Friday, May 27, 2005

NEWS: Federal Operation D-Elite stop StarWars III downloads

At the FBI's website, a detailed press release was published by the Department of Justice confirming the shutdown of the EliteTorrent site as part of their efforts to clamp down on P2P copyright infringements. It did confirm that the Revenge of the Sith was indeed downloaded about 10,000 times.
See - First Criminal Enforcement Against BitTorrent Network Users

COMMENT: Be careful with websites using email addresses as UserID

According to a new report, fraudsters have develop a string of new ways to obtain information about new targets. In essence they conduct Registration Attacks where the spammers and phishers automatically run thousands of e-mail addresses through the Web site's new registration process. As some sites return messages dialogue when an e-mail address is registered with the site the attackers then is notified that the address represents a registered customer. Similarly, a similar manner can be used to test a website's Password Reminder page. By testing thousands of email addresses, the fraudster will effective succeed to locate a few members registered with the email when a message "password sent" is flashed.

From there, the fraudster then begin their targetted Phishing spam attacks. For more information about these new methods of developing a Phishing database, read the report by bluesecurity located here: Hostile Consumer Profiling

NEWS: StarWar III Revenge of the Sith's Revenge on BitTorrent hub (Part 2)

This is the website of EliteTorrent after being shutdown by the FBI for releasing copies of the movie StarWarsIII Revenge of the Sith. To see an enlarged version, click on the picture.

NEWS: StarWar III Revenge of the Sith's Revenge on BitTorrent hub

The FBI in response to the the very public and embarrasing report of pirated copies of the film being released to the public - served search warrants on Elite Torrent website. That site has since been shut down. For more information, read the report via the link below.
Feds shut down BitTorrent hub CNET News.com
.

Monday, May 23, 2005

NEWS: StarWarsIII Revenge of the Sith - downloaded 16,000 times before launch

CNET reported on 19th May that 16,000 people had already downloaded the movie through BitTorrent. What was truly surprising was that the print was leaked before the film was even released in theaters. In addition to the early leak, the unlicensed movie was time-stamped, suggesting it may have come from within the industry rather than from someone who videotaped an advance screening.

This begs the question the wisdom of the Motion Picture Association of America which spends its time and money prosecuting students and downloaders (see posts here several months ago) when it could have been better spent in also investing in better security over its prints.

In any case, this case would debunk the myth that Asia is the main problem for owners of electronic media entertainment. While there is indeed rife piracy, much of the problem that the MPAA has is very much homegrown.

See CNET - Final 'Star Wars' film leaked to the Internet

Netscape releases browser with antiphishing technology

Following the thread of the previous post, CNET reports that Netscape has released a new version 8 of their browser that has the capability to stop users from visiting reported phish sites. Using Firefox technology, Netscape's effort to deal with the immediate and growing problem of phish sites is a refreshing and welcome change in the browser war. Users who wish to download the programme can do so here.

Thursday, May 19, 2005

Screen Capture of Paypal Phish

Following on from the previous post, I visited the phish site to see how the .CN site looked like. I attach below the screen capture of the page. Click on it and you will see a larger copy to see the URL.

Notice that the URL is clearly a China domain. Normally this will be hidden. The URL was clipped from the html email and pasted on the browser. Cleverly the Phishers also used Javascripts on all the links to prevent further copying of links.

How to catch a Phish: Case Study of an attempt from China on Paypal accounts

I received this email today in my Outlook inbox. Have a look and see how cleverly it is crafted to compel recipients to click on the url.

========================================
From: PayPal [mailto:paypal@email.paypal.com]
Sent: Thursday, May 19, 2005 5:20 AM
To: Tan Soo Kiat, Harry (Assoc Prof)
Subject: You've Added an Additional Email Address !

You have added DTT_Data@earth-online.com as a new email address for your PayPal account.

If you did not authorize this change or if you need assistance with your account, please contact PayPal customer service at:https://www.paypal.com/row/wf/f=ap_login

Thank you for using PayPal!
The PayPal Team

------------------------
PROTECT YOUR PASSWORD
NEVER give your password to anyone and ONLY log in athttps://www.paypal.com/ Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Netscape) and typingin the PayPal URL every time you log in to your account.
------------------------
Please do not reply to this e-mail. Mail sent to this address cannot beanswered. For assistance, log in to your PayPal account and choose the"Help" link in the header of any page. PayPal Email ID PP107

========================================

The Phishers here managed to spoof the sender's address and in this case, Paypal - and hide the real URL link which actually links to a identical Paypal page located in China. The actual address under the Paypal link is http://mail.postmail.com.cn/dmcfg/login-data/update/secure-server/SSL/encrypted/1/index.htm

[I suggest that viewers NOT to visit the link as there may be spyware downloaded on visiting that link. I hope to screen capture the phish page for viewers to see how it looks like later]

Note how they even assuringly included a paragraph on "Protect your password"!

I strongly advise that when ever one receives email that pertains to financial accounts they should ALWAYS:
(1) Download the email as html file; and
(2) Open the file with NOTEPAD to determine the veracity of the URLs in the email as being bona fide.
(3) IF in doubt - always login directly into your account via your brower to check any changes AND email the contact to confirm the communication. It will always be helpful for you to notify the organisation of the attempted phish.

Lets all work to keep the phishes out of our cyberstream. ;-)

Wednesday, May 18, 2005

Singapore Parliament discuss the Net Paedophile Threat

It was reported in the Singapore Straits Times on Tuesday 17th May (page 3) that the Minister for Information, Communications and the Arts, Lee Boon Yang informed parliament that in 2004, there had been eight reported cases of internet related sex cases involving victims under 16 years of age. Such statistics are disturbing as one can only guess how many offences go unreported. Nevertheless, it is most heartening that even though this problem is a difficult issue to manage properly, members of parliament nevertheless were compelled to raise their concerns publicly about how such dangerous threats should be dealt with. Parliament was assured that the laws will be enforced strictly as well as training programmes for children to deal with such threats online. Newly minted teachers will be trained to become online mentors for teenagers. It was also reported that the Ministry will also consider monitoring chatlines and other media and work with the police in prosecuting these offenders.

While such efforts cannot deter a determined paedophile (and not a solution that will sit well with everyone – especially privacy advocates) it will – as I had submitted earlier here in previous posts – cause them to think twice before they commit any sexual crimes. They will never know if the table has been turned on them in a sting by the authorities.
Site Meter