Fake Ticket Offer Targeting Cricket World Cup 2011

The most awaited tournament for cricket lovers, the ICC World Cup 2011, begins on February 19, 2011. The ICC World Cup is being played in the Indian subcontinent, and the country’s cricket-crazy population is all set to get hold of World Cup tick…

The most awaited tournament for cricket lovers, the ICC World Cup 2011, begins on February 19, 2011. The ICC World Cup is being played in the Indian subcontinent, and the country’s cricket-crazy population is all set to get hold of World Cup tickets in every possible way—all to witness and experience live international cricket in action. Since this is a hugely followed international sporting event across the world, Symantec has anticipated spam attacks and other Internet threats related to the event. As expected, we are observing World Cup spam in the Symantec Probe Network.

The spam message invites users to attend the final game of World Cup 2011 in Mumbai, India. The invite offers multiple executive club facilities such as a private table, a gourmet champagne brunch, and much more for 10 guests. This may sound like an attractive deal; however, it is simply bait for Internet users/cricket fans who are keen to be a part of the World Cup Final and experience the thrill.

Below are some examples of the spam messages:

Subject: 2011 Cricket World Cup Final

Subject: Experience Cricket World Cup Final

In the past, we have observed spam and phishing attacks targeting cricket events such as the Indian Premier League (IPL) and T20 World Cup. The countdown to this event has begun and we expect to see more sophisticated spam and phishing attacks related to the World Cup. Perhaps the sinister spam attacks will contain attachments that intend to distribute malware using fake video files purportedly showing highlights of the games.

Although World Cup tickets are in high demand, the supply should always be from a legitimate source. Users are advised to refrain from clicking on such mails and opening attachments unless they are from authorized or official sources. Websites that sell tickets and ask for financial or personal information should be protected by SSL certificates and provide visible trust marks to verify their authenticity. Offers such as these entice users to join in on the spirit of the 2011 World Cup games, but the spammers are the only winners.

3D Secure Passwords for Recharging Mobile Airtime

Phishers are known for developing different strategies with the motive of duping users into believing that the phishing site is authentic and secure. Phishing sites are now seen asking for a 3D secure number.
What is 3D secure?
A 3D secure number is a …

Phishers are known for developing different strategies with the motive of duping users into believing that the phishing site is authentic and secure. Phishing sites are now seen asking for a 3D secure number.

What is 3D secure?

A 3D secure number is a password that is only known to the bank and the buyer. In other words, during an online transaction, the merchant in question does not know this number. This number is essentially an additional password given separately to card holders specifically for the safety of online transactions.

Many online transactions typically involve the use of credit/debit card numbers and the number on the back of the card. If anyone happens to see the card and copies or writes down these numbers found on the card, the card holder would be at risk of having his or her money stolen in online transactions. The use of a 3D secure password prevents such a risk, as it is a number not present anywhere on the card. The fact that the card numbers are entered by the owner of the card helps in authenticating.

A 3D secure number reduces the risk in a situation where the card numbers are copied by other people. However, if the 3D secure number itself is given away by the user to a phishing site, the user’s money would still be at risk. Phishers are well aware of this and so prompt users to enter their 3D secure number along with other card details in phishing sites.

Recently, one such example was observed where the phishing site prompted the user for credit card details and their 3D secure number for an online transaction. The bait was mobile phone airtime purchased online. The phishing site targeted customers in Turkey and the phishing pages were in Turkish. Also, the credit card details requested were of banks based in Turkey. The required information was the mobile phone number, amount of mobile phone airtime to be recharged, name of the bank, card holder’s name, credit card number, expiration date, CVV, and 3D secure password. To increase the appeal, the phishing page offered customers of two particular banks  gifts worth $10 for every $20 purchased. Upon entering the information, the user was redirected to a page on the phishing site that asked for more user information.

The information asked in the second phishing page consisted of mother’s maiden name, card holder’s date of birth, customer or account number and password. The phishing page claimed that upon clicking the button at the bottom of the page, a password would be sent as an SMS to the user’s mobile phone. The user was warned that if incomplete information was entered, the operation would be disapproved, leading to the failure of the transaction. Below this button was a message stating that 3D secure card purchases are safe for online transactions and high encryption system provides protection against unauthorized use. This statement was obviously displayed to gain the user’s confidence.

The third page of the phishing site asks for the password previously claimed to have been sent to the user by SMS. The phishing page also notifies the user that the SMS may take one to five minutes to reach the user and requests that the page not be closed. Of course, this is just a ploy and the user wouldn’t have actually receive any password.

The phishing URL used IP domains (for example, domains like http://255.255.255.255). The phishing site was hosted on servers based in Orlando, USA.

Internet users are advised to follow best practices to avoid phishing attacks, such as:

•    Do not click on suspicious links in email messages.   

•    Avoid providing any personal information when answering an email.

•    Never enter personal information in a pop-up screen.

•    Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.

 

Thanks to the co-author of the blog, Avdhoot Patil.

FCC Net Neutrality is a Regulatory ‘Trojan Horse,’ EFF Says

The Federal Communications Commission’s net-neutrality decision opens the FCC to “boundless authority to regulate the internet for whatever it sees fit,” the Electronic Frontier Foundation is warning.
The civil rights group says the FCC’s action in December, which was based on shaky legal authority, creates a paradox of epic proportions. The EFF favors net neutrality but […]

The Federal Communications Commission’s net-neutrality decision opens the FCC to “boundless authority to regulate the internet for whatever it sees fit,” the Electronic Frontier Foundation is warning.

The civil rights group says the FCC’s action in December, which was based on shaky legal authority, creates a paradox of epic proportions. The EFF favors net neutrality but worries whether the means justify the ends.

“We’re wholly in favor of net neutrality in practice, but a finding of ancillary jurisdiction here would give the FCC pretty much boundless authority to regulate the internet for whatever it sees fit. And that kind of unrestrained authority makes us nervous about follow-on initiatives like broadcast flags and indecency campaigns,” Abigail Phillips, an EFF staff attorney, wrote on the group’s blog Thursday.

And the paradox grows.

In a Friday telephone interview, Phillips was unclear how to solve the problem. What about an act of Congress? How about reclassifying broadband to narrow the FCC’s control if it?

“I’m not sure what I think the right solution is,” she answered.

The agency’s December action has already been attacked on multiple fronts, including two lawsuits.

One side of the debate has focused on claims the FCC overstepped its authority by adopting the principle that wireline carriers treat all internet traffic the same. A chorus of others complain that the FCC wimped out and didn’t go far enough when it comes to wireless carriers.

And the entire debate is littered with competing interests, including the mobile-phone carriers, internet service providers, private enterprise, developers, Congress and, last but not least, the public.

“In general, we think arguments that regulating the internet is ‘ancillary’ to some other regulatory authority that the FCC has been granted just don’t have sufficient limitations to stop bad FCC behavior in the future and create the ‘Trojan horse’ risk we have long warned about,” Phillips said.

But who can be trusted in this debate?

The answer opens Pandora’s box.

Photo: gillianchicago/Flickr

See Also:

Times Editor Alarmed By Prospect of WikiLeaks Prosecution

NEW YORK — New York Times executive editor Bill Keller may not regard Julian Assange as a journalistic peer, but he made clear Thursday that he doesn’t think the WikiLeaks founder should face criminal prosecution in the United States.
Keller joined his counterpart from Britain’s Guardian newspaper and a prominent Harvard Law School professor on a […]

NEW YORK — New York Times executive editor Bill Keller may not regard Julian Assange as a journalistic peer, but he made clear Thursday that he doesn’t think the WikiLeaks founder should face criminal prosecution in the United States.

Keller joined his counterpart from Britain’s Guardian newspaper and a prominent Harvard Law School professor on a panel at Columbia University to discuss WikiLeaks, the secret-spilling website that has been publishing U.S. diplomatic cables and battlefield reports from Iraq and Afghanistan.

“It’s very hard to conceive of a prosecution of Julian Assange that wouldn’t stretch the law in a way that would be applicable to us,” said Keller. “Whatever one thinks of Julian Assange, certainly American journalists, and other journalists, should feel a sense of alarm at any legal action that tends to punish Assange for doing essentially what journalists do. That is to say, any use of the law to criminalize the publication of secrets.”

Since last year, when WikiLeaks published vivid footage of a U.S. helicopter shooting people — including two Reuters employees — in Baghdad, the site has become a flashpoint in a rancorous debate over national security, free speech, and journalism.

The Guardian and The Times worked with Assange to release some of the material in their publications, as did Le Monde in France, and Der Spiegel in Germany. Keller tapped several of his most seasoned reporters to pore over the documents, decide what was newsworthy, and redact information that could put lives in jeopardy.

U.S. Attorney General Eric Holder has said the government is investigating the breach, and many politicians have called for Assange, who is currently in London, to be brought to the U.S. and put on trial.

So far only one person has been arrested over the leak, a 23-year-old U.S. Army Private First Class named Bradley Manning, who is currently being held in maximum security in the Marine Corps Brig in Quantico, Virginia.

Jack Goldsmith, a Professor at Harvard Law School and former Assistant Attorney General, told panel moderator Emily Bell, the Director of the Tow Center for Digital Journalism at Columbia, that a U.S. attempt to prosecute Assange would encounter two major challenges.

First, the government could face difficulty in extraditing Assange to the U.S., Goldsmith said, because of the “political offense exception,” which might allow the U.K. to deny an extradition request.

Second, an actual prosecution of Assange would be very difficult, Goldsmith said, because no journalist has ever been successfully prosecuted in the U.S. for disclosing government secrets.

“It would be a very momentous step to bring this prosecution,” Goldsmith said. “I’d imagine there’s a great deal of discussion about the seriousness of bringing such a prosecution because of the implications for the First Amendment and the press generally.”

Goldsmith said he believes a prosecution will ultimately be mounted, but predicted it will not succeed.

Guardian editor Alan Rusbridger described Assange as a kind of hybrid entity who wears “different hats” at different times — source, entrepreneur, partner, and editor. “Assange is building the brand of Wikileaks, and good luck to him,” he added.

While Goldsmith distinguished between WikiLeaks and The New York Times as journalistic institutions, he said that WikiLeaks is “functionally equivalent to what Bill [Keller’s] dozen-or-so national security reporters do every day.”

Reporters can sometimes becomes the targets of hackers themselves.

Keller said that The Times is currently investigating suspicious activity on the email accounts of three of his journalists who had been working on the WikiLeaks project. He said the staffers had “virtually identical eruptions on their email accounts” and added that a forensic expert said the accounts were hacked. He declined to go into further detail.

Goldsmith argued that WikiLeaks should be viewed as part of a larger trend over the last decade or so, during which time the spread of the internet and the proliferation of broadband access has rocked journalism and the media business more broadly.

“This is part of a larger continuum of the digitization of information and the great difficulty the government has in keeping secrets,” Goldsmith said. “There’s going to be an arms race between the government and the media, because the government will lock itself down. And I think the government will ultimately lose that arms race.”