"Xu Yuyu" was not, average 700 million Internet users in China has four personal information being leaked-Telecom fraud, Xu Yuyu-IT information
Watched Xu Yuyu in linyi, Shandong Telecom scam cracked, the number one suspect arrested, however network fraud and the curbing of the journey has only just begun.
The one hand, many media reports and expert opinions about the issue of virtual operators. Because of paragraph 170, the 171th real-name registration is lax, the actual attribution to aspects such as, so favored by suspects fraud, experts advise people to try to avoid answering calls that start with 170, 171.
Tencent security cloud 2015 in the library's collection of 1,492,034 malicious code, only 170th number 129,443, up to 8.6% per cent. 1705th, malicious SMS is most rampant, 1000 SMS 99.2% for malicious. 170, 171th is Telecom fraud, "green", the vast majority by the two phone number call out are related to bank transfers, gambling, invoices, false documents and credit cards, marketing and real estate advertisements.
Relevant departments should strengthen the real name of bank cards, carrier phone card management, virtual operators on real conditions do not have suspended development of a new user.
But a deeper problem is that deceived the victims how the information leaked?
Linyi city, while the education sector said that prior to the incident called Xu Yuyu, and all grants of materials in archives will be directly submitted to higher authorities, so "can't possibly leaking information." But authorities did not know is that illegal obtaining and selling personal information has formed a dark industry chain, leaked information may come from information passed on each link.
"Now is a serious problem of personal information disclosure, as long as participation in online and even offline activities of daily living, such as online shopping, medical care, housing rent and so on, will soon receives a third party not related to harassment, and even fraud. "Security experts say, units that provide services for the public and companies hold a large amount of personal information, but due to the current regulations and awareness of privacy protection is weak, these large quantities of personal information are not being effectively protected, easily network intruders, even within the law to obtain and human trafficking.
"Xu Yuyu", schools, teachers, education, the Admissions Office with student data, such as the sector too much, many people are likely to be the source of the data leak.
In addition to the departments and units, service organizations and individual business people for personal gain other than active participation in lead to information disclosure, through the technical means to carry out an attack, hit the library or using phishing, Trojans malicious App, free WIFI, and other technical means to steal a major leak.
Know Wei 17 network security excellent answer in response to a related question you mentioned, he found a 985211 in a well-known key University Web site testing, is very easy to get a student's name, student number, professional and contact information and other private information . "The information security professional or a strength of the school. "Wei said 17.
"The number of Web sites that people use daily in the Internet era and the complex, many sites are built with personal information of Internet users to the database, but poor security, the firewall is not perfect, it is easy to become the target of hacking. "Song Yuhao said.
Hacker intrusion at these websites for information, will be in a number of forums, QQ Group or other social networking sites to spread the trafficking information to "purchase data", "call" keyword searches on the Internet is easy to find traces of them. Internet transactions private and increase the difficulty of Telecom fraud cases detected by the police.
According to incomplete statistics, domestic personal information known about has reached 5.53 billion, an average of four related to the disclosure of personal information. Internet Society of China, the Chinese Internet users ' rights protection investigation report 2016 shows nearly a year's time, 688 million domestic Internet users for spam, scams information, personal information, such as the assessment on the economic loss caused to 91.5 billion yuan.
For so severe of situation, communications experts Fu Liang think to reduced, and avoid telecommunications fraud case of occurred, must crackdown information leaked and the secret information sale behavior, encourages not cheat who reported and large collection analysis not was cheat of reported information in the of key information, while through China police sector, and Bank, and telecommunications operators, and Internet company, and network security company, sector and Enterprise Zhijian of information barriers, established fast information summary analysis mechanism.
"As individuals, can play a role in prevention is avoided as far as possible disclose personal information, without violating the regulations of using false personal information. But, in fact, do have limited impact, because disclosure of personal information is not behind these individual fraudsters, hackers, but large, mature, huge interest-driven black chain. "Song Yuhao says as an individual is not confrontation with the industry as a whole, against the disclosure of personal information requires countries to strengthen legislation and enforcement of privacy protection, specific personal data of the holder's responsibility for protecting private data, strengthen the privacy breach, cyber-criminals, fraudsters and other aspects of law enforcement.
“徐玉玉案”并非个案,中国国内7亿网民平均每人有四条个人信息被泄露 - 电信诈骗,徐玉玉 - IT资讯
备受关注的山东临沂徐玉玉电信诈骗案告破,头号犯罪嫌疑人落网,然而遏制电信网络诈骗的征途才刚刚开始。
一方面,不少媒体报道和专家意见均提及了虚拟运营商的问题。由于170、171号段实名登记不严、实际归属地不明等问题,因此颇受诈骗犯罪嫌疑人青睐,专家提醒人们尽量不要接听170、171开头的电话。
2015年腾讯安全云库收集的1492034个恶意号码中,仅170号段号码就有129443个,占比达8.6%。其中,1705号段的恶意短信最为猖獗,1000条短信中99.2%为恶意。170、171号段正沦为电信诈骗“专线”,绝大部分由这两个号段呼出的电话均涉及银行汇款、赌博、发票、假证件、信用卡、推销和房地产广告等。
因此有关部门须加强银行卡、运营商手机卡的实名制管理,对不具备实名条件的虚拟运营商暂停发展新用户。
但另一方面更深层次的问题在于,被骗受害者的信息是怎么泄漏的?
虽然临沂教育部门表示,在案发前曾致电徐玉玉,且所有申请助学金的材料在收取归档后会直接递交给上级部门,因此“绝无可能泄漏信息”。但是相关部门不知道的是,非法获取并倒卖个人信息已经形成了黑色产业链,泄漏信息可能来自信息传递的每个环节。
“现在个人信息泄露的问题非常严重,只要参与各种网上、甚至线下的日常生活活动,比如网购、就医、买房租房等等,很快就会接收到不相关的第三方的骚扰、甚至欺诈。”安全专家称,面向公众提供服务的单位和公司持有大量的个人信息,但是由于目前隐私保护的法规和意识较弱,这些大批量的个人信息没有被有效地保护,很容易就被网络入侵者、甚至内部违法人员获取并贩卖。
在“徐玉玉案”中,学校、教师、教育局、招生办等拥有学生数据的部门太多,很多人都可能成为数据泄漏的源头。
除了机关单位、服务机构以及个体企业相关人员为谋取私利主动参与导致信息泄漏以外,通过技术手段实施攻击、撞库或利用钓鱼网站、木马、免费WIFI、恶意App等技术手段窃取成为主要的泄露方式。
知乎网络安全话题优秀回答者魏十七在回答相关问题时便提到,他随便找了一个某知名985211重点高校网站测试,很容易就获取了学生姓名、学号、专业和联系方式等隐私信息。“这个学校的信息安全专业还是强项。”魏十七说道。
“互联网时代人们日常使用的网站数量多且庞杂,很多网站都建有网民个人信息数据库,但网站安全建设差、防火墙不完善,很容易成为黑客入侵的对象。”宋宇昊说。
黑客在入侵这些网站获取信息后,便会在一些论坛、QQ群或其他社交网站传播贩卖信息,以“购买数据”、“电话销售”等关键词在网上搜索很容易找到他们留下的痕迹。而互联网交易的隐秘性又加大了警方侦破电信诈骗案件的难度。
据不完全统计,国内个人信息泄露数已知的已经达到55.3亿条左右,平均每人就有四条相关的个人信息泄露。中国互联网协会《中国网民权益保护调查报告2016》则显示,近一年的时间,国内6.88亿网民因垃圾短信、诈骗信息、个人信息泄露等造成的经济损失估算达915亿元。
针对如此严峻的形势,通信专家付亮认为要减少、避免电信诈骗案件的发生,必须严打信息泄露及秘密信息买卖行为,鼓励未骗者举报并大量收集分析未被骗的举报信息中的关键信息,同时打通中国公安部门、银行、电信运营商、互联网公司、网络安全公司等部门和企业之间的信息壁垒,建立快速信息汇总分析机制。
“作为普通个人,能起到防范作用的是尽可能避免对外透露个人隐私信息,在不违反法规的情况下使用不真实的个人信息。但事实上,这么做的效果有限,因为个人信息泄露背后的并不是诈骗犯、黑客这些独立个体,而是庞大、成熟、有巨大利益驱动的黑色产业链。”宋宇昊表示,作为个人是不可能与整个产业对抗的,因此对抗个人信息泄露需要国家加强隐私保护的立法和执法,明确个人信息数据的持有者对于保护隐私数据的责任,加强对于隐私保护失职者、网络犯罪者、诈骗犯等各方面的执法力度。