by Jen Sharp JenSharp.com The language of Internet danger he Internet spawns files for messages that include a contact page for a water system, new meaning for random text to confuse filters. The recreational activity or club. words that used to be part unnecessary costs Spammer robots are created that of a different vernacular. in time, money, automatically detect an e-mail But as our culture and resources are address format from Web pages changes, passed on to users much like search engines “crawl” Tso does the in the form of sites to index them. Then, the technology higher access that gives fees. Using Where did using the term rise to new filters is only “spam” to mean unsolicited definitions – a temporary e-mail originate? and not always solution, and only The prevailing theory is that it is from the song for the better. worthwhile when they are in Monty Python's famous spam-loving vikings coupled with some of the other Spam and sketch that goes, roughly, "Spam spam spam weapons for combating spam. Filters spam, spam spam spam spam, spam spam spam Spoofing spam..." The vikings, who were sitting in a Today spam is not primarily restaraunt whose menu only included dishes the harmless yet repugnant brick A “spoof” used refer to a satire made with spam, would sing this refrain over and of chopped meat product. It is or parody. The Internet version of a over, rising in volume until it was impossible for now the scourge of the e-mail spoof is not as innocuous. One of the other characters in the sketch to converse inbox. By December 2006 spam the dangerous things about (which was, of course, a large part of the joke.) accounted for 90% of all e-mails. spammers is an ability to “steal an – from www.cybernothing.org And there’s more bad news on the identity.” They can do this even if horizon – it is predicted to get worse. Specialists The Internet spawns new meaning for words that used at the California to be part of a different vernacular. But as our culture based global IT security firm, changes, so does the technology that gives rise to new Secure Computing, predict that the definitions – and not always for the better. volume will fraudster spoofs your e-mail increase to 97% no personal information is given address and uses it as the “Return- by December out. Let’s say a user has an e-mail Path” for their spam e-mails. Any 2007! address on a Web site, on a return path can be used by simply Jen Sharp Like the oil changing a user’s e-mail account JenSharp.com filter on a car, settings. It doesn’t even have to be spam filters work similarly, but a valid e-mail address. It can appear they are not a stand alone solution. that any innocent Internet user is There is simply too much spam! sending out spam, even if it did Filtering means the end user, the not originate from their computer! Internet Service Provider (ISP), A somewhat effective solution and the computer system all have for this is a Javascript snippet that to work together and work harder. is placed directly into the html Yet, spam still gets through as document exactly where the e- spammers incessantly find new mail address will be displayed ways around filters. For example, (see at left.) Another solution is to spammers are now using image use an e-mail address separate
20 THE KANSAS LIFELINE March 2007 from one’s personal will redirect to the address for public use. E-mail header – complete appropriate region. Most Yahoo and Hotmail are of the time, one will find two providers of free from sender to recipient the IP address as part of a e-mail services. From KRWA Wed Jan 10 06:24:34 2007 range of numbers assigned to a company. However, Headers X-Apparently-To: [email protected] via 192.168.12.711; Wed, 10 Jan 2007 06:27:16 -0800 by looking at the range of Not the All-American X-Originating-IP: [192.168.12.711] IP addresses, an double header baseball Return-Path:
March 2007 THE KANSAS LIFELINE 21 The language of Internet danger . . .
World Regional Internet Registries
APNIC – Asia Pacific Network Information Centre www.apnic.net/apnic-bin/whois.pl Asia/Pacific Region RIPE NCC – Réseaux IP Européens Network Europe, the Middle East, Central Asia, and African Coordination Centre www.ripe.net/perl/whois countries located north of the equator ARIN – American Registry for Internet Numbers Canada, the United States, and several islands in www.arin.net/whois the Caribbean Sea and North Atlantic Ocean AfriNIC – African Regional Network Africa Region Information Centre www.apnic.net/apnic-bin/whois.pl LACNIC – Latin American and Caribbean Internet Addresses Registry http://lacnic.net/cgi-bin/lacnic/whois Latin America and some Caribbean Islands ICANN – Internet Corporation for Assigned www.icann.org & www.internic.net Global non-profit organization that oversees Names and Numbers distribution of IP addresses to RIRs
In general, these databases contain details of the networks that are using address space, not the individual users. There are two major types of whois databases. One type contains records on domain names and the other contains IP address (the numerical sequence that serves as an identifier for an Internet server) records .These are IP address databases.
Blog Posters as it is sometimes called. This will private information include lottery “Poster” used to mean a large allow the ability to look up their winners, free Web space, soliciting colorful picture or advertisement – origination information, or donations for a cause, make now it’s someone who posts on a even block their IP address from money fast claims, and chain blog. More and more Internet your site. letters. This is the “Information Age” where data is gold. users are posting to guest books, Phishing forums, newsgroups, and the Protecting personal information is No, it’s not something to do increasingly popular chronological as imperative as keeping valuables at the lake on a lazy Sunday “diary” called a blog. This means, in a safe. afternoon—Internet criminals more opportunities for spammers Users are becoming educated set up fraudulent Web sites or to flood resources and lock up a and more cautious to fraudulent solicitations by e-mail that invite site, or simply to post annoying or e-mails claiming to be a well- users to give them personal data. advertising content. known company asking for They set the bait and hook and sensitive information. So, If a Web site is maintained wait as they phish for fraudsters take it up a notch: a with a contact form, forum, unsuspecting users to believe new extension to phishing is guestbook, newsgroup, or blog, be their scam. Phishers need user vishing, where criminals use the sure to include as part of the cooperation for this to work: their Internet to call users on the phone, information gathered from posters schemes to get your sensitive their IP address, or remote name leaving them an automated
22 THE KANSAS LIFELINE March 2007 And many have thought the controls the group, much like Who to complain to: worst thing a virus could do herding cows, only it is done was to cause a cough and remotely without the user’s America Online: [email protected] fever? In the past, a hacker knowledge or permission. Any Compuserve: [email protected] goal was to write a virus user could be an involuntary Prodigy: [email protected] that would be the most spammer, a Zombie, and not know AT&T WorldNet: [email protected] destructive. Today, viruses it! It is estimated that more than Earthlink: [email protected] are being written 450,000 unique zombies appear [email protected] specifically to create a robot every day! Netcom: [email protected] network or botnet. The For others: postmaster@
What to do and what not to do. Additional online resources Do’s Don’ts Check these Web sites for additional help: • Subscribe to a blocking list or ask your • Give your e-mail address or other • http://spam.abuse.net/ ISP to do so. personal information when filling in • Install spam-reporting software or forms online unless you are confident in • http://spam.abuse.net/userhelp/howto use an automatic spam reporting service. the reputation of the company and complain.shtml How to complain! • Report spam abuse to sites like confident it’s not an imitation Web site. abuse.net that are dedicated to • Give any private sensitive data such as • www.cauce.org fighting spam. credit card numbers or social security Coalition Against Unsolicited Commercial E-mail numbers unless you are confident you • Complain to ISPs that originate and • www.spamcop.net forward the spam. are dealing with a reputable company List of Resources and not an imitator. • Things change all the time. Keep • www.windweaver.com/nospam2.htm up-to-date, educated and watch for • Never reply to spam, even if it is to send How to Report Spam suspicious activity. a “remove”request. Most spammers ignore such responses, or worse, add • www.abuse.net • Consider using a separate e-mail you to their list of validated e-mail Network Abuse Clearinghouse address for some public activities such addresses that they sell. as chat rooms or contact list on your • www.mynetwatchman.com “Spam the spammer”– this doesn’t Monitoring and reporting worm/ Web site, in order to protect your main • hacking activity address from spammers. help, wastes time, and can validate the user’s address e-mail to the • www.cybernothing.org/faqs/net-abuse-faq.html • If possible, consider setting up a filter to spammer. Spam FAQs block all e-mail unless its address is on the approved list. • Just rely on your filter, or use a manual • www.elsop.com/wrc/nospam.htm filter. This means even more time is List of Links • Write legislators and let them wasted. Filters don’t work that well, and know this is an important issue to you. spammers continue to find ways around • www.ecofuture.org/jme-mail.html List of Links Suggest they promote an ”opt-in” them. You also must act in other ways. approach vs. the current “opt-out”view.
March 2007 THE KANSAS LIFELINE 23