Christopher Boyd: November 2008 Archives

Here we have the latest in a long line of scam sites wanting your MSN Login details so they can send URLs to everyone on your contact list. Here's a screenshot of one such message:

cpi1.jpg

Click the link, and you're taken to

crazy-party.info

cpi2.jpg
Click to Enlarge

Interestingly, the previous set of websites (all six billion of them) were supposedly run by a company in Panama, but as you can see here, the site was actually controlled by a group in China with ties to all sorts of dubious practices. This time round, the company isn't named as "TST Management", but "TP Limited". The information on the Whois data shows the site was registered fairly recently (7th of November 2008), and is registered to "Topyaa".

I'm sure we haven't seen the last of these...

There seem to be quite a lot of these doing the rounds at the moment:

spm1.gif
Click to Enlarge

They've not done a very good job with this Phish - they display an obviously fake URL, for one thing - but they do get some bonus points for attempting to lure the end-user in:

"You've been selected to take part in our quick and easy 9 questions survey.
In return we will credit $20 to your account - Just for your time!"


Sounds tempting, right?

Click the link, and you find the deal has suddenly sweetened - you're now being told the offer is for $90, not $20 - courtesy of an extremely slick looking phish page:

spm2.gif
Click to Enlarge
 
The red text on the right that says "Capital One will add $90 credit to your account just for taking part in our quick survey." is actually a scrolling ticker. Of course, the survey itself is just fluff - the meat of the scam is directly underneath:

spm3.gif
Click to Enlarge

As you can see, a spectacular grab for personal information. Name, address, Mothers Maiden name, phone number....the works. Directly below, they want your full card details, the number on the verification strip, your social security number and even your ATM Pin number. Note how they keep up the pretense of this being a real webpage (asking you if you want to sign up for an "EMail Newsletter" inbetween the different sections).

The URL to avoid is

capitalone.iseoul.net:202/capital.online.survey/

The site has been reported, and will hopefully be offline soon.





"After all, I am a member of the press and therefore have received some preferential treatment on this matter" - Dan Hsu, IGN

Well, that might explain why he had the police and the FBI all over his stolen XBox Live account. Definitely worth a read though, and the Top Seven Tips make up for the whole "preferential treatment" thing:

  1. Don't answer your secret question with the real answer. Instead, select something completely unrelated (for example, First Pet = Will Tuttle) that you can remember, effectively giving you a second password.
  2. In the "address 2" line of your profile, put down: "XBOX SUPPORT DO NOT ASSIST WITH ACCOUNT RECOVERY" to help automatically raise a red flag when a customer support rep looks up your account.
  3. If you're planning on gaming away from your default console, put your account on a memory card or move it with your hard drive, as opposed to recovering it on another machine.
  4. Never reveal any personal details about yourself while gaming over Xbox Live.
  5. On that same note, go ahead and leave your profile's bio blank. No need to tell everyone where you live.
  6. Limit the amount of information you put out there for everyone to see on social networking sites...or any website for that matter. Especially ones where you also have your Gamertag listed.
  7. Create an Xbox Live passcode if you haven't already. To do this, select "My Xbox" on the Xbox dashboard and go to your profile, then go to "Account Management" then "Xbox Live Pass Code."
Every now and then, a variation of the following appears in "lucky" mailboxes. I'm posting this up as no less than four different mailboxes of mine have had this pop up over the weekend....

"Greetings.

As you read this,don't feel sorry for me,because it is the destiny of everyman
to die someday.I am Naveed Jafar a naturalised Briton by birth and a business
merchant based in the United Kingdom. I have been diagnosed with Oesophageal
cancer.

It has defiled all forms of medical treatment,and right now I have only about
a few months to live, according to medical experts. I regret that I have not
particularly lived my life so well, as I never really cared for anyone (not
even myself), but my trade. Though I am very well to do, I was never open
handed; I was always hostile to people and regarded them like they never had
hopes of becoming as successful as myself. Now I know that there is a lot more
to life than just prosperity.

I believe that when I am given a second chance to come to this world, I would
live my life a different way from how I have lived it. Now that death is
eminent, I have willed and given most of my belonging to immediate and extended
family members, as well as a few close friends. I want Allah to be merciful to
me and accept my soul. Hence I have decided to support charity work; this is
what i want to be remembered for. So far, I have been able to reach out to a
few charity organizations in the Singapore, Algeria and Malaysia. Now that my
health has deteriorated so badly, I cannot do this myself anymore.

I once asked members of my family to aid me in giving of alms to those
organizations catering for the less privileged in Bulgaria and Pakistan; they
refused and kept the resources to themselves. Hence, I do not trust them
anymore,as they seem not to be contempt with what I have left for them.

The last of my belonging which no one knows of, is the huge deposit of Eight
million US dollars that I have in a safe keeping company abroad, which I will
want you to secure and bestow to charity organizations.

Please endeavour to reply me via email: naveedjafar07@hotmail.com For your time
and devotion, I have set aside a tenth of this for you."


It goes without saying that "throat cancer" scams are always a good way of parting people from their money - its no coincidence that this particular tactic was used in a 419 spam attack that netted the culprits $1.2 million. At the risk of sounding like Captain Obvious - avoid!
Fantastic news here.
Okay, that's not exactly what happened here. But an interesting (and fairly inventive) use of an everyday web app by a teen convinced something bad was about to happen...
Bands on Myspace have been targets of hackers, scammers and phishers for quite some time - grab the account of a popular artist or twelve, and all Hell can break loose. I was surprised to see this when doing a few searches on Myspace earlier today:

oasis.gif
Click to Enlarge

As you can see, the "official" band profile is surrounded by a striking red border (no, we didn't add that ourselves) and it says "Myspace Verified - Official Artist" at the top. This is a great way to cut down on the possibility of scammers impersonating legit acts. Not sure how long this feature has been in place, but a good idea methinks...

Safe Gaming For Kids

| | Comments (0)
Not too long ago, I did another spot on BBC TVs Newsround (a news program aimed at six to twelve year olds), talking about the scams aimed at younger gamers and surfers. Filming was good fun, and the room we filmed in was made to look all hacker-ish. All we were missing was dry ice and a guy in a trenchcoat, so kudos on that. Of particular relevance were fake Habbo Hotel logins and fake XBox Live programs, that claim to give you "free Microsoft points" but actually just steal your username and password.

I thought it might be useful to post up a list of handy gaming advice for younger gamers and their parents - some of the below links were originally posted to Vitalsecurity.org a while ago, but seeing as Vital is currently offline I don't think it's a huge problem reposting some of the links.

* First off, XBox Dad. A good blog with useful info. In particular, this entry regarding webcam settings might be helpful.

* Here's how you manage all the parental control stuff on XBox machines.

* This is a great site - Gamingwithchildren.com. I won't blab, just check it out. Good stuff.

* If you have a Wii and are currently throwing yourself around the house to the strains of Wii Fit, then you might want to check out the Wii Parental Controls page. You can even restrict the content that appears in the browser, which I must admit I had no clue you could do.

* Playstation is a bit of a pain, because if you go to their FAQ page it dumps you into some horrible mess of frames and it's impossible to link to anything. This article on USA Today seems to be accurate though, and covers settings for both PS3 and PSP which is a handy addition. The article dates back to 2006, but as far as I'm aware the information is still correct.

Something else I've noticed - a game I picked up recently had a "Child Safety Online" booklet inside the case, packed with quite a lot of content including information on Family Settings, creating a child account on XBox Live, Six Steps for Online Safety and information on PACT, which can be seen here. In general, gaming gets a hugely unfair press and nobody bothers to peel away the hype and actually applaud companies involved in gaming when they do something like this. So, Microsoft - congrats.

The "PACT" and "More Information" URLs are incorrect in the booklet though, so you might want to fix those ;)

"Buy Cocaine" Spam

| | Comments (0)
I've seen the following rather freaky spam on Blogs quite a bit lately:

bck1.gif

...yes, that does say "Buy cocaine".

Click the link, and:

bck1.jpg
Click to Enlarge

"Second thing that make our legal cocaine special is that risk free for you.Absolutelly no side effects and any dangerous after party effects.You can use cocaine absolutely free witout any problems.Just take your cocaine online and forget about everything just party star."

...um. Click yet another link, and you're taken to a vaguely surreal website with animated dancing characters all over the place, grooving to a terrible loop of what they probably hoped sounded a little like a rave in a nightclub (it doesn't):

bck3.jpg
Click to Enlarge

It turns out that this "Cocaine" is actually just a mish-mash of various chemicals that are supposedly harmless, though some of the Wikipedia links I've added do make me wonder a little:

Guarana      200 mg
Hawaiian Baby Woodrose     100 mg
L-Tyrosine     100 mg
Passion Flower     50 mg
Caffeine     50 mg
L-Arginine     50 mg
Green Tea     10 mg
Niacin     8 mg

I'd have thought you'd need to be insane to throw that lot together, but oh well. The person dropping these links has quite a lot of sites doing the rounds at the moment:

ck0.gif
Click to Enlarge

It's somewhat bizarre that "Hangover cures", "erection aids" and "anti aging cream" are mixed in with "Free party drugs", "Legal Cocaine" and "The Party Pills Shop" - I guess they'd probably need it after all those supplements and pills.

I'm alarmed to think that people still continue to sell things like this online because there are people out there willing to actually buy it. If you really want to take a chance and buy some random pills touted as a "legal form of cocaine" by some guy in Afghanistan dropping spam links on the net, then I'd suggest skipping Rehab and making do with the Asylum instead...

The New Testing PC Dance

| | Comments (0)
There comes a time when every testing PC has to be consigned to the virtual dustbin. A while ago, my main testbox was apparently pushed so hard it decided to catch fire and melt overnight. Pretty hardcore I guess, especially as I was able to keep testing on it for a few months more while I scoped out a replacement.

Sadly, my trusty testbox is no more and I've spent the last week or so shopping around for a replacement. Eventually, I found the one I wanted, but it came with Vista and there was no way to have them replace it for something else like XP.

Now, I'm not hugely perturbed by using Vista. My only previous experience of it was using it on a fairly hopeless laptop which is a recipe for disaster - on a desktop, I can't say I have any issues with it. The biggest stumbling block I hit was when it came to the main purpose of the PC - testing!

Little did I know, but VMWare Workstation 5 has issues (of the "it doesn't work" variety) with Vista. After a fair bit of Googling around, I couldn't find any information as to whether specific versions of Workstation 5 would work on it, and if so, which ones.

With that in mind, I thought I might add it here for future reference in case someone else doing testing (and running Workstation 5) needs to combine it with Vista. There's quite a few versions to choose from, but 5.5.8 seems to work fine. The only slight problem is that you can't drag and drop files from your real desktop onto your virtual one, but that's easy enough to get around with CDs and USB keys. Oh, your real desktop tends to freeze up for a minute or so when you launch VMWare too, so don't worry - your PC hasn't crashed.

I note a new version seems to have appeared in the meantime - 5.5.9 (at least I think it has. I certainly didn't see it when I downloaded 5.5.8 so maybe I'm just not very observant). If you've tried 5.5.9 with Vista, let me know what kind of results you've had.

Oh, and in case anyone was wondering, I did consider wiping it and replacing with XP - but the only version of XP I currently have to hand is in Hebrew. Long story...

Magic EBay Money

| | Comments (0)
This particular program we're about to look at is currently being promoted via videos on sites such as Youtube. The program is touted as an "electronic Paypal hacker" - supposedly, it reaches right into Paypals systems and simply "creates digital money", despositing an amount of your choice into your Paypal account. There now follows some cod-technospeak as the creator attempts to define this supposedly "victimless" crime:

pp12.jpg

"All verified accounts are stored on a verified server. That's where all the cash gets sent. When people send cash, they send packets. When you have $10 or more, that means you have enough packets for the hack to execute. When people send the fake PP cash, I grab their packets and it adds to your account. It is completely legal, Paypal money is electronic so no harm done to ANYONE!"

....sigh. Well, there's no harm done except to anyone foolish enough to fall for such a scam. In time honoured tradition, this is what the EXE looks like on your desktop:

pap1.jpg

Look, a moneybag! It has to work! Fire the program up, and...

pap2.jpg
Click to Enlarge

Very slick looking. Hit the "I Agree" button, and you'll see this:

pap4.jpg
Click to Enlarge

...you're presented with a rather fetching interface. In the spirit of making you think they're doing you a favour, you can find an MP3 player built in, links to popular networking sites along the bottom (along with a few hacking sites for good measure) and a big blank browser window.

How does this program work?

pap5.gif

Yes, amazingly that's all there is to it. Honest. Hit "Connect", and you'll see some random messages appear in the Status Display - just to make you feel more like you're really doing something hacker-ish:

pp10.jpg

pp8.jpg

With programs like this, who needs to watch The Matrix? Anyway, the previously empty browser window now fills up with the Paypal website:

pap6.jpg
Click to Enlarge

Our wannabe hacker still hasn't actually hacked anything yet, but fear not - hit the "Add Cash" button (after selecting an amount of either 100 Dollars or Euros), the following screen appears:

pap11.jpg
Click to Enlarge

"Choose the amount you want, then login in this TPPH Login page to receive the money into your account. Attention: This will not work if you don't have a valid (verified) Paypal account containing $10".

Of course, anyone familiar with Paypal will know that this popup is not from the official Paypal website - it's something the creator of the application has put together. Let's see - they want you to "Submit" your Paypal login details somewhere....they want you to have a Verified account....and they request that you already have a minimum amount of cash in there when you submit the information.

Does that sound like you're going to get free Paypal money? Or does it sound more like you've just sent your Paypal login details to a complete stranger in an overly elaborate fashion?

We detect this as PPHack.

(Thanks to Senior Threat Researcher Chris Mannon for additional research).
Not the newest scam on the block, but it does seem to be currently doing the rounds so it's worth highlighting. If you're sent an EMail with the same title as this article, with content that looks like this (usually sent from a random Hotmail account):

fmail1.gif
Click to Enlarge

...then delete it, it's a scam.

Spin?

| | Comments (0)
From an article where the net is listed as a threat to "National Security":

"He said: "We have to recognise that on the net you can practically get the full DNA of the First World War flu that killed 24 million people.
"

...that is quite possibly one of the most bizarre things I've ever read in relation to why the Internet poses a threat to security. I don't own a chemical lab, nor am I an expert at creating killer viruses on my lunch break so can someone enlighten me with regards how much of a threat the above actually is?

I have my suspicions, but I'd like to confirm them...

I'm not sure why, but I'm being sent an awful lot of Phish mails this month. The latest one takes you to

home.doramail.com/spade526/

The page is a typical Paypal phish, though they're not actually interested in obtaining your Paypal login in the slightest. They're after something a little more personal.

ppscm2.gif
Click to Enlarge

Note that in addition to your name and address, they're also asking for your social security number. Not a particularly new idea for a scam, but still not a good thing. The creators have made some basic errors which will cost them potential victims, though - they assume the victim receiving the mail lives in the United States, and they also have a few typos in there - enough to set off alarm bells for those not specifically targeted, with any luck.

In the last few days while randomly clicking around Facebook, I was surprised to see
this appear when clicking an external link:

fbleave.jpg
Click to Enlarge

Not sure when they started doing this, but definitely a good move as more and more people continue to target Facebook. Of course, Myspace have been popping up a "You are about to leave..." page for quite some time - out of interest, does anyone out there know of other types of website (non social networking ones) that have to resort to this kind of thing? Or is it only the 2.0 sites that have to pop up these warnings all the time?

I think we know the answer to that one...

When I saw the name of this website - "The Habbo Movie" - I thought it might be quite inventive. Alas, it appears to be a more standard type of "enter your login and hope you get something for free" affair.

The domain is

everyoneweb.com/thehabbomovie

Here's a screenshot:

habz1.gif

Click to Enlarge

According to Google Translator, it says something vaguely similar to this:

Habbo's best,

We now have furniture in Habbo Free! Because, Habbo is just 4 Years! But, how do you say those things receive Free? There is a solution devised by Lotus! We have placed below a Mail Form! Fill in your details and what you want to receive! You can pick only 1 thing! We have to HC and Things and Super Normal Rare stuff! What are you waiting for? Fill the form quickly! YOU RECEIVE THE FURNITURE now!


Doesn't sound very convincing so far, does it? Enter your Habbo login, and this appears:

habz2.gif

It says:

Notice of Habbo Staff:

YOU ARE PLACED CREDITS! SEE YOU SOON!

Regards,
Habbo Staff

Lotus


And, just like that, you've handed over your login to a complete stranger. I wouldn't bet on getting any free furniture...

Twitterspam...

| | Comments (0)
This is fairly typical Twitterspam that's been seen doing the rounds since yesterday:

zsp1.jpg
Click to Enlarge

Click the link, and you're taken to a "sign your life away for a free laptop" deal:

zsp2.jpg
Click to Enlarge

What's really bizarre about this particular piece of advertising is that if someone tries to access this offer from outside of the US, a message will appear saying "Redirecting to an offer in your area" and instead of a free MacBook offer, you're taken to....

zsp4.jpg
Click to Enlarge

...Zabasearch, a US-centric people finder website. I'm sure there's logic in there somewhere, but I'm still trying to work it out. The account is now suspended, but not before it managed to pick up around 175 followers.

Whoops...
A contact of mine passed this URL over to me - it was posted to the Myspace page of his friend a while ago, and he thought there might be something a little odd about it. The site is called

friends-to-friends-only.com

When you arrive on the page, you'll see this:

Snap1.jpg
Click to Enlarge

The text reads "Our system indicates that a pic from your IP address has been uploaded to this site within the past 48 hours". In addition, an incredibly creepy MP3 recording says the same message out loud. Note the blurred out images in the background, too - all in all, it's a remarkably freaky and somewhat worrying thing to see upon arrival. At the top of the page (not in the screenshot), it says:

"Privacy Note: We never send SPAM to your email address. We never sell your personal info.
This is NOT a MySpace or Facebook login page. MySpace/Facebook users are not authorized to participate on this website."


That's a strange thing to say, isn't it?

Click "Ok", and...

Snap2.jpg
Click to Enlarge

Already, you're being asked for the name of your friend, and your full name complete with an email address. At this point, you'd have absolutely no idea what was going on here. There's a definite sense of them wanting to make sure everything you do is correct - hover over the input boxes, and a popup appears that says "It is very important that you type your email address accurately so that we can match our records correctly".

At this point, most users would probably be wary of Phishing or some form of EMail harvesting.

The next box makes things even more alarming:

Snap4.jpg

"You may use current password"? This begs the question - what current password? You've never been to this site before, and you don't have one. But wind back a little bit, and remember that you've already handed over an EMail address on the previous question. As this link was appearing on Myspace pages, it's a good bet that a portion of users will have entered the EMail address used for their Myspace account.

Cynics would argue those same users might think they're supposed to use their Myspace password above, thus handing complete strangers their Myspace login. Yes, the site says "Myspace users not allowed", but this seems somewhat redundant - if this link appears on a Myspace profile and that user visits, they're certainly not going to leave the site after being panicked into thinking the site has mysterious pictures of them being stored on it.

And who could blame them?

Either way, hit Submit and you're presented with an alert that says they need to know how you found this site. The text reads:

"Most people are sent a link to this site on their GMail, Hotmail, Yahoo, Google or Facebook account". It then lists said services, along with a few others underneath. Most of the links lead to the same URL, but click the "I got here from Myspace" link, and you're presented with the following:

Snap7.jpg

There's no other explanation given, but it seems somewhat peculiar that Myspace have taken the step of trying to remove all association from whatever this website is offering. Select one of the other options, and you'll be hit over the head with a popup that says

"FINAL STEP: Our system indicated that your friend recently bookmarked and reserved this page just for you!"


All nonsense, of course. But jump through some more hoops anyway, and...

Snap9.jpg
Click to Enlarge

...are we there yet? The end result of all this is......

Snap10.jpg
Click to Enlarge

....the worst attempt at humour I've seen in a long time. Needlessly worrying people with a load of fictitious nonsense about "pictures", confusing and pointless prompts that could theoretically cause people to hand over Myspace login information at different stages of the process......not a great combination. And we're not done yet. Click away from the picture above, and you're presented with a highly detailed "What Next" guide:

Snap11.jpg

It's the next bit that really cracks me up, though:

Snap12.jpg

I don't know about you, but I'm not sure I'd want my users to visit a site like this anyway. It might be entirely harmless - and to be fair, the EMail address I created just to use on this website has never been sent a single spam mail - but the package taken as a whole makes me distinctly uncomfortable.

There's also a lot of alternate URLs leading to the same site - one brave soul has done a lot of digging on this, and come away with a jackpot of web addresses. They're also quite adamant on the notion that this whole thing is a Phishing scam - while I'd like to take a more "wait and see" approach where that's concerned, I'd personally advise anyone reading this not to use this particular website, regardless of the URL used to get there initially.
ugly1.jpg
Click to Enlarge

mnsblock.altervista.org. The site is currently offline, which is probably just as well...
This is a particularly thoughtless and poor-taste hack. This is Rapecrisiscenter.org, a support site for people in the Central Massachusetts area:

rccnt1.jpg
Click to Enlarge

Unfortunately, the site has apparently suffered multiple attacks which may or may not be related. At time of writing, there are at least two Phish pages live, one for Abbey Bank:

rccnt2.jpg
Click to Enlarge

...and one for Lloyds TSB:

rccnt5.jpg
Click to Enlarge

To make matters worse, jumping back a little in the Directory space brought me to this:

rccnt30.jpg
Click to Enlarge

Yes, a random group of page defacers proclaim the glory of Turkey from a hacked rape crisis website.

We've notified the site owners, and hopefully everything will be fixed soon.


rightclick.jpg
Click to Enlarge

Right click disabled? That's probably because they don't want you to know the information behind the popup regarding the "download" is just a static image file that never changes. All this site really wants you to do is download a toolbar (the prompt for this is just out of screenshot).

If you're wondering what this is all about, go over to the ParetoLogic Malware Diaries Blog. They found a spam comment on Youtube - nothing unusual there, you might think. However - the difference is that unlike most spam comments on Youtube that lead to rogue Malware, nameless hijacks and the like, this one takes you to a Webfetti site that promotes an ASK toolbar. It's interesting that these tactics are now being used to promote applications from legit companies now too, instead of just custom-built Malware created by hackers and fake media codecs (which used to be the case).

ASK have done a lot of work in recent years to clean up some of the affiliate problems they've had, and hopefully they'll take action on the findings made by the ParetoLogic team...

419 Scammer On Skype

| | Comments (1)
[5:51:48 PM] smith kabila says: GOOD DAY   
       FIRST AND FOREMOST,I MUST SOLICIT YOUR STRICTNESS CONFIDENCE IN THIS TRANSACTION AND I PRAY THAT MY DECISION TO CONTACT YOU WILL BE GIVEN GENUINE APPROVAL CONSIDERING THE FACTS WE HAVE NOT KNOWN EACH OTHER BEFORE, I WISH TO USE THIS OPPORTUNITY TO INTRODUCE MYSELF TO YOU.
 
      I AM SMITH KABILA FROM DR CONGO,   AFRICA. I WRITE TO INFORM YOU MY DESIRE TO INVEST,AND TO BUY A LIVING HOUSE IN YOUR COUNTRY. I AM THE FIRST  SON OF MR.BRIGHT KABILA, HE WAS A DIAMOND/GOLD MERCHANT IN MY COUNTRY.MY FATHER HAD A BULLET SHOT BY THE REBELS ON HIS WAY TRAVELLING OUT OF MY COUNTRY WITH TWO OF MY YOUNGER SISTER'S DUE TO PRESENT CRISIS THAT IS OCCURRING IN MY COUNTRY(DR CONGO).MY SISTER'S DIED ON THE SPOT WHILE THE U.N.PEACE KEEPING FORCE RESCUED MY FATHER,HE WAS TAKEN TO HOSPITAL FOR MEDICAL TREATMENT WHICH HE LATER DIED. BEFORE HE DIED HE REVEALED TO ME AND MY MOTHER ABOUT THE BOXES CONTAINING $7 MILLION US DOLLARS.WHICH HE DEPOSITED WITH A SECURITY COMPANY IN GHANA FOR SAFE KEEPING. MY FATHER DID NOT DISCLOSE THE CONTENT OF THE BOXES TO THE SECURITY COMPANY.TO AVOID THE OFFICIALS FROM RAISING EYE BROWS TO THE FUNDS.
 
       PRESENTLY MYSELF AND MY MOTHER ARE HERE IN GHANA TO NOTIFY THE SECURITY COMPANY FOR THE CLAIMS,AND WE ARE STAYING IN THE REFUGEE CAMP. THEREFORE I WANT YOU TO LECTURE ME ON HOW BEST WE CAN INVEST THIS MONEY,BECAUSE MY FATHER TOLD ME THAT IT IS DANGEROUS TO INVEST THIS MONEY IN AFRICA TO AVOID SUSPICIONS, AND DUE TO MARKET INSTABILITY COUPLED WITH ECONOMIC AND POLITICAL INSTABILITY FACING AFRICA COUNTRIES,THAT IS WHY WE WANT TO INVEST IN ABROAD. FOR YOUR MUTUAL ASSISTANCE, MYSELF AND MY MOTHER HAVE AGREED TO OFFER YOU 20%OF THE TOTAL AMOUNT OF THE MONEY AND ALSO 3% FOR ANY EXPENSES.
 
    WE HAVE ALL THE VITAL DOCUMENTS COVERING THE DEPOSIT AND THE OWNERSHIP WHICH I CAN SEND TO YOU THROUGH FAX ON REQUEST. NOTE:I HAVE NEVER DISCLOSED THIS TO ANY PERSON APART FROM YOU,SO YOU HAVE TO KEEP THIS TRANSACTION AS A TOP SECRET TO YOURSELF ALONE.WHICH I WILL WANT YOU TO FORWARD ACROSS TO ME YOUR DIRECT TEL/FAX NUMBER FOR MORE INFORMATION'S ABOUT THIS TRANSACTION.

contact through this contact
this is my direct line, 233 247890536
email contact : smithkabila29@yahoo.com
 
BEST REGARDS,
 
SMITH KABILA. (FOR THE ENTIRE FAMILY)


....quite a long one, isn't it?

He then spent a lot of time trying to convince me to "work together", claiming he would show me everything he knows about webscams.

Doh.

smithkabila100 is the Skype account to block.

More Kiddie Hackers

| | Comments (0)
There's an eye catching article over at the F-Secure Blog:

"Hi, i Am Ronit I am In 9th [grade] And I Struggled A Lot In My Life , But I Still Happy Bcoz My Family Is With Me , But Now i didn't have any friend here , all people's are very bad , i really wana change my life , please teach that how to hack cc's or shop admin's..."



Making Tea At The BBC

| | Comments (0)
The last few weeks, I've been busy doing a few talking head things for the BBC. Mostly, they asked me to talk about a favourite subject of mine, kids getting involved in hacking and cracking. The reaction to this subject is always fascinating, because some will immediately dismiss it as "old news". The "news" isn't that kids are doing it - they've always done it. I'm pretty sure we all know that by now. No, the interesting part for me is that by and large, we don't know what to do about it.

The filming process is a curious one, because hours and hours of filming different subjects and scenarios end up as a few minutes of material. Here's the interview.

Besides that, I also did a blink-and-you'll-miss-me spot on BBCs Newsround last week - Newsround is a news show aimed at younger viewers (typically six to twelve years old), and they asked me if I'd spell out some of the dangers for kids getting involved in this kind of activity at such a young age. Obviously, the Newsround site is aimed at young children, but here's a piece on their website about the subject anyway.

About this Archive

This page is a archive of recent entries written by Christopher Boyd in November 2008.

Christopher Boyd: October 2008 is the previous archive.

Christopher Boyd: December 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.