Netcraft reports on new techniques used by phishers to trick users into clicking on their links by making them look real. By using DNS wildcards, a DNS record will resolve all requests that are not matched by any other record. Wildcards have been helpful in "catching" misspelled e-mail addresses, for example, but are not being misused by spammers and phishers.

Netcraft reports about a recent attack on Barclays Bank using links such as: http://barclays.co.uk|snc9d8ynusktl2wpqxzn1anes89gi8z.dvdlinKs.at/pgcgc3p/

The phishers use a wildcard DNS setting at a third-party redirection
service (kickme.to) to construct the URLS. The wildcard allows the
display of URLs beginning with "barclays.co.uk," which is followed by a
portion of the URL which is encoded to obscure the actual destination domain.

The redirector at kickme.to/has.it forwards to a Barclays spoof site hosted at Pochta.ru
in Moscow. The spoof loads a page from the actual Barclays site, and
then launches a data collection form in a pop-up window from the
Russian server:

Although not necessarily DNS vulnerability, this attacks creates a hybrid of phishing-pharming attack that could be harder to detect.

Diplomats are also concerned about the global cyber crime. An account of how the U.S. government is seeking to partner with other countries’ law enforcement and help them weed out local and global cyber crime. U.S. government has some amount of power over domestic spammers, phishers, or fraudsters, but when it comes to attacks with international origin often times there is little that can be done.

”Working together globally is absolutely critical. ‘You need

local assistance in these countries to get these guys. We can’t just fly

people over there to investigate and arrest people. We have to be able to

work together."

The article goes on to describe how organized crime groups in Russia, for example, are discovering spam and other cyber fraud methods as a lucrative way to "diversify" their on-the-ground activities. There are many highly skilled technology experts in Russia who are jobless or work for little money and it is possible that these experts are "recruited" by the mafia in large numbers.

[Via Enterprise IT Planet, CT -]

Few weeks ago we reported that russian prosecutors were interested in the cheap mp3s allofMP3.com was selling. It appears that after investigation the Russian prosecutors have decided not to pursue charges because despite lack of clear licenses for most of the music, under Russian copyright law there was no violation.

Russian law was written to prevent CD and DVD piracy - copyright
infringement through a physical medium. Its online manifestation was
not something taken into account by legislators.

So it seems like as long as the songs are not distributed in any physical medium, and even though it is clear that at least some of the online songs are not licenses to be resold, allofMP3.com can continue its business. I wonder if the Russian legislature will come under fire by RIAA for leaving loopholes so big for something so important in the world of MP3 players.

[Via Register, UK -]

Global Crossing has been recognized by SpamHaus for its aggressive removal of known spam operators from its network.

"In our work we focus so much on spam villains that we seldom get the chance to highlight the industry heroes," Steve Linford, Spamhaus CEO, said in a statement. "Among networks deserving high regard in the fight against spam, Global Crossing stands out as a leader."

And they are correct - in the waves of news accounts of increasing spam, increasing phishing, increasing identity theft we sometimes forget to give credit to the folks who actually do something to stop spam.

[Via InternetNews.com -]

An editorial explains why the newly proposed Spyware legislation would not be effective.

Though CAN-SPAM has failed, Congress is using it as a model for spyware control.

The article goes on to explain how CAN-SPAM hasn’t been effective in bringing spammers to justice and hasn’t even put a dent on the amount of spam that users around the world receive. The recent conviction of Jeremy Jaynes for spamming wasn’t even under CAN-SPAM, instead if was under Virginia’s anti-spam statute. The article goes on to draw a comparison between CAN-SPAM and the new spyware legislation concluding that this anti-spyware legislation would be weak.

Although some of the premises of the article about the ineffectiveness of CAN-SPAM so far may hold a degree of credibility, it is clear that what didn’t work for spam may work for spyware because they are ‘different animals.’ Very often spyware is bundled with other software - thus making it very easy to track who is behind a particular piece of spyware.

[Via FOX News -]

A Michigan senator has made a proposal to create legislation which would require companies to notify individuals if their personal, credit or medical information were compromised. The only other state having such a requirement is California.

"This bill would require companies, who fail in the protection of
consumer information, to notify affected individuals when files have
been stolen and give them a chance to take action to protect themselves
from identity theft," Johnson [the Michigan senator introducing the bill] said.

Our readers may remember that California’s law was the reason that the major data breach at ChoicePoint was brought to public’s attention. Had California had more relaxed laws on identity theft, ChoicePoint would not have been required to report the breach and we would probably have not known about this incident.

[Via Oakland Press, MI -]