The Filipino jail and other vacation/travel scams are sent to every person in the originally hacked person's email list. The perps don't know who is who - they're looking for someone who is gullible enough and likes the victim enough to reply. It's like spearphishing (sending an email with a malicious exploit or link to a specific target) based on personal information. I've used an example of that on a Cabinet-level exec only to find that the connection I though existed was actually negative - the target disliked the person from whom I thought they would accept email. Much of modern cyber crime is nothing more than confidence tricks updated to the modern milieu. A lot of the rest is simply spying but using computers and networks.
Ray Parks Consilient Heuristician/IDART Program Manager V: 505-844-4024 M: 505-238-9359 P: 505-951-6084 NIPR: [email protected] SIPR: [email protected] (send NIPR reminder) JWICS: [email protected] (send NIPR reminder) On Nov 18, 2013, at 11:17 AM, Steve Smith wrote: > Nick - > > Just send me the $2500 and don't worry your pretty little head about it... > I'll be sure he gets it. Or at least that it gets spent. > > Actually there are a whole class of phishing schemes that are slightly too > oblique for me to guess exactly what they are about. Sometimes I think it > is (to extend the phishing metaphor) chumming... tossing out bait with no > hook to get a frenzy going. For example, if they send out 1.9 million > requests for various things ($2500 loan because of robbery in Phillipines, or > $900 for a plane ticket to get back to Manila from Denver to help the family, > or ...) and then scrape the open web archives of lists like FRIAM for that > same text, they can find how receptive folks (like yourself) are to that > particular scam. Let's say your question to the list was "how do I get the > money to him, I"m sure this is legitimate, he must have forgotten to give me > the info where to wire the $2500) then they recognize that their scam is good > and to elaborate it for you (and others like you), or even to just follow up > in person (... Nick, I forgot to tell you in my last e-mail... can you > wire-transfer that $2500 to XXXyyyZZZ in Manila right away... and it would > really help if you send me your Driver's License #, Credit Card #s with > expiration and security code, and maybe your mother's maiden name "just in > case"?) > > Another possibility (slimmer) is that the ReplyTo field in the original > e-mail is different from the From: which you recognize. When you blithely > hit "Reply", it goes to another e-mail. Given that e-mail addresses have two > parts (the common name, and the actual address such as "Nick Thompson > <[email protected]>") someone (like me) can make it feel like the recipient is > replying to you while actually replying to me... it takes a tiny bit of > sophistication but... heck, for $2500/mark, why not stretch oneself a bit > and learn some tricks? > >> Could anybody translate Owen’s message into ordinary language? Or >> shouldn’t I bother my pretty little head about it. > > Probably not, but let me try riffing on it in pidgen Zuni and Basque: > > Basically, someone who runs the forum (mail list? Web Site discussion group?) > indicated to the constituents that their server(s) had been compromised (we > don't know how or how they know it)... they apparently indicated that the > hackers (probably? surely?) got access to the forum users' Database which > would have "personal information" (name, e-mail, more?) and apparently > (encrypted) passwords. > > One way to discover clear-text from an encrypted list (passwords) is to > encrypt (using various methods?) a dictionary of likely words/phrases and > compare the resulting encryption to the password list. If any of the > encrypted words/phrases match something in the list, then you know that clear > text (password). This depends on your using words that are likely to be in > their dictionary. Their dictionary needn't be a list of english-language > words (though that is an obvious collection to include), it could be a > collection of likely or already known passwords (e.g. "password" or > "f*ckoff!", etc.)... thus if they crack your password on one site, they can > add that to their "dictionary" and if you have used it on another site, it > will pop right up with this form of attack. > > If the site administrator/system uses "salt" (see wikipedia link), each > password gets folded in with a psuedo-random number so that it no longer > looks anything like the original password that might show up in a dictionary. > user:nickt password:nickt becomes user:nickt password:gob@#ledy$%go%ok , > with the latter less likely to be in their dictionary (which might also be > custom-built based on your personal information such as DOB, paternal uncle's > favorite cat, mother's maiden name, Pet Cockatiel's DOHatch, etc.). > > Ikusi arte, So' a:ne, Adios, Ciao, Carry on! > - Steve >> >> Meanwhile, this morning, I got an urgent message from an acquaintance asking >> me to loan him 2500 dollars on account of his being robbed “at gunpoint” in >> the Philippines. A call to his home revealed that he was safe and sound in >> Denver. Here is the puzzle. The spoofer gave me nowhere to send my money. >> Thus, I have 2500 dollars to send and nowhere to send it. The only way I >> had of getting back to him/her was via the spoofed email address. No link. >> No bank account number. No phone number in Manila. How does THAT work? >> >> Nick >> >> >> Nicholas S. Thompson >> Emeritus Professor of Psychology and Biology >> Clark University >> http://home.earthlink.net/~nickthompson/naturaldesigns/ >> >> From: Friam [mailto:[email protected]] On Behalf Of Owen Densmore >> Sent: Monday, November 18, 2013 10:13 AM >> To: Complexity Coffee Group >> Subject: [FRIAM] Forum hacked >> >> A forum I belong to has been hacked, including personal info as well as >> passwords. >> >> How do they use this information? >> >> I presume they try the hash function on all combinations of possible >> passwords. (Naturally optimized for faster convergence). They see a match, >> i.e. a letter combination resulting in the given hash of the password. >> >> If they crack one password, does that make cracking the rest any easier? >> >> And does "salt" simply increase the difficulty, and indeed can it be >> deduced, as above, by cracking a single password? >> >> .. or is it all quite different from this! >> >> -- Owen >> >> >> ============================================================ >> FRIAM Applied Complexity Group listserv >> Meets Fridays 9a-11:30 at cafe at St. John's College >> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com > > ============================================================ > FRIAM Applied Complexity Group listserv > Meets Fridays 9a-11:30 at cafe at St. John's College > to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
smime.p7s
Description: S/MIME cryptographic signature
============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
