[ale] OT: online banking hack

[Jim Philips]

On Tuesday 13 May 2003 06:57 am, Jonathan Rickman wrote:
> > 2. This was an example of exploiting the weakest link in security, namely
> > us Humans..:-)
>
> ...and possibly another. Was this an HTML message? If so, then you should
> view the source of the message, get the IP that the hyperlink really
> points to, run a whois search (man whois) and forward the info on to the
> owner of the netblock in question. 

I tried dig and host on the IP address. Nothing conclusive. Here is the 
address:

198.173.235.126


> I'd report the message itself as plain
> old spam after a quick header check. If the headers reveal that the
> message did indeed come from BoA's servers, it would be nice to give
> them a courtesy call. I wouldn't waste too much time with the feds on this
> one. You, being the apparent recipient of typical spam, will not even hit
> their radar.

It is spam in that it was sent unrequested to multiple recipients. But this is 
a deliberate attemtp to defraud banking customers and steal money, so I am 
sure the feds are interested in it from that angle. If you try to hack a 
bank's servers and are found out, you will very quickly get a call from the 
FBI. So, believe me, it's on their radar. I worked for and with banks for six 
years.

> The netblock owner (if it's an American netblock) will get
> more attention and BoA (if the mail did come through their server) will
> certainly garner some attention.

There is zero chance this actually came from BOA. The scam has been going 
around for over a year. In the cases where investigators actually found out 
something, the trail led to hackers employed by the Russian mafia.
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale