Latest e-mail scam: death threats
I guess since the Nigerian scams are too common people are working on new angles to rob people via email. This is a great one too, the email purports to be from a contract killer with the recipient being the intended target, but the killer will renege on the killing if the person will cough up some cash. It said, in part, “Am very sorry for you my friend, is a pity that this is how your life is going to end as soon as you don’t comply. … I don’t have any business with you, my duty as I am mailing you now is just to KILL/ASSASINATE you and I have to do it as I have already been paid for that. [...] Get back to me now if you are ready to pay some fees to spare your life, If you are not ready for my help, then I will carry on with my job straight-up.“ The FBI reports that it started seeing these emails about 6-8 months ago, and they’ve traced at least one to Eastern Europe. It looks like they’re even starting to resort to some standard phishing tactics to get more personal information out of people, “…some bold thieves have even used the e-mails on FBI letterhead, or claim to be from the Department of Justice, Internal Revenue Service, Social Security Administration or Better Business Bureau. Typically, they say some kind of complaint was filed and ask the recipient to make a phone call, click a hyperlink or open an attachment — tricks designed to steal personal information.“ So just remember, if any of this were true they would not be contacting you via email.
Please verify your account
Got another PayPay phishing email today, my filters caught it no problem, so now let’s pollute their database of username and passwords. Here’s the direct link to the
Phishfighting page that will flood the phisher’s site with bogus usernames and passwords. If you’re using Firefox I recommend center clicking on the link 5 times (or more) and leave those tabs open for a day (or more). Have fun.
UPDATE: yep, after leaving it there all day while I was out I return to see the link throwing a 503 – server unavailable. Sweet. Don’t let that stop you, there are plenty more: here’s a fake eBay one, and a fake PayPay one. Also, I’m flattered that PhishFighting has a quote of mine “After a good defense we need a good offense – fak3r.com” in the left column on the front page.
I’d rather be phishing…
It seems that the phishing site I referred to earlier is now dead (request timed out!) Yah, very cool, now how about another one to keep the ball rolling? Go ahead and try out this one: this one, YAPPS (yet another pay-pal scam). Feel free to open a bunch of tabs on that URL; I’ll throw up a new one once it goes down. This would be a good application for that ‘flash mod’ type of ideal; get a phish-fighting email list, send out a URL like this and have 100s of folks hit it at once. It’d be more like a (more coordinated) 419 attack.
Giving back to the phishers
This past week I got another phishing email, and while they’re annoying, I was especially annoyed that this one got through my spam and virus filters. Generally the server stops them, with ClamAV catching and blocking them before they squirm to my Inbox, but this one made it through. It was another ‘Activate your PayPal account!’ style emails, with a link to a URL that started with mail.american.hu – so they didn’t even add PayPal to the sub domian to at least try to make it look legit (ie- paypal.american.hu). Still, the page looked real, and I’m sure people like my mom would feel she needed to login and find out what was up. So, I hit Google to look for a way to report, or fight back, and was happy to find the tremendous site; PhishFighting. Created by a frustrated web designer, all you do is cut/paste the URL of the offending phisher, and then PhishFighting takes over and posts, over and over, every 20 seconds with a randomly assigned bogus email/password combination. Then it’s easy enough to bookmark that page, and cut/paste it into new Firefox tabs so you can hit it multiple times. I’ve emailed the admin of the page to find out if there’s an acceptable usage (I don’t want to slam his server) but so far I’ve sub’d a few thousand bogus entries just by opening a few new tabs in Firefox and leaving the computer running overnight. I emailed him about seeing some of the source code, as I’d like to create a C or shell script to act as a client and do this automatically, outside of a browser. Then I could create and host a web site to collect and verify phishing URLs, and have the client talk to the site to make sure it’s list is fresh. Hmmm…it could even update like ClamAV does, with a little script set to go off via cron to check for updates, that would be fly! Want to try it out? Why not use my current Phishers URL (pasted into PhishFighting of course) by clicking here. Do the center click on the link in Firefox and leave a few tabs humming away for awhile, it’s a good feeling.
Hi, I'm fak3r and I've been online for over 15 years, blogging for 10. I work with open source software, various hardware and whatever else that I can hack on. I enjoy learning by doing, painting infrequently and listening to more music than the law allows. Feel free to follow me and comment on my thoughts and ideas; we're all in it together kid.
