Internet Crime Complaint Center Posts New "Vishing" Update

The Internet Crime Complaint Center, part of the Federal Bureau of Investigations in the United States, posted a warning about a potential attack on a particular sort of system. In private branch exchange ("PBX") settings, entities like offices or even dormitories can conserve the number of external telephone lines needed while allowing in-house station to station contact. For any libraries using the package Asterisk, there is a Caller ID spoofing vulnerability that may force an upgrade.

The holidays are a very stressful time of year and a great opportunity for criminals to do bad things. Keeping in mind patron privacy laws is one way to ensure the case the FBI notes won't be a problem. Patching software holes is another part of a holistic solution.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

spam

Maybe it's just a lack of money, but I can't understand why banks and credit card companies and paypal and ebay etc. don't go after those spammers that are spoofing their email addresses and ruining their (good) reputations. I am soooo sick of getting fake emails from so- called 'financial institutions'...and it only seems to be expanding.

For a while, I was forwarding my spam to the government as per their request, but nothing was ever pursued. Is the government doing anything to clamp down on spammers?

Yes, the government does

In fact, a couple of the biggest spam operations were shut down recently due in part to government efforts. But it's an intractable problem, partly because the biggest spammers are mostly not US-based (or at least their ISPs aren't), partly because the entities tend to be shadowy and move around a lot.

Help me with this spammer

Hi there, having a lot of problems with spammers/bots on my forum - vbulletin 3.6.4. They're managing to bypass both the CAPTCHA and email verification checks and just post bunch of links that IMO is usless? What's the point anyway? Take a look on them, maybe it can give some clues on what software spammers are using and create some additional protection?

Anyways, i've been adding the IPs and emails (wildcards for Russian emails, etc.) to the ban-list in the vBulletin control panel, but there are becoming so many the banlist on the control panel is starting to become very slow for displaying all the IPs/emails when I visit that section. Because I've banned most of the Russian, Ukraine and Chinese top-level domain names, the spammers are using Gmail accounts which is much harder to police as, obviously, there are lots of legitimate Gmail users. Therefore is there some way of importing the StopForumSpam list into vBulletin, please? Thanks!

As to vBulletin

Upgraded from 3.6.4 to 3.7.4 may be your best bet. One non-professional forum I participate in was on 3.6.4 and I was listed as a "Bot Terminator" there for flagging spam bits. After the upgrade to 3.7.4 the problem seems to have gone away.
________________________
Stephen Michael Kellat, Host, LISTen
PGP KeyID: 899C131F

Forums are tougher animals

Short of repeated email verification (we use a double verification for PLN), I have no idea what you can use to prevent people from signing up and spamming a forum. (Others here may be more knowledgeable.)

My own experience has been with blogs and wikis. Blogs that have more than, say, 10-20 readers a day are spam comments and linkback targets; with WordPress, either Akismet or Spam Karma 2 seems to block nearly all spam comments--and I decided not to show linkbacks when I started the blog. As for wikis, "open" wikis with any traffic at all are extremely vulnerable...but with double verification and daily monitoring, you can keep things under control.

Lists/forums? Someone else needs to weigh in.

net criminals

What are the punishments dished out when a spammer, and other types of criminals not including molesters. Are the punishments adequate to prevent further crime by the offenders? If not why not?

Syndicate content