Postscript to the phishing scam

Posted on by
16

Many weeks, six emails, one complaint lidged in the ISP’s automated ticketing software, and the phish sites I talked about here remained active and functioning.

But two hours after I make a LiveJournal post about it, the site is knocked offline and I get the following email in my mailbox:

HI
We are aware of this but can’t comment further at this time however please be assured that it is being handeled inline with the local police

Rus

It’s possible the timing was a coincidence, of course, and the site being knocked offline had nothing to do with talking about the phish fraud openly. It’s possible, but it seems pretty weird to me.

Computer security: Down the rabbit hole

Posted on by
40

So a couple weeks back, I get an email in my mailbox telling me that there is a problem with my PayPal account, and asking me to click a link to verify my account information.

Since I don’t have a PayPal account, it didn’t take a great deal of intellectual prowess to figure out that it was a “phish” email–an email designed to trick the credulous and unwary into going to a phony site and handing over their PayPal password. I get about a half-dozen of them a day, and I fired off emails to the appropriate Web hosts and forgot about it.

Next day, I got another phish asking me to validate my Bank of America account information. I don’t have an account with Bank of America, naturally. Again, a standard phish.

The only weird part was that the phony Bank of America site was hosted on the same Web server as the phony PayPal site. Fired off another email to the ISP hosting the fake sites and forgot it.

And got another phish email. And another, and another after that, and another after that. All advertising phony Web sites hosted on the same server.

“Huh,” I thought. “This is weird.”

We are, of course, about to get technical here

Arrgh! Con artistry hits work

Posted on by
18

There is an old-school type of fraud, conducted by phone, that’s the old-world equivalent of the “phishing” emails you get all the time. You know the ones I mean–the emails that say “There has been a problem with your online banking/your online PayPal account/your eBay account/whatever, please click here to confirm your identity.” And then you click there, and you’re taken to a Web site that looks like your bank site, or PayPal, or eBay, and you type in your bank account number or your username and your password, and Wham! You’ve just given your information to Russian organized crime!

The old-school variant is the same thing but on a more personal, more individual level, from con artists who believe in age-old, hand-crafted fraud, not this soulless, mass-produced fraud we see so much of today.

In the old-school, hand-crafted variant, the con man calls you up on the phone and says “Hi there! I’m John from Bank of America. Bad news! We think someone just tried to use your bank account fraudulently! Did you just order $2,000 worth of rare wine to be shipped to an address in Hong Kong?”

And you freak out and your heart starts pounding and you sa “No! No, I didn’t! Oh no! What do I do?”

And he says “Relax, don’t worry, we thought it was fraudulent, we’ve put a freeze on your bank account. And then you’re all like “Phew! That was close!” while visions of bounced checks and ruined credit dance in your head. And then he says “OK, we’ll reverse the charge and unfreeze your account. For security, we need you to confirm that you’re the real bank account owner. What’s your social security number? What’s your bank account number? What’s your debit card number? What’s your PIN?”

And he’s hoping you’re so freaked out that you’ll just gullibly tell him.

This kind of fraud fell out of favor a while ago when folks invented caller ID, because (a) the con man doesn’t want to give out his caller ID number and (b) people get suspicious when they get calls that are supposedly from the bank but it says “caller ID blocked.”

They’re making a comeback, though, since it is now cheap and easy to fake caller ID numbers. The con men put fake caller ID numbers–usually random 1-800 numbers (because people think “oh, if it’s coming from an 800 number it must really be my bank!”) that are not really the bank’s numbers (because the con artist doesn’t want folks calling the bank to confirm the story) into a gadget or computer program that fakes what you see on your caller ID.

So today, apparently there’s a con artist who’s rapid-fire calling dozens of potential dupes…

…and is forging our phone number on his caller ID spoofer.

So folks are calling us (a LOT of folks are calling us) and screaming at us–“How dare you try to get my bank account number, you motherless sons of flea-infested goat herders!”

They are savvy enough to realize that the call is a dupe, but gullible enough to believe that the number they see on the caller ID is actually the number that the con artist is calling from.

*headdesk* *headdesk* *headdesk* *headdesk* *headdesk* *headdesk*

So the stress and poor sleep continues…

Posted on by
24

…and with it, the unreasonably vivid dreams.

Which, in this case, apparently offer me the history of cinematography for the next century. Apparently, in 2101, I am to be assigned the task of writing a book on the top 100 movies of the past century (2000-2100). You will no doubt be relieved to know, Gentle Readers, that Watchmen made the cut.

Among the more interesting:

The top movie of 2039, surprisingly, was the surrealistically violent, surrealistically explicit Strength, a highly stylized movie billing itself as “inspired” by the life of the Viking king Canute the Great. It was originally released in 2037 under the name Strength Over Ice as a sprawling 3 hour and 20 minute epic, and was critically panned; Strength Over Ice was a box-office flop. In 2039, an edited, streamlined 2-hour version of the movie was re-released under the new title and became an unexpected hit.

The only documentary to make the list was 2057’s Like Neighbors, an account of the brutal murder in 2032 of Kenneth Lanton at the hands of a group of eight members of the theocratic American Dominion Party for alleged “offenses against sexual decency”, and the backlash that it triggered which eventually led to the loss of all six Senate seats held by the party and to the dissolution of the party itself in 2049. When Like Neighbors was released, a handful of theaters refused to show it because the movie contains footage of the murder itself, taken by one of the attackers.

I need to go to bed earlier.

Quote of the Day

Posted on by
20

“There are two novels that can change a bookish fourteen-year old’s life: The Lord of the Rings and Atlas Shrugged. One is a childish fantasy that often engenders a lifelong obsession with its unbelievable heroes, leading to an emotionally stunted, socially crippled adulthood, unable to deal with the real world. The other, of course, involves orcs.”

I know folks who’d fuck this light

Posted on by
66

Saturday, my roommate and I went to see the new X-Men movie.

This isn’t a post about that movie, except to say horrible movie was horrible, it’s boringly, tediously predictable, and Rorschach would have dropped him down an elevator shaft.

We got our tickets early, expecting a sell-out crowd (which never materialized; the theater was only about a quarter full), and then spent a little bit of time wandering around the tiny strip mall where the theater is located.

There’s a kitchen and bath shop right next to the theater, and in the showroom they have the most amazing chandelier. And I mean that in the worst possible way.

It’s a crappy picture, taken as it was through the window into a darkened store with my iPhone. Still, I think it gets the general idea across.

The chandelier is huge, and is made of an enormous lump of glass with long tentacles coming out of it. And, I want to add, each of those tentacles has a knob on the end of it. An oblong, rounded knob.

This is a lamp for people who really, really, really love their Japanese tentacle porn. This is a lamp that would, were it not chained down, be able to fuck half a dozen schoolgirls in every available orifice simultaneously, without breaking a sweat.

This is the lamp you’d see in the main foyer of a Japanese tentacle demon’s house, assuming they had houses (which they don’t) and used chandeliers (which they also don’t). This lamp is not so much a source of illumination as it is a tribute to Legend of the Overfiend and La Blue Girl wrought in extruded glass and electricity. This lamp is the stuff of nightmares, or perhaps of erotic dreams if Hentai tentacoo wape is your thing. Merely sleeping under this lamp opens a doorway to Realms Beyond, filled with unspeakable horrors desiring to do unspeakable things to nubile flesh.

I think I want it.

Dreaming of Kinky Sex and Computer Security

Posted on by
30

These days I’ve been working rather a lot more than I’d really prefer to, and been dealing with rather a lot more stress than I might be wanting, so I haven’t been sleeping well.

When I do sleep well, I rarely remember my dreams, and those I do remember are fairly prosaic, like trying to catch the bus and then realizing as I’m running down the street that I’m in my underwear, that sort of thing.

When I’m stressed and sleeping poorly, on the other hand…

Jenna Jameson, leet computer hacker and hardware wizard extraordinaireWhen I’m stressed and sleeping poorly, my dreams are vivid, complex, and bizarre. Like the one last night, which involved Jenna Jameson, my sweetie joreth, lolitasir, an unsecured fiber optic junction box, a BDSM convention, two other unnamed porn stars, a set of railroad tracks, a disposable Bic pen, a laser pointer, a fishing tackle box full of needles, Walgreen’s drug store, and group sex.

And to be quite honest, I don’t even really know who Jenna Jameson is, other than she either does or did at one time do porn. I didn’t even know what she looks like ’til I Googled her just now. Apparently, that’s her there on the left.

As far as my subconscious mind is concerned, she’s a computer hacker with mad leet skillz.

But maybe I should back up a little.

The dream started simply enough–joreth and I driving together to a BDSM convention. The thing about dreams is that the laws of physical reality don’t apply; within the dream world, I can become other characters, ignore laws of physics, change my shape, become invisible, fly through a tie-dyed sky, all manner of things.

Some things are universal constants, inviolate even in the realm of dreams. One of those is that I have a lousy sense of direction.

So naturally we got lost on the way to the convention–so lost that at one point I decided the only way to find the hotel was to drive along the train tracks to get there. There was, you see, a train station right in front of the place–and happily, we arrived at the same time the train did. I parked behind the train, it disgorged a carload of porn stars and the computer hacker Ms. Jameson, and we went inside…

…to discover the hotel was sold out.

But no matter! The porn stars and Ms. Jameson invited us to stay in their room.

We followed them up to the room, and Cut for kinky imaginary sex and computer trespass

Dreaming of Transhumanism Remixes

Posted on by
56

Last night, I had a very long, incredibly detailed, and incredibly high resolution dream about Battlestar: Galactica.

Well, kinda sorta.

This isn’t actually a post about BSG, though the show is definitely a springboard for it. I liked the show a great deal, but in truth didn’t much care for the take-away lesson from the last episode, which cut for spoilers, which you don’t really need to read to get the rest of this post

It’s a whacky, whacky world…

Posted on by
Reply

So today the charming stranger who gave me candy at Frolicon has put me in her Web comic. Woot! Now my roommate the-no-lj-d and I have both been immportalized in Web comics for things that happened at conventions.

And, the kittycat Liam has made it on to LOLkink! (Note: That link is safe for work; the rest of LOLkink most definitely is not.