Security and Risk Complaints Online on Machine vs. machine battle has begun to de-fraud the internet of lies

Standards help, too, as we fight to ensure the cost of sharing doesn’t outweigh the benefits

A long-ago cartoon in The New Yorker put it plainly: “On the Internet, nobody knows you’re a dog.” If that cartoon had been written today, the caption might have read, “On the Internet, nobody knows you’re a fraud.”

Scam artists, snake oil salesmen, sock puppets, bot armies and bullies – every time we look up, it seems as though we discover another form of dishonesty, grifting grown to global scale via the magnificent yet terrifying combination of Internet and smartphone.

None of that should surprise us. People are wonderful and horrible. The network we’ve built for ourselves serves both the honest and the liar. But we have no infrastructure to manage a planet of thieves.

Navigating this stuff goes well beyond ‘caveat emptor’, into the darkest secrets of spear phishing and social engineering playing on our higher selves for the basest reasons. It’s no longer an African prince offering you a hundred million dollars for your assistance; it’s a customer who carefully noted all her transactions and registration numbers on a Word document she’s enclosed in a very helpful email.

Security has been stretched to the breaking point. If things continue as they have, the costs of connectivity could begin to outweigh the benefits, and at that point, the post-Web civilization of sharing and knowledge, already fraying, would unwind comprehensively, as people and businesses withdraw behind defensible perimeters and call it a day.

All of this served as subtext – never spoken, yet always front of mind – at the Twenty-Sixth International Conference on the World Wide Web. In some broader sense, this is all the Web’s fault – the shadow of its culture of sharing – so might it be a problem that the Web can fix?

This question obsessed the hundreds of research postgraduates presenting papers and posters at the conference. Insofar as papers presented by the Web’s core research community are a reliable indicator of the future direction for the Web, that future centers on learning how to detect lies.

Detecting false advertisements, bullies, and bots – all of these can be done with machine learning. It can even be applied to a politician’s tweets – to find out if they’ve been fibbing about where they’ve been, and when.

This flurry of research hearkens back to one of the oldest problems in Computer Science – the Turing Test. Can you detect whether someone at the other end of a text-based connection is a person or a computer? What questions do you ask? How do you analyse their responses? Take those same ideas and apply them to a vendor on Alibaba or an account on Twitter – ask the questions, analyse and probe – then decide: truth or lies.

As Sir Tim Berners-Lee won the ACM A.M. Turing Award last week, the timing of this next evolution of his Web could not be more appropriate. The Web needs to grow a meta-layer of error-checking and truth-telling. Those will likely slow things down a bit, even as it helps us feel more assured that the fake can be suppressed.

This will never be as true as we might want it to be. As soon as any system to detect lies goes into widespread deployment, the least honest and most clever will go to work undermining that algorithmic determination of truth, finding its weaknesses, and exploiting them. It was ever thus; over the long term, the search for truth will has always been an act of persistence and dedication.

Machines can help us in this battle – but machines will be used on both sides, deceiving and revealing deceit. Yet there is hope: there’s too much money on the table to allow the forces of darkness to gain ascendancy. Chaos is bad for business.

Any alignment of commerce with the greater good is a rare and potent combination, meaning the resources to fight this battle will be available into the foreseeable future. Those graduate students with their fraud and bot detection algorithms will be snapped up by those giant firms whose profits depend on a Web that is truthful enough for commerce. When it comes to truth, what’s good for Google and Facebook is good for the rest of us.

Advertisements

Fraud Labs Pro Fraud Detection and Fraud Detection Solutions: What is ISP usage type validation?

From an IP address, you can find out where the IP address is coming from, whether it’s from a fixed line, a mobile line, a military IP and so on. This is what we referred as ISP usage type in our fraud verification system. This information plays an important fraud indicator in telling you if any phishing activity behind the scene. For example, if you found out an IP address coming from Data Center/Web Hosting/Transit, chances are they may not be a legitimate buyers. You may want to flag this order for fraud review and manually calling them for further authentication.

What are the ISP usage types supported?

  • Commercial
  • Organization
  • Government
  • Military
  • University/College/School
  • Library
  • Content Delivery Network
  • Fixed Line
  • Mobile Line
  • Data center/Web Hosting/Transit
  • Search Engine Spider

Below are the steps on how to configure the usage type validation

1. Login to the FraudLabs Pro Merchant Control Panel.

2. Click on the Rules then click Add Rule.

add fraud validation rule

3. Select ISP Usage Type below the IP Validation

IP Validation

4. Select the Condition.

configure fraud rules - ISP type validation

5. Select the ISP that you wish to validate.

configure fraud rules - ISP type validation

6. Choose the action you want.

configure fraud rules - ISP type validation

7. Click Add Rule and don’t forget to click Save and you are done.

We Tested 50+ Free Security Tools so You can Use Them for Your Online Protection

Heimdal Online Security – The idea that we should create a gargantuan list of cyber security tools started to spring in our minds around the beginning of this year.

We started from a simple idea: It should be useful. We need it. You need it. It will come in handy in the future, to have all those tools in one place.

In our journey into the cyber security and data protection world, we ran into lots of useful tools. Some of them were unmarketed gems that we had no idea that they even existed. We ran into most of them completely by mistake, while searching for something else (usually on Quora or randomly navigating on blogs).

When we finally decided to do it, to work on the list, we had no idea how and where to begin.

What tools should we include? What should we not? How do we tell if one is worthy and the other one is not?

Do we mention ultra-known products?

What about antivirus products? We haven’t tested them all since there are independent industry experts who do a much better job.

Should we mention the services that are duplicated and basically do the same thing? Or should we stick to the best?

Why? Who decides what’s best for someone and what’s not?

Should we stick to what’s free or should we also add paid products?

Eventually we came up with what we’re about to read. But first here’s a quick guideline that you should read before we jump right to the subject:

We don’t claim that this is the ultimate list. It’s not complete and it’s definitely not final. It probably never will be. We are aware that we missed lots of essential, important tools – by mistake or just because we can’t know them all. So please feel free to jump in with more useful tools that you feel they should be mentioned.

We stayed away from recommending antivirus, VPN or firewall products. There are independent industry experts who only do that. Instead, we prefer to list those experts or websites that will help you compare such services, in order to choose what’s best for you.

Click here to Continue….