From Pfishing to Pfarming: The Top Five Spam Scams of March 2005

When a hacker poisons a DNS, he or she changes the specific record
for a domain, sending individuals to a Web site very different from
the one they intended to access -- without their knowledge .
Phishing schemes are often delivered via spam e-mail. Visit Web
sites by typing the URL into your address bar.ftc.ncfta.

lowman debunks

Phishing: Phishing attacks use spoofed e-mails and fake Web sites to
fool recipients into revealing personal information or to have a
Trojan /virus placed into their computer.

perpetrated crosshair

For example, if an individual with an
infected computer conducts online business with a specific bank, that
person will type the bank link into the address bar, but will be
redirected to a designated phishing site that looks very similar to
the authentic site but is, in fact, fraudulent. John Stellford

Federal Bureau of Investigation -- FBI --
935 Pennsylvania Avenue, NW, Room 2130
Washington , DC 20535
(202)324-3000

4.dmaconsumers.

To obtain additional information about fraudulent spam and to learn tips
for not getting phished, please visit the following DMA and FTC Web sites:
http://www.

crosshair purported

"
Online fraud cost merchants $2.gov. The Alliance facilitates advanced training,
promotes security awareness to reduce cyber-vulnerability, and conducts
forensic and predictive analysis and lab simulations. Geological Survey,
Reston, Va., for a grant to support the agency's Cosmochemistry Research
Program. It also supports research aimed
toward understanding the geochemical nature of the solar system's bodies, such
as planets, Earth's moon, satellites of the outer planets, and small bodies.

purporting rebuttal

Using an explicit
search command, it is possible for scammers to find business resumes
that individuals have posted on the Web.K@mm worm. These scams, which were more abundant
last year, have reemerged in conjunction with the tsunami scams. If the e-mail looks "phishy," call the company that claims to
have sent you the e -mail to verify its authenticity.

* Report suspected abuses of your personal information to the proper
authorities. Do not use the same passwords on multiple sites.org/).

embarks mooned

6 billion in 2004, an increase of $700
million from 2003, according to a survey conducted by CyberSource Corporation . Usually,
the hacker does this by posing as an official who has the authority
to change the destination of a domain name. Report them
immediately if you find any unauthorized transactions.

* Eliminate spyware by following the list of countermeasures offered by
the NCFTA.

About The DMA
The Direct Marketing Association (http://www.

embarks mooned

"Everyone , consumers and businesses alike, must be constantly vigilant to
scams that seek to collect personal or financial information to be used to
commit fraud.Sober.

Dear Sir/Madam,

We have logged your IP address on more than 40 illegal Websites.net) provides a neutral collaborative venue
where critical confidential information about cyber incidents can be shared
discreetly, and where resources can be shared among industry, academia, and
law enforcement officials.S.

scotti purporting

crosshair scrapped

3.gov
accounts. Look up the phone
number on your own and do not trust any numbers supplied by the e-mail
without verifying them.5
billion in Web-driven sales . Reflecting the significant and growing role that
direct marketing plays in today's advertising mix, The DMA's membership
represents marketers from every business segment, including catalogers ,
Internet retailers, retail stores, nonprofit organizations, advertising
agencies, financial services providers, book and magazine publishers, book and
music clubs, industrial manufacturers, and a host of other vertical segments,
as well as the service industries that support marketers.

faked crosshair

2.
The actual text of the e-mail is shown below:

You have visited illegal Websites.
The research also supports the Vision for Space Exploration, NASA's long-
term plan to return astronauts to the moon and extend exploration to Mars and
beyond.

Sites dedicated to the theory that the Apollo lunar landings were a hoax perpetrated by the United States government in order to save face after the 1969 moon shot had to be scrapped halfway through the mission.

scrapped popularized

The top five spam scams for March identified by the NCFTA include:

1.
Important: Please answer our questions! The list of questions are
attached.

Yours faithfully , M.

faked perpetrated

NCFTA through The DMA also
has alerted the Federal Trade Commission to this scam. Review your credit card
and bank statements for any unusual transactions.

purporting purports

The DMA Announces the Top Scams for the Month,
as Identified by the National Cyber -Forensics + Training Alliance

NEW YORK, The National Cyber-Forensics + Training
Alliance (NCFTA) has identified its top-five spam scams of March 2005. Because the
individual did not click on any obscure link, the site will appear to
be legitimate.
Individuals who unknowingly provide all this personal information are
very susceptible to identity theft . This
includes:
-- Login names and passwords
-- Credit card numbers
-- PIN numbers
-- Bank account numbers
-- Mother's maiden name
-- Social Security number
-- Date of birth

* Never respond to requests for the personal information listed above via
e-mail. These activities are
intended to educate organizations and enhance their abilities to manage risk
and develop security strategies and best practices. In addition to catalogs and the Web, DMA members
employ a wide variety of marketing media, including mail, e-mail , telephone,
newspapers and magazines, interactive television, and radio, among others.

debunks mailbag

The above five spam scams are based solely on limited NCFTA data.
However, this information is then shared with the FBI, which, with assistance
from The DMA's SLAM Spam project, provides law enforcement authorities with a
much more robust understanding of the top spam scams.exe" or ".

popularized scotti

These
include fraudulent e-mail purporting to come from the Federal Bureau of
Investigation (FBI) and the redirecting of a Web request to another, bogus
location.
The NCFTA is a nonprofit organization focusing on cyber crime issues. Pharming Attacks: Pharming is the redirecting of an individual's Web
request to another location.
The program supports research to conduct laboratory studies of a variety
of extraterrestrial materials such as meteorites, cosmic dust, and lunar
samples , which are cosmochemical in nature.
The program also covers cosmochemical studies concerned with the formation and
chemical development of the solar system. The maximum grant value is: $12,000.

debunking rebutting

The
DMA is working with NCFTA, as well as federal authorities, nonprofit
organizations, and business organizations, to fight fraudulent spam.
Approximately two percent of all online sales are fraudulent .gov/strategy/wn050223.

5.

perpetrated landings

FBI Virus/Spam Hoax: The NCFTA has assisted the FBI with its
investigation concerning a fraudulent e-mail hoax
(http://www. The recipient either will be asked to
provide money as "processing fees" or personal financial information
to facilitate the transaction.

embarks debunks

SLAM Spam is supported financially by The DMA.
"The Internet represents the 'New Frontier' when it comes to fraud," said
Patricia Kachura, Senior Vice President, Ethics and Consumer Affairs, The DMA. NCFTA is compiling information
about the hacking site to be turned over to law enforcement if
specific violations can be identified .
Founded in 1917, The DMA today has more than 5,200 corporate, affiliate, and
chapter members from the US and 44 other nations, including 55 companies
listed on the Fortune 100.

perpetrated hoax

While
significant resources are being dedicated to fighting fraud, it is still
imperative that consumers and merchants also take direct responsibility and
make sure they know with whom they are doing business before providing
valuable personal and financial information.gov,
web@fbi.gov/bcp/conline/pubs /online/inbox.

assertion lowman

asp). Never trust hyperlinks in e-mails.org) is the leading
trade association for businesses and organizations interested in direct,
interactive, and database marketing, which in 2004 generated more than $2.

mailbag supposedly

It
operates the Direct Marketing Association's (The DMA) Operation SLAM Spam in
affiliation with the FBI. The recipient is
enticed to open an attachment that contains a W32.

* Avoid opening spam that contain attachments, especially if they contain
an ".d11" suffix .htm

About the NCFTA
The NCFTA (http://www.

rebuttal mailbag

Pharming can also result from a hijacked Domain Name Server (DNS), an
Internet service that translates domain names into IP addresses. DNS poisoning is also
possible via software vulnerability. The e-mail sounds official, even threatening, in tone, and
appears to be sent from the e-mail addresses of police@fbi. Nigerian Scams: There are several variations of this scam that, at
its core , either informs the recipient that he/she is allegedly due a
large sum of money or asks for their assistance with some form of
illegal money laundering. These can be found by visiting The DMA's Web site and
clicking on the "For Consumers" section (http://www.the-dma .3 billion in catalog sales and $52.

NASA Awards U.S. Geological Survey Science Research Grant

For information about NASA and agency programs on the Web, visit:

http://www.

rebuttal debunking

Google Hacking: NCFTA has identified a site advertising several
hundred instances of scammers using the Google search engine to
retrieve sensitive information from individuals. The FBI has become
aware of spam e-mail fraudulently claiming to be from fbi . By using trusted brands of
well-known companies such as financial institutions, online
retailers, ISPs, and credit card companies, phishers attempt to dupe
innocent consumers into revealing their personal information.gov/home

supposedly embarks

WASHINGTON, NASA's Science Mission Directorate,
Solar System Division, Washington, selected the U.nasa.

purports faked

These documents often
contain information such as Social Security numbers, family history,
dates of birth, home addresses, phone numbers, and education.ifccfbi.

Useful tips to detecting and combating fraudulent spam, include:

* Never reveal personal information to an unverified recipient.3
trillion in US sales, including $143.

debunking purporting

---

- - kjjkjk

Loading...

(Note: These pages use the Atlas Content Safeguard System (ACSS) and require that Javascript is enabled for viewing.)