Over the last few months I’ve noticed a resurgence of e-card spam scam from our unfriendly neighborhood spammers.

According to security expert Bill Mullins, in the last year, email inboxes have being swamped with similar scamming emails from fraudulent sites like Greetings.com, and 2000Greetings.com, amongst others.

This time around, the domain name being used by these scammers is Greetingcard.org, which is a legitimate site of The Greeting Card Association, a greeting card industry trade association. This organization makes no bones about it when it says on its website, “We do not publish cards, nor do we have an e-card pick up. If you receive an e-card notification from our association, it is fraudulent and should be deleted”.

Read the rest of this entry »

Last week one of my clients received the resurfaced American Express phishing email. And yesterday an associate told me a dastardly story about being fleeced out of $2,700 from his Citibank account.  This was the result of responding to a phishing email.  Although email administrators may be more educated and wiser to phishing emails, we must continue to stick to the basics in reiterating and providing ongoing  education to our email end users.  As mundane and simple as it may be to us, it’s important to stick to the basics.

Educate your email users with the following information in your next phishing alert email or newsletter:

What is phishing?  Phishing is when some one sits there and creates a spam message to fool the user into thinking that they are going to a legitimate web site and ask them to give up personal information, such as their social security, credit card and bank account numbers.  However, this fake web site is only set to steal the user’s information. The email may look like it is coming from a legit company - creating a web site is easy and to make it look like one from a legitimate business is not hard either.

Read the rest of this entry »

 MillerSmiles.co.uk is one of the internet’s leading anti-phishing sites, maintaining a massive archive of phishing and identity theft email scams.  This organizations provides the latest information on phishing scams.  MillerSmiles.co.uk actually keeps its phishing database updated from contributions from people around the world, including email administrators.

Read the rest of this entry »

Every day, millions of people receive dozens of unsolicited commercial emails, known popularly as “spam.” Some users see spam as a minor annoyance, while others are so overwhelmed with spam that they are forced to switch email addresses. This leads many email users to submit helpdesk requests to email administrators with the question “How did these people get my email address?”.

The Center for Democracy & Technology (CDT) embarked on a project to attempt to determine the source of spam. They set up hundreds of different email addresses.  Then the CDT waited six months to see what kind of mail those addresses were receiving. It should come as no surprise to most email users that many of the addresses the CDT created for this study attracted spam.  What is very interesting is the different ways the email addresses attracted spam. There were also the different volumes, depending on where the email addresses were used.

Read the rest of this entry »

This story is near and dear to me.  One day I went into a frenzy, because a good friend sent me an email that she was stranded in Ghana and needed me to send her some money.  She never mentioned she was going to Ghana.  I was taken off guard at first, because I had a couple of other friends who had gone to Ghana to work, about the same time. Common sense came to my rescue again. I finally collected my thoughts and called my friend’s boyfriend. He confirmed my friend’s Gmail account was hijacked and she was safe at home in New Jersey.  It only goes to show email administrators must constantly remind our email users not to open email from unknown people.

Read the rest of this entry »

Escaping: This technique uses legal URL formatting to hide the address.  Escaping encodes the URL with a percent sign followed by a hexidecimal code. An escaped URL can look like “http://%2E%2E%2E%48%20%18%32%2F%48…”. You can easily decode this by copying it into the location bar of your browser and hitting return. The status area of your browser will usually show you the translated address. If you don’t want to make your browser go the the URL, then you can decode the URL with a good old ASCII translation table. Many of these have decimal, hex, and octal codes for each character.

Read the rest of this entry »

One of the main issues with the original development of email is that it was never designed to be secure. The focus of email was mainly to be functional and easy to use. Today these core functions, which made the invention of email successful, are now the root cause of the problem.   Spammers can send millions of messages for a minimal cost.  At the same time spammers can hide or falsify their identity information. For this reason the prohibition to send commercial electronic messages disguising or concealing identity information is included in all the anti spam legislative instruments currently implemented.

Read the rest of this entry »

Some or all provisions of some individual state laws may be preempted by the United States federal CAN-SPAM Act of 2003, including provisions regarding a private right of action.  Although not part of any platforms with the upcoming United States election, how does each of the presidential candidates’ individual state fare with spam legislation? Only the highlights of the state spam laws are presented.

Barrack Obama - Illinois
Running mate for Vice President: Joe Biden
(815 ILCS 511/10)
Sec. 10. Unsolicited or misleading electronic mail; prohibition.
(a) No individual or entity may initiate or cause to be initiated an unsolicited electronic mail advertisement if the electronic mail advertisement (i) uses a third party’s Internet domain name without permission of the third party, or otherwise misrepresents any information in identifying the point of origin or the transmission path of an electronic mail advertisement or (ii) contains false or misleading information in the subject line.

Read the rest of this entry »

While criminals thought it was based in Eastern Europe, the Internet’s top English-speaking cybercrime forum was secretly run by the FBI from this building on the banks of the Monongahela River in Pittsburgh.  Photo: John Monroe Butler/ Wired.com

Kevin Poulsen reports that DarkMarket.ws, an online community center for thousands of identity thieves, hackers and credit card swindlers, has been secretly run by an FBI cybercrime agent for the last two years, until its voluntary shutdown earlier this month, according to documents unearthed by a German radio network.

Reports from the German national police obtained by a Southwest German public radio station, blew the lid off the long running sting by revealing its role in nabbing a German credit card forger active on DarkMarket. The FBI agent is identified in the documents as J. Keith Mularski, a senior cyber crime agent based at the National Cyber Forensics Training Alliance (NCFTA) in Pittsburgh, who ran the site under the hacker handle Master Splynter.

Read the rest of this entry »

Most web browsers are supposed to protect people by implementing security zones. These safe zones use different security settings of a web browser, which can vary based on the location of the web page being viewed. Phishing emails can lure users to a malicious code web site.  These sites attempt to install spyware, malware or both onto the unknowing person’s computer. These web sites rely on weaknesses in web browsers, which will allow installation and execution of harmful programs on a computer.  These web browser vulnerabilities allow overriding settings, even when these sites are located in a security zone that is not trusted and normally would not allow those actions.

Read the rest of this entry »