Following The Bouncing 419 Scam

Grok Headline matches for Following The Bouncing 419 Scam

Phishing and Bouncing

Phishing and Bouncing 09/12/2004 12:36 PM

Looks like the trick of using redirection CGIs at popular website (described in Phishing with Google) is getting popular among phishers. I just got a couple that uses AOL's redir-complex CGI at:

http://r.aol.com/cgi/redir-complex?url=whereever

Note that phishers can use not just the redirecting CGIs, but also those CGIs that use return URL as parameters.  In fact, these types of CGIs are popular among financial institutions and single-sign on services.  For example, both Passport and 3D-Secure uses them.

Bouncing Termsheets

Bouncing Termsheets 02/10/2004 02:56 AM
I’ve been hearing these stories, several times in the last month, from both here in Vancouver and down in the States, of entrepreneurs having drop-kicked a VC termsheet and walked away, on the basis of terms and/or valuation. If you don’t know what this jargon means, a crash lesson on how the VC process works. For those who do know, a few remarks on VC trends...

Bouncing Ball Games

Bouncing Ball Games 05/07/2004 05:42 PM
Resource Management System

SSH Bouncing - How to get through
firewalls easily

SSH Bouncing - How to get through
firewalls easily 09/01/2004 07:37 AM

Bouncing Baby Ryan

Bouncing Baby Ryan 03/20/2003 05:31 PM
Congratulations to Mike and Stacey on the birth of their son, Ryan! Don't expect to hear too much cooing coming from the Pirillo household anytime soon, though. Other than the... *ahem* nevermind. Why not? (1) We hardly have enough time for ourselves, let alone another human being; (2) Ain't no way I'm raisin' a kid in the city; (3) I'd have to buy yet another Webcam; (4) Diapers. 'Nuff said. (5) We've got Sprocket - and he's enough for now....

SSH Bouncing - How to get through
firewalls easily.

SSH Bouncing - How to get through
firewalls easily. 09/02/2004 10:20 AM

PC Shipments Bouncing Back

PC Shipments Bouncing Back 12/13/2003 07:07 AM
SiliconValley.Internet.com Dec 13 2003 6:26AM ET

Brand new bouncing baby bl0g

Brand new bouncing baby bl0g 07/28/2004 11:14 AM
Larry Magid, CBS radio journalist and looong time tech writer, has started a blog. It's just two posts old. And the opposite end of the rhetorical spectrum, the folks at MeThree are doing the gonzo thang blogging the Convention. Jerry Michalski recommends the Democratics adopt "light, memory and discourse" as a way of countering the Republican "Me hammer, you nail" thrum. And Micah Sifry and Nancy Watzman have an op-ed in the LA Times (reg. required) about why Big Corps are throwing parties for the Demos....

DRAM bouncing back, report says

DRAM bouncing back, report says 12/17/2003 01:17 PM
CNET Dec 17 2003 12:48PM ET

Database sales bouncing back

Database sales bouncing back 05/26/2004 06:02 PM

Scam Busters Just As Bad As Scam
Victims?

Scam Busters Just As Bad As Scam
Victims? 01/19/2004 05:05 AM
An odd article out of South Africa complaining that scam busters are just as bad as scam victims - in that they act in just as predictable a manner. Of course, the scam busters aren't the folks losing money to the scammers, and, in fact, they often are doing a good job to spread news of a scam to protect potential victims. So, I'm a bit confused as to what's so upsetting about people taking it upon themselves to tell others about a scam. Certainly, there are some things that don't deserve to be publicized, but are, due to the intensity of the efforts against them. However, scams are something that clearly should be publicized to limit the negative impact. It seems that the real complaint of the writer isn't so much scam busters, but "fad" busters who complain about people getting hooked on the latest fad. However, fads and scams are two very different things.

Study: Database sales bouncing back

Study: Database sales bouncing back 05/26/2004 06:23 PM
CNET May 26 2004 10:11PM GMT

iVoice files patent on bouncing grannies

iVoice files patent on bouncing grannies 03/23/2005 12:46 PM
From speech recognition to airbags...

Hacking Linux Exposed: SSH Bouncing--How
to Get Through Firewalls Easily

Hacking Linux Exposed: SSH Bouncing--How
to Get Through Firewalls Easily 09/01/2004 07:39 AM

Scientists Uncover Protein Key to
Bouncing Back after Pregancy

Scientists Uncover Protein Key to
Bouncing Back after Pregancy 01/26/2004 01:12 AM

City Funds Flow to Check-Bouncing
Developer (Los Angeles Times)

City Funds Flow to Check-Bouncing
Developer (Los Angeles Times) 06/14/2004 05:01 AM
Los Angeles Times - Los Angeles parks Commissioner Christopher Hammond is no ordinary deadbeat.

Scam Within A Scam Warning

Scam Within A Scam Warning 12/22/2003 07:43 PM
There have been a ton of warnings about so-called "phishing" spam scams - where a very realistic email from a well-known financial firm asks you to confirm the details of your account. Of course, the email isn't real and the scammers just want your account details. They go through all sorts of tricks to hide the fact that the email isn't real, but the latest such phishing scam uses a bit of social engineering. It warns people about such scams, and then says they need to fill out new information to avoid being taken by such a scam. It seems the scammers are trying to get increasingly clever, and it's an interesting social engineering trick to try to get people to let down their guard by first warning them about a scam - and then scamming them anyway.

Scam I am

Scam I am 04/06/2005 10:04 AM
Management consulting is a giant fraud! OK, we knew that. But what Martin Kihn reveals in his entertaining new book is just what miserable lives these know-nothing "experts" lead.

How Will They Scam Thee?

How Will They Scam Thee? 01/27/2004 02:56 PM
The FTC counts the ways consumers are hoodwinked in a new report.

Scam the scamers

Scam the scamers 12/02/2003 01:38 AM
Inspirert av Marcus sin post fra sin spam folder, søkte jeg litt på nettet og fant en hysterisk morsom site: Quatloos! som er en site for diverse e-mail scams. Spesiellt artig var denne samtalen mellom DR. ELVIS ANYIM, the Procurment...

Romancing The E-Scam

Romancing The E-Scam 12/02/2003 12:13 AM
It's fairly impressive what scammers can trick people out of. A man in Minnesota has been arrested for tricking two women out of over $300,000. He met them both in "romantic" online chat rooms, and convinced them to give him money to invest in various real estate deals that apparently didn't exist. One woman was scammed out of $36,000, but the other forked over $280,000 before she realized that the real estate deals didn't exist. So, here's the question: you meet someone in an online "romance" chat room and they start asking you for money. At what point do you stop and do a little due diligence before just sending them checks? I would think that most people wouldn't even bother to speak to the guy again, but if you can get past that, you'd at least try to find out a little more about what you were investing in. Some people apparently have too much money on their hands and don't seem to care what happens to it.

Anatomy of a 419 scam

Anatomy of a 419 scam 07/09/2004 08:31 AM
Exclusive One victim's first-hand account of advance fee fraud

Warning over net name scam

Warning over net name scam 04/28/2004 04:10 PM
BBC Apr 28 2004 7:56PM GMT

Latest Scam: Pay Us For Using @

Latest Scam: Pay Us For Using @ 08/17/2004 03:23 PM
TheRegister has picked up one of the more amusing scam emails apparently making the rounds. It's not entirely clear how much they're actually asking for (the quoted email shows a few different amounts), but those behind the scam are suggesting that they've copyright ed the "@" symbol and users need to pay (somewhere around $10 to $20) for an unlimited one-year license. The thing is... some people might actually fall for something like this.

New advance fee scam

New advance fee scam 01/05/2005 08:31 AM
Personal Computer World Jan 5 2005 12:49PM GMT

yet another new phising scam

yet another new phising scam 01/22/2004 12:45 PM
Gadi Evron (Jan 22 2004)

Scam Combines Patriot Act FUD With IE
Bug

Scam Combines Patriot Act FUD With IE
Bug 01/24/2004 06:10 PM

Backwards scam spam

Backwards scam spam 09/07/2004 07:41 PM
From: kenbergstore01@fastermail.com Subject: Sales Enquiry.............. Date: September 7, 2004 1:48:45 PM PDT To: [hidden] perl.org Hello sales, I want to order for some items from your store to my store and the shipment will be international to africa(nigeria) mail me back for the type of payment you accept and the list of items that i want.your responce is needed urgently. REGARDS, KEN. -- _______________________________________________ Get your free email from http://fastermail.com Powered by Outblaze How can anyone possible fall for...

Crackdown on internet scam

Crackdown on internet scam 07/16/2004 04:58 AM
Thisismoney.com - Fri Jul 16, 09:38 am GMT

Two Men Accused of $11M Internet Scam

Two Men Accused of $11M Internet Scam 07/05/2004 07:08 PM
BizReport.com Jul 5 2004 10:14PM GMT

Other News: Mob Phone Scam

Other News: Mob Phone Scam 02/12/2004 11:28 AM
An organized crime scam sucked $200 million out of victims' accounts via innocuous little charges on phone bills.

Microsoft e-mail an old scam

Microsoft e-mail an old scam 04/27/2004 03:58 PM
SiliconValley.com Apr 27 2004 8:09PM GMT

IRS warns of e-mail scam

IRS warns of e-mail scam 04/30/2004 09:57 PM

More Scam Victims Who Don't Believe
They've Been Scammed

More Scam Victims Who Don't Believe
They've Been Scammed 04/28/2004 11:40 AM
Last year, we wrote about a man in Florida who gave all of his money to Nigerian scammers and still refused to believe he had been conned. It seems like this is fairly common. Over in Switzerland, police tried to explain to someone why the $115,000 he had sent to Nigeria was never going to be seen again, and he refused to believe him. Despite plenty of evidence being presented to him, six months later he was found sending another $38,000 to Nigerian scammers. There's a point at which you wonder if some of these people almost deserve to lose their money.

Internet scam uncovered

Internet scam uncovered 05/03/2004 10:12 PM
Sunday Times South Africa May 4 2004 2:57AM GMT

Platypus Templates scam

Platypus Templates scam 04/15/2004 03:35 PM
Have you noticed mysterious charges on your bank statement or credit card statement from platypustemplates.com, phone number 501-635-1699? It's a scam; here are the details. (236 words)

Web of guilt in Google scam

Web of guilt in Google scam 05/18/2004 04:43 AM
New York Daily News May 18 2004 8:39AM GMT

U.S. Acts to End Web-Site Tax Scam

U.S. Acts to End Web-Site Tax Scam 04/14/2004 10:37 PM
Washington Post Apr 15 2004 2:28AM GMT

Other News: Deaf Scam

Other News: Deaf Scam 04/09/2004 04:01 PM
We're *really* starting to dislike Nigeria....
Grok Description matches for Following The Bouncing 419 Scam
GrokA matches for Following The Bouncing 419 Scam

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams

Anti-Phishing Toolbar Available. How to
Avoid Bank and Ebay Phishing Scams 12/30/2004 07:54 PM
Tech-Recipes Dec 30 2004 11:09PM GMT

Panda Warns Against Phishing Fraud

Panda Warns Against Phishing Fraud 04/08/2005 03:24 PM
TechTree Apr 8 2005 7:52PM GMT

PhishGuard Launches Free Service to
Combat Internet "Phishing" and
"Spoofing" Scams

PhishGuard Launches Free Service to
Combat Internet "Phishing" and
"Spoofing" Scams 09/24/2004 03:13 AM
PhishGuard Corporation today launched their FREE anti-phishing service to detect and disable Internet "phishing" and "spoofing" attacks. PhishGuard utilizes the collective observations of Internet users plus a very rapid submission and distribution system to short-circuit new scams. [PRWEB Sep 24, 2004]

Some 1.78 million US victims of
"phishing" fraud: survey (AFP)

Some 1.78 million US victims of
"phishing" fraud: survey (AFP) 05/06/2004 05:18 PM
AFP - Some 57 million US Internet users have received e-mails luring them to fake websites in an effort to obtain bank or credit card information, a survey showed.

How Criminals are Phishing to Commit
Identity Theft and Fraud

How Criminals are Phishing to Commit
Identity Theft and Fraud 05/31/2004 01:51 PM
Phishing is a technique that criminals use to commit identity theft and fraud. CreditGUARD of America, a non-profit credit counseling agency, explains how to spot phishing and protect yourself from identity theft. [PRWEB May 31, 2004]

Indian call center workers charged with
Citibank fraud

Indian call center workers charged with
Citibank fraud 04/07/2005 07:44 AM
Former employees of a call center in Pune, India, were arrested this week on charges of defrauding four account holders in New York of Citibank, a subsidiary of Citigroup, to the tune of $300,000, according to a police official in Pune.

Gone Phishing

Gone Phishing 01/25/2004 09:50 PM

Phishing for the end

Phishing for the end 08/17/2004 04:56 PM
"This site was created with one goal; to create the most comprehensive online archive of information and digital photos of the Coventry Vermont Phish show, August 14th and 15th 2004." Seems odd to think folks went to the trouble of dedicating an entire website to just a single concert, until you learn it was the very last one for Phish.

The future of phishing

The future of phishing 04/29/2004 10:42 AM
vnunet.com Apr 29 2004 2:09PM GMT

Phishing on the rise in U.S

Phishing on the rise in U.S 06/15/2004 02:57 PM
ZDNet Jun 15 2004 5:56PM GMT

IE bug provides phishing tool

IE bug provides phishing tool 12/10/2003 05:50 AM
ZDNet UK Dec 10 2003 5:09AM ET

eBay Goes Phishing

eBay Goes Phishing 01/03/2005 12:35 PM
The popular online auction site rolls out a new approach in tackling account hackers: cut bait.

Phishing behind Google

Phishing behind Google 08/28/2004 01:03 AM

I just received a phishing email purporting to be from PayPal.  No surprise there since I get many of them everyday, but I looked closer at this one because it looked very professionally done.  I looked at the raw message and found this odd link:

This particular phisher is bouncing off Google to hide itself from domain name-based phishing detectors and scanners.  Clever.  Clicking on the link will open a browser to Google's URL search CGI which will automatically redirect the browser to the phishing site at IP address 209.152.181.10.  This trick will bypass phishing detectors that examines only the domain name part of a URL to see if it looks suspicious.

So the lesson here for security developers is to look at all the parameters and to keep track of oh-so-helpful redirectors like Google.  Also, website developers should keep in mind that helpful service is helpful to all, including the bad guys, and they might become an unwitting partner in crime.  For lawyers, it's a new source of income concern.

Political Phishing

Political Phishing 08/03/2004 12:32 PM
It's election season, and that means that, just like with all the other news-sensitive scams, phishers are getting political. The latest is a phishing email that simply copied a donation request from the John Kerry campaign, but changed the link to a fake site. Of course, the folks behind the scam made one very stupid mistake: remotely using an image hosted on the Kerry website -- which was quickly changed by the campaign to explain that the site was a scam (though, it's likely this confused some people -- hopefully enough to stop them from donating). Still, it's likely that the next version won't make the same mistake. With the success phishing emails have had lately, and the fervor with which people seem to be donating to campaigns, an awful lot of cash supposedly going to campaigns is going to be making criminals wealthy.

War Against Phishing Continues

War Against Phishing Continues 03/14/2005 04:32 PM
Phishers and other online scammers are well ahead of law enforcement officials and security experts right now in terms of techniques and tactics.

Do-it-yourself phishing kits appear on
web

Do-it-yourself phishing kits appear on
web 08/21/2004 04:39 PM
Personal Computer World Aug 21 2004 8:48PM GMT

Phishing for Opera (GM#007-OP)

Phishing for Opera (GM#007-OP) 06/03/2004 12:03 PM
GreyMagic Software (Jun 03 2004)

DIY phishing kits hit the Net

DIY phishing kits hit the Net 08/19/2004 05:48 AM
My little fraudster

Phishing con hijacks browser bar

Phishing con hijacks browser bar 04/09/2004 03:55 PM
A new phishing scam uses a sophisticated trick to con people into handing over personal details.

Hacking and phishing soars in May

Hacking and phishing soars in May 06/22/2005 02:05 AM

Gmail gets phishing protection

Gmail gets phishing protection 04/04/2005 12:34 AM
ZDNet Australia Apr 4 2005 4:27AM GMT

Fighting back against phishing

Fighting back against phishing 04/11/2005 05:06 PM
In the past year, attacks have grown in volume and sophistication, but online merchants are on the offensive with consumer education and new authentication tools.

Phishing Blacklist Thoughts

Phishing Blacklist Thoughts 04/17/2004 05:47 PM

These are some of the thoughts I had recently about phishing blacklists which is going to play a major role against phishing in the near future.

1. False reports can be submitted by phishers and pranksters.  To prevent this, anonymous reports should not be allowed.  Unfortunately, the user is not likely to be logged in when a report is made.  Solution is to queue the report until the reporting user successfully logs in.  Once the user is identified and associated with the report, filters and weights can be applied to rate the report.
   
   Queueing reports with client-software is no problem.  For server-side only, file the report under a cookie which can be claimed when the user logs in.  Unclaimed reports are removed after a time limit.
    
2. Maintenance, particularly the removal of entries, will be a big headache as domains are reused and websites are cleaned up.  Current maintainers are not equipped to handle this properly IMHO.
    
3. Companies should also be able to prevent some domain names from being reused independent of domain name registrars.  Ultimately, domain name registrars and blacklist maintainers will have to work things out.  This will likely lead to registrars taking over maintenance of blacklists and extending the service to provide 'howis', 'whatis', and 'whereis' information as well as 'whois'.
    
4. Beyond correlating reports, suspected URLs can be crawled to a) see if it is indeed a phishing site, b) warn the phisher into running and thus abandoning the phishing site, and possibly c) spoofback bogus information.

No relief from Microsoft phishing bug

No relief from Microsoft phishing bug 01/16/2004 10:57 AM

Microsoft's Phishing Expedition

Microsoft's Phishing Expedition 04/01/2005 09:38 AM
CBS News Apr 1 2005 1:36PM GMT

Phishing to cost SA millions'

Phishing to cost SA millions' 05/18/2004 10:36 PM
Sunday Times South Africa May 19 2004 2:49AM GMT

Phishing Dips into Yahoo IM

Phishing Dips into Yahoo IM 03/25/2005 09:19 PM
eWeek Mar 26 2005 1:33AM GMT

Lawmakers: Phishing season is over

Lawmakers: Phishing season is over 07/15/2004 10:11 AM
ZDNet Jul 15 2004 2:15PM GMT

Phishing on rise: Study

Phishing on rise: Study 06/15/2004 04:42 PM
globetechnology.com Jun 15 2004 9:27PM GMT

Following The Bouncing 419 Scam

The following phrases have been identified by the grok system as matching this entry: atm phishing fraud bank combat citibank carmax phishing