cybersecurity

Gokul Vasudev has over 18 years of experience in providing key IT security and assurance functions. In this article he explains what zero trust is (it isn't the same as "trustless" in crypto) and why is an effective approach to addressing risks in today's digital landscape.

There are many reports saying that this or that country is the source of the majority of spam, hacking or other internet harms.

But there is one dataset, open to all, that contains relevant and accurate information drawn from active websites all over the world and what that tells us is not what we think we know.

Even by the standards of spammers, we have to be impressed with the targeting of this outfit. antimoneylaundering.net has, this spammer claims, sent an e-mail to antimoneylaundering.net. That's our sister domain. That's not clever - lots of criminals do that. It's not even clever to put the name in the "from " - criminals and sales people do that. But to tie it to something that might actually be of genuine interest? That is clever or, at least, devious.

Below is an example of the tactics used by Israeli company RevenueHits that sells itself as a high-profit platform to rival Google Adsense.

This advertisement takes control of the user's browser, produces a page that falsely claims to belong to Microsoft and then says that the computer is locked and asks for a user-name and password. The window cannot be closed by usual means. Amongst other things, it threatens the standard business model of millions of websites.