«
»

YouTube email not safe

DO NOT CLICKWith the popularity of YouTube, I’m surprised we haven’t seen more cyber crime like this before now. There have been pot shots, but through the week we’ve seen repeated cyber phishing attacks going after YouTube users.

Phishing for Youtube

This is a typical view of the UGN spam trap, getting three or four of these about every 8 hours. All are reported to SpamCop. But this time it was a little different than phishing as usual …

phishing email

Whois blocking At first it’s typical … A forged html email, that looks like it’s officially from the host site — in this case, YouTube. But hovering the pointer over the key referenced links, we see it doesn’t go to YouTube at all, but sonda.co.kr. Many might not know that this is in Korea — nowhere near YouTube.

Most perplexing, however is the fact that attempting to track the spammer from three of our trusted Whois search pages gave us nothing. It seems that the host is BLOCKING whois querries from all but the root registrar, Krnic.

At Krnic we find
      * sonda.co.kr/index2.html
      * 222.236.220.226
      * Hanaro Telecom Inc, Republic Of Korea, Kyonggi-Do Seoul

We tested roughly sixteen of these through the SpamCop process, and all resulted in similar targets. All eminating from Korea, all hosted at Hanaro Telecom — but all using different forged Whois and domain information.

spamcop report

I reported them all to SpamCop, and they have now subsided. It’s difficult to assess how many people were snagged in this attack, but this is just one more good lesson to always be on guard for email that may harm you.
UGNN Alert Always look for the sender’s address, and
UGNN Alert Always look for things that aren’t right.
UGNN Alert Always change passwords : more important, more frequently
UGNN Alert Use an iron-clad password generator like strongpasswordgenerator.com

Above all, tweet this, share this, favor this — there is still a real need to educate your members, friends, family and business community. One good way of doing this is with the “Don’t Click” button. Please show this button on your web site, and link to your favorite anti-spam site. Help fight cyber crime by buying, showing and giving away the Don't Click buttons This way you’re spreading the word to be careful online!
You might be responsible for saving someone from becoming a cyber crime victim!

Thanks for reading…

Fred Showker

Editor / Publisher: InfoManager

Share this | Post to Twitter Tweet this
Posted by Fred, July 4, 2010
Tags: , , , , , ,