Internet Defense Technologies

It is true, those who send out spam do NOT proofread their messages (of course no one really thought they did, right?).

I have seen a lot of twitter mentions for email spam which says: “It has been a long time since we did not meet!” (this is a link to the twitter search for this if you are interested in seeing who).

Since we all know spammers aren’t exactly the upper crust of the world it doesn’t really surprise any of us to know they can’t really write.

However somehow they keep going and keep sending stuff. How and why? I have written several articles which you can find to the right under “Quick List of Interesting Posts” that will hopefully help answer some of these questions.

Of course, as always, my recommendation is to just get a good spam filter (like ours - you knew that was coming) so you don’t even have to worry about it.

Saw this email, I have seen many emails where they use the current news to try and get to you.

Unless you are actually a personal friend of these famous people, anything you get “from” them is spam. Just like this one:

Dearest One,

Please permit me this opportunity to introduce myself. I am Senator Jewel Howard Taylor ex-wife of the former president of Liberia Mr. Charles Taylor who was forced out of power by the Bush administration.

Since my divorce from my former husband I decided not to remarry again nor have a child outside my matrimonial home as such I had to contest for the Senate seat in my province which I won overwhelmingly.

When my ex-husband was still in power he deposited a substantial sum of money in my name with a financial institution in Europe . This fund is not known to anyone else but me and has remained unclaimed for years but issues which are coming up now in my Country Liberia has forced me to make this decision for the sake of my children now that my ex-husband is being tried before the War Crimes Tribunal in The Hague.

This is the main reason why I had to contact you to assist me in receiving these funds and invest for my Children’s future in your Country, it is very likely that my life is not safe, due to my position, in that case, I’m willing to entrust you with the responsibility regarding this said transaction, in short I want you to be my associate partner so that this fund would be transferred to you for our mutual benefit.

To enable you to meet up with all the necessary documentations/requirement demanded by the financial institution, all necessary legal procedures will surely be rightly put in place so that claim can be made by you (the next of kin in which I’m transferring to you) or whosoever chosen by me to stand as associate co beneficiary.

I’ve decided that I will use part of this money to create a foundation in my Country through your able assistance as I need a trust worthy person to stand as a co-beneficiary also as a trustee to claim these funds from the financial institution you will also be expected to open a foundation in my name to help the less privileged in the society such like orphanages, old people’s home and widowers. The Bible made us to understand that “Blessed is the hand that giveth”.

This is why I am taking this decision and as soon as I receive your acceptance letter to assist me in this my proposal, I shall give you or release all the full contacts of the financial institution and appoint you the co-beneficiary and issue a Power Of Attorney to you to act on my behalf through the assistance of my friend in the UK who is a lawyer there and will also draw out an understanding Agreement to protect your interest in this.

My happiness is that I lived a life of a worthy Christian. Whoever that wants to serve the lord must serve him in spirit and truth. As my spirit chooses you, I do hope that you will accept this offer with good faith and leave the rest for God to do for us.

Please assure me in your reply that you will act accordingly so that I can inform my lawyer about it and so proceed with the necessary documentation in your favor.

Yours Ever Willing,

Jewel Howard Taylor.

Please respond to my private e-mail below:

jewelhtaylor2009@hotmail.com

Some really fun and good articles to read:

Computerworld article - Top 10 spam-friendly registrars named and shamed

Computerworld article - Undercover: The Company that Did Everything Wrong

Salt Lake Tirbune - Nigerian web scam bilked Utah out of $2.5M

Blog post by Ron Edison, Founder and CTO of Internet Defense Technology

So, there I was in the middle of my hectic work day when I saw it…. a piece of spam so well put together that I actually did a double take.

And in my day I have dealt with millions of pieces of spam…

This message looked incredibly legit. I knew it was spam from the moment I saw it but it looked so legit that it caught my interest.

It was allegedly from paypal, it had the paypal logo, was written in good English, warned the user never to give out their password, a link to the paypal security policy (which really did link to the real one), etc.

Furthermore I do have a paypal account and this thing was worded just like other emails I’ve gotten from them.

Of course it requested that the user “click here to activate your account” and such things — a dead giveaway to those of us who have acquired that net savvy and a nose for a scam, but pretty convincing to enough Internet users to make sending such things profitable.

Examining the message, it was, interestingly enough from “service@paypal.net” very close to “service@paypal.com” a real paypal address, but again, something many Internet users would miss.

Out of curiosity, I downloaded the message using Mozilla Thunderbird, both the most recent stable version and the new upcoming development version. Thunderbird is generally good at warning users away from scams but here it only warned about blocking remote images, something that is pretty common on legitimate mail as well.

Overall, this was a masterful piece of spam that was an admirable (if I might use the word here) phishing attempt.

The link to “activate one’s account” was obviously not going to paypal but some other domain entirely, but again, not something many would notice and on some clients such as Blackberrys with HTML email enabled, not visible without switching to plain text mode.

Bottom line is that spammers and identity thieves have gotten increasingly sophisticated and today’s Internet demands security measures unheard of a decade ago.

Not often pointed out is how extensive one’s security measures must be to operate computing devices with Internet access safely in this day and age. Many fall short.

With a multitude of vendors crying out their wares, few simple solutions exist.

At Internet Defense Technologies, we keep some of our email accounts intentionally unfiltered so we can keep an eye on the latest, and so here it is.

Really complicated security measures don’t hold up because they inhibit users, are difficult to use, etc. Users themselves will defeat onerous security measures — from the classic sticky tab with a scrawled password commonly found in the corporate environment with a very strict password change and complexity policy to simply not using a work email account because one can’t depend on email to arrive and make it through the gauntlet of the spam filter and antivirus layers erected by the IT department.

Total Mail Defense was created with the idea of simple and effective email security that doesn’t inhibit the use of one’s email. A single false positive sometimes can overshadow the value of an entire email security system, since, if the users can’t get their email, the whole point has been missed.

All too often the simple idea that email, to be useful must be delivered — as fast as possible and the security has to be transparent and simple to use for any user.

Evey now and then someone forwards me bacon (email that isn’t totally relevant and is from a person I know or someone I did originally sign-up for). I am sharing this because it was very funny (there is blog spam, so is this blog bacon):

DAD AT THE MALL

I took my dad to the mall the other day to buy some new shoes, (he is 92). We decided to grab a bite at the food court. I noticed he was watching a teenager sitting next to him. The teenager had spiked hair in all different colors: green, red, orange, and blue. My dad kept staring at him. The teenager would look and find him staring every time.

When the teenager had had enough, he sarcastically asked, “What’s the matter, old man? Never done anything wild in your life?”

Knowing my Dad, I quickly swallowed my food so that I would not choke on his response, knowing he would have a good one, and in classic style he did not bat an eye in his response.

“Got drunk once and had sex with a peacock. I was just wondering if you were my son.”