Loading
The phishers are getting techincal...
This morning I got a phishing letter. Since it was not from my bank, I almost deleted it without looking, and then this caught my eye:
You are receiving this message, due to you protection, Our Online Technical Security Service Foreign IP Spy recently detected that your online account was recently logged on from am 88.59.145.131 without am International Access Code (I.A.C) and from an unregistered computer, which was not verified by the Our Online Service Department.
Now, besides the bad English, which I will not take time to correct, the IP address jumped out at me and caught my attention and I had two immediate thoughts.
First, my thought was, as a normal Joe User, where is 88.59.145.131 and what does it mean I was logged in from there. That does not look like a street address. As an end user, I do not care what an IP address is (frankly, I do not care that I have one, much less know what it is), so does putting it in a phishing scheme make the email seem more legitimate? I would not think so, but then I have not bothered to study the science too closely.
But what intrigued me more, especially as a network engineer was that the 88 supernet, where ever it might be allocated, cannot possibly be exposing itself to the Internet, can it? And certainly not down to the host level? I cannot think of any major (or minor) corporation or ISP that does not do some form of address translation anymore, so how would I, as an end user, even know I was “logged on” from that IP address even if I was? My IP address is 10.x.x.x or 192.x.x.x or some other non-routable address. I would have no clue what IP address I am ultimately presenting to the outside world, so even if the letter was “legitimate,” giving me the IP address is pointless. Better to say I had logged on from a bistro in France.
But of course, that would defeat the purpose, and the purpose here is to scam you into clicking that little blue hyperlink and typing in your user name and password for the bad guys to get. The Internet never was the domain of fools but it has gotten more dangerous and less safe every day. Caveat emptor and lasciate ogni speranza voi ch'entrate (that’s Dante…)
______________________
David Lane, KG4GIY is a member of Linux Journal's Editorial Advisory Panel and the Control Op for Linux Journal's Virtual Ham Shack
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- seo services in india
2 hours 50 min ago - For KDE install kio-mtp
2 hours 51 min ago - Evernote is much more...
4 hours 51 min ago - Reply to comment | Linux Journal
13 hours 36 min ago - Dynamic DNS
14 hours 11 min ago - Reply to comment | Linux Journal
15 hours 9 min ago - Reply to comment | Linux Journal
15 hours 59 min ago - Not free anymore
20 hours 1 min ago - Great
23 hours 48 min ago - Reply to comment | Linux Journal
23 hours 56 min ago
Enter to Win an Adafruit Pi Cobbler Breakout Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Pi Cobbler Breakout Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- 5-21-13, Prototyping Pi Plate Kit: Philip Kirby
- Next winner announced on 5-27-13!
Featured Jobs
| Linux Systems Administrator | Houston and Austin, Texas | Host Gator |
| Senior Perl Developer | Austin, Texas | Host Gator |
| Technical Support Rep | Houston and Austin, Texas | Host Gator |
| UX Designer | Austin, Texas | Host Gator |
| Web & UI Developer (JavaScript & j Query) | Austin, Texas | Host Gator |
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Developer Poll
Comments
Logged on from where?
Surely you missed the real point. Even an end user _may_ know what his external IP address is. If not down to the host level, at least partially. For instance, when I'm working for one large client, I know my external IP is going to begin with 142.
And of course, the phishers _want_ you to think "but I couldn't possibly have been logged on _there_". If you really thought you might have been logged on from 88.59.145.131, you would just say to yourself "good work Bank, it's nice that you're watching out". Probably this IP is used deliberately _because_ they aren't exposing addresses down to the host level.
University of California
At UC Davis there is zero NAT. I get a public routeable address for every single device I can plug into the RJ-45 port in my dorm, or anywhere else on campus + Wifi. (It meant I got a lot more traffic targeting the usual service ports than I was used to.)
The fact that it mentions the IP address at all doesn't seem that unusual to me either. Plenty of web services point out that last time you logged in, it was x hours ago on x.x.x.x IP address. The IP addresses are recorded server side anyways, so it doesn't matter what in-house routing system the ISP uses, it'll always be the public address.
I have no clue what IP address I am presenting to the world
Greetings. I just thought I'd interject an easy way to determine this...
www.ipchicken.com
There are a variety of other similar services, but this is the one I have found easiest to remember, and therefore is the one I use most often for determining the "outside" IP address of a network.
HTH
You can, yes
Oh, I know there are a number of ways to determine what your address IS, but frankly why would you want to? With only a couple of reasons, there is no need to know what your external IP address is. I only know what my machine's internal address is now because I set up the DHCP that assigns it, but I couldn't begin to tell you what the IP address are for my coworkers, nor do I care.
David Lane, KG4GIY is a member of Linux Journal's Editorial Advisory Panel and the Control Op for Linux Journal's Virtual Ham Shack
Reasons to know your external IP address
As you stated, there are really only a couple reasons one might WANT to know their external address (besides morbid curiosity, of course) and those reasons pretty much boil down to running a server (service) of some sort, or to connect two (or more) networks together via a VPN.
Of course, far easier than an IP address is to simply use one of the many available dynamic DNS services (DynDNS for one example) to map your IP address to a domain name, so I guess even that isn't really all that much of a reason... ;)
Still, when one DOES have a need for this sort of information, it's nice that there's a convenient way to find it with next to no effort... One example of such a need might be when one is hosting a game of some sort for multiplayer activity (Quake, StarCraft, etc.), but then it's probably still easier to give someone a domain name (my.game-server.net) than an IP address (123.45.678.90).
NAT?
"I cannot think of any major (or minor) corporation or ISP that does not do some form of address translation anymore,".
Actually I can. In The Netherlands it is (still) fairly common to have a routable ip address assigned to your consumer xDSL internet access at home.
I stand corrected
Really? Well, that is a new one on me. Thanks for that.
David Lane, KG4GIY is a member of Linux Journal's Editorial Advisory Panel and the Control Op for Linux Journal's Virtual Ham Shack
Technical Scammers
Well, I do believe that people are silly enough to click on anything. Some people do know what an "IP address" is from hearing people, IT depts and media sling the term around. Thinking that they have not logged in from another country they may fall for it.
I think that they could have made a more creative e-mail saying about how they need to log in and report the issue.
- Owen (The Linux Blog)