Sunday, February 22, 2009

A review on post on Legal from My E-Commerce blog.

Cyber cafe or also known as internet cafe is a place where one can use a computer with internet access. Most of these cafes are for a fee either charge per hour or minute.

Based on the post, it is said that there will be new rules that will be imposed on cyber cafes soon. This might be for the good of user but it will also directly affect the business of the cyber cafes. For example on the rule that cyber cafe have to be close by midnight daily, as there will be user that like to go to the cyber cafe for a gaming experience over the night. This rule might be good as it will discourage those people from going out over the night often.

As for the rule of only allowed to operate from the ground floor is unnecessary as some shop spaces is rather small so the cyber cafe will extend to the second floor for their business. If the government thinks that there are illegal activities such as producing pirated cd, the act can also be done in another room in the ground floor when the owner of the cyber cafe design it the way he or she wanted.

In the prohibition from providing gaming activities, gambling, pornography, music and publications with negative element. Normally cyber cafe have already impose the rule on visiting pornography website cause there is a high risk of virus and destroying the server in the cafe. The majority of people visiting cyber cafe is for gaming activities as it is not easy to play with your friends online due to the unstable connection. If gaming activities is prohibited, the cyber cafe is might as well just close the shop. If cyber cafe is mainly for web browsing purposes, users might as well go to places with free wi-fi services such as starbucks or coffee bean where no fees are charged.

Therefore, the government must think twice and do more analysis to figure out which rule that is suppose to be impose and which is to be remain.

Things to take note to prevent e-auction fraud when a consumer participating in an e-auction.

Check seller's score

One thing that could prevent e-auction is to check the seller’s reputation. Many auction sites have a section where every seller’s feedback score is reflected. Some sites assign a community-ranking system to every user’s profile. Reputable sellers will have positive comments or messages from people they have done business with in the past. On the other hand, if the seller has many negative comments indicating their failure to ship the item on time, then insist on using a method of delivery. Many sites provide buyer protection, such as courier delivery, because if you don’t get what you pay for, you will always get a refund from the website. Besides, if the seller doesn’t have a high rating but you still want the item, check him or her by look them up in the Yellow pages or local directory services. Also, search for their name in Google or Yahoo.


Never disclose your financial details

The website clearly states that one should exercise caution if an email requests personal information such as credit card details or passwords. Despite that there have been cases where people have gone out giving credit card number through email. The important thing to beware of is to make sure that while paying, never lead money to anyone’s account under any circumstances. Use one of the methods authorized by the website, such as paisa pay and also read the rules of insurance before making the purchase.

Check for multiple accounts

While dealing with auctions, Radhika Malhotra, a software professional in Mumbai, has another story to tell. “I uncovered a very clever tactic that sellers use while auctioning off their wares while I was bidding for a music player. Some sellers attempt to drive up the price of their own auctions by using fake accounts -- multiple eBay identities, all controlled by them. “It happened with me too. I got involved while bidding for this player and as two other buyers were bidding neck and neck, I ended up paying much more than I had earlier decided. But when the price went totally out of hand, I decided to check out the other bidders, and only then did I find that it was actually the seller himself who was driving up the price,” she says. This works especially with auctions, since people start getting involved with auctions. So it becomes an ego issue with many to get the product, and they foolhardily fall for the trick and pay extra price for the product. A good way to prevent this happens to you in an auction is to check the seller’s auctions that have already closed and confirm if the same usernames are continually bidding in his or her auctions.

Be wary of ‘too-good-to-be-true’ auctions

If the price you’re being asked to pay for an item is unusually low, it is probably too good to be true. This only applies to ‘Buy it Now’ prices, as opening bids for auctions will often be extremely low before climbing up to a more reasonable level.

Similarly, if you receive an email from a seller shortly after an auction closes telling you that the winning bidder defaulted and that you are now the winner, be cautious. The seller receives a list of all of the bidder’s email addresses when the auction ends, so it is possible that the seller is trying to scam not only you, but some or all of the other bidders. It takes several days to default on a bid, so be suspicious if it is been less than three days since the auction ended.

Corporate Blogging: A new marketing communication tool for companies.

A shift is taking place in corporate communications, which to alter marketing strategies well into the future. Marketing has always been about equalizing company interest with customer interest, but now it is becoming more about opening dialogue and building trust. Blogs, the daily journal format by the nature of medium that have moved beyond individual ranting and into the corporate world, enhancing typical marketing techniques by allowing companies to talk to their customers directly and to listen to what customers are saying.

Blogs are now considered to be an essential component of any company’s marketing, communications, and PR strategy. When properly executed corporate blogs can become the voice of the company, giving the company a vehicle with which to generate an open line of communication with their customers and their employees that build trust and loyalty organically. Corporate blogs create a chain reaction, or viral effect, that cannot be duplicated with any other medium or strategy. The key is to produce well written ethical corporate blog content whether it is important information, new ideas, new products, or assist in a way that engages and stimulates, while providing value to their viewers.

Companies can use blogging to indirectly fine-tune their marketing messages via social interactions. Blogging enables faster feedback and a more strategic understanding of where the market is heading, as companies may be using the wrong language or addressing the wrong viewers with other customer communication avenues. From a competitive viewpoint, blogging demonstrates to customers that a company concerns about its products and customers. Many companies are using blogs for customer and peer support as well, keeping customers up to speed on products and road maps. Employing a corporate blogging strategy allows the company to address people’s comments and concern in a personal and meaningful way.

E-Goverment in Malaysia: Its implementation so far and citizen's adoption strategies.

Nowadays, many countries include Malaysia are implementing electronic government, also known as “e-government”. E-Government is the use of IT and e-commerce that provide access to government information and delivery of public services to citizens and business partners.
The Electronic Government initiative was launched to lead the country into the Information Age. The implementation of e-government started since the initiation of Multimedia Super Corridor (MSC) in 1996 by the Malaysian government. This implementation has improved on how the government operates internally and how it delivers services to the people of Malaysia. It seeks to improve the convenience, accessibility and quality of interactions with citizens and businesses

At the same time, it will improve information flows and processes within government to improve the speed and quality of policy development, coordination and enforcement. This enabled the government to be more responsive to the needs of its citizens. The implementation e-government would bring benefits to the public administration and Malaysian in several ways. It can generate savings on data collection and transmission.

To accelerate the objectives of Vision 2020, a path has already been defined through seven innovative Flagship Applications. These applications are engineered to start the MSC initiative and create a multimedia heaven for innovative producers and users of multimedia technology. The Multimedia Super Corridor offers a Malaysian initiative for the Information Age. Under the e-government flagship, seven main projects were identified to be the core of the e-government applications.

  1. Project Monitoring System (SPP II)
  2. Human Resource Management Information System (HRMIS)
  3. Generic Office Environment (GOE)
  4. Electronic Procurement (EP)
  5. Electronic Services (E-Services)
  6. Electronic Labour Exchange (ELX)
  7. E-Syariah

Citizen’s Adoption Strategies

Generally, new technologies are forcing governments to be particularly considerate to time. In order to make right decision and avoid falling behind, governments must identify and resolve the different issues that have arisen from the transaction period during which traditional and e-government co-exist. Government should guide and control the transformation of government into e-government rather than just focusing on introduction of ICTs. Meanwhile, the use of ICT to strengthen the involvement of citizens and businesses in public decision must be progress at the same time.

Customer satisfaction

  • E-Government adoption requires that citizens show higher levels of satisfaction with the online service provided by the government. A higher level of customer satisfaction will increase the rate of e-Government adoption. The vision focuses on effectively and efficiently delivering services from the government to the people of Malaysia, enabling the government to become more responsive to the needs of its citizens.

Service Quality

  • Online service quality for e-Government could be measured in terms of quality of content provided on the website, the speed of the response to the citizens concerns with problem solving approach, and the availability of names. Other important measurement factors are telephone and fax numbers of personnel with whom citizens might need to get in touch, and the integration of an offline channel with online channel so that citizens could interact with government departments through other means if necessary. Higher quality of service will lead to higher levels of customer satisfaction and thus can increase the use of e-government services.

Website Design

  • E-Government adoption is affected by website design elements that provide perceived ease of use and perceived usefulness. Personalization of websites, customization of product offerings, and self-care are the three key features that could be used not only to build relationship with the visitors, but also to improve their experience. These features give visitors a sense of control and participation and could potentially enhance their adoption.

User Characteristic

  • User characteristics such as perceived risk, perceived control, and internet experience can have a direct impact on internet adoption. Experience influences a citizen’s trust of e-Government. Users with prior experience, especially if satisfied, would be more likely to return to use e-Government services. Perceived risk leads to security and privacy issues that could discourage the use of online services. It is important to ensure that citizens can transact online securely and their personal information will be kept confidential to increase the level of trust and the e-government adoption rate.

The vision of Electronic Government is a vision for government, businesses and citizenry working together for the benefit of Malaysia and all of its citizens. The government should be able to propose an effective strategy to encourage citizen’s adoption of e-government by focusing on these 4 areas.

Sunday, February 15, 2009

The application of pre-paid cash for consumers.

A pre-paid ICE Travellers cash card has been launched by International Currency Exchange (ICE), a leading innovator in the world of foreign exchange services. ICE is able to develop similar schemes for other retail organizations based on the pre-paid card principles. The ICE Travellers cash card is set to provide travellers better protection and more convenience when travelling anywhere in the world. In other word, the ICE Travellers cash card gives secure and easy access to currency while travelling abroad. The ICE Travellers cash card offers customers a very real choice to bank credit and debit cards, traveller’s cheques and cash. Accepted at over 25 million ATMs (automatic teller machines), shops and restaurants in over 120 countries worldwide, it carries the MasterCard brand mark and will be accepted wherever travellers see the MasterCard acceptance mark. Moreover, by using a pre-paid card like the ICE Travellers cash card, it will eliminate the risk of the main credit or debit card details being stolen and misused. Customers will find the ICE Travellers cash card online application process easy to complete, without the need for documents to be sent through the post or any copy of documents.

By using the ICE Travellers cash card,
  • travellers will be able to access money anywhere in the world without incurring credit card charges, making budgeting easier.
  • consumers can avoid the threat of credit card theft and fraud with the PIN protection, for added peace of mind.
  • users can benefit by not risking their main account details or credit card details whilst travelling, as the overseas card fraudsters can only access the balance on the card.

ICE has integrated the front end application for the Travellers cash card, an application that was fully integrated into one basket with its on-line currency ordering service.

Saturday, February 14, 2009

Credit Card debts: Causes and Prevention


A credit card is a small plastic card which is issued by a bank or a credit union to an individual. With the use of credit card, he or she can borrow money to make any payment. Every credit card is provided with certain features (card type, annual fee, credit limit and interest rate). Credit card, if used properly offers a number of advantages. These include the ease of purchasing goods. Also, some of the credit card offers are cash discounts, bonuses, and even insurance cover. However, credit card has certain disadvantages. One of the major disadvantages is a lot of credit cardholders land into debt and even bankruptcy.
There are just a few of the causes of credit card debts:
  1. Poor money management. Not having a monthly spending plan and not keeping track of the monthly bills.
  2. Financial illiteracy. Not understand the workings and growth of money; the savings and investments for a rainy day.
  3. Less income, same expenses. Keep on spending as much as they got used to regardless of the reduced income.
  4. Saving too little or not at all. Saving seems to be a holdover.

In order to enjoy the maximum benefits of a credit card, the user or credit cardholder should understand the terms ad conditions before using the card. There are just a few of the preventions of credit card debts:

  1. Be credit smart. If you and only you are ready to assume the responsibility for paying the credit, then only apply for a credit card.
  2. Use credit card wisely and sparingly. Keep in mind that paying goods and services using credit card is more expensive than using cash or cheque. Credit payments include interest and other fees. If there is really the need to use credit card, carry only the card that will actually use.
  3. Use credit for money emergency only.
  4. Avoid impulse shopping on the credit card.
  5. Seek credit counseling as soon as the financial problems are on the horizon.

Set your mind -> Resist the pressures of the credit card society (much easier) -> Start to feel the benefits -> Enjoy the process -> Cash convert for the rest of the affluent

Electronic currency

Electronic Currency also known as e-money, electronic cash, electronic money, digital money, digital cash or digital currency which refers to money or scrip which is exchanged only electronically. Typically, this involves use of computer networks, internet and digital stored value systems


The examples of electronic currency are Electronic Fund Transfer (EFT) and direct deposit. EFT refers to the computer-based systems used to perform financial transactions electronically while direct deposit is a banking term used that refer to certain systems used to transfer money.

The main focuses of electronic currency development are being able to use it through a wider range of hardware such as secured credit cards and linked bank accounts that would be used over an internet for exchange with a secure micropayment system such as in large corporations.
Characteristics of Electronic Currency:
  • Independence - Cash is dependent on its physical condition as it associates the unit-value of money with the storage medium in which it resides. Although the limits of the acceptance of specific cash clearly define different segments within the network, all forms of physical money can enter and exit freely. For example, CDN$ are only accepted inside Canada.
  • Security - Electronic currency software must be secure. Cash solves this problem based on its physical properties. A bill can be in only one place at any time and therefore it may be duplicated. The transfer of cash is done in the presence of both parties.



  • Ease of use - Electronic currency has to be easy to use as the systems aim at the totality of the population addressing all kinds of individual expertise.

  • Privacy - What kinds of transactional information are generated and who has access to them? All levels of privacy are technically possible. Privacy is related to the encryption technology used in the security features of the system.


  • Transferability - The cash must be transferable between users in all forms of "peer-to-peer payment". With traditional credit cards, transferable of cash may not work because the payee has the privileged merchant status that is not proposed to be available for everyone.

  • Divisibility - The size of the units and the number of different units has to be defined. In contrast to cash, the physical properties limit not only the size but also the number of units due to reasons of practicality, these constraints do not apply to electronic currency.
There are two different types of approaches to electronic currency: on-line and off-line electronic currency.
  • On-line - On-line means that a need to interact with a bank or third party via modem or network to conduct a transaction. On-line systems prevent fraud by requiring merchants to contact the bank's computer with every sale. The bank's computer maintains a database that can indicate to the merchant if a given piece of electronic currency is still valid. This is similar to the way that merchants currently verify credit cards at the point of sale.


  • Off-line - Off-line means that a transaction can be conducted without involve a bank directly. Off-line electronic currency systems prevent fraud in two different ways: hardware and a software approach. The hardware approach relies on some kind of a tamper-proof chip in a smart card that keeps a mini database. The software approach is to structure the electronic currency and cryptographic protocols to reveal the identity of the double spender. If users of the off-line electronic currency know they will get caught, the incidence of double spending will be minimized.

On-line or off-line define the problem space that each electronic currency system promoter attempts to solve public acceptance so the system is profitable for those who run it.


The example of Electronic Currency is PayPal. PayPal is an e-commerce business that allows the transfer of payments and money made through the Internet. The service started in the United States but has now spread too many parts of the world. It serves as an electronic alternative to traditional paper methods such as cheques and money orders. PayPal performs payment processing for online vendors, auction sites, and other corporate users. It also charges a transaction fee for receiving money. The fees charged depend on the currency used, the payment option used, the country of the sender, the country of the recipient, the amount sent and the type recipient's account.


Electronic currency provides many benefits such as convenience and privacy, increased efficiency of transactions, lower transaction fees, and new business opportunities. However, there are many potential issues with the use of electronic currency. The transfer of electronic currency raises local issues such as how to levy taxes or the possible ease of money laundering. There are also potential macroeconomic effects such as exchange rate instabilities and shortage of money supplies. These issues may only be solved by cyberspace regulations or laws that regulate the transactions.

Mobile payment systems in Malaysia: Its potentials and consumers's adoption strategies.

Mobile payment system is a system that instead of paying with cash, check or credit cards, a consumer can use a mobile phone to pay for wide range of services and digital or hard goods. For example, a use can buy music, videos, transportation far (bus, subway or train), books and even magazines. This system can be use on all mobile devices. So mobile phone, Smartphone and Personal Digital Assistant (PDA) are few of the popular examples that can use the mobile payment system. The example of mobile payment system site that is used in Malaysia is Mobile Money where consumer can top up a-cash in their game application. The web address is http://mobile-money.com/


There are four primary models for mobile payments. The first model is premium SMS based transactional payments. In this system, the customer will send a payment request via an SMS text message and the merchant dealing will be informed on the payment success and released the good to the customer.
The second model will be direct mobile billing. This model is where the consumer views the ecommerce site to make a payment. It involves two factor of authentication which is PIN and One-Time-Password, then the consumer's mobile account is charged for the purchase. The example would be Mobile Money.


The third model would be mobile web payment (WAP). This model is where the consumer uses web pages displayed or additional application the consumer downloaded and installed on the mobile phone to make a payment.

The last model will be contactless near field communication. This is a method that is mostly used for making purchases in physical stores or transportation services. The mobile phone is equipped with a smartcard and when the consumer waves the mobile phone near a reader module. Most transaction does not require authentication but some require PIN for safety purposes before the transaction is done. The payment could be deducted from the mobile phone or directly to the bank account.


Mobile payment system may be good for users but there are pros and cons for it. In pros, consumers would not require to bring cash out for their daily life. This will provide convenience for consumer. Other than that, it is also easy to use and a simple wave or a click of a button then the request will be send and the transaction is completed in a few minutes. On the other hand, in the downfall, there is risk as it is unsafe when some transaction does not request authentication and it will be easily fraud as long as the mobile phone is stolen. Other than that, mobile payment system is still not yet as modernize in certain country, so it is not a common method to be used or applicable.


Although mobile payment system can be useful on many circumstances, this payment system is not popular in Malaysia as Malaysian is spoiled by many other attractions. For example, credit card is a more common payment system and easier to use. The other reason that mobile payment system is not popular in Malaysia is because there is not much development in mobile commerce. Unlike the Philippine, a country where mobile commerce is the most successful implemented because of the inconvenience in making bank transaction.

Saturday, February 7, 2009

The application of 3rd party certification programme in Malaysia.

The application of third party certification programme in Malaysia is practiced by Malaysia Status Companies (MSC) Malaysia.

The mission is to brand and position MSC Malaysia as the global ICT hub that offers high quality and globally competitive products and services by developing and nurturing world class MSC Malaysia Status Companies.

The objective is to provide opportunity for all MSC Malaysia Status Companies to participate in MSC Malaysia Capability Development Programme (CDP).

MSC Malaysia Capability Development Programme (CDP) is intended to help ICT organizations and individuals to maximize their potentials by adopting global good practices, process improvements and professional certifications. CDP’s programmes to empower local companies, aims at enabling them to focus on their core competency and hone their competitive edge. CDP provides monthly dialogues, seminars, workshops, clinics and financial incentives developed to gear the MSC Malaysia Status Companies to achieve certifications that would ensure business continuity. This is in line with the MSC Malaysia initiatives in catalyzing wealth creation for the country.

CDP assists companies and individuals in achieving certifications more cost-effectively.

Presently, there are 11 organizational development programmes offered simultaneously with a new initiative for professional capability development launched. That is, CDP Professional Development. This initiative focuses on improving the skills of ICT professionals in Malaysia in delivering world-class services.



Recognition for 47 Local MSC Malaysia Companies Earning Global Standards Certifications


http://cdp.mscmalaysia.my/news_archive_detail.php?id=428&mainID=005&subID=00022

*Objective* continually develop and offer innovative programmes to meet all MSC Malaysia Status Companies needs.

How to safeguard our personal and financial data?

Nowadays, personal information and financial data are very important in our life, especially when we are surfing the Internet. It is very important to prevent our privacy information from exposure by protecting ourself from hackers and theft on the Internet. They try to hack to our computer or website that we visited and get information about us. They also can easily access our financial accounts, credit records, and other privacy information. We need to be on watch and protect our personal and financial data from these thieves. The method of protection depends on what kind of data you are safeguarding, how important it is to you, to your organization or to your customers. Recently, criminals use email to link consumers to fraud Web sites that ask them to "confirm" their account information by entering it into an official-looking online form.



There are 6 ways to secure your personal and financial data:

  • Secure your mail - Empty your mailbox quickly so illegal don’t have a chance to grab credit card fields. Never mail bill payments and checks from home because they stole from your mailbox and erased the payee's name with solvents. Use the post office or another secure location to mail your payments and checks.
  • Safeguard your Social Security number - Don’t carry your card with you, or any other card that may have your number, such as health insurance card. Don’t write your number on your checks. It is the primary target for thieves because it gives them access to your credit report and bank accounts.
  • Secure Your Network - If you have a wireless network at home or work, make sure that you secure it. Hacker can gain access to your unsecured network in a matter of seconds. Lock your router by looking at the documentation of your wireless router because it can encrypt your information. It won't affect your wireless network, but it will keep intruders from getting a hold of your info. Antivirus software may help you to avert from hacker.
  • Be more suspicious with personal information - Define the company privacy policy is and whether you can arrange for the organization by not share your information with other people. You must pay attention on the terms and condition mentioned by the company.
  • Review your payment statements carefully - Make sure you identify the website and check the purchases listed before paying the bill. If you don't need or use department-store or bank-issued credit cards please closing the accounts. Always check the statement carefully before you leave the website.
  • Destroy private records and statements - Tear up or destroy your credit card statements, solicitations and other documents that contain private financial information. The user name and the password should be deleted immediately.

Phishing: Examples and its prevention methods.

Phishing is a technique that was first described in detail in year 1987 in the paper and presentation delivered to the International HP Users Group, Interex. It is defined as the act of sending as e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The word phishing also referred to as brand spoofing or carding, which is a variation on "fishing". It is because the idea of being that bait is thrown out with hopes that while most will ignore the bait but some will be tempted into biting.

The example of phishing can be displayed with PayPal image given, spelling mistakes in the e-mail and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that it is a phishing attempt. Other than that, another clue to know that it is an act of phishing is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. A legitimate PayPal communication will always greet the user with his or her real name, such as "Dear Ms.Ong" but not with just a generic greeting like, "Dear Accountholder." Other signs that the message is a fraud are misspellings of simple words, bad grammar and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests.
Take note that many phishing emails will include, as a real email from PayPal would, large warnings about never giving out your password in case of a phishing attack. Warning users of the possibility of phishing attacks, as well as providing links to sites explaining how to avoid or spot such attacks are part of what makes the phishing email so deceptive. In this example, the phishing email warns the user that emails from PayPal will never ask for sensitive information. True to its word, it instead invites the user to follow a link to "Verify" their account; this will take them to a further phishing website, engineered to look like PayPal's website, and will there ask for their sensitive information. You can report these phishing emails to PayPal directly. Remember not to use any of the links that your phishing email has provided.

To prevent the action of phishing, there are several techniques available including the legislation and technology. Everyone should be responsible in order to protect the phishing from happening and damaging others. In social responses, people can be educated especially where training provides direct feedback. In the education, people can recognize whether the information requested is a phish act or from the company itself, for example in PayPal, the email will include the owner's name rather than dear accountholder as given in the example.
The second preventing act is from technical responses. Internet browser have their own method to prevent it and a popular technique that is use is to maintain a list of known phishing sites. Microsoft's IE7 browser, Mozilla Firefox 2.0, Safari 3.2, and Opera all contain this type of anti-phishing measure. Other than that, anti-phishing filters have been sets at web browser to prevent it from happening. Even in the mailbox, anti-spam filter can also be set in order to avoid phishing act. Further example is on when user would like to go on a certain site.

The last preventing act is from the legal responses, legal act have been released to provide safety for internet users. The example is the Anti-Phishing Act of 2005 which was introduced in the United States by Senator Patrick Leahy. While in UK, the act was strengthened with Fraud Act 2006 which was introduces a general offence of fraud that can carry up to a ten year prison sentence, and prohibits the development or possession of phishing kits with the intention to commit fraud.

The threat of online security: How safe is our data?

Online security is basically explained as the prevention of and protection against assault, damage, fraud, invasion of privacy, theft, unlawful entry and other occurrences caused by deliberate action online.

The online security is not safe to start with as there are virus, trojan, worms and spyware that is commonly known by everyone. Not only that, there are new threats emerging almost everyday that may harm us. The SANS Institute (SysAdmin, Audit, Network, Security Institute) has identified the top threats in the online security.

One of the common examples is web browser. When we enter certain websites, there will be "cookies" that is send to our computer to monitor our performance in the website but there is a common exploit that may include disclosure of "cookies" with personal information. To encounter this problem, users could configure the browser's security settings for a setting higher than the default value.

Other than that, mail client is also a commonly found threat. It is usually attached to e-mails and then send to user. When the user open the attachment, it will spread worms or viruses in the computer. To avoid this attack, users could configure the mail server appropriately and block attachments with .exe or .vbs files. Not only that, users are adviced not to open any file or e-mails that are sent from unknown user.

The next threat is about file sharing applications. The peer-to-peer programs are commonly used to share files. In this system, users can share files that are uploaded by other users. Many corporations forbid the use of this system because there is an obvious risk of compromised data. The data downloaded might contain unsafe programs. Therefore, users must be careful when they select data to download.

The fourth is the web servers and services. The web servers until this date still have several vulnerabilities and numerous patches have been issued over the past several years. The vulnerabilities may lead to denial-of-service attacks and other types of threats. Therefore, users must make sure that the patches are up-to-date and do not use default configurations or default demonstration applications.

The last example is windows authentication. Most windows systems use password to protect the system but the password can be easily guessed or stolen. Users could try using stronger and more difficult to guess passwords and not by using default passwords. To get more advice on getting a stronger password to prevent password attacks, users could follow a recommend password policy.