Sponsors

Tuesday, September 29, 2009

Anatomy of A Failed Nigerian Email Fraud Scam







On Monday, September 28, 2009, I received an email from what first appeared to be a prospective client responding to my Craigslist.com ad for IT Services. It did not take long for me to verify that the individual on the other end was an Internet Cyber Criminal attempting to commit fraud, and decided that I would be their next careless victim. So to educate the public and to have a little fun, I put on my Information Security Professional hat and played along so I could write a really cool Clark Thought Leadership blog on Email Frauds and Scams.


Anatomy of A Failed Nigerian Email Fraud Scam

  Clark Thought Leadership Security Work Blog


9/28/2009 10:00 PM

Information Security Professional receives email solicitation from an individual responding to a Craigslist.com ad for IT Services. Information Security Professional performed screen captures of all email correspondence with solicitor to be used as evidence and saved in this blog. See below.

(To enlarge, click on image)





9/28/2009 10:02 PM

Information Security Professional performed a Google search of the following line contained in the solicitor's email: 
"I got your contact On Craigslist.org and i was just checking if you will be available to repair and install some applications"


Information Security Professional saved the information obtained by the Google search in a screen capture and saved as evidence in the blog. See below.

(To enlarge, click on image)


Information Security Professional inspected the web page of the first link retrieved in the Google search:

  • http://www.blackgate.net/blog/scam-warning-computer-repairer-installer-needed/.

 Information Security Professional observed that the web page link was a blog called Black Vituperative with an article titled:

  • Scam warning: “Computer Repairer & Installer Needed”.
After Inspection of the web link mentioned above, Information Security Professional determined that web link was a blog article warning about a particular type of email scam. Additionally, Information Security Professional concluded that the sentences from the inspected web page and the information in the email received by the solicitor matched and contained similar information.



9/28/2009 10:06 PM

Information Security Professional responds to solicitor's email.



9/29/2009 10:08 PM

Information Security Professional receives reply from solicitor. Information Security Professional inspected the email and determined that the solicitor replied using an email address, which was different from their initial email solicitation. See below.

(To enlarge, click on image)





9/28/2009 10:20 PM

Information Security Professional replied to solicitor in an attempt to have them visit the Clark Leadership Blog, which could be used as a detective control to potentially determine the solicitor's true location.

Note: The Clark Thought Leadership blog uses the StatCounter.com service to track Internet visitor statistics. The data stored on StatCounter.com is secure from unauthorized access. See below.

(To enlarge, click on image)






9/28/2009 10:25 PM

Internet Security Professional receives reply from solicitor acknowledging that they visited the Clark Thought Leadership blog. See below.


(To enlarge, click on image)


9/28/2009 10:21 PM

Information Security Professional replied back to solicitor quoting a price for their service request.



9/28/2009 10:35 PM

Information Security Professional receives reply from solicitor agreeing to the quoted price. See below.


9/28/2009 10:21 PM

Information Security Professional logged in to the StatCounter.com dashboard page to inspect the tracking information for the Clark Thought Leadership blog. Information Security Professional performed screen captures of the StatCounter logs and saved them to the blog as evidence. See below.

(To enlarge, click on image)
StatCounter Image 1


(To enlarge, click on image)
StatCounter Image 2


(To enlarge, click on image)
StatCounter Image 3




Information Security Professional created a table called Visitor Analysis and placed the StatCounter data into it. See below.


Visitor Analysis
Date
September 29, 2009
Time
10:21 PM
IP Address
41.189.0.139
Continent
Africa
Country
Nigeria
Region
Lagos
City
Lagos
ISP
Swift Networks Ltd.
Visitor Path
Julius-clark.blogspot.com


Information Security Professional created a table called Visitor System Specifications and placed the StatCounter data into it. See below.



Visitor System Specifications
Browser
Firefox 3.5
Operating System
Microsoft Windows XP
Monitor Resolution
1024 x768
Javascript
Enabled

  9/28/2009 10:40 PM

Information Security Professional received reply from solicitor agreeing to the price quoted. Additionally, the solicitor requested that my personal information was needed to send a Certified Check to me. See Below.

(To enlarge, click on image)



After Inspection of all the information contained in table above, Information Security Professional determined that the solicitor gave false information in the email about their location being in Panama City, Panama. Inspection by Information Security Professional determined that solicitor was operating from within the city of Lagos, Nigeria, which is located on the continent of Africa.


9/29/2009 2:56 PM

Information Security Professional performed a search of the Arin.net Who Is search database and performed a screen capture and saved it to the blog as evidence. See below.

(To enlarge, click on image)



Information Security Professional created a table of the Who Is data and the information for the scope of this blog into a table. See below.

ARNT.net Who IS Data of Email Solicitor
Domain
Afrinic.net
Registration Date
April 12, 2005
Registration Last Updated
May 5, 2009
Address 1
03B3 3rd Floor Ebene Cyber Tower
Address 2
Cyber City
City
Ebene/ Mauritius
Phone Number
+230 4666616
Email to Report Abuse
abusepoc@afrinic.net


Findings

After inspection of the evidence from above, Information Security Professional has determined that the solicitor is an Internet Cyber Criminal, who was attempting to commit a fraud for monetary gain. Information reported in this blog article will be reported to the proper legal authorities.



9/29/2009

Internet Security Professional reported the attempted criminal activity to the Internet Cyber Crime Center (IC3). IC3 is a partnership between the Federal Bureau of Investigations (FBI) and White Collar Crime Center (NW3C).


Note: IC3 was established as a partnership between the NW3C to serve as a means to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate.


(To enlarge, click on image)

Enjoy,

Julius, MBA, MSIS, CISSP, CISA

Thanks to my boy Lawrence Belton, CISSP, for providing some Thought Leadership for this blog article!


Below is the email sent by solicitor in ASCII format



Greetings,

I got your contact On Craigslist.org and i was just checking if you
will be available to repair and install some applications on(13) PC ..
Get back to me for details if you'll be available.As soon as possible.


Thanks.


Kind Regards.




++++++++++++++++++++++++++++++++++++++++++++++++++++





Hello ,




How you doing?  


I read your description and i am highly impressed in your services,I have some Hp PCs(Intel Pentium IV) since we currently have a major breakdown on most of our systems and I thought it was best to have a general upgrade and maintenance.(I will be providing the software needed).Below are the things needed to be done one on each laptops:


1 Format Hard Drive
2 Install Win Xp with Service Pack 2
3 Microsoft Office Package
4 AVG Virus Software (Free Lifetime Updates)
5 Adobe Acrobat
6 Laptop Cleaning of the keyboard, screen and other case.
7 Diagnostics of the entire system after to check hard, CD Rom, floppy, etc.


I will like You to know that my mode of payment is by US certified check mailed and address to you from my employer company since I am presently on a business workshop in Panama city,South American and i want you to know that i will handle the shipment myself since i have a shipper from the state here that will bring the laptops to your place,and will come pick them up as soon as you are done with them.


I should have make this a phone order but i have a network problem of where i am and my shipper will be coming with the necessary Software for the installations of the Computers with both the Operating System,Microsoft Office and the Anti-virus for each computers .


However,get back to me with your last asking price for the 11 laptops. I await your urgent response so that i can put the arrangement in order.


Thanks and hope to read from you soon.

Friday, September 25, 2009

Amazing Social Media Icons



Great Social Media Icons All In One Place

If you are like me while on your Social Media Journey you have found yourself spending some time performing web searches to find Social Media Icons for popular sites like Facebook, LinkedIn and Twitter.

So to help others I found several great sites that have a huge assortment of Social Media icons and other fantastic looking icons.

Type of Social Media Icons Available:

  • Different Shaped Icons
  • Hand Drawn Icons
  • Mini Icons
  • Caricature Style Icons
Tutorials On Creating Icons

Great Social Media Icon Sites

The Best Social Media Icons All In One Place

  • http://webdesignledger.com/freebies/the-best-social-media-icons-all-in-one-place
600+ Free Design, Twitter and Social Media Icons: A Collection Motherload!

50 Free High-Quality Icon Sets



Enjoy,

Julius

Wednesday, September 23, 2009

McGruff SafeGaurd Monitors Your Kids Internet Activity



Free Trusted Service to Monitor Your Kids Internet Activity.

McGruff Internet Safety for Parents
Take a bit out of Internet Safety

The Internet is full of perils that kids can fall prey to. Do you as a parent worry about what your child is doing on the Internet? Who they chat with, what they are chatting about, the amount of time they spend on the Internet? Your worry list can become extremely long. You remember McGruff the crime dogs? Parents should remember McGruff's very popular phrase growing while growing up as a child themselves; "take a bite out of crime".

McGruff is now taking a bite out of Internet Safety and offering a FREE service for parents to monitor you're their kids Internet activity.

Free Features

  1. Its basic features are permanently Free!
  2. It installs invisibly on your child's computer and you never have to go back to the computer to review the sites and conversations. You monitor your child's activity from another computer and the service is password protected and secure.
  3. It has an easy to use control panel to monitor & block your child's Internet activities.


  4. Monitors:
    1. • All website visits
      • MySpace/Facebook and social network activity
      • Chat and instant message conversations
      • Search engine phrases
      • Emails sent on popular systems, including AOL, Yahoo, MSN and Hotmail
      • Tracks total hours spent online





  5. Alerts:

    1. • Intelligent monitoring automatically alerts you by email to potential danger
      • Get daily summary of activity
      • Report predators directly to Law Enforcement
      • Auto-monitors for hundreds of dangerous phrases
      • Create your own custom alerts




  6. Search:

    1. • Your child's activity by keyword and date
      • Your child's activity by buddy name


For the Ultimate Level of Protection

The free version of McGruff SafeGuard is great for basic monitoring, but many parents want more. McGruff SafeGuard Plus gives you the highest level of parental monitoring available.

Upgrade-only features include:

  • Get danger Alerts via cell phone
  • Grab passwords from social networks and other websites
  • Email, print, copy & paste activity
  • Receive daily email with all chat conversations
  • Receive weekly summary report of all activity
  • Schedule pre-set times for kids to use the PC
  • View activity up to 30 days old
  • Block inappropriate websites

Screen Shot of Parental Monitoring Console








To review the service go and vist McGruff's website:

http://www.gomcgruff.com

Protect your children and help them to properly enjoy their Internet experience!


Sincerely,


Julius

Thursday, September 3, 2009

Choose The Right Web Browser For The Right Activity: I Will Show You How



Choosing the right Internet Web Browser is similar to choosing the right tool out of a tool box to do a job.

Keeping this simple I recommend that you use the top three Internet Browsers; in my opinion, for the following jobs. The following is my personal order of preference.

Stability & Security - Firefox

  • Worldwide Firefox Browser Market Share as of Sept 2009; Currently 31.2% , up from 26.08% same time last year.
  • Use the Firefox browser mainly for stability and most importantly when you want added security protection for activities such as online banking, credit card payments, email and other activities that require you to safeguard your confidentiality.
Performance - Google Chrome

  • Worldwide Google Chrome Browser Market Share as of Sept 2009; Currently 3.4% , up from 0% same time last year.
  • Use Google Chrome when you demand performance from your web browser. Pages load much faster with Google Chrome, especially when using Social Networking sites like Facebook and MySpace.
Compatibility - Microsoft Internet Explorer

  • Worldwide Browser Internet Explorer Market Share as of Sept 2009; currently 58.83% down from 68.91% same time last year.
  • Use Internet Explorer when you need to be compatible the majority of sites on the internet and especially corporate intranets. IE's market share has been steadily dwindling due to the browsers mentioned above, but it is still the dominate browser because Microsoft Windows operation systems run on over 80% of the worlds PCs, and the IE browser already comes installed on it.
Enjoy,

Julius, MBA, CISSP, CISA

Reference

http://gs.statcounter.com/#browser-ww-monthly-200808-200909

Get Expert Advice!