Shill bidding is the act of bidding on your own auction - including family members, roommates, friends and employees - against other bidders in order to raise the price at which your item will eventually sell and is a violation of both eBay rules and federal law.
Shill bidding is considered to be unfair to buyers because of deliberate placing of bids by fraud bidders to increase the value of the auctioned item. It is a major threat to the eLite Bankers Limited as it compels bidders to bid higher for the item.
Phishing is a type internet fraud that seeks to acquire a user’s credentials – passwords, credit card numbers, banks account details and other ...view middle of the document...
Secure Socket Layer (SSL) Loophole
In SSL, there are no standards for issuance of certificate nor any rule for what the fields in them are supposed to mean and which are required for authentication. For example, PayPal will use www.paypal.com in the common name field. The signing process heavily relies on the above convention. The Certificate Authorities will sign www.paypal.com or any other request which includes the paypal.com – even anything.paypal.com. Therefore hackers can use a combination of several attacks to exploit this weakness and deceive users into thinking they’re using trusted sites.
Secure Electronic Transaction (SET)
SET incorporates 1024-bit encryption throughout the entire transaction. SSL, on the other hand, which was developed only to prevent data tampering in client/server applications, has comparatively weaker encryption, at a maximum of 128-bit.
SET authenticates all parties to the transaction because SET’s certificates are backed not only by a Certificate Authority but also by financial institutions and MasterCard International. SSL cannot adequately authenticate all parties because SSL certificates are not backed by any financial institution or payment brand association
Virtual Private Network (VPN) Protocols
1. IPsec is used as a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. This protocol can be used for encryption in correlation with L2TP tunneling protocol.
2. Layer 2 Tunneling Protocol (L2TP) is tunneling protocol that supports VPNs and provides data confidentiality and data integrity. L2TP does not provide encryption and it relies on Point-Point Protocol to do this.
3. The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL uses X.509 certificates and hence asymmetric cryptography to authenticate with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties.
SQL Script Injection
SQL injection is...