CastleCops.com Hit With Reputation-Based Attacks 79
An anonymous reader writes "The all-volunteer based online fraud fighting group CastleCops.com is currently the target of ongoing reputation-based attacks in which criminals use phished PayPal accounts to donate thousands of dollars to CastleCops from dozens of victims. This attack appears to be in response to a recent series of failed denial-of-service attacks against the CastleCops, Web site. From the story: 'A few donations were for as little as $1, while other fake donations ranged as high as $2,800. To the victims of the stolen PayPal accounts, it looks as if CastleCops is the one stealing their money, when in reality, it's the attackers. Also, the fraudulent activity seeks to ruin their relationship with PayPal.' In a comment left on Washingtonpost.com's Security Fix blog, CastleCops co-founder Paul Laudanksi says while the group's site remains under a heavy DDoS attack, it is currently down due to a hardware failure, not the attack itself."
What's wrong with people? (Score:4, Insightful)
And while they're at it, they could stop sporging sci.crypt and other groups. That'd be nice.
Not until a law is passed. (Score:3, Insightful)
The ISP's are NOT going to spend the money UNLESS they're facing larger fines if they do not do so.
Not to mention that the ISP's usually don't hire the best and brightest out there. I don't believe they could tell the difference between the slashdot effect and a DDoS. How many of the people here would be happy to find out that their they've been cut off because their machines were participating in a "DDoS" of some website? When all they were doing is hitting a site with a story with HUGE graphics?
Re:What's wrong with people? (Score:3, Insightful)
I'm sure they sleep fine already. On a nice comfy expensive bed.
Re:Hobby or business? (Score:5, Insightful)
While you were sleeping (Score:3, Insightful)
Re:Hobby or business? (Score:2, Insightful)
In that regard they are treating it exactly like a business, maximum profit for least work. Not a good business, but a profitable one none the less.
However the GP said that castlecops was the one treating it not like a business. Still not sure what he meant.
No one questioned paypal's buffoonery
Re:It's ironic... (Score:5, Insightful)
Agreed -- to a point. Phishing is like the Internet equivalent of mugging, in that your money is taken involuntarily, but the fact is, you click the link that enables the phisher to get your cash. People have to be accountable for their own actions. I would give them full refunds, but then if I was PayPal I would flag their accounts and scrutinize every transaction from there on out for at least a year to make sure they didn't repeat the mistake. Maybe after their payments continue to be delayed by the extra processing, the users will think twice before clicking any link. And if they don't, and get bagged again, automatically shut down their account.
Re:Modern-day Joe Job (Score:4, Insightful)
Which just goes to show what psychologists have known for years: the mob is fickle and easily incited. All you have to do is chant "child porn" and point a finger and the dogs are all over you. What hurts with something like that is that information on the Internet has permanence unlike anything else, which mans even if you clear up a misconception, misunderstanding, or outright fraud, the original information continues to exist and people will still believe. To paraphrase, "a lie repeated often enough starts to sound like the truth."