The phishers are getting techincal...
This morning I got a phishing letter. Since it was not from my bank, I almost deleted it without looking, and then this caught my eye:
You are receiving this message, due to you protection, Our Online Technical Security Service Foreign IP Spy recently detected that your online account was recently logged on from am 22.214.171.124 without am International Access Code (I.A.C) and from an unregistered computer, which was not verified by the Our Online Service Department.
Now, besides the bad English, which I will not take time to correct, the IP address jumped out at me and caught my attention and I had two immediate thoughts.
First, my thought was, as a normal Joe User, where is 126.96.36.199 and what does it mean I was logged in from there. That does not look like a street address. As an end user, I do not care what an IP address is (frankly, I do not care that I have one, much less know what it is), so does putting it in a phishing scheme make the email seem more legitimate? I would not think so, but then I have not bothered to study the science too closely.
But what intrigued me more, especially as a network engineer was that the 88 supernet, where ever it might be allocated, cannot possibly be exposing itself to the Internet, can it? And certainly not down to the host level? I cannot think of any major (or minor) corporation or ISP that does not do some form of address translation anymore, so how would I, as an end user, even know I was “logged on” from that IP address even if I was? My IP address is 10.x.x.x or 192.x.x.x or some other non-routable address. I would have no clue what IP address I am ultimately presenting to the outside world, so even if the letter was “legitimate,” giving me the IP address is pointless. Better to say I had logged on from a bistro in France.
But of course, that would defeat the purpose, and the purpose here is to scam you into clicking that little blue hyperlink and typing in your user name and password for the bad guys to get. The Internet never was the domain of fools but it has gotten more dangerous and less safe every day. Caveat emptor and lasciate ogni speranza voi ch'entrate (that’s Dante…)
|Contrast Security's Contrast Enterprise||Aug 30, 2016|
|illusive networks' Deceptions Everywhere||Aug 29, 2016|
|Happy Birthday Linux||Aug 25, 2016|
|ContainerCon Vendors Offer Flexible Solutions for Managing All Your New Micro-VMs||Aug 24, 2016|
|Updates from LinuxCon and ContainerCon, Toronto, August 2016||Aug 23, 2016|
|NVMe over Fabrics Support Coming to the Linux 4.8 Kernel||Aug 22, 2016|
- Contrast Security's Contrast Enterprise
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- illusive networks' Deceptions Everywhere
- Happy Birthday Linux
- What I Wish I’d Known When I Was an Embedded Linux Newbie
- ContainerCon Vendors Offer Flexible Solutions for Managing All Your New Micro-VMs
- New Version of GParted
- Tech Tip: Really Simple HTTP Server with Python
- Returning Values from Bash Functions
- All about printf
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide