|
|
|
 |
|
|
|
|
Beware of this Gmail Phishing
Cyber Crimes are a concern for Netizens all over the world. Amongst the many crimes that are seen in the day to day life of a Netizen, phishing frauds are one which look innocuous but could be preparatory to larger crimes. Hence they deserve more attention than they do at present.
Many of these frauds proliferate since the law enforcement doesnot focus on prevention of such crimes. This is as much the case with Indian Police as perhaps with other countries.
In order to test the response of the law enforcement, Naavi.org brings to the notice of law enforcement in Bangalore, India as well as law enforcement in USA, a recent phishing fraud in the name of google.com. We would like to know how far the law enforcement would be interested in taking suo-moto action in preventing crimes of this nature where it would be extremely difficult for individual victims to pursue a complaint.
This originates as a mail from gabbit@gator324.hostgator.com which states
Quote
" We are currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and you will now be taken through a series of identity verification pages. Protecting the security of your Google account is our primary concern, and we apologize for any inconvenience this may cause.
Thanks, The Gmail Team
End Quote
The link "Verification pages" links to us-gmail.com and asks for gmail password. If supplied, the g-mail account along with content there in would be compromised and used for spamming and other frauds.
The website us-gmail.com has been registered with register.com in the name of "Domain Discreet, ATTN: us-gmail.com, P.O. Box 278,Yarmouth, NS B5A 4B2, CA, Email: 61967bab0a1e67280012488671901231@domaindiscreet.com, registered on October 2, 2007.
It has been hosted at Lovinghosting.com. The phisher is using an email account hosted on hostgator.com for the phishing mail but has used an automatically created e-mail from domaindiscreet.com for registering the domain.Domain Discreet.com,Register.com, lovinghosting.com and Hostgator.com have therefore facilitated the crime. They have contributed through their negligence in maintaining/hosting the fraudulent domain name/website with a false address, for fraudulent purpose and will be liable for the offence particularly after a notice is received by them.
This is an offence in US which should be recognized both under CANSPAM Act as well as the US Code. If properly investigated the offenders can be brought to book.
In such cases the action has to be initiated against the intermediaries since it is the only practical way to prevent future occurences. However intermediaries try to hide under "Intermediary Protection" and "Privacy Protection" which delays or frustrates the action of law enforcement. We need to fight against such tendency to assist crimes in the guise of protection.
Let us watch if there is any action on the intermediaries in this case.
While the visitors to Naavi.org now stand alerted, there will be many more Netizens who will be affected by a mail of this nature. Many of them will be from India and Bangalore. I hereby bring this to the notice of the Cyber Crime Police Station Bangalore (to whom a separate e-mail has also been sent.) and urge them to take a suo-moto action on this attempt to commit fraud on the public in Bangalore. If no action is taken, some of the affected persons may come back to the Cyber Crime PS with complaints such as loss of money as a consequence of the phishing.
Will Bangalore Cyber Crime Police Station be capable of taking action on such Cyber Crimes? If so, are they willing to invest time and expertise on such an exercise in the interest of the public? are questions which pass our mind.
Some Screenshots of the mail: Whois data:
Naavi
October 4, 2007
