|Login / Logout / Resources for Consumers / Create a FREE Online Account / Contact Us|
|Membership||Issues||Events||Professional Development||Who We Are||Contact|
FROM PFISHING TO PFARMING: THE TOP FIVE SPAM SCAMS OF MARCH 2005
FOR IMMEDIATE RELEASE
Louis Mastria 212.790.1529 Lmastria@the-dma.org
Stephanie Hendricks 202.861.2407 Shendricks@the-dma.org
From Pfishing to Pfarming:
THE TOP FIVE SPAM SCAMS OF MARCH 2005
The DMA Announces the Top Scams for the Month,
as Identified by the National Cyber-Forensics & Training Alliance
New York, NY, April 21, 2005 – The National Cyber-Forensics & Training Alliance (NCFTA) has identified its top-five spam scams of March 2005. These include fraudulent e-mail purporting to come from the Federal Bureau of Investigation (FBI) and the redirecting of a Web request to another, bogus location.
The NCFTA is a nonprofit organization focusing on cyber crime issues. It operates the Direct Marketing Association’s (The DMA) Operation SLAM Spam in affiliation with the FBI. SLAM Spam is supported financially by The DMA. The DMA is working with NCFTA, as well as federal authorities, nonprofit organizations, and business organizations, to fight fraudulent spam.
“The Internet represents the ‘New Frontier’ when it comes to fraud,” said Patricia Kachura, Senior Vice President, Ethics and Consumer Affairs, The DMA. “Everyone, consumers and businesses alike, must be constantly vigilant to scams that seek to collect personal or financial information to be used to commit fraud.”
Online fraud cost merchants $2.6 billion in 2004, an increase of $700 million from 2003, according to a survey conducted by CyberSource Corporation. Approximately two percent of all online sales are fraudulent. While significant resources are being dedicated to fighting fraud, it is still imperative that consumers and merchants also take direct responsibility and make sure they know with whom they are doing business before providing valuable personal and financial information.
The top five spam scams for March identified by the NCFTA include:
1. Pharming Attacks: Pharming is the redirecting of an individual’s Web request to another location. For example, if an individual with an infected computer conducts online business with a specific bank, that person will type the bank link into the address bar, but will be redirected to a designated phishing site that looks very similar to the authentic site but is, in fact, fraudulent. Because the individual did not click on any obscure link, the site will appear to be legitimate.
Pharming can also result from a hijacked Domain Name Server (DNS), an Internet service that translates domain names into IP addresses. When a hacker poisons a DNS, he or she changes the specific record for a domain, sending individuals to a Web site very different from the one they intended to access – without their knowledge. Usually, the hacker does this by posing as an official who has the authority to change the destination of a domain name. DNS poisoning is also possible via software vulnerability.
2. Google Hacking: NCFTA has identified a site advertising several hundred instances of scammers using the Google search engine to retrieve sensitive information from individuals. Using an explicit search command, it is possible for scammers to find business résumés that individuals have posted on the Web. These documents often contain information such as Social Security numbers, family history, dates of birth, home addresses, phone numbers, and education. Individuals who unknowingly provide all this personal information are very susceptible to identity theft. NCFTA is compiling information about the hacking site to be turned over to law enforcement if specific violations can be identified. NCFTA through The DMA also has alerted the Federal Trade Commission to this scam.
3. FBI Virus/Spam Hoax: The NCFTA has assisted the FBI with its investigation concerning a fraudulent e-mail hoax (http://www.ifccfbi.gov/strategy/wn050223.asp). The FBI has become aware of spam e-mail fraudulently claiming to be from fbi.gov accounts. The e-mail sounds official, even threatening, in tone, and appears to be sent from the e-mail addresses of firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, and email@example.com. The recipient is enticed to open an attachment that contains a W32.Sober.K@mm worm. The actual text of the e-mail is shown below:
You have visited illegal Websites.
We have logged your IP address on more than 40 illegal Websites. Important: Please answer our questions! The list of questions are attached.
Federal Bureau of Investigation – FBI –
4. Phishing: Phishing attacks use spoofed e-mails and fake Web sites to fool recipients into revealing personal information or to have a Trojan/virus placed into their computer. By using trusted brands of well-known companies such as financial institutions, online retailers, ISPs, and credit card companies, phishers attempt to dupe innocent consumers into revealing their personal information. Phishing schemes are often delivered via spam e-mail.
5. Nigerian Scams: There are several variations of this scam that, at its core, either informs the recipient that he/she is allegedly due a large sum of money or asks for their assistance with some form of illegal money laundering. The recipient either will be asked to provide money as “processing fees” or personal financial information to facilitate the transaction. These scams, which were more abundant last year, have reemerged in conjunction with the tsunami scams.
The above five spam scams are based solely on limited NCFTA data. However, this information is then shared with the FBI, which, with assistance from The DMA’s SLAM Spam project, provides law enforcement authorities with a much more robust understanding of the top spam scams.
Useful tips to detecting and combating fraudulent spam, include:
§ Never reveal personal information to an unverified recipient. This includes:
o Login names and passwords
o Credit card numbers
o PIN numbers
o Bank account numbers
o Mother's maiden name
o Social Security number
o Date of birth
§ Never respond to requests for the personal information listed above via e-mail. If the e-mail looks “phishy,” call the company that claims to have sent you the e-mail to verify its authenticity. Look up the phone number on your own and do not trust any numbers supplied by the e-mail without verifying them. Never trust hyperlinks in e-mails. Visit Web sites by typing the URL into your address bar. Review your credit card and bank statements for any unusual transactions. Report them immediately if you find any unauthorized transactions.
§ Report suspected abuses of your personal information to the proper authorities. Do not use the same passwords on multiple sites.
§ Avoid opening spam that contain attachments, especially if they contain an “.exe” or “.d11” suffix.
§ Eliminate spyware by following the list of countermeasures offered by the NCFTA. These can be found by visiting The DMA’s Web site and clicking on the “For Consumers” section (http://www.dmaconsumers.org/).
To obtain additional information about fraudulent spam and to learn tips for not getting phished, please visit the following DMA and FTC Web sites:
About the NCFTA
The NCFTA (www.ncfta.net) provides a neutral collaborative venue where critical confidential information about cyber incidents can be shared discreetly, and where resources can be shared among industry, academia, and law enforcement officials. The Alliance facilitates advanced training, promotes security awareness to reduce cyber-vulnerability, and conducts forensic and predictive analysis and lab simulations. These activities are intended to educate organizations and enhance their abilities to manage risk and develop security strategies and best practices.
About The DMA
The Direct Marketing Association (www.the-dma.org) is the leading trade association for businesses and organizations interested in direct, interactive, and database marketing, which in 2004 generated more than $2.3 trillion in US sales, including $143.3 billion in catalog sales and $52.5 billion in Web-driven sales. In addition to catalogs and the Web, DMA members employ a wide variety of marketing media, including mail, e-mail, telephone, newspapers and magazines, interactive television, and radio, among others. Founded in 1917, The DMA today has more than 5,200 corporate, affiliate, and chapter members from the US and 44 other nations, including 55 companies listed on the Fortune 100. Reflecting the significant and growing role that direct marketing plays in today’s advertising mix, The DMA’s membership represents marketers from every business segment, including catalogers, Internet retailers, retail stores, nonprofit organizations, advertising agencies, financial services providers, book and magazine publishers, book and music clubs, industrial manufacturers, and a host of other vertical segments, as well as the service industries that support marketers.
# # #