Slyck.com
 
Slyck Chatbox - And More

Tracing Spam: Diet Pills From Beltway Bandits

What's happening in the technology world! Please submit stories for this forum here.
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

Tracing Spam: Diet Pills From Beltway Bandits

Postby sunnyd » Thu Apr 20, 2017 2:50 pm

Story : https://krebsonsecurity.com/2017/04/tracing-spam-diet-pills-from-beltway-bandits





Reading junk spam messages isn’t exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here’s the simple story of how a recent spam email advertising celebrity “diet pills” was traced back to a Washington, D.C.-area defense contractor that builds tactical communications systems for the U.S. military and intelligence communities.

Your average spam email can contain a great deal of information about the systems used to blast junk email. If you’re lucky, it may even offer insight into the organization that owns the networked resources (computers, mobile devices) which have been hacked for use in sending or relaying junk messages.

Earlier this month, anti-spam activist and expert Ron Guilmette found himself poring over the “headers” for a spam message that set off a curious alert. “Headers” are the usually unseen addressing and routing details that accompany each message. They’re generally unseen because they’re hidden unless you know how and where to look for them.

Let’s take the headers from this particular email - from April 12, 2017 - as an example. To the uninitiated, email headers may seem like an overwhelming dump of information. But there really are only a few things we’re interested in here (Guilmette’s actual email address has been modified to “ronsdomain.example.com” in the otherwise unaltered spam message headers (shown in article) ...







Follow Slyck on Twitter @SlyckDotCom
Join Slyck's Facebook Fan Page
User avatar
sunnyd
 
Posts: 29716
Joined: Mon Jan 21, 2008 2:34 pm

Return to Tech/Internet/Other News

Who is online

Users browsing this forum: No registered users and 4 guests

© 2001-2008 Slyck.com