Identify Fraud Online

Anyone using the internet needs to approach email, web sites with the same common sense that they apply to the rest of their life. (You know what I mean, if it sounds too good to be true, run don't walk the other way).

I frequently search for additional information about any email that offers me money, or asks for some of mine. In addition, these sites have helped me avoid problems before they've begun.

Great Resource tracking Money Laundering and Reshipping fraud:
http://www.bobbear.co.uk/

Snopes, the best Urban Legends site:
http://www.snopes.com/

Neat Recycled Rubber and Bilboard Bags

(Selling Rubbish since 1998)
http://haul.com.au/

they are hand made accessories from otherwise discarded materials, and they are super styly, and seem to be well made.

I found them while watching Yves Chhouinard saying sensible things:
http://www.fastcompany.com/magazine/137/no-such-thing-as-sustainability....

He's got a simple style that reminds me of why I like hanging out with climbers.
When it's your life on the line, you learn to just see the real problems and cut to the chase. Deal with the essentials, before they deal with you. :)

Post-it sketch: Creativity Distilled

The Idea Still: Thursday's Post-it sketch.

Forum Bots

Those fictitious users that sign themselves up with Drupal accounts are a strong argument for using profiles, and requesting additional information that can help administrators weed out hackers. As a class, they are known as forum bots, and generally sign up for an account in order to post spam messages in forums or as comments to blogs, stories, pages, etc.

For the past couple of years, I’ve been manually screening out forum bots on http://stoves.bioenergylists.org and making note of the IP address the requests originate from. (The IP information is generally in the “Recent log entries). Usually, a bot will sign up as a user, and then attempt to log in, within an inhumanly rapid time frame, or multiple times within the same second or so. This type of behavior, and the fact that forum bots tend to create accounts from specific single IPs, have lead me to suspect that some of them may be the payload of some other worm or virus instead of software intentionally run on a specific computer.

Bots and Botnets are pretty well described in wikipedia: http://en.wikipedia.org/wiki/Botnet

The Krakken, the Storm Worm (http://en.wikipedia.org/wiki/Storm_botnet) and the recent Conficker worms (http://en.wikipedia.org/wiki/Confickera0 certainly have this type of capability, but they may not be the source of the forum bots I’ve been seeing.

Judging by the profile answers that I’ve been seeing, there are at least 3 different forum bots that routinely try to login to the stoves site. The first type is the easiest to spot and generates random letter and number strings into profile fields. There is a slightly more sophisticated variety that uses random word combinations that are common to spam messages, (e.g. sex, Watches, Cialis, Viagra…), and then there’s a more sophisticated version than that that tends to answer the profile fields ‘correctly’ but can’t, so far, distinguish between city and state fields, so tends to repeat that information. The third type is also much more likely to use ‘mail.ru’ in the email address. The other two are much more random in the email address category.

There’s got to be more information about them available on the net, but where? So far, I haven’t found anything other than isolated reports that seem to describe the above 3 bots dating back to mid 2006. There are others botnets, but the above 3 seem to be the greater nuisance, and the longest lasting.

In Drupal, you can use Captcha ( http://drupal.org/project/captcha ) to help weed out the spurious users before they create an account. That's pretty effective, but for a variety of reasons I haven't been able to use it well on the BioLists site. I tend to take advantage of the fact that Drupal logs the IP address of all new user requests, and use the Drupal Access rules to deny by the specific IP. That works until the worm or virus infects a new computer, and re-finds my web site.

Using Drupal and other Useful Drupal Books

in

Great basic Drupal 6 book!!

Using Drupal book cover

Using Drupal
(more info http://usingdrupal.com/)

Yamli Arabic Search

Yamli is cool, it's a search tool, with transliteration for Arabic.

http://www.yamli.com/

They also have a smart Arabic keyboard, which really neat, and not obvious from their home page:
http://www.yamli.com/arabic-keyboard/

Music from Bend

Favorite Surf Movies

Syndicate content
Powered by Drupal, an open source content management system