“…which appear to come from employers or colleagues.”

http://technology.guardian.co.uk/news/story/0,,1967226,00.html

Internet criminals signing up students as ‘sleepers’

· Gangs go talent spotting and offer to fund studies

· Popularity of sites such as MySpace fuelling scams

Jeevan Vasagar

Friday December 8, 2006

The Guardian

Organised gangs are recruiting the next generation of internet criminals by approaching undergraduates on university campuses.

In some cases gangs offer to finance undergraduates’ studies and plant them as sleepers within target businesses, according to a report on cybercrime which draws on intelligence from the FBI and British and European hi-tech crime units.

Cybercriminals are exploiting the popularity of social networking sites such as MySpace to steal identities or craft more personalised fraud attempts, the report says. More than 1m computers were infected with malware this summer after MySpace users clicked on a spoof advertisement placed by hackers.

Today’s report by computer security company McAfee warns that online criminals are increasingly turning their attention to mobile phones, with the phenomenon of phishing, sending emails under a bogus identity to elicit personal information, spreading to text messages.

In August two major mobile phone operators in Spain were targeted in this way, the first time a criminal operation has transferred targeted spam from the internet to mobile phones, according to the report. The scam used the companies’ own system to send texts to customers offering free anti-virus software purporting to come from the phone operator. But when customers followed the link to install the software their computers were infected with malicious programs.

Internet crime has become more focused, according to the McAfee report, which says there has been a shift away from hit-and-miss global viruses to attacks which try to cash in on news and sports events such as this year’s World Cup.

In May a Trojan horse, a hidden malicious program, disguised itself as a World Cup wallchart and was distributed by spam email, while another virus which infected Microsoft Excel files was concealed in a World Cup results spreadsheet. Once compromised, vast botnets are created – sometimes millions of puppet computers controlled by hackers. Brazil, Portugal and Angola attracted a high proportion of spyware and malicious downloads.

Cristiano Ronaldo and David Beckham were the favourite player targets.

Criminals are also tailoring their attacks with a method known as spear phishing, emails which appear to come from employers or colleagues.

According to Apacs, the payments association, phishing by text message, also known as smishing, is rare in Britain, but there has been a steep rise in online fraud over the past year. Online banking fraud cost the industry £22.5m in the first half of this year, compared with £14.5m in the same period last year.

"When this type of scam started the emails being sent out had spelling mistakes and the grammar was very poor," said an Apacs spokesman. "Now, when you get the emails you can be duped into thinking they’re real – you can even have logos in them."

The McAfee report, which is based on work with law enforcement agencies including the Metropolitan police and the FBI, claims criminals are conducting extensive talent-spotting exercises on campuses. The typical target is not an existing criminal – the so-called black hat hacker – but a bright student trawling for passwords and personal data out of curiosity rather than malice.

Greg Day, security analyst for McAfee, said: "A lot of these people go into chatrooms, discussion sites, and start a discussion. Organised crime is involved in that."

Inexperienced young hackers often talk to each other in an internet slang known as l33t, which helps gangs target them. One popular tactic is blackmail. "They’ll say: ‘We know you did this, we can shop you unless you come and work for us’. Sponsoring students through a degree is more likely to happen in less affluent countries like Russia or India."

The report warns: "There is a false economy of trust. People don’t present personal information to strangers on the street, but building profiles online means that internet criminals can instantly access a mine of details – names and interests, pets and life stories."

Junk and Jargon

Malware Covers many types of malicious programs able to infect computers, websites and files

Phishing Used to trick surfers into handing over confidential information. Personalised scams, often purporting to come from friends or colleagues, are known as "spear phishing"

Spam Unwanted email, often selling fake goods or illegal services

Virus A piece of code which attaches to a host file before copying itself and trying to infect other computers

Trojan horse Code disguised as something innocuous that attacks a computer and opens it up for other hackers

Botnet Large numbers of hacked computers linked together to send spam emails around the world

Spyware A kind of malware which installs tracking systems to watch what you do on the internet

Smishing A relatively new form of phishing which uses text messages to mobile phones

Black hat The most dangerous form of hacker, distinct from "white hats", who break into systems to alert the public

l33t A dialect developed by hackers. The sentence "I hacked you" becomes "I h4x0r3d j00"

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Well, well.

A dos semanas en el “poder” (¿entenderán ustedes la diferencia entre legal y fáctico?) veo preocupantes signos de desesperación, desasosiego, desgaste, etc., etc., etc.

Pensé que jamás le iba a agradecer nada a mi abuelo paterno, pero observándolos, tengo que aceptar que me da gusto que comprara “religiosamente” cada semana el “Lágrimas y Tripas” (Nada personal, Mr. IMF) y “Kalimán”. Como diría este último: “Serenidad y paciencia, mucha paciencia”.

El poder lo tienen ustedes realmente, pero me temo que no saben cómo ejercerlo, se los advertí: les faltan ideologos que a los “otros” les sobran. ¡Exacto! Consíganse uno de esos chaqueteros que sobran en las filas de enfrente para que les de luz sobre una o dos “cositas ricas" (¡ah, no! eso es otra cosa, sorry) de la realidad objetiva. ¡Caramba! Sí ya los han tenido como suprasesores. Me temo que ustedes no creen en ellos. ¿No es cierto? (Dígase con un fuerte acento ché, como el de Ahumada).

Iba a decir me dan risa, pero no, he aprendido a no subestimar al contrincante, por el que tengo un sumo respeto. Pero, no sean, sus intentos de coptar son “infantiles” (perdón por la paidófila alegoría). Debe haber sido en el documental “The Corporation” cuando en respuesta al entrevistador el Michael Moore dice más o menos esto: “… lo mejor de todo es que tenemos estos espacios abiertos, … ellos no creen realmente en algo, y eso es una gran ventaja. Invertirán aún en aquello que represente un peligro para sus intereses, con tal de obtener ganancias…”.

Nada más cierto hoy en día. Pregúntenle a los “magos” de las finanzas de ENRON (por cierto, a uno de sus cabecillas en México, ustedes lo tienen por gran gurú, ja), que pusieron en peligro a creo la tercera o cuarta economía del mundo. Así que, no me preocupo, con leer un poco, sé de sus formas de operar, lo que no puede necesariamente ser afirmado en cuanto a algunos de nosotros. Los caminos se van encontrando primero, y luego construyendo día a día. Dice Saint-Exupery: que el hombre se mide a sí mismo con el obstáculo. Nada más cierto, cada “Barrera” que se nos levanta nos deja una importante lección al superarla, pero creo algunos de mis compas no se han dado cuenta de ello.

Bueno, como saben, estoy cargadísimo de trabajo, y no tengo tiempo de seguirlos aleccionando con mi “sabiduría” Ahora que esta de moda la banalidad extrema me despido parafraseando al comercial de Tang: “No se lo merecen”.

M@rcX

Norwich, GB.

15/12/06

P.D. Como aparte de neurótico (de ahí el sarcasmo a flor de piel), esquizofrénico-paranoide, y todos los etcéteras posibles, también soy megalómano, y se han tomado uno o dos ideas prestadas:

Mano cadena como protesta a lo largo de una principal avenida.

Afirmar que: “En realidad no hay Plan B”

La importancia de la ortografía como forma de reflejar la cultura.

Se me olvidan oXtras, pero les doy shampoo, creo que ya vienen más, aún cuando me he quedado sin mi “musa inspiradora” (… en esta tragicomedia, entra a escena un interminable suspiro).

P.D.1. Recapitulando, ya me acordé que saltaron realmente, cuando expresé mi sentir en un “nick” por lo del lío entre la “Poni” y el más “Ringo” de ustedes. Y fué a final de mes, no a principios. A menos claro que, como en toda neurosis perfecta, las tres hipótesis se entrelacen. Eso sería AWESOME.

This entry was posted in Computers and Internet. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s