The phishers are getting techincal...
This morning I got a phishing letter. Since it was not from my bank, I almost deleted it without looking, and then this caught my eye:
You are receiving this message, due to you protection, Our Online Technical Security Service Foreign IP Spy recently detected that your online account was recently logged on from am 188.8.131.52 without am International Access Code (I.A.C) and from an unregistered computer, which was not verified by the Our Online Service Department.
Now, besides the bad English, which I will not take time to correct, the IP address jumped out at me and caught my attention and I had two immediate thoughts.
First, my thought was, as a normal Joe User, where is 184.108.40.206 and what does it mean I was logged in from there. That does not look like a street address. As an end user, I do not care what an IP address is (frankly, I do not care that I have one, much less know what it is), so does putting it in a phishing scheme make the email seem more legitimate? I would not think so, but then I have not bothered to study the science too closely.
But what intrigued me more, especially as a network engineer was that the 88 supernet, where ever it might be allocated, cannot possibly be exposing itself to the Internet, can it? And certainly not down to the host level? I cannot think of any major (or minor) corporation or ISP that does not do some form of address translation anymore, so how would I, as an end user, even know I was “logged on” from that IP address even if I was? My IP address is 10.x.x.x or 192.x.x.x or some other non-routable address. I would have no clue what IP address I am ultimately presenting to the outside world, so even if the letter was “legitimate,” giving me the IP address is pointless. Better to say I had logged on from a bistro in France.
But of course, that would defeat the purpose, and the purpose here is to scam you into clicking that little blue hyperlink and typing in your user name and password for the bad guys to get. The Internet never was the domain of fools but it has gotten more dangerous and less safe every day. Caveat emptor and lasciate ogni speranza voi ch'entrate (that’s Dante…)
Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report
August 27, 2015
12:00 PM CDT
DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.
Free to Linux Journal readers.Register Now!
|Secure Server Deployments in Hostile Territory, Part II||Jul 29, 2015|
|Hacking a Safe with Bash||Jul 28, 2015|
|KDE Reveals Plasma Mobile||Jul 28, 2015|
|Huge Package Overhaul for Debian and Ubuntu||Jul 23, 2015|
|diff -u: What's New in Kernel Development||Jul 22, 2015|
|Shashlik - a Tasty New Android Simulator||Jul 21, 2015|
- Secure Server Deployments in Hostile Territory, Part II
- Hacking a Safe with Bash
- KDE Reveals Plasma Mobile
- Huge Package Overhaul for Debian and Ubuntu
- Home Automation with Raspberry Pi
- The Controversy Behind Canonical's Intellectual Property Policy
- Shashlik - a Tasty New Android Simulator
- Embed Linux in Monitoring and Control Systems
- diff -u: What's New in Kernel Development
- General Relativity in Python