Sunday, December 30, 2007

Holiday Spam Scams Increases

With online holiday shopping already breaking records and predicted to increase an overall 20 percent through December*, cyber-crooks have been hard at work spreading their own brand of holiday cheer -- holiday spam. This year marks an all time high for spam, accounting for 10.8 trillion messages, according to industry market researcher IDC. With the start of the holiday season Nov. 23, holiday spam has spiked, representing an initial 6 percent increase over pre-Thanksgiving levels—with more to come, warns SPAMfighter, an international spam security and filtering company. Consumers need to take more precautions this season and update their spam protection now to combat spam growth expected through the end of the year.

"Spammers are banking on the fact that millions of less cyber-savvy consumers are spending more time online to get the best deals and gifts, but haven't taken the time to secure their PCs or update their spam protection," said Alix Aranza, Managing Director, SPAMfighter North America. "This year consumers need to be especially careful and guard against more advanced techniques and aggressive spam offers."

To ensure a safe and secure holiday shopping experience, SPAMfighter recommends consumers keep the following tips in mind:

• Never make a purchase or donate money through an unsolicited e-mail offer. If the offer sounds too good to be true, it probably is a scam. Holiday charity scams are a favorite technique of spammers and crooks. Donate through the trusted organization's Web site directly. Consumers should create a separate free e-mail account for online shopping to avoid potential spam and to keep track of online purchases.

• Before you shop online, download the latest spam filter protection – don't rely on a PC program from last year or the PC manufacturer to send you a reminder. Spam and virus filtering protection should be upgraded, at a minimum, once a year or more, depending upon Web visits. SPAMfighter, for example, is constantly monitoring new spam scams and automatically offers new upgrades to customers.

• Don't open holiday e-cards from unknown senders. This is a primary way for spammers to replicate and send malicious malware such as the Storm Worm, to hijack unprotected PCs and turn these into spam machines.

• Watch out for higher levels of phishing e-mails. These are legitimate-looking e-mails from what appears to be a trusted, well-known brand, such as your bank or popular sites, like eBay and Amazon. In reality, this spam seeks to steal personal or financial information by redirecting the e-mail user to a fake, but very real-looking Web site, that asks for confidential or personal information. When in doubt, call the bank or company supposedly sending the e-mail and verify the request.

• Social networking phishing spam is on the rise. Phishers are using social networking sites, such as MySpace, to target specific groups of e-mail users with free gift offers and ads. Check your privacy settings on these sites to restrict who can access your information and never click on a link posted by an unknown source.

• Be cautious with hyperlinks to other Web sites and don't open hyperlinks in an unsolicited e-mail. Clicking on the link is a confirmation to the spammer that an e-mail address is active and to whom it belongs, and more importantly, opens the door to new malware and viruses or a phishing site.

Twenty-Six Arrest Orders Issued for Copyright Violations

In May 2007, U.S. Immigration and Customs Enforcement (ICE) agents, working in conjunction with U.S. Secret Service (USSS), the Puerto Rico Bureau of Special Investigations, and officials of the Motion Picture Association of America (MPAA) and the Recording Industry of America (RIAA), launched the first phase of an operation dubbed "Operation Digital Pirates." The first phase of the operation led to the seizure of more than 53,000 counterfeit music CDs and DVDs. The operation was launched in several flea markets throughout the island of Puerto Rico. The seizure was part of an ICE initiative into the identification of intellectual property rights (IPR) violators.

As part of ICE's "Operation Digital Pirates," ICE agents teamed up with other federal and local law enforcement officers and arrested 21 individuals indicted by a federal grand jury in November 2007 for violations to federal intellectual property rights statutes. The arrests took place in the municipalities of Bayamon, Vega Baja, Morovis, Mayaguez, Hatillo, Quebradillas, Ponce, Guayanilla and Carolina, Puerto Rico.

According to the indictment, the defendants infringed copyright laws by reproducing and distributing works such as music CDs and DVDs, for the purpose of commercial advantage or private financial gain.

Between fiscal years 2002 and 2006, ICE agents arrested more than 700 individuals for IPR violations and dismantled several large scale criminal organizations that distributed counterfeit merchandise to nations around the globe. At the same time, ICE investigations into these networks resulted in 449 criminal indictments and 425 convictions. Together, ICE and CBP seized more than $750 million worth of counterfeit goods from fiscal year 1998 through fiscal year 2006.

The criminal infringement of a copyright has a penalty up to five years imprisonment if it is a first offense, and ten years imprisonment if the offense is a second or subsequent offense, a fine up to $250,000, and a supervised release term. Trafficking in counterfeit labels affixed to the illegal copies of the motion picture DVDs or music CDs has a penalty of up to five years imprisonment.

Vivid Entertainment Group Sues for Copyright Infringement

Vivid Entertainment Group has sued Adult Entertainment Broadcast Network (AEBN) and related companies for unlawfully posting or allowing third parties to post copyrighted Vivid content on its "" website and for failure to comply with certain provisions of the federal Child Protection and Obscenity Enforcement Act requiring proof of age of performers.

The suit filed in the U.S. District Court for the Central District of California names Data Conversions, Inc., which does business as AEBN and, and also WMM, LLC, which also owns and/or operates PornoTube. AEBN is a Charlotte-based company that claims to be the "global leader in adult pay-per-view video." PornoTube is a free website featuring a variety of sexually explicit material.

Vivid requested a jury trial to hear its claims that the defendants "have used technological advancements to willfully infringe copyrights belonging to Plaintiff, depriving Plaintiff of the lawful rewards that accompany creativity, effort and innovation." The suit contends that the "defendant's business plan depends on the uploading, posting, display and performance of copyrighted audio-visual works belonging to Vivid and others" and that the defendants "knowingly built a library of infringing works to draw Internet traffic" to its website.

Vivid contends that the PornoTube's infringement causes "great and irreparable injury that cannot fully be compensated or measured in money," and noted that the law provides for damages up to $150,000 for each willfully infringed work. The suit asks for a permanent injunction to bar future infringement and damages of at least $4.5 million.

In addition to its copyright infringement claims, Vivid also requests damages for willful and fraudulent "misappropriation of the actors' right of publicity" under California law, as well as for unfair business practices for unauthorized copying, reproducing, distributing and selling Vivid content.

A novel aspect of the suit is Vivid's contention that by displaying clips of its films on PornoTube the defendants violate California law and engage in unfair business practices by failing to follow labeling requirements under the so-called 2257 provisions of the Child Protection and Obscenity Enforcement Act that require verification that all performers are over 18 years old.

"PornoTube and AEBN have exactly the same responsibility as any other adult content distributor or producer to obey U.S. copyright laws and 2257 regulations" according to Steven Hirsch, co-chairman of Vivid Entertainment. "Vivid spends enormous sums to copyright its content and to comply with the Child Protection and Obscenity Enforcement Act age verification process. PornoTube and AEBN have been getting away with a practice that unlawfully earns it millions of dollars at our expense."

The copyright portion of the suit is similar to a $1 billion suit filed last March by Viacom (NYSE: VIA) against YouTube. Viacom, the owner of MTV and Nickelodeon, accused YouTube of "massive intentional copyright infringement" by allowing 160,000 unauthorized Viacom clips to be uploaded onto YouTube. The case is currently being adjudicated in the U.S. District Court for the Southern District of New York.

Sunday, December 23, 2007

Symantec Awarded $21 Million in Judgments Against Counterfeit Software Piracy Rings

Symantec Corp. was awarded $21 million in damages against a large network of distributors selling counterfeit Symantec software.

The judgments were handed down by the United States District Court for the Central District of California in Los Angeles, CA in favor of Symantec against ANYI, SILI Inc., Mark Ma, Mike Lee, John Zhang, Yee Sha, and related defendants.

In civil cases filed in November 2006, Symantec included claims alleging that ANYI, SILI, Yee Sha, and their affiliates engaged in trademark infringement, copyright infringement, fraud, unfair competition, and false advertising. Symantec's investigations into these piracy rings coincided with and supported other investigations initiated by various law enforcement agencies such as the FBI and the Chinese Ministry of Public Security, ultimately leading to the arrest of Mark Ma in Shenzhen by Chinese authorities in July 2007.


Global 'Fake Check' Seizures Continue

In a continuing effort to crack down on international scammers who are looking to fatten their own wallets while draining the bank accounts of American consumers, law enforcement partners of the United States Postal Inspection Service have seized additional tens of thousands of mailings bound for the U.S. containing counterfeit checks.

Today, a team of Canadian and U.S. fraud investigators based in Montreal, Quebec announced the seizure of over 50,000 pieces of mail containing fake checks, with a face value of nearly $195 million. The announcement was made by the Royal Canadian Mounted Police (RCMP), who spearhead "Project COLT," a cross-border partnership aimed at disrupting and preventing fraud. Postal Inspectors have been members of this partnership since its inception in 1998, along with other federal agencies in the U.S. and Canada. Most of the letters were addressed to U.S. recipients. The seizures were made by Canada Post in coordination with the RCMP. No arrests have yet been made, and the investigation is continuing.

The mail contains a letter telling the recipient they've won a cash prize of up to $50,000 in an international promotional campaign, and includes a $2,000 to $5,000 check. To collect the full amount of their "prize," the recipient is asked to cash the check and quickly return all or part of the proceeds, usually via wire transfer, to pay for some kind of international administration fee. By the time the check has been found to be fake, the scammer has the money and the recipient is on the hook to their bank to repay the amount sent back.

"Even though over 600,000 fake checks have been seized since the global initiative to stop these scams began earlier this year, the scammers have not stopped trying," said Alexander Lazaroff, Chief Postal Inspector. "We are grateful to the RCMP for continuing to lead this cross-border partnership, which aims to keep these scams from reaching U.S. and Canadian consumers and maintain their confidence in the mail."

Postal Inspectors warn there is no legitimate reason for any contest promoter, business or organization to send you a check and ask that it be cashed and wired back to them ... especially for a promotional campaign or contest you never entered. Learn more about check scams by visiting the website If you receive a letter containing a check and you suspect fraud, don't cash the check, report it to Postal Inspectors through the website, or by telephoning 1-800-372-8347.

Saturday, December 22, 2007

Five Steps to Improve PC Security

With a strong increase in PC sales predicted for the holiday season, many consumers will be encountering Microsoft's Windows Vista operating system, which first shipped in January 2007, for the first time. To provide these consumers with guidance on the simple, yet crucial ways they can ensure they are protected against threats to their new PC's security, BeyondTrust, a leading provider of enterprise security software for Windows, has created a list of five key steps new Vista users should take:

1. Do not log into Windows Vista as an administrator.

This is a critical step home users must take when they first start their new computers to protect their family from malware. Malicious software cannot install and users won't be able to install programs that might be unsavory.

2. Use separate accounts for all family members.

Using separate, non-administrator accounts for multiple users ensures that each person's data is better protected. Try to avoid giving family members the password for the administrator account. This will prevent them from installing whatever they choose, from who knows where that does who knows what.

3. Vista introduces a new security feature called User Account Control (UAC). Keep it turned on, even if you find it annoying.

A prominent new feature in Vista, UAC prompts users to enter a password whenever they encounter tasks that require full administrator privileges, such as installing software or running certain applications. Because most viruses and other malicious software require administrative rights to install and run, UAC will make it possible for you to view and stop them before they can harm your computer.

4. Set each family member's e-mail to read incoming e-mails as plain text only, not HTML.

While HTML may make for more desirable display capabilities for viewing e-mail, its benefits are far outweighed by its potential for security compromise. HTML is often used to carry out attacks on your computer, and you should avoid using it.

5. Be sure to log off of the computer when you are finished with your session.

This one step is simple but important. You want to keep your data protected and make sure that other users in the household don't have access to a privileged account.

Source: BeyondTrust CEO John Moyer

A more detailed list of tips is available for consumers and media at:

$1.7 Million to Help Victims of Identity Theft and Fraud

The Department of Justice's Office of Justice Programs (OJP) announced $1.7 million in grant funds to provide direct assistance to victims of identity theft and financial fraud. The awards will expand existing services and strengthen law enforcement's response to victims of identity theft and financial fraud nationwide.

"The financial toll exacted by identity theft can be as devastating and emotionally traumatic as violent crime," said Cybele Daley, Acting Assistant Attorney General for OJP. "The Department of Justice recognizes the tragic consequences to those affected by identity theft and is committed to tackling this problem by giving victim service organizations and local law enforcement the resources to provide a measure of relief to victims."

The funding, awarded through OJP's Office for Victims of Crime (OVC) earlier this year, is being given to existing national, regional, state and local victim service organizations that are currently providing direct assistance to victims and will collaboratively expand their efforts to help identify additional theft and fraud victims. The award recipients are:

-- The Identity Theft Resource Center, a national organization that provides free identity theft victim assistance, is receiving $500,000 to improve and expand its current identity theft victim counseling and individual case work while expanding staff at its identity theft call center.

-- The Texas Legal Services Center, a state support office and regional victim services provider, is receiving $500,000 for operation of the Victims Initiative for Counseling, Advocacy, and Restoration of the Southwest (VICARS) project. VICARS provides free legal assistance to victims of identity theft and financial fraud living in Texas, Oklahoma, New Mexico and Colorado and provides step-by-step coaching on how to reacquire their identity and credit.

-- The Maryland Crime Victims' Resource Center is receiving $500,000 to enhance its existing practice to provide free assistance to victims of identity theft and financial fraud through increasing direct victim services; self-advocacy and pro bono attorney development. The Center will partner with a variety of national programs to assist victims of identity theft and fraud nationwide including the National Center for Victims of Crime, the Identity Theft Assistance Center, and the National Crime Victim Law Institute.

-- The Atlanta Victim Assistance Inc., a non-profit organization serving the needs of both victims and witnesses, will receive $200,000 to carry out a public education campaign aimed at stopping identity theft and financial fraud in Atlanta, Georgia. The "Stop Atlanta Fraud Empower (SAFE)" campaign consists of a three-prong innovative approach of education, advocacy, and training to help reduce the incidences of fraud in Atlanta and increase city resident awareness of their rights if victimized.

The awards are a direct outcome of efforts made by the President's Task Force on Identity Theft. The Task Force, co-chaired by the Attorney General and the FTC Chairman, was established by Executive Order of the President on May 10, 2006, and is comprised of 17 federal agencies and departments. The Task Force's strategic plan, released in April 2007, can be found at

Sunday, December 16, 2007

Kid Rock Wins New Orleans Copyright Infringement Case

This week, Atlantic Recording artist Kid Rock won a dismissal of a copyright infringement action brought against him and several codefendants by a New Orleans man. The lawsuit, filed by local musician Troy Landry in 2004, contained allegations that Kid Rock and co-writers Uncle Kracker, John Travis and Kenny Olson copied portions of two songs written by the Plaintiff when the Defendants wrote the hit recording Somebody's Gotta Feel This.

In a sweeping vindication for Kid Rock, Louisiana's United States District Judge Mary Ann Vial Lemmon issued a 14-page Opinion dismissing Landry's lawsuit in its entirety.

Among the Court's findings were the following:

-- Landry presented no evidence to contradict the Defendants' affidavits
that they had not heard Landry's music and that they independently
created the song in 1997.

-- Landry failed to meet the "access" requirement of a copyright case.

-- One of the Plaintiff's expert witnesses, Tulane University Associate
Professor of Music John Joyce, conceded that the two songs as a whole
were different. He also said the hook of Landry's song was copied
based on a "hunch."

-- Both of Kid Rock's expert witnesses, musicologists Gerald Eskelin and
Anthony Ricigliano, opined that the songs in question were distinctly

-- The Court concluded that the works are not so similar as to preclude
independent creation.
Kid Rock's trial attorney, William Horton of Troy, Michigan, expressed his enthusiasm with the Court's decision: "There was no copying here. Kid Rock is a one-of-a-kind original."

Kid Rock's personal attorney, Michael Novak, says: "Judge Lemmon did the right thing in dismissing this case. It was utterly meritless. Unfortunately the way our justice system works, anybody can sue anyone for any reason, and successful artists tend to attract these groundless claims. But we are elated the system worked here. Justice is served."

Comcast, Cablevision and Ebay Sued for Patent Infringement

Klausner Technologies, Inc. has filed patent lawsuits under its visual voicemail patents against Comcast Corporation, Cablevision Systems Corp., and eBay Inc.'s Skype with damages and future royalties estimated at $300 million.

The lawsuit asserts that the above companies' VOIP voicemail products and services infringe Klausner Technologies' U.S. Patent 5,572,576. The patent has already been licensed to various other companies which provide the same visual voice messaging services, including Time Warner's AOL for its AOL Voicemail services, Vonage Holdings for its Vonage Voicemail Plus services as well as others, under the Klausner Patents.

Cablevision's Optimum Voicemail, Comcast's Digital Voice Voicemail and eBay's Skype Voicemail each violate Klausner's intellectual property rights by allowing users to selectively retrieve and listen to voice messages via message inbox displays.

The suit has been filed by the California law firm of Dovel & Luner in a federal court in the Eastern District of Texas. “We have litigated this patent successfully on two prior occasions, said Greg Dovel of Dovel & Luner, counsel for Klausner Technologies. "With the signing of each new licensee, we continue to receive further confirmation of the strength of our visual voicemail patents.”

Ten Tips to Prevent Identity Theft during the Holidays

With the holiday season in full swing, millions of Americans are hitting the malls and shopping on-line to find the perfect gift for every family member. However, in the confusion and bustle of the season, it's easy to let your guard down, which is why the winter holiday season is one of the prime times for identity theft to occur. Every year, according to the Federal Trade Commission (FTC), almost ten million Americans are victims of some sort of identity theft, and experts suggest that identify theft increases during the winter holiday season, when there are a greater number of opportunities for theft to occur. Surprisingly, the majority of cases do not result in out-of-pocket expenses for victims—what most victims lose is time and their sense of personal security.

"Clearing your name after an identity theft can be a very complicated and disruptive process," said Mark LaPenta, chief technology officer of MetLife Bank. "There are a lot of people to notify, including creditors, credit bureaus, and law enforcement. It can take months—or possibly years—before you get your life back in order, and clear your name. Fortunately, there are steps that can be taken to avoid becoming a victim in the first place, and also services that can help you restore your name should you become a victim."

To reduce the likelihood of being a victim of identity theft:

Be careful with your social security number, which is one of the most valuable
pieces of information that you have to "prove" who you are. Avoid carrying your
social security card in your wallet, and don't print the number on personal

Only release your social security number when it's absolutely
necessary, such as when required by a government agency (e.g., the Department of
Motor Vehicles or Social Services).

If a merchant asks for your social
security number, ask why it's necessary, and what safeguards they have in place
to protect your information. Although there are instances where it is necessary
to have this information (such as, in order to extend credit), you should feel
confident with the safeguards that are in place to protect your privacy.

Minimize the number of credit cards you have, and only carry one or two
in your wallet. It's a good idea to keep a list of all your credit cards, bank
accounts, and investments in a safe place.
Never leave envelopes containing
bills and checks in places where there's a danger of their being stolen.
Consider mailing your bills at the post office, rather than leaving them for
your letter carrier at your front door or mailbox.

Think about computer
safety—never use obvious or easily guessed passwords or PINs, and always create
passwords that combine letters and numbers.

Be wary of "phishing"
schemes. Phishing is a type of fraud that usually starts as an email or pop-up
designed to trick you into revealing personal financial details. Never reply to
emails asking for personal details, or even click on links in emails that appear

Be careful what you throw away! Trash is a prime target for
identity thieves, so take the time to shred all paperwork containing sensitive
information, including pre-approved credit offers. The most secure shredders are
"cross cut" shredders, because they ensure that the documents cannot be

Carefully review financial statements each month for
unauthorized use, including your credit cards, bank statements, and phone bills.
Alert your creditors immediately, in the event that you notice a discrepancy.

Do a "check up" on your credit history once every year. Securing this
information is easy—simply visit or call
877-322-8228. You'll be able to get one free credit report each year from each
of the three major credit bureaus.

Another important consideration:
determine whether you have protection in the event that you are victimized. Many
credit card companies offer protection against identity theft, so ask your
credit card agent or company representative if yours does.

In addition, a few banking institutions now offer the convenience of identity theft resolution services. This assistance can prove invaluable, because it can help guide victims through the arduous process of reclaiming their good names.

For additional information on the threat of identity theft, visit, and select "Security Center."

Sunday, December 9, 2007

Con Man's Blog, by Legal Thriller Author Jack Payne, Tracks and Exposes New Scams

No one wants to be the victim of a con man. And no one knows the con man's methods better than Jack Payne, author of the legal thriller Six Hours Past Thursday (ISBN 1-59113-502-8, Impact Books, Now through his Con Man's Blog (, Payne is helping readers protect their money - and ultimately their sense of security - from scam artists.

"It's all about educating yourself," Payne explained. "A con man can't pull a scam on a person who checks him out. The Internet and e-mail have given rise to a new breed of con man, but they're also the two most effective weapons in the war against those same scam artists. If you think something doesn't seem quite right, it usually takes just a few minutes of research online to confirm your suspicions."

The Con Man's Blog can be a good starting point for that research. Payne, who has spent 45 years studying scam artists, keeps readers abreast of the latest cons, scams and dirty deals and frequently answers questions through his blog's comments feature.

With Six Hours Past Thursday, Payne wrote the book on the art of the barely legal con game. In that legal thriller, he drew on his extensive knowledge of the con man as well as on his decades of business experience. The same is true at Con Man's Blog, where at, Payne outs all the shady business opportunities, ultra-low-cost vacation deals and other too-good-to-be-true come-ons he finds.

"The public needs to know about the classic scams that are still being used, as well as the brand-new cons that put personal information - and bank accounts - in jeopardy," said Payne. "At The Con Man's Blog, I frequently write about the con man's favored techniques from the perspective of the scammer. I think it's important for my readers to know how con men think, because that provides the insight they need to steer clear of people who would otherwise view them as nothing more than a mark."

Payne maintains that until countries worldwide take the necessary steps to prosecute con men, scams will continue to proliferate on the Internet. But thanks to The Con Man's Blog, their pool of potential victims is shrinking.

Saturday, December 8, 2007

Multi-Million Dollar Pyramid Scheme -- BUSTED!

The operators of a pyramid scheme which took in approximately $27 million from roughly 500 victims, most from the Cambodian-American community, have been sentenced to prison terms of 35 years and 20 years apiece.

Hon. Richard G. Stearns, of the U.S. District Court for Massachusetts, sentenced JAMES BUNCHAN, age 57 of Quincy and Attleboro, Massachusetts and North Miami Beach, Florida to 35 years in federal prison and BUNCHAN's wife, SENG TAN, age 61, of Quincy and Attleboro, Massachusetts and Burnsville, Minnesota, to 20 years in federal prison. The two were convicted of conspiracy, mail fraud and money laundering.

"The defendants ran a large pyramid scheme that preyed primarily on ethnic Cambodians," stated U.S. Attorney Sullivan. "The victims are hard working people who were led to believe that they were making safe and responsible investments. Sadly a number of these victims are now facing the loss of their homes and financial ruin."

"IRS CI will vigorously investigate individuals who defraud others in this manner," stated Douglas Bricker, IRS Special Agent in Charge. "This type of crime impacts not only the government but also the victims who believed they were making responsible investments. The prosecution of individuals who are involved in these types of schemes serves as an example that complex financial transactions will be investigated by the IRS and those who violate the law will be brought to justice."

The evidence at trial showed that BUNCHAN, TAN and a third individual, CHRISTIAN ROCHON, age 54, of Warwick, Rhode Island were principals of two companies, WMDS, Inc., a/k/a World Marketing Direct Selling Inc., and One Universe Online Inc., also known as 1UOL. The companies had offices based in Canton, Attleboro, and Boston, Massachusetts.

From October 2000 through November 2005, BUNCHAN, TAN, and ROCHON solicited investments in WMDS and 1UOL and took the investors' money for their own personal use. BUNCHAN, TAN and ROCHON falsely represented that WMDS and 1UOL were companies that marketed and distributed health supplements and other consumer products. They promised investors that a lump sum investment (typically in units of approximately $26,000) would yield a monthly payout ($300 per $26,000 invested) for the rest of the investors' lives and the lives of the investors' children. BUNCHAN and TAN often solicited higher lump sum investments by promising higher returns to large investors.

In many instances, BUNCHAN and TAN persuaded investors to mortgage their homes to get money to invest. In particular, they preyed on ethnic Cambodians living in various communities around the United States, gaining their victims' trust by emphasizing their shared experiences during the genocidal Pol Pot regime in Cambodia.

In pronouncing sentence, Judge Stearns, noted the enormity of the harm inflicted by BUNCHAN and TAN. By encouraging victims to mortgage their homes, the fraud not only stripped hard-working families of their savings but, in many instances, left them homeless.

At first, BUNCHAN, TAN and ROCHON made the promised payments, leading the original investors to unwittingly recruit additional victims of the scam. But, for the most part, the defendants simply spent the money. BUNCHAN used the investors' money to finance a lavish personal lifestyle which included luxury cars, trips to Las Vegas and the Bahamas, and over 6 million dollars gambling at casinos. TAN and ROCHON also profited from the scheme.

As the scheme collapsed, BUNCHAN, TAN, and ROCHON stalled investors by claiming that payments had been delayed due to technical problems. Then BUNCHAN orchestrated a campaign to intimidate investors -- including threatening lawsuits -- to keep them from going to the authorities. At the sentencing hearing, the prosecutor noted that BUNCHAN ultimately went further, attempting to hire a hit-man to murder potential witnesses. BUNCHAN has been charged separately for that scheme.

ROCHON will be sentenced separately. A hearing date for ROCHON has not yet been set.

Online and offline habits may make consumers susceptible to identity thieves

Out shopping with a bag full of receipts? Piles of special end-of year credit card promotions filling your mailbox? Leaving home on vacation? All of these situations provide a prime opportunity for identity thieves to strike.

Rick Kam, president of identity theft protection and personal identity recovery company ID Safeguards, warns, "The holiday season is ripe for identity thieves to do their dirty work, and whether you realize it or not, you may be helping them. By taking a few simple steps, you can protect yourself from the efforts of fraudsters."

By following a few simple online and offline tips, consumers can decrease the odds of becoming a victim this holiday. Top tips for protecting yourself are:

-- Keep your whereabouts online a mystery: Your e-mail message should NOT
state you are on vacation, nor should you state on your blog or social
networking site that you are going out of town. Instead, say you are
out of the office spending time with family or you are going to take a
rest from your blog updates during the holiday.

-- New Year, New Passwords: Out with the old and in with the new. Make it
your yearly time to give new passwords to your online accounts.

-- Watch for the double swipe: Don't let yourself get distracted while
checking out. Sales assistants have been known to use devices called
skimmers to quickly swipe customer credit card numbers.

-- Shop, save and compare: Save all your online and physical shopping
receipts. As much as you don't want to look at those credit card
statements after the holidays, make sure they match your receipts. Call
your credit card company to report any unfamiliar purchases.

-- Going to Grandma's? Prepare your home: Place a hold on your mail with
the post office and stop newspaper delivery. A full mailbox is a gold
mine of information for identity thieves and a pile of newspapers
signals that your home is vacant.

-- Shop with one: Use only one credit card this season and store the rest.
Debit cards should never be used for online shopping as it provides
online thieves with direct access to your bank account.

-- When in doubt, keep it personal: You should only buy from known and
reputable sources on the Internet. You would never give a stranger on
the street your credit card information. Practice the same logic

To learn more about current identity theft issues, visit the company blog at

How to Take a Copyright Thief to Court

If all else fails, you can file a copyright infringement lawsuit. This remedy has some drawbacks.

Litigation can be costly. In many cases, the likely value of the misappropriated material and any damages received will be less than the amount obtainable in a judgment.

You also have to deal with the very real problem of collecting a judgment. In many cases, the offending party will be unable to pay if you prevail, and collecting via wage attachment or other options may be inefficient and impractical.

If the case crosses into a foreign country, things become even more complicated. Enforcing a judgment against a foreign entity can be remarkably problematic.

Copyright infringement cases are governed by federal statute and case law and must be filed in a Federal District Court.

If you own a copyright and can successfully prove a violation, you may be able to win damages that approximate the profits lost from the infringement and the profit generated by the offender during the period of violation. You can also receive statutory damages that may reach as much as $150,000 per violation.

During the case itself, you may also be able to get a restraining order requiring the offending party to remove the material until the matter is resolved.

Fighting copyright infringement in the courts can make sense in the right situations. When the value of the content is significant and you can prove your case effectively, it may be sufficiently lucrative to pursue. A willingness to litigate may also signal that you take copyright infringement seriously, acting as a deterrent to other would-be thieves.

Pursuing a copyright infringement case does require a high level of specialized skill. Thus, anyone considering a case of this sort is advised to seek representation from appropriately qualified legal counsel. This is not a do-it-yourself project.

In most cases, litigation just doesn't make sense. However, it may be necessary when all other remedies are exhausted and a violating party refuses to take appropriate action.

Before instigating legal action, make sure you have clearly assessed the merits of your case with your attorney and that you are prepared to see the matter through. If you aren't ready to take that kind of action, it may make more sense to do your best to seek other remedies.

Brian Scott is a freelance journalist who covers copyright law for Download his free e-book, "Copyright Basics" at

Sunday, December 2, 2007

Access Copyright Sues Staples/Business Depot for Copyright Infringement

Access Copyright, an organization representing the copyright of almost 9,000 Canadian writers and publishers, is suing Staples/The Business Depot for copyright infringement.

The lawsuit, filed by Access Copyright, contains the largest claim to arise from copyright infringement of published works in Canada.

The lawsuit seeks $10 million in damages, including a claim for punitive damages.

Staples/Business Depot is a sizeable, for-profit organization that has built part of its business through a lucrative service that exploits the published works of authors, photographers and publishers. Companies that photocopy illegally are effectively taking money directly out of the pockets of creators and publishers who depend on book sales and copyright royalties for their livelihood.

"Companies that profit from illegal photocopying are undermining the work of others," said Maureen Cavan, Executive Director of Access Copyright. "Staples/Business Depot is no different from those organizations that profit from illegally downloading copyright protected music or the unauthorized sharing of videos and published works on the internet."

Access Copyright ( has been continuously investigating Staples/Business Depot since 1998 in response to concerns raised by creators and publishers over infringement activities. Despite repeated attempts by Access Copyright to reach a settlement and come to an amicable resolution, Staples/Business Depot has made no perceivable changes to their business practices.

Private Detective Spam Floods Inboxes with Malware Threat

Cyberoam announced that a new email-borne malware threat has emerged, where messages claim to be from a private detective hired to monitor the email recipient. According to Cyberoam partner Commtouch, the outbreak was first identified on Saturday, November 17th and sample subject lines include, "I'm monitoring you"; "You’re being watched"; "Your phone is monitored"; and, "The tape of your conversation".

The malware distributors have attached a "recording" of the recipient's phone call in an effort to convince the recipient of their surveillance capabilities, which is actually an executable .scr malware file. The attachment names are numerical variations on "call1105-10.rar." and are password-protected, compressed files. The malware inside the attachment is activated when the recipient opens the file with the password provided in the body of the email.

"These techniques indicate the malware author's ability to successfully launch new variants of malware on the Internet, which is why signature-less protection against these types of attacks is critical," said Joshua Block, VP of North American Operations, Cyberoam. "Traditional signature-based protection methods are unable to provide zero-hour protection. Cyberoam’s unique identity-based UTM appliances provide organizations of all sizes with a proactive virus detection technology that protects against spam and new email-borne virus outbreaks hours before signatures are released and updated in signature-based solutions."

Commtouch research shows that global spam levels recently reached an all-time high of 95 percent, increasing a spammer or virus author’s ability to launch a successful attack. To help combat this, Cyberoam’s fully integrated gateway antivirus and anti-spam engines provide reliable web and e-mail security at the gateway for enterprises.


Online Merchants...Naughty or Nice?

Rising gas prices, a soft economy and sheer convenience will attract a record number of Santa's helpers to online retailers this holiday season. According to the National Retail Federation's 2007 Consumer Intentions and Actions Survey, consumers plan to do more than 30 percent of their holiday shopping online.

As more people do their holiday shopping online, the risk of the Grinch stealing holiday cheer -- and identities -- is at an all-time high. Last year, the Federal Trade Commission reported more than 674,000 victims of identity theft and fraud totaling an estimated $1.1 billion in losses -- Internet-related complaints accounted for nearly half.(i)

"The online world can be a dangerous place and online shoppers need to be more vigilant than ever," said Dave Morrow, EDS chief security and privacy officer. "There are an overwhelming number of good, decent retailers mixed in with a few bad ones, so it's important online shoppers take the proper precautions to shop wisely and protect their personal information."

EDS security and privacy experts have identified EDS' eight tips for jolly and worry-free online shopping:

1. Know the online merchant. It is always best to know the reputation of the companies you choose to do business with. If you are not familiar with the online retailer, be sure to check the Web site for contact details, including a physical address and phone number. Also, look to see if the site is a member of a trust mark or trust seal program. This certifies the business meets certain business standards set in place by the program.

2. Ensure you are shopping at a secure Web site. A secure Web site uses encryption technology to scramble the information you send, such as your credit card number, in order to prevent identity thieves from gaining access to it as it travels through the Internet. Secure Web site addresses also include "https://" at the beginning of the address -- the "s" indicates the Web site is secure. Also, look for a closed padlock displayed in your browser's toolbar or on at the bottom of your screen. If the lock is open or not present, this may be a sign that the site is not secure. Even on a secure site, do not send any more financial information than is necessary to complete the transaction. Always keep a paper copy of the transaction for your records.

3. Review privacy and security policies for the companies you do business with online. All reputable companies post a privacy and security policy or statement on their Web site. This should tell you what information the company collects, how it is used and what is shared. If you are concerned about your information being shared with other companies, make sure there is an option to keep your information confidential.

4. Be proactive in protecting your security. Install commonly available security tools such as anti-virus software, anti-spyware software and a personal firewall. These programs and the computer's operating system must be maintained with the most recent patches or updates. Probably the most common -- and most easily remedied -- security problem in home computers is out-of-date software.

5. Do not use personal information for passwords. Using information such as Social Security numbers, birth dates, names, common words, e-mail addresses or telephone numbers as passwords can make you an easy target. Be sure your passwords contain at least eight characters and include numbers or symbols. To avoid misuse, do not write down passwords.

6. Monitor online activity regularly. If you conduct business online, review your account statements regularly and consider using a separate credit card for online purchases or payments to ensure all transactions are in order. By reviewing online statements, transactions and your credit report frequently, you could detect a theft and limit its damage. Identity thieves typically use stolen information for only a short period of time to avoid being caught. If you suspect a security breach, act quickly by contacting the companies you do business with immediately. The Federal Trade Commission's identity theft Web site is a great resource for information on identity theft, including advice and guidance if your identity is stolen.

7. Be aware that international security and privacy standards may be different. When you shop in the United States, you are protected by state and federal consumer laws. These laws may not apply if you place an order internationally. If it is not a reputable merchant and there is a problem, it may be difficult for you to resolve the issue. You should print out and date a copy of terms, conditions, warranties, item description, company information and even confirming e-mails, and save them with the records of your purchase. Also, look at your purchase as soon as you receive it and contact the seller as soon as possible if you discover a problem.

8. Beware of "phishing" e-mails that appear to be from trusted merchants. Phishing is one of the fastest-growing forms of online fraud for identity thieves. Phishing e-mails appear legitimate, often addressing you by name, which makes them even more convincing. Thieves sending these e-mails usually ask you to click on a link in the email that takes you to a phony Web site -- if you are interested, it is best to go to the site yourself by typing the Web site name directly into your browser rather than clicking on the link provided in the e-mail. A skeptical attitude toward unsolicited e-mails is always the best policy, especially if you have never done business with a company before receiving an e-mail solicitation from it.

Learn more at

Saturday, December 1, 2007

What is Grinch.exe and What Should I Do about It?

Chances are, if you work in an office, you're using your company-issued PC or laptop to do a little online shopping in advance of the holidays. You're not alone. Of the $116 billion expected to be spent on online retail purchases this year, $39 billion of that will be spent during the holiday season, an increase of 20 percent over last year, according to Jupiter Research. Nearly half of that shopping will be done during work hours; in fact, a recent Bill Me/Ipsos Insight survey revealed that 12 million Americans admitted to shopping online during work-related conference calls!

If you are surfing the web, such shopping might inadvertently take you to web sites loaded with spyware, key loggers, and other malicious software, making your credit or identity information vulnerable to theft and / or creating havoc on your operating system. But by the time your PC is infected with malware or unknown files such as Grinch.exe, it's too late. In fact, every time an employee shops online, they increase their risk, says Brian Gladstein, director of product marketing for Bit9, a leading application control and device control solution provider.

"As we launch into the holiday shopping season, employees will inadvertently expose their company PCs and laptops to potential security threats," Gladstein noted. "It's critical that IT professionals proactively protect their endpoints by stopping unknown software from ever executing."

For example, Gladstein observed that employees are very likely to have vulnerable applications running on their systems, which are easily exploited by the latest attacks. He recently authored a research brief on the top popular vulnerable applications for 2007.

Fortunately there are easy and efficient methods that will help IT professionals guard against these online threats. Gladstein advises a simple five-step approach, including:

1) Define an appropriate application control policy

This policy should answer questions such as: What applications will we authorize users to install and/or run on their own? What software will not be authorized? Are unknown files that could potentially be malware, such as Grinch.exe, authorized to run in our environment?

2) Monitor your PCs

Not sure what's being copied onto the computers you manage? Use a software identification service to understand the true nature of that software. Free services such as FileAdvisor ( let you look up and identify unknown files like Grinch.exe.

3) Understand where the vulnerable applications are in your network.

A complete picture of where the vulnerabilities are on your network is required to ensure you are addressing them. After all, if you do not know a user is running a vulnerable application and they connect their laptop to a public wi-fi spot, you risk a possible intrusion and / or loss of data on that computer.

4) Be aware of new vulnerabilities

Stay on top of new vulnerabilities by visiting resources such as the National Vulnerability Database (, the SANS Institute (, and the U.S. Computer Emergency Readiness Team (

5) Stop unwanted software before it executes

Consider using application control and device control products such as Bit9 Parity™ to help you control what applications and devices can and can not operate. Stopping unwanted software before it can execute will always be your best defense in protecting desktops, laptops, and servers from malware, spyware, zero-day attacks, and any unknown, unwanted, or unauthorized software.

"The bottom line is that you can't be careful enough," Gladstein summarized. "We recommend everyone implement application controls to ensure that unknown, unauthorized, or unwanted software that is downloaded, either on purpose or inadvertently, never gets a chance to run."