KnujOn

KnujOn (nûj-ôn)


Discuss Knujon at CastleCops Become a Premium Member
Tech Security Feeds:
cnn| fox| msnbc| zdnet| bbc| gcn| reuters| theregister|
KnujOn Press| techworld| computerworld| securityblog.itproportal| castlecops| apwg| wp securityfix| spamhaus|
first| mcafee avert labs| bankinfosecurity| dhs| cnet| contrarisk| ddanchev.blogspot| ben edelman| jonathan zdziarski|
Knujon Archives: 2007| 2006| 2005|

News - 2007 Archive

Archived 2007 News, for current news click here

Russians close to prosecuting 'Pinch' Trojan authors

December 29, 2007

Russia may soon prosecute the authors of the "Pinch" Trojan, an easy-to-use malicious software program available on the Internet that steals a variety of data. Nikolay Patrushev, who heads Russia's Federal Security Services, said earlier this week that Pinch's authors had been identified and would be taken to court, according to ablog postingby Russian security vendor Kaspersky Lab. (washingtonpost.com)


Knujon on Whatis.com

December 28, 2007

In addition to developing technical tools to address spam, research at KnujOn explores the issues that drive its creation, studying the impact on individual victims as well as the burden on the economy. The challenge that KnujOn and other anti-spam software makers face is simple: Spam works. Currently more than 90% of all global email traffic is spam, with employees in the U.S. spending about 100 hours each year dealing with spam, for a daily loss of $130 million. The loss of productivity to companies is estimated at $712 per employee, or $71 billion annually to all U.S. businesses. (searchexchange.techtarget.com)


24 hours of spam

December 27, 2007

Have you ever heard of anyone who actually wants you to send them your spam and junk mail? I know, it's crazy, but the folks at Knujon do indeed want all your spam. Why? So they can crush the criminals at the end of the money trail. You've heard me preach that everyone should have a SpamCop account. Well, now I'm emphasizing you should NOW also have a Knujon account. (ugnn.com)


Spammers target Christmas Wii buyers

December 26, 2007

Spammers are looking to dupe desperate parents hoping to buy this year's must-have present, a Nintendo Wii. UK anti-spam company ClearMyMail said that unscrupulous spammers are deliberately targeting parents with messages purporting to offer last minute deals on the console. (vnunet.com)


Virus spreads on Google's Orkut network

December 25, 2007

About 400,000 members of Google's Orkut social network have been the victims of a spam barrage spreading the W32/KutWormor virus. The virus is hidden in a spam message containing a New Year's greeting in Portuguese. Once infected the virus spreads using hidden JavaScript and Flash code by sending the same message to connected Orkut members. It also adds the victim to an Orkut community group called "Infected by Orkut Virus." (searchsecurity.techtarget.com)


Spam, Spam, Spam: Every Day, Every Hour - How Can You Fight Back?

December 24, 2007

RESEARCH TRIANGLE PARK — Perhaps the real irritation is that handling mail has become cumbersome. Upper management is about to 'go postal' over mail management issues. Screening email has become as necessary as screening calls. Just as persistent salespeople keep calling; email solicitors keep spamming. Analyst research firm reports indicate that 50 percent of all corporate email traffic is spam. This 'unsolicited' bulk email is the newest form of junk mail. And with an average of 18 such messages a day for each e-mailbox in the world, it is clearly a problem that businesses cannot ignore. (localtechwire.com)


Free Velnet.co.uk e-mail shut down by spam abuse

December 23, 2007

THE UK based firm Velnet which offered pay-as-you-go Internet, web hosting and related services, decided to discontinue its free e-mail offering due to the abuse by spammers. (theinquirer.net)


Hoax nearly cripples Big Spring computers

December 22, 2007

The Big Spring School District — its digital half, anyway — was nearly brought to its knees on Monday by Internet users from around the world. All because one of its high school students received detention. An unnamed student from Big Spring High School incited an international protest after posting a letter online that appeared to document the student had received a two-hour detention for using an unauthorized Web browser at school. Problem was, the letter had been changed, according to district officials. It was a hoax. But before the district could announce the hoax, people from across the globe bombarded district and high school offices with e-mails and phone calls. (cumberlink.com)


Governments need to muscle up and send spammers a tough message

December 21, 2007

THERE seems to be no shortage of evidence as to the magnitude of the problems attributable to spam. While estimates vary, the National Office for the Information Economy cited data estimating that 50% of all inbound business email messages are spam. Productivity loss, technical support and infrastructure costs, monetary loss at the hands of fraudulent spammers and the exposure of children to offensive or inappropriate material are some of the consequences of spam. They add up to an estimated cost of $9.5 billion to Australian businesses annually. (business.theage.com.au)


The Botnet Ecosystem: Do Botnets Need Windows?

December 20, 2007

Botnets would not exist without software vulnerabilities; this we can all agree on. The true source of the problem, however, is far from decided. As mentioned in the first part of this series, the actual blame does not completely lie with a single company's products. This installment will cover botnet motivations, client infection and survival methods, and why this problem would exist without Windows. (enterprisenetworkingplanet.com)


Botnets silently control your PC

December 19, 2007

A major form of cyber-crime today, not always well understood by computer users, is the "botnet." The word is geek-speak for "robot network." A botnet consists of a large number of computers — in one case, more than a million — that have been enslaved by a hacker and operate under his command. (He is called a "botherder" or "botmaster," and the infected computer is a "zombie.") These are then used for various illegal purposes, such as sending huge amounts of spam. The misbehavior goes on in the background so that you probably won't notice it. (washingtontimes.com)


Phishers Pinch Billions From Consumers’ Pockets

December 18, 2007

More than 3.5 million U.S. adults lost money to phishing scams and online identity theft in the 12-month period that ended in August, a 57% increase over the previous year, a Gartner fraud analyst said today. (nytimes.com)


Phishers, Spammers, and Malware Authors Clearly Consolidating

December 17, 2007

In a recent article entitled "Popular Spammers Strategies and Tactics" I emphasized on the consolidation that's been going on between phishers, spammers and malware authors for a while (ddanchev.blogspot.com)


Gartner: Victims of online phishing up nearly 40 percent in 2007

December 16, 2007

An annual study by Gartner will report that the number of consumers who were taken in by bogus online offerings increased by nearly 40 percent in 2007 over the previous year. (scmagazineus.com)


Banks told to 'do their bit' to fight phishing attacks

December 15, 2007

New Zealand banks could protect customers from phishing attacks by making a simple change to their internet address protocols at little or no cost, says Thom Hooker, director of operations at SMX, an Auckland based anti-spam and anti-virus email service provider. (computerworld.co.nz)


Cracking open the cybercrime economy

December 14, 2007

"Over the years, the criminal elements, the ones who are making money, making millions out of all this online crime, are just getting stronger and stronger. I don't think we are really winning this war." (news.com)


Taking down spammers: Successful spam fighting via legalization, regulation and economics

December 13, 2007

Guest post: Gadi Evron is Security Architect for Afilias global registry services and recognized globally for his work and leadership in Internet security operations. He is the founder of the Zero-Day Emergency Response Team (ZERT), organizes and chairs worldwide conferences, working groups and task forces. He is considered an expert on corporate security and counterespionage, botnets, e-fraud and phishing. (blogs.zdnet.com)


Americans Ingested Too Much Holiday E-Mail Spam, Survey Finds

December 12, 2007

Symantec also sees spammers trying new techniques, such as spamming via bot-net, audio and video spam, and spamming using protocols for IM, SMS, and online games. (informationweek.com)


Filtering's ding-dong fight with malicious spam

December 11, 2007

Attempts by governments and police to stop spam at its source have proved futile. But as the threat has evolved, so have the filtering techniques that help ensure spam never reaches the user, as Anthony Plewes reports. (silicon.com)


A cure for spam: Attack the cause, not the symptoms

December 10, 2007

We have been filtering e-mail for years, and today, spam accounts for anywhere from 70 percent to 90 percent of all e-mail traffic, according to the best estimates. And although there have been some successful prosecutions, laws don’t seem to be helping much. (gcn.com)


Britain's MI5: Chinese Cyberattacks Target Top Companies

December 9, 2007

The British government has openly accused China of carrying out state-sponsored espionage against vital parts of Britain's economy, including the computer systems of big banks and financial-services firms. (foxnews.com)


Hackers Break Into Top Government Research Lab

December 8, 2007

KNOXVILLE, Tenn. — The Oak Ridge National Laboratory revealed on Thursday that a "sophisticated cyber attack" over the last few weeks may have allowed personal information about thousands of lab visitors to be stolen. (foxnews.com)


New wave of digital intelligence

December 7, 2007

FROM clothes riddled with sensors to name tags that detect our moods, computing's next wave could unleash small devices that increasingly augment everyday activities with digital intelligence. (news.com.au)


Fink on spammers to get better results

December 6, 2007

As we know all-to-well, mail filtering alone has not licked the spam problem. Hardly. (blogs.computerworld.com)


Facebook issues an apology

December 5, 2007

Facebook, the popular social networking site, has ridden the hype curve up and down in recent months, reaching a low Tuesday over claims that a month-old advertising system violates members' privacy. CEO Mark Zuckerberg took a big step Wednesday toward silencing naysayers - one of whom was my own colleague Josh Quittner - when he issued a contrite apology and made a key change to the new advertising feature, dubbed Beacon. (money.cnn.com)


20bn spam buckling inboxes

December 4, 2007

Internet users in Britain get 20billion spam e-mails every day double the amount of junk mail sent a year ago. Up to 120billion spam messages are sent daily worldwide that's 20 for each person on the planet and 49 out of 50 e-mails are junk. (metro.co.uk)


Despite filters, tidal wave of spam bears down on e-mailers

December 3, 2007

SAN FRANCISCO — Why, in 2007, is spam worse than ever? Let exasperated consumers count the ways: PDF spam. MP3 spam. Pump-and-dump spam. E-card spam. It may sound like a broken record, but spam continues to do just that — break records. This year marks the first time the total number of spam e-mail messages sent worldwide, 10.8 trillion, will surpass the number of person-to-person e-mails sent, 10.5 trillion, according to market researcher IDC. (usatoday.com)


PR - Study: Equipment Industry Users Recommend Better Mobility and Anti-Spam Solutions

December 2, 2007

Peter Brockmann, President of Brockmann & Company said, "Email is a very important communications application (87%) for organizational success in the computer, network and telecom equipment industries. Email is also identified as very important in the job performance of 89% of respondents from these industries. Yet, only 20% of users are very satisfied with their email experience. Improving mobility and spam-control in this market is recommended as the most desirable improvement." ()


New Zealand Questions Top Cyber Suspect

December 1, 2007

WELLINGTON, New Zealand -- Police questioned the suspected teenage kingpin of an international cyber crime network accused of infiltrating 1.3 million computers and skimming millions of dollars from victims' bank accounts, officials said. Working with the FBI and police in the Netherlands, New Zealand police raided the home of the 18-year-old in the North Island city of Hamilton and took him into custody along with several computers, said Martin Kleintjes, head of the police electronic crime center. (washingtonpost.com)

Teen questioned in computer hacking probe (cnn.com)


Crime follows foreclosures

November 30, 2007

CLEVELAND (CNNMoney.com) -- When homeowners moved away after a wave of foreclosures in Cleveland's working-class neighborhood of Slavic Village, crime took off. (cnn.com)


Spammers turn to seasonal sob stories

November 29, 2007

As the holiday season closes in, some cyber crooks are changing their tack - and trying old fashioned sob stories to milk money from their victims. (nzherald.co.nz)


Technology key to stopping piracy

November 28, 2007

(AP) -- If the experience of the world's largest software vendor is any guide, the industry's best hope for reducing piracy rests with anti-copying technologies rather than in policing the legalistic user agreements that restrict how software can be used. (cnn.com)


12 spam research projects that might make a difference

November 27, 2007

Those who commit cybercrime know they need to stay on the cutting edge of technology to come up with new and different ways to swindle people. Luckily, the good guys are also spending time in research labs developing ways to thwart the latest tricks employed by spammers, phishers and other criminals. (computerworld.com.au)


Illegal e-mail spam from the federal government?

November 26, 2007

Identity thieves have no boundaries, you better believe that. The latest scheme aimed at getting your private information is now arriving in the form of e-mail spam purportedly from the Federal Trade Commission. (spaminspector.org)


Spammers pose as private eyes to spread malware

November 25, 2007

Commtouch, an Israeli security firm that specializes in protecting e-mail integrity, says that it has detected a new malware outbreak that is spread through e-mails claiming to be from private investigators. According to Commtouch, the e-mails tell recipients that a private investigator has been recording the recipients' phone calls and that an audio file of one of the calls is attached to the message. When unwitting recipients download the "call" to their hard drives, their computers become infected with malware. (computerworld.com.au)


'Vishing' is newest card scam Consumers bilked into revealing data

November 24, 2007

Like e-mail phishing operations, vishing also works by tricking people into handing over confidential financial account information. But instead of directing people to bogus Web sites, vishing scams instruct victims to call a phony company phone number, where they are typically directed to enter their identification numbers to rectify some fictitious problem with their accounts. (cincypost.com)


The Global Illcit Trade in Trash

November 23, 2007

SAN FRANCISCO, California (AP) -- Most Americans think they're helping the earth when they recycle their old computers, televisions and cell phones. But chances are they're contributing to a global trade in electronic trash that endangers workers and pollutes the environment overseas. (cnn.com)


Denial of Service Attack Against 911?

November 22, 2007

WATERLOO, Iowa (AP) -- A rogue cell phone is not accepting calls, but it sure likes to dial 911 operators in eastern Iowa. Operators at the Black Hawk County Consolidated Communications Center said that they received about 400 calls from the same cell phone last week and that no one seems to be on the other line. "That's it right now," said Dispatcher Chuck Hosier, as a phone rang in the background. "It will ring in, and it's an open line. Sometimes it rings in and drops off." Officials can't locate the phone but have figured out that it is an old line not currently associated with a cell phone provider. Such phones, once charged up, can still place 911 calls under Federal Communications Commission rules set in 1994. (cnn.com)


KnujOn Records 50,000th Spam Website Suspension

November 21, 2007

The fight against spam and Internet crime is moving in a different direction as Project KnujOn expands operations and broadens its reach. (prweb.com)


419 Scams Endure

November 20, 2007

Website Owners - The Next Target of 419 Scammers? (cybertopcops.blogspot.com)

419 Scammers Using Google Search to Find New Victims (cybertopcops.blogspot.com)


New delivery methods and malware payloads strengthen impact of spam surge

November 19, 2007

ENGLEWOOD, Colo. -- MX Logic, Inc., a leading managed security service provider, today predicted that spam levels will spike an additional 50 percent over current levels by the end of 2007 due to the holiday retail rush. This will represent a 200 percent increase since January of 2007. Compounding the influx, MX Logic threat research expects the Storm Worm to resurrect in the coming months as spammers utilize botnets a collection of compromised computers to hide their tracks. (darkreading.com)


Knujon spam fighting made possible by open source

November 18, 2007

Using the economics of open source to fight spam in a new way. (blogs.zdnet.com)


Thinking Ahead to Prevent Laptop Theft

November 17, 2007

Marking your laptop helps with the recovery of a stolen (or lost) laptop. Either engrave your information onto your laptop or use a tamper-resistant asset tag...Don't use an obvious laptop carrying case...Be especially mindful of distractions! A commotion in front of you means that the thief about to take your laptop is behind you. A commotion behind you means the thief is in front of you. Thieves work in pairs or groups that way, using the commotion to distract you while they steal your stuff. (tech.yahoo.com)


Why Cops Can't Catch Cybercriminals

November 16, 2007

ARLINGTON, Va. -- Computer Security Institute 2007 -- The forensics labs you see on TV might seem pretty high-tech, but in real life, most law enforcement agencies don't have access to skills and equipment like that, a top federal law enforcement officer noted this morning. (darkreading.com)


Report: China spies threaten U.S. technology

November 15, 2007

WASHINGTON (AP) -- Chinese spying in America represents the greatest threat to U.S. technology, according to a congressional advisory panel report Thursday that recommended lawmakers consider financing counterintelligence efforts meant to stop China from stealing U.S. manufacturing expertise. (ap.google.com)


Tiffany and EBay Square Off in Court

November 14, 2007

NEW YORK (AP) — A lawyer for Tiffany & Co. accused eBay Inc. on Tuesday of allowing the sale of tens of thousands of pieces of counterfeit Tiffany jewelry on its Web site; an eBay lawyer responded that Tiffany wasn't doing its share to protect customers. The arguments in U.S. District Court in Manhattan came at the start of a trial to decide whether eBay can be blamed for the sales of silver Tiffany knockoffs on its Internet site since 2003. James B. Swire, Tiffany's lawyer, said eBay "simply turned a blind eye" to the sales. Bruce Rich, eBay's lawyer, said the site has suspended hundreds of thousands of sellers who broke its rules. He blamed Tiffany for failing to protect its own trademarks by notifying eBay when it spots sales that seem suspicious. Rich said that when companies do so, eBay often stops the sales even before it can check whether they are legitimate. (ap.google.com)

Tiffany and eBay Clash Over Sales of Fake Goods (law.com)


Behind the Alicia Keys MySpace Scam

November 13, 2007

It's easy to see how visitors to Alicia Keys' MySpace page could have accidentally clicked on the wrong spot last week and gotten whisked off to a Chinese website that tried to install malicious code onto their computers. The buttons to play Keys' songs were clearly marked — and clean — but almost every other image on the site, including the full-sized background photo of the diva herself, had been hacked in such a way that merely clicking on it could infect visitors' computers with malware. So if you happened to click on Keys' bare midriff on Nov. 8, you would have been siphoned to a murky corner of cyberspace: a site that attempted to install a program that could trick you into buying fake anti-virus software, record the credit card information you used to buy it, and secretly log every other user name and password you typed into your computer as well. (time.com)


KnujOn takes the spam fight to the enemy

November 12, 2007

Project Knujon, or no junk spelled backwards, does the work that many other organizations have shied away from -- collecting and sorting through millions of spam messages submitted by the public, and then shutting down the illicit Websites. Since 2005, Project Knujon has shut down more than 50,000 fraudulent Websites. (crn.com)


Major Russian crime hub suddenly dies

November 11, 2007

One of the Internet's most notorious malware and software exploit hubs, the Russian Business Network (RBN), has suddenly gone offline. Trend Micro reports that Internet domains associated with the network went down at 7 p.m. Pacific Standard Time on Tuesday, Nov. 6 (3 a.m. GMT Wednesday, Nov. 7), taking with it a network provider accused of hosting some of the worst criminal activities the Internet has to offer, including various high-profile software exploits, voracious Trojan malware, and even hosting sites used for child porn. (washingtonpost.com)


KnujOn takes the spam fight to the enemy

November 10, 2007

“Filtering and blocking tactics are failing...It’s actually making the problem worse. Even if 90 percent of the messages are being filtered, the small percentage that aren’t keeps them in business.” (security.blogs.techtarget.com)


Antispam group targets transactions, not messages

November 9, 2007

E-mail and the spammers are the least interesting part of the problem. We want to stop the transaction, to take down those platforms from which consumers are buying fake luxury items and phony drugs -- or worse yet, having their identity stolen, (networkworld.com)


The most powerful anti-spam filter isn’t used enough

November 8, 2007

If there were any questions that the current generation of spammers and hackers have dug in for the long haul, events in the past few weeks should eliminate them. Botnet operators and spammers are continuing the evolution of their networks and techniques to ensure that their messages continue to arrive in our inboxes. (gcn.com)


Report: Al Qaeda to Launch Cyber-Attack on Nov. 11

November 7, 2007

Al Qaeda plans to launch an electronic Jihad on Nov. 11, attacking "Western, Jewish, Israeli, Muslim apostate and Shiite Web sites," according to an unconfirmed report. (foxnews.com)


The Decline of CAPTCHA

November 6, 2007

The goal of a CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, is to present a challenge that only a human can answer properly. It took a few years, but it looks like computers are getting to the point of defeating CAPTCHAs often enough to make the tests a failure. (news.yahoo.com)


Spammer jailed for two years

November 5, 2007

A 28-YEAR-OLD man from the US state of New Jersey has been jailed for more than two years by a New York judge for his part in a spamming operation that sent out millions of unsolicited emails. (news.com.au)


Foreign drug makers face few inspections

November 4, 2007

The FDA this year listed 3,249 foreign pharmaceutical manufacturers subject to its inspection -- yet the agency cannot determine whether it has ever inspected 2,133 of them, according to a Government Accountability Office report released during a House subcommittee hearing. (boston.com)


How the Malware Marketplace Works

November 3, 2007

Today's aspiring Internet crooks don't need any programming skills. They just need to know where to shop. An entire shadow economy has arisen online, with suppliers, service providers, and other middlemen ready--for a fee--to help the unethical entrepreneur. Shown here is an example of how easy it is these days to become a bot herder, someone who sets up a vast network of remote-controlled, bot-infected computers and then rents the malicious services of that zombie army to spammers and other bad guys. (pcworld.com)


Spammers use porn to get unsuspecting users to break CAPTCHA codes

November 2, 2007

In the new scam, an icon of an alluring woman suddenly appears on a Windows computer infected by a virus. After clicking on the icon, the user sees a photo of an attractive woman who vows to take off an article of clothing each time the jumble of figures next to her is entered. (foxnews.com)


Over 100 Malwares Hosted on a Single RBN IP

November 1, 2007

The never ending Russian Business Network's saga on whether or not they host malware on behalf of their customers enters in an entirely new phrase with the discovery of over 100 malwares hosted on a single IP - 81.95.149.51/ms where the directory listing indicates that the earliest binary was uploaded on 19-Sep-2006 and the most recent one on the 28-May-2007. If only was the directory listing denied we would only be speculating on such a development, and as it's obvious that it isn't sooner or later they'll simple rename the directory as they apparently did in the past from 81.95.149.51/ms21 to 81.95.149.51/ms51 and to the current state. (ddanchev.blogspot.com)


Storm Worm now just a squall: The Storm Worm botnet has been shrinking steadily and is about 10 percent of its former size.

October 31, 2007

Brandon Enright, a network security analyst at UC San Diego, has been tracking Storm since July and said that, despite the intense publicity that the network of infected computers has received, it's actually been shrinking steadily and is presently a shadow of its former self. On Saturday, he presentedhis findingsat the Toorcon hacker conference in San Diego. (washingtonpost.com)


How Ticket Brokers and Scalpers Beat the System

October 30, 2007

Sporting and entertainment venues have employed various strategies to keep mass ticket buyers from taking seats away from ordinary customers, but powerful computing and dirty tricks make it easy for brokers to get around the impediments. The only true to way to stop this is to track the transactions after and punish the mass buyers.

RMG, which is based in Pittsburgh and has 10 employees, calls its software "stealth technology that lets you hide your IP address, so you never get blocked by Ticketmaster." Court papers indicate RMG was a ticket scalper's dream come true. On one day in July, Ticketmaster court filings indicate RMG clients attempted to reserve a seat through Ticketmaster every 10 seconds. Ticketmaster says RMG clients successfully reserved seats 8,661 times on that day.(boston.com)

Ticket Brokers Busted: The court held that RMG, of Pittsburgh, violated its terms-of-use agreement with Ticketmaster by helping brokers buy large blocks of tickets—and doing so more quickly than most consumers could—thereby blocking consumers from buying tickets at list prices. The brokers would then turn around and sell the tickets for the now sold-out event at much higher prices. (eweek.com)

Ticketmaster wins injunction against broker-software firm (news.com)

Brokers snatch joy from Hannah Montana fans: Ticket brokers swooped up thousands of tickets within minutes of them becoming available online and shut out legitimate Hannah followers. Desperate fans found they would have to pay brokers $350 to $2,000 for the $63 concert tickets. (cnn.com)

'Hannah Montana' ticket debacle spotlights unscrupulous brokers (monstersandcritics.com)

eBay’s Place in the Dirty World of Ticket Scalping (eBay’s acquisition of StubHub has just been announced.) (techcrunch.com)

Some fans cry foul over ticket plan: Scalpers will use Web wiles to snap up most, they fear (rockymountainnews.com)

Online Attack Halts Rockies' Ticket Sales (aol.com)

New England Patriots Obtain Names of Internet Ticket Resellers (boston.com)

Did you miss the tickets? Blame ‘bots' (missoulian.com)


AG Seeks Information from Banks Regarding Online Phishing Scams, Asks Companies to Provide Warnings, Advice to Internet Customers

October 29, 2007

TRENTON – Attorney General Anne Milgram today called on four banks to provide information on how they are protecting customers from identity theft and related loss resulting from “phishing” – an on-line fraud gambit in which authentic-looking e-mails are used to trick recipients into giving out sensitive personal information such as credit card, bank account and Social Security numbers. (nj.gov)


So, do you really think you should buy that fake pair of Gucci sunglasses?

October 28, 2007

Groups fighting counterfeiting in Canada say it's up to all of us to put an end to the problem (thestar.com)


Bay State Co. nailed with $10M fine in HGH scandal

October 27, 2007

A company that distributed human growth hormone to "well-known athletes and entertainers" has agreed to pay a $10.5 million penalty, change its business practices and cooperate with law enforcement in ongoing investigations, federal prosecutors said Tuesday. (bostonherald.com)


Internet Naming Agency Probes Possible Corruption

October 26, 2007

NEW YORK — The Internet's key oversight agency is investigating suspicions that insider information is being used to snatch desired domain names before an individual or business can register them. (foxnews.com)


Read the latest KnujOn White Paper

October 25, 2007

Project KnujOn - October 2007(PDF)

Other press information


Music piracy site closed after U.K., Dutch raids

October 24, 2007

British and Dutch police shut down one of the world's largest sources of illegal prerelease music on Tuesday and arrested a 24-year-old man. (boston.com)


Chinese recalls causing fear

October 23, 2007

WASHINGTON --Treasury Secretary Henry Paulson said Tuesday that the recalls of tainted Chinese products were causing fear among U.S. consumers. He called on China to take bold moves to address that and other economic problems facing the two countries. (boston.com)

World Series Ticket Sales Suspended After 'Malicious Attack' Crashes Computers(foxnews.com)


Phishing's Future Scapegoats

October 22, 2007

OCTOBER 17, 2007 | Recently I got a note from an attorney who argues that companies should be held accountable when their brand or name is used to illegally get access to personal information. While I initially argued that such attacks are outside the control of companies such as Yahoo and eBay, I’ve come around to his point of view. (darkreading.com)

Spammers turn to MP3s to deliver pitches(boston.com)


Comcast Hinders Customers' Internet Traffic

October 20, 2007

NEW YORK — Comcast Corp. actively interferes with attempts by some of its high-speed Internet subscribers to share files online, a move that runs counter to the tradition of treating all types of Net traffic equally. (foxnews.com)


New England Patriots Obtain Names of Internet Ticket Resellers

October 19, 2007

Seeking to enforce their policy prohibiting ticket resales, the New England Patriots have obtained the names of 13,000 people who sold or bought the team's tickets using the online site StubHub Inc. StubHub, which is owned by eBay Inc., yesterday began notifying the 13,000 customers that their names, addresses, and phone numbers had been turned over to the Patriots following a ruling by Superior Court Judge Allan van Gestel
...
The Patriots have said that they intend to use the identities of the purchasers and sellers not only for this case, but also for its own other allegedly legitimate uses, such as canceling season tickets of 'violators' or reporting to authorities those customers that they deem to be in violation of the Massachusetts antiscalping law," van Gestel wrote. The Patriots sued StubHub last November, alleging the company was encouraging fans to resell their tickets on the website in violation of the team's policy prohibiting resales and the state's antiscalping law. StubHub countersued, alleging the Patriots were attempting to monopolize the resale of the team's tickets.
(boston.com)


Chinese interest in 3Com seen as part of larger threat

October 18, 2007

BEIJING -- Huawei Technologies Co.'s proposed deal to buy an initial 16.5% stake in 3Com Corp. also allows for the Chinese company to potentially raise its stake to a maximum of 21.5%, 3Com said in a filing to the U.S. Securities and Exchange ... (wsj.com)

A low-profile corporate approach and a reclusive founder with a military past have not stopped China's Huawei Technologies from building an international telecoms equipment business, but they could make it a bit more difficult to buy a piece of US rival 3Com. (msnbc.msn.com)

Chinese ownership of defense technology to be reviewed: 'They take into consideration any possible national security concerns' (worldnetdaily.com)
3Com Won't Share Sensitive Technology With China's Huawei (informationweek.com)

China's Cyber Attacks Signal New Battlefield Is Online (sciam.com)
Expert warns of Chinese cyber-terrorism (isria.info)
China To Use Computer Viruses As Cyberwarfare First Strike (informationweek.com)
Titan Rain - how Chinese hackers targeted Whitehall (guardian.co.uk)
China is suspected of hacking into Navy site (fcw.com)
China Faces Tough Battle Against Cyber Crimes (allheadlinenews.com)
China says it's a cyber-attack victim, not villain (reuters.com)
China denies hacking into Pentagon (cnn.com)
China prosecutes infamous computer virus makers (deccanherald.com)
Asia-Pacific cyber criminals refine tactics: report (earthtimes.org)

Unisys Blamed for China-Connected Homeland Security Hacks (dailytech.com)
FBI investigates Unisys over U.S. government hack (computerworld.com.my)

Exiled Burmese media groups report that cyber-warfare activities that hacked their sites in the past week originated in Moscow (hrw.org)
How Russia became a malware hornet's nest (searchsecurity.techtarget.com)


Yahoo accused of misleading Congress about Chinese journalist

October 17, 2007

(CNN) -- Yahoo misled Congress regarding information the Internet company gave to Chinese authorities about the journalist Shi Tao, Democratic Rep. Tom Lantos said Tuesday. Lantos, a California representative and chairman of the House Foreign Affairs Committee, asked Yahoo Inc. officials to testify about the company's role in a case that sent Chinese newspaper writer and editor Shi to prison on a 10-year sentence. (cnn.com)

Web dissent on the rise in China (bbc.co.uk)
Chinese Internet Censorship Machine Revealed (informationweek.com)
Daily reality of net censorship (bbc.co.uk)
China accused of 'locking down' the web (vnunet.com)
Big Brother is Watching China, Thanks to U.S. Tech. What Can We Do About It? (tnr.com)


Cops Solve Crimes Online

October 16, 2007

When authorities stormed Oleksiy Sharapka's Brighton home last year in search of several hundred thousand dollars in stolen merchandise, their investigation wasn't only the result of hours spent pounding the pavement. Much of the fraud case against Sharapka was built in cyberspace. As more criminals like Sharapka turn to the anonymity of the web to commit crimes, law enforcement is following - tracking their movements through cyberspace with a stealth-like precision that is winning convictions. The Internet is "like the Wild West right now," said Boston Police Detective Steve Blair, a cybercrime expert and a member of the joint task force that put Sharapka behind bars for more than 20 years. "Fraud is just rampant." (bostonnow.com)


Knujon wins Linksgiving.com Weekly Link Award

October 15, 2007

All Web sites of our user-submitted link collection are of unique interest and value. Being featured in it, that already means receiving an award from one's own visitors. In addition, in January 2002 we created the Weekly Link Award for listed Web sites that distinguish themselves for originality of concept, easiness of navigation, pleasant design, clarity and completeness of information, browser-independent accessibility, and that give visitors the sensation to really have found what they are looking for, make them feel at home and want to come back again, give a considerable contribution to the Internet community. Only a "giving" site that enphasizes those qualities, a "gemstone" in our precious collection, can win the Weekly Link Award. The prestige of the Weekly Link Award is increased by the fact that it is not possible to directly apply for it and that only a Web site a week may receive it. (linksgiving.com)


For virtual jobs, click with caution

October 14, 2007

There can be risks in posting your résumé online. And beware of listings that appear too good to be true. It's probably because they are. (startribune.com)


Shadowy Russian Firm Seen as Conduit for Cybercrime

October 13, 2007

An Internet business based in St. Petersburg has become a world hub for Web sites devoted to child pornography, spamming and identity theft, according to computer security experts. They say Russian authorities have provided little help in efforts to shut down the company. (washingtonpost.com)
Submitted by KnujOn Member


Image Only Spam - We Want It

October 12, 2007

Upload your image-only junk mail to KnujOn (knujon.com)


Lawsuits target iPhone, AT&T deal

October 11, 2007

SAN JOSE, California (AP) -- Complaints over Apple Inc.'s use restrictions and recent software update for the iPhone have erupted in two lawsuits alleging Apple and its carrier partner, AT&T Inc., engaged in illegal monopolistic behavior. (cnn.com)

NJ teen Unlocks iphone from ATT Network (boston.com)
IPhone Flaw Lets Hackers Take Over, Security Firm Says (nytimes.com)
Research trio claims the iPhone's data can be stolen and the device can even be turned into a remote surveillance tool (infoworld.com)


Online Videos Could Infect Computers With Viruses, Study Finds

October 10, 2007

ATLANTA — Online videos aren't just for bloopers and rants — some might also be conduits for malicious code that can infect your computer. As anti-spam technology improves, hackers are finding new vehicles to deliver their malicious code. And some could be embedded in online video players, according to a report on Internet threats released Tuesday by the Georgia Tech Information Security Center as it holds its annual summit. (foxnews.com)


Securities Fraud and Internet Service Providers go to Supreme Court

October 9, 2007

The justices were to hear arguments Tuesday in the securities fraud case investors brought against Motorola Inc. and Scientific-Atlanta Inc. over their deals with one of the largest cable TV providers in the country, Charter Communications, Inc. (ap.google.com)

Other News
AT&T to pay $2.5 billion for airwaves: Spectrum is in valuable 700 MHz range (marketwatch.com)

Woman Ordered to Pay for File-Sharing Will Appeal: A woman ordered to pay $222,000 for illegally downloading and sharing music files has decided to appeal the case.(pcworld.com)


Believe when you see it

October 8, 2007

Yahoo! Teams! With! eBay! And! PayPal! To! End! Phishing!(...if you use Yahoo!, eBay, and PayPal) (theregister.com)


Spammers Destroy Another On-Line Business

October 7, 2007


Spam from a galaxy far, far away...

October 6, 2007



Compared to a previous example of an over-performing image spammer whose efforts to bypass spam filters make it virtually impossible for someone to fall victim into the pharmaceutical scam, in this example of image spam we have something very interesting, namely a dynamic subdomain generating spamming host running a proxy server every time the central campaign URL gets refreshed via an obfuscated javascript. meds247.org (216.55.70.170) is the public face of abetterlevel.org (221.130.192.17). (ddanchev.blogspot.com)


Data for 450,000 mistakenly released

October 5, 2007

Data for 450,000 mistakenly released: Social Security numbers on disks. The Massachusetts Division of Professional Licensure has launched an internal probe and announced plans to review its protocols after the Social Security numbers of about 450,000 licensed professionals were inadvertently released. The information was mailed last month to agencies that submitted a public records request for the names and addresses of professionals licensed by the division, said Kofi Jones, a spokeswoman for the state Executive Office of Housing and Economic Development, which oversees the division. (boston.com)


Update on bot herder bust: Most detailed article on greg king and castlecops (theregister.com)
Botmasters Take Heed – You Are Being Put On Notice
CastleCops smeared in bizarre "attack"


Why are the (Canadian) feds so slow to battle the spam scourge?

October 4, 2007

Canada has meekly become an international haven for some of the worst spammers on Earth. And the Canadian government, say national and international watchdogs, seems unprepared to finally kick trash e-mailers to the curb or the courts. (winnipegsun.com)

Canadian and U.S. cops nab two alleged scammers accused of sending out hundreds of millions of junk e-mails -- each is a landmark case, but for very different reasons(winnipegsun.com)

77 arrests in international e-mail scams(businessweek.com)

Submitted by Knujon Members


PC Security DIY Part I: Malware - The Most Wanted Cyber Criminal

October 3, 2007

More or less 3 weeks ago, several anti-scammer websites fell victim to DDoS (Distributed Denial of Service) attacks by the Storm botnet. The comments made on blogs and news sites about these attacks, made it clear once again that cyber security experts are well aware of the dangers of malware infections, which are the backbone of any botnet, as well as the impact these infections have on the online industry. The fact that security experts realise these problems is all good and well, but it does not really help addressing the problem. Normal computer users need to understand the implications of malware infections as well, but more importantly, they have to carry the consequences of their actions if they refuse to take appropriate preventative measures against malware.(cybertopcops.blogspot.com or cybertopcops.com)

Coenraad De Beer


Botmasters Take Heed – You Are Being Put On Notice

October 2, 2007

Today the arrest and indictment of Greg King, 21, of Fairfield California was announced. In the Indictment, the US Attorneys Office is alleging Greg King aka SilenZ was responsible for the DDoS of CastleCops last February. According to the Press Release he faces a maximum sentence of ten years imprisonment and a $250,000 fine. (castlecops.com)

CastleCops smeared in bizarre "attack"


Telecoms' Censorship Policies Stir New Controversy

October 1, 2007

Disclosures over the weekend that AT&T and Verizon reserve the right to suspend or terminate the service of customers who are critical of their conduct have prompted a call for congressional hearings on the censorship practices of the nation's leading carriers. According to AT&T's and Verizon's nearly identical service agreements, the companies can cancel the subscription of anyone who damages "the name or reputation" of AT&T or Verizon, "its parents, affiliates and subsidiaries." The disclosures followed Verizon's Sept. 27 decision to reverse a decision to block text messages from the pro-abortion group NARAL Pro-Choice America. Verizon and AT&T are also both at the center of a swirling controversy for allegedly for turning over private customer phone records to the National Security Agency.
...
"The provision is meant to cover clearly illegal acts that would include things such as impersonating Verizon to conduct phishing scams or to sell services using our name, or the intentional spreading [of] inaccurate information that significantly harms Verizon,"
(eweek.com)



AT&T's new service agreement for its Internet offerings contains an unpleasant wrinkle for subscribers--the telecom giant has given itself the right to cancel customers' service for criticizing the company.(consumeraffairs.com)


Briton, Malaysian wife charged in Internet investment scam

September 30, 2007

(AP) - KUALA LUMPUR, Malaysia-A Briton and his Malaysian wife have become the first people in Malaysia to be charged with operating an Internet investment scam following a crackdown on online fraudsters, a prosecutor said Wednesday.(findlaw.com)


Regulators Shut Online Bank NetBank

September 29, 2007

WASHINGTON (AP) — NetBank Inc., an online bank with $2.5 billion in assets, was shut down by the government on Friday because of an excessive level of mortgage defaults. It was the largest savings and loan failure since the tail end of the industry's crisis more than 14 years ago. Federal regulators appointed the Federal Deposit Insurance Corp. as a receiver for Alpharetta, Ga.-based NetBank. Customers with less than $100,000 deposited with NetBank will be protected by FDIC insurance. While dozens of mortgage companies have closed due to soaring defaults of home loans made to borrowers with weak, or subprime, credit, those problems previously had occurred among non-bank lenders such as New Century Financial Corp. NetBank, in contrast, is federally regulated. (ap.google.com)


Myanmar Military Cuts Internet Access, Occupies Monasteries

September 28, 2007

The government's apparent decision to cut public Internet access — which has played a crucial role in getting news and images of the pro-democracy protests to the outside world — also raised concerns. (foxnews.com)

Burma cuts Internet after Japanese photographer killed (cpj.org)

Restrictions on Internet use imposed by the military's State Peace and Development Council sharply reduced the flow of information. As a result, Thailand-based exile groups and outside observers had only a sketchy picture of what was going on in Rangoon, Burma's main city, and the dozen other places where anti-government protesters led by Buddhist monks have mounted the strongest challenge to the junta since 1988. (washingtonpost.com)

Bloggers in Burma keep world informed during military crackdown: The bloggers rely on word-of-mouth, cell phones, online chat groups, instant messaging, and firsthand accounts of protesters facing barricaded streets, tear gas and gunfire from Burmese security forces. The best blogs provide photos, video and text updates purportedly by eyewitnesses, which are later confirmed by news organizations or, in some cases, can't be verified.(cnn.com)


Cyber attack could turn lights out in U.S.

September 27, 2007

WASHINGTON (CNN) -- Researchers who launched an experimental cyber attack caused a generator to self-destruct, alarming the government and electrical industry about what might happen if such an attack were carried out on a larger scale, CNN has learned. (cnn.com)



Video(cnn.com)


Anti-Spam Law Challenged

September 26, 2007

RICHMOND, Va. — Virginia's law banning the massive distribution of junk e-mail is an unconstitutional barrier to free speech, a lawyer for a former spammer told the state's highest court Wednesday.(foxnews.com)


Sabotaging Google

September 25, 2007

A reader, Courtney Cox (no relation to the actress), recently pointed out to me that the top results of recent complex Google searches turned out to be inane Chinese sites that were not even parking sites, just an assortment of keywords that somehow got indexed and brought to the top of the results list. After seeing a few of these sites, I have to wonder what's going on. Is it sabotage? (news.yahoo.com)


Brockmann & Co. Comments on Knujon

September 24, 2007

Gathering spam samples from a network of registered users... and unregistered users..., this project focuses on building the case against spammers and then presenting them to the ISPs who host the spam sites. With a claim of shutting down some 32,000 sites, [Knujon] is pretty keen to eliminate the oxygen for the spammers to thrive. (brockmann.com)

It's about compressing the time interval that a spam bot network has between starting their campaign with an email blast and ending it by taking the url out of service. If their actions cut the useful life of a spam campaign, it affects spammers in two ways:a. makes ISPs more capable of adopting policies that make it hard for spammer sites, perhaps slowing the frequency of spam campaigns; b. cuts revenue from the spam campaign since lots of clicks will not be satisfied with a working website. (networkworld.com)

The Spam Index is the first method for factoring a users' actual experience in assessing the effectiveness of various anti-spam technologies. Based on the experience of over 520 business users, the users of challenge-response technology have the lowest average Spam Index, the most consistent Spam Index and the highest user satisfaction with the email experience. (brockmann.com)

Over the past four years, [Knujon] has tried to move the fight to a new front..., which has helped shut down more than 30,000 spammer Web sites. The project asks volunteers to send in their spam, and it uses these submissions to ... take down more than 32,000 of these junk mail sites.(networkworld.com)


Fake Dunkin Donuts in New York

September 23, 2007

You really have to love the way good old American capitalism works. On the corner of 110 and Lexington used to be a very busy and successful Dunkin Donuts franchise. It closed for about 2 weeks and in its place was an imitation rip off named Dunkin Cafe & Coffee. Dunkin Cafe’s logo uses the same font face and color as the original Dunkin Donuts. (plateoftheday.com)


Extra Spam, Hold the Quechup

September 22, 2007

The blogsphere is abuzz this week about deceptive practices at social networking site Quechup. Apparently, the site is using customer's propensity to scan and the tendency to rely on similar experiences in order to create a massive spam campaign. Several dozen bloggers have posted apologies in the last couple of weeks after Quechup scammed them and spammed everyone in their address books. (wisebread.com)


UK IT managers waste 5.85 million hours a year sifting through spam

September 21, 2007

UK IT managers could be spending more than five million working hours, worth more than 140m [pounds] a year, searching for valid e-mails caught in spam filters, according to a survey commissioned by web-based email management service provider, Mimecast. (computerweekly.com)


CastleCops smeared in bizarre "attack"

September 20, 2007

CastleCops, a voluntary security community, has received money from victim's PayPal accounts, according to Robin Laudanski, who co-runs the organisation. She blogged that compromised credit-card details had been used to donate sums of money to CastleCops. She suggested that the idea is that, when victims find out their money has been taken, they will assume CastleCops is involved in the fraud. (news.zdnet.co.uk)


Report: Four Percent of E-Crime From Fortune 100

September 19, 2007

Roughly four percent of all spam, malicious software attacks, phishing Web sites and other cyber crime activities detected in the first half of 2007 emanated from the networks controlled by the world's 100 highest-grossing companies, according to a new report from anti-virus company Symantec. The finding, from Symantec's semi-annual Internet Security Threat Report, is significant because it indicates how much Fortune 100 organizations have been compromised and are being used by attackers as launching pads for malicious activity, the report notes. The report jives with data published by Security Fix in March, which found evidence of phishing Web sites, spam and malware coming from major corporations, including Best Buy, ExxonMobile, HP, and Oracle, among others. Wired.com's Ryan Singel recently documented similar findings. Symantec cautions, however, that this statistic is actually lower than one might expect, given that Fortune 100 companies collectively control more than seven percent of the world's Internet. (blog.washingtonpost.com/securityfix)

Symantec Threat Report - PDF (symantec.com)


The Economic Idiocy of Spam Filtering

September 18, 2007

Not only does filtering not work, but it makes no money sense. If we accept the overwhelming evidence that 90% or more of Internet traffic is junk, then the criminals have clearly hijacked the global network. What is the Internet? It is a collection private networks, commercial cable and public phone systems. Who pays for the maintenance of this network? We all do. Through taxes, access fees and overhead passed to the consumer. So the consumer is more or less supporting the spam network. How much does that end up being? In the United States it could be as high as $1.5 Billion per month or $18 Billion per year. This figure does not include the amount of money spent on filtering, or the lost work hours, or money spent on chasing e-crooks, only the estimated cost of transmitting the spam.

Based on the average household paying $30 per month for access, even you have a virus scan and filtering software and get no spam in your inbox, you are still paying $27 per month to guarantee that it gets delivered just short of your mailbox. By the way, since the spammers are hijacking machines with malware, their costs are zero.

The estimate is based on 55,544,208 households with net access (an outdated 2000 census) with only 10% of paid fees or taxes going to support traffic that is wanted. The estimate is possibly lower than the true cost (which is difficult to truly quantify), and this is only the United States. The global cost is probably much higher.

The Failure of Spam Filtering (knujon.com)


Report: Hackers make contracts for spam

September 17, 2007

SAN JOSE, Calif. - Online crooks are quickly enlarging an already vast sales and distribution network to propagate spam and send malicious software in hopes of infecting millions of computers worldwide, according to a new report. In a report to be released Monday, security software maker Symantec Corp. says sophisticated thieves sell code to criminal middlemen for as much as $1,000 per program. The middlemen then push the code to consumers, who may be duped into participating in a scam, or who may have their passwords, financial data and other personal data stolen and used by identity theft rings (news.yahoo.com)


Chris Hansen MSNBC: Face to face with spammers and scammers

September 16, 2007

The writers of these e-mails sometimes appear to be desperate characters in far-off lands, offering millions in reward money — if you’d only help them in their plight.(msnbc.msn.com)


THE PAPER TRAIL - pdf (msnbcmedia.msn.com)

More Dateline Online Investigations(msnbc.msn.com)


Consulate websites hacked and infected

September 15, 2007

Security vendors are warning that two US Department of State websites based in Russia could contain malware and should be avoided. (techworld.com)


Hope in the fight against net gangsters

September 14, 2007

The online world has more criminals than an episode of The Sopranos. But is there a way to make things safer?(guardian.co.uk)


Kim Komando Lists KnujOn as a "cool site"

September 13, 2007

Knujon has a solution that might prove fruitful, though. It focuses on the sites that spammers use to peddle their wares. So far, it has removed more than 30,000 sites affiliated with spammers. How will this stop spammers? If they can’t sell their products, there’s no point in spam. (komando.com)


Phantom Phone calls from (866)243-4357

September 12, 2007

"I keep getting phone calls atleast twice a day from 866-243-4357 which shows up as 866-243-4357 on Caller ID but when I answer, they don't say anything and don't hang up."(whocalled.us)

If you get more than one call from 866-243-4357 Call Vonage Customer Service 1-800-980-1455 and tell them to stop. If calls continue, send a letter to: Vonage Legal Department, Attn: General Attorney, 23 Main Street, Holmdel, NJ 07733 have them order the Sales Autodialer to stop calling your number.(800notes.com)

donotcall.gov


ISPs turn blind eye to million-machine malware monster

September 11, 2007

Cablevision and Comcast coddling criminals?(theregister.com)


Storm Worm botnet could be worlds most powerful supercomputer

September 10, 2007
Submitted by Knujon Member

By New Zealand computer scientist Peter Gutman’s calculations, the Storm Worm botnet “may be the first time that a top 10 supercomputer has been controlled not by a government or mega-corporation but by criminals.”(zdnet.com)


Man used file-sharing program to steal data, money

September 9, 2007

A man has been arrested in what the US Justice Department described as its first case against someone accused of using file-sharing digital data to commit identity theft. Gregory Thomas Kopiloff primarily used Limewire's file-sharing program to troll other people's computers for financial information, which he used to open credit cards for an online shopping spree, federal prosecutors said today. (smh.com.au)


Thousands of emails lost in spam attack

September 8, 2007

Thousands of emails have been stuck in virtual limbo for days after a massive “spam attack” on the telecoms firm Onetel. A large number of the firm’s 30,000 email customers have been unable to send or receive emails properly for more than a month and many say their complaints to Onetel appear to have fallen on deaf ears. Frustrated by the company’s apparent delay in responding to their complaints, many say they have decided to switch to alternative providers. (telegraph.co.uk)


UK CyberCrime Report

September 7, 2007

UK CyberCrime Report - PDF format(garlik.com)


Pfizer PCs hijacked to send Viagra spam

September 6, 2007

Spammers have set a new benchmark for mockery, hijacking PCs inside drug giant Pfizer to send out adverts for the company’s most famous product, Viagra, it has been claimed. (techworld.com)


Malware authors change tack

September 5, 2007

Email attachments are being used less, spam campaigns are being used more(computing.co.uk)


ID fraud costing 'billions'

September 4, 2007

IDENTITY fraud is costing Australia billions of dollars a year and nearly everyone is concerned about the theft and illegal use of their identity, federal Attorney-General Philip Ruddock says. (first.org)


CastleCops Under DDoS Attack

September 3, 2007

Suspect IPs

Denial of Service(searchsecurity.techtarget.com)

Update on DDoS – mid 2007(castlecops.com)

February 2007 Attack(knujon.com)


Back-to-School Internet Safety Tips

September 2, 2007

Since there can never be too many reminders for kids on how to stay safe online, here are seven from the Illinois Attorney General, Lisa Madigan. She joined with the National Center for Missing and Exploited Children, Microsoft, Best Buy and the Geek Squad, and an Illinois retail association to spread the word on safe online practices.(tech.yahoo.com)


Malicious YouTube spam flooding the Net

September 1, 2007

Malicious spam containing fake URLs pointing at assorted YouTube videos have started flooding t’Internet in recent days, according to Marshal, the email and Internet content security provider. According to the Marshal TRACE team, the latest Storm spam campaign uses humorous and/or familiar comments alongside fake YouTube links to lull recipients into believing they have been forwarded a link to a funny or outrageous video. (securityblog.itproportal.com)


PDF spam no more?

August 31, 2007

Over approximately the past 2 months, PDF spam has exploded from a little used technique to making up close to 30% of all spam being sent during its peak (averaged daily). Due to spammers adjusting their campaigns, the volume of these messages has fluctuated, however over the past week PDF spam has all but dried up.(sophos.com)


Cybercrime spreading like a virus

August 30, 2007

Despite stepped-up law enforcement and better security software, threats from cybercriminals remain potent, according to the 2007 Consumer Reports' State of the Net survey. The lone-wolf geek you imagine hunched over a computer in his basement isn't the only one out to steal your identity on the Internet. According to CR, cybercriminals increasingly operate in an elaborately networked underworld of Web sites and chat rooms, where they sell one another stolen account numbers, tools for making credit cards, scanners to pick up card numbers and PINs from ATMs and viruses and other malicious software. (mcall.com)


IRS warns taxpayers about e-mail scams

August 29, 2007

The Internal Revenue Service on Monday alerted taxpayers to the latest versions of an e-mail scam intended to fool people into believing they are under investigation by the agency's Criminal Investigation division.(rockymounttelegram.com)


MarkMonitor Brandjacking Index Exposes Online Scams That Threaten Top Pharmaceutical Brands and Hurt Consumers

August 28, 2007

SAN FRANCISCO, August 20, 2007 – MarkMonitor®, the global leader in enterprise brand protection, today released the Summer 2007 Brandjacking Index™, reporting that online scammers increasingly abuse the top-ranked brands and endanger consumers by selling questionable prescription drugs through dubious online pharmacies. In the case of prescription drug sites that sell the most popular brands, the report showed the majority operate without proper credentials and lack even the most basic e-commerce security features, risking customers’ health and putting their personal information at risk.(drugs.com)


Neue Taktik im Kampf gegen Spam

August 27, 2007

Im Kampf gegen Spam setzt sich eine neue Taktik durch. Anstatt nur auf bessere Filter und Blacklists zu setzen, gehen einige Gruppen direkt gegen die beworbenen Webseiten vor.(macwelt.de)


Spam fighters hit criminals' weak spot

August 24, 2007

Is the fight against spam horribly misguided?
For years, spam haters have relied on junk-mail filters and Internet blacklists, but lately, some are saying it's time for a change in tactics.

Over the past four years... KnujOn (that's No Junk backwards, for those who aren't into word games), which has helped shut down more than 30,000 spammer Web sites. The project asks volunteers to send in their spam, and it uses these submissions to build a large database linking sites to known spammers. To date, it has helped take down more than 32,000 of these junk mail sites.
(techworld.nl)

Ny strategi mot spam

Spamfiltre og svartelister har ikke fjernet strømmen av søppelpost fra nettet. Nå endres taktikken.
Prosjektgruppen, som kalles Knujon (“no junk” baklengs), har de siste fire årene stengt ned over 30 000 nettsteder, og får stadig flere frivillige med på laget. Hvem som helst kan sende inn sin søppelpost, som inngår i en stadig større database som knytter nettsteder til spammere. (idg.no) (engelsk @ techworld.nl)


650,000 consumers ordered a product or service advertised in spam in one month

August 23, 2007

Still, the fight against spam is far from over. Nearly half of the survey respondents who said they get spam are getting a lot of it. More than half in our anti spam review reported receiving fraudulent solicitations, and 40 percent felt that spam had invaded their privacy. And based on our survey, we estimate that 650,000 consumers ordered a product or service advertised in spam in the month before the survey.(consumerreports.org)


The cyberwar against the United States

August 22, 2007

RECENT AL QAEDA recruitment videos and foiled terrorist plots in the United Kingdom remind us that the effectiveness of terrorism is an issue of winning the hearts and minds of those with the proper skills to do serious harm. It would logically follow that it is reckless to allow terrorists to combine the critical elements of ideology, skills, and the technical means of destruction.(boston.com)


"Carousel fraud" Through Fake VAT Registrations

August 21, 2007

Carousel fraud occurs where fraudsters obtain VAT registration to acquire goods such as computer chips and mobile phones VAT-free from other EU member states. They then sell the goods at VAT-inclusive prices and disappear without reimbursing the VAT costs paid to them.(activehome.co.uk)


Identity attack spreads; 1.6M records stolen from Monster.com

August 20, 2007
Submitted by Knujon members

Convincing phishing mail seeds bank account-stealing Trojan horse and 'ransomware'
August 19, 2007 (Computerworld) -- The 46,000 people reportedly infected by ads on job sites may be only a fraction of the victims of an ambitious, multistage attack that has stolen data belonging to several hundred thousand people who posted resumes on Monster.com, a researcher said this weekend.
(computerworld.com)

US job website Monster.com has suffered an online attack with the personal data of hundreds of thousands of users stolen, says a security firm. (bbc.co.uk)


The summer of spam. It just keeps coming.

August 19, 2007
Submitted by Knujon member

There is 17 percent more spam heading for inboxes today than there was yesterday, and spam watchers say it could get even worse before the summer is over. (techworld.com)


Viagra spam edges out pump-and-dump

August 18, 2007
Submitted by Knujon Member

Pump-and-dump spam, which dominated inboxes in the first half of the year, has given way to image spam and messages pushing 'sexual enhancement' drugs, according to a report from security firm BitDefender. (vnunet.com)

More spam today made its way to inboxes touting a small Florida company first hit by a massive pump-and-dump spam scam last week.(pcworld.com)


US phish feeder jailed for seven years

August 17, 2007

Jacob Vincent Green-Bressler of Tucson, Arizona was sentenced by US District Judge David C. Burylast week after pleading guilty in March to aggravated identity theft and conspiracy offences. Green-Bressler operated as an American buyer for stolen credentials obtained through various phishing scams across the world.(theregister.com)


Facebook users share data with frog

August 16, 2007

Sophos, a Boston firm focused on information-technology security, decided to see how easy it was to get users of the social networking website facebook.com to divulge personal data; to conduct that experiment, Sophos said it fabricated a Facebook profile page for a small green plastic frog called Freddi Staur, the name being an anagram for "ID Fraudster."(boston.com)

Sophos.com: "Sophos is a world leader in IT security and control solutions purpose-built for business, education, government organizations and service providers. Our reliably engineered, easy-to-operate products protect over 100 million users in more than 150 countries from viruses, spyware, adware, Trojans, intrusion, spam, policy abuse, and uncontrolled network access."


Adobe Stops Taking Piracy Reports?

August 15, 2007

----- The following addresses had permanent fatal errors -----
piracy@adobe.com
(reason: 550 No such user - psmtp)
(expanded from: swpiracy@coldrain.net)

----- Transcript of session follows -----
... while talking to adobe.com.mail5.psmtp.com.:
>>> RCPT To:piracy@adobe.com
<<< 550 No such user - psmtp
550 5.1.1 piracy@adobe.com... User unknown

Final-Recipient: RFC822; swpiracy@coldrain.net
X-Actual-Recipient: RFC822; piracy@adobe.com
Action: failed
Status: 5.1.1
Remote-MTA: DNS; adobe.com.mail5.psmtp.com
Diagnostic-Code: SMTP; 550 No such user - psmtp
Last-Attempt-Date: Mon, 13 Aug 2007 17:43:24 -0400




Microsoft Keeps Rejecting Piracy Reports for "spam-like characteristics"(knujon.com)


Spam surge sways stock market

August 14, 2007

Last week saw the Internet's biggest-ever spam surge in a single day, and also offered a lesson on why "pump and dump" stock-market spam campaigns have become so prevalent, according to Postini. (techworld.com)

Unusual Pump-and-Dump Spam Run Continues (pcworld.com)

Send to stockjunk@coldrain.net


Toy maker in giant recall commits suicide

August 13, 2007

BEIJING, China (AP) -- The head of a Chinese manufacturing company accused of shipping hundreds of thousands of lead-tainted toys later recalled in the United States has committed suicide, a state-run newspaper said Monday. (cnn.com)

United Nations' website hacked(news.com.au)


Fake e-cards signal massive DDoS attack

August 12, 2007

Security researchers are reporting a sharp increase in the number of machines infected by the Storm Worm, prompting speculation that its authors, who so far have limited their activities to spam, intend to use it for more destructive purposes, such as launching massive denial of service attacks. (theregister.com)


Aussie loses $1.7m in Nigerian scam

August 11, 2007

SIX men have been arrested in the Netherlands over an internet scam that cost an Australian man $US1.5 million ($1.76m), police said today. The six, taken into custody last week, are believed to be part of a west African network, police said. Five of them are from West Africa, including two Nigerians. They are suspected of extorting the money from a 49-year-old Australian man after promising him, by email, a lucrative business contract worth $US90 million ($105.42 million), according to police (news.com.au)


Asa Aarons Recommends Everything But Reporting

August 10, 2007

In the posting With just a few wise moves, you can help ward off spam (nydailynews.com) Asa Aarons recommends every tactic for dealing with spam except reporting it. We contacted Mr. Aarons to suggest the addition of reporting to his list, he has not responded yet.

Don't bite: E-mail lottery setups strictly for losers (nydailynews.com) Lottery spam scams lure even the smartest people (nydailynews.com)


Anti-Spam Industry Recommendations Contradict Themselves, Offer no Hope

August 9, 2007

In addition to the headline that "Anti-Spam Software Doesn't Work" from yesterday, we have a more detailed commentary from McAfee to analyze. The article Are you back from vacation? Spam awaits, McAfee offers simple tips to help e-mail users fight back (spokanejournal.com) is full of contradictions and bad advice. For starters, the title implies that these are "simple tips", but there is nothing simple about completely reconfiguring your own filtering software after analyzing all the junk email you receive.

In the first paragraph we read:

McAfee Inc., the Santa Clara, Calif.-based security software vendor, has released tips to help e-mail users unsubscribe and block unwanted e-mail.
But the article later states:
do not unsubscribe from the list. By unsubscribing, you show the spammer that your e-mail address is active.
Why is this a "release" from McAfee? There is nothing new here. So we can take unsubscribing off the table, which leaves us with blocking.

“While today’s spam filters have improved to catch a larger percentage of junk mail, the threat of spam never really goes away,” says Jeff Green, senior vice president of McAfee Avert Labs.
It seems here he is admitting the failure of the block and filter approach. Don't unsubscribe and blocking has failed, what is the point of this article now?

These two items:
Don’t publish your e-mail address on any Web site or discussion forum.
If your mailbox starts receiving an abundance of spam, you can delete the mailbox
have been pointed out by Knujon many times as surrender, actions that only inconvenience the consumer and do not address the core issues.

The final two recommendations seem to contradict each other:
Use anti-spam software, which blocks 97 percent to 99 percent of spam.
Keep a collection of mail you want to stop receiving and determine which e-mail addresses or phrases in the messages don’t change. Use this information to keep further unwanted e-mail out of your inbox by creating filters.
What? Which am I supposed to do, buy your software(which he has admitted doesn't solve the problem) or become so involved in the filtering process that it makes me wonder why I bought filtering software? Tinkering around with all these packages is great for programmers, but useless to the consumer at large. The consumer who falls for scams, buys junk, and responds to spam.

At only one point does he mention reporting it to your ISP, which is a problem in and of itself. As Knujon has pointed out many times ISP response to spam is inconsistent, unprofessional, and ineffective. Some ISPs are helping the spammers.

Nowhere does McAfee mention that obvious criminal spam or stock fraud should be reported to law enforcement.

Anti-Spam Software "Doesn't Work"(knujon.com)

Anti-Spam Software "Doesn't Work"

August 8, 2007

Um, yeah. That's what we have been saying for 3 years...

Most people are not happy with their anti-spam products, according to a new survey. From McAfee and Symantec to Apple and Microsoft, most anti-spam vendors are failing to fully satisfy customers, according to the survey by Brockmann & Company. ... customers rarely are fully satisfied by anti-spam filters packaged with email clients, hosted email or commercial anti-virus software. Too often, the products let spam through and mistakenly delete email that's not spam. (techworld.com)

Anti-spam vendors such as McAfee, Symantec and Microsoft, are failing to satisfy their customers in fighting annoying spam. "Email is consistently recognized as the most important communications service affecting job performance in virtually all industries and all job roles. Yet spam continues to detract from user productivity by providing too many inappropriate, anonymous, bulk and irrelevant messages. (sda-india.com)

Brockmann & Co. Study Results (brockmann.com)


Microsoft Keeps Rejecting Piracy Reports for "spam-like characteristics"

August 7, 2007

----- The following addresses had permanent fatal errors -----
piracy@microsoft.com
(reason: 550 5.7.1 Your e-mail was rejected by an anti-spam
content filter on gateway (###.###.###.###). Rea...uage, graphics, or
spam-like characteristics. Removing these may let the e-mail through
the filter.)
(expanded from: swpiracy@coldrain.net)
Be sure to edit your spam before sending it to Microsoft! ;-)

Microsoft does not want your software piracy reports? (knujon.com)
Gates: Spam To Be Canned By 2006, Microsoft Chairman Announces (cbsnews.com)


Email Trail Links Al Qaeda Network

August 6, 2007

E-mail addresses for American individuals were found on the same password-protected e-mail chains used by the United Kingdom plotters to communicate with Qaeda handlers in Europe, a counterterrorism official told The New York Sun yesterday. The American and German intelligence community now believe the secure e-mail chains used in the United Kingdom plot have provided a window into an operational Qaeda network in several countries... "This plot helps to connect a lot of stuff. We have seen money moving a lot through hawala networks and other illicit finance as well." (nysun.com)


Commercial Filters no Obstacle for Text-only Stock Spam from Zacks.com

August 5, 2007



Send to stockjunk@coldrain.net


18 indicted in Internet pharmacy operation

August 4, 2007

DOWNTOWN SAN DIEGO – A federal grand jury in San Diego has indicted 18 people on racketeering, fraud and money-laundering charges stemming from a massive Internet pharmacy operation. It is the first time racketeering charges have been filed in connection with a fraudulent Internet pharmacy case, federal officials said. The business, called Affpower, sold pharmaceuticals to hundreds of thousands of customers using unlawful prescriptions, according to the indictments, which were unsealed yesterday. Advertisement In a two-year period ending in June 2006, the Costa Rica-based company generated $126 million in revenue, said Lorraine Concha, assistant special agent in charge of the Immigration and Customs Enforcement agency in San Diego. (signonsandiego.com)


New Yorker Has Comprehensive Article on Spam, But Still Misses the Mark

August 3, 2007

The recent article: Damn Spam - The losing war on junk e-mail, by Michael Specter (newyorker.com) is one of the most comprehensive and concise articles on spam to date. However, a few blanks need to be filled in, namely why people feel that we are in a “losing war on junk e-mail.” First of all, not everyone is losing. As with many other articles with this tone, we have contacted the author to challenge them on the current conventional wisdom of relying on filtering and to present evidence of success here and at CastleCops.


Spammer Tries to Hire Hit man to Kill Children of Witness

August 2, 2007

Internet users can count on a few less e-mails about cheap Viagra and Cialis showing up in their junk mail folders, as well-known spammer Christopher Smith has been sentenced to 30 years in jail by a federal judge. The judge referred to the 27-year-old online drugstore owner as a "drug kingpin" when issuing the sentence, according to the Star Tribune. The sentencing is among the longest convictions related to Internet pharmacies in recent history, said Smith's attorney...

Smith kept himself busy by attempting to put a hit on a witness' children. "We're going to give her the option of which one of her kids she's going to sacrifice for [testifying]," he said in a recorded phone conversation before asking about hiring a hitman. Smith also managed to talk his wife, father, mother, and stepfather into concealing wads of cash—to the tune of $1.1 million—in cereal boxes.
(arstechnica.com)

It is clear this is the tipping point of violence entering the picture. We’ve been telling people this for two years, that the guns follow the money in any illegal activity and once you reach that point it is difficult to go back. People have dismissed spam as an “annoyance” and our research has consistently shown it to be much more than that.

The other point of interest is that this is the kind of story that gets attention these days in the spam world, someone being caught and prosecuted. While it warms the cockles of my heart to hear it, my brain knows it is a drop in the bucket. This problem will be solved by consistent and efficient policy enforcement, not specifically removing individuals from the monster maze.


PDF Stock Spam Flies Through Commercial Filters

August 1, 2007




On the trail of servers gone bad

July 31, 2007

LANDO, Fla. — Federal agencies increasingly are seeking out fledgling “honeyclient” technology to detect and analyze Web sites that contain and distribute malware, cybersecurity experts say. The honeyclient apps built by Mitre are virtual machines, trolling the Web to detect sites that reveal signs of malware when evaluated against the baseline performance of safe sites, said computer scientist Kathy Wang, lead infosec engineer/scientist at Mitre. (gcn.com)

HoneyClient User Guide (honeyclient.org)

"The MITRE Corporation is a not-for-profit organization chartered to work in the public interest. As a national resource, we apply our expertise in systems engineering, information technology, operational concepts, and enterprise modernization to address our sponsors' critical needs." (mitre.org)


Google, the FCC and the end of Analog TV

July 30, 2007

Network World looks at why Google wants open access provisions added to the rules for the FCC's upcoming 700MHz spectrum auction. (pcworld.com)

The U.S. Federal Communications Commission has approved a plan for auctions of wireless spectrum in the 700MHz band, taking the first step toward the multibillion-dollar sale of spectrum being abandoned by television stations. (networkworld.com)


Bus driver fired for 38,000 text messages

July 29, 2007

WARSAW, Poland --A Polish bus driver has been fired for sending 38,000 text messages on his company cell phone in a losing effort to win contest jackpot, a spokesman said Thursday. (boston.com)


Faulty Easy-Bake Ovens Burn Kids

July 28, 2007

(CBS) For the second time this year, toy-maker Hasbro is recalling Easy-Bake Ovens due to reports of kids getting their fingers caught in them, and sometimes suffering burns, some of them severe. Approximately 1 million ovens are affected. The toy has been among the nation's most popular for more than 40 years. But in February, after what it and the Consumer Product Safety Commission said were 29 reports of children getting their hands or fingers caught in the oven’s opening, including five reports of burns, Hasbro offered free retro-fit kits designed to eliminate the danger. (cbsnews.com)


NASA: Worker Tried to Sabotage Shuttle-Bound Computer By Cutting Wires

July 27, 2007

NASA's Inspector General Office has launched an investigation into intentionally cut wires in a data relay box slated to launch aboard Endeavour next month and be installed inside the space station's U.S.-built Destiny laboratory, NASA's associate administrator Bill Gerstenmaier told reporters Thursday. (space.com)


IPhone Flaw Lets Hackers Take Over, Security Firm Says

July 26, 2007

A team of computer security consultants say they have found a flaw in Apple’s wildly popular iPhone that allows them to take control of the device. The researchers, working for Independent Security Evaluators, a company that tests its clients’ computer security by hacking it, said that they could take control of iPhones through a WiFi connection or by tricking users into going to a Web site that contains malicious code. The hack, the first reported, allowed them to tap the wealth of personal information the phones contain. (nytimes.com)

Research trio claims the iPhone's data can be stolen and the device can even be turned into a remote surveillance tool (infoworld.com)
Is that iPhone security hole really so bad? (machinist.salon.com)
Vulns. in iPhone found from fuzzing (computerworld.com)
iPhone Security Flaws Are Hackers Dream (eontarionow.com)


Learn About InfraGard

July 25, 2007

"InfraGard is a Federal Bureau of Investigation (FBI) program that began in the Cleveland Field Office in 1996. It was a local effort to gain support from the information technology industry and academia for the FBI’s investigative efforts in the cyber arena. The program expanded to other FBI Field Offices, and in 1998 the FBI assigned national program responsibility for InfraGard to the former National Infrastructure Protection Center (NIPC) and to the Cyber Division in 2003. InfraGard and the FBI have developed a relationship of trust and credibility in the exchange of information concerning various terrorism, intelligence, criminal, and security matters." More (infragard.net)


Chinese pirates busted with $500 million of software

July 24, 2007

Submitted by Knujon Member

US and Chinese officials announced today that they have busted two Chinese software piracy groups in possession of illegal software with an "estimated retail value" of close to $500 million. The groups operated out of Shanghai and Shenzhen, and sold much of the software through the Internet, according to the FBI. (arstechnica.com)

More... (news.google.com)


Excel Stock Spam

July 23, 2007

Submitted by Knujon Member


Don't open Excel spam files, they may contain macro viruses.


Forbes Details Spam Hunter Story

July 22, 2007

Article may require registration

Spam Hunter (forbes.com)


Inc. Reviews Spam "Fighters"

July 21, 2007

Inc. Magazine has little on-line slide show on what they call the "best spam fighters", however none of these products of services actually fight spam. They are all filtering and blocking systems. The concept of what "spam fighting" is has been completely diluted.

Slideshow (inc.com)


More Spam War Surrender Discussed in Media

July 20, 2007

In The Wall Street Journal's Informed Reader section Wendy Pollack ponders "Email Overload? It Doesn’t Have to Be This Way". Yes, she's right about that but the entry mentions the proposed solution of one professional: “email bankruptcy” which means abandoning your mailbox, and creating a new fresh one. This is something we rail against at KnujOn, it's surrender and it does not address the issue. Pollack also quotes Om Malik's contention that none of the current solutions "go far enough". Apparently Mr. Malik has not heard of KnujOn.

Full Entry (wsj.com)


Still giving out bad advice

July 19, 2007

On Clark Howard's consumer action center tips, the advice for dealing with spam is "if you have a doubt about an e-mail, delete it." This misinformation is still rampant and adds fuel to the spam bonfire.


The 2007 Spam Summit in Washington D.C.

July 18, 2007

Last week the Spam Summit 2007 was held by the FTC in Washington, D.C. The results of a spam survey conducted by PEW/INTERNET(Pew Research) were presented by Susannah Fox. We find the results of this survey troubling since they suggest the public's acceptance of spam is growing. People are just assuming that spam is a part of modern life and nothing can be done to stop it. As many of you are aware, at KnujOn, we think this is nonsense and we have been working to deal with the problem in creative and unique ways. Before we go into the details of other topics discussed at the summit, it is important to review how the Internet industry has dealt with this problem from the beginning.

  • When spam started to become a problem for email/Internet users it was generally assumed that the user/consumer had done something to bring it on themselves: they purchased pornography, signed-up for questionable websites, etc(i.e., it's the user's own fault).

  • As spam began to reach people who had never purchased pornography the blame shifted to posting and sharing of email addresses. Users were told not to public post their email addresses and be careful who they share them with. Also, user mailboxes became infected. Users with unprotected email programs turned into relays for viruses and address harvesting. Again, the consumer/user is blamed.

  • Once it was realized that spammers get addresses from a variety of methods, including scripts that generate random or sequential strings, the consumer was told to ignore or delete the spam they receive. Many concerned citizens tried to report phishing attempts to their banks, but the banks told them to delete and ignore. Once again, the burden is on the consumer to deal with it.

  • The problem grew and a new industry of email filtering and blocking software emerged. However, the responsibility is still on the consumer to purchase, maintain, update and upgrade the filtering software. While the algorithms behind these filtering programs are complex, the scheme itself is litter more than an enhanced tool for ignoring and deleting.

  • A year after the widespread deployment of filtering software, spam is still a growth industry. Armies of botnets(zombie PCs) are collections of computers on the Internet that power spam delivery. These zombie PCs are private computers infected with malware and left connected to the Internet usually without the owner knowing. The plague of botnets is again viewed as an end user/consumer problem since it is the inept public downloading viruses and leaving their connections open that drives spam.

  • Now, the mantra being delivered by these survey results and some other recent media is: "There's nothing we can do, accept it, suck it up."

So, after all these years, hopefully the message is clear. It's your fault and there is nothing we can do about it. Baloney! We are here to tell you that something can be done. We have built a Policy Enforcement Engine that has been handling the complaints of our clients for nearly 3 years. As the system grows and becomes more accurate the proven results are more and more evident. The next time someone tells you that nothing can be done, tell them about KnujOn.

Susannah Fox's comments can be seen in full here and here (pewinternet.org), what follows is a commentary on Fox's comments. An actual transcript of the summit can be found here:
http://htc-01.media.globix.net/COMP008760MOD1/ftc_web/transcripts/071107_sess1.pdf

One issue we've had with the spam dialogue is the overwhelming focus on technical aspects. In the Thomas Grasso (FBI/NCFTA) summary the problems cited are botnets and compromised PCs. While he is right about this popular tool now used by cyber criminals, rarely discussed are the booming e-crime profits and the rapid growth of global illicit traffic behind spam. Political, social and market situations are driving spam. Knujon has put resources into researching and presenting the causes in addition to working on the technical aspects.

Trevor Hughes (Email Sender & Provider Coalition) draws a hard line between marketing and spam, but it is really an enormous gray area. Our research shows marketers using spam tactics and spammers pretending to be real marketing companies. However, Trevor is right about the lack of reporting tools. We have a number of plug-in tools for Gmail, Yahoo, Thunderbird, and AppleMail that make it simple to report. These tools are open source items created by dedicated programmers. These solutions are not coming from the big software houses or Internet service providers. One might believe that the consumer has been abandoned by the industry.

To add on to Patrick Peterson's (IronPort) comments about epidemic "pump and dump" in 2006. By suspending trading and freezing assets the SEC, under John Reed Stark, has cut down on this type of fraud. But, this was only possible because the SEC encouraged citizens to submit samples and then did something with the results. This goes to our main point, that the problem can be addressed if the junk is reported and then handled correctly. If ignored, it gets worse.

Video Feed of the Summit (globix.net)
Trevor Hughes' letter to the FTC (ftc.gov)


Send comments to contact@knujon.com


Tagged or Spammed?

July 17, 2007

Phishers and spammers continue their abuse of social networking(engineering) sites.

MySpace, Facebook, Evite and a multitude of other services are constantly surfed and used to find new victims and bypass email filtering.


Captcha bypassed

July 16, 2007

Miscreants have created a strain of malware capable of setting up bogus Hotmail and Yahoo! accounts in order to send spam. The HotLan-A Trojan uses automatically-generated webmail accounts, suggesting that spammers have found a way to bypass the Captcha system (which typically means accounts can't be created until a user correctly identifies letters depicted in an image). (theregister.com)


Gangs flooding the Web for prey, analysts say

July 15, 2007

(CNN) -- On December 8, Australia suffered a sneak-attack from malevolent forces based in the former Soviet states. The weaponry was a multi-million fusillade of bogus e-mail touts targeting customers of iiNet, owner of Ozemail, one of the most popular Internet providers in the country. (cnn.com)


Potentially tainted toothpaste found on Massachusetts shelves

July 14, 2007

Massachusetts public-health authorities announced today that they have discovered tubes of toothpaste that may contain a dangerous chemical on store shelves in Boston and 11 other cities and towns. (boston.com)


Terrorism's Hook Into Your Inbox

July 13, 2007

The global jihad landed in Linda Spence's e-mail inbox during the summer of 2003, in the form of a message urging her to verify her eBay account information. The 35-year-old New Jersey resident clicked on the link included in the message, which took her to a counterfeit eBay site where she unwittingly entered in personal financial information. (washingtonpost.com)


Wachovia Bank website sends confidential information over the Internet without encryption.

July 12, 2007

Wachovia Bank website sends confidential information (social security numbers, phone number, address, etc.) over the Internet without encryption. (gossamer-threads.com)


McAfee SiteAdvisor Rates Knujon.com

July 11, 2007

http://www.siteadvisor.com/sites/knujon.com (siteadvisor.com)


China Executes Official Who Approved Fake Drugs, Took Bribes

July 10, 2007

BEIJING, China (Reuters) -- China executed a former drug and food safety chief on Tuesday for corruption in an unusually swift sentence which will serve as a warning amid a series of health scandals that have stained the "made in China" brand..."Zheng Xiaoyu's grave irresponsibility in pharmaceutical safety inspection and failure to conscientiously carry out his duties seriously damaged the interests of the state and people," Xinhua cited the high court as stating. (cnn.com)


China Probes 'Chelsea Clinton' Weight Loss Patch

July 9, 2007

BEIJING — China is looking into claims of a herbal weight loss patch which its makers said helped former President Clinton's daughter, Chelsea, shed 26.5 lb in under a month, state media reported on Monday. (foxnews.com)


Cyber attacks engulf Kremlin's critics

July 8, 2007

Opposition parties and independent media say murky forces have committed vast resources to hacking and crippling their Web sites in attacks similar to those that hit tech-savvy Estonia as the Baltic nation sparred with Russia over a Soviet war memorial. (cnn.com)


'Cyber' gang targeted U.S. sites

July 7, 2007

Computer files maintained by a "cyber-terrorist" gang in the United Kingdom included a threat by 45 Muslim doctors said to be planning an attack on the Mayport Naval Base in Jacksonville, Fla., and other U.S. sites using car bombs and rocket grenades. (washingtontimes.com)


Spam reporter from gloomytrousers.co.uk

July 6, 2007

gloomytrousers.co.uk has provided another wondeful tool for reporting junk mail to us and other services. More information: Takes a mailbox or other file full of junk e-mails, and sends them to spam reporting services such as SpamCop, KnujOn, various phishing reporting addresses


DoubleClick deal raises EU privacy concerns

July 5, 2007

BRUSSELS -- Europe's major consumer group, BEUC, said yesterday that it feared Internet search engine Google Inc.'s takeover of online ad tracker DoubleClick Inc. would damage European Union privacy rights and limit consumers' choice of Web content. (boston.com)


Spammers Make Mistakes Too

July 3, 2007

Below is an example where the spammer's code has a bug. "http://{url27}" was probably not the intended outcome. "url27" is a variable that wasn't populated properly.

 -------- Original Message --------
 Subject: retail price - $999 our price - US $ 89.95 adobe photoshop cs3
 From: "Christine Erwin" 
 Date: Tue, July 03, 2007 10:05 am
 To: 
 
 Our price: $269.90 Adobe Creative 3 Premium
 http://{url27}


Nearly 30,000 Malicious Web Sites Appear Each Day

July 2, 2007

The number of malicious Web sites has skyrocketed over the past few months, going from 5,000 new ones a day in April to nearly 30,000 a day now. (informationweek.com)


Drugs, Murder, Wrestling, and the Internet

June 29, 2007

The murder-suicide of professional wrestler Chris Benoit has played out on the Internet in two key ways. One is the relationship between Benoit and an Internet pharmacy and the other is a strange Wikipedia posting that declared his wife's death before it was publicly known.

ATLANTA, Georgia (AP) -- Investigators are looking into who altered pro wrestler Chris Benoit's Wikipedia entry to mention his wife's death hours before authorities discovered the bodies of the couple and their 7-year-old son. Benoit's Wikipedia entry was altered early Monday to say that the wrestler had missed a match two days earlier because of his wife's death. A Wikipedia official, Cary Bass, said Thursday that the entry was made by someone using an Internet protocol address registered in Stamford, Connecticut, where World Wrestling Entertainment is based. An IP address, a unique series of numbers carried by every machine connected to the Internet, does not necessarily have to be broadcast from where it is registered. The bodies were found in Benoit's home in suburban Atlanta, Georgia, and it's not known where the posting was sent from, Bass said. Benoit strangled his wife and son during the weekend, placing Bibles next to their bodies, before hanging himself on the cable of a weight-machine in his home, authorities said. No motive was offered for the killings, which were discovered Monday. (cnn.com)

Police in Georgia have raided the office of Canadian professional wrestler Chris Benoit's personal physician, authorities said Thursday. Federal drug agents and sheriff's deputies began carrying out the raid Wednesday night and concluded early Thursday, reports the Associated (ctv.ca)

Albany County, NY District Attorney David Soares said in the news release that the investigation is still ongoing into Signature Pharmacy and MedXlife, which sent more than $200,000 in illegal steroids and prescription medication into Albany County. (nationalledger.com)


Tubes of toxic Chinese toothpaste found in U.S. prisons

June 28, 2007

ATLANTA, Georgia (AP) -- Thousands of tubes of contaminated Chinese-made toothpaste were shipped to state prisons and mental hospitals in Georgia, officials said Thursday, a sign that U.S. distribution of the tainted products was wider than initially thought. (cnn.com)


Microsoft does not want your software piracy reports?

June 27, 2007

If you see Bill Gates, ask him if the spam problem has disappeared yet.
(Gates: Spam To Be Canned By 2006, Microsoft Chairman Announces )

   ----- The following addresses had permanent fatal errors -----
piracy@microsoft.com
    (reason: 550 5.7.1 Your e-mail was rejected by an anti-spam
content filter on gateway (....). Rea...uage, graphics,
or spam-like characteristics. Removing these may let the e-mail
through the filter.)
    (expanded from: swpiracy@coldrain.net)

   ----- Transcript of session follows -----
... while talking to maila.microsoft.com.:
>>> DATA
<<< 550 5.7.1 Your e-mail was rejected by an anti-spam content filter
on gateway (....). Reasons for rejection may be: obscene
language, graphics, or spam-like characteristics. Removing these may
let the e-mail through the filter.
554 5.0.0 Service unavailable


Spam Filters are no problem for Dr Ahmed Yusuf

June 26, 2007

Bypassed commercial filters:


From: DR AHMED YUSUF [mailto:dr_ahmed23@totonline.net] 
Sent: Wednesday, June 26, 2007 5:42 AM
To: undisclosed-recipients
Subject: From Dr Ahmed Yusuf

From Dr Ahmed Yusuf

I need your services in a contract that was over-invoiced by us. 
This requires a private arrangement.

You will receive these funds underlegal claims; all legal documents will 
be carefully worked out to ensure a risky free transfer. I am willing to 
pay a generous management fee as well as appreciation as soon as this 
transaction is financialy sponcored & completed by you.

I have all the details. All correspondences will be via email, for now.
The funds in question are quite large. I will expect a straight answer from you. 
Yes or no. If yes, Kindly furnish me with your personal information which must 
include your direct cell phone and fax number, your address and company name, 
then lets work out the modalities from there.

Thanks and God bless you,

Dr Ahmed Yusuf


"Greeting Card" Installs Virus

June 25, 2007

Good day.

Your family member has sent you an ecard from rsterm.hk.

Send free ecards from rsterm.hk with your choice of colors, words and
music.

Your ecard will be available with us for the next 30 days. If you wish
to keep
the ecard longer, you may save it on your computer or take a print.

To view your ecard, choose from any of the following options:

--------
OPTION 1
--------

Click on the following Internet address or
copy & paste it into your browser's address box.

http://rsterm.hk/?076a3db573383e1a7a85955

--------
OPTION 2
--------

Copy & paste the ecard number in the "View Your Card" box at
http://rsterm.hk/

Your ecard number is
076a3db573383e1a7a85955

Best wishes,
Postmaster,
rsterm.hk

*If you would like to send someone an ecard, you can do so at
http://rsterm.hk/


Authorities investigate online 'hitman' scams

June 22, 2007

The FBI has received more than 100 complaints about the so-called "hitman scam" from across the country. Typically, the cyber shakedown seeks anywhere from $30,000 to $80,000. FBI special agent James Burrell says some people have fallen for the scam, sending criminals tens of thousands of dollars. The FBI says they have some leads in the case, but they wouldn't provide specific details. (time.com)


E-mail Privacy Gets a Win in Court

June 21, 2007

The House Oversight Committee played the e-mail card Monday by declaring that records of electronic missives for more than 50 White House staffers with accounts at the Republican National Committee had gone missing. Democrats suspect the accounts were used improperly to plot the ouster of U.S. attorneys, so the lawmakers are more than eager to get their hands on the messages. (time.com)


F.D.A. Tracked Poisoned Drugs, but Trail Went Cold in China

June 20, 2007

After a drug ingredient from China killed dozens of Haitian children a decade ago, a senior American health official sent a cable to her investigators: find out who made the poisonous ingredient and why a state-owned company in China exported it as safe, pharmaceutical-grade glycerin. (nytimes.com)

From China to Panama, a Trail of Poisoned Medicine:
The kidneys fail first. Then the central nervous system begins to misfire. Paralysis spreads, making breathing difficult, then often impossible without assistance. In the end, most victims die.
(nytimes.com)

US Investigated China in Toxic-drug Deaths 10 Years Ago (chinadigitaltimes.net)



Other Articles by Walt Bogdanich


The world of money laundering is a dark confusing place

June 19, 2007

American Express gets caught up in a money laundering probe. (forbes.com)

Macau Banco Delta Asia halts NKorea business, denies money laundering (forbes.com)

Money laundering, gun-running, sex slavery. Is tiny Cyprus the world's next tax haven? (forbes.com)

Anti-money laundering industry comes into its own (forbes.com)

How did a tiny Florida bank, American Express and French taxpayers wind up holding the bag after a U.S. cruise line went under? (findarticles.com)


Ohio Employee Data Is Stolen From Car

June 18, 2007

COLUMBUS, Ohio, June 16 (AP) — The names and Social Security numbers of all 64,000 Ohio state employees were stolen last weekend from a state agency intern who left a backup data storage device in his car, Gov. Ted Strickland said Friday. (nytimes.com)


FBI tries to fight zombie hordes

June 15, 2007

The FBI is contacting more than one million PC owners who have had their computers hijacked by cyber criminals. (bbc.co.uk)


China Olympic cos. seen using child labor

June 14, 2007

According to PlayFair 2008, a conglomeration of trade unions and human rights groups worldwide seeking fair trade practices, basic labor standards are being violated by four Chinese factories in particular that have been licensed to manufacture goods for the games. The group reported that workers as young as 12 are working 12-hour shifts or longer, seven days a week in unsafe conditions. (upi.com)

Some official merchandise for the 2008 Olympics in China has been made using child labour, forced overtime and low wages to boost profits, a report says. (bbc.co.uk)

(BEIJING) — Backpacks, caps and other licensed products for the 2008 Beijing Olympics are being made in Chinese factories that use child labor and force employees to work long hours for less than minimum wage, a report released Sunday said. (time.com)


Report: CDC can't find $22 million in equipment

June 13, 2007

Control and Prevention, raising "troubling issues" about the Atlanta-based agency's ability to manage its property, according to members of a congressional oversight committee. Among their concerns is a suspected "insider" burglary of $500,000 in new computers, according to a letter they sent to the inspector general of the U.S. Department of Health and Human Services. (ajc.com)


Google Maps: An Invasion of Privacy?

June 12, 2007

...questions have been raging online in recent weeks, as Google's new" Street View" has sent techies scrambling to browse through the miles and miles of street-level photos now available through Google Maps. (time.com)


Falsely reporting bad weather can lead to felony charges

June 11, 2007

BLOOMINGTON - False reports of bad weather aren't just a problem for meteorologists, but are felony crimes similar to calling in a fake bomb threat or emergency 911 call. So says the National Weather Service office in Lincoln, which has received about a dozen fictional reports of severe weather since mid-April through an online form on the service's Web site. False weather reports also have been made in other parts of Illinois and in Wisconsin. (herald-review.com)


High-tech systems aim to foil counterfeit wine

June 8, 2007

NAPA, California (AP) -- ...with concerns growing about counterfeiters, she and other Napa Valley vintners are turning to high-tech fraud prevention so customers can feel confident they're taking home genuine wine. (cnn.com)


Dangerous con invades MySpace: Looking for someone to ‘maybe have a life with’

June 6, 2007

Francis X. Lang ... was convicted last year of killing Suffolk County deputy sheriff Ricky Dever - is trolling for cyber love with a MySpace page set up by his sister...looking for: “a female pen pal.” (bostonherald.com)


'DRM-free' iTunes songs raise concerns

June 5, 2007

SAN JOSE, California (AP) -- Apple Inc.'s recent rollout of songs without copy protection software at its iTunes Store has given consumers new flexibility, but questions have emerged over the company's inclusion of personal data in purchased music tracks...The Electronic Frontier Foundation, a consumer watchdog group, said the embedded user information in the purchased track raises privacy issues. (cnn.com)


IMPACT Report Suggests that Counterfeit Drug Proliferation may be worse than thought

June 4, 2007

The new estimates on the prevalence of counterfeit medicines - PDF (dangerouspill.com)


“Spam King” Soloway's arrest could not stop Spam flow

June 3, 2007

“Spam King” Robert Alan Soloway’s arrest had globally raised hopes for the relief from millions of unwanted message clogging e-mail in-boxes, but they were shattered when Junk e-mail continued to hit mailboxes around the world Thursday, a day after spammer’s high-profile arrest. (themoneytimes.com)


BOA Bomb Scares Itself

June 2, 2007

ASHLAND, Massachusetts: A Bank of America employee misinterpreted a faulty fax about a bank promotion as a bomb threat Wednesday, leading authorities to evacuate more than a dozen neighboring businesses. (iht.com)


Study: 25 countries block Web sites

June 1, 2007

NEW YORK (AP) -- At least 25 countries around the world block Web sites for political, social or other reasons as governments seek to assert authority over a network meant to be borderless, according to a study out Friday. (cnn.com)


US arrests internet 'spam king'

May 31, 2007

Robert Soloway, 27, was arrested in Seattle, Washington, after being indicted on charges of mail fraud, identity theft and money laundering. (bbc.co.uk)

Robert Alan Soloway is accused of using networks of compromised "zombie" computers to send out millions upon millions of spam e-mails. "He's one of the top 10 spammers in the world," said Tim Cranton, a Microsoft Corp. lawyer who is senior director of the company's Worldwide Internet Safety Programs. "He's a huge problem for our customers. This is a very good day." (boston.com)


What is infoUSA.com Telling Criminals About You?

May 30, 2007
Investigators claim infoUSA created and sold lists of individuals likely to fall for scams and sold them to criminals, infoUSA says it cooperated with authorities. Regardless of the truth, it is an interesting window into the complex world of scams and personal information traffic.

...The New York Times reported last Sunday that an investigation by the authorities in Iowa found that infoUSA sold consumer data several years ago to telemarketing criminals who used it to steal money from elderly Americans. It advertised call lists with titles like “Elderly Opportunity Seekers” or “Suffering Seniors,” a compilation of people with cancer or Alzheimer’s disease. The company called the episodes an aberration and pledged that it would not happen again. (nytimes.com)

The thieves operated from small offices in Toronto and hangar-size rooms in India. Every night, working from lists of names and phone numbers, they called World War II veterans, retired schoolteachers and thousands of other elderly Americans and posed as government and insurance workers updating their files. (boston.com)

infoUSA Responds to New York Times Article About 3-Year Old, Closed Investigation into Telemarketing Scams (businesswire.com)


Local firms warned as new spam laws near;New Email Scam Warning

May 29, 2007

Local companies sending spam e-mails have been warned of the stiff penalties when the anti-spam law comes into effect Friday, but the telecoms watchdog says it may be difficult to deal with overseas firms involved in the practice. (thestandard.com.hk)

It arrives in your inbox looking like something that needs your immediate attention. It appears to be from the Royal Bank, one of Canada's major financial institutions. It shows a smiling woman, an RBC logo, even the colours are prefect. But looks are the only real thing about it. The site is a scam, designed to get personal details on you from the most knowledgeable source in existence - yourself. (citynews.ca)

Submitted by a Knujon member


Google defends data policy

May 28, 2007

PARIS, France (Reuters) -- Google will tell Brussels it needs to hold on to users' search data for up to two years for security and commercial reasons after being warned it could be violating European privacy laws by doing so. (cnn.com)


U.S. checking all toothpaste imports from China

May 27, 2007

WASHINGTON (Reuters) -- U.S. health officials are beginning to check all shipments of toothpaste coming from China, following reports of tainted products in other countries, a government spokesman said Wednesday. (cnn.com)


Fighting Spam, Artistically

May 26, 2007

“I created this electronic installation artwork, called Spamtrap. It prints, shreds and blacklists spam email." (pogue.blogs.nytimes.com)


Submitted by a Knujon member


Free computer virus finds willing victims

May 25, 2007

HELSINKI, Finland (Reuters) -- Computer specialist Didier Stevens put up a simple text advertisement on the Internet offering downloads of a computer virus for people who did not have any. (cnn.com)


Beijing park underscores piracy battle, analysts say

May 24, 2007

BEIJING, China (AP) -- That round-eared mouse dancing with kids? Not a copy of Disney's Mickey Mouse, the Shijingshan Amusement Park insists. And that raven-haired woman with seven men in elf suits? Not Snow White and the Seven Dwarfs. (cnn.com)


U.S. House approves less stringent anti-spyware bill

May 23, 2007

WASHINGTON (Reuters) - The U.S. House of Representatives passed legislation on Tuesday that would impose specific penalties for the fraudulent use of spyware but would not impose new requirements on software makers. (boston.com)


Microsoft-Vietnam cement anti-piracy deal

May 22, 2007

HANOI, Vietnam (AP) -- Microsoft Corp. CEO Steve Ballmer witnessed the signing of an agreement Monday requiring all of Vietnam's government offices to use licensed computer software in a step to curb rampant piracy. (cnn.com)


MySpace will turn over names of sex offenders

May 21, 2007

RALEIGH, North Carolina (AP) -- MySpace.com will provide a number of state attorneys general with data on registered sex offenders who use the popular social networking Web site, the company said Monday. (cnn.com)


Cell Phone "Virus" Panic Grips South Asia

May 20, 2007

Rumours last week were spread around Pakistan that a deadly virus was being sent through mobile phones, and that anyone answering phone calls from some certain numbers would contract a fatal illness. The rumours claimed that "as soon as you answer your phone blood comes out of your mouth, nose and ears and you die" (cellular-news.com)


Apple iPhone Memo Hoax Results in $4 Billion Stock Drop

May 18, 2007

"Yesterday, tech blog Engadget received supposed insider information about a delay of the iPhone until October, and another delay for Leopard, pushing the new OS to January of 2008. Duty bound to report to its readers, it filed a post. Within minutes, some people who read the post were selling their Apple stock, which dipped 3% in mid-day trading yesterday. The origin of the information was an internal Apple memo...which turned out to be fake. Fake or not, Apple's market capitalization sunk by $4 billion once the memo became public," Eric Zeman blogs for InformationWeek. (macdailynews.com)


TJX puts cost for breach at $25m so far

May 17, 2007

TJX Cos. yesterday upped estimates of its costs so far to deal with a computer data breach to around $20 million, in addition to $5 million it had previously spent, and said it still cannot predict its final liability in the area...
...Police are still investigating the case. So far the only arrests have been of a group of people in Florida believed to have used credit cards manufactured from data originally stolen from TJX. The scale of the breach makes it the largest on record and has led to much recrimination from banks that face millions of dollars in costs to replaced compromised accounts.
(boston.com)


The Worst

May 16, 2007

Several KnujOn members have pointed out specific sites that are currently active but reported at one time as suspended. Other members have complained that other sites have huge instance counts and never seem to go away. We hear you and it is a concern.

KnujOn has been initially focused on the “macro” side of the problem: collecting massive amounts of data and using it target the greatest number of sites and viewing collections of sites as organizations. This approach has yielded the large number of shutdowns we see but has also allowed a number of sites to fall through the cracks. Many of these sites are what we call “super sites.” They endure, they pop-up again quickly after being shutdown, and in some cases we have received false (temporary) confirmation that they were suspended.

About six months ago many users complained about ui726.com. We took some time out of our “macro” activities to focus on the “micro” issues of this particular site. We pushed and pushed and this site was shutdown and appears to remain so. We learned that there is value in this approach and have been considering expanding it. Finding out why some sites endure has also helped expose more of the cybercrime underbelly.

We now have an enormous amount of data and know exactly which sites are responsible for the most instances for our clients. This week we’re launching a program that will target and expose the most active spam sites in our records. We are starting with number 1 and working backwards. We’re starting with mantipu.com an “Internet pharmacy” that has the highest number of incidences for our clients. You will be able to follow along here: The Worst. Our belief is that if we take a little time each week to focus on a specific site, as we raise the level of awareness and exposure, we’ll get results.


IBM loses retirees' personal info

May 15, 2007

ARMONK, N.Y. - IBM Corp., one of the world's leading providers of encryption and other data-management technologies, is in the uncomfortable position of trying to solve its own mystery involving missing computer tapes with sensitive information about employees and records of customer transactions. (news.yahoo.com)


Spam Reporting Catch-22

May 14, 2007

As many of you know, reporting spam isn’t easy. One reason it's not easy is that Internet Service Providers are not cooperating. The only way to get ISPs to take any action it to report spam, but many ISPs make users jump through many many hurdles to do so, and even when they do manage to report, they get screwed. The first issue is that ISPs simply block attempts to forward spam to the proper authority. Example: recent attempts by one client to forward Bank of America related phishing to the bank's abuse address were blocked by an ISP. Why? Do they really think someone is trying to send phish directly to the bank's abuse address? And if they were, who cares? It would only lead to faster detection by the bank. The second issue is much more painful, ISPs have been known to shut off the accounts of end users who report spam! People who believe they are doing the right thing find messages like "You Account has been suspended because of unusual activity" or "We have terminated your account for responding to spam." Idiocy. A message to the ISPs: WAKE UP.


Coldrain.net is back up

May 11, 2007

A piece of bad hardware on the network, nothing nefarious.


Minor Goof on Reports Email

May 9, 2007

Weekly report emails will be reissued tonight, there was a bug in the script that did not include any specific message.


New Card Introduced for Financial Institution Authentication Use

May 8, 2007

In what is being described as a “wow” product in the growing line of multi factor authentication products being developed to meet increased regulation for stronger authentication, VeriSign Inc., announced its partnership with Innovative Card Technologies, Inc., the developer of the ICT DisplayCard, to launch credit and debit cards that generate six digit, one-time use passwords... (bankinfosecurity.com)


What is Search Stacking?

May 7, 2007

A spam tactic that has nothing to do with email!
Search Stacking (knujon.com)


KPMG Publishes Profile of Potential Fraudsters

May 4, 2007

Profile of a Fraudster Survey - PDF (kpmg.co.uk)

KPMG UK
KPMG International


Entrepreneurial hackers buy sponsored links on Google;
Lawsuit Seeks to Uncover Identify of E-mail Harvesters/Major Anti-Spam Lawsuit Filed in Virginia

May 3, 2007

Those keywords put the criminals' sponsored links at the top of the page when searches were run for brand name sites like the Better Business Bureau or Cars.com, using phrases such as "betterbusinessbureau" or "modern cars airbags required." But when users clicked on the ad link, they were momentarily diverted to smarttrack.org, a malicious site that used an exploit against the Microsoft Data Access Components (MDAC) function in Windows to plant a back door and a "post-logger" on the PC. (computerworld.com)

The lead attorney on the case, Jon Praed of the Arlington, Va.-based Internet Law Group, has represented America Online and Verizon Online in successful cases against junk e-mailers. Praed said the group hopes to follow the trail from the people doing the harvesting of e-mail addresses to the actual spammers. (washingtonpost.com)

A company representing Internet users in more than 100 countries was expected to file a lawsuit in Virginia seeking the identity of individuals responsible for harvesting millions of e-mail addresses on behalf of spammers. The suit was to be filed in U.S. District Court in Alexandria on behalf of Project Honey Pot, a service of Unspam Technologies LLC, a Utah-based anti-spam company that consults with private companies and government agencies. (gigalaw.com)


PayPal security measures help stamp out fraud

May 2, 2007

PayPal's 133 million online customers are the biggest ocean phishers have to plunder. CISO Michael Barrett wants to make it safe to be in the water; and he's not going at it alone. Backed by PayPal's sophisticated fraud models and help from ISPs and browser makers, Barrett is succeeding in protecting the most-spoofed brand on the Internet. (searchsecurity.techtarget.com)

Submitted by KnujOn member


herbal-land.com Continues Geocities Abuse Onslaught

May 1, 2007

herbal-land.com keeps sending spam using Geocities redirects. The emails contain no warning about the pornographic nature of the site.

More (knujon.com)


The Two-Way Peephole

April 30, 2007

Banks and brokers are getting even more serious about who gets onto their Web sites. (forbes.com)


European Stock Spam

April 27, 2007

It worked in the U.S., why not elsewhere?

ANLEGER UHR BJ5N.F!!!
DIE RALLYE IST GESTARTET

Firma: BOERSE INVEST BETEI
WKN : 797639
ISIN : CH0012802093
Markt: Frankfurt
Kürzel : BJ5N.F
Preis: 1.90
5-Tag Prognose: 3.00

KAUFEN KAUFEN KAUFEN!
BJ5N.F ESGESCHAFT FIN UNTER PARI!
This sample bypassed commercial spam filters


Watch-out for Bank of America Phonies

April 25, 2007

Fake BOA sites showing up recently:

bankofamerica-1.com
bank-of-america-1.com
bankofamerica-2.com
bank-of-america-2.com
bankofamerica-3.com
bank-of-america-3.com
bankofamerica-4.com
bank-of-america-4.com
bankofamerica-5.com
bank-of-america-5.com


Your past is lurking online

April 23, 2007

Failure to manage one's Net reputation can stall a career, but there are methods to help (bostonworks.boston.com)


Geocities Redirection to herbal-land.com

April 20, 2007

Recently, herbal-land.com has benefited from a huge campaign to push their site through junk email and an array of free Geocities redirection. Many of you have received junk mail with links like these:

http://www.geocities.com/bovusanu
http://www.geocities.com/pukerixa
http://www.geocities.com/sitoraxa
http://www.geocities.com/xapypogi
http://geocities.com/dqdiynxtm18
http://geocities.com/dgpmvwpo5fu
http://www.geocities.com/lekydudo

These free geocities pages contain scripting that redirects your browser to softherbals.com which in turn redirects to herbal-land.com. Geocities provides free webspace but their policies strictly forbid redirection, spam and commercial use of Geocities.

We've supplied Yahoo/Geocities with a pile of data on this situation and it looks like all the redirects that pointed to these particular sites are gone.

While we don't have a built-in process that will drop the redirect destination sites into weekly reports, it is something we are planning on doing.

The script posted on the Geocities redirect sites were obfuscated and used a simple cipher to conceal the destination sites. Those interested in the details may read about the script here.


US State department rooted by 0-day Word attack

April 19, 2007

A virus attack aimed at US State Department computers last May penetrated government networks after a worker in Asia opened a contaminated email. The malware inside exploited an unpatched Microsoft Word vulnerability to spread. Some weeks later government investigators discovered multiple instances of infection, informed Microsoft, and cut off the State Department's internet connections throughout eastern Asia. The shut-off left US government offices in the region without net access in the tense weeks prior to missile tests by North Korea. The State Department brought the infection under control in early July. Microsoft issued a patch to protect against the attack on August 8, around ten weeks after the original attack. (theregister.co.uk)


Blackberry Outage a Mystery

April 18, 2007

The scary thing about the outage isn't just that the service was offline for 12-plus hours but that RIM still doesn't know what caused it. That means it could happen pretty much any time—and not just to BlackBerrys but to any wireless device like them. And BlackBerrys are supposed to be the reliable ones, historically known for their "rock solid" service, as PC World notes. (tech.yahoo.com)


Security crucial as intruders grow sophisticated

April 16, 2007

(CNN) -- Heath Thompson is vice president, product development for IBM Internet Security Systems. The 25-year computer industry veteran says security is going to be increasingly important since consumers are spending more of their lives online and intruders are growing more sophisticated. Here, he shares with CNN.com some of the key weapons in the security cyberwars. (cnn.com)


‘Mortgage fraud’: AG sues 19, alleges foreclosure scams

April 13, 2007

“These defendants, many of whom were professionals, preyed on vulnerable homeowners facing foreclosure to deceive them out of their home and life savings,” Coakley said in a press statement. “With the number of foreclosures increasing daily, this type of mortgage fraud is particularly troubling.” (bostonherald.com)

These complex operations use a number of methods to target victims including spam and junk faxes. More information on mortgage fraud (knujon.com)


"The system in my eyes is inviting criminals like myself to steal from the IRS, banks, et cetera,"

April 12, 2007

Soukas, 28, serving nearly eight years in prison for defrauding the government, banks and individuals of $1.1 million, said he was puzzled why the Internal Revenue Service doesn't require PIN numbers or use of a mother's maiden name when filing electronically or seeking information from IRS call centers. (amny.com)

US DoJ Fails To Stop Witness Testifying At Senate Tax Hearing, (tax-news.com)

ID theft a factor in tax filing (latimes.com)

IRS security problems open ID theft concerns (heraldnet.com)

Combating ID theft faces legislative hurdles (azcapitoltimes.com)

Don't Be Fooled By Common Tax Scams (wcbstv.com)

Putting too much trust in TurboTax (computerworld.com)


Libya Pinpointed as Source of Months-Long Satellite Jamming in 2006

April 11, 2007

Spam in space

An investigation into the months-long intentional jamming of mobile satellite communications provided by Thuraya Satellite Telecommunications of Abu Dhabi concluded that the jamming came from Libya, one of Thuraya’s shareholders, according to officials familiar with the episode. ...
Those doing the jamming were apparently concerned that smugglers carrying Marlboro cigarettes or other contraband from Chad or Niger into Libya were using Thuraya satellite phones. They wanted to disrupt their operations and thought this was a way to do it. (space.com)

This goes right to the serious questions of how global information moves and who gets to control it. That Libya was jamming an Arabian signal is one issue, the fact that Libya claims it happened because they were trying to disrupt smuggler's communications points to the complexity of the issue.


U.S. files piracy complaint against China

April 10, 2007

NEW YORK (CNNMoney.com) -- The United States filed two trade complaints against China on Tuesday at the World Trade Organization over piracy of American books, music, video and movies and limited market access for American products in China. (money.cnn.com)


Huge Fire Near Coldrain.net Shuts Power, Communications

April 9, 2007

Coldrain.net is having some bad luck. A massive building fire has destroyed power, cable and telephone lines for the entire town. The KnujOn process is running but we will have trouble getting mail until services are restored.

Fire ravages historic building (reformer.com)


Spammers Use Shocking Fake Headlines to Spread Viruses

April 8, 2007

It's not just naked pictures touted in email subjects anymore:

USA Just Have Started World War III
Missle Strike: The USA kills more then 10000 Iranian citizens
USA Missle Strike: Iran War just have started


.cd

April 6, 2007

The use of new and lesser-known Top-Level Domain Extensions(TLDs) is growing. Recently we have seen a surge in the use of .hk(Hong Kong) and in December we warned everyone about .mob (mobile). There is nothing inherently wrong with a diversity of extensions, but they are being used to trick people. The problem arises in the inconsistent restrictions on the TLDs. For example, .cz can only be used citizens of the Czech Republic, but their neighbors to the east, Poland, open access for .pl to people outside the country. In short, if you are dealing viewing a .cz site you know it is in the Czech Republic, but a .pl site could be anywhere. A favorite is .tv (Tuvala) has been used to imply that the site is related to "Television" and the tiny Island nation has made a steady profit off leasing its name.

The .cd TLD is showing up in spam and might trigger "compact disk" but actually refers to The Democratic Republic of the Congo(DRC), which is different from The Republic of the Congo (.cg), just to confuse further. The Democratic Republic of the Congo used to be Zaire. The DRC has been in perpetual state of upheaval and civil war since 1997. Countries like this are ripe pickings for fraud. Unstable nations are targets for money laundering and smuggling. The email user who falls for a phishing scam or buys contraband is oblivious to the forces behind the operations.

In other cases the TLD is not intentionally deceptive, but is not intuitive either. .ch is the TDL for Switzerland because little known is the real, full name of the country: Confoederatio Helvetica.

Recently, the proposal to use .xxx for all pornographic sites was rejected. On its face it sounds like a good idea to sectioned-off area for pornographic material. The .xxx could easily be blocked to protect view from minors, but the questions that follow are: what is to be deemed pornographic and who gets to decide that? There is obviously a wide range of opinions on this issue.


Honk Kong Phooey Spam Script Has Bugs But Passes Filters

April 5, 2007

Sometimes spammer's scripts have errors, and certainly many of you have seen the results of this. For example we and Rx junk email today with the following subject line: Doc % FROM_NAME. This is obviously a variable that was not populated or coded correctly. We've also seen attempts at URL obfuscation that result in links like: _RANDCHAR_rxjunk.com where the "_RANDCHAR_" was supposed to be some randomly generated character inserted into the link but failed. This email bypassed commercial filters, linked to optyfs.hk, a Hong Kong domain. Honk Kong is a recent refuge for junk domains.

You can send these to us at rx@coldrain.net.

More on RX Junk (knujon.com)


Absurd Dispute with Coldrain's ISP

April 4, 2007
Update:

Coldrain.net is back up. As far as we can tell this is a rough explanation of what happened:

-Knujon users with spamcop addresses submitted junkmail that was rejected(reason not yet known)
-The rejections when back to spamcop and since they contained spam they were treated as such and complaints were issued.

Just to be clear, we do not blame spamcop or our users for this. It is the service provider who did not properly communicate the problem to us. We are not sure yet if our access was cut off first, resulting in the spamcop bouncebacks, or if the complaints from spamcop caused the shutoff. As we said, the story seems to be changing.


As many of you know coldrain.net is down. It's not a DoS, we are in the middle of an absurd dispute with our provider that will, hopefully, be resolved soon. It is has in fact gone on much longer that it should have. Rest assured that the process continues.

The Knujon process does not require a constant connection to the Internet so problems like this are more of a nuisance than any real stoppage.

We understand that this is frustrating for those forwarding email but we do have an alternative in our upload interface at Knujon.com for those who cant wait.

Thank you all for your support.


Spam Costs $712 Per Employee Annually

April 3, 2007

A survey by Nucleus Research and KnowledgeStorm suggests that nine out of 10 e-mail users are frustrated with spam and one in 100 "appear to be at the breaking point." (informationweek.com)


Who else is talking about Knujon?

April 2, 2007

Knujon is definitely doing a great job in
eliminating the spammy websites.
(malayamaarutham.blogspot.com)


Hoax Emails Endure

March 30, 2007

Recently we received a forwarded email about ATM PIN reversal being used to call for help. The gist is that if someone is attempting to rob you while you are using your ATM card, entering your pin number in reverse order will allow you to conduct a transaction and silently alert authorities to your predicament. This is not true and can be very dangerous if believed. Imagine that someone with this knowledge is being forced by a criminal to access their bank account via an ATM. The victim enters their PIN number in reverse and the ATM machine eats the debit card. The outraged criminal will then probably react with violence. Hoaxes can kill folks.

More information (snopes.com)


Fake Microsoft Spam with possible exploit link passes filters

March 29, 2007

The following item bypassed email filters today:

It links to http://jpcommunications.net/images/IE7.0.exe and originated from the impossible IP of 938.650.72.25. Hidden text in the email has random passages in English, German and Dutch.


Breach of data at TJX is called the biggest ever
Stolen numbers put at 45.7 million

March 28, 2007

At least 45.7 million credit and debit card numbers were stolen by hackers who accessed the computer systems at the TJX Cos. at its headquarters in Framingham and in the United Kingdom over a period of several years, making it the biggest breach of personal data ever reported, according to security specialists. (boston.com)

TJX Breach Worse than Thought 2/22 (knujon.com)
More Details on TJX Security Breach 1/25 (knujon.com)
TJX Electronic Payment System Hacked 1/18 (knujon.com)


Rx Junk Passes Filters

March 28, 2007


Are you blocking and deleting prescription drug emails? If you are then you are helping the junk mailers and poison-pill pushers. The toll of these emails can be counted in money, health and lives way beyond the annoyance of junk mail. You can send these to us at rx@coldrain.net.

More on RX Junk (knujon.com)


How are stories like these related?

March 27, 2007

Subprime losses lead to drop in home ownership (money.cnn.com)

Smugglers toss hundreds of refugees to sharks (cnn.com)


And now for the good news...

March 15, 2007

It isn’t all gloom and doom in the world of e-fraud. Reporting has made a huge difference. The 15,000 plus shutdowns we recorded are all due to reporting. These are, in fact, the only ones we have documentation for. Activity at KnujOn has resulted in thousands of other actions and suspensions that can’t easily be measured.

In the last year and a half the U.S. Federal Communications Commission cited and fined over 125 companies for sending junk faxes. One company was fined $776,500, another $153,000 for sending unwanted faxes. The FCC processed and closed 85% of the fax complaints brought to them, that is a huge percentage. This only happened because citizens reported.

The U.S. Security and Exchange Commission suspended trading of 35 “penny” stocks related to stock spam. They have also identified a Russian/Baltic gang of stock frauds and frozen $3 million of their assets. The SEC posts a new prosecution or fine for market manipulation nearly every day of the week. These enforcement activities are based complaints submitted to them directly and through KnujOn or other services.

Reporting makes a difference; don’t believe that nothing can be done!


Yahoo!'s Geocities Flooded with Spam Redirection

March 14, 2007

One of our test mail boxes has shown an interesting trend. Junk mail displaying actual URLs has dropped to a tiny percentage. Many are using the image-only style or obfuscated URLs, but most are now using redirection through Geocities free pages to launch sites like "aplusherbals.com" which sell dubious male enhancers.

New Geocities sites are popping up faster than Yahoo! can shut them down, which would lead one to believe aplusherbals.com is using scripting or some kind of bot to generate them. We see the increased use of this tactic as progress by our service and others.


TJX faces scrutiny by FTC

March 13, 2007

The Federal Trade Commission said yesterday it is investigating TJX Cos. in connection with a major security breach at the Framingham retailer that potentially exposed millions of customers' credit and debit card data. (boston.com)


U.N.: Cybersquatting complaints on the rise

March 12, 2007

GENEVA, Switzerland (AP) -- The U.N. copyright agency saw a 25 percent increase in "cybersquatting" complaints last year. The World Intellectual Property Organization, which handles arbitration for more than half of the world's cybersquatting disputes each year, registered 1,823 complaints in 2006 alleging abusive registrations of trademarks as Internet domain names. (cnn.com)


The Coming Storm

March 9, 2007

We discuss and address email-borne Internet threats. They vary in type and source. We break them down, cite cases, conduct research, and review statistics to get a better picture of the problem. This is how problems are solved, by separating them into many smaller problems and learning about each one. Individual Internet threats are adding up to a sum that is a problem in and of itself. Our ability to address the threats is hindered and our efforts are met with severe resistance.

To give light to the dimensions of the "bigger" problem, first consider the viruses and DDoS attacks specifically targeted at anti-fraud services like CastleCops, SpamHaus and SpamCop. We all know that Blue Security suffered the same type of attack as well as government systems and Internet backbone machines.

The next item of concern was featured in daily briefing from the Department of Homeland Security on March 1: Cybercops drowning in data. In short there are not enough trained investigators, technical tools or digital forensic labs to handle the growing load of cases and evidence. This story is about the U.S. but it is the case around the world.

Thirdly, the simulated Cyber Storm attack on the United States was successful, meaning hackers were able to get in and damage the system. The test attack revealed vulnerabilities and is important to improving defenses and closing security holes, but we are behind the curve and the next simulation of this size is not scheduled until 2008.

Finally, Joel F. Brenner, head of U.S. Counterintelligence said that spies from hostile governments and terror groups "are eating our lunch." Meaning the U.S. is a target for many reasons and agents are stealing information with impunity.

My point is that we are just looking at the beginning of an expanding electronic threat that could come from criminals, rival governments, terrorists, or just people with a grudge. We need to step up our efforts and spread information because uneducated users and unprepared organizations are the weakest link this chain.


Information Crackdowns

March 7, 2007

France bans citizen journalists from reporting violence (news.yahoo.com)

Worried China bans new Internet cafes for a year (reuters.com)

Turkey Blocks YouTube (bitsofnews.com)


Spammers Ruin Another Internet Business

March 6, 2007

Months ago KnujOn reported that URL shortening services were ripe for abuse, now one site smallerurl.com has shut down its service because they cannot keep up with the abuse. The following is posted on their homepage:

Nothing Here
Due to abuse of our service, SmallerURL has chosen to shut our service down.

Recently, spammers have been abusing our URL redirection service in order to cloak their spamvertised websites. Despite our best efforts to thwart them, there were just too many spammers and too little time for us to track them all down.


There is no limit to the amount abuse, fraud and intimidation that can occur if we all do not take steps to report it when it happens.

Three New-ish Items That May Be Helping Spammers and Confusing Email Users (knujon.com)


Risky Homeloans Target Elderly, People with Bad Credit

March 5, 2007

Overdue mortgages linked to risky loans (boston.com)

Mortgage buyer Freddie Mac to apply stricter lending rules (mcall.com)

Most people toss the junk faxes and emails, but enough fall for them and lose their home in the process.


Stop & Shop keypad theft suspects to be charged federally

March 2, 2007

PROVIDENCE, R.I. - Four men suspected of replacing checkout lane keypads at Stop & Shop supermarkets to steal customers’ card numbers are being charged in federal court for the alleged scheme, prosecutors said Thursday. (bostonherald.com)

4 arrested in security breach at Stop & Shop (knujon.com)
Stop & Shop Customers Credit and Debit Cards Hijacked (knujon.com)


New computer virus attacks biz networks

March 1, 2007

NEW YORK (CNNMoney.com) -- Technology experts are warning about new strains of the insidious RINBOT computer virus that could potentially hijack network systems of businesses worldwide. (money.cnn.com)


Prosecutor: Athletes received illegal steroids in online ring

February 28, 2007

ORLANDO, Fla. (AP) -- Athletes were involved as customers of an illicit steroid distribution network that led authorities to raid two facilities and arrest four company officials, a New York prosecutor said. (sports.yahoo.com)


4 arrested in security breach at Stop & Shop; Men make plea deal in MySpace case

February 27, 2007

COVENTRY, R.I. --Four men from California are arrested in the thefts of account and personal information from at least two Rhode Island Stop and Shop stores. (boston.com)

Stop & Shop Customers Credit and Debit Cards Hijacked (knujon.com)

LOS ANGELES, California (AP) -- Two New York men accused of trying to extort $150,000 from MySpace.com by developing code that tracked visitors pleaded no contest Monday to illegal computer access in a bargain with the prosecution. (cnn.com)


Pile of Privacy Stories

February 26, 2007

States standup to cyberbullies (cnn.com)

Colleges Using Facebook, Myspace to Spy on Students (thephoenix.com)

VA Data Not Encrypted on Missing Drive (crm-daily.com)

Google Shuts Hole in Desktop Search (crm-daily.com)


Who else is talking about Knujon?

February 24, 2007

"Sick And Tired Of Repeated Spam, Forward All Your Spam to Knujon" (pcflank.com)


Second Week of DDoS Attack on CastleCops

February 23, 2007

The massive Denial of Service attack against CastleCops has gone into its second week. Internet criminals are using this tactic to silence one of their biggest critics and this should not go unchallenged. What you can do:
1. Become a premium member of CastleCops for $10
2. Donate some other amount of money to the site
3. Contact your ISP and encourage them to support a safer Internet by sponsoring CastleCops
4. Contact your bank and ask them to support CastleCops because they protect your bank's customers
5. Keep posting to the CastleCops forums, even if it is difficult

Submit donations via PayPal at paul@computercops.biz or by sending checks to:

CastleCops
PO Box 753
Wooster, OH 44691

Fraudsters Declare War on Anti-Scam Services -Brian Krebs (blog.washingtonpost.com/securityfix)
"We Will Not Be Silenced" (knujon.com)
Support CastleCops (knujon.com)


TJX Breach Worse than Thought

February 22, 2007

A recent security breach by a hacker at the TJX headquarters is larger and started earlier than originally thought. The theft may have begun in 2005 and includes driver's license numbers as well as credit card numbers. What is also interesting about this case is they way it is apparently being buried by the media. The story has been treated as business news only and not as general news that affects everyone.

TJX Cos. Inc. said yesterday that it now believes the breach of its computer system first occurred in July 2005, almost a year earlier than it previously thought, and that the extent of customer information that was compromised is broader than first feared. (bostonherald.com)

Another class-action lawsuit against TJX Cos. Inc. illuminates the struggles that customers have contended with since their credit and personal information was stolen when hackers breached the retailer’s computer system. (bostonherald.com)

NEW YORK (Reuters) - Massachusetts lawmakers are about to consider a bill that would require retailers to pay for losses when hackers and thieves breach their security systems to steal consumers' credit card and other financial information, the Wall Street Journal reported on Thursday. (boston.com)

More Details on TJX Security Breach (knujon.com)
TJX Electronic Payment System Hacked (knujon.com)

Stop & Shop Customers Credit and Debit Cards Hijacked (knujon.com)
A Chronology of Data Breaches Since the ChoicePoint Incident (knujon.com)


"We will not be silenced!"

February 21, 2007

"We Will Not Be Silenced" (CastleCops.com), follow the current DDoS saga.

Today: a 933Mb/s spike DDoS
Yesterday: almost full 1Gb/s attack against CastleCops

What you can do:
A. Become a premium member of CastleCops for $10
B. Donate some other amount of money to the site
C. Contact your ISP and encourage them to support a safer Internet by sponsoring CastleCops
D. Contact your bank and ask them to support CastleCops because they protect your bank's customers


Fake Fax from "CHASE" Bypasses Email Filters

February 20, 2007

Another phishing attempt not blocked by commercial filters. This one via fax and forwarded by desktop faxing software.


Support CastleCops

February 19, 2007

CastleCops is in the middle of dealing with a DDoS attack. It is not the first time, but it is certainly the biggest so far. This is a similar tactic used in the demise of BlueFrog last year and in a recent attempt to bring down the Internet itself (see news 02.08.07). This is a serious issue as it represents an escalation of cyber criminals to disrupt and intimidate the those who fight against electronic fraud. This is in effect cyber-terrorism. For those who do not know, CastleCops vigorously fights Phishing or attempts to steal customer information and break into bank accounts with its PIRT or "fried phish" service. CastleCops has been very effective in dealing with Phishing attempts which is why they are being attacked. Imagine if criminals started shooting cops and blowing up police stations because the police had arrested some bank robbers, this is exactly what is going on at the digital level.

This graph shows the extreme level of this DDoS attack on CastleCops:


In order to protect themselves better, CastleCops needs more bandwidth and a larger infrastructure. They need industry-level support and corporate sponsorship to keep going. You may submit donations via PayPal at paul@computercops.biz or by sending checks to:

CastleCops
PO Box 753
Wooster, OH 44691

Internet backbone at center of suspected attack (news.zdnet.com)
Massive DDoS attack KOs CastleCops (blogs.zdnet.com)
In Praise of Phish Fighters (blog.washingtonpost.com)
CastleCops under DDoS attack (first.org)
CastleCops under DDoS attack (infoworld.com)
FBI Seeks Info on Saad Echouafni (news.html#110106)
Sweden's National Police Website Shutdown by DoS Attack (news2006.html#060206)
What is a DDoS? (searchsecurity.techtarget.com)
About Botnets (knujon.com)


Stop & Shop Customers Credit and Debit Cards Hijacked

February 19, 2007

American grocery chain Stop & Shop announced that hackers broke into store card readers to lift customer information. The intrusions seem to have been focused in Rohde Island, specifically at stores in Coventry, Cranston, Seekonk, Bristol, Providence, and Warwick. Obviously this is big operation. Some customers have reported that their data has already been misused.

SEEKONK -- With help from US Secret Service agents, Stop & Shop Supermarket Cos. executives scrambled yesterday to determine how many consumers may have had their credit and debit card data stolen by high-tech thieves who apparently broke into checkout-line card readers and planted the equivalent of bugs to steal information. (boston.com)

PROVIDENCE, R.I. - Stop & Shop said Saturday that thieves stole account and personal identification numbers from customers’ credit and debit cards at two Rhode Island locations by tampering with checkout-lane keypads. (bostonherald.com)


BluRay Security Already Broken

February 17, 2007

About a month ago, a hacker which goes by the name of Muslix64 claimed on a forum that his "saga" of breaking the AACS protection (considered unbreakable) only lasted 8 days, instead of the four weeks initially programmed. (playfuls.com)

What is BluRay? (blu-ray.com)


Who else is talking about Knujon?

February 16, 2007

"...which is why I'm a big advocate for Knujon (by reporting spam emails I've managed to get over 400 sites shut down since last summer) " (livejournal.com)


CastleCops Under DoS Attack(again)

February 15, 2007

CastleCops under DDoS attack(infoworld.com)

So, because CastleCops tries to prevent criminals from breaking into bank accounts and stealing your money, the criminals respond by attempting to bring the site down. If you want to live in a world where the Internet is controlled by criminals, look the other way.


Reports Issued Tonight

February 14, 2007

All current KnujOn members should now have a private reporting address. Please start using it.


The Problems With Header Tracing

February 13, 2007

There was a time when tracing the headers in an email message could give you a clue as to who really sent the email. Those days are coming to an end. There are several problems with header tracing:

1. Email Users Overwhelmed

Even though SpamCop has made titanic efforts to track and shutdown the sending IPs of junk mail, the ordinary user does not have the knowledge or wherewithal to constantly participate. Folks who take the time to expand and report headers are dedicated to the cause, but most people have bought into the flawed idea of filtering and deleting junk mail.

Why Content Blocking Does Not Work

2. Botnets Are a Growing Threat

The number and size of botnets is growing, making sending IP reporting less effective. Following the path an email has traveled will only lead you to a victim's PC. Not only that, it is a crap-shoot when it comes to ISP response.

About Botnets
Internet guru warns of botnet pandemic
Net pioneer predicts overwhelming botnet surge

3. Spammers Use Forged Headers for Denial

Everyone knows spam headers are forged, right? This is exactly what the spammers want you to believe. When we track down spammers and contact them, we get the garbage line: “We didn’t send it, look at the headers!” The spammers are using it to create an umbrella of deniability and we are playing their game by tracing headers.

Deny, deny, deny

Let me be clear, we are not diminishing the efforts of people who trace and report headers. Keep doing it. We are saying it is not the whole solution, just part of it. The botnets need to be shut down and tracing the headers is a weapon. For fighting e-fraud, Knujon is using a more diverse set of options, of which header tracing is a part.

Independent System Operator Task Force(isotf.org)


FBI loses laptops with classified information

February 12, 2007

WASHINGTON (CNN) -- The FBI lost at least 10 laptop computers containing classified information during a four-year period ending in 2005, the Justice Department's inspector general has found.(cnn.com)


New Botnet Page

February 10, 2007

We have provided a page for information on botnets.


Who else is talking about Knujon?

February 9, 2007

"...the power of Knujon has my Spam down to 1-5 emails a day! " (wilderssecurity.com)


Hackers briefly hit at key computers

February 8, 2007

Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002. Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet's most vital pipelines. (chinapost.com.tw)

Hackers Launch Massive Attack on Internet DNS (technewsworld.com)

Hackers Take Swipe At The Net (kwtx.com)


Massive Child Porn Ring Uncovered by Austrian Police

February 7, 2007

VIENNA, Austria (AP) -- Austrian authorities said Wednesday they have uncovered a major international child pornography ring involving more than 2,360 suspects from 77 countries, including hundreds in the United States, who paid to view videos depicting young children being sexually abused. (cnn.com)


Kids Exposed to Online Porn; Gorbachev seeks mercy for software pirate

February 6, 2007

CHICAGO, Illinois (AP) -- More children and teens are being exposed to online pornography, mostly by accidentally viewing sexually explicit Web sites while surfing the Internet, researchers say. (cnn.com)

MOSCOW, Russia (Reuters) -- Former Soviet leader Mikhail Gorbachev on Monday asked Microsoft co-founder Bill Gates to intercede on behalf of a Russian teacher accused of using pirated software in his classroom. (cnn.com)


Dutch spammer sent 9 billion emails

February 5, 2007

A spammer whom authorities say emailed more than 9 billion unwanted advertisements for products like erection pills faces a hefty fine: If he needs headache medication or debt relief there's probably an unsolicited ad in his own inbox. (smh.com.au)


KnujOn tegen Spam!

3 Februar 2007

Wer wir sind: KnujOn ist eine vielschichtige Loesung, die Drohungen aus dem Internet entgegenwirkt, besonders Email-Drohungen. Unser Erfolg haengt von der engen Zusammenarbeit zwischen Geschaeftsleuten, der Regierung, des Rechts-und Sicherheitsschutzes, den Verbrauchern und der einfachen Bevoelkerung ab. Knujon ist ein Treffpunkt fuer alle Gruppen, die das Internet sicher machen moechten. Dieses vielfaeltige Werkzeug gegen E-Betrug hat Junk-mail an verschiedene Anwender und im Internet ueberhaupt bedeutend reduziert. Die recht baldige Anwendung von Knujon wird Spam, Phishing, Pharming und andere unerwuenschte Mails schnell zu einem alten Problem werden lassen.

KnujOn untersucht jede Art von Junk-mail und wendet dabei grundlegende Policy Enforcement Regeln an. Diese decken jegliche Art von Betrug, falscher Darstellung, und Junk-Email spezifischen Missbrauch auf. Durch diesen Prozess schliessen wir websites, wir spueren elktronischen Betrug auf und gehen ihm bis zur Quelle nach.


Spam "Queen" Nailed

February 2, 2007

A notorious online advertiser nicknamed "the Queen of Spam" has been caught by police. The spammer was notorious with Internet users for sending trillions of unsolicited email advertisements under the bogus name "Kim Ha-na" in 2003 and 2004. The ads promoted financial services or pornographic websites. The "queen" turned out to be a 21-year-old man named Park who lived in Daegu. (chosun.com)


AT&T and Citibank Continue to "Phish" Customers

February 1, 2007

AT&T Universal card/Citibank are still sending out emails that "look like" phishing attempts.


Just like a phishing attempt they conceal the true destination of a link with a "fake" full URL. Email users have a hard enough time figuring out what is real and what is not on the Internet without being further confused by real credit card companies.



We have contacted Citbank for a comment on this and will post it as soon as we get a response.


"Guerrilla Marketing" Causes Mass Panic

January 31, 2007

It's like spam you can touch(if it doesn't explode)

BOSTON, Massachusetts (CNN) -- Authorities arrested a man in connection with electronic light boards depicting a middle-finger-waving moon man that triggered repeated bomb scares around Boston on Wednesday and prompted the closure of bridges and a stretch of the Charles River. (cnn.com)


Who else is talking about Knujon?

January 30, 2007

"An up to 80% reduction in the Spam you receive is not to be sneezed at..." (systemshock.co.za)


UNC congratulates 2,700 prospective freshmen in error

January 29, 2007

CHAPEL HILL, North Carolina (AP) -- An admissions department e-mail sent from the University of North Carolina at Chapel Hill congratulated 2,700 prospective freshmen this week on their acceptance to the school. (cnn.com)

This raises some very interesting questions. Since these emails were basically the same as other email scams, in that they announced some benefit or offer to an individual that wasn't true, they would appear as spam. However, they came from the real authority, even if in error. Also, this is a "mass emailing", something we're all told to be wary of. On its surface something like this is spam, but it is not unsolicited because the students applied to the school. Yet another example of how the current model for stopping junk mail has failed. content blocking alone will not solve the problem.


TJX cyberfraud spreads: Bank of America reissuing cards

January 27, 2007

Bank of America, the nation’s largest retail bank, said yesterday it’s reissuing credit cards to customers hit with fraudulent charges tied to the cybertheft of data from TJX Cos. (bostonherald.com)


ID Theft Ring Busted in Attempt to "Steal Houses"

January 26, 2007

Bid to swindle ex-nun thwarted: Three nabbed in home scam (bostonherald.com)

Case ‘closed’ after sting op (bostonherald.com)

Sophisticated scheme unraveled (bostonherald.com)

More on Mortgage/Refi Scams


More Details on TJX Security Breach

January 25, 2007

A week ago, TJX Cos., the Framingham retailer that runs T.J. Maxx, Marshalls, and other stores, disclosed a security breach that exposed millions of customer credit and debit card numbers. (boston.com)


China official vows to 'purify' Web

January 24, 2007

SBEIJING, China (Reuters) -- Chinese Communist Party chief Hu Jintao has vowed to "purify" the Internet, state media reported on Wednesday, describing a top-level meeting that discussed ways to master the country's sprawling, unruly online population. (cnn.com)

The article mentions nothing about spammers or software piracy in China, just a crackdown on free speech.


More Bad Spam News Confirms KnujOn Thesis

January 23, 2007

SPAM IS BACK, AND WORSE THAN EVER (redtape.msnbc.com)

Submitted by KnujOn member


Phisher Faces 101 Years of Prison Time

January 22, 2007

The jury found phisher Jeffrey Brett Goodin guilty not only of infringement of the Can-Spam Act, but also of 10 other counts, including misuse of AOL's trademark, witness harassment, failure to appear in court, wire fraud, and aiding and abetting the unauthorized use of credit cards. Sentencing for Goodin's convictions will be handed down on June 11, with the maximum jail time topping out at 101 years in federal prison. (newsfactor.com)

Submitted by KnujOn member


Additional Submission Options

January 19, 2007

The how to send page has been updated to include additional MailWasher-SpamCop options, script-based Gmail forwarding, and Mr. Postman for webmail/Outlook integration. These options join methods already available like our bulk file upload and the Thunderbird extension. Most of these options are due to the dedication and innovation of our KnujOn members. Thank you all for continuing to work against the rising tide of electronic fraud.


TJX Electronic Payment System Hacked

January 18, 2007

FRAMINGHAM, Massachusetts (AP) -- TJX Cos., operator of T.J. Maxx and Marshalls discount stores, said Wednesday its computer systems were hacked late last year and customer data has been stolen. (cnn.com)


MySpace Hit With Online Predator Suits

January 17, 2007

NEW YORK (AP) -- Four families have sued News Corp. and its MySpace social-networking site after their underage daughters were sexually abused by adults they met on the site, lawyers for the families said Thursday. (ap.org)


Addition Bug in Reports Corrected

January 16, 2007

There was an addition error for statistics in the reports. It was corrected in the last batch.


Who else is talking about Knujon?

January 15, 2007

"With over 14 thousand spam sites taken down, KnujOn gets my vote." (igotspam.com)


Who else is talking about Knujon?

January 12, 2007

Knujon looks like a bold attempt to take spam control from the technical to the social dimension (serendipity.ruwenzori.net)


"Captain Midnight" and "Max Headroom"

January 11, 2007

Long before the days of a publicly available Internet, there was cable and satellite TV. And, yes there were hackers.



Remember, Remember the 22nd of November(1987) (damninteresting.com)
Max Headroom Pirating Incident (wikipedia.org)
Captain Midnight (HBO) (wikipedia.org)


Most Illegible Stock Junk Yet

January 10, 2007



Learn more about Stock Spam


So, You Want to Know About BotNets and Zombies?

January 9, 2007

These articles were provided by a CastleCops poster and Knujon user

In case you were wondering where all the junk mail comes from. Well, it could be coming from your own computer.

What Is A Bot? (netsecurity.about.com)
Is your computer part of a criminal network? (theglobeandmail.com)
Are hackers using your PC to spew spam and steal? (usatoday.com)
What good are 1,000 remote-controlled PCs? (cnet.com)
Is your computer a “zombie”? You could lose your email access if it is! (crt.net.au)
THE CASE OF THE “ZOMBIE KING” (fbi.gov)
Quicky Analysis of a Proxy/Zombie Network (lowkeysoft.com)

For home users we always recommend:

  1. Shutting off your DSL/Cable Modem when not in use
  2. Recycling your modem regularly, this means powering it down or unplugging it to refresh the IP
  3. Keeping OS security updates current
  4. Running updated virus scans after Internet use


PayPal Spoof Passes Filters

January 8, 2007

This may look like a pathetic spoof, but it bypassed commercial filters.


Your account was accessed by a foreign IP.
The IP has been banned from our site but now u must confirm that you are the account owner
by enter the following link and complete with your account username and password.
To get started, please click 
http://faxserver2.net:100/update/webscr.php

The PayPal Staff 


More Illegible Stock Spam

January 7, 2007



Learn more about Stock Spam


Who else is talking about Knujon?

January 6, 2007

"I find the use of Spamcop and the Knujon project does seem to signficantly cut the amount of spam I am receving" (emaildiscussions.com)


New Stock Spam Becoming Unreadable

January 5, 2007

In what we consider to be further progress against e-fraud, recent stock spam examples are becoming harder and harder to read. They have to resort to this to avoid detection and reporting, which completely defeats the purpose of the spam. Keep up the good work everyone!





Learn more about Stock Spam


53.com Under Seige

January 4, 2007

Knujon has received thousands of phishing attempts against Fifth Third Bank in recent months and we are aggressively reporting all of them. Below is an example:

You can forward these attempts to us and 53investigation@security.53.com

Learn more about Phishing


Who else is talking about Knujon?

January 3, 2007

"...an effective solution against spam. i can recommend it." (okopipi.org)


Happy New Year

January 2, 2007

We have been working very hard in the last two weeks to push out over 5000 new pending suspensions. This is all due to your participation. We have also made many changes to our internal process that will speed things up a bit.
The report format has changed! You should note that totals are now at that top of the report. We apologize if this causes issues for folks who customized their reports with a script. You will also note that some sites in the list are color-coded. This color indicates that the site is part of a large junk-mail network. This color-coding system will become more important in the future, and as time goes by more will be color-coded as we identify more groups. In some cases we may provide additional information on these groups.
Knujon has many plans and new directions for 2007, stay tuned!


News from 2006 has been archived.

News from 2005 has been archived.

Privacy Policy and Mission Statement
All Content at Knujon.com Copyrighted by KnujOn, LLC.
KnujOn and Coldrain are not responsible for content at external sites