Posted 01/14/10 at 06:51:03 PM by Pulkit Chandna

The cataclysmic turn of events in Haiti has sent shockwaves throughout the world. There is no dearth of individuals looking to financially support the monumental relief effort currently underway in the island nation. Everyone can be rest assured that there is no dearth of those gloating over Haiti's misery, either. Gangs of cyber scavengers have hit top gear and are pulling out all the stops to hoodwink unsuspecting, well-intentioned donors. Their methods may be old but still tend to yield rich dividends.

Since the vast majority of online charlatans use fake internet addresses, unsolicited emails and social networking sites to reach their prey, it is very easy to deny them by just ignoring the links and  attachments contained in them, howsoever affecting the cry for help. Some useful advice on identifying and reporting scams is available on the FBI's site. There Better Business Bureau also offers some valuable information on the subject, including a list of charitable organizations with proper accreditation, on its web site. Here is a typical scam doing the rounds in the UK.

Read More

Posted 12/22/09 at 07:15:12 PM by Ryan Whitwam

Traditionally, the lowlifes running botnets have made due with shared hosting provided by shady ISPs. As these crimes become higher profile, enforcement has stepped up resulting in many of these ISPs going offline. To address this dilemma it looks like some purveyors of malware have started buying their own data centers.

It’s actually depressingly easy to do. The people running a botnet need only acquire a block of IP addresses from one of the Regional Internet Registries (RIR) or Local Internet Registries (LIR). These regulatory bodies are only supposed to be handing out IP blocks to large companies, ISPs, and telecoms. Turns out the RIRs aren’t doing their due diligence in investigating applications. Once the bad guys get the IP addresses, they buy some servers in a data center, and they become their own ISP.

This effectively takes away the best point of attack for authorities. “If there's a problem, who are you going to talk to? It's a different ball game now. These guys are buying their own data centers. These LIRs and RIRs aren't going to push back if you say you need a /24 or /16. They're not the Internet police," said Alex Lanstein of FireEye Research. The process is becoming common is places like Europe and the Caribbean. What’s worse, getting the IP addresses back can take a lot of time and effort. The procedures just don’t exist. The solution? Well, there isn’t one right now, but if you have an idea, we’d love to hear it in the comments.

Read More

Posted 11/24/09 at 01:55:07 PM by Paul Lilly

The feds have dethroned another "spam king," who, like the ones before him, will spend a little bit of time behind bars. Alan Ralsky, 63, pleaded guilty to commit wire fraud, mail fraud, and to violating the federal CAN-SPAM Act.

What landed Ralsky in hot water was allegedly sending out unsolicited email to jack up the price of penny stock in Chinese companies to artificially high prices, and then selling it. Ralksy's Internet stock scheme netted him $2.7 million, as well as the attention of the feds and ultimately a 4-year prison sentence.

"With today's sentence of the self-proclaimed 'Godfather of Spam,' Alan Ralsky, and three others who played central roles in a complicated stock spam pump and dump scheme, the court has made it clear that advancing fraud through abuse of the Internet will lead to several years in prison," said U.S. Attorney Terrence Berg. "I commend the FBI, the Postal Inspection Service, and the IRS Criminal Investigative Division for their determined and careful investigation in this case which led to today's result."

Ralsky, who pleaded guilty back in June of this year, may have gotten off a little light, as he faced up to 7 years in prison.

Read More

Posted 11/12/09 at 01:15:35 PM by Paul Lilly

Trend Micro has issued a warning that the Koobface botnet has begun pushing out a new component capable of automatically registering a Facebook account and confirming an email address in Gmail to activate the fake persona. Once Koobface becomes part of the social network's community, it begins randomly joining Facebook groups, adding friends, and posting messages to people's walls.

"Overall, this new component behaves like a regular Internet user that starts to connect with friends in Facebook," says Trend Micro. "All Facebook accounts registered by this component are comparable to a regular account made by a human. The details provided about the account are complete such as a photo, birth date, favorite music, and favorite books, among others. In addition, every account registered is unique in such a way that the details vary for every account registered."

That's pretty wild, and it's done using Internet Explorer to create and register the account, according to Trend Micro. But what's interesting is that the Koobnet botnet halts its dastardly deed if the affected user is kicking it old school with IE6.

So how do you avoid being duped by a fake friend? You could become a loner, but that might get, well, lonely. Common sense applies - be sure you know who it is you're adding. And as usual, be wary of clicking on links. Trend Micro says the messages posted through Facebook's wall contain a link that leads to the fake Facebook or YouTube page hosting the Koobface loader component.

Read More

Posted 11/10/09 at 06:30:15 PM by Ryan Whitwam

Security firm FireEye has reportedly struck a massive blow against spam. The so called “Mega-D” or “Ozdok” spam botnet was effectively dismantled by these intrepid security researchers. After studying the beast, FireEye launched an attack by notifying ISPs, having command and control (CnC) domains removed, and then registering unused CnC domains.

Almost immediately, the spam ceased. No small feat, considering Ozdok was probably responsible for one third of the world’s spam. This takes the load off ISPs which were forced to filter the spam from this botnet. Individual users probably won’t notice much difference.

FireEye found that over 246,000 zombie machines were reporting to the CnC domains in their possession after the takedown. The security firm plans to work with ISPs to indentify the owners of the PCs so they may remove the malicious software.

Read More

Posted 11/06/09 at 09:04:10 AM by Paul Lilly

Some changes are coming to Twitter that the microblogging site hopes will help curtail the amount of spam that flows through its Trending Topics area, the social networking site announced in a blog post.

"As Twitter grows and the number of tweets each day continues to astound us, we’ve noticed an increasing amount of clutter in the public timeline, especially with trending topics," Twitter noted. "Trends began as a useful way to find out what’s going on but has grown less interesting due to the noisiness of the conversation."

Twitter's solution is to start experimenting with ways of ranking retweets, though the service didn't say how this would work. If we had to guess, we'd say it would be based on some kind of algorithm that gauges a user's popularity, among other factors, rather than a manual approach.

According to the blog post, any initial changes will be minor and "the improvement won't be very noticeable at first."

Read More

Posted 10/30/09 at 12:35:46 PM by Paul Lilly

If only spammers had the dough to pay their court-appointed fines, Facebook could make a full-time living in the courtroom. The social networking site slapped Internet marketer Sanford Wallace with a lawsuit alleging he was accessing Facebook accounts without permission and posting fake messages on users' Walls. The judge didn't take kindly to Wallace's actions and awarded Facebook with a little over $711 million in damages.

Not a bad day in court for the social networking site, but Facebook doesn't stand to receive anywhere close to that amount, and it knows that.

"While we dont' expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals," said Sam O'Rourke in a company blog post.

Maybe it will, maybe it wont.  Last November, Facebook won an $873 million judgment against Adam Guerbuez and Atlantis Blue Capital for a phishing scheme, but has yet (if ever) to collect on that. And therein lies the problems with these judgments.

Getting back to Wallace, the exorbitant fine may not be the only thing he has to worry about. The judge in the case referred Wallace to the U.S. Attorney's Office requesting that he be prosecuted for criminal contempt, so it's possible he could serve some jail time.

Read More

Posted 10/21/09 at 08:32:30 AM by Paul Lilly

You and I might call it spam, but small businesses who promote their products on social networking sites like Facebook and Twitter call it smart advertising. No matter what you call it, don't expect those product plugs to go away any time soon. In an online survey, Internet2Go found that 45 percent of some 2,400 small business respondents with fewer than 100 employees said they use social networking tools to push their services or wares.

"For these guys, costs was a big factor," said Greg Sterling, an analyst for Internet2Go. "They either need to hire a dedicated person or need more resources and don't have it.

We're talking really small businesses here, as most of the respondents -- 8 out of 10 -- had four or fewer employees and annual marketing budgets less than $5,000. Nearly half of all respondents said they spend less than $1,000 on advertising and marketing, so it makes sense they would flock to Facebook and other essentially free venues.

"We are going to see more and more of this behavior from other small businesses because it's free and you don't have to have expertise to set up these pages," Sterling said.

Read More