Ajit Gaddam: TechNews and Security

When I investigated further trying to pinpoint the source of the UK Lottery Scam email, I discovered this that a University server was compromised and in turn was being used to send out spam emails.

Return-Path: <claimsagent_alenfoster207@yahoo.co.uk>
Received: from mail.westmont.edu (mail.westmont.edu [64.136.190.200])
by mx.google.com with ESMTP id b2si6730331rvf.2007.08.10.20.50.01;
Fri, 10 Aug 2007 20:50:32 -0700 (PDT)
Received-SPF: neutral (google.com: 64.136.190.200 is neither permitted nor denied by domain of claimsagent_alenfoster207@yahoo.co.uk) client-ip=64.136.190.200;
Received: from localhost (ns1.westmont.edu [10.50.10.1])
by mail.westmont.edu (Postfix) with ESMTP id 2B654C278C6;
Fri, 10 Aug 2007 20:48:00 -0700 (PDT)
Received: from 81.199.63.50.rmts.satcom-systems.net
(81.199.63.50.rmts.satcom-systems.net [81.199.63.50]) by
webmail.westmont.edu (Horde MIME library) with HTTP; Fri, 10 Aug 2007
20:47:58 -0700
Message-ID: <20070810204758.hhdwcd108c8g00gw@webmail.westmont.edu>
X-Priority: 3 (Normal)
Date: Fri, 10 Aug 2007 20:47:58 -0700
From: UK NATIONAL LOTTERY <claimsagent_alenfoster207@yahoo.co.uk>
Reply-to: claimsagent_alenfoster2000@yahoo.co.uk
To: undisclosed-recipients:;
Subject: YOU WON
User-Agent: Internet Messaging Program (IMP) H3 (4.0.4-RC2)

Observations

1. Google is hosting the email of this university

2. Spammers are sending out mail from a university email server that of westmont.edu or Westmont College in California, USA to send out a UK Lottery Scam EMail

3. Does this mean we are dealing with a hacked email account of a Westmont student, a hacked email server of Westmont College or is the webmail.westmont.edu an open relay server which spammers can use to bounce email of and make it appear as if the email was coming from Westmont College.

Nearly all of the internet-connected computers that send email are controlled by spammers, according to Return Path, a company that compiles email reputation data.

Of the 20 million IP addresses that send email and are tracked by Return Path, only 0.9 per cent have earned a reputation score that will allow their emails to be delivered to Return Path clients. About 2.5 per cent encounter problems such as spam traps or having garnered too many complaints. But 96.7 per cent score so badly the sending computer is likely to be a hacked PC, the company said.

Spam makes up almost 75 per cent of all messages sent today, according to email security service Postini.

This email needs further investigation. I will follow up on this.

I just received a mail from the Associate Director of IT at Wesmont College

Read the rest of this entry »

UK National Lottery Scam or UK Lottery Scam is gaining popularity among spammers these days who specialize in scam email and scam fraud. You might have heard about Nigerian Scammers among many others.

I have previously blogged about Microsoft Lottery Award email scam which was one of the most popular articles on my blog.

In this article I am going to share with you the generic content of the UK National Lottery Scam or the UK Lottery Scam

Uk National Lottery
PO Box 42 Peter borough
SE15 2UD
UNITED KINGDOM

Ref: BTL/491OXI/04
Batch: 12/ 25/0304

ATTENTION: Winner,

This is the official result of the UK 2007 LOTTERY PROGRAM. held on 5th. of August, 2007. Your e-mail address drew the winning lucky numbers:04, 05, 16, 19, 21, 49 & 20. You have therefore been approved to claim a total sum of
£500.000.00(G.B.P) in cash credited
To file for your claim please kindly provide the following informations and send it to our Fiduciary Agent who shall clear you as a winner

PLEASE NOTE THAT YOU ARE TO SEND THE BELOW INFORMATION REQUIRED TO CLAIM YOUR WINNING PRIZE:
1.Full Name:……………………………………………………..
2.Address:………………………………………………………..
3.Nationality:…………………………………………………….
4.Age:…………………….Date of
Birth:……………………………………
5.Occupation:…………………………………………………….
6.Phone:……………Phone 2:……………….Fax:……………..
7.State of Origin:………………….Country:……………………

contact our claims agent below.
Mr.Alen Foster
E-mail:claimsagent_alenfoster2000@yahoo.co.uk

Sincerely,
Brian Hunt
On line Coordinator
The Uk National Lottery

Protecting yourself is very challenging in the hostile environment of the internet. Imagine a global environment where an unscrupulous person from the other side of the planet can probe your computer for weaknesses, and exploit them to gain access to your most sensitive secrets.

They can even use your computer to store data like stolen credit-card numbers or child pornography, or to attack another innocent home user or business from your system.

Here’s Kevin Mitnick’s Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace.

#1. Back up everything! You are not invulnerable. Catastrophic data loss can happen to you — one worm or Trojan is all it takes.

#2. Choose passwords that are reasonably hard to guess — don’t just append a few numbers to a no-brainer. Always change default passwords.

#3. Use an antivirus product like AVG or Norton, and set it to update daily.

#4. Update your OS religiously and be vigilant in applying all security patches released by the software manufacturer.

Read the rest of this entry »

An Associate producer of Dateline, a NBC show, Michelle Madigan tried to attend this year’s DEFCON psing undercover where she registered as a programmer and came to the annual Hacking/Security conference with a hidden camera hoping to get some hidden scoops for her show.

However, there was one small problem. DEFCON has a strict rules prohibiting media from photographing or videotaping without approval. Another Michelle was never really undercover. The organizers of DEFCON got a tip off from a mole at NBC that she was showing up posing undercover. So the organizers politely tried to give her a press pass which she repeatedly refused. So the geeks took it into their own hands.

The organizers in a conference in between held an impromptu “spot the undercover reporter”. Madigan fled, much to the delight of the convention attendees who mocked her all the way to the parking lot. Check out the video below.

Read the rest of this entry »

Uber Hacker turned Security Expert Kevin Mitnick has a business card that definitely goes with his high profile image. Kevin Mitnick is now a professional computer consultant (doing business as Mitnick Security Consulting, LLC), and has co-authored two books on computer security: The Art of Deception (2002), which focuses on social engineering, and The Art of Intrusion (2005), focusing on real stories of security exploits.I would highly recommend “The Art of Intrusion” which I got when in the second year of my grad school in a security class of Dr. Richard Ford

Meanwhile, check out Mitnick’s business card filled with images of various lock picking tools … the art of “prying out information” definitely Kevin’s speciality. You can learn about Kevin Mitnick here