Technology Sectors

Market Sectors

<div style="text-align:center"> <p>"Mass Notification Profiles"</p> <p>Ideas and strategies<br><br /> from leading vendors</p> <p>Prepared exclusively<br><br /> for GSN Magazine<br><br /> by:</p> <p><a href="">LRAD Corporation</a></p> <p><a href="">Desktop Alert</a></p> <p>Available in Print or Online</p> </div>

University-based researchers unraveling worldwide spam scams

The National Science Foundation has recently awarded a five-year grant totaling $10 million to three separate universities whose researchers have been trying for years to map out the anatomy of worldwide email spamming scams, and now plan to broaden their research to include worldwide social networking scams.

The three universities that will participate in this ongoing sleuthing effort are George Mason University (where the principal investigator is Damon McCoy, an assistant professor); University of California at San Diego (where the principal investigator is Stefan Savage) and University of California at Berkeley (where the principal investigator is Vern Paxson), according to McCoy, who spoke with Government Security News on Oct. 4.

Through an exhausting effort to trace each and every step in the chain of participants in a wide variety of existing email scams -- some witting participants and others unwitting -- this group of academic researchers has already mapped out the typical scenario in which an unsuspecting consumer is lured into a global email scam. To illustrate this effort, McCoy outlined one such scam, involving a real-world “affiliate program” based in Russia called “Mailien.”

“A lot of these scams are very complicated,” McCoy told GSN. “No one pulls off a scam from soup-to-nuts anymore.” Among the participants in such a scam might be the ‘Affiliate Program,” which spearheads the overall operation and pays a commission to any of its “Affiliates” that happens to deliver a consumer to the affiliate program’s Website. In the scam described by McCoy, the Affiliate Program called Mailien worked with a particular affiliate which, in turn, controlled a bot network called Grum, which used a Russian domain at .ru. That domain was called, said McCoy.

The domain server for was not based in Russia, he added, but was located in China. Internet messages from consumers which reached that server in China were forwarded to a “proxy server” based in Brazil, and then forwarded again (and perhaps again) to additional proxy servers, explained McCoy. Eventually, a consumer based anywhere in the world would reach a server, controlled by Mailien, which sat in Russia.

Assuming the consumer -- some consumer, somewhere on the planet – decided he wanted to purchase the discount pharmaceuticals being offered, he would whip out his credit card and type in his personal information on Mailien’s Website. That banking data would go through his own personal bank, through Visa’s network (or another credit card company’s network), and then to a merchant bank, which had been selected by Mailien and was obliged to pay Mailien for any credit card purchases.

According to McCoy, the culmination of the earlier research by the three cooperating universities was the conclusion that about 95 percent of all of the bogus email scams they had studied had used only three merchant banks – in Azerbaijan, St. Kitts and Latvia. The resulting publicity about their research (particularly in The New York Times) has led to the Latvian and St. Kitts banks ceasing to participate in these email spamming scams, and the merchant bank in Azerbaijan “seems to be coming around, as well,” said McCoy.

Under the new research effort, which should unfold during the next five years, approximately 30 to 40 professors, researchers and grad students will continue mapping out the anatomy of these bogus operations, McCoy explained. They will attempt to identify additional weak points in these illicit networks, and will put a particular focus on understanding how scams built on social networks, such as Facebook, are similar and different from those powered by email.


Recent Videos

IntraLogic's official release of the "One Button" Lockdown system on CBS 2 News.
HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...