Scam Combines Patriot Act FUD With IE Bug 447
LostCluster writes "CNET, Reuters, and the AP are all reporting this morning about a circulating e-mail scam that claims that people will lose their FDIC bank account insurance because they are suspected of violating the Patriot Act unless they confirm their bank account information with a website. The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"
Oh NO Mr Bill! (Score:5, Funny)
Re:Oh NO Mr Bill! (Score:3, Informative)
Nick
Re:Oh NO Mr Bill! (Score:3, Informative)
Moz doesn't exactly fix it. Granted, it's better than what IE does as you can see where it is really headed. However, it still sends you a misleading URL.
"http://www.microsoft.com%01@zapthedingbat.com/se c urity/ex01/vun2.htm"
It works as expected, but it is still not fixed. Opera, however, does actually address this issue. If you attempt to go to a URL that is formed like that, an error window appears. It says tha
Re:Oh NO Mr Bill! (Score:3, Interesting)
"http://slashdot.org/comments.pl?sid=94152&op=Rep
Most URLs these days end up looking like that. All it takes is a moment of distraction to not notice a malicious URL. It's the downside of only being human.
Comment removed (Score:4, Informative)
Re:Oh NO Mr Bill! (Score:3, Interesting)
Well, on the bright side, maybe some good will come of this. While I doubt many will wake up and suddenly realize that IE is a bad browser (like most of the /. crowd already knows), perhaps some who are ripped off might come to conclusion (for the wrong reasons, but hey, any port in storm) that the Patriot Act is a bad idea.
Re:The actual email (Score:3, Interesting)
Re:Oh NO Mr Bill! (Score:4, Funny)
The "Secure Computing Initiative" approach with this bug is documented in the Knowledge Base [microsoft.com]:
This article discusses steps you can take to help protect yourself from spoofed Web sites. To summarize, these steps are: [...]
Wow... (Score:4, Funny)
Re:Wow... (Score:2, Funny)
Re:Wow... (Score:4, Informative)
India and Pakistan are two different countries, India is not even mentioned in the article. Who modded this funny?
Re:Wow... (Score:2, Informative)
Re:Wow... (Score:3, Funny)
[1] Yes, it really does exist.
Re:Wow... (Score:3, Funny)
Re:Wow... (Score:2, Funny)
Australia, South America, Asia, the middle East, Africa, the Arctic, the Antarctic, etc. etc.
Is ignorance worse than arrogance?
I don't know and I care!
Re:Wow... (Score:2, Funny)
The gag, muffed up to the n'th degree, should of course have read "I don't know and I don't care".
What an arse.
Re:Wow... (Score:3, Informative)
And shows your utter lack of historical knowledge a well
India and Pakistan aren't 'close?' (Score:3, Funny)
Oh...wait, they do...
Re:Wow... (Score:3, Funny)
Re:Wow... (Score:2)
Back on topic, this story can explains the article [paktribune.com] all too well.
I Know Where (Score:5, Funny)
Being prevented by the DMCA?
A patch is gonna fix THIS?!? (Score:5, Funny)
Where's an MS patch when we really need one?
Honestly, the Patriot Act is so fucked up I doubt a simple patch will fix the problem. We'd have to throw the entire thing away and start from scratch. It's not worth salvaging.
And further more... What? Oh. You meant a patch for IE. Okay, I got it. My bad.
GMD
Re:A patch is gonna fix THIS?!? (Score:3, Funny)
You'd trust a patch for the Patriot Act from MS?
"Your law has performed an unconstitutional operation. (A)bort, (R)etry, or (B)ribe?
Solution (Score:3, Funny)
These [apple.com] solutions [apple.com] will solve your problem.
Re:Solution (Score:5, Informative)
Re:Solution (Score:5, Informative)
Re:Solution (Score:2, Funny)
Re:Solution (Score:2)
Re:Solution (Score:5, Informative)
Re:Solution (Score:4, Insightful)
So, in other words, yes you don't have to pay a dime for it. There's a banner that sits up there. The thing is, if you pay for it, that space isn't reclaimed for anything particularly useful. I suppose you could add a bunch more buttons up at the top, but you'd be hard press to fill it.
I paid for Opera, and had the banner removed, and went back to using it with ads because there wasn't any other real use for it. Now Opera uses 'Google Text ads', and once in a while something interesting comes along. It's not the most frequent thing in the world, but I did find out about a couple of Lightwave books that I never knew existed.
Ads != evil.
Re:Solution (Score:3, Interesting)
The problem is that IE (and Firebird, and Mozilla) all display the URL as typed, including user name and password information. So if you type http://www.slashdot.org:foo@www.whitehouse.gov/ you get directed to a nasty site, even though the URL appears to say www.slashdot.org.
(I don't seem to be able to reproduce the link exactly here; I think Slashdot may be removing the user name and password info.)
The solution seem
Re:Solution (Score:5, Informative)
Re:Solution (Score:5, Informative)
Im going on what official reports of the bug say, because I have never actually been able to replicate the effect myself, on IE5.5, IE5.5sp1, IE6, IE6sp1 and IE6sp2, so it does seem that not all installs are vulnerable, as they all displayed the fake url and the real url as you would expect in the address bar. For the record, I tried this on WinXP (just the IE6 versions) and Win2k.
Re:Solution (Score:3, Interesting)
Anyway, check out my sample page [xenoveritas.org] that demonstrates the bug.
The basic and easiest way to reproduce this is something like "<a href="http://slashdot.org@www.msn.com/">...
Re:Solution (Score:4, Informative)
The REAL problem is that inserting a %01 and unescaping the URL causes IE to NOT display the URL to display as typed. Thus, it redirects you to a different site without you knowing. Only IE does this, so clearly there's a "right way" and a "wrong way" to do it and IE is doing it wrong. That's a BUG and a big security problem.
=Smidge=
Re:Solution (Score:5, Informative)
What you described has been known for a long time and arguably isn't a bug, yes. But what they're using is a newer variation that's more dangerous and clearly a bug. If you include a %00 just before the @, only "http://www.slashdot.org" is displayed. (Apparently the display code evalutes the hex escape and treats the %00 as end-of-string, but the engine itself does not.) Your only real indication that something is wrong is the lack of the trailing "/", which you're not likely to notice even if you know what it means.
Re:Solution (Score:2)
No. I can *not* reproduce the bug you describe in Firebird running under XP, and I can't imagine the bug would be present in the Linux version and not the windows. I tried both typing the url you entered and copying and pasting and
Nasty sight (Score:5, Funny)
Man, I thought I was going to see some nasty Goatse-thing but then ... horror of horrors!! GEORGE BUSH!! AHHHHHHHHHHH!!!!!!!!!!!
That was rude, man...
Re:Solution (Score:5, Funny)
Re:Solution (Score:2)
Especially if one obfuscates further:
http://slashdot.org:dfkjkasfznc=dfjkkerj -dfjed=fjk dndjfserncs@www.whitehouse.gov/dfkdf/dfkjdf/dfsf, when the whitehouse.gov part has scrolled off the screen an
Re:Solution (Score:2)
Re:Solution (Score:5, Informative)
I would rather recomend this [debian.org] upgrade [mozilla.org].
Or if you have a dislike for linux even just this upgrade [mozilla.org] helps much.
Re:Solution (Score:3, Insightful)
I suggest using the official Microsoft patch [wired.net.nz]?
(OK, not really the official MSFT patch since there isn't one yet; my link demonstrates the bug by providing a Mozilla download on a msft-parody download page, complete with microsoft.com url..)
(Yeah, I know.. I'm an attention-whore..)
Re:Solution (Score:2)
Re:Solution (Score:2)
FDIC Scam (Score:4, Funny)
Paul
Patriot Act (Score:5, Insightful)
Re:Patriot Act (Score:2, Insightful)
>Any law which is so powerful and ambiguous as to put fear into people by its mere mention must be a bad law.
By your logic, any law with large penalties is a bad law.
And if you aren't scared if accused of violating that type of law, you probally are more ignorant than anything else.
Re:Patriot Act (Score:2, Insightful)
If you actually read the law, or at least a good honest description of the law it's not at all ambiguous, it's because of the FUD that is thrown around about it that most people don't know what it really says.
Yes it's a powerful law, but that doesn't necessarily mean that it has to ambiguous, in some states drunken driving laws (and related penalties) are very powerful (and can basically ruin your life if caught), but no one complains, at le
Still more fun with the PATRIOT act and MS bugs (Score:5, Interesting)
This is a combination of using simple X- header lines for the top error part, as well as the "'begin'-then-two-spaces" bug, which lets you create a bogus MIME section that only MS mail readers fall for -- useful for suppressing the message part. The begin-with-two-spaces trigger makes an excellent quoted text header. :)
Re:Still more fun with the PATRIOT act and MS bugs (Score:2)
Re:Still more fun with the PATRIOT act and MS bugs (Score:5, Funny)
To workaround this problem:
- Do not start messages with the word "begin" followed by two spaces.
- Use only one space between the word "begin" and the following data.
- Capitalize the word "begin" so that it is reads "Begin."
- Use a different word such as "start" or "commence."
Remember that, kids! Use "start" or "commence!"and my favorite...
Patch? (Score:5, Insightful)
Right here [mozilla.org].
3-m@1L $c@mmz0r$ (Score:5, Insightful)
"W3 n33d jO0r b@nk @cc0un7 # bc@u$3 FDIC $@ys $0."
I hit delete. Unfortunately some people fall for this. Does anyone have any numbers on just how succesful these e-mails are? Is the American public that ignorant?
Re:3-m@1L $c@mmz0r$ (Score:5, Insightful)
Re:3-m@1L $c@mmz0r$ (Score:2)
Sending scam Spam is just as cheap as sending any other form of Spam. I'd guess these scammers are in the black if they just get one bank account cleaned out...
Well, the combined result... (Score:3)
Then there's the scams for the 0,1% with some medium payouts (mortgages, loans etc., often poor business deals but "real")
Then there's scams for the 10%, like cheap herbal viagra and other one-off product sales, which are just a few dollars each but large in numbers.
Also, it's about finding the blind spot. Even people who would never normally buy SPAM but then get this wonderful offer that they just HAVE to try
Re:3-m@1L $c@mmz0r$ (Score:2)
Sure if it is obvious. What if the scam happened to appear to come from your bank, and you normally get email from them.
Discover sends me monthy reminders just before my bill is due, if I havn't paid yet. I'd be vunerable to an email that appeared to come from discover and just wanted me to update my personal information. I don't think I would fall for it, but if done cleaverly enough I might. (fortunatly I read email in a program which cannot launch a browser, so I have to cut and paste URLs, but
Re:3-m@1L $c@mmz0r$ (Score:2)
The actual article text (Score:5, Informative)
The link text:
<a href="http://www.fdic.gov@202.63.206.88/index.htm
There's no point in a slashdotting/DDoS since the U.S. connectivity provider has already choked off the flow of packets to this server in Pakistan. Pinging 202.63.206.88 times out.
Re:The actual article text (Score:2)
Re:The actual article text (Score:2)
> telnet 202.63.206.88 80
Connecting To 202.63.206.88...Could not open connection to the host, on port 80.
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Perhaps it's still in "testing" (Score:5, Interesting)
Apparently they are "still working on it", just like they have been for the last two scheduled patch releases they've had. Unfortunately, the scammers and phishers are "still working on it" as well. And yet despite this, Microsoft still spouts such choice quotes [theregister.co.uk] about its software security as "The tool had to to be tested before we could put it on Windows Update... it would be unfair to accuse Microsoft of tardiness." (about a five month wait for an official Blaster clean-up tool) and "Windows is far more commonly afflicted with worm infections than Linux... but Microsoft offers greater accountability and support than open source alternatives".
Well, I'll agreee with one of those points. Can you guess which? ;)
IE patch (Score:2, Informative)
FDIC issues scam alert press release (Score:5, Insightful)
Consumers never have any reason at all to send information to the FDIC. They already can get all they need to know out of banks.
Warning: Reuters link requires Java (Score:2)
"Where's an MS patch when we really need one?" (Score:5, Funny)
- A.P.
Re:"Where's an MS patch when we really need one?" (Score:3, Funny)
Kjella
Your picture is in the dictionary next to gullable (Score:5, Funny)
We are with the government. You are violating the patriot act gullableguy@aol.stupiduser.com. We just want you to go to this site and give us all your compromising information because you are violating the patriot act under provision 1234. Please go to this site otherwise you will lose your FDIC insurance coverage. Please disregard the fact that if you really were suspected, the US government wouldn't actually contact you by email, and that the patriot act doesn't have anything to do with the FDIC. Oh and we would have addressed you by name instead of your email account. Oh, and other obivious and logical stuff too.
Best regards,
A guy who isn't pakistani
Re:Your picture is in the dictionary next to gulla (Score:3, Insightful)
security in windows (Score:3, Interesting)
Re:security in windows (Score:2)
My patch (Score:2)
Ben
Crap! (Score:2)
MOD PARENT DOWN -1 Troll (Score:2)
Thank God for the Economy! (Score:5, Informative)
I am a victim. (Score:5, Funny)
I did a bit of research and found that this money had been taken from me from some group of thugs called the Congress of the United States. Apparently, they took my money and I'm told there's very little chance of getting it back.
They've even got my employer in on the scam - now they are paying some of my paycheck directly to them.
Re:I am a victim. (Score:2)
Re:I am a victim. (Score:5, Insightful)
I have no illusions that Social Security will be there by the time I'm ready to retire (July 2047). I'm planing on being old but I'm certainly not naive enough to believe that there will be a dime left in Social Security at that point.
Virus Scanners can pick it up (Score:5, Interesting)
I always swore by Norton, but from the things I've seen as of late, I think I'm sticking with Network Associates.
Email is no longer usable as a legitimate means... (Score:4, Insightful)
Until we all start signing our emails with PGP.
Definition of Critical (Score:5, Insightful)
Serves 'em right for using Microsoft (Score:2)
Microsoft software deservedly has a very poor reputation for security.
People who continue to use it when there are plenty of alternatives, including free ones (as in speech and beer), therefore know what they've let themselves in for, and deserve the consequences they get from their misguided decision.
(This comment entered using Mozilla running on Linux).
The actual text from the mail (Score:5, Informative)
Important News About Your Bank Account
To whom it may concern;
In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act.
As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information.
Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted.
http://www.fdic.gov/idverify/cgi-bin/index.htm
Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials.
Thank you for your time and consideration in this matter.
Donald E. Powell
Chairman Emeritus FDIC
John D. Hawke, Jr.
Comptroller of the Currency
Michael E. Bartell
Chief Information Officer
Australias response: Commonwealth Bank (Score:5, Informative)
Their solution (after getting some of the bank staff to pull their head from the sand) was to redirect all requests to a specific URL to the Bank's home-page.
Now I for one, think that the only way that they could do that, was with cooperation from ALL ISP's in this country.
The scam and the banks initial response pissed me off, but the redirect scares the *shit* out of me.
Anyone else share my concerns, or should I just crawl back into my box and live with the idea that the Internet has just died...
Re:Australias response: Commonwealth Bank (Score:3, Interesting)
I'm pretty sure everyone who provides Internet connectivity to places that are scam havens are used to doing this.
Ways around the problem. (Score:3, Interesting)
But how long does it take for word to reach them about that?
What I was thinkingwas, a sort of P2P network client that could actively collect IP's from sites like this and, while not outright blocking them (so the next legit user of that IP isnt screwed) could at least sit in a ZoneAlarm-like position on your system and monitor the IP addresses you try to connect to, if it matches the outgoing IP to one on the list, it throws up an error like "Warning! This IP may contain fraudulent information or be dangerous to your computer, only proceed if you are absolutely certain this site is safe!".
The P2P aspect would be nice because once new scams are caught in the wild (honeypots might be a very usefull tool to help catch them fast) users/admins could update the list (though some sort of peer review would almost certainly have to be in place to avoid abuse) and could redistribute itself amongst the network.
Idealy this should not have to be the case, but as in the above example, its not really a "bug" per-se because if you look at it, its quite obvious what they are doing, just the same there should be some way of preventing this kind of thing reaching the uneducated masses. Even 0.001% of the pop. falling for this kind of thing is unacceptable, and will only fuel people like this.
Anyway, commence poking my idea full of holes
Hopefully, anyone would call their bank... (Score:5, Informative)
We also get memos telling us NOT to let Bin Laden or Saddam open accounts... allong with a list of the US Government's top 100 most wanted. I'm still not quite sure how we're suppossed to memorize all those names...
Mozilla (Score:5, Informative)
For the full discussion see: http://bugzilla.mozilla.org/show_bug.cgi?id=12244
That cuts it! Let's hand over control of the Web (Score:3, Insightful)
(I'm joking, of course.)
False-Flag actions are easy to perform, they are incredibly effective, and the people in power are usually morally bankrupt (or outright psychotic) enough to feel no guilt in performing them.
"But they wouldn't DO that! Nobody would attack their own people! They just wouldn't DO that!"
No? They'd very deliberately lie to get us embroiled in an incredibly destructive and expensive war which is designed primarily to suck billions of dollars out of the public purse and feed it directly into the hands of a very few greedy men. The fact that or youth are being savaged both in body and mind means nothing to such people.
Oh, I assure you, they would do that. It's not a new idea by any stretch, and why would it be? Easy, effective, and nobody believes it could ever happen. Heck, it's what I'd do in their place. Easy. Effective. --And common! Every time somebody rips off an insurance company through arson or what-not, it's the same thing. It happens. People do it. If you think that people in government do not do it, you are a fool. Period.
Go and do some research. Look at all the 2003 'terrorist' bombings which took place around the world, notice when each of them happened. You'll notice that at each event, a significant step toward reason was undone. A bomb goes off, and a diplomat attending a key peace talk has a reason to storm out of the room. --Or some variation of that almost every single time. Also notice how the countries attacked were nearly always ones which happen to be sympathetic towards the so-called 'terrorist' nations opposed to US aggression. In other words, ridiculous targets which do not benefit the 'terrorists', but DO benefit the US and Israel.
My point?
The web is just another battle ground, folks.
A significant percentage of this web-damaging activity isn't perpetrated by private hackers or quick-money spammers. It's the covert arm of somebody's government and the aim is to increase the level of fear and uncertainty, to make people more willing to give up freedom. To make the public ready to accept a wave of lunatic arrests of so-called, 'hackers'.
It'll happen unless people are helped to understand the true nature of these kinds of events. If people don't get angry at the wrong parties, then we might just avoid the culling of the intellectuals which always happens during a fascist take-over.
Knowledge Protects.
-FL
Re:even with the patch (Score:2)
Re:Question for the tin-foil hat wearers (Score:5, Informative)
(puts on asbestos underwear)
The Patriot act invades the privacy and tramples the civil rights of America's citizenry by allowing the DOJ and the CIA to bypass the Bill of Rights whenever they feel like it by declaring someone a suspected terrorist, or, even better, and enemy combatant. The only thing preventing the Executive branch from using this to silence political dissidents is the enormous political fallout should they attempt it. It is, in addition, transparently racist in its implementation because it is being used to focus the eyes of law enforcement on dark-skinned foreigners, while largely ignoring homegrown terrorist groups such as the Ku Klux klan, National Alliance, Posse Comitatus, and the World Church of the Creator.
But, if none of these issues bother you, ignore me. You probably will anyway.
Re:Question for the tin-foil hat wearers (Score:2)
And I DO hope you're not advocating the profiling of foreigners simply because they're foriegn or their parents or grandparents were. That's a really wide net in the country, and I don't think Ireland, China, Mexico, Canada, England or Poland had anything to do with 9/11. But I digress. . .
Re:Question for the tin-foil hat wearers (Score:2)
Re:Question for the tin-foil hat wearers (Score:2)
Re:Question for the tin-foil hat wearers (Score:4, Informative)
Re:Question for the tin-foil hat wearers (Score:2)
Not the patriot act, but you don't have free speach within 60 days of an elections.
Again not the patriot act, but you don't have freedom to own arms that would be perfectly suitable for a milital (like a full automatic gun, or even the more useful 3 shot burst)
The third ammendment (IIRC... quartering troops) isn't an issue, but I'm sure you could find areas of at least grey for the rest.
The 9th and 10th are perhaps the most violated. The federal governemtn can't set a drinking age, yet they have practi
Re:Stupidity! (Score:5, Insightful)
Lots of elderly women who outlive thiner husbands, have to deal with the finances for the first time. These people make a great targets, they are computer illiterate. They where given a computer to communicate with their family, and dont know about all the email scams. And with the new homeland security daily threat levels, it confuses them.
Do a little research before you blame the victim.
Re:Stupidity! (Score:2)
Re:Stupidity! (Score:2)