Bitcoin Integration With PayPal Being 'Actively Considered' Says eBay CEO

International Operation Leads To 7 Arrests In StubHub Fraud Case

Manhattan District Attorney Cyrus Vance Jr. (2nd R) speaks during a news conference at his office in midtown Manhattan in New York July 23, 2014.

Seven people linked to an international cybercrime ring were arrested for defrauding online-ticketing company StubHub of about $1.6 million.

The operation, which involved police forces from several countries, was tracking the cyber thieves for hacking into the online accounts of more than 1,000 StubHub customers to access tickets for events ranging from Yankee games to Jay-Z concerts, according to an Associated Press report. StubHub’s security team first alerted the district attorney’s office in Manhattan and the U.S. Secret Service about the criminal hacking operation, which was found to date back to 2012, according to NBC.

At a press conference on Wednesday in New York, Manhattan District Attorney Cy Vance, joined by officials from Canada and the UK, told reporters that the operation “reflects the increasingly global landscape in which financial and cyber criminals operate,” according to a Reuters report.

Three Americans were indicted for re-selling stolen tickets. Daniel Petryszyn, 28, of New York; and, Laurence Brinkmeyer, 29, and Bryan Caputo, 29, both from New Jersey, reportedly sold the tickets on websites such as StubHub, eBay, TicketsNow, Craigslist and, occasionally in person at concerts, Vance reportedly said.

The tickets ranged from concerts featuring Elton John, Justin Timberlake and Jay-Z to sporting events of the Yankees, Giants, Jets and Rangers, as well as Broadway shows such as “The Book of Mormon,” according to Reuters. 

The officials also announced charges against a Russian national who was detained while vacationing in Spain. Three suspects were also arrested in London and another was detained in Canada. Vadim Polyakov, 30, the Russian arrested in Spain, is accused of being the ringleader, while Nikolay Matveychuk, 21, also of Russia, is charged with using stolen credit-card numbers to buy more than 3,500 tickets.

Ring leader Polyakov directed the three American men to deposit the fraudulently acquired proceeds into multiple accounts in the UK and Germany, according to prosecutors. One of the bank accounts belongs to Sergei Kirin, 37, a Russian who runs money-laundering services online and took a cut of the transactions’ proceeds, reports said.

The fraudulent purchases on StubHub, which is owned by eBay Inc. (NASDAQ:EBAY) and is based in San Francisco, were done using credentials stolen by hacking into other sites, and not by a breach of the StubHub site, Glenn Lehrman, a company spokesperson, told Reuters.

Customers often use the same password on multiple sites, making it easy for hackers to gain access to online accounts, authorities said. And, over the past year, major companies such as eBay, Target Corporation (NYSE:TGT), LinkedIn Corp (NYSE:LNKD) and Neiman Marcus have been hacked. Last month, another event-ticketing service Vendini of California settled a class-action lawsuit related to a data breach in 2013, NBC reported.

Hacking virus 'Bladabindi' prowling in Indian cyberspace

Hacking virus ‘Bladabindi’ prowling in Indian cyberspace

NEW DELHI: Cyber security sleuths have alerted Indian Internet users against hacking attempts of a clandestine multi-identity virus–Bladabindi– which steals sensitive personal information of a user for nefarious purposes.

The virus, the Computer Emergency Response Team-India (CERT-In) said, could infect “Microsoft Windows operating system” and it spread through removable USB flash drives, popularly known as pendrive and data cards, including other malwares.

CERT-In is the nodal national agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

“It has been reported that variants of malware called Bladabindi are spreading. This malware steals sensitive user information from infected computer system. Bladabindi could also be used as malware downloader to propagate further malware and provide backdoor access to the remote attacker.

“Some of the Bladabindi variants could capture keyboard press, control computer camera and later send collected sensitive information to remote attacker. Bladabindi is infecting Microsoft Windows operating system and spreading via infecting removable USB flash drives and via other malwares,” the latest advisory by the agency said.

The threat potential of the malware or the virus can be gauged from the fact that it can acquire as many as 12 aliases to conceal its real identity and later affect a computer system or personal information of a user.

“Bladabindi variants can be created using a publicly available malicious hacker tool. Attacker can create a malicious file using any choice of icon to mislead or entice naive user into running the malicious file,” the advisory said.

The virus possesses a unique ability to acquire a safe network domain id in order to falsely add itself to the firewall exclusion list and bypass a user’s firewall mechanism.

A typical ‘Bladabindi’ variant propagates by way of copying themselves into the root folder of a removable drive and create a shortcut file with the name and folder icon of the drive. When the user clicks on the shortcut, the malware gets executed and Windows Explorer is opened and it makes it seem as if nothing malicious happened.

A potential attack by the virus could result into the loss of important proprietary data of a user like “computer name, country and serial number, Windows user name, computer’s operating system version, Chrome stored passwords, Firefox stored passwords, the agency said in the advisory.

“The malware can also use infected computer’s camera to record and steal personal information. It checks for camera drivers and installs a DLL plugin so it can record and upload the video to a remote attacker. The malware can also log or capture keystrokes to steal credentials like user names and passwords,” the CERT-In cautioned users.

The agency has also suggested some countermeasures against “Bladabindi’.

“Scan computer system with the free removal tools, disable the autorun functionality in Windows, use USB clean or vaccination software, keep up-to-date patches and fixes on the operating system and application software, deploy up-to-date anti-virus and anti-spyware signatures at desktop and gateway level,” the agency suggested.

It also recommended users should not follow unsolicited web links or attachments in email messages, do not visit un-trusted websites, use strong passwords and also enable password policies, enable firewall at desktop and gateway level, guard against social engineering attacks and limit user privileges.

Pirating copyrighted content is legal in Europe, if done correctly

It turns out illegal downloads in the U.K. will remain illegal


VCAP and Illegal Downloads Laws in U.K.

After a report on Tuesday detailing a new legal initiative on online piracy in the U.K. claimed that the local government has decriminalized illegal downloads, TorrentFreak has set the record straight on the matter, saying that torrenting movies, music, games and any other kind of online content will be just as illegal in the future as it is now.

The new VCAP initiative will not change existing U.K.’s copyright infringement laws, and copyright holders will still be able to enforce their rights, and go after anyone caught downloading stuff online without paying for it.

Under the VCAP program, U.K. ISPs will inform users about their illegal download habits, and offer information about the sites where they can purchase their desired content and avoid piracy. But, as TorrentFreak puts it, “any of the copyright holders involved in VCAP can still file a lawsuit or seek police action against anyone engaged in illegal file-sharing.”

“Try this. Head off to your local Odeon, Showcase or UCI this coming weekend, set up a camcorder, and see if you can get a really sweet copy of Dawn of the Planet of the Apes,” TorrentFreak writes. “Begin uploading this to The Pirate Bay and while it’s seeding send an email to the Federation Against Copyright Theft containing your personal details.”

“VCAP friendly letter incoming or a police raid? Yeah, thought so.”

Cyrus Vance Jr., Robert Sica, Richard Rollings

Seven Arrested For Fleecing StubHub For $1.6 Million In Tickets

Seven alleged cyber criminals have been arrested as part of an international cybercrime ring that hacked StubHub and laundered upwards of $1.6 million dollars, the New York D.A.’s Office announced Tuesday.  Two of the alleged criminals were arraigned in New York today, with bail set at $2 million and $500,000.

Six of the arrests were made on Tuesday across three countries—three in London, one in Toronto, and two in New York—highlighting the international scope of cybercrime.  A seventh criminal was arrested in Spain earlier this month. One American is expected to turn himself in this week, and two cybercriminals are still beyond reach in Russia, according to Manhattan D.A. Cyrus R. Vance at a press conference on Tuesday.

This case originally began over a year ago in March 2013, when StubHub discovered a cyber breach and reported it to authorities, Vance said. This led to a case being opened with the New York City District Attorney’s Office, according to a StubHub statement. The investigation uncovered that cybercriminals had gained access to StubHub accounts and used customers pre-existing card information to purchase tickets for resale, in what is known as an “Account Take-Over Fraud.”

StubHub, the subsidiary of eBay (which had its own cyber breach) that allows people to buy and sell tickets online to games, concerts, and theater shows, notified affected customers after the breach and refunded them for the tickets in addition to increasing security, according to a statement.

At the press conference, Vance said the D.A.’s office didn’t yet know how the hackers had gained access to the StubHub accounts. According to StubHub’s statement, there were “no intrusions into StubHub’s technical or financial systems,” meaning that the hackers must have accessed customer logins either through information from other data breaches or through the use of key-loggers or malware on the customers’ computers.

The case originated with two Russian hackers –Vadim Polyakov, 30, and Nikolay Matveyehuk, 21. The two allegedly hacked 1,600 StubHub accounts, purchasing at least 3,500 e-tickets. These tickets were then emailed to three Americans in New York and New Jersey—Daniel Petryszyn, 28, Laurence Brinkmeyer, 29, and Bryan Caputo, 29. The three Americans were allegedly responsible for reselling the stolen tickets and then laundering the money into various accounts, including PayPal accounts belonging to Polyakov and Matveyehuk and bank accounts in the UK, Canada, and Germany. One of the bank accounts belonged to Russian Sergei Kirin, 37, who advertised money laundering on the internet and took a percentage of the money as his fee.

According to Vance, the three Americans clearly knew they were involved in an international hacking and money laundering scheme. In a series of texts from Petryszyn to Brinkmeyer, Petryszyn allegedly said “…this guy [Polyakov] is pretty much admitting he is a hacker,” and “…I want to be the USA rep for these guys” and “…I don’t give a f*** I will launder all the money they want.”

On July 1, 2014, the DA’s Office discovered via Facebook that Polyakov and a friend were leaving Russia to travel in Spain. Interpol then issued an international Red Notice for his arrest. On July 3, Spanish authorities arrested Polyakov outside his hotel near Barcelona in coordination with U.S. Secret Service. The other six arrests occurred in coordination on Tuesday.

“Fighting cyber crime today requires international cooperation,” said Vance at a press conference on Tuesday alongside the members of the City of London Police and Royal Canadian Mounted Police. “It allowed us to bring down cyber crime rings on both sides of the Atlantic at the same time.”

In contrast the narrative of an international cybercrime and conspiracy presented at the press conference and by the prosecution, Petryszyn and Caputo’s attorneys attempted to paint the defendants as average young men with college degrees and no criminal records.

Attorney Liam Malanaphy described Petryszyn, who showed up in court in jeans, a t-shirt and handcuffs, as a “kid from New Jersey” who is “nervous as hell.” Malanaphy went on to say that he didn’t live the lifestyle of a person with millions of dollars, sharing an Upper East Side apartment with friends and driving his father’s car. Similarly, Attorney Reginald Sharpe described how Caputo, who showed up in court in shorts, lives with his mother and brother in Kearney, New Jersey, and graduated with honors from Mt. Claire State.

Despite this, Judge Melissa Jackson placed Petryszyn’s bail at $2 million and Caputo’s bail at $500,000 in keeping with the prosecution’s request, which had noted the defendants’ access to money and the international scope of the crime. Both plead not guilty to their charges.

These two arraignments are just the start of what will be a long process of bringing down this international cyber crime ring, including the pending arrests of Kirin and Matveyehuk who are still in Russia.  At the press conference, Vance highlighted StubHub’s role in the case, as awareness and reporting are the first steps to bringing these cybercriminals to justice.

A year ago Vance’s office announced the convictions of 15 individuals connected to the Western Express cybercrime ring which stretched from Brooklyn to Ukraine, Vance said. In that case, the defendants were convicted of trafficking more than 95,000 stolen credit card numbers, which resulted in more than $5 million in credit card fraud, according to a press release.

At the press conference, Vance urged people to be on alert. “Cybercrime is everywhere, unfortunately,” Vance said. “We are all capable of being victims.”

Tickets are offered for sale through StubHub on July 23, 2014 in Chicago, Illinois

Six charged in global e-ticket hacking scheme

Criminal charges were filed Wednesday against six people in what authorities said was a global cyber-crime ring that created fraudulent e-tickets for major concerts and sporting events.

According to the Manhattan district attorney’s office, the cyber-gang was able to hack into the ticketing group StubHub, a unit of eBay, to take over user accounts, steal personal information and create fraudulent electronic tickets to concerts by Elton John and Jay-Z, sporting events including Yankees baseball games, and Broadway shows such as Book of Mormon.

An estimated 1,600 StubHub users had their accounts compromised in the scheme, according to the investigation by US, British, Canadian and other law enforcement authorities.

“Today’s arrests and indictment connect a global network of hackers, identity thieves, and money-launderers who victimized countless individuals in New York and elsewhere,” District Attorney Cyrus Vance said in a statement.

One of the members of the group, 30-year-old Russian national Vadim Polyakov, was arrested July 3 in Spain on an international arrest warrant, officials said.

Authorities said Polyakov and others used the hijacked StubHub accounts to create some 3,500 e-tickets sold within hours of some popular events.

The group distributed the proceeds through a global network of accomplices in the United States, Britain, Russia, and Canada, according to a statement from Vance’s office.

Also charged were Russian nationals Nikolay Matveychuk and Sergei Kirin, and Americans Laurence Brinkmeyer, Daniel Petryszyn and Bryan Caputo.

A spokeswoman for the office said Caputo and Petryszyn would be appearing in a New York court on the charges.

StubHub spokesman Glenn Lehrman welcomed the arrests and said it learned of the attacks last year.

“In 2013, StubHub was alerted to a small number of accounts that had been illegally taken over by fraudsters,” he said.

“Since then, StubHub has been working in close collaboration with law enforcement agencies around the world to find those responsible and bring them to justice. Our investigation of these unauthorized transactions led to the case being opened by the New York City District Attorney’s Office. This combined effort culminated with the arrests announced today.”

The news came months after eBay said cyber-attackers broke into its database with customer names, passwords and other personal data earlier, potentially affecting eBay’s 128 million active users.

Cuba's President Castro shakes hands with China's President Xi during a meeting in Havana's Revolution Palace

Chinese president ends regional tour in cradle of Cuban Revolution

HAVANA (Reuters) – Chinese President Xi Jinping ended an eight-day trip through Latin America on Wednesday with a visit to eastern Cuba, where both the island’s independence struggle against Spain and Fidel Castro’s revolution began.

Xi arrived in Havana on Monday and presided over the signing of 29 trade, debt, credit and other agreements on Tuesday ensuring his country will remain Cuba’s second largest trading partner after Venezuela, at $1.4 billion last year.

The Chinese president also met with his Cuban counterpart, Raul Castro, who traveled with him to the eastern city of Santiago de Cuba, and former Cuban leader Fidel Castro.

China will continue to restructure debt, estimated at $6 billion, import Cuban nickel, sugar and cigars, digitalize the television system, upgrade communications and cyber security and cooperate in health, education and science, according to some of the agreements which were made public without any details on Wednesday.

New credits included funding to build a multipurpose shipping terminal in Santiago and a donation to help Cuba’s second largest city recover from Hurricane Sandy, which struck the area almost two years ago.

“China and Cuba being socialist countries, we are closely united by the same missions, ideals and struggles,” Xi said on Tuesday upon receiving the Jose Marti Medal, Cuba’s highest honor.

Other deals included cooperation in pharmaceutical research and development and an agreement between state-owned Cubapetroleo and state-owned China National Petroleum Corporation to increase flows from existing wells and drill at an onshore block just east of Havana.

Raul Castro began instituting market-oriented reforms after taking over from ailing brother Fidel Castro in 2006, much as China did in the 1980s.

But growth has nevertheless slowed and is expected to come in at around 1 percent this year, compared with 3 percent in 2013.

This year, Cuba established its first Chinese-style special development zone and passed a more attractive foreign investment law with a particular eye to friendly nations such as Russia, China and Brazil. It includes a clause aimed at China that for the first time would allow investors to bring in their nationals for construction.

Little of the $80 billion China has invested in Latin America and the Caribbean in recent years has been in Cuba, where just two joint ventures operate.

No new ventures were announced during Xi’s trip. However, a letter of intent was signed between Beijing Enterprise Group Real Estate Co Ltd and state-owned CUBAGOLF S.A. to build a golf course and condominiums on a plot between the Cuban capital and the famed Varadero tourism resort.

Xi was in Brazil last week for a summit of the BRICS nations, which also includes Russia, India and South Africa. He then traveled to Argentina and Venezuela, signing a raft of multi-billion dollar credit and investment agreements.

(Editing by David Adams and Bernard Orr)

Potential Breach at Goodwill Highlights That Not Even Charities Are Safe From Cybercrime

Potential Breach at Goodwill Highlights That Not Even Charities Are Safe From Cybercrime

Bargain shopping might have just become more costly with the news that Goodwill Industries International is investigating a potential credit card breach.  Federal authorities and a payment card industry fraud investigative unit contacted Goodwill late in the afternoon last Friday about a potential credit card number theft, according to a statement on Goodwill’s website. “Goodwills across the country take the data of consumers seriously and their community well-being is our number one concern,” the statement said. The incident is currently under investigation, and there is no new information as of Tuesday morning, according to Lauren Lawson, Goodwill’s Director of Public Relations.

Goodwill Industries International has 2,900 stores and 165 regional headquarters across the United States and Canada, with 158 headquarters in the United States. Goodwill has no centralized point of sale system, according to Lawson.

Brian Krebs, who first broke the Goodwill breach story, has sources who claim that the pattern of fraud on cards previously used at Goodwill can be traced across at least 21 states. The same source says that this breach could have begun in the middle of 2013. Goodwill has not yet returned my request for comment on those claims.

If the investigation does uncover a credit card breach, Goodwill will be following in the footsteps of five large retailers and restaurants—Target, Neiman Marcus, Michaels, Sally Beauty, and P.F. Chang’s—who have recently had major data breaches.

Goodwill stores collect and then sell donated clothes and other household goods, using the proceeds for charity. Goodwill says that donated goods have helped 145,588 people go back to work so far this year. In 2013, Goodwill made $3.9 billion in retail sales, $647 million through industrial and service contract work, and received $618 million in grants, gifts, and government support. Goodwill spends 83% of their revenue directly on employment and training programs.

Because of Goodwill’s charitable work, it’s sad to see them be the potential target of a credit card breach, but it shouldn’t be surprising. Smaller organizations and non-profits might actually receive more attention from cybercriminals who are aware these organizations don’t have the same budget to protect themselves as larger companies, explains iSheriff CEO Paul Lipman.

Until we get more information about how the breach occurred (and indeed if it occurred at all), it’s impossible to speak definitively about the state of Goodwill’s security system, but the potential attack is a sobering reminder that no business or organization is safe from cyber threats. “The potential data breach at Goodwill demonstrates yet again that security is a business issue and must be taken serious by boards at businesses of all sizes, from non-profits to the Fortune 500 level,” says Steve Durbin, Managing Director of the Information Security Forum.

For now, shoppers should be careful about using credit cards at Goodwill and monitor their credit carefully if they have recently visited a Goodwill store.

Microsoft's takedown of No-IP pushes innocents into the crossfire

Duo sentenced to 14 years for Apple Phishing scheme

Two people have been sentenced to a total of 14 years in prison for conducting a Phishing campaign that targeted banking details. The criminals accused, Constanta Agrigoroaie, 23, and Radu Savoae, 28, used the stolen funds as a means to bring foreign criminals into the U.K.

Agrigoroaie was sentenced to six years for her role, while Savoae was handed eight years imprisonment for his role in the scheme by Snaresbrook Crown Court last week.

In all, the two stole £15,000 GBP ($25,560 USD) from victims in the U.K.

According to a police report, the two sent Phishing emails claiming to be from Apple to more than 150 people, informing them that their account had been compromised. The email included a link to a spoofed website, which asked for both personal and financial information.

The harvested information was then used to drain the victim’s bank account, and the money was put towards travel arrangements for foreign criminals, who police say planned to conduct various criminal acts on London’s transportation network (pick-pocketing) and other petty crimes.

The scam itself was discovered in February.

An inbound flight from Romania was intercepted by police at Luton Airport. Six passengers, who claimed they didn’t know each other, were found to have tickets that were all purchased from the same computer.

Investigators later discovered the address where the tickets were purchased, and when police searched the residence in April, they discovered Agrigoroaie at a desk browsing European travel websites.

Moreover, she had a script open “showing a vast amount of personal details, including bankcard details with the full 16-digit number, expiry date and CVV number as well as their home addresses.”

Savoae was later arrested as he attempted to enter the property with police present.

During the search, police found a number of items, including cash, fake Spanish and Romanian IDs, laptops, iPads, printers, and USBs among a vast quantity of blank credit cards.

Moreover, they discovered an embossing machine, hot foil tipping machine, and magnetic card reader – all the things needed to manufacture cloned credit cards.

“This ‘phishing’ duo took advantage of many internet users and duped them into providing their personal information,” said Roads and Transport Policing Command Chief Superintendent, Matt Bell, in a statement.

He added that the sentences are a “testament to how serious this type of crime is” and that they should stand as a deterrent to anyone who might consider undertaking similar acts.

India Inc looks for dedicated cyber cover as phishing attacks intensify

India Inc looks for dedicated cyber cover as phishing attacks intensify

MUMBAI: Indian corporates are increasingly looking at dedicated cyber-security insurance and calling on more diagnostic services, as they look to shore up their protection against the rising incidences of cyber crime in the country.

In 2013, India ranked fourth in the world by the volume of phishing attacks – which try and trick a user to into revealing passwords for official or personal accounts as a way to steal information — and was the most targeted country in Asia Pacific, according to a report by security provider RSA. RSA estimated the loss due to phishing attacks at $225 million (Rs 1,350 crore).

To combat the threat, Indian companies have been boosting their spending on security, a market that is growing 14% on a consolidated average growth rate basis. But now increasingly more are considering insurance as a way to mitigate the impact of a breach.

“Customers are looking at an average of $5-10 million (Rs 30-60 crore) in ( cyber security) cover, but some clients are even considering $25 million (Rs 150 crore) in protection. But you can even get a policy of a premium of Rs 5 lakh a year,” Sushant Sarin, senior vice-president of commercial lines at Tata AIG General Insurance, said.

In the past, cyber-insurance was built into a company’s general insurance plan, but stand-alone plans are gaining ground because they offer reimbursement for costs like forensic investigation, breach notification and even the hiring on a public relations firm to handle the adverse fallout of a large breach.

The demand is also spreading to wider industry segments. Earlier, dedicated cyber-liability insurance policies were predominantly found in the IT sector, which had client mandates that required such insurance.

“There is an increasing demand for such covers in the recent past. BPOs and IT firms, that had international clients, are early users. We now see a lot more demand coming from financial institutions and banks and sectors with strong online presence like

media and travel portals,” said Sanjay Kedia, CEO and country head of insurance brokerage Marsh.

To underwrite the cyber-risk policies, insurers typically team up with the big four consultants to check the companies IT security practices.

Even without the insurance business, the consultancies are seeing increased demand for services that help companies determine if they have been attacked.

“We are seeing increasing demand for our diagnostic services. Companies will ask us to do this to determine if there has been a breach or when they are looking at insurance. We ask companies to do this two or three times a year, we aren’t there yet; but demand is increasing,” said Paul Walker, EMEA leader for forensic technology and discovery services at consultancy EY.

Earlier this month, EY launched cyber forensics and eDiscovery centre in Hyderabad to drive the growth of the firm’s expanding cyber-forensic practise in India.

Companies are also looking at providing cloud-based assurance programmes to small businesses that would otherwise be unable to afford diagnostic services. BigRock, which helps small businesses leverage the internet, is offering a web-based security tool that scans websites to prevent malware attachment, incursions and hack attempts. The basic plan costs less then Rs 1,000 a year.

Pirating copyrighted content is legal in Europe, if done correctly

U.K. has a new punishment-free plan to turn download pirates into buyers


Anti-Piracy Laws for Illegal Downloads

The British government has apparently decriminalized online piracy, VG247 reports, and pirates who download illegal copies of movies, music and games will no longer be punished, as the U.K. has figured out its actions against pirates were not working anyway.

The government will still send out warning letters to Internet users who download illegal content, but after the fourth warning, no further action will be taken.

Instead of punishing people who constantly download illegal stuff, the government, joint by UK’s biggest Internet providers – including BT, TalkTalk, Virgin and Sky – will try to convince people to download legal content by informing them about the sources where legal content can be purchased.

The initiative, called the Voluntary Copyright Alert Programme (VCAP), is the result of years of negotiations between ISPs, the movie and music industries, and the U.K. government.

File-sharers should know that VCAP will kick in at some point in 2015, not sooner. It’s likely that governments and copyright holders will still fight against file-sharing sites even after VCAP arrives. After all, no matter what studies say, content holders are still ready to pay a lot of money to put a stop to illegal downloads, no matter how difficult the process is.

Because VCAP will still have ISPs monitor illegal downloads, it’s not clear at this time whether copyright content holders will be able to pursue pirates and ask for damages, even though the government won’t take any action.

“VCAP is not about denying access to the Internet. It’s about changing attitudes and raising awareness so people can make the right choice,” music trade body BPI’s chief executive Geoff Taylor said.