Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

Who Do You Trust?

The late Johnny Carson used to host a television show titled Who Do You Trust? If there are any English teachers reading this, they know it should have been “Whom Do You Trust,” but why quibble? I bring up this trip down memory lane because if there is anyone people do trust, it is FBI director Robert Mueller. Consequently, when you receive an e-mail from him endorsing the legitimacy of a particular lottery or notifying you of a possible inheritance, you might be considering trusting the e-mail. Don’t. Despite the fact that the e-mails look quite official, with photographs of Director Mueller, the FBI seal, and other legitimate-looking trappings, the e-mails are always scams. Sometimes they ask for personal information for various reasons and sometimes they provide links for you to click on.

AOL Scam

In a phishing case brought by the FTC and the Justice Department, it was alleged that Zachary Keith Hill sent out e-mails to consumers that looked as though they were from America Online. The e-mail address of the sender indicated that it was from the billing center or account department, and the subject line contained a warning such as “AOL Billing Error Please Read Enclosed Email” or “Please Update Account Information Urgent.” The e-mail itself warned the victim that if he or she did not respond to the e-mail, his or her account would be canceled. The e-mail also contained a hyperlink to send unwary consumers to a Web page that looked like an AOL Billing Center. But it was a phony Web page operated by Hill. At the Web page, the victim was prompted to provide information such as Social Security number, bank account numbers, and bank routing numbers, as well as other information. Hill, in turn, used this information to facilitate identity theft. The FTC eventually settled its charges against Hill, who agreed to refrain from ever sending e-mail spam or setting up fictitious and misleading Web sites. As with just about all FTC settlements, Hill did not admit to violating the law, but he did promise not to do it again.

Phishing with a Large Net

The Phishing Attack Trends Report is published monthly online at www.antiphishing.org by the Anti-Phishing Working Group, an organization dedicated to eliminating identity theft resulting from phishing. A recent monthly report stated that the companies most often imitated by phony phishing Web sites were eBay, Citibank, AOL, and PayPal.

Phishing Around the World

In an effort to clean up its own house, EarthLink, the Internet access provider, went on a phishing expedition, trying to trace the purveyors of phony phishing schemes, and what they found was both startling and disturbing. Many of the phishing scams they were able to track originated in e-mails from around the world, particularly Russia, Romania, other Eastern European countries, and Asia. In Romania, Dan Marius Stefan was convicted of stealing almost half a million dollars through a phishing scam and sentenced to 30 months in prison.

For every computer geek or small-time phisher, such as convicted identity thief Helen Carr, who used phony e-mail messages purporting to be from AOL to steal people’s money, it appears that more sophisticated organized crime phishing rings are popping up, posing a serious threat to computer users. This presents a growing problem for law enforcement.

  • + Share This
  • 🔖 Save To Your Account