Saturday, April 01, 2006

The Internet Community is Sick and Tired of Cyber Crime and PIRT Volunteers Are on the Offensive

I recently wrote about PIRT (Phishing Incident Reporting and Termination Squad) hosted by the fine people at Castlecops. They are now up and running AND the Phishermen better BEWARE! The intention of PIRT isn't mere scam baiting, it is to take the sites down and help bring Phishermen to justice.

They've even let me work a few of the submissions.

I might note, they have been very patient with me as I'm more of a traditional investigations type versus a IT security expert.

Here is a very inspirational comment about PIRT posted in one of their forums:

It is about time! I've been trying to wage this war privately myself by tracing the IP of the source Phishing site and then attempting to contact the Owner of the I.P. address range or the Domain Name the site is being hosted from.

The security nay-sayers who claim a grass roots effort to throw the scammers out won't be successful because 'there's no money in it' haven't got a clue.

The internet community is ready to take the web BACK, and I'll gladly be on the front lines!

Thank you SO much.

If anyone is interested, here is my original post, which has all the information if anyone is interested in joining the cause:

The Phishing Incident Reporting and Termination Squad is Looking for a Few Good Men and Women

Lets face it, Phishing is becoming epidemic and ruining both the Internet AND the trust in financial systems. It's time to restore the TRUST in both of these areas!


Anonymous said...

A matter of Trust

While I applaud your efforts and wish you every success "trust of the internet and financial systems" is not a phishing factor.

Identification and surety are trust issues. Two factor authentication is not enough to trust money. 128 bit SSL has been broken for years yet it is still the primary security of net sites.

Trust is further stretched by the security of many sites. In our schools we train programmers to program not to break things. Many web designers know how to program a web site but do not understand how to protect the data. Many supposedly secure sites are fully exploitable with databases fully exposed.

Additionally the US needs to expidite movement to IP6 which should improve communications security.

While phishing is indeed an international activity (not just the teen scamming e-bay clients but also done by organized crime). The international boundries often impeed prosecutions.

There are many issues that must be resolved before "trust" should be restored.

Anonymous said...

Oh yeh! I knew when I received a letter from out of the country, instant scam try! Ha! First of all I don't know anybody outside the US and quite obviously if I did or if they wanted me to know who they are... the damn dummies would have at least put a return address on it. I feel bad for a lot people who can't figure out common sense really, who the HELL would send you large amounts of money orders to a person they don't even know.... if they are ligit! Think about is definetly the root of all evil, but I don't care how hard times get, I don't haveto even give it a thought because really these son of a bitches are already in the USA working in teams and committing these scams after we let them in our country! But honestly read everything you see in writing thoroughly even the fine print, because it saids it right on the fake Money Order in PLAIN ENGLISH>>> DO NOT CASH THIS MONEY ORDER UNLESS YOU KNOW THE ENDORSER OR YOU'VE DONE BUSINESS PREVIOUS OR ELSE YOU ARE COMMITTING FRAUD AND YOU HAVE COMMITTED A CRIME AND YOU THE PAYEE ARE RESPONSIBLE IF LOST, STOLEN AND RECOURSE AGAINST ENDORSER...... which means if you cash it you pay the price twice as hard! Think about it!!!!And please beware of the devil in disquise. Don't fall victim AMERICA!!!!