427 Botnet fm qxd

Download 6,98 Mb.

Pdf ko'rish

bet	347/387
Sana	03.12.2022
Hajmi	6,98 Mb.
	#878307

1 ... 343 344 345 346 347 348 349 350 ... 387

Bog'liq
Botnets - The killer web applications

Using International Sites to Delay Law Enforcement

www.syngress.com
422
Chapter 12 • Responding to Botnets
427_Botnet_12.qxd 1/9/07 3:08 PM Page 422

easily distinguish between a real e-mail or Web site and the phishing version.
It also depends on the user to react to the emotional appeal of the fictitious
issue raised by the phisherman. Finally, to set the hook, the phisherman needs
the victim to react in the manner prescribed in the e-mail—that is, to click
on the provided link. Click here to avoid this unpleasant disaster. For this to
happen, the user must be uninformed, emotional, and unsuspecting of the
convenience of the embedded link.
Law Enforcement Issues
As a side note on this phenomenon, the phisherman can locate sites in dif-
ferent countries for the actual phishing Web site.These sites are in existence
for less than seven days. Why? International requests in Europe for law
enforcement assistance take seven days to process.
Are You Owned?
Using International Sites to Delay Law Enforcement
A May 19
Information Week
article by Thomas Claburn described the
case of Jayson Harris, an MSN phisher, who was convicted in Microsoft’s
first civil phishing case (www.informationweek.com/news/showArticle
.jhtml?articleID=188100721). Dave Aucsmith, senior director at
Microsoft’s
Institute for Advanced Technology in Governments
described
the path of the investigation to CRIME, a Portland Oregon group of law
enforcement and information security professionals. Microsoft filed a
John Doe lawsuit in the state of Washington. Following the e-mail path,
the trail dead-ended in India. Then, law enforcement issued subpoenas
to Web hosting sites in California. The information gathered in these
subpoenas pointed to an ISP in Austria. A February 14 article, “How to
Hook the Elusive Phisher” by Steven Levy in online
Newsweek
, revealed
that Microsoft had no legal grounds to compel the Austrian ISP into
revealing what they knew about the attacker. However, according to
Levy, the operator, Andreas Griesser, hates phishers and voluntarily iden-
tified a Qwest IP address in the United States. The subpoena to Qwest
and further investigations revealed Jayson Harris of Iowa as the culprit.

Download 6,98 Mb.

Do'stlaringiz bilan baham:

1 ... 343 344 345 346 347 348 349 350 ... 387