Yeah, OK, I'm not keeping this up. I need to lower my standards so don't feel obligated to write a full essay for every entry.
Recently in General Category
We just had another one of those mass email scams that claimed it came from wou.edu and told people to reply with their usernames and passwords.
At least three people fell for it and their accounts got hijacked and used to send tons of spam until we shut them down. What a mess.
Maybe someday people will learn to think before following instructions they see in some random email. Not likely... but it's more likely than all these [vile cursewording] spammers and scammers deciding to work for a living instead of exploiting people.
Wow, I've been sick as a dog for a while. It's nice to be back but there's a ton of things I need to catch up on.
And yet again it's been a few months since I last posted. In my defense, these have been crazy months, including the mailserver upgrade, the mess with the all-faculty-staff email lists, frantically trying to get caught up on all the other stuff I had to lets slide because of the big things, then I went on vacation, then I came back and had to get caught up from that, then I was out sick a few days...
Sheesh. The thing is, none of this stuff should be a barrier to updating my blog. I think my problem is that I feel like I have to write something long and involved, not to mention at least a bit witty. Really all that's needed are quick updates.
So let's see if, this time, I can do better. I've been working on those posts about "how does the Web work anyway" that I mentioned, but they're pretty dense, so it might be a while before I put them up. Meanwhile I'll concentrate on shorter posts and try to catch up on my entry count.
A couple years ago I signed up for Project Honeypot, which is a distributed network of fake email domains set up to catch spam for research purposes. All I had to do was create a subdomain off of a domain I already had (I didn't use any WOU resources for this) and set it up to point to the Project Honeypot servers, and then forget about it. They don't even need access to my site or anything.
So anyway, I hadn't thought about this in a while, but this morning they sent me a notification that they'd caught their one billionth spam message (which happened to be an IRS phishing scam, in case you're curious.) They also included some statistics (Quoted from their email:)
- Monday is the busiest day of the week for email spam, Saturday is thequietest
- 12:00 (GMT) is the busiest hour of the day for spam, 23:00 (GMT) is the quietest
- Malicious bots have increased at a compound annual growth rate (CAGR) of 378% since Project Honey Pot started
- Over the last five years, you'd have been 9 times more likely to get a phishing message for Chase Bank than Bank of America, however Facebook is rapidly becoming the most phished organization online
- Finland has some of the best computer security in the world, China some of the worst
- It takes the average spammer 2 and a half weeks from when they first harvest your email address to when they send you your first spam message, but that's twice as fast as they were five years ago
- Every time your email address is harvested from a website, you can expect to receive more than 850 spam messages
- Spammers take holidays too: spam volumes drop nearly 21% on Christmas Day and 32% on New Year's Day
You can find lots more here.
For those not familiar with security terminology, this article states that websites which allow uploading of Flash files are vulnerable to a security hole that lets bad guys run code that has all the security accesses of the webserver combined with those of the unsuspecting person who runs that file.
For instance, an attacker could send a specially coded Flash attachment to their victim in a gmail message. When the victim loads the attachment, it gets to do anything the gmail server could do with the victim's account; reset the password, delete messages, send messages (spam!), etc.
The scariest part is that there's not really a fix without significantly changing the way Flash works behind the scenes. In the meantime, you should avoid flash that isn't directly provided by the website you're going to. For instance, the Flash slideshow on the WOU homepage is OK because we wrote it, but if you go to somebody's personal website like "http://www.wou.edu/~joeblow" then you should be careful unless you personally know that Joe Blow isn't the kind of person to play nasty tricks.
Actually that's not really the best example, because even if Joe Blow has one of these malicious Flash files on his webspace on our server, it wouldn't profit him much because there's nothing much our webserver can do other than show you web pages. The WOUPortal and the Sun Java Email system are on separate servers, so they wouldn't be vulnerable to Joe Blow's attack. Of course, Joe Blow could send you a Flash attachment in an email, and if you open it in the Java email system, it could do nasty things to your email account.
Since the security certificate on our main webserver was set to expire soon, I've been getting these email messages at firstname.lastname@example.org saying "Reminder - SSL Certificate for www.wou.edu expires in 5 Days", counting down every day until the expiry date. I didn't pay attention to them at first, because I already knew the cert was about to expire. Then after we renewed the cert (Thanks, Summer!) the messages still kept showing up.
I took a closer look and found out that the messages don't even come from Thawte, our usual certificate vendor, but from some place called "certstar.com". They pretended our expiring certificate came from them, though, and told us we should renew it by clicking the handy-dandy link they provided.
Well, I wasn't born yesterday, so I didn't touch the link, but I was curious enough to go to their main site. It looks reasonably professional, but they don't secure it with one of their own certificates; they got one from Comodo instead. That's a real red flag. For all I know, they just take the money and run. Even if they have legitimate certificates to sell, it's really slimy to send those deceptive emails to people.
I wonder how many people out there have gotten fooled?