Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Bug Operating Systems Software Windows

Scam Combines Patriot Act FUD With IE Bug 447

LostCluster writes "CNET, Reuters, and the AP are all reporting this morning about a circulating e-mail scam that claims that people will lose their FDIC bank account insurance because they are suspected of violating the Patriot Act unless they confirm their bank account information with a website. The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"
This discussion has been archived. No new comments can be posted.

Scam Combines Patriot Act FUD With IE Bug

Comments Filter:
  • by Dutchmaan ( 442553 ) on Saturday January 24, 2004 @04:20PM (#8076937) Homepage
    I hope this isn't what Bill was talking about with The Secure Computing Initiative
    • Re:Oh NO Mr Bill! (Score:3, Informative)

      by Skiron ( 735617 )
      I believe M$ said that this wasn't important to fix. Moz and all the others had it patched the same very day it was posted on bugtraq.

      Nick
      • Re:Oh NO Mr Bill! (Score:3, Informative)

        by NanoGator ( 522640 )
        "Moz and all the others had it patched the same very day it was posted on bugtraq."

        Moz doesn't exactly fix it. Granted, it's better than what IE does as you can see where it is really headed. However, it still sends you a misleading URL.

        "http://www.microsoft.com%01@zapthedingbat.com/se c urity/ex01/vun2.htm"

        It works as expected, but it is still not fixed. Opera, however, does actually address this issue. If you attempt to go to a URL that is formed like that, an error window appears. It says tha
    • by cwernli ( 18353 ) on Saturday January 24, 2004 @09:39PM (#8078704) Homepage

      The "Secure Computing Initiative" approach with this bug is documented in the Knowledge Base [microsoft.com]:

      This article discusses steps you can take to help protect yourself from spoofed Web sites. To summarize, these steps are: [...]

      • Do not click any hyperlinks that you do not trust. Type them in the Address bar yourself.
  • Wow... (Score:4, Funny)

    by Anonymous Coward on Saturday January 24, 2004 @04:20PM (#8076941)
    ...now we're outsourcing scams to India too.
    • Re:Wow... (Score:2, Funny)

      by dicepackage ( 526497 )
      Thank god I played it safe and invested with a Nigerian general.
    • Re:Wow... (Score:4, Informative)

      by zeekiorage ( 545864 ) on Saturday January 24, 2004 @05:54PM (#8077501)
      From the CNET article...
      The link to the Web site provided in the e-mail message leads to a server in Karachi, Pakistan, CNET News.com has discovered. Moreover, the link is formatted to take advantage of an Internet Explorer flaw that allows an attacker to hide the true destination of the link; in this case, the address bar in Internet Explorer displays "www.fdic.gov," while the actual Web site is at a different address in Pakistan.

      India and Pakistan are two different countries, India is not even mentioned in the article. Who modded this funny?
  • by Anonymous Coward on Saturday January 24, 2004 @04:21PM (#8076947)
    Where's an MS patch when we really need one?

    Being prevented by the DMCA?
  • Solution (Score:3, Funny)

    by BWJones ( 18351 ) * on Saturday January 24, 2004 @04:21PM (#8076950) Homepage Journal
    Where's an MS patch when we really need one?

    These [apple.com] solutions [apple.com] will solve your problem. :-)

    • Re:Solution (Score:5, Informative)

      by Liselle ( 684663 ) * <slashdot&liselle,net> on Saturday January 24, 2004 @04:25PM (#8076989) Journal
      For those of us that don't feel like switching to another OS, Opera [opera.com] will do.
      • Re:Solution (Score:5, Informative)

        by UnassumingLocalGuy ( 660007 ) on Saturday January 24, 2004 @04:30PM (#8077027) Homepage Journal
        And for those of us too cheap to buy a new browser, Mozilla or Firebird [mozilla.org] will have to do.
        • Re:Solution (Score:2, Funny)

          by Anonymous Coward
          And for those of us too cheap to upgrade our Timex Sinclairs to something more powerful like a Commodore 64, Lynx [browser.org] will have to do.
        • Yyou don't have to be too cheap... Mozilla is also endlessly extensible due to its HUGE reliance and integration with its javascript front-end (besides the whole thing being open-source, of course). If you're a decent programmer, Mozilla/Konq/etc... are really your only choices.
    • Re:Solution (Score:3, Interesting)

      by jfengel ( 409917 )
      Does it solve the problem? (I'm genuinely asking; I don't have a Mac around to test it.)

      The problem is that IE (and Firebird, and Mozilla) all display the URL as typed, including user name and password information. So if you type http://www.slashdot.org:foo@www.whitehouse.gov/ you get directed to a nasty site, even though the URL appears to say www.slashdot.org.

      (I don't seem to be able to reproduce the link exactly here; I think Slashdot may be removing the user name and password info.)

      The solution seem
      • Re:Solution (Score:5, Informative)

        by Liselle ( 684663 ) * <slashdot&liselle,net> on Saturday January 24, 2004 @04:39PM (#8077106) Journal
        I hate to plug Opera twice in the same thread, heh. But if I click on a link like one you mentioned, Opera will throw up a dialog box that says this:
        Security warning:

        You are about to go to an address containing a username.

        Username: www.slashdot.org
        Server: www.whitehouse.gov

        Are you sure you want to go to this address?
        Piece of cake.
      • Re:Solution (Score:5, Informative)

        by Richard_at_work ( 517087 ) * on Saturday January 24, 2004 @04:42PM (#8077123)
        The problem was that if you introduced a certain character just before the @ sign, the false url (eg the one that is actually the auth detail) will be the only one displayed. The real url would be left off, and thus people would be tricked. Its interesting to note that a similiar issue has been around a fair while, as there have been scams based on it (eg "banks" emailing you, asking you to click on a link and verify your login details. Page displayed looks real as its just a copy of your banks real site, but the url has @www.scammersurl.com at the end, after what looks like valid HTTP/GET data.

        Im going on what official reports of the bug say, because I have never actually been able to replicate the effect myself, on IE5.5, IE5.5sp1, IE6, IE6sp1 and IE6sp2, so it does seem that not all installs are vulnerable, as they all displayed the fake url and the real url as you would expect in the address bar. For the record, I tried this on WinXP (just the IE6 versions) and Win2k.
        • Re:Solution (Score:3, Interesting)

          by _xeno_ ( 155264 )
          You're doing it wrong. I'm assuming you're just inserting the %01 character into a URL. You actually have to sneak a "^A" character into the URL, either using JavaScript or an HTML entity. It does, in fact, work under IE6. Note that Mozilla (or at least Firebird) reescapes the bad character so it shows you the bad URL.

          Anyway, check out my sample page [xenoveritas.org] that demonstrates the bug.

          The basic and easiest way to reproduce this is something like "<a href="http://slashdot.org&#1;@www.msn.com/">...

      • Re:Solution (Score:4, Informative)

        by Smidge204 ( 605297 ) on Saturday January 24, 2004 @04:43PM (#8077124) Journal
        That was either some biting political commentary or a bad typo. (The real "nasty" site is .com not .gov :P)

        The REAL problem is that inserting a %01 and unescaping the URL causes IE to NOT display the URL to display as typed. Thus, it redirects you to a different site without you knowing. Only IE does this, so clearly there's a "right way" and a "wrong way" to do it and IE is doing it wrong. That's a BUG and a big security problem.
        =Smidge=
      • Re:Solution (Score:5, Informative)

        by slamb ( 119285 ) on Saturday January 24, 2004 @04:46PM (#8077145) Homepage
        The problem is that IE (and Firebird, and Mozilla) all display the URL as typed, including user name and password information. So if you type http://www.slashdot.org:foo@www.whitehouse.gov/ you get directed to a nasty site, even though the URL appears to say www.slashdot.org. [...] I don't consider the problem a "bug" in the same sense that buffer overflows are a bug.

        What you described has been known for a long time and arguably isn't a bug, yes. But what they're using is a newer variation that's more dangerous and clearly a bug. If you include a %00 just before the @, only "http://www.slashdot.org" is displayed. (Apparently the display code evalutes the hex escape and treats the %00 as end-of-string, but the engine itself does not.) Your only real indication that something is wrong is the lack of the trailing "/", which you're not likely to notice even if you know what it means.

      • The problem is that IE (and Firebird, and Mozilla) all display the URL as typed, including user name and password information. So if you type http://www.slashdot.org:foo@www.whitehouse.gov/ you get directed to a nasty site, even though the URL appears to say www.slashdot.org.

        No. I can *not* reproduce the bug you describe in Firebird running under XP, and I can't imagine the bug would be present in the Linux version and not the windows. I tried both typing the url you entered and copying and pasting and
      • Nasty sight (Score:5, Funny)

        by finelinebob ( 635638 ) on Saturday January 24, 2004 @04:54PM (#8077198) Homepage
        So if you type http://www.slashdot.org:foo@www.whitehouse.gov/ you get directed to a nasty site, even though the URL appears to say www.slashdot.org.

        Man, I thought I was going to see some nasty Goatse-thing but then ... horror of horrors!! GEORGE BUSH!! AHHHHHHHHHHH!!!!!!!!!!!

        That was rude, man...

      • Re:Solution (Score:5, Funny)

        by utlemming ( 654269 ) on Saturday January 24, 2004 @05:46PM (#8077466) Homepage
        In other news: The Whitehouse is reported that its website, www.whitehouse.gov is under some sort of DDoS. Apparently, thousands of computers around the world are supplying "http://www.slashdot.org" as atempt to login into the server.
    • Re:Solution (Score:5, Informative)

      by LousyPhreak ( 550591 ) <lousyphreak@gmx.COUGARat minus cat> on Saturday January 24, 2004 @04:33PM (#8077054)
      But the problem is your solutions also requires one [apple.com] of [apple.com] these [apple.com] upgrades [apple.com].

      I would rather recomend this [debian.org] upgrade [mozilla.org].

      Or if you have a dislike for linux even just this upgrade [mozilla.org] helps much.

      ;)
      • Re:Solution (Score:3, Insightful)

        by zcat_NZ ( 267672 )



        I suggest using the official Microsoft patch [wired.net.nz]?


        (OK, not really the official MSFT patch since there isn't one yet; my link demonstrates the bug by providing a Mozilla download on a msft-parody download page, complete with microsoft.com url..)



        (Yeah, I know.. I'm an attention-whore..)

    • Or this [mozilla.org] if you don't want to spend over a thousand to switch your hardware in order to meet said systems hardware requirements. :-P
    • hmmm somehow it won't install on my x86 based system...in other words STFU. I don't want to pay $2000 for a software upgrade.
  • FDIC Scam (Score:4, Funny)

    by Syntroxis ( 564739 ) on Saturday January 24, 2004 @04:22PM (#8076958)
    Ha! Can't get my money - don't have any.

    Paul
  • Patriot Act (Score:5, Insightful)

    by MORTAR_COMBAT! ( 589963 ) on Saturday January 24, 2004 @04:22PM (#8076963)
    Any law which is so powerful and ambiguous as to put fear into people by its mere mention must be a bad law. A reasonable person, if accused of violating the Patriot Act, might actually doubt his own innocence because of the sheer labyrinthian might of the Act.
    • Re:Patriot Act (Score:2, Insightful)

      by GoofyBoy ( 44399 )

      >Any law which is so powerful and ambiguous as to put fear into people by its mere mention must be a bad law.

      By your logic, any law with large penalties is a bad law.

      And if you aren't scared if accused of violating that type of law, you probally are more ignorant than anything else.
    • Re:Patriot Act (Score:2, Insightful)

      by PPGMD ( 679725 )
      *Probably going to get modded down for this, but what the heck*

      If you actually read the law, or at least a good honest description of the law it's not at all ambiguous, it's because of the FUD that is thrown around about it that most people don't know what it really says.

      Yes it's a powerful law, but that doesn't necessarily mean that it has to ambiguous, in some states drunken driving laws (and related penalties) are very powerful (and can basically ruin your life if caught), but no one complains, at le

  • by Mr. Darl McBride ( 704524 ) on Saturday January 24, 2004 @04:23PM (#8076967)
    You can make your messages look like this to MS users: (PNG picture) [zgp.org] and elicit fun responses like this [entar.net], while your messages look normal to non-MS users.

    This is a combination of using simple X- header lines for the top error part, as well as the "'begin'-then-two-spaces" bug, which lets you create a bogus MIME section that only MS mail readers fall for -- useful for suppressing the message part. The begin-with-two-spaces trigger makes an excellent quoted text header. :)

  • Patch? (Score:5, Insightful)

    by Guppy06 ( 410832 ) on Saturday January 24, 2004 @04:26PM (#8076990)
    "The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"

    Right here [mozilla.org].
  • 3-m@1L $c@mmz0r$ (Score:5, Insightful)

    by mac os ken ( 732050 ) on Saturday January 24, 2004 @04:26PM (#8077000) Homepage Journal
    I will probably never understand fully why anyone would fall for an e-mail scam that is clearly not legitimate. When I get a spam telling me:

    "W3 n33d jO0r b@nk @cc0un7 # bc@u$3 FDIC $@ys $0."

    I hit delete. Unfortunately some people fall for this. Does anyone have any numbers on just how succesful these e-mails are? Is the American public that ignorant?

    • by hchaos ( 683337 ) on Saturday January 24, 2004 @04:33PM (#8077051)
      Unfortunately some people fall for this. Does anyone have any numbers on just how succesful these e-mails are? Is the American public that ignorant?
      No, the American public is not that ignorant. Very few scams are clever enough to hook the American public. Fortunately for the scammers, the American public isn't the target. Just like the Nigerian scam, it only takes about 0.001% of the population to fall for it in order to make a lot of cash.
      • Just like the Nigerian scam, it only takes about 0.001% of the population to fall for it in order to make a lot of cash.

        Sending scam Spam is just as cheap as sending any other form of Spam. I'd guess these scammers are in the black if they just get one bank account cleaned out...
      • There are scams for the 0,001% with huge payouts (bank scams, 411 scams etc., simply rip-offs)

        Then there's the scams for the 0,1% with some medium payouts (mortgages, loans etc., often poor business deals but "real")

        Then there's scams for the 10%, like cheap herbal viagra and other one-off product sales, which are just a few dollars each but large in numbers.

        Also, it's about finding the blind spot. Even people who would never normally buy SPAM but then get this wonderful offer that they just HAVE to try
    • Sure if it is obvious. What if the scam happened to appear to come from your bank, and you normally get email from them.

      Discover sends me monthy reminders just before my bill is due, if I havn't paid yet. I'd be vunerable to an email that appeared to come from discover and just wanted me to update my personal information. I don't think I would fall for it, but if done cleaverly enough I might. (fortunatly I read email in a program which cannot launch a browser, so I have to cut and paste URLs, but

    • I once got an e-mail from Ebay requesting that I upgrade my credit card info since the one on file had expired. It was a legit e-mail. Last week I got a scam email pretending to be from Ebay, asking me to update info, and I actually thought it was legit for ten seconds. The scam would have been amazingly successful if they hadn't asked for every piece of info imaginable. All a scammer has to do is duplicate legit emails, and he'll get money from people you may not consider ignorant.
  • by MillionthMonkey ( 240664 ) * on Saturday January 24, 2004 @04:28PM (#8077011)
    Here [google.com] is a repost of the email on news.admin.net-abuse.sightings.

    The link text:

    <a href="http://www.fdic.gov@202.63.206.88/index.htm" >http://www.fdic.gov/idverify/cgi-bin/index.htm</a >

    There's no point in a slashdotting/DDoS since the U.S. connectivity provider has already choked off the flow of packets to this server in Pakistan. Pinging 202.63.206.88 times out.

    • If that's true, they don't exploit an IE flaw at all. If I'm not wrong and everything before the @ shouldn't be treated as user name to login with.
  • by Zocalo ( 252965 ) on Saturday January 24, 2004 @04:28PM (#8077013) Homepage
    Where's an MS patch when we really need one?"

    Apparently they are "still working on it", just like they have been for the last two scheduled patch releases they've had. Unfortunately, the scammers and phishers are "still working on it" as well. And yet despite this, Microsoft still spouts such choice quotes [theregister.co.uk] about its software security as "The tool had to to be tested before we could put it on Windows Update... it would be unfair to accuse Microsoft of tardiness." (about a five month wait for an official Blaster clean-up tool) and "Windows is far more commonly afflicted with worm infections than Linux... but Microsoft offers greater accountability and support than open source alternatives".

    Well, I'll agreee with one of those points. Can you guess which? ;)

  • IE patch (Score:2, Informative)

    by Dreadlord ( 671979 )
    A patch was released by an open source development site for this bug, unfortunately, it turned out that the patch contained a buffer overflow and malicious code, click here for the story. [slashdot.org]
  • by LostCluster ( 625375 ) * on Saturday January 24, 2004 @04:31PM (#8077032)
    The real www.fdic.gov [fdic.gov] is running a rather standard press release [fdic.gov] to warn that it's a scam.

    Consumers never have any reason at all to send information to the FDIC. They already can get all they need to know out of banks.
  • WTF? A Java-enabled news story? Ugh. The AP link is much cleaner, and quicker loading.
  • by Wakko Warner ( 324 ) * on Saturday January 24, 2004 @04:31PM (#8077042) Homepage Journal
    It's in the same place they put their concern for their end-users. Once you find that, let the rest of us know.

    - A.P.
  • by DrDoombender ( 681389 ) on Saturday January 24, 2004 @04:33PM (#8077058)
    Dear gullableguy@aol.com,

    We are with the government. You are violating the patriot act gullableguy@aol.stupiduser.com. We just want you to go to this site and give us all your compromising information because you are violating the patriot act under provision 1234. Please go to this site otherwise you will lose your FDIC insurance coverage. Please disregard the fact that if you really were suspected, the US government wouldn't actually contact you by email, and that the patriot act doesn't have anything to do with the FDIC. Oh and we would have addressed you by name instead of your email account. Oh, and other obivious and logical stuff too.

    Best regards,

    A guy who isn't pakistani

  • security in windows (Score:3, Interesting)

    by plams ( 744927 ) on Saturday January 24, 2004 @04:34PM (#8077063) Homepage
    many roads lead to a safer internet expirience. mozilla, firewalls, scriptblockers.. however, the method i've found most effective is what i call "security through some old piece of crap". my mIRC client says "copyright 1995-1998", and when I asked 50+ nerds on a channel to try and DoS me, nobody could find a crack old enough! so the lesson is: don't wait for the new patch. revert to a version before the bug was even introduced.
  • I delete any e-mails that contain those escape characters server side with a filter rule.

    Ben
  • Does anyone have the URL? I want to make sure I straighten out my account before I loose my money!
  • by anarchima ( 585853 ) on Saturday January 24, 2004 @04:42PM (#8077120) Homepage
    Now that I'm unemployed, I feel more secure knowing that I have no money which can be scammed from me because of a "Patriot" Act. Thank God for the state of our Bushist economy!
  • by The Breeze ( 140484 ) on Saturday January 24, 2004 @04:45PM (#8077140) Homepage
    I lost money to a similar scam, except in my case the mail came in the form of a white envelope from the "Department of the Treasury, Internal Revenue Service." Short verison, there were papers in there wanting to know my social security number, how much I made, what I spent it on, all of the same information from my wife...and then it ordered me to give a percentage of my income to them or else they would come and put me in jail!

    I did a bit of research and found that this money had been taken from me from some group of thugs called the Congress of the United States. Apparently, they took my money and I'm told there's very little chance of getting it back.
    They've even got my employer in on the scam - now they are paying some of my paycheck directly to them.
    • So you don't use roads? Water? Never used electricity in a rural area? Do you like seatbelts and the fact that automakers are required to install them? How about the fact that if you get laid off, you'll be able to eat three days later? Ever been to public school? Do you plan on, at some point in the future, being old and collecting welfare through Medicare/Social Security? No? Oh.
      • Re:I am a victim. (Score:5, Insightful)

        by petabyte ( 238821 ) on Saturday January 24, 2004 @06:05PM (#8077560)
        Do you plan on, at some point in the future, being old and collecting welfare through Medicare/Social Security? No? Oh.

        I have no illusions that Social Security will be there by the time I'm ready to retire (July 2047). I'm planing on being old but I'm certainly not naive enough to believe that there will be a dime left in Social Security at that point.
  • by Controlio ( 78666 ) on Saturday January 24, 2004 @04:55PM (#8077201)
    I don't know about the rest of you, but I clicked on a funny link from a prior Slashdot thread that had an intentionally altered URL. The big shocker was, IE parsed it like it was no big deal, but my virus scanner picked up the malicious code. It warned me that the URL was modified by a bug in Internet Explorer, and allowed me to continue or back out.

    I always swore by Norton, but from the things I've seen as of late, I think I'm sticking with Network Associates.
  • by Teddy Beartuzzi ( 727169 ) on Saturday January 24, 2004 @05:01PM (#8077237) Journal
    ...of contacting your customers. Every day I get so many fake emails trying to get my paypal, ebay, banking info etc, that I no longer even look at it. All correspondence that appears to be from them simply gets binned. Even the legitimate ones, because they're indistinguishable from the fakes.

    Until we all start signing our emails with PGP.

  • by Gyorg_Lavode ( 520114 ) on Saturday January 24, 2004 @05:03PM (#8077252)
    Remember, it's only defined as critical if it's exploited in the wild.
  • Microsoft software deservedly has a very poor reputation for security.

    People who continue to use it when there are plenty of alternatives, including free ones (as in speech and beer), therefore know what they've let themselves in for, and deserve the consequences they get from their misguided decision.

    (This comment entered using Mozilla running on Linux).

  • by Minus Five ( 671482 ) on Saturday January 24, 2004 @05:18PM (#8077316)
    Here's the text that prompted me into give away my personal info :)

    Important News About Your Bank Account

    To whom it may concern;

    In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act.

    As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information.

    Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted.

    http://www.fdic.gov/idverify/cgi-bin/index.htm

    Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials.

    Thank you for your time and consideration in this matter.

    Donald E. Powell
    Chairman Emeritus FDIC

    John D. Hawke, Jr.
    Comptroller of the Currency

    Michael E. Bartell
    Chief Information Officer
  • by |>>? ( 157144 ) on Saturday January 24, 2004 @05:23PM (#8077348) Homepage
    Yesterday I received a message that appeared similar in nature to that described by the article. After many phone calls I managed to speak to the fraud section at the Commonwealth Bank (biggest bank in Oz), where the message appeared to come from.

    Their solution (after getting some of the bank staff to pull their head from the sand) was to redirect all requests to a specific URL to the Bank's home-page.

    Now I for one, think that the only way that they could do that, was with cooperation from ALL ISP's in this country.

    The scam and the banks initial response pissed me off, but the redirect scares the *shit* out of me.

    Anyone else share my concerns, or should I just crawl back into my box and live with the idea that the Internet has just died...
    • Actually, it doesn't need very many ISPs to cooperate... just the ones that operates the trans-continental links that are between where you are and where the scammer is. They just have to set up one of their own servers to be the "bad" IP address and feed redirects, and then set their routers to intercept all traffic destined for that IP address.

      I'm pretty sure everyone who provides Internet connectivity to places that are scam havens are used to doing this.
  • by MortisUmbra ( 569191 ) on Saturday January 24, 2004 @05:44PM (#8077457)
    Someones comment above made me think about how you could possibly lessen the effects of attacks like these. They mentioned that one of the US providers lines cut access to the IP in question. Indeed its no longer pingable.

    But how long does it take for word to reach them about that?

    What I was thinkingwas, a sort of P2P network client that could actively collect IP's from sites like this and, while not outright blocking them (so the next legit user of that IP isnt screwed) could at least sit in a ZoneAlarm-like position on your system and monitor the IP addresses you try to connect to, if it matches the outgoing IP to one on the list, it throws up an error like "Warning! This IP may contain fraudulent information or be dangerous to your computer, only proceed if you are absolutely certain this site is safe!".

    The P2P aspect would be nice because once new scams are caught in the wild (honeypots might be a very usefull tool to help catch them fast) users/admins could update the list (though some sort of peer review would almost certainly have to be in place to avoid abuse) and could redistribute itself amongst the network.

    Idealy this should not have to be the case, but as in the above example, its not really a "bug" per-se because if you look at it, its quite obvious what they are doing, just the same there should be some way of preventing this kind of thing reaching the uneducated masses. Even 0.001% of the pop. falling for this kind of thing is unacceptable, and will only fuel people like this.

    Anyway, commence poking my idea full of holes :) I'm sure there is plenty, its just an idea. :)
  • Banks get notified of tons of things like this every day (I work in one), and all the tellers should know of the scams. Before you do anything involving your bank account, call your bank!

    We also get memos telling us NOT to let Bin Laden or Saddam open accounts... allong with a list of the US Government's top 100 most wanted. I'm still not quite sure how we're suppossed to memorize all those names...
  • Mozilla (Score:5, Informative)

    by paj1234 ( 234750 ) on Saturday January 24, 2004 @07:52PM (#8078130)
    A lot of people here have suggested Mozilla as a solution. That is a partial answer. But a proper solution has not been implemented yet in Mozilla. See Bugzilla bug 122445, "Spoof prevention: Warn if username/password in link (url) looks like a hostname". The bug has been outstanding for two years now and it's still not been fixed in Mozilla. There is a proposed patch planned to go into 1.7a.

    For the full discussion see: http://bugzilla.mozilla.org/show_bug.cgi?id=122445
  • by Fantastic Lad ( 198284 ) on Sunday January 25, 2004 @09:56AM (#8080992)
    to the government!

    (I'm joking, of course.)

    False-Flag actions are easy to perform, they are incredibly effective, and the people in power are usually morally bankrupt (or outright psychotic) enough to feel no guilt in performing them.

    "But they wouldn't DO that! Nobody would attack their own people! They just wouldn't DO that!"

    No? They'd very deliberately lie to get us embroiled in an incredibly destructive and expensive war which is designed primarily to suck billions of dollars out of the public purse and feed it directly into the hands of a very few greedy men. The fact that or youth are being savaged both in body and mind means nothing to such people.

    Oh, I assure you, they would do that. It's not a new idea by any stretch, and why would it be? Easy, effective, and nobody believes it could ever happen. Heck, it's what I'd do in their place. Easy. Effective. --And common! Every time somebody rips off an insurance company through arson or what-not, it's the same thing. It happens. People do it. If you think that people in government do not do it, you are a fool. Period.

    Go and do some research. Look at all the 2003 'terrorist' bombings which took place around the world, notice when each of them happened. You'll notice that at each event, a significant step toward reason was undone. A bomb goes off, and a diplomat attending a key peace talk has a reason to storm out of the room. --Or some variation of that almost every single time. Also notice how the countries attacked were nearly always ones which happen to be sympathetic towards the so-called 'terrorist' nations opposed to US aggression. In other words, ridiculous targets which do not benefit the 'terrorists', but DO benefit the US and Israel.

    My point?

    The web is just another battle ground, folks.

    A significant percentage of this web-damaging activity isn't perpetrated by private hackers or quick-money spammers. It's the covert arm of somebody's government and the aim is to increase the level of fear and uncertainty, to make people more willing to give up freedom. To make the public ready to accept a wave of lunatic arrests of so-called, 'hackers'.

    It'll happen unless people are helped to understand the true nature of these kinds of events. If people don't get angry at the wrong parties, then we might just avoid the culling of the intellectuals which always happens during a fascist take-over.

    Knowledge Protects.


    -FL

Trap full -- please empty.

Working...