Security: September 2007 Archives
Okay, actually they already have one, but it's an expanding business, I'm sure they'll want more.
The following message (quoted in part) showed up in my mailbox today.
- Received line is in a DNSBL list.
- IP address is in Russia (which I might or might not have been blocking)
- Direct to MX (message left their mail server directly, no initial mail application).
- Message passed through two countries to get to me (Russia and France)
- Sender domain doesn't match the IPs (combined with #3 that gives us extra bad points)
- Hosts in SMTP From, From:, Return-Path and Message-ID from and message-id don't match received headers (extra points)
- and so on...
| Hello, I am writing to inquire if you might be interested in part-time employment in the field of accounting/clerical services. | We'd like you to handle some money for us. |
| Elbrus Financial, Co., a major Russian investment bank and asset management company, | Organized crime syndicate. |
| is looking for chargeable and determined individuals | I particularly like the “chargeable” part. That's not what they meant, but it is probably accurate both financially and legally. |
| to fill the specialist and associate positions within the Receivables department of our Transactions/Finance group in the United States. As a specialist or associate, you will be in charge of monitoring and processing funds transfers initiated by our US clients and reporting to the Receivables department manager in Russia. | People will send you money, and you'll send it to us. |
| We are looking for numerate individuals | I had to look that “numerate” up, but they got it right. Then again, they probably looked it up too. |
| who are also capable team-players, | Who won't cheat us. |
| preferably with some college education and/or previous accounting/clerical experience. | So we can butter you up by telling you that you can have the job even though you are underqualified. |
| ... Our mission is to provide investors with reduced emerging market risk and superior returns through broad diversification and conscious risk-taking. | You'll be taking the risks, of course. |
| To learn more about our company, please visit us online at www.Elbrus.com | We've got a .com domain, so we must be real. Let's see, they say they are based in Russia, their mail also says they have offices in Lithuania and Cyprus. The domain is registered in Israel, the domain servers are in the US, and a DNS lookup of the web site shows that it is currently (these things tend to move around every hour or so) hosted on someone's PC via a Comcast Cable connection in Chelmsford, Massachusetts (US). |
|
...[Extensive detail on how you'll manage incoming email and money transfers, and what cut you'll get.]...
You will never be required to cash a check, make a remittance before the funds are cleared into your account or engage in any other financially risky activity. ... It should also be understood that being a foreign entity, Elbrus is not subject to the US IRS supervision. You will be the sole person liable for reporting the commissions that you receive as your personal or business income. | You just make good with the IRS and you'll be fine... (of course, we won't mention federal statutes about transferring money in and out of the country, not to mention money laundering laws). |
| You can apply for the position online at: http://elbrusfinancial.com/?menu=par Please note that only applicants under serious consideration will be contacted. Please use the following vacancy code: EL-SEP07. |
Look, we have two domains. We must be real! This one is actually registered in Russia. DNS in the US. Web site hosted on half a dozen cable modems. |
Haven't you always wanted to join the Russian Mafia? Go for it! :-)
P.S. It occurs to me that I ought to expand on this for people who don't know what's really going on here. It's really quite simple. In order to run scams selling non-existant, stolen, or counterfeit goods, you need to have a U.S. address that will receive the money--otherwise it sets off everyone's fraud alarms. So they are looking for people who will receive the money and then forward it on to them. That's generally called Money Laundering.
There's also an equivalent come-on for people to handle receiving goods bought with stolen credit cards. In those cases they want people who will receive packages and then forward them out of the country. That's usually referred to as Receiving Stolen Goods.
P.P.S. There's another scam running that this is even more likely to refer to. It relies on the fact that American banks will credit checks before they have entirely cleared. You're sent a check and asked to deposit it. You then transfer 90% of the money offshore. A few weeks later, the check is discovered to be a forgery and you owe the entire amount to the bank. (See Spam-scam crackdown nets $2 billion in fake checks).
Technorati Tags: commerce, crime, email, phishing, scamming, social, spam, technology
First of all, I'll give him a bit of slack. I assume he didn't really mean to sound quite so silly and simplistic. More likely he wants search engines to not list certain types of site content--just as they currently warn about potentially dangerous content.
However, even after removing the silly-season flavor of the quotation... it just doesn't work. In the first place, what's special about the internet? Are we going to censor libraries as well? Restrict access to certain types of biological and chemical information? Require a security clearance to get a degree in physics?
In the second place, has he for a single moment paid any attention to what happens anytime someone tries to censor anything else on the internet, whether it be a video on YouTube, or the key to a DVD encryption scheme? It instantly turns into a game. Your secret information gets published on thousands of sites. It's duplicated through the DNS system. It shows up on t-shirts. And the more you fight it, the more publicity it gets, and soon everyone's grandmother has heard about it and is searching for it online. It's not just that global internet censorship doesn't work--it's that it invariably makes things worse!
And finally of course. None of this keeps the â€bad guys“ from getting the information. No matter how hard you try, the information is out there. Just as DRM gets in the way of normal users, but does nothing to stop professional theives--internet censorship makes life hard for legitimate access, and yet fails to keep the information out of the hands of criminals.
Technorati Tags: government, news, politics, technology, security, society
I wrote this piece in 2005. I was spending a lot of time on the plane, and I had been reading Geoffrey R. Stone's “Perilous Times - Free Speech in Wartime†and Howard Zinn's “A People's History of the United Statesâ€. Then I saw Chris Chandler perform at the Falcon Ridge Folk Festival. He does an amazing show where he talks and the music backs him up, moving from song to song. In particular, listen to “There is something in the air - but it's not on the airwaves†(although I liked the live version better).
So when I got to music camp (the one week a year when I'm usually offline, offgrid and offwork), I got inspired. By midweek I'd dropped all my classes (except for Peggy Lynn's SongWriting class, which I kept visiting for advice and encouragement) and was camped out on the dining hall porch with my laptop and several books--frantically trying to narrow down the scope of the piece. By Friday morning (day of the “talent†show) I had it down to fifteen minutes (still way too long), but I had no music. So I enlisted Beth Lawton, a Meadowlark Music Camp student who does a lot of historical reenactment music, to help me out. She and others helped me pick out the background music and which verses we would do. And somewhere in there I roped her, her partner, and Sheldon Campbell into performing them for me.
By dinner time I had the piece down to ten minutes and that was all I had time to do (the Friday capture-the-flag game after dinner is too much of a tradition to miss). None of the performers had heard more than a few bits and pieces of the performance, and I'd just scribbled down some queues for when they should start playing each song. We had no time to arrange for playing background throughout the piece, which I would have liked. A few hours later-hot, sweaty, out of breath, sore (capture-the-flag), and smelling of lobster (dinner)-we put it on.
All things considered, it went pretty well. It was certainly the longest performance anyone had done at the talent show, and the first using a laptop (I had not had time to memorize the words), but it went over well. A number of people suggested I should do a video-which would be very cool if I ever had the time....
The sad thing is that in 2005, the number of examples I had for misbehavior of the Bush administration were fairly limited. I certainly believed there were more, but there hadn't been a lot of details of specific misbehavior, just bad words and suppression of speech. Torture, illegal wiretaps, indefinite incarceration of citizens-that all came later. If I were to write the piece now, the ending would be far nastier. Sigh.
In any case, here it is.
- Kee Hinckley - spoken words, vocals
- Sheldon Campbell - guitar, vocals
- Beth Lawton - guitar, vocals, music selection
- Kevin Hagen - banjo, vocals, music selection
- Meadowlark attendees - chorus
- Chris Chandler - inspiration
- Peggy Lynn and the Meadowlark Song Writing class - encouragement and support
Most of the information and quotations come from two sources. Geoffrey R. Stone's “Perilous Times - Free Speech in Wartime†and Howard Zinn's “A People's History of the United Statesâ€. See the lyrics for more details.
Note: The quotation attributed to Benjamin Franklin at the end of the piece, though commonly presented as such on the internet, is in fact incorrect. He may or may not have written it, and it probably reflects his views. However a more correct statement would be “As published by Benjamin Franklin.†And the correct text is: “Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.†See “Franklin Quoted by Minsky†for details.
13MB MP3 Download
Lyrics after the break.
Technorati Tags: congress, folk, government, history, iraq, military, music, news, politics, privacy, revolution, security, society
