[IP] re spoofing scams?

To: ip@xxxxxxxxxxxxxx
Subject: [IP] re spoofing scams?
From: Dave Farber <dave@xxxxxxxxxx>
Date: Fri, 16 Jan 2004 11:24:26 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx

Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Fri, 16 Jan 2004 07:57:00 -0800
From: Marvin Weinberger <Marvin@xxxxxxxxxxxxxxxxxxxxx>
Subject: did you see this item re spoofing scams?
To: "Dave Farber (farber@xxxxxxxxxxxxx)" <farber@xxxxxxxxxxxxx>

Beware of 'Spoofing' Scams

By Gene J. Koprowski, UPI Technology News

CHICAGO (UPI) -- An e-mail newsletter, apparently from a well-knownnational newspaper, arrives in your in-box. You read the content and seeads for such leading brands as Best Buy and Citibank. The message includesan amazing offer from the electronics retailer -- $25 for a new operatingsystem software package on CD. The problem is the newspaper, the ads andthe offer are illusions, scams -- frauds.

"Creating a scam like this is extremely easy for con artists," said FelixLin, co-founder and chief executive officer of Qurb Inc., an anti-spamsoftware developer in San Mateo, Calif. "And it can be very lucrative forthe con men who are carrying it out. But it is damaging to the brandsinvolved, and costly for everyone who falls for their traps," he toldUnited Press International.

Confidence tricksters simply go to the Web site of the brand they aretargeting, and cut and paste the content of the ads they wish to emulateinto their own files. Then they add hyperlinks to their own, secret sites,where the unwary, who click on the link seeking a great deal online, areasked to enter in their Social Security numbers, driver's license andcredit card numbers, and bank account passwords. "It's called brandspoofing," Lin said.

Another pernicious thing about this underground trend is it dupes people byplaying off the deep discount mentality that legitimate online brands, likeAmazon.com, have fostered in the Internet marketplace. "Consumers expectthat there will be deals online, free shipping, et cetera," Susan Larson,vice president of global content at SurfControl PLC, in Scotts Valley,Calif., an anti-spam software developer, told UPI. "They play off of that."

Anti-spam software companies first detected brand spoofing last March. "Thebad guys have been looking for new angles to exploit online," said MichaelWeider, chairman and chief technology officer at Watchfire Corp., inWaltham, Mass., another anti-spam software developer. "They realize thatpeople trust brands and want to fool you into thinking that they're Bank ofAmerica or Citibank. They're exploiting the trust relationship betweenconsumers and brands."

Fraudulent brand advertisements accounted for one of every 100 commerciale-mail messages sent last October. By November, the figure had grown to oneout of 25 e-mail messages, and by December, brand spoofing represented onein 20 commercial messages sent online. "That's 5 percent of all the spam,"said Larson, whose firm is monitoring the trend. "It was building up thereat the holiday season."

The swindlers use so-called open proxy servers, which enable them to sendnearly untraceable e-mail messages, under the guise of legitimatecompanies. Research conducted by the University of Oregon Computing Centerin Eugene demonstrated recently that the number of open proxy serversincreased from 1,000 in 2002 to 100,000 last year.

Major brands, like Microsoft, Sony Electronics, UPS, Pay Pal and FirstUnion Bank, all have been impersonated by these cyber-grifters, who canprofit by charging the credit cards of gullible buyers. "It's dangerous,"Lin said. "A lot of companies aren't being proactive enough in protectingtheir own brands and protecting consumers."

The imposters are becoming very audacious by creating entirely fictionalbrands online -- companies and products that do not even exist, except inthe minds of the criminals, Larson said. "This is organized crime on theInternet," she added. "Quick and dirty profits, and profiteers."

Purported commercial organizations are not the only ones spoofing online,however. Alleged non-profits are doing so as well. Radical groups haveestablished fronts throughout the United States, posing as ostensiblycultural organizations, and are marketing themselves heavily online, StevenEmerson, author of "American Jihad The Terrorists Among Us" (The FreePress, 2002), said during a Jan 9 speech at the National Strategy Forumlecture at the Chicago Athletic Association.

Using the Internet, as well as other technologies, like CD-ROMs, and DVDs,these groups spread the message of jihad throughout the United States andrecruit would-be jihadis, all the while raising funds from unsuspectingAmericans, as if they were legitimate non-profits, he said. "The FBI doesnot expose these organizations unless they know a crime has beencommitted," said Emerson, executive director of the Investigative Projectin Washington, D.C., a group that tracks terrorists. "There was a majorHezbollah conference in Kansas City last week, and the participants wereyelling, 'Death to America.' These are radical people, feigning moderation."

Spoofing is beginning to attract the attention of authorities, however.U.S. Attorney for the Northern District of Illinois Patrick Fitzgerald andJoseph A. Morris, former associate U.S. attorney general -- both activebehind the scenes in national security affairs -- and a top FBI specialagent from the Chicago office, attended Emerson's lecture.

How can one tell if an organization is what it claims to be online? MattDircks, vice president of anti-spam software developer NetIQ Corp., of SanJose, Calif., said if you receive an offer online, make sure to check outthe seller's Internet Protocol address, before transacting any business."If it says Citibank.ru, as in Russia, be wary," he told UPI.

Whether a for-profit or non-profit company sends an e-mail solicitation,and the IP address seems legitimate, people should look through the site tosee if there is a corporate history page, as well as sufficient contactinformation to reach the firm offline, Larson said. "If you can't reachthem by telephone to confirm the offer, it could be fraudulent," Larson added.

Lastly, experts advise, never respond directly to an e-mail ad by clickingon a link in the message -- no matter how familiar you are with the brand."E-mail seems to be the medium of choice for these hackers," Weider said."But very few real banks, or companies, will ask you for financialinformation by e-mail. These are definitely criminals."


----------------------

Copyright 2004 by United Press International. All rights reserved.



----------
This mailbox protected from junk email by Matador

from MailFrontier, Inc.<http://info.mailfrontier.com>http://info.mailfrontier.com



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] Cato's Adam Thierer on FCC and "return of the 7 dirty words"
Next by Date: [IP] Yes there are Any free passes for IP Readers or such this year for the Emerging Tech Conference?
Previous by thread: [IP] Cato's Adam Thierer on FCC and "return of the 7 dirty words"
Next by thread: [IP] Yes there are Any free passes for IP Readers or such this year for the Emerging Tech Conference?
Index(es):
- Date
- Thread