Things to Take Note to Prevent E-auction Fraud When a Consumer Participating in an E-auction



An auction is a market mechanism by which buyers make bids and sellers place offers. Auctions are characterized by the competitive and dynamic nature by which the final price is reached. Electronic auctions (e-auctions), auctions conducted online, have been in existence for several years on local area networks and were started on the Internet in 1995.

Internet auction fraud is a growing epidemic worldwide, as online shopping has grown significantly every year that online shopping has been available. Most internet auction fraud cases involve straightforward scams where consumers allegedly win merchandise by being the highest bidder. All sounds good until they send the payment and never receive the merchandise. Everyone can lower their risk by knowing what auction fraud is, how to detect it, and how to prevent falling for it.

Below are some tips on keeping your risk at a minimum when purchasing items from an online auction website.




  • Become familiar with the auction website. Look into the websites protection policies. Never assume you are protected from auction fraud.

  • Before placing a bid, learn as much as you can about the seller. If you can’t find anything out about the seller, than avoid doing business with them. Never fall for promises of better deals by moving away from the original auction website.

  • If the seller wants you to use an escrow service you’ve never heard of, look into it. Check out the website. Call up customer support. If you can’t confirm the legitimacy, don’t use it.

  • Never ever give out your social security number, driver’s license number, credit card number, or bank account information until you have thoroughly checked out the seller and the escrow service.

  • Always save 100% of the transaction information. You’ll be glad you did in the event your case makes it to court.

  • If after the sale you feel the item/payment should have been delivered already, try to work it out with the seller/buyer.

References:
http://wps.prenhall.com/wps/media/objects/260/267260/online_appendices/Turban-Appendix2A.pdf




by Wong Leed Chen
Posted on 12:16 PM by 4EvEr and filed under | 0 Comments »

E-Government in Malaysia: Its implementation so far and citizen’s adoption strategies.

Nowadays, in order to improve the effectiveness of government operate to improve service, Malaysia had implemented the electronic government. The e-government initiative launched the country into the Information Age. E-government is one of the seven flagship applications introduced in Multimedia Super Corridor (MSC).




There are 7 main project in MSC:

  1. Project Monitoring System (PMS)
  2. Human Resource Management Information System (HRMIS)
  3. Generic Office Environment (GOE)
  4. Electronic Procurement (EP)
  5. Electronic Services (E-Services)
  6. Electronic Labor Exchange (ELX)
  7. E-Syariah


The entire website allow user to download various kind of form for any government department application. The website has dual languages which are Bahasa Malaysia and English. Besides, there are 4 types of E-government services which are Government-to-Citizen (G2C), Government-to-Business (G2B), Government-to-Employee (G2E), and Government-to-Government (G2G).

However, there are some problems faced in e-government implementation:

  • Language barrier – Although the website provide dual languages, most of the government websites using Bahasa Malaysia. Some other Chinese citizen might not able to understand as well.
  • Technological barrier - Lack of technical infrastructure and often website down.
  • Online behaviour - Malaysians remain skeptical on being distrust on electronic transaction especially on online banking buying from an Internet store.
  • Lack of public awareness - Public are not aware of the services offered especially elder and those who not familiar which computer.


E-Government adoption is affected by website design elements which included sense of perceived risk, feeling of perceived control and prior Internet experience, and also by citizen satisfaction with the quality of its services.

Customer satisfaction: E-Government adoption requires that citizens show higher levels of satisfaction with the online service provided by the government. This will increase the rate of e-Government adoption.


Website Design: Personalization of websites, customization of product offerings, and self-care are the three key features can build relationship with the visitors and enhance their experience.



User Characteristic: User characteristics included perceived risk, perceived control, and internet experience. Experience influences a citizen’s trust of e-Government. Users, who have prior experience and satisfied with the service, will continue use e-Government services. Perceived risk refers to security and privacy issues that could discourage the use of online services. It is important to ensure that citizens can transact online securely and their personal information.



Service Quality: Online service quality for e-Government refers to quality of content provided on the website, the speed of the response to the citizens concerns with problem solving approach, and the availability of names. On the other hand, telephone and fax numbers of personnel must be available all the time. Besides, the integration of an offline channel with online channel so that citizens could interact with government departments through other means if necessary.



The government should be able to propose an effective strategy to encourage citizen’s adoption of e-government by focusing on these 4 areas. This can lead our E-government project to a successful era.



Refrences:
http://e-comm4entrepreneur.blogspot.com/2008/07/e-government-in-malaysia-its.html


http://www.myeg.com.my/http://en.wikipedia.org/wiki/E-government

http://www.hasil.org.my/english/eng_index.asp

by Foo Seow Min

Posted on 9:49 AM by 4EvEr and filed under | 0 Comments »

Corporate Blogging: A New Marketing Communication Tool for Companies


The rules for reaching buyers through online communications have changed dramatically. Most marketers know and use several ways to tell their story on the web, such as email marketing and newsletters, through the media or via a company’s marketing communications website. While these tools are important, now we have another important alternative: the corporate blogging.

Corporate blogging is published and used by an organization to reach its organizational goal. Corporate blog has divided into three types and there are internal blogs, external blogs, and CEO blogs.

Corporate blogging is used as the new marketing communication tool for companies because it is a way of promoting about anything whether it may be public relations, marketing a new product, improving brand image and for research.

One of the pros of corporate blogging is posts and comments are easy to reach and follow by employees due to centralized hosting and generally structured conversation threads. Besides that, a search able archive of thoughts and ideas can be created and jotting down within an hour through corporate blogging that cost cheaper than other ways. Lastly, executives can receive the important information from employees and customers’ questions and feedback that will be permanently recorded on the blog and increases the efficiency while decreases the time wasted on needless e-mails.

In conclusion, corporate blogging is getting important for corporation to deliver the message privately or publicly since it has become a new less time consuming and less expensive way to reach potential and current customers.




by Lim Hui Min
Posted on 5:44 PM by 4EvEr and filed under | 0 Comments »

Review a Local E-commerce Site

  • The local E-commerce Site I want to review is Eko Solution (http://www.eko-solution.com/). It is develop based on Penang (Malaysia) since 2002. It focuses web design services in Penang and northern religions. It is a web design and application specialist.


Eko Solution has provide corporate web design, ecommerce web design, shopping cart, online credit card payment, and web site redesign service.

They have provide several services, include:

  • Corporate & flash web design
  • Web site redesign service
  • ecommerce web site with online payment
  • ecommerce Shopping Cart system
  • Content Management System (CMS)
  • Online Product Catalogue & web site
  • Member Login, Purchase & Reward Points System
  • Web Portal (Advertising & Listing subscription)
  • Special Web site development
  • PHP scripts & MySQL database
  • Web hosting service
  • Domain name registration

The layout of Eko Solution is neat and easy to understand. They are using the bright yellow and white colours in words and use the blue and black colours be the background colour, it is easier to catch the attention of clients. The font also clear and easy to read. They are also easy to one page from one page, so the clients just need to click on the link that they want to, but they do not have the search engine service. The speed that to open the website is fast, clients no need take too long time to wait it download the website.

The layout of the Eko Solution:


Eko Solution has provide shopping cart for the clients and also provide the demo for clients to preview the design.

The shopping cart that they provide:

Eko Solution accpets the online credit card to make the pyament. Clients can accept online credit card via Paypal and receive money at any time into local banks (selected only) and use ATM card as normal to withdraw. The bank does not charge ATM withdrawal fee. Eko Solution has teach clients how to to add VISA Electron debit card into Paypal in order to withdraw money. They also provide tutorial to guide clients through the video step-by-step and through live training via Skype.


Online Payment Page which accepts Credit Card & Paypal


Step-by-step on How to add your VISA Electron debit card into Paypal in order to withdraw money


1. Login paypal, under "My Account", mouseover to "Profile" and select "Add or Edit Credit Card".


2. Enter your card details and click "Add Card" button to confirm.

3. After completing the card registration process, go to "My Account", you can see on the left appear a new link "Link and confirm card". Click on it.


4. Click "Save and continue" button to proceed.


5. Read the instruction. In order to ensure that you are the owner of the card, Paypal will try to charge your debit card USD1.95 (refundable after you verified it) . Click "Continue" to activate the verification process. After the next 2-3 days, check your debit card online e-statement (faster) or your printed statement for the 4-digit secret code in the transaction details.



6. After you have the 4-digit code, login to Paypal again. Go to "My Account" -> "Profile" -> "Add or Edit Credit Card".



7. Click "Enter Paypal Code".






8. Enter the 4-digit code and Submit. That's all. You can now withdraw your fund to your debit card.


In conclusion, Eko Solution is a good choice for the businessman who want create their own website.


Reference:

http://www.eko-solution.com/



by Koh Suh Tyng

Posted on 12:51 PM by 4EvEr and filed under | 0 Comments »

Credit Card Debt: Causes and Prevention

Credit card is defined as card that may be used repeatedly to purchase product and services on credit which issued by banks and financial institutions. Credit cards provide us with the added security and ease when shopping and traveling but we tend to misuse them and may lead to credit card debt. When properly used, is an extremely convenient tool. Unfortunately, a lot of people use credit cards as a "crutch." If they can't afford something they really want, they charge it. When it comes the time to pay the bill they pay the minimum amount due. This is where credit card debt arises where debt accumulates and increases via interest and penalties.

Credit card debts are major cause of bankruptcies each year. It is because many people have never realized of its consequences from financial and non financial perspectives when get a new credit card or not enough safety net when there is an incident happen.

The results of not paying this debt on time are that the company will charge a late payment penalty and report the late payment to credit rating agencies. Being late on a payment is sometimes referred to as being in "default". The late payment penalty itself increases the amount of debt the consumer has.

There are causes of debt will be discussed in the below:
1. Poor money management – Nowadays, people are unaware to conduct a monthly spending plan and do not keep track of monthly bills. People have never realized their spending on the items that are useless and do not have any value in their life. Thus, it has lead to a rise in debts by using credit cards.
2. Banking on a windfall - Very often, spending tomorrow's money today is very tempting. It is advisable that don’t spend until you hold an amount of money in hand.
3. Financial illiteracy - Many people don't understand how money works and grows, how to save and invest for a rainy day, or even why they should balance their checkbook.
4. Excessive medical expenses -Credit card will probably become one of the sources of funds to pay off the medical expenses if health insurance is not adequate to cover the medical bills if one of your family members suffers serious illness. In United States, almost everyone pays their medical expenses by credit cards to get treatment.
5. Gambling - Gambling has become part of entertainments in our life. It is hard to stop when it becomes addictive. Thus, it will surely lead to a financial disaster if borrowing money through credit card for gambling.

Preventions:
1) Making and budget
People have to create clear budget and stick on it that includes monthly bills, food, clothes, entertainment and miscellaneous expenses will prevent from overspending and fall under deeper debt load. Besides, credit card users should pay off your debts to get rid of the highest interest payment first. List all of your credit card debts, and the amount you are paying each month. Pay off the lowest amount first. Then use that money to start paying off the second lowest amount.
2) Self control and discipline
One of the best practices is to have a direct set up so that able to pay back the full amount each month and use in emergencies. Thus, self control and discipline to keep these cards in wallet and would not overspend. Avoiding the expensive purchases and not buying things that you don't really need on credit is an important step to getting on the right track. Lastly, keep our credit cards spending to amounts that we know we can pay off, don't go over-board with unnecessary purchases, and budget how we plan on paying back our charges.
3) Choosing card wisely
People are advised to cut up your cards so that you are not tempted to use them. Pick and sign up for companies that are willing to offer us a low percentage rate and cut up the rest The one you keep should be deemed an ‘emergency card.”


References:
http://en.wikipedia.org/wiki/Credit_card

http://www.mozdex.com/prevent-credit-card-debt/

http://ezinearticles.com/?Understanding-Credit-Card-Debt-Problems&id=1225936

http://ezinearticles.com/?Credit-Card-Debt---Prevention-Is-Better-Than-Cure&id=226244

http://www.fastweb.com/fastweb/resources/articles/index/102925

http://www.bankrate.com/brm/news/debt/debt_manage_2004/top-10-causes.asp



by Foo Seow Min
Posted on 8:37 AM by 4EvEr and filed under | 0 Comments »

The application of pre-paid cash card for consumers

Prepaid cash cards are plastic card which provides an alternative payment method to cash when making purchases. Functionally, it is using existing money rather than borrowing. However, personal identification number has to be keyed in for the transaction to be authorized if using prepaid cash cards. Before use, the user needs to load the card with a sum of money.

They are designed to be used as a safer alternative as compare to cash. The use of prepaid cash cards has become widespread in many countries and has overtaken in some instances cash transactions by volume.

The prepaid cash card is of use in several ways, namely:
1. Pay bill – Rent, utilities, insurance, car payment, and cell phone bills can be paid instantly.
2. Shop anywhere as long as the card using is accepted at different retailers, buys fuel at the pump, pay by phone, and shop on the Internet.
3. Get cash at ATMs, any time of the day, and any day of the week.
4. Transfer money – For some prepaid cash card they provide the convenient such as send or receive money via bank wire transfers, between two cards.


5. Pay for toll – Touch n Go card can be used at all highways in Malaysia, major public transports in Klang Valley, selected parking sites and theme park
6. Replacement for travellers’ cash – Customers buy prepaid debit cards denominated in the currency of destination, and then use them to withdraw cash at ATMs or pay for goods or services. It is a great way to carry prepaid cash card, because it is much safer and more secure than carrying around large amounts of cash.



References:
http://www.moneysupermarket.com/cards/prepaid-cards-guide1.asp

http://www.mastercard.com/us/personal/en/aboutourcards/gift_prepaid/

http://ecommercesite.wordpress.com/2008/06/27/the-application-of-pre-paid-cash-card-for-consumers-2/
by Lim Hui Min
Posted on 9:23 PM by 4EvEr and filed under | 0 Comments »

Electronic Currency



Electronic currency is also known as e-money, electronic cash, digital cash or digital currency. It’s refers to the cash that is exchanged only electronically. Typically, this involves use of computer networks, the internet and digital stored value systems.

Electronic currency means the money that use over the internet. Electronic currency allows its holder to buy the goods and the services that the vastness of the internet offers. Just like in normal everyday monetary currencies, electronic currencies are also varied. Each one of them is backed by an underlying monetary currency or in some cases, even valuable or precious metals.


The examples of electronic currency are Electronic Fund Transfer (EFT) and direct deposit. EFT refers to the computer-based systems used to perform financial transactions electronically while direct deposit is a banking term used to refer to certain systems used to transfer money.



People can use the electronic currency to do their business and earn only few dollars of investment. In fact, some of the experts will suggest the beginners to start with only a few dollars so that they can first learn the ropes of electronic currency.


There are 3 main benefits to use the electronic currency:
1. Electronic currency trading has a low transaction cost.
2. It is different with other businesses that will eat up your profit with a huge amount of fees. It allows people to do business with minimal fees and give them more profit and money.
3. It is convenient and flexible to the persons involved because it does not sleep so night or day, the world is merely at people’s fingertips and electronic currency traders can also conduct business anywhere in the world.

There are few websites examples that can let people to do e-currency trading such as MG E-currency, JT GOLD.com.


References:
http://www.romow.com/business-blog/benefits-of-e-currency-trading/

http://en.wikipedia.org/wiki/Digital_cash



by Koh Suh Tyng
Posted on 9:14 PM by 4EvEr and filed under | 0 Comments »

Mobile Payment Systems in Malaysia: Its Potentials and Consumers’ Adoption Strategy

M-payments are payments made using mobile handsets and other devices, either to directly purchase or to authorize payment for goods and services. Such devices are playing an increasing end evolving role in the wider development of electronic payment systems around Asia Pacific.

Mobile payment system has been widely introduced in developing country years ago. However, it has only been popular recently in Malaysia. It can be used for purchasing music, ring tones, wallpaper and games (there are many of these type of service or product offered in Malaysia’s newspaper). Most Malaysian buys these ring tones and games via mobile payment, either via GPRS/WAP or SMS (premium SMS based transactional payments).


Maxis and Maybank in Malaysia both provide a simple m-banking service for subscribers (bill payment, balance enquiries, fund transfers), which can also be used to top-up Maxis accounts, download Maxis content and pay for products such as pizzas and movie tickets. Maxis customers are changed less than half of what the banks charge for sending money overseas. Another Maxis competitor, Digi, is providing many of the same services.

Although mobile payment system is not a fresh term anymore, however it still has huge potentials in Malaysia. The high penetration rate establish mobile phone networks as an increasingly popular channel for Malaysians to perform a surplus of activities beyond voice communication, encompassing all forms of digital communication, commerce, banking and payments. Indeed, payments via text messaging have the potential to grow in importance.

For consumers’ adoption strategies, in Malaysia, most of the company will reward the consumer by giving gift at certain level of purchasing or giving redemption of reward. In order to encourage consumer to adopt mobile payment systems, it should enhance consumer confidence toward security, safety and reliability of the systems. It can also educate consumers through seminar or advertisement about the function and the usage of mobile payment system. Furthermore, it should increase the number of company that can accept mobile payment system.



References:


http://www.neowave.com.my/sellmore/wp-content/uploads/2008/01/mobile-payments-asiapacific-kpmg.pdf

http://www.bis.org/review/r080605d.pdf


by Wong Leed Chen
Posted on 9:01 PM by 4EvEr and filed under | 0 Comments »

Phishing: Examples and its prevention methods.

Phishing is an attempt to criminally & fraudulently steal people information such as username, password, credit card number, bank account number to invade other people privacy. It also can be defined as Phishing emails attempt to steal your identity and will often ask you to reveal your password or other personal or financial information.

The perpetrator will use fake website they have created to steal the information from people, the fraudulent email address that they have sent usually redirect to the perpetrator website which is fake so that it looks similar to the original website., such as through e-mail, ebay, paypal, bestbuy, msn, yahoo, Citibank, AOL & etc.

Example of phishing from e-mail:




Example of phishing from Citibank:

There are many prevention methods to prevent or stop phishing:
1) Never reply to e-mail message that request your personal information.
Legitimate companies don’t ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself but don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place.


2) Don’t click links in suspicious e-mail, the link might not be trustworthy. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a “refund.” If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card. In any case, delete random emails that ask you to confirm or divulge your financial information.

3) Help protect your PC, keep your PC updated & use antivirus software.
Anti-virus software scans incoming communications for troublesome files that can effectively reverse the damage; and that updates automatically. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.


4) Don’t send personal information in regular e-mail messages.
Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). However, no indicator is foolproof; some phishers have forged security icons.


5) Monitor your transaction, and review credit card and bank account statements as soon as you receive them
Check for unauthorized charges. If the statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Although internet has given us many convenience especially in buying or selling goods or services, but the awareness must be taken into account so that we will not been cheated.


References:
http://www.planb-security.net/wp/503167-001_PhishingDetectionandPrevention.pdf

http://chowkamleeng.blogspot.com/2008/06/phishing-examples-its-prevention.html

by Lim Hui Min

Posted on 12:40 PM by 4EvEr and filed under | 1 Comments »

The application of 3rd party certification programme in Malaysia.


TrustGate is a licensed Certification Authority (CA) in Malaysia since 1999 which is famous application of 3rd party certification programme in Malaysia. It offers complete security solutions and leading trust services that are needed by individuals, enterprises, government, and e-commerce service providers using digital certificates, digital signatures, encryption and decryption.

It was incorporated in 1999 and its objectives are to secure the open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region. Its core business is to provide digital certification services, including digital certificates, cryptographic products, and software development.

TrustGate has provided several products and services. They are SSL Certificate, Managed PKI, Personal ID, MYTRUST, MYKAD ID, SSL VPN, Managed Security Services, VeriSign Certified Training, and Application Development. The vision of TrustGate is to enable organizations to conduct their business securely over the Internet, as much as what they have been enjoying in the physical world.

It also provides the finest Public Key Infrastructure (PKI) to assist all types of companies and institutions conducting their business over the Internet. The state of the art back-end infrastructure that costs RM 14 million is one of the best in the region.

Digital certificate usually attach to an e-mail message or an embedded program in a web page that verifies that user or website is who they aim to be. The common functions of digital certificate are user authentication, encryption, and digital signatures.

The user authentication has provided security than username and password. Encryption can secure the data transmission. The intended recipient of the data is only person to receive the message. Digital signature is like hand signature in the internet world. It can ensure the integrity of the data.

By using the digital certificate, users will not fear when make the transaction through the internet. It will avoid the problems of personal data being stolen, information contaminated by third parties, and the transacting party denying any commercial commitment with the users.

Furthermore, the digital certificate has brought many benefits to users in the internet world. So, it is important for users when using the internet.



Reference:


by Koh Suh Tyng
Posted on 10:57 PM by 4EvEr and filed under | 1 Comments »

How to safeguard our personal and financial data?


Internet is a public network of nearly 50,000 networks connecting millions of computers throughout the world. Nowadays, internet is no longer a safe place. Data is sent back and forth through various servers through which personal and information and financial data are housed. The is a problem occur when data transferring which is the ability to intercept and record that data that is moving from server A to server B. Hackers have the ability to intercept and use that information, such as credit card numbers and expiry dates, to falsely do transactions.


The information is including name, date of birth, gender, address, telephone, e-mail address, occupation and interests. “Personal Financial Information” means any record containing a customer of a financial institution, whether in paper, electronic, or another form, that is handled by behalf of the institution or its affiliates. It also may include company’s secret such as consumer information records such as names, addresses, phone numbers, bank and credit card account numbers and et-cetera.


Although some website has provided the privacy and security to user, such as: Secure Socket Layer (SSL), require password customization, monitor industry standards and etc. But yet, data stolen cases are still increasing.

There are a few simple approaches I would like to share on how to safeguard our personal and financial data:


1. Protection of financial accountsInternet users should review the transaction confirmations and quarterly statements as soon as they receive and notify to the website immediately of any unauthorized activity. Besides, review your credit report regularly for inaccuracies. Shred, rather than toss, documents which include credit card offers, bank statements and junk mail.

2. Password and Social Security protectionPassword and other security features add layer of protection if used appropriately by viewing to the "Choosing and Protecting Passwords" and " Supplementing Passwords". Avoid using passwords that are easy for someone to guess, such as the name of your favorite pet or your date of birth. We should not write this information down and never carry it in your wallet or briefcase. Use a combination of numbers and letters if possible.
Protect your Social Security number as well. Store your card in a safe place and avoid giving the number to others.

3. Secure our computers
We must make sure that our computers have up-to-date spyware; antivirus protection program such as Symantec, Norton antivirus, AVG antivirus and firewall software to protect ourselves against viruses and worms that may steal or alter our personal and financial data. These antivirus protection programs should update every single day to make sure it is up to date to protect our computers.
On the other hand, avoid clicking on pop-up ads or downloading information from unknown sites. Some website might have spyware that can hack our personal information.


4. Conduct the transaction on trusted methodThe best way to protect our financial and personal data is by conducting the transaction with trusted, well known online retailers that using the reputable payment processors such as Paypal or Google Checkout. Avoid giving your personal information to “cold callers” and other unknown parties online, via e-mail and over the phone. Hacker might able to get the information during the transactions.

5. Avoid accessing financial information in publicUse your own computer, instead of a work or public machine, to access financial and other sensitive personal information. Some private information might expose to others when we use public computer. Besides, resist using free wireless connections particularly in cafes, airports and other public places to check personal information.


If we have no choice but to use public computers, we must remember to close the browser window. This is to prevent other users from reading your personal information and mail.





by Foo Seow Min
Posted on 10:46 PM by 4EvEr and filed under | 1 Comments »

Threat of Online Security: How Safe Is Our Data?


Nowadays, people rely on computers to create, store and manage critical information. Consequently, it is important for users to aware that computer security plays a major role in protecting their data from loss, damage, and misuse.

Most security threats are made by attackers using a relatively small number of vulnerabilities. Attackers, being relatively opportunistic, take the path of least resistance, and continue to take advantage of these most common failures, rather than seeking out new exploits or taking advantage of more difficult ones.


According to the SANS Institute (SysAdmin, Audit, Network, Security Institute), the top ten threats are:

  • Web servers and services. Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.
  • Workstation service. An attacker can obtain full control over a computer by compromising the Windows Workstation service, which is normally used to route user requests.
  • Windows remote access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.
  • Microsoft SQL Server (MSSQL). Several vulnerabilities exist in MSSQL that could allow an attacker to gain information from a database or compromise the server. In addition to applying all the latest patches, enabling SQL Server Authentication Logging and securing the server at both the network and system level will prevent most of these attacks.
  • Windows authentication. Most Windows systems use passwords, but passwords can be easily guessed or stolen. Creating stronger, more difficult to guess passwords, not using default passwords, and following a recommended password policy will prevent password attacks.
  • Web browsers. Your window to the Internet, a Web browser contains much vulnerability. Common exploits may include disclosure of “cookies” with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Configuring the browser’s security settings for a setting higher than the default value will prevent most Web browser attacks.
  • File sharing applications. Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.
  • LSAS exposures. The Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.
  • Mail client. Attackers can use the mail client on a computer to spread worms or viruses, by including them as attachments in emails. Configuring the mail server appropriately, and blocking attachments such as .exe or .vbs files, will prevent most mail client attacks.
  • Instant messaging. Many corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.

In conclusion, risk exposed by computer users is increasing with the increasing developed technology. Therefore, safeguards developed must be always up to date to enhance the defenses against online security threats. In the same time, users must be educated and informed about the crucial damages and loss caused by imposing online security threats.

Posted on 10:08 PM by 4EvEr and filed under | 0 Comments »

Identify and compare the revenue model for Google, Amazon.com and eBay

Google is an American public corporation. The Google’s revenue model are Google Adwords and Google Adsense. Google Adwords offers pay per click advertising, This program includes local, national, and international distribution which present the advertisements to people at the moment the people are looking for information through Google’s search engine. The payment model is based on the qualifying click-throughs. When a user uses the Google’s serach engine, advertisements for relevent words are shown on the right side of the screen.



Adsense is an ad serving program, which is run by the Google. Website owners can enroll in this program to enable text, image and, video advertisements on their sites. Revenue is generated on a per-click or per-thousand-ads-displayed basis and the ads are administered by Google. Google advertisers are required to pay Google a fee each time a user clicks on one of their ads displayed on Google Network members’ web sites.

Amazon.com is an American electronic commerce (e-commerce) company which started the business is the on-line bookstore, but later varies the product lines. It allows users to submit reviews to the web page of each product and able to rate the product on a rating scale in order to give a reference for other users. An Amazon partner website can display Amazon books directly on their website, and sends customers to the Amazon’s website when the visitor is ready to buy it. In turn, Amazon pays a commission for the sale to the site owner.


eBay is an American Internet company. It is an online auction and shopping website that the people and businesses buy and sell goods and services worldwide. eBay Incorporation also owns Paypal and Skype.


Millions items are listed, bought, and sold everyday. The services and intangibles items are also included. Anything can be sold as long as it is not illegal and does not violate the eBay rules and regulations policy.


References:




by Lim Hui Min
Posted on 8:03 PM by 4EvEr and filed under | 0 Comments »

An example of an E-Commerce failure and its causes

E-commerce has evolved since the late 1990s. Many companies and individuals have been using e-commerce to do business. Besides, it allows people to do shopping online. Many have succeeded, and many have failed as well. Let us now look at the reasons for the failure.

There are 10 reasons for the failure of E-commerce included:
1) Trying to sell the wrong product online
2) Lacking of marketing
3) A poorly designed website
4) Falling behind time
5) Poor checkout procedures
6) Not testing your site
7) A hard-to-find or nonexistent privacy policy
8) Poor order fulfillment
9) Straying from your objective
10) Poor customer service

Dell Computer Corporation (www.dell.com) is one of the largest firms consisting of approximately 30,000 employees. They are located throughout the United States and contain high top quality supplies and security services. In order for a large company like Dell to grow with all the competitors in the industry, the organization must be willing to take chances, to expand the corporation.

Dell’s success over the years has caused concern for the future of the young company. Dell’s business-to-business (B2B) exchange failed for a number of reasons. The primary reason is the lack of insight in the research and development area. A lack of knowledge in this area proved to be detrimental because the company was unprepared for the lack of cooperation that other businesses showed in this new idea.

Dell gave up too early in the game because their expected profits were not met. If the business allowed more time to prove itself, it might have been able to salvage some of its profits. They should have focused on showing consumers that they are not just a PC firm. One way to do this would be to advertise the B2B and demonstrate their reliability and value of their computers. This would target their faithful customers, aiming to enhance the loyalty in the Dell brand name.

Another downfall may have been due to Dell’s choice of suppliers. 3M, Motorola, and Pitney Bowes are second-rate firms compared to companies such as Compaq, Hewlett-Packard and Gateway. Last May, these three firms joined forces and formed an Internet-based exchange.
On the other hand, if Dell incorporated smaller companies, they would have had more support and the potential for a larger growth. On the other hand, if they select a well-known firm which is closely related to the computer industry, it could have provided consumers with a high degree of reassurance. For example, combining with Canon or Epson may have been a better B2B E-commerce strategy. These companies are closely related and can all be used with a Dell computer.


The B2B exchange is an opportunity for the future of the company, yet it needs to reinvest in research and development before it continues with this idea. Dell recklessly jumped into this market and as a result failed after four months. They were not able to obtain the profits they originally predicted. Luckily Dell is a strong company and was able to survive after the loss. With the future of the B2B commerce looking very bright, it would be a good idea for Dell to continue on this project with an optimistic outlook.


Reference:
Success and Failure of e-commerce
http://www.allbusiness.com/sales/internet-e-commerce/3972-1.html

Dell Computer Corp.: Failure in B2B E-Commerce Strategy
http://web.syr.edu/~efedelma/dell.html

by Foo Seow Min
Posted on 7:56 PM by 4EvEr and filed under | 0 Comments »

An example of an E-Commerce success and its causes


The PayPal (http://www.PayPal.com/) is the result of a March 2000 merger between Confinity and X.com. Documentation was founded in December 1998 by Max Levchin, Peter Thiel, and Luke Nosek, initially as a Palm Pilot payments and cryptography company. X.com was founded by Elon Musk in March 1999, initially as an Internet financial services company. Both Confinity and X.com launched their websites in late 1999. Both companies were located on University Avenue in Palo Alto.

There are 3 main causes for the success of PayPal. Firstly, PayPal makes convenient for people to pay or get paid as PayPal operates in 190 markets, and it manages over 164 million accounts. PayPal allows customers to send, receive, and hold funds in 18 currencies worldwide. These currencies are the Australian dollar, Canadian dollar, Chinese renminbi yuan (only available for some Chinese accounts, see below), euro, pound sterling, Japanese yen, Czech koruna, Danish krone, Hong Kong dollar, Hungarian forint, Israeli new sheqel, Mexican peso, New Zealand dollar, Norwegian krone, Polish zloty, Singapore dollar, Swedish krona, Swiss franc and U.S. dollar. PayPal operates locally in 13 countries. With this, PayPal has quickly become a global leader in online payment solutions.


Secondly, it is safe for trading in PayPal due to its safety and protection policies. According to PayPal, it protects sellers in a limited fashion via the Seller Protection Policy. In general, the Seller Protection Policy is intended to protect the seller from certain kinds of charge backs or complaints if seller meets certain conditions including proof of delivery to the buyer. So, they can feel safe when both parties decide to use the PayPal. In early 2007, it also has provided security key as an additional protection against fraud. The users can prevent their account being compromised by a malicious third party without access to the physical security key.

Lastly, PayPal has received more than 20 awards for excellence from the internet industry and the business community- most recently the 2006 Webby Award for Best Financial Services Site and the 2006 Webby People's Voice Award for Best Financial Services Site. It has developed the good reputation and people trust it can provide the better services to them. It becomes the good choice for people to make the payments and do business.


In 2002, PayPal has been acquired by eBay.

References:


by Koh Suh Tyng
Posted on 12:10 PM by 4EvEr and filed under | 0 Comments »

The History and Evolution of E-commerce


E-commerce is any business related transactions partially or totally carried out by electronic medium especially on internet using Open networks or Closed network. The most important feature accountable for the success of internet is electronic commerce that allows people to buy or sell anything they want at anytime of the day or night. The process of advancement in Information Technology to develop into a business transaction is the e-commerce history.

The term e-commerce meant the process of execution of commercial transactions electronically with the help of the leading technologies such as Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT) which gave an opportunity for users to exchange business information and do electronic transactions. The ability to use these technologies appeared in the late 1970s and allowed business companies and organizations to send commercial documentation electronically.

The growth and acceptance of credit cards, automated teller machines (ATM) and telephone banking in the 1980s were also forms of electronic commerce. From the 1990s onwards, electronic commerce would additionally include enterprise resource planning systems (ERP), data mining and data warehousing. Perhaps it is introduced from the Telephone Exchange Office, or maybe not. The earliest example of many-to-many electronic commerce in physical goods was the Boston Computer Exchange, a marketplace for used computers launched in 1982. The first online information marketplace, including online consulting, was likely the American Information Exchange, another pre-Internet online system introduced in 1991.


  • In general the first business deal carried out on telephone or via a fax is mainly considered as first e-commerce transaction.
  • In 1960’s Electronic Data Interchange (EDI) was formulated. This is a set of standard instructions to interchange data and to carry out business deals electronically.
  • 1969: ARPANET, was developed by Americas department of defence for researching new reliable networks and later this enhanced into Internet that was purely used as a research tool for nearly 20yrs.
  • 1984: EDI, or electronic data interchange, was standardized through ASC X12. the ASC X12 standard became stable and reliable in transferring large amounts of transactions.
  • 1992: The National Science Foundation lifted restrictions on the Internet allowing commercial use. CompuServe offers online retail products to its customers. This gives people the first chance to buy things off their computer.
  • 1994: Netscape arrived which providing users a simple browser to surf the Internet and a safe online transaction technology called Secure Sockets Layer.
  • 1995: Two of the biggest names in e-commerce are launched which is EBay and Amazon.com. Generally, B2C websites are the bridge that link customers to suppliers such as EBay, online auction. Beside that, the B2C concerns itself with selling to the end user such as Amazon, online book retailers. On the other hand, the e-commerce that is conducted between businesses is referred to as B2B such as Microsoft sell his software to other organization.
  • 1998: DSL, or Digital Subscriber Line, was launched into the market that provided much faster access and persistent connection to the internet. AOL swamped the market and had about 1.2 billion sales over a period of 10 weeks from online sales. E-commerce spread to a significant group globally within a span of 4 years from 1996 to 2000.
  • Today the largest electronic commerce is Business-to-Business (B2B). Businesses involved in B2B sell their goods to other businesses. In 2001, this form of e-commerce had around $700 billion in transactions. Other varieties growing today include Consumer-to-Consumer (C2C) where consumers sell to each other, for example through auction sites.


In the very beginning, many people will have doubt on e-commerce but now it is become a modern tool, not only e-commerce revolutionized the world of wholesale, but also retail. As a result of that, the businesses are now continually searching for new ways to meet the needs of the online market such as Wal-Mart, they target on integrating consumer relationship with e-commerce industry to increases their customer base.


The technology used for e-commerce is young, but it's expanding faster than any before it and will soon be the most advanced system the world has ever seen and e-commerce is still one of the leading forces of economic growth today.

http://www.ecommerce-journal.com/articles/electronic_commerce_aka_e_commerce_history

http://ecommerce.networksolutions.com/ecommerce_what_is_ecommerce.asp

by Wong Leed Chen

Posted on 10:39 PM by 4EvEr and filed under | 0 Comments »