Share This

Sunday, 22 May 2016

Hackers in your heads, Cybercriminals preying on gullible


Cyberscammers tapping into minds - Conmen get personal data from social media


<< You’ve been had: A user checking an SMS alert about an unauthorised credit card transaction.

PETALING JAYA: Cybercriminals are getting into your head.

Realising that victims are no longer falling for the ‘I’m a Prince who wants to deposit US$50mil (RM199mil) into your account’ e-mail, these syndicates have enlisted psychologists and behavioural experts to launch targetted attacks on companies, groups and individuals.

By going through their victims’ social media accounts, they learn more about their targets and are able to craft attractive e-mail, prompting them to respond.

Clicking on the link in the e-mail will download malware that encrypts your device. Computers, smartphones, smartwatches and any other network-connected device, can be locked by cybercriminals who will only release it for a fee, or “ransom”.

Such ransomware has reached our shores, with a total of 5,069 attacks in Malaysia last year, according to cybersecurity company Symantec Corporation.

“The new modus operandi uses social engineering, with the e-mail being crafted by Malaysians who know the local scenario and how to trigger emotional reactions,” Symantec (Asia Pacific and Japan) cyber security services senior director Peter Sparkes told Sunday Star.

For example, if they find out from Facebook that you went shopping, you could get an official-looking e-mail from a trusted source like a government body or postal department saying: ‘You’ve received a free gift from shopping at our KL outlet. Click this link to trace your parcel’.

“Or if they see you at a cycling event, the e-mail could say: ‘Thank you for participating. Click on the link for photos and videos of the ride’,” he said.

“To decrypt your device, they’ll ask for about US$200 (RM782) in virtual currency like Bitcoin, to bypass the banks,” Sparkes added.

Acknowledging this new threat, Malaysian Communications and Multimedia Commission (MCMC) strategic communication head Sheikh Raffie Abd Rahman urged the public to be more alert.

He said one of the most commonly used social engineering techniques was phishing attacks targetting online banking customers.

Such cases would be investigated by the police under the Computer Crimes Act 1997 or the Penal Code.

A total of 1,311 phishing websites have been blocked by the MCMC between last year and March 8.

This includes fake pages created to acquire personal information such as usernames, passwords, banking information and credit card details by masquerading as a trusted entity in an electronic communication.

CyberSecurity Malaysia (CSM) chief executive officer Dr Amirudin Abdul Wahab said the number of incidents reported to the CSM indicates the growing threat of ransomware here.

Revealing that local businesses are also targeted, he said the CSM will work together with international communities to share current information on ransomware threats and disseminate them to the public.

Malaysian Mental Health Association deputy president Datuk Dr Andrew Mohanraj said cybercriminals have become more sophisticated in their approach by enlisting psychologists.

“But whichever methods they use, there is an underlying modus operandi of appealing to human emotions of fear, greed, curiosity, loneliness, compassion or even spirituality,” he said.

By Christina Chin Yuen Meikeng The Star

Cybercriminals preying on gullible


Users beware! With cybercriminals leveling up, ransomware attacks are expected to spike here. Malaysians shouldn't let their guard down when it comes to personal information and should be on the lookout for online scams.


HE wasn’t the fastest, but Eugene (not his real name) feels like a champion after finishing his first marathon.

Posting a selfie he made public on his Facebook account, the 28-year-old later receives an e-mail congratulating him on the feat. “Click on this link to see more pictures and videos of the event,” says the e-mail, which appears to be sent from the organiser of the run.

Curious and hoping to see images of himself, Eugene clicks open the link on his laptop but instead, gets a message telling him his device is now locked. All his files have been encrypted and he can’t access them, including his work document to be submitted on Monday.

The only way he can retrieve them is to pay a hacker a ransom of US$300 (RM1,181) in Bitcoin currency. Such an incident, known as a ransomware attack, could very well happen to you if you are not careful.

To top it all off, these cases are expected to increase this year, with “very specific ransomware targeted very specifically at Malaysians” being detected, says Symantec (Asia Pacific and Japan) cyber security services senior director Peter Sparkes.

According to cybersecurity company Symantec Corporation, Malaysia ranks 47th globally, and 12th in the Asia Pacific and Japan region, in terms of ransomware attacks.

Last year, there were 5,069 ransomware attacks or 14 per day in Malaysia. But Sparkes foresees that these numbers will surge.

“Ransomware is very attractive because it makes lots of money. It’ll be big here in the coming months, probably averaging 20 attacks per day.

“We’ve seen a lot of smartphone attacks recently. They love WhatsApp because the best way to get someone to click on a link is if it comes from someone you know,” he says.

Sparkes describes such crypto ransomware as the latest, and most dangerous malware threat because it’s near impossible to get rid of.

He adds that the experience is very emotional because many people do not back up their data.

“For individuals, losing personal data like photos and videos is traumatic so most victims will pay. Some will even tell you how to infect your friends to decrease your ransom,” he reveals.

Ransomware hackers are also using help from psychologists and behavioural experts to study their victims on social media before sending them personalised messages to trigger a response.

But it is not just ransomware that needs to be taken seriously as Malaysians need to be vigilant over social media scams, with these two being named as key trends in the country now by Symantec Malaysia systems engineering director David Rajoo.

He says cybercrime is extremely widespread with one in three Malaysians surveyed having experienced it in the past year and 83% know of someone else who was a victim.

“Consumers here lost an average of 27 hours and about RM8.9bil over the past year, dealing with the fallout of online crime.

“The amount of personal data stored online continues to grow, and while this free flow of data creates immense opportunities, it also opens the doors to new risks,” he warns.

Cybercriminals preying on personal data are also a cause for concern here and globally.

Sparkes points out that personal assistants and those in human resources are popular targets because that’s how cybercriminals gain access into an organisation’s database.

“Take a hotel for example. I’d target the CEO’s personal assistant. All I need is 200,000 of their best guests. If I sold the details at US$50 (RM197), it’s pretty good money for a day’s work. HR staff’s another good one because they look at CVs,” he says.

Last year, 500 million personal information was breached globally. That, he says, is a conservative estimate.

Someone checks out your Facebook activities, creates a personalised e-mail to get you to click on a link, and that’s it.

Everytime you download an app on social media, you could be giving access to your life, he cautions.

Of 10.8 million apps analysed in 2015, three million were collecting way more information than necessary, Sparkes says.

“Cyber scammers are also making you call them to hand over your cash,” he adds.

They send fake warning messages to devices like smartphones, driving users to attacker-run call centers to dupe them into buying useless services.

The services industry is the most vulnerable sector in the country, attracting 72.4% of spear phishing attacks.

There was also a significant spam increase with Malaysia jumping up the global ranking from 44 in 2014 to 23 last year, he adds, lamenting how many still don’t realise that cybercrime is an industry.

Cybercriminals are professionals using very sophisticated tools and techniques.

“They work like any other legit organisation – it’s a 9am to 5pm job with weekends off, holidays and proper offices. A lot of users still think it’s 18-year-olds in the garage fooling around. Nothing could be further from truth. The guys sell info to the underground economy,” Sparkes says.

Syndicates only need three things – cheap broadband, a cyber-savvy workforce they can hire, and countries where cyber laws are weak. Asia Pacific and Japan has invested significantly to give their population access to the Internet, he adds, explaining the shocking rise of cybercrime.

“I’m particularly concerned about the senior citizens as many are just discovering the Internet. They’re very trusting and will download without questioning. People stress on being streetsmart, but it’s just as crucial to be cybersmart,” he feels.

By Christina Chin Yuen Meikeng The Star

Related story:

M’sians still giving away sensitive info

Saturday, 21 May 2016

Fintech - disruptive technology




http://www.thestar.com.my/business/business-news/2016/05/21/fintech-disruptive-technology/

Businesses are embracing it by coming up with their innovations and startups


A BUZZWORD growing in popularity in the financial world today is “fintech”, short for financial technology, which in a nutshell refers to the use of technology to deliver faster and cheaper financial services.

Going by some predications, fintech could take a big chunk of business away from traditional banks as it is being run by smaller more nimble start-ups. But the debate is still out there as to how much that chunk will be. In Malaysia in particular, fintech’s presence is still nascent and small. Fintech transactions totalled a mere US$6.37mil this year compared with a global figure of US$769.3bil, according to Statista, an online statistics provider.

It however predicts that fintech transaction values to grow to US$14.4bil by 2020. A significant number of fintech companies, especially those in the digital payments space, actually work alongside local banks.

Still, fintech is not to be taken lightly. Top bankers themselves are speaking of its imminent threat to their business. Former Barclays CEO Anthony Jenkins referred to it as banking’s “Uber moment” to describe technological advances that could see bank branches close down and people laid off.

Last April, Jamie Dimon the CEO of the US’ largest bank JP Morgan in his letter to shareholders warned that “Silicon Valley is coming.” “There are hundreds of start-ups with a lot of brains and money working on various alternatives to traditional banking,” Dimon wrote.

On the home front, just last month prominent banker Datuk Seri Nazir Razak echoed such views. Speaking at the Star Media Group’s PowerTalk: Business Series held at Menara Star, Nazir opined that fintech companies are disrupting banking.

“Bankers must respond to this Uber moment. People actually dislike banks today, since the global financial crisis. Recent data suggests that in the US, the cost of banking intermediation has not changed for 100 years in real terms. This simply means banks have not gotten more efficient over the years, so its right that banks get attacked by ‘Silicon Valley’, which has identified banking as an industry that is very ‘ripe’ or juicy to disrupt.”

Even the central bank is echoing these views.

In his maiden keynote address at an Islamic finance conference in Kuala Lumpur last week, Malaysia’s newly-appointed Bank Negara governor Datuk Muhammad Ibrahim gave a grim reminder to banks of the threats posed by fintech. In particular, Muhammad quoted from a report by McKinsey that 10% to 40% of banking revenue is possibly at risk by 2025 due to innovations outside banking institutions that are able to offer a significant pricing advantage and that technologically-driven applications had spread to nearly every segment of the financial sector, with the number of fintech start-ups having doubled in the last year. “Fintech is challenging the status quo of the financial industry,” he said.

To be fair, Malaysian banks are quick to point out that while fintech does represent a disruption to business, they are embracing the movement, by coming up with their own fintech innovations or by working with fintech startups.

So what is fintech?

In a nutshell, fintech is an economy of companies using technology to improve efficiencies and effectiveness in the financial services industry. To illustrate the offerings of fintech companies, consider the business model of homegrown start-up MoneyMatch, which is modelled after UK-based TransferWise which began in 2011 and today moves US$10bil a year through its platform.

MoneyMatch has created a platform to match individual buyers and sellers of currencies, with the attraction of both sides enjoying better exchange rates than what banks and even money changers offer. The rate used by the MoneyMatch site is the middle rate of the currency exchange spread. So an individual for example, willing to buy US$100 for his travels will be matched with someone wanting to change his US$100 into ringgit. The parties will be matched on this application and then proceed to make their exchange in an agreed location. MoneyMatch is also entering the area of cross border fund transfers.

“For example, someone in Singapore wishing to transfer money to Malaysia can be matched with someone here wishing to send an equal amount of money across the Causeway. Hence the parties can make the respective transfers to local accounts of their choice after an exchange of information. This means the transfer is done minus any cross-border transfer fees,” explains MoneyMatch co-founder Naysan Munusamy, who had spent many years as a forex trader with a number of banks before venturing out to start MoneyMatch.

Peer lending

One key growth area in fintech is peer to peer or P2P lending, online platforms that match borrowers with lenders, bypassing the traditional financial institutions. The business had even attracted big names such as Goldman Sachs. The most notable name in this space is Lending Club, which had launched its service as far back as 2007 and became the US’ largest technology IPO in 2014, raising around US$1bil.

Lending Club claims that its platform – which enables borrowers to get unsecured loans of US$1,000 to US$35,000 – has now helped originate close to US$16bil in loans.

Locally, last month the Securities Commission (SC) launched a regulatory framework for P2P lending, paving the way for small and medium-sized companies to access this new avenue of debt funding. Under SC’s rules though, individuals are not allowed to raise money on the local P2P platforms. Rather it is meant to only fund projects and businesses and a number of safeguards are in place. For example, those behind the operator of the P2P platform need to pass the “fit and proper” test; the rate of financing cannot be more than 18% (as that would be deemed predatory lending) and that the P2P operator has to disclose information related to the issuer and the risk assessment and credit scoring parameters adopted by the operator. There is no authorized P2P platform in Malaysia yet as parties wishing to run such platforms have to submit their application to the SC soon.

In China, P2P lending has virtually exploded. As a recent report by Citibank highlights, “China is past the tipping point”, with fintech companies having similar number of clients as the major banks. The report notes that China is the largest P2P lender in the world, with transactions topping US$66bil, compared with the US with only US$16.6bil.

 Regulating fintech

But there are problems. Some unregulated P2P platforms in China had run scams. Others helped fuel an equity roller-coaster by offering funding for stock investments. This led to the Chinese benchmark index rallying more than 150% in the 12 months to last June before abruptly crashing. The Chinese authorities are now cleaning up the P2P sector.

So what are the risks of fintech regulation in Malaysia? And do companies like MoneyMatch need be regulated and licensed?

In an emailed reply to StarBizWeek, Bank Negara says: “Fintech start-ups that engage in activities under the purview of the central bank must comply with existing laws”. Bank Negara explains that regulated businesses include banking, insurance or takaful, money changing, remittance, operating a payment system or issuing payment instruments.

“A fintech company that engages in any activity that falls within the definition of a regulated business must be properly authorised to do so under the relevant laws.

“As an example, collecting deposits via a fintech platform would require approval from Bank Negara.

“A fintech company that is authorised to conduct a regulated business under the laws that Bank Negara administers will be subject to the oversight of Bank Negara pursuant to those laws.”

What this indicates is that Bank Negara is going to regulate fintechs the same way it does banks. But exactly how, it still isn’t clear.

But the good news is this: Bank Negara says it is engaging with firms in this space (and presumably that includes the likes of MoneyMatch), “to understand and where appropriate facilitate their business and provide guidance on aspects on regulation that would be applicable to them.”

Bank Negara adds that it is in the process of formulating a framework that “encourages innovation without undermining financial stability, the integrity of the financial system or the adequate protection for financial consumers.”

The SC has also been pushing for fintech innovation to develop in Malaysia. Last year, Malaysia became the first country in the region to introduce the regulatory framework for equity crowd funding. (While P2P is about companies raising debt, crowd funding is for entrepreneurs to sell equity to investors.)

The SC has also launched aFINity@SC, a fintech community aimed at industry engagement and more recently launched the P2P financing framework, which is aimed at addressing the funding needs of small businesses.

Chin Wei Min, the SC’s new head of innovation and digital strategy, says: “We think fintech can provide solutions to some of the unserved and underserved needs in the capital market.”

Chin adds: “We are also mindful of the risk, fraud and all the pitfalls. We continue to enhance our engagement model. We want to remain very close to the industry.”

Fintech’s hiccups

Some recent developments in the fintech space, however, point to weaknesses in fintech companies. LendingClub, the poster boy company for P2P lending has seen its shares tumble, wiping out about a third of its market value.

This came as it faces scrutiny after its founder and CEO resigned following an investigation into improper loan sales.

The US Treasury has released a report criticising the P2P lending business, recommending it to be more tightly regulated. Some commentators are liking P2P lending to the early days of the subprime mortgage bubble of 2006-07.

It is more likely though that the experiences of fintech in mature markets like China and the US will serve as good guides as to how this business will grow in this part of the world, with the requisite regulations put in place.

And the jury is still out as to whether traditional banks here will lose significant parts of their businesses to fintech start-ups.

Or as one industry observer puts it, fintech is more likely to usurp the business of the shadow banking market here, as some unserved borrowers now have the option to move away from loan sharks or “Ah Longs” and into the crowd funding or P2P platforms. But after that, banks could be next.

By Risen Jayaseelan, Wong Wei-Shen, a Zunaira Saieed The Star


Related story:


Zafrul: ‘We want to anticipate and capitalise on opportunities.’Banking on fintech  



Related post:

Apr 16, 2016 ... WHO dominates the phone dominates the Internet. The whole world of information is now available in your hand, replacing your own mind as a ...

Friday, 20 May 2016

The arbitration decision on South China Sea could 'change the world'

 Chinese J-11 fighter jets intercepted the U.S. EP-3 spy aircraft




THE ruling on an international arbitration case, brought by the Philippines against China on rival claims to the South China Sea, is expected soon.

With the decision widely predicted to favour the Philippines, China – which has refused to participate in the proceedings – has revved up its efforts to influence public opinion at home and abroad.

State-owned media outlets, such as China Radio International’s WeChat account “Watch Asean”, began posting materials provided by the Chinese Foreign Ministry in late April to prove that China lays historical claim to the territory.

Turning to age-old manuscripts like the Book of Han and Record of Foreign Matters written during the Eastern Han Dynasty (25 AD – 220 AD), China said its people were the first to discover, name and administer va­­rious South China Sea islands and therefore enjoy priority rights to own and use the features.

“History has irrefutably proved that China is the sole owner of the South China Sea islands,” it said.

China also cited foreign publications, such as The China Sea Directory by United Kingdom’s Hydrographic Office in 1868 and a 1933 French magazine Le Monde Colonial Illustré, as evidence that Chinese fishermen did live on the islands.

As for other South-East Asian nations that border the South China Sea, China claimed they did not challenge its sovereignty until rich deposits of oil and natural gas were discovered there in the 20th century.

“Vietnam, the Philippines, Malaysia, etc, then ‘occupied’ parts of Nansha (Spratly Islands) and hence the territorial spat ensued,” said Li Guoqing, research fellow of the Institute of Chinese Borderland Studies of the Chinese Academy of Social Sciences told local and international journalists in Beijing.

The conflicts brewed for decades and heightened over the past two years with China’s massive expansion and construction activities in the area, adding airfields, ports and lighthouses to seven islands and reefs.

Its explanation that these facilities were intended for civilian use was not too convin­cing, especially for the United States, which criticised China for “militarising” the disputed waters.

On the international front, China appeared as an aggressive claimant who insists that historical evidence can substantiate its assertion over the territory.

It uses the “nine-dash line” to demarcate its boundary on maps, covering most of the South China Sea and overlapping the exclusive economic zones (EEZ) of Malaysia, Bru­nei, Vietnam, the Philippines and Indo­nesia.

If China is so confident of its sovereignty over the South China Sea, why is it reluctant to appear before the Permanent Court of Arbitration in The Hague?

China said territorial sovereignty is beyond the purview of the United Nations Convention on the Law of the Sea (UNCLOS).

It added that both countries have agreed in the Declaration on the Conduct of Parties in the South China Sea (DOC) to settle disputes through bilateral channels, which means the Philippines’ arbitration has thus breached its obligation under international law.

But the Philippines has emphasised to the five-person tribunal that it is not asking for a ruling on territorial sovereignty, but to clarify its maritime entitlements in the South China Sea.

The tribunal decided in October last year that it has the authority to consider the Philippines’ submissions, adding that the DOC was only a political agreement, which is not legally binding.

The tribunal will rule on whether China’s “nine-dash line” violates UNCLOS, whether the maritime features claimed by both parties should be characterised as “islands, rocks, low-tide elevations or submerged banks” (to determine the maritime zones they are entitled to), and whether “certain Chinese activities” in the South China Sea have violated UNCLOS.

China is adamant that it would not entertain the decision.

“No matter what verdict the arbitration case will be, it is unlawful and invalid. China will neither accept nor recognise it,” Ouyang Yujing, director-general of the Department of Boundary and Ocean Affairs of the Chinese Foreign Ministry, said in a press conference in early May.

Li said it is foreseeable that the disputes over the South China Sea would continue to exist for a long time after the verdict is delivered.

He downplayed the significance of the arbitration, saying that it has been hyped up to appear as if it could “change the world”.

“While China is the most experienced country in the world in solving boundary disputes (through bilateral negotiations), it is also the least experienced when it comes to dealing with territorial claims through international arbitration, so I think China has made the right decision to stay away from the arbitration,” he said.

As China slammed countries outside of the region, such as the US and Japan, for meddling in the maritime row, it is actively lobbying for international support on its stance.

Chinese Foreign Minister Wang Yi, during his three-nation visit to South-East Asia in April, said that Brunei, Cambodia and Laos reached a consensus with China to, among others, agree that countries can choose their own ways to solve disputes and oppose unilateral attempts to impose an agenda on others.

National news agency Xinhua reported that Fiji supported China’s position in a meeting between their foreign ministers in Beijing last month (although the Fijian government quickly clarified that it did not, according to the Fiji Broadcasting Corporation).

Last week, a Doha Declaration was signed by China and 21 countries of the Arab League to support peaceful settlement of disputes through negotiation.

Chinese Foreign Ministry spokesperson Lu Kang said that Gabon, Mauritania and Venezuela have also voiced their support for China.

“We highly commend these countries and regional organisations for their calling for justice,” he said in a daily press briefing.

Judging from China’s behaviour, it is very likely that it will follow up with another publicity blitz to denounce the tribunal’s verdict, if the latter does indeed rule in favour of the Philippines.

The disputes, meanwhile, will be far from over.

By Tho Xin Yi 
Check-in China

Related: 


Manila's move shows it is the real provocateur

China has always opposed the Philippines for its illegal occupation of its islands, and any construction projects on them will not consolidate Manila's illegal claim to sovereignty.


China’s rejection of South China Sea arbitration is reasonable

The Hague-based arbitration tribunal will soon announce the final results of its arbitration on the [Read it]

Hague-based arbitration panel oversteps in the South China Sea issue

As a founder, vindicator and constructor of the international law that is now being violated, China [Read it]

Western speculation will never shake China’s determination in the South China Sea

In recent days, more than 10 countries have shown their support for China’s proposition of peaceful [Read it]

China's stance on S.C. Sea arbitration is to defend rather than disobey int'l law

BEIJING, May 13 -- China's position of neither participating in nor accepting the results of the for [Read it]

US military snooping is more than impolite

[2016-05-20 07:02] To peep into other's courtyard uninvited is at best impolite; to criticize the host for objecting to such behavior compounds the injury.


Pentagon raises risk of midair collision over South China Sea

Once the tensions are lit up, both sides will have to raise the stakes and the situation could spiral out of control at anytime.
Source: Global Times | 2016-5-19 20:40:13


US economic hegemony against world reality

[2016-05-05 07:35] The balanced and sustainable development of the global economy depends on a more equal and fair world economic order, which requires the participation of all major economies in its governance, not just the developed nations.

Related posts:




Philippine presidential election a chance to settle South China Sea ...



Mar 9, 2016 ... China was the earliest to explore, name, develop and administer various South China sea islands. Our ancestors worked diligently here for...


Nov 4, 2015 ... If such provocations continue, China's warships will have to engage in more face- offs with their US counterparts in the South China Sea. Beijing...


Jul 23, 2015 ... Sophisticated diplomacy needed to tackle challenges in South China Sea Philippine President Benigno Aquino III will seek the congressional ...


Nov 18, 2015 ... The suspense is to what extent the US will foist the South China Sea disputes into this economic and trade meeting. Manila has made clear that ...