Scams, Hoaxes, Phishing, Spoofing

[wenwilder]

Hoax: An untrue, invalid, or outdated email message written to convince the recipient to send the message to others. Hoaxes may be recognized by examining the technical sounding but incorrect language and by the recipient. These are related to email chain letters which usually contain a hook, a threat, and a request (to forward the message or even send money).

http://www.sophos.com/virusinfo/hoaxes/
http://www.millersmiles.co.uk/
http://hoaxbusters.org/
http://urbanlegends.about.com/cs/vir...esaz/index.htm A-Z listing of Virus Hoaxes
http://antivirus.about.com/library/blenhoax.htm - Hoax Encyclopedia
http://www.vmyths.com/hoax.cfm?page=0 - Hoaxes A-Z
http://hoaxbusters.ciac.org/HBHoaxIndex.html
http://urbanlegends.about.com/librar...m?PM=n2100601c
http://urbanlegends.about.com/cs/vir...esaz/index.htm
http://urbanlegends.about.com/library/blhoax.htm
http://urbanlegends.miningco.com/cul...ary/blhoax.htm
http://vil.nai.com/VIL/hoaxes.asp
http://www.datafellows.com/virus-info/hoax/
http://ciac.llnl.gov/ciac/CIACHoaxes.html




Scam: A scheme designed to defraud an individual or corporation. The agents typically promise a large return with little or no risk involved.

http://www.scambusters.org
http://www.scamsafe.com/scamsafe/
http://www.millersmiles.co.uk/
http://www.scamorama.com/
http://www.quatloos.com/
http://securitytracker.com
http://www.securityfocus.com
http://scamsafe.com/scamsafe
http://www.secretservice.gov/alert419.shtml
http://fraudwatchinternational.com
http://www.theregister.co.uk/security
http://www.scamorama.com
http://www.scamwatch.com
http://www.lenham.net/onlinescams.htm
http://www.dti.gov.uk/ccp/scams/page1.htm
http://www.abusebutler.com/index.php?lang=en
http://spamvertised.abusebutler.com/spamvertised.php
http://www.ccmostwanted.com/
http://www.carbuyingscams.com/
http://www.online-casinos-scam-alert.com/



Phishing: Pronounced “fishing,” the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information. By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately.
Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

http://www.millersmiles.co.uk/
http://www.antiphishing.org



Spoofing: To make a transmission appear to come from a user other than the user who performed the action. Spoofing as defined by the FBI "is generally used as a means to convince individuals to provide personal or financial information that enables the perpetrators to commit credit card/bank fraud or other forms of identity theft".

http://www.millersmiles.co.uk/
http://www.microsoft.com/security/incident/spoof.asp
mailto:spoof@paypal.com

Spoofed/Forged Emails

http://www.cert.org/tech_tips/email_spoofing.html
http://www.cert.org/advisories/CA-1996-21.html
http://www.lse.ac.uk/itservices/help...g&spoofing.htm
http://www.mailsbroadcast.com/email....l.spoofing.htm
http://www.gbp.net/spoofing.html
http://www.york.ac.uk/depts/biol/help/e-mail/spoof.htm
http://loosewire.typepad.com/blog/20..._is_smart.html
http://guide.netfronts.com/robo/projects/hsphere_end_
user/Email/Article__How_to_Identify_Spoofed_Email.htm



If you have any links you would like to add please feel free to post them. The more information available the better prepared we will all be. :)


P.S. The information provided has been a WPW community effort. Thank you for the donation of time and information everyone who has contributed and everyone who will :)

[mikmik]

advICE, Internet Security Systems

Quote:

The term "exploit" refers to a well-known bug/hole that hackers can use to gain entry into the system.

This section contains extensive reference information on common exploits and intrusion methods that hackers use to break into systems.



* Clients (15)
Attacks against client programs
* Defaults (12)
Common system defaults that administrators forgot to change
* DoS (14)
Denial-of-Service
* Services (59)
* Source (1)
* Nukes@

Common Denial of Service (DoS) attacks against home users
* OS (7)
Exploits grouped by operating system



* IP (9)
Attacks directed at the TCP/IP stack itself.
* Reference (1)
* TCP (26)
Attacks directed at the TCP layer.
* State of the Internet (1)
Script-kiddie traffic report
* Web (13)
Bugs in web-browsers and servers.
* buffer overflow (4)
A common programming error that leads to security holes
* Ports (711)
Database of port assignments.

* ICAT is a searchable index of information on computer vulnerabilities. It provides search capability at a fine-granularity and links users to vulnerability and patch information.
* Vulnerability search engine
* Security Bugware

[rose77mary77]

There are somany disturbances from scam, hoaxes, duplicate philshing and spoofing. they try cheat us for some money or other benefits...............

[rickeybojey]

Thanks for the web sites written. I sure am thankful for passing this thread. I just wonder how could those creating hoax web sites that can attack your computer even sleep with what they are doing in the internet.