• United States



by CSO Contributor

Second Scam on PayPal Users Revealed; IT Departments Their Own Worst Security Risk; Companies Dig Deep in Quest for Security; FBIs Theory on Anthrax Is Doubted

Oct 28, 20023 mins
CSO and CISOData and Information Security

Second Scam on PayPal Users Revealed

Users of online payment service PayPal Inc. have been targeted for the second time in two months by scam artists trying to steal their personal data, including name, address, home and work telephone numbers and credit card information, according to a story in Fridays issue of Computerworld. A message allegedly from with the subject “PayPal Security Update” directed recipients to a website in order to renew authorization. The URL listed in the e-mail took users to an official-looking site that asked for their personal information, reports Computerworld. The spoofed PayPal site was still available late on Thursday, but not on Friday. PayPal spokeswoman Julie Anderson said the company was notified of the spoof site Thursday morning, immediately contacted the Web host for the site and asked that it be removed. The company also plans to file a suspicious activity report with law enforcement officials. IT Departments Their Own Worst Security RiskThe Register today. IT security holes in corporate systems often open up during systems upgrades or when integrating new applications into core infrastructure, senior managers explained, and 67 percent of them felt that their IT departments lacked the requisite skills to handle the widening spectrum of security threats that exist today. The research also revealed that the majority of senior IT managers (70 per cent) are reviewing physical access to corporate premises and computers, alongside monitoring and identification of IT security vulnerabilities, such as computer virus transmission and hacking through the firewall.

More than half of all senior IT managers (58 per cent) think their own IT departments offer the largest threat to IT security, according to a survey by security consultants Defcom reported in

Companies Dig Deep in Quest for SecurityInternational Herald Tribune. Some argue this level of protection is overkill and companies would be better served concentrating on the robustness of their networks or availability of backup power supplies. Others disagree, saying the physical security of data is paramount. Certainly, the Tribune reports, customer interest in super storage solutions seems to be on an upward trajectory.

Looking for a sense of security in an insecure world, a number of companies are putting their most valuable computer databases 30 meters below ground in a bunkertrying to guard against the risk of nuclear explosion, terrorist attack, chemical or biological warfare, electronic eavesdropping, electromagnetic pulse bombs and former employees bent on revenge, according to a story in todays

FBIs Theory on Anthrax Is DoubtedWashington Post, a significant number of scientists and biological warfare experts are expressing skepticism about the FBIs view that a single disgruntled American scientist prepared the spores and mailed the deadly anthrax letters that killed five people last year. More than a dozen experts interviewed by the Post in recent weeks suggested that investigators might want to reexamine the possibility of state-sponsored terrorism, or try to determine whether weaponized spores may have been stolen by the attacker from an existing, but secret, biodefense program or perhaps given to the attacker by an accomplice.

According to an article in todays