Title: "STOP IDENTITY THEFT......let's make a difference!"

Size : A4 (Portrait & Landscape)

Description:

The poster relates to cyber-crime issue that has becoming a huge plague in the cyber world. The poster focused on the identity theft issues, with a clear message to the public telling them the need to stop the spread of this unlawful activity immediately. The objective of these posters is to raise the level of awareness on multimedia law issues locally and also globally.

Today, more people are relying the internet to get resources. P2P file sharing allows user to share their file online. Even thought file sharing can give you access to many information, it also has many risks such as user can download unwanted viruses, copyright-protected material, pornography or you could mistakenly allow other people to copy files that are not meant to be shared.

Here are some safety tips/guideline user may use if they want to share resources:

• Set up the file-sharing software very carefully, checking the proper settings so that other users won't have access to your private files.

• Adjust the file-sharing program's controls so that it is not connected to the P2P network all the time. Some file-sharing programs automatically open every time you turn on your computer.

• Consider installing anti-spyware software. Some file-sharing programs install spyware that can monitor your browsing habits and send that data to third parties.

• Use anti-virus software and a firewall and update them regularly. Files you download using a P2P network could be mislabeled, hiding a virus or other unwanted content.

(source: http://www.esecurity.org.my)

While internet allows you to connect globally without no boundaries, there are still some precautions that ones need to take so that he/she can avoid being a victim of a cyberstalker. Just follow these simple steps:

• Don't response to threatening messages or messages that makes you feel uncomfortable.
• Choose a genderless screen name which is different from your real name.
• Do not complete the online profiles with your personal information. Limits the information posted on your profile.
• Be careful when you post pictures of you, your family or your friends online.
  
• Do not flirt online, unless you're prepared to face the possible consequences such as unwanted attention or unwanted suitors.
• Don't confront the stalker, this only creates more anger and/or more emotional attacks.
• Get out of the online situations that has been hostile, log off or surf elsewhere.
  
• Do a web search on yourself and make sure that no personal information is posted online by others on you.
• Do not response to any message that seems suspicious.
  

( source: http://www.cybersecurity.org.my)

Yes, this might had happen to you. You'll be wondering in confusion (while scratching your head ) , how on earth you, yourself received an email sent by you (with your own email address as the sender of the mesaage)...! and you're pretty sure that you did not send yourself an offer claiming you've just won $1mill jackpot prize! This is what expect said as a self-sent spam.

Why is that so? It’s not because a spammer has hijacked your e-mail account and is spamming the world using your identity but the reason is because the spammer is disguising the true sender of the e-mail with a different address, a process called email spoofing (Forging an email header to make it appear as if it came from somewhere or someone other than the actual source) to target you specificall.

In e-mail spoofing, the sender manually constructs the e-mail header and chooses which information (in this case your e-mail address as the sender) to include.

Why do the spammers do this? To get you attention to read the e-mail and/or click on the hyperlinks in the email. Sometimes the spammers want you to buy the products they are peddling (attention grabber!); sometimes they want you to click on the link contained in the e-mail, which signals them that their e-mail message received a live account with a curious human at the other end, and they can then sell your e-mail address to other spammers as a potential audience for more spam from a different source. Sometimes it is for both these reasons and also to bypass filters set up through the e-mail client.

So, make sure you switch on your spam filter!

(source : http://www.webopedia.com/DidYouKnow/Internet/2003/SelfSentSpam.asp, http://www.webopedia.com/TERM/E/e_mail_spoofing.html, www.haanchiang.com/wp-content/uploads/2009/11)

1. Linda was stunned in front of her PC when she received an electronic mail, in a chain of senders and receivers, telling bad things about herself, her crazy shopping habits, her domestic problems and her involvement in superstitious activities with a bomoh(magician) allegedly for gaining her more wealth and fortunes. She is now thinking to pursue legal actions for this unfavorable email against her. With reference to the above case, explain the meaning of online defamation, and discuss the legal remedies available for Linda.


Defamation (source: The Electronic Frontier Foundation) is a false and unprivileged statement of fact that is harmful to someone's reputation, and published "with fault," meaning as a result of negligence or malice. Libel is a written defamation while slander is a spoken defamation. It is also a false statement, presented as fact either deliberately intended to harm your reputation or as the result of negligence. The elements that must be proved to establish defamation includes:

1. a publication to one other than the person defamed;
2. a false statement of fact;
3. that is understood as
a. being of and concerning the plaintiff; and
b. tending to harm the reputation of plaintiff.
4. If the plaintiff is a public figure, he or she must also prove actual malice.

Linda can take the case to court, but she has to consult online reputation expert to help her as well. She is actually being protected under the law of defamation which concerned with protecting the reputation of individual, corporation or other legal person from the harm caused by the communication of untrue statements to a third party. All the claims from the email can consider as a publication of permanent form as, according to the Law of Defamation Act 1957, Section (3) For the purpose of the law of libel and slander the broadcasting of words by means of radio communication shall be treated as publication in a permanent form. As for the severance of defences, in Section (19), Whenever in any action of libel the plaintiff sues more than one defendant, whether jointly, severally, or in the alternative, each defendant may file a separate statement of his case and appear at the trial by separate counsel or if he thinks fit, apologize or pay money into court or make other amends, whatever may be the defences set up by his co-defendants, and the plaintiff may accept such apology, money, or other amends and settle or compromise the suit and discontinue the action as between himself and one or more defendants without reference to the other defendants: Provided always that the rights and interests of the other defendant or defendants shall not in any way be prejudiced thereby.


2. Tommy, a Multimedia student at MMU, was caught by University authority after it was found that he had cracked the University’s information system, defaced the front page of University’s official website and stolen a bulk of confidential data regarding students’ academic records. It was also discovered that he had attempted to break several lecturers’ computer system but without avail. On the investigation he said that all his action was just for fun exploring the system’s weaknesses and without any criminal intention. In this case, advise the University regarding Tommy’s liabilities arising from his actions with reference to the law of computer crimes in Malaysia.

Tommy had cracked MMU’s information system which can lead him to guilty as base on CCA Section 3(1): A person shall be guilty of an offence if (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorized; and (c) he knows at the time when he causes the computer to perform the function that that is the case. If Tommy is guilty under this section, he is liable to a maximum RM 50,000.00 fine or to 5 years imprisonment or to both.

Another wrongful act which Tommy defaced the front page the University’s official website and stolen a bulk of confidential data regarding students’ academic records can actually lead to punishable with a maximum RM 100,000.00 fine or to 7 years imprisonment or to both as according to CCA Section 5(1): A person shall be guilty of an offence if he does any act which he knows will cause unauthorized modification of the contents of any computer. If the act is done with further intention of causing injury, Tommy can be punished up to RM 150,000.00 fine or 10 years imprisonment or both.

Although Tommy had claimed that all his action was just for fun; exploring the system’s weaknesses and without any criminal intention. He is still charged based on CCA Section(3), for recreational hacking, unauthorized access to computer, computer system and computer network, computer cracking to explore loopholes in the system and system intrusion are the acts which prohibited in the provision as well.

Many Malaysian are becoming victims/preys of cyberstalkers in the net. According to a research done by Cyber-Security Malaysia, an agency under the Science, Technology and Innovation Ministry, the number of cases in the first 10 months of the year had more than doubled to 151 from 72 last year.

As the total numbers of Internet user increases from time to time, cyber criminals are also multiplying to commit crimes. As a result, people don't really know where to make complaints if they are a victims of cyberstalker, they assume that being stalked online is normal and nothing much can be done. Unfortunately this misconception is totally wrong. For example, in Malaysia those who feel are being cyberstalked can/should report the breach privacy to Cyber-Security Malaysia, which is tasked with counselling and educating the public on online security. Although the agency is not an enforcement body and cannot apprehend cyber fiends, it has the power to remove malicious content.



Usually cyberstalkers will prey on social networkers from Facebook, Friendster etc. They will sent rude messages or posting personal pictures without the consent of the owner, or abusing their email, blogs and social networking accounts or even terrorise the victims' online contacts.

Report that had been lodged will be sent to the police and it will be treated as criminal harassment cases, which is a very serious offence.

(source: http://www.nst.com.my/Current_News/NST/articles/12kcyb/Article/)

Royal Malaysian Police may now have a better knowledge on cybersecurity as The International Multilateral Partnership Against Cyber Threats (Impact) are planning to conduct courses regarding cybersecurity.

It's aim is to help the police force in better handling with cybersecurity cases such as identity theft etc. Even though the course subjects are still in planning stage, it's expected to be introduce in the first quarter of next year and data forensics will be one of the many subjects to be offered. Beside Malaysian police force, it is said that this course will be offer to police force in The International Multilateral Partnership Against Cyber Threats (Impact) member countries, spreading in 42 countries worldwide.

Impact chairman, Datuk Mohd Noor Amin said that today many people are getting more concerned about online security, especially when it involves their identity, compared to 10 years ago. He also added that identity theft and cybersecurity are difficult problems to solve as for the poor enforcement of laws or even worse, the laws regarding these issues has yet to exist.

Without a standard laws, it's hard to charge a cybercriminal because different country have different laws. For example, victims of the crime can be in one country but the servers used may be somewhere else.

Ideally, laws on identity theft should be enforced considering how easy a criminal can obtain someone’s identity, he said.

A study had been done by information security company Symantec and from the study it shows that 57% of the time people lose their identities because they have lost their laptops or thumbdrives while only 17% is caused by hackers stealing them but either way, there aren’t proper laws to keep one’s identity secure.

In United States itself, privacy and identity theft has increasing drastically with about 200 million identity records exposed there last year. The alarming statistic show that serious action should be taken and implemented fast and efficiently by many countries around the world.



(source: http://star-techcentral.com/tech/story.asp?file=/2009/12/4/technology/20091204113310&sec=technology, www.topnews.in/files/Malaysian_Police.jpg, 3.bp.blogspot.com/.../XrvLpYQJJKQ/s400/PDRM.jpg)