Chat with
Hackers

How to Defend
Your Computer 

The Heretic! 
A Hacker Thriller

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

GUIDE to (mostly) Harmless Hacking
Volume 3, Number 11

How Phishing Works - and How to Fight Back
____________________________________________________________

In this Guide you will learn:

* Why financial computer crime is easy
* What is "phishing" and how does it work?
* What kinds of browsers can be spoofed?
* How to protect yourself
* How to fight phishers
* Where to learn more
____________________________________________________________

FINANCIAL COMPUTER CRIME IS EASY

Since this GTMHH covers a ridiculously easy way to use computer crime to steal money, let's get the warning out of the way right now:

You can go to a Bulgarian jail: Law enforcement agencies are busting dozens of people who have committed phishing attacks. For example, in October of 2004, the kingpin phishers of shadowcrew.com, darkprofits.com and carderplanet.net found out that they weren't as smart as they thought. So far, law enforcement officers have arrested at least 28 leaders of these crime syndicates in eight states of the United States and six foreign countries. They are charged with identity theft, computer fraud, credit card fraud and conspiracy. What do you want to bet that those who have been arrested will turn in dozens of their buddies in the hope of getting lighter sentences? See the U.S. Secret Service warning at http://shadowcrew.com (also registered as http://www.shadowcrew.ru) for details.

The Shadowcrew.com crime syndicate was the sort of thing we laugh at on "It sucks to be me" (http://happyhacker.org/sucks/). Shadowcrew members openly used their web site as a depot where fools could buy or sell their computer crime-based goods. The criminal masterminds must not have realized that law enforcement officers could also visit their web site. Duh.

How were people this stupid able to run a major computer crime operation? The problem is that stealing credit card and online bank account information is ridiculously easy. So easy that even they could do it.

In this Guide to (mostly) Harmless Hacking, we show you how they stole credit card, identity, and bank account information. More importantly, we show you how to fight back: how to keep them from stealing from you, and how to help put them out of business and behind bars.

WHAT IS "PHISHING" AND HOW DOES IT WORK?

The bad guys start with spam "phishing" emails. These attempt to trick you into going to a phony website and entering your credit card, bank account and/or personal identification information. Following is an example of one of these emails, with full headers:

X-Message-Info: M/gr+040+gkr/YI+7/873534489165837
Received: from smtp-raceway.calibre.support@citibank.com
([138.89.5.150]) by fv26-mr80.support@citibank.com with Microsoft
SMTPSVC(5.0.4957.7558);
Fri, 22 Oct 2004 00:11:16 +0400
X-Message-Info: VPODV+%ND_LC_CHAR[1-3]762+ymq+T+93/926370747162
Received: (qmail 35270 invoked by uid 9); Thu, 21 Oct 2004 15:15:16
-0500
Date: Thu, 21 Oct 2004 13:10:16 -0700
Message-Id: <71440864101.56162@support@citibank.com>
From: Customer Support <support@citibank.com>
To: Cmeinel <cmeinel@nospam.techbroker.com>
Subject: Dear customer your details have been compromised
MIME-Version: 1.0 (produced by sagebrushaffluence 9.0)
Content-Type: multipart/alternative;
boundary="--83900919849103568278"

Dear Customer:
Recently there have been a large number of cyber attacks pointing our database servers. In order to safeguard your account, we require you to sign on immediately. This personal check is requested of you as a precautionary measure and to ensure yourselves that everything is normal with your balance and personal information. This process is mandatory, and if you did not sign on within the nearest time your account may be subject to temporary suspension. Please make sure you have your Citibank(R) debit card number and your User ID and Password at hand. Please use our secure counter server to indicate that you have signed on, please click the link bellow:
http://218.45.31.164/citifi/
!! Note that we have no particular indications that your details have been compromised in any way. Thank you for your prompt attention to this matter and thank you for using Citibank(R)
Regards,
Citibank(R) Card Department
(C)2004 Citibank. Citibank, N.A., Citibank, F.S.B.,
Citibank (West), FSB. Member FDIC.Citibank and Arc Design is a registered service mark of Citicorp.

Newbie note: How do you show full headers? In Outlook or Outlook Express click view --> all headers. If you are using Eudora (free from Eudora.com), click on the "Blah blah blah" button. In Thunderbird (free from Mozilla.org) click view --> headers --> all.

More --->>

Back to the Guides to (mostly) Harmless Hacking --->>   
Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's

© 2004 Happy Hacker All rights reserved.