by gold .Another type of electronic currency is backed by hard currency like Pay Pal. Both of them are all called electronic currency.

Untraceable digital cash is here. It will become easier to use and more established in the next several years. It is indistinguishable from speech, so any laws intended to control it will almost certainly impinge on speech in general. While scare tactics may work to drive average users away from using digital cash, those operating on the margins have the most to gain and lose and will likely not be dissuaded by such laws. Not only have criminals rarely been dissuaded by tax and banking laws, but here the chances of getting caught are nearly zero. Boom markets in information of all kinds can be expected.


References:
http://osaka.law.miami.edu/~froomkin/articles/tcmay.htm
http://en.wikipedia.org/wiki/Electronic_currency


Prepared by Agu

All right reservced by EnT02 Group Rui,Ean and Agu™

Credit Card Debts : Causes and Preventions

A credit card is a system of payment named after the small plastic card issued to users of the system which allows the owner to obtain goods and servives without the requirement to pay cash and on credit terms.Or a card (usually plastic) that assures a seller that the person using it has a satisfactory credit rating and that the issuer will see to it that the seller receives payment for the merchandise delivered. It is a card that may be used repeatedly to borrow money or buy products and services on credit. Its issued by banks, savings and loans , retail stores, and the other busimesses giving consumers the right to charge purchases and pay for them later.




Credit card debt is dumb. Most normal people are just plain broke because they are in debt up to their eyeballs with no hope of help. If you're in debt, then you're a slave because you do not have the freedom to use your money to help change your family tree. Debt ocurred when a client of a credit card company purchases an item or service through the card system. Debt accumulates and amount increases via the certain interest and the penalties will be given when the consumer does not pay the money to the company that he or she has spent. The company will charge late payment penalty to the consumer that are not paying the debt on time and also will report the late payment to credit rating agencies. Besides, credit card debts is an example of unsecure consumer debts accesses through the small plastic card.

The causes of credit card debts are stated as the following :

Firtly, the poor money management may caused the debts.The spending plan is very critaical for every month. If u do not have a well spending plan u may face the problem of spending money. You may have no idea where is your money spent.The good planning on spent money may lead you make a wonderful decision on how you spent your money.

Secondly is the underemployment.A close cousin to No. 1, people who experience under employment may continue to think of it as only temporary or if they are coming off unemployment feel a false sense of relief. Yes, you deserve a break, but this is not the time. Get those expenses in line with your current income. Down the road if you increase your income due to more hours, a second job, or a better job, then is the time to start adding in some of the previous spending before you became underemployed.

Lastly, is financial illiteracy. Many people do not understand how money works and grows, how to save and invest for a rainy day, or even why they should balance their checkbook. You have to know that you are responsible for your life and your money anyway. Financial mistakes are increasingly expensive and complicated to resolve or even can't solve it.You need to get educated and get in control to avoid the debts.

Now, im talking about how to prevent the debts.You have to pay off the entire outstanding balance each month to avoid the credit card debts. If you must carry a balance from time to time, pay off most of the balance each month. If you can only make the minimum payment each month, you are in over your head. The best methods is to stop using the credit card until you pay the entire balance off.

Besides, another good way to cut down the debts is not to charge the items like meals, groceries, or going to movies that would not exist on the statement. using cash nmoney to pay all those things, its might you to reduce the debts and save the credit for future or real necessities.



Futhermore, you have to make sure that the sufficient money to pay off the purchases after using the credit card. You have to bank in the money on time to cover the debts. You must have a budget before you make a purchase.If you do not have enough money to cover the purchase, and the item is not for an emergency, you do not used the credit card to charge it.





References :
1. http://en.wikipedia.org/wiki/Credit_card_debt
2.http://www.nolo.com/

Prepared by Lew Pei Ean
All right reservced by EnT02 Group Rui,Ean and Agu™

A Review on a Post on E-tailing from Our Lecturer's E-Commerce Blog







After reviewing these 3 topics which is prepared by our lecturer, i found that Dell.Inc, which is one of the big name in E-Commerce, are also strengthening their blick-and-mortar business model.


I was only recognized Dell after i graduated from secondary school. As i know, Dell.Inc is a electronic product such as desktop, laptops, monitor,pda manufacturer and seller. They build their business basis via Internet, which called E-Commerce. After these, I have further study about Information Technology knowledge which is applicable into real world business.Once again, I study much more about Dell. I studied that Dell is sustaining their competitive advantages by using low cost strategy, which they doing their main transaction via Internet, a Business-to-Consumer model. They are cost leadership in the industry compare with its competitors because they save a lot of cost on physical outlets, chain stall and more.

But now, Dell are also expanding their business in physical store. Is that meaning that Online Business are no longer profitable ? Or Dell's management feel that doing business via physical store will boost up their sales in these highly inflation period ?





In my opinion, Dell should construct their physical store without a doubt. Why do i say so ? Let us further discuss about this:

1. For those which is adopting computer technology, they might found that it was difficult to locate and understand Dell's transaction method or even their product. If there was a physical point of purchase, that will be ease for the consumer as they can feel the product and the services by the mechant.

2.There are several agent or company that are doing reseller of Dell's laptop.I am not very sure about whether they are authorized, but i feel that why don't Dell do it their own rather than setting up such more intermediaries to decrease their profit ?


3.Comparing with other competitor which were setting up their Physical store such as Sony Vaio, HP, or even Apple Mac, Dell are losing in the point of Impulse Purchase. When the consumer are making their decision of purchase, they will possibly go to the market and searching for more information to conclude their sales. In these step, they will usually looking for other alternative or another better choice for their final decision. Dell's laptop are seldom can be found or displayed in the store. Hence, the ordinary Dell's buyer might switch to its competitor due to the persuasive service or promotion by the store.


Prepared by Jennifer.

All right reserved by EnT02 Group Rui,Ean and Agu™



Tuesday, June 24, 2008

The Threat of Online Security: How Safe is Our Data?

There are two types of attacks by online such as nontechnical attack and technical attack. In this blog I will elaborates the threat of online security.

Nontechnical Attacks

Normally, nontechnical attack used in the persuasion to cheat people to expose secret or sensitive information or performing in illegal actions into the network. Well, one of the nontechnical attack is social engineering. Social engineering used in the social tricks to computer users into compromising computer networks. Another form of nontechnical attack that used broadly was phising by tricking the users to reveal their money credits. This technique usually can be found in e-mail messages that asking our certain personal informations. So, in order to avoid this incident happening, we can counter it by educating and training,policies and procedures, and penetration testing.


Tehnical Attacks

Examples of technical attack are denial of service (DOS) attack, distributed denial of service (DDoS) attack, virus, worm, macro virus or macro worm and Trojan horse and commonly used by the hackers using the software programing or expertise.

DOS is an attack that bombards system until it crashes or cannot respond. Attacker will uses specialized software to send flood of data packets to the target computer. It may cause a network to shut down,impossible the user to access and example are E-Bay, Amazon.com, CNN and Yahoo.

Virus is pieces of software code that require host program be run to activate it. Virus will inserts itself into host and propagate when it spreads. Virus will delete files or corrupt the hard drive.





Worm can spread itself without human intervention. It consumes the resources of its host in order to maintain itself, worm able to self-propagate and degrade network performance.


Marco virus or macro worm is a virus or worm that executes when the application object that contains macro is opened or a particular procedure is executed.

Trojan horse is a program that appears as useful function but contains hidden function that presents security risks. This program will allow other people to access and control a person’s computer over the internet.

From the above, we can see how important to secure our data. How to avoid this happen? Well the best way is by applying public key infrastructure(PKI). PKI is based on encryption and it is a process of transforming or scrambling (encrypting) data to make it difficult, expensive or time-consuming long for an unauthorized person to access it. Encryption has five basic parts such as plaintext, ciphertext, ecryption algorith, the key and key space.

There are two systems are symmetric systems, with one secret key, and asymmetric systems, with two keys. In symmetric (private) key system uses the same key to encrypt and decrypt the message and the example the data ecryption standard (DES). Meanwhile, asymmetric (public) key ecryption is a method of encryption that uses a pair of matched keys. Example are is RSA.

Reference:
-www.symantec.com/business/theme.jsp?themeid=threatreport
-http://news.cnet.com/8301-13739_3-9935170-46.html
-http://blogcritics.org/archives/2006/12/11/193220.php
-http://www.bio-itworld.com/BioIT_Content.aspx?id=74012
-Turban, E., King, D., McKay, J., Marshall, P., Lee, J., & Viehland, D. (2008). Electronic Commerce: A Managerial Perspective 2008 (International Edition). Upper Saddle River, NJ: Pearson-Education International. [www.prenhall.com/turban/]


Prepared by Agu
All right reservced by EnT02 Group Rui,Ean and Agu™

Sunday, June 22, 2008

The Application of 3rd Party Certification Programme in Malaysia

3rd Party Certification Programme is a scientific process by which a product or service is reviewed by a reputable and unbiased third party to verify that a set of criteria, claims or standards are being met. Certification Authority (CA) is a trusted third party in a public key security system is responsible for vouchsafing the identity of users and issuing them with certificates that bind the public key to their identities.

Now, I will like to discuss about one of the application of 3rd Party Certification Programme that used in Malaysia, MSC TrustGate Sdn Bhd.



MSC TrustGate Sdn Bhd is a Certification Authority (CA) operating out of the Multimedia Super Corridor which established in 1999 to meet the growing need for secure open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region.


MSC, as known as Malaysia Super Corridor,is a Government initiative, designed to leapfrog Malaysia into the information and knowledge age. It originally included an area of approximately 15x50 km² which stretched from the Petronas Twin Towers to the Kuala Lumpur International Airport and also included the towns of Putrajaya and Cyberjaya. It has was expanded to include the entire Klang Valley on 7 December 2006.

Secure Sockets Layer (SSL), are cryptographic protocols that provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers.In the other words, it provide a safe and risk free solution for the users of Internet and monitor the security of those activities.There are slight differences between SSL and TLS, but they are essentially the same.




VeriSign is a Secure Sockets Layer (SSL) services provide by MSC TrustGate Sdn Bhd.The VeriSign SSL Certificates can help business and user to protect themselves by following reason:



Authentication: An SSL certificate securely authenticates your web site to your customers - they can be confident that the site they are dealing with is genuine and not a forged or "spoof" site. MSC Trustgate authentication procedures are recognized as the most thorough in the industry. A VeriSign certificate gives confidence that your web site, intranet, or extranet is one that can be trusted.

Encryption: When a Digital Certificate is correctly installed on your web server, your customers can communicate with your website over an encrypted HTTPS connection - all data (such as credit card details) sent to or from your customers will be secured against interception or eavesdropping. Seeing HTTPS in the URL reassures your clients that they can deal safely with your site.

High Grade Security: Choose a VeriSign Global Certificate, and you'll receive 128bit SSL encryption - the strongest grade of encryption available. Compare features of our Global and Secure certificates.

One Year or Two: Our SSL comes with a choice of one or two year validity periods. Two year certificates bring significant cost savings and means fewer certificate renewals.

Local Support: MSC Trustgate, affiliate of VeriSign in Southeast Asia, prides itself on the quality of our local based support that we offer on our certificates. Get the help you need to enroll, install, use and renew your certificates.

VeriSign Secured Seal: Included with your digital certificate is the VeriSign Secure Seal, the Web's most recognized trust mark. The seal allows your customers to quickly and easily verify your site's credentials and that their personal data is secure.

Protection Plan: For your peace of mind a warranty cover of up to RM 400,000 is included with every SSL Certificate. This protects you should you experience any economic loss resulting from corruption, identity theft, or loss of use of your web server certificate.

Reference:
http://en.wikipedia.org/wiki/MSC_Malaysia

Done by Rui
All right reservced by EnT02 Group Rui,Ean and Agu™

Friday, June 20, 2008

How To Safeguard Our Personal and Financial Data ?

Since the Internet founded in late 1980's, more and more people join this network,or we called World Wide Web and become an user of it. Internet is a public network of nearly 50,000 networks connecting millions of computers throughout the world, and this figure will only increase as daily basis.

We keen to use Internet because it brings a lot of convenience into our life.Nowadays, we can find that human are hardly to perform many task if there is no Internet provided. Human are now heavily dependant on Internet, which make the world become smaller, make us a global village.



Once we involve into those website, we are always request to provide some personal information. The information are including name, age, gender, email address or even financial or privacy data.Those information are normally used to contribute into a database of the website, which are purposely use to store their user's information and try to identify and understand their users.




However, as we reveal our information, there are some risk for us. The information that we given via Internet might not safe to be revealed. Our information might be infringe by third party such as hackers or other spyware. There are many real world issue can be found, and the credit card issue is the most common problem in infringe information.As we purchase in Internet, we can paid by using Bank Transfer and Credit Card, but these 2 method are required us to provide our financial data to the e-merchant. Fraud and phising arise when the things go on. The security issue make a big impact on Internet users, causes them reluctant to use E-Commerce and other services in Internet.



How to protect our personal and financial data ? Here are some of the tooltips:



1.Do not use desktop search tools like Google Desktop or Microsoft Desktop Search.

A full index of every keyword on your hard drive in the hands of marketers is very useful for the purposes of targeted advertising.


2.Do not use webmail from a service provider like AT&T, Google or Microsoft.

Same reason as above, except here it applies to every email you send or receive.


3.Do not use browser toolbars or desktop gadgets.

Both of these types of add-ons from companies like Yahoo and Google are known to gather information on your online activity for marketing purposes.






4.Remove all social network accounts.

There is loads of good information there that can be used for targeting and correlation. At the very least, remove all personal information and have a username that does not give any clues to your true identity.


5.Clear your browser cookies after every session.

To take erasing your footprint a step further, do not accept any browser cookies by default. This additional step will make web surfing slower and more intrusive as you will have to manually accept or deny cookies. That being said, if you surf for an hour without accepting cookies by default you will become much more aware of them, and that in and of itself could prove enlightening.


6.Change your local username daily.

Browsers and other software have been known to pass local usernames to servers as part of their operation. If your username is something like “first.lastname” this is clearly useful information for data collection purposes.


7.Do not have a home broadband connection.

If you have a home broadband connection, a network service provider can map your name to your IP address to your physical location. Again, your name, where you live and your Internet activity is all useful information for marketers.


8.Use free Wi-Fi.

If you don’t have a home broadband connection but you will still want to be connected, find a free wireless access point at a local coffee shop. To further hide your existence, every time your computer associates with a wireless access point, manually change your MAC address.


9.Install a host-based Intrusion Detection System (IDS) like OSSEC.

Assuming that you are already using a personal firewall, anti-spam and anti-spy software, a host-based IDS will ensure your computer isn’t being used without your knowledge. For an additional level of security, you could block all Internet traffic except for HTTP (port 80) and then log and trap anything else.

Reference Link:

Prepared and review by Rui


All right reserved by EnT02 Group Rui,Ean and Agu

Phishing: Examples and its prevention methods



What is phishing?

Phishing is a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individual into revealing credentials such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.


Besides, phishing is also consider as a THEFT, the act of sending an e-mail or instant messaging to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information for a purposes of identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site is bogus and set up only to steal the user information.

The Example of phishing
1. 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay site to update their account information. By spamming large groups of people, the phishing counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately.






2. Another example would be if you received an e-mail that appears to be from your bank requesting you click a hyperlink in the e-mail and verify your online banking information. Usually there will be a repercussion stated in the e-mail for not following the link, such as "your account will be closed or suspended". The goal of the sender is for you to disclose personal and (or) account related information. This type of e-mail scam is also called phishing.























The prevention method


1. Prevent phising with mutual authentication-Efforts such as Extended Validation certificates are bound to fail in many cases because they rely on inconsistent visual aids and not strong cryptography. One-time passwords alien have also proven to be vulnerable to real-tome MITM attacks. To prevent phising consistently requires strong mutual authentication for validating the host to the user and the user to the host.

2. Eliminating phishing mail-Specialized spam filters can reduce the number of phishing e-mails that reach their addressees' inboxes. To classify phishing e-mails is relying on machine learning and natural language processing approaches. Besides, never ever click the link within the text of e-mail. Always delete the e-mail immediately.

3.Using IP addresses instead of domain names in hyperlinks that address the fake web site. Many innocent users will not check (or know how to check) that an IP address is registered and assigned to the target organisation that the branded fake web site claims to represent.Besides that copy the apperance of another wedsite.


4.Use malware to manipulate the hosts file on a victim's PC that is used to maintain local mappings between DNS names and IP addresses. By inserting a fake DNS entry into a user's hosts file, it will appear that their web browser is connecting to a legitimate web site when in fact it is connecting to a completely different web server hosting the fake phishing web site.



5.Configuring the fake phishing web site to record any input data that the user submits (such as usernames and passwords), silently log them and then forward the user to the real web site. This might cause a "password incorrect, please retry" error or even be totally transparent, but in either situation many users will not be overly worried and put this event down to their own poor typing, rather than intervention by a malicious third party.

References:
1.http://www.webopedia.com/TERM/p/phishing.html
2.http://www.honeynet.org/papers/phishing/
3.http://en.wikipedia.org/wiki/Phishing
Prepared by Lew Pei Ean
All right reservced by EnT02 Group Rui,Ean and Agu™

Monday, June 16, 2008

Revenue Model for Google, Amazon.com and eBay.

Google Inc. is an American Public Corporation, earning revenue from advertising related to its Internet Search, Gmail, Google Maps, Google Messenger, YouTube and Picasa as well as selling advertising-free versions of the same technologies. Google was co-founded by Larry Page and Sergey Brin while they were students at Stanford University and the company was first incorporated as a privately held company on September 7, 1998. Google's initial public offering took place on August 19, 2004, raising US$1.67 billion, making it worth US$23 billion.


The Google’s revenue model are Google Adwords and Google Adsense. Google Adwords is a pay per click advertising program of Google designed. It is to allow the advertisers to present their advertisements to people at the moment the people are looking for information, which related to what the advertiser has offer. When the user searches the Google’s search engine. Pay per click is an online advertising payment model in which the payment is based on the qualifying click-through. An advertiser has to pay when every time his ad receives a click. It is means that the advertiser only pay when the people click on the ad on it, and it is easy to control costs. When a user searches the Google’s search engine, ads for relevant words are shown as ‘’sponsored link” on the right side of the screen



Google Adsense is an ad serving program, which is run by the Google, Google Adsense. The website owners can enroll to the program to enable text, image, and video advertisements on their sites. Revenue is generated on a per-click or the per-thousand-ads-displayed basis. The ads are administered by Google. The Google advertisers are required to pay the Google a fee, on each time a user clicks on one of their ads displayed on the web sites.








Amazon.com, Incorporation is an American electronic commerce (e-commerce) company in Seattle, Washington. It was one of the first major companies to sell goods by Internet. Amazon.com started the business is the on-line bookstore, but later vary to the product lines of DVD, music CDs, MP3 format, computer software, video games, electronics, health and personal-care items, furniture, food, toys, beauty products, musical instruments, groceries, industrial and scientific sip plies, kitchen items, and etc. It also provides global shipping to certain countries for some of the products. Thus, Amazon.com's revenue model is majorly generated from sales of goods and partly from advertisement.




eBay Incorporation is an American Internet company, which is manage by th eBay.com. It is an online auction and shopping website that the people and businesses buy and sell goods and services worldwide. eBay Incorporation also owns Paypal and Skype.

Millions of the comuputers, furniture, equipment, vehicles, and other miscellaneous items are listed, bought, and sold everyday. Anything can be sold as long as it is not illegal and does not violate the eBay rules and regulations policy. The services and intangibles items also can be sold. The international companies, such as IBM, will sell their latest products and offer the services on eBay, by using the competitive auctions, and fixed-priced storefronts.

eBay generates revenue from a number of fees. The eBay fee system is quite complex; there are fees to list a product and fees when the product sells, plus several optional fees, all based on various factors and scales. The U.S.-based eBay.com takes $0.20 to $80 per listing and 5.25% or less of the final price (as of 2007). The Mexican eBay "mercado libre" takes 1% (price of the article × number of articles to be sold), and 4.99% of the final price if there is a successful trade. The UK based ebay.co.uk takes from GBP £0.15 to a maximum rate of GBP £3 per £100 for an ordinary listing and from 0.75% to 5.25% of the final price. In addition, eBay now owns the PayPal payment system which has fees of its own.

Hence, the revenue models that used by eBay is Transaction Fees (commissions paid on volume of transactions) ,Subscription Fees(monthly or yearly fixed amount paid to get some services) and Advertisement Fees (payments from advertisers).

Reference:
  1. https://adwords.google.com/select/Login
  2. https://www.google.com/adsense/login/en_US/
  3. http://en.wikipedia.org/wiki/EBay
  4. http://en.wikipedia.org/wiki/Amazon.com

Prepared by Rui

All right reservced by EnT02 Group Rui,Ean and Agu™