Websites

Free Email Services – they can be useful!

Sooooo I went to the ZZN.com website, a free email service provider – it’s been around for years and does not seem to be going anywhere soon – and created a SCAMDEX.ZZN.COM email service – so you can go there and get a mystoopidname@scamdex.zzn.com email address to use and abuse as you wish.

Great if you want to contact someone but don’t want the relationship to continue…. not sure if you’re being scammed? create a new email address, give that out and if it all turns cruddy, just walk away. The accounts are removed after 30 days of no-use so you can forget all about it.

Beloved of scammers the world over (and especially popular in some of the more western partsof the African subcontinent), the free email address allows the freedom to communicate with no strings attached. it’s nice to be able to put it to a new use. (kind of like a disposable razor).

Anywa, go ahead, get a new email address – don’t go sending any 5 megapixel photos there though, it’s only got 3MB quota!

One word of warning – ZZN are quite happy to pass on details to law enforcement officials so no scamming please!

… From CPanel to …. what??

I am an old Unix dude, I have installed more different versions of Unix than most people – Everything from Sco Xenix/286 thru to Centos5.2 and I don’t usually have much problems – but as time wears on, my brainDisk is starting to squeal and it’s not as fast at random access as it used to be so I was really happy when I rented a server with Cpanel/WHM installed on it.
For those who don’t know, Cpanel is the web-based interface to everything you will never learn on a Unix server – plus, the WHM super system allows you to carve off a chunk and sell it or give it away to your pals, reasonably confident that they won’t/can’t screw it up.
Add in virtual web/mail/log server management and lots of useful pre-installed tools and you have a system where you rarely have to get your hands dirty under the #hood.

Well, I love Cpanel now and I have grown to rely on it (curses!) so when it comes to creating my own server, so I can save money on a dedicated one I find I need it to get things done (and my old stuff transferred.

The problem with CP is that it costs $$money. between $30 and $48/month. and. I. just. don’t. want. to. pay. that. any. more….. so….

Piracy is out – mainly because you need to register the license with CP and also because that’s bad!:'(

Perhaps I could install it, setup my system the way I want and then after a month or so, hand it back??

well, no apparently – most people (Including themselves) seem to be of the opinion that to uninstall CP, you should really re-install Linux…. kind of defeats my object here!

so…. alternatives, anyone?

There are a few – some other commercial (pay $$ for) such as DirectAdmin and some Public Domain ones (Web-CP, WebMin/VirtualMin). So I started evaluating these free Cpanel Alternatives ….

1. WebMin/VirtualMin

Looks like it will do the job – only one of the alts that I’ve heard of and actually used before. Installs easily enough and looks nice – has a fine range of functionality but what lets it down is it’s non-simplicity. Cpanel’s approach is to show you a bunch of things that you may want to do and asks sensible questions (with usually relevant tooltips close by) so help you accomplish your requirements.  WebMin takes the ‘I’ll help you to write the configuration files correctly’ approach – you really have to know what you’re doing and in a lot of cases, the input fields are just blank with no clue as to what to put there.

WebMin Configuring Backup Example Screenshot

WebMin Configuring Backup Example Screenshot

This probably highlights the major difference between CPanel/WHM and the rest of the Server Admin systems out there – CP/WHM does some pretty radical things to your server when you install it and this is why it’s so hard to uninstall. The other systems kind of leave things as they are and just act as configuration helpers. As an example, see the two screenshots of the ‘backup’ functions.

Cpanel Domain Owner Backup Page

Cpanel Domain Owner Backup Page

2. Web-CP

Much, much, harder to install and harder to find the installation instructions too. but seems pretty good so far.

I had problems with the PHP startup scripts being written with DOS line endings which confused the life out of me for a while until I found it.  Still not able to start the system up but suspect it’s something to do with the line that reads:

$args = trim(next($HTTP_SERVER_VARS[“argv”]));

# Shouldn’t that just be ARGV for shell scripts?)

… I’ll continue and let you know how I get on.

US-CERT Re-Issues Warning about Shopping Online

This is a notice that you should send to your family and friends, (especially the ‘silver surfers’) and maybe even stick on the ‘fridge door and on the side of your monitor, just so you remember. Help make this a Scam-Free Christmas!

US-CERT Issues Warning about Cyber Shopping

Online shopping has become a popular way to purchase items without the hassles of traffic and crowds. However, the Internet has unique risks, so it is important to take steps to protect yourself when shopping online.

Why do online shoppers have to take special precautions?

The Internet offers a convenience that is not available from any other shopping outlet. From the comfort of your home, you can search for items from countless vendors, compare prices with a few simple mouse clicks, and make purchases without waiting in line. However, the Internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers.  Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else.

How do attackers target online shoppers?

There are three common ways that attackers can take advantage of online shoppers:

  • Targeting vulnerable computers – If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases.
  • Creating fraudulent sites and email messages – Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious web sites that mimic legitimate ones or create email messages that appear to have been sent from a legitimate source. Charities may also be misrepresented in this way, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.
  • Intercepting insecure transactions – If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted.

How can you protect yourself?

  • Use and maintain anti-virus software, a firewall, and anti-spyware software – Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall (see Understanding Anti-Virus Software and Understanding Firewalls for more information). Make sure to keep your virus definitions up to date. Spyware or adware hidden in software programs may also give attackers access to your data, so use a legitimate anti-spyware program to scan your computer and remove any of these files.
  • Keep software, particularly your web browser, up to date – Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Evaluate your software’s settings – The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. It is especially important to check the settings for software that connects to the Internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need.
  • Do business with reputable vendors – Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information . Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.
  • Take advantage of security features – Passwords and other security features add layers of protection if used appropriately.
  • Be wary of emails requesting information – Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information . Legitimate businesses will not solicit this type of information through email.
  • Check privacy policies – Before providing personal or financial information, check the web site’s privacy policy. Make sure you understand how your information will be stored and used.
  • Make sure your information is being encrypted – Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with “https:” instead of “http:” and a lock icon in the bottom right corner of the window.
  • Use a credit card – Unlike debit cards, credit cards may have a limit on the monetary amount you will be responsible for paying if your information is stolen and used by someone else. You can
    further minimize damage by using a single credit card with a low credit line for all of your online purchases.
  • Check your statements – Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.

This document can also be found at  on the US-CERT Website, HERE

Two REALLY good reasons to use FireFox as your web browser…

I know I keep banging  on about this, but one of the easiest and cheapest ways to protect yourself from online scams and phishing is simple: Change your Web Browser!

Here are two really good reasons why you should use FireFox to surf the web instead of the ubiquitous Internet Explorer.

Firefox includes strict anti-phishing and anti-malware measures and it’s open source so it has thousands of security experts around the globe working around the clock to keep you (and your personal information) safe.

1. Anti-Malware

Firefox 3 protects you from viruses, worms, trojan horses and spyware. If you accidentally access an attack site, you’ll receive a full-sized browser message as a warning. A continuously updated list of attack-sites tells us when to stop you from browsing, so there’s nothing for you to update or maintain.

Anti Malware Warning in FireFox

Anti Malware Warning in FireFox

2. Anti-Phishing

Shop and do business safely on the Internet. Firefox gets a fresh update of web forgery sites 48 times in a day, so if you try to visit a fraudulent site that’s pretending to be a site you trust (like your bank), a browser message—big as life—will stop you.

DNS (whassat?) it’s a great tool against Scammers!

The DNS Route to Scam Protection Online.

When you type in ‘www.scammingsite.com’ on your browser, a lookup is performed to translate the domain name into a unique address (IP Address) that all networked computers understand and which contains the path to the right server. Good people like those at SEO reseller website are very good at this sort of thing if you need some help.
Use OpenDNS

Your ISP will have given you two longish ‘numbers-separated-by-dots’ (eg. 207.44.123.28) to type in to your Network Settings. These are the Domain Name Servers (DNS) that your computer will use whenever you ask to go to a domain name.

Right? Well, never mind, just trust me on this one.

Wouldn’t it be great if, when you did the lookup/translate part, the result was filtered for Scams/Profanity/Pornography/Crime/Violence etc etc?

Well, by changing the DNS servers you use, you can have this great feature – for free, I may ad – and you (and your children/employees) can surf a little easier. No software to download, no subscriptions, no spam – it couldn’t be easier. Free, simple to do, free, great protection …. Use OpenDNSwhat more can I say other than if you don’t believe me, Click this button to find out why you need to change your DNS servers NOW!

(or, you can just change your DNS servers to 208.67.222.222 and 208.67.220.220 and get on with your life)

BTW, the same people who run OpenDNS.com also run an Anti-Phishing site called, amusingly, PhishTank

New Scam Email Indexing Method (again!)

It’s my third iteration on the same basic principle: take a carefully filtered and enhanced archive of 150,000 email messages and then sort, categorize and analyze them, then put them in a defanged, indexable/searchable list format so that people can browse them.

The first was a program I wrote in perl back in 2004, it was a POP sucker that connected to the mailbox, attempted to extract message parts and rewrite them as a html page. While successful, I was never happy at my efforts to disentangle nested messages and alternate body parts – this meant that a lot of emails showed up with lots of Base64 and other garbage. (eg. ScamDB_S_74.php)

The next try I had was to use a mail archive indexer program called ‘Hypermail‘. This was mostly successful at splitting messages into component parts but was still not quite flexible enough for my needs and the indexes were way too long. (eg. HYPMAIL/date.php)

So this spring, I am trying a whole new system that I rewrote in PHP, my code of choice for the decade. I am still mailbox based, mainly so that I can prune spam that has sneaked through my filters, but that may change soon.

This is how the Scamdex Engine works:

  1. Scam Emails arrive in the honeypot mailbox.
  2. Using Thunderbird with various Add-ons, I partially manually sort the scam emails into a holding mailstore and throw away the junk.
  3. A program runs nightly which:
    1. Analyses emails in the holding mailstore into one of 5 categories (419/AFF, Auctions, Jobs, Phishing, Lottery).
    2. Adds some extra Headers to the email.
    3. Moves it to the correct mailbox archive location.
    4. Runs MHONARC to create the indexed archive and html-ized emails.
    5. post-processes the MHonarc-ized pages to add a php index include file, update the (MySQL) database and  distribute the keywords  and scoring to  META and the nice little  graph widget.
    6. Our illustrious Founder
    7. err… that’s it!

It’s not pretty or fast but it works, and I can understand it. It’s easy to fix and add to. It’s annoying having to run the process every night from scratch but until I work out how to use the MHONARC system to add/delete emails from the archive, it’s all I can do. Any suggestions about how I can do this better, let me hear them!

(send to scamblog(a)o7e.net)

Dont try to scam Scamdex, Ok?

I give my cellphone number out to very few people. Friends, relatives, Scamdex-related business and the occasional on-line order, if they insist. So when I get a call, it’s normally someone I know personally or business. So I was surprised to get a call from an outfit called ‘Auction Profits LLC’ (http://www.auctionprofitsllc.com) , asking me if I want to make money with drop-shipping on eBay.

After listening to their inept spiel which seems to involve mentioning eBay and MONEY as often as possible, I asked them where they got my phone number and name. The claim was that I had placed an order with another company called ‘Online Supplier’ (http://www.onlinesupplier.com) . They knew my name, address and phone number and indicated that they had additional credit card information as well.

When I persisted, I was zapped to the supervisor who blustered about how I must have bought something from them before and, anyway, how about making some money on eBay?

He completely missed the point that I made that I run a website devoted to exposing scams (such as his) and he dropped my call. I got a weird ‘private’ call a few minutes later (2 minutes of static followed by a ‘sorry wrong number’) which I strongly suspect was them.

(more…)

Fighting the Credit Card Scammers (and the baddest countries!)

Fraudlabs are aimed at online retailers and they provide some useful services for checking that the credit card transaction you are about to approve looks ‘right’. Given a combination of IP address, shipping address and credit card identification, they will give you a clear description of why that transaction is not a good risk.

In the case of stolen credit cards, scammers use US-based drop houses as delivery addresses and the credit card they are using will almost certainly be based elsewhere and the IP address they are using for the online order is probably in one of those oh-so-fraud-friendly countries like Nigeria, Romania, Korea, Chine, etc etc etc.

It’s not foolproof – if your sister’s deadbeat husband ‘borrows’ your credit card to buy a new guitar then it’s likely not to raise any red flags – but if your credit card details get ‘lost’ by an online retailer and a chappie in South Korea suddenly wants to buy 20 ipods and have them sent to the other coast – Bingo!

Anyway, if you are interested in what they have to sell, click here and help Scamdex earn some affiliate income.

Here’s a chart that they produce showing the most Evil :() countries, this week