Saw an interestingly different phishing scam mail today; one purporting to be alerting customers to phishing scams, and requesting they contact the bank on an 800 toll-free number (no doubt paid for with a stolen card) in order to unblock access to their account.
Continue reading ‘Phishing by telephone - clever twist’
Less
More
Archive for the 'abuse' Category
I’ve been getting too many spam comments slipping past Akismet lately, so I’m trying out reCAPTCHA to see if it’s useful.
I didn’t really want to add a CAPTCHA-based system in case it makes it harder to comment (and therefore might perhaps discourage people from posting comments, not that many do anyway) but I thought I’d give it a try. Also of course it’s hard on blind people.
I decided that, if I’m going to use any CAPTCHA system, I may as well use reCAPTCHA, since the effort used to decipher the image isn’t wasted, it’s helping to digitize books.
What do you think? Does a CAPTCHA put you off commenting? Are the reCAPTCHA images too hard to decipher? (That’s something I’m particularly worried about, some of the ones I’ve seen so far looked hard to read).
It may be just coincidence, but shortly after I wrote about John Burns from Monster.ie spamming a load of Irish IT pro’s, I’m now getting quite a few phishing mails purporting to be from Monster. They don’t have a plain text part, and interestingly purport to have been sent using Sylpheed on Linux:
X-Mailer: Sylpheed version 0.8.2 (GTK+ 1.2.10; i586-alt-linux)
The mails contain content like:
Dear Monster (Jobs & Careers) member,
Monster Technical Department requests you to complete Online Employer Form.
This procedure is obligatory for all clients of Monster.
Please select the hyperlink and visit the address listed to access Online Employer Form.
It could of course just be a co-incidence, but it seems strange that I’m receiving this now, shortly after making a post about Monster. I do have an account on Monster - I’m a little concerned that my account may have been one of the ones which fell into the hands of attackers in Monster’s recent data security breach (for more info read [1], [2], [3], [4], [5], [6]).
Sidenote: Monster.ie head honcho James Mailley issued an apology for the whole spamming fiasco.
I wouldn’t normally bother to publish something like this, but the attitude that John Burns, Monster’s Business Development Manager in Ireland is shocking, and I think is worth drawing attention to.
To summarise what happened, Monster.ie harvested a list of email addresses of members of IT@Cork members and used it to send an unsolicited, spammy mail to. He then tried to “recall” the mail (which only works with clients like Microsoft’s Outlook which are insecure enough to accept a request to delete a mail from your mailbox), again exposing everyone’s email addresses by not using the BCC field.
Continue reading ‘Monster.com spams then threatens Irish IT Pros’
Lately I’ve seen quite a few comment spams in my Akismet caught spams list starting with “Sorry :(” - is this a comment spammer who actually feels bad about abusing other people’s blogs to advertise crap? (But he still does it - so his morals aren’t that strong :)).
Recently I’ve received a number of spams where it looks like the spammer hasn’t set up their spamming tool properly, containing just placeholders:
06/03/2007 (13:53 GMT +03:00)
1.0
Content-Type: text/html
Date: %CURRENT_DATE_TIME%MESSAGE_BODY
C’mon, if you’re going to spam a message to thousands of people, at least test it first!
Finally set up a proper SPF record this evening for my domain, hopefully that’ll help at least a little in the fight against spammers.
Okay, I came across this site the other day: http://www.netauthority.org/
They describe themselves as:
The Net Authority is an organization dedicated to the removal of offensive material from the Internet. The online world is teeming with pornography, depravity, blasphemy, and all kinds of hate propaganda. It is our mission to define a set of guidelines to which all information posted on the Internet must adhere, and to hold responsible those who would knowingly break those guidelines.
Erm, who the fuck do they think they are? “To hold responsible those who would knowingly break those guidelines? What the hell do you think you’re going to do about it? You’ve made up your own set of arbitrary guidelines, and want to threaten to somehow punish people who don’t abide by them?
Continue reading ‘Who do they think they are?’
I joined Project Honey Pot today. It’s an interesting project using Honey Pots to detect email address harvesters.
I’ve set up a couple of honey pots to help out, and donated several MX records (it’s easy, just create a sub-domain MX record pointed to their server.
Continue reading ‘Project Honey Pot - catch the spammers’
As well as my normal development duties I deal with some of the incoming abuse reports at work, and recently I’ve dealt with a number of phishing sites which submit data to a script named “Mr-Brain.php”. A quick Google showed no useful results, so I’m posting about it here.
Continue reading ‘Watch out for “Mr-Brain.php” - phishing script’
Recent Comments