Comments on: How to avoid identity fraud ?

By: A Nice Post On HOW-TO In Many | STRATEGIC WINING

A Nice Post On HOW-TO In Many | STRATEGIC WINING — Thu, 07 Feb 2008 21:31:08 +0000

[...] How To Avoid Online Identity Fraud [...]

By: Internet Help | The Super Geek

Internet Help | The Super Geek — Sun, 28 Oct 2007 22:43:14 +0000

[...] How To Avoid Identity Fraud [...]

By: the real proxy

the real proxy — Wed, 03 Oct 2007 00:48:33 +0000

By using a proxy, you not only protect your personal information from the site you are visiting, but you also reduce your risk of identity theft. Sites created for the purpose of phishing identities loom on the web, and every time you accidentally stumble upon a site you leave a footprint of your location. These thieves use all the information they can to eventually steal your credit information for their own profit. However, if you are safe and use a proxy such as this one, the risk for identity theft is greatly reduced.

Identity theft is a huge problem in today’s society. The transformation to online banking, checking, and bill paying has spawned a new avenue for thieves to steal from you. More important than money, though, is the personal information they can steal. Thieves use tactics commonly referred to as phishing. By using a proxy such as this one, you can greatly reduce your risk of identity theft.

http://therealproxy.info

By: Uzair

Uzair — Sun, 16 Sep 2007 06:43:19 +0000

I have seen a lot of spam and I waste a lot of time marking them as spam. Why doesn’t google do it for me.

By: Adam

Adam — Mon, 16 Apr 2007 09:28:39 +0000

Hi again.
Sorry about the length of my last comment, I probably should have trimmed it down a bit.
To the point, I have a feeling a spambot would be able to work out name [at] example [dot] com, by doing the following:
Find the words at and dot within 1 word of each other and get the words on either side
name [at] example [dot] com
Strip non-alphanumeric characters
nameatexampledotcom
Substitute at and dot
name@example.com

I may at some point in the future build a proof of concept PHP script showing this possibility, but by the time I get around to it, this filtering will be commonplace and there will be no need.

It would also probably be told to strip words like NOSPAM, another trick going around.
All this might lead to some false positives, but a lot more emails being harvested.
My suggestion: Computers aren’t capable of human thought. Use a riddle or other tricky thingy, like
[Ceasing to exist, to ___ into oblivion]@[a device used to make mathematical calculations, often fits in one's pocket].com
clearly means
disappear@calculator.com
(this is just a random example)
Also, Javascript tricks like the JS equavilent of

By: Adam

Adam — Mon, 09 Apr 2007 10:14:28 +0000

The From: field is easily forged. So, if it is not some idiot fooling around but an experienced identity theif (or even unexperienced), it will almost ALWAYS

appear to be from yahoo. A better way is to view full/complete headers and look for ‘Recieved: from’, or ‘x-originating-address:’ or similar. This can be

done in GMail by pressing the menu (downward pointing triangle) in the top-right of the message and selecting Show Original. In this example, an email I

recieved in Google Apps for hoppingmouse.com from AOL {comments in curly brackets are mine}

Delivered-To: ******@hoppingmouse.com
Received: by 10.67.62.11 with SMTP id p11cs48107ugk; {Note that for each step in the process another Recieved header is added, so it is the bottom one (ie

the first one showing the originating server) we care about}
Fri, 6 Apr 2007 23:59:19 -0700 (PDT)
Received: by 10.70.66.18 with SMTP id o18mr6797768wxa.1175929158865;
Fri, 06 Apr 2007 23:59:18 -0700 (PDT)
Return-Path:
Received: from mta.message.aim.com (mta.message.aim.com [65.167.67.222]) {This is the good bit, mta.message.aim.com is where this email came from}
by mx.google.com with ESMTP id 39si5724714wrl.2007.04.06.23.59.17;
Fri, 06 Apr 2007 23:59:18 -0700 (PDT)
Received-SPF: unknown (google.com: domain of AIM_Products@message.aim.com uses a mechanism not recognized by this client)
Date: Sat, 07 Apr 2007 02:59:08 -0400 (EDT)
Message-Id:
From: “AIM Member Message” {This is the From: field GMail displays.}
To: ******@hoppingmouse.com
Subject: ******, Kevin Bacon Invites You to Join Six Degrees
MIME-Version: 1.0
Content-Type: text/html; charset=”us-ascii”
Content-Transfer-Encoding: 7bit

Google has more info on these headers here: http://mail.google.com/support.....security=1
When reporting spam and phishing, it is important to include these full headers.

Also, apparently mail software is supposed to add a Sender: or X-Sender: header if the From: header is forged. In addition to this, extra forged Recieved:

headers can be added (but they cannot be removed). This means that, if a forger adds a fake Recieved: header, it will not be the last, but the second last

that shows the real originating server. More info can be gained here: http://www.rahul.net/falk/mailtrack.html

Below is an example of a forgery (copy-pasted off the site above):

From webpromo@denmark.it.earthlink.net Tue Jul 8 13:05:02 1997 Return-Path:
From: webpromo@denmark.it.earthlink.net
Received: from denmark.it.earthlink.net (denmark-c.it.earthlink.net [204.119.177.22]) {This line is the last step, inserted by the ISP}
by best.com (SMI-8.6/mail.byaddr) with ESMTP id NAA21506 for ;
Tue, 8 Jul 1997 13:05:16 -0700
Received: from mail.earthlink.net (1Cust98.Max16.Detroit.MI.MS.UU.NET [153.34.218.226]) {Claims to be Earthlink.net but is really uu.net}
by denmark.it.earthlink.net (8.8.5/8.8.5) with SMTP id NAA12436;
Tue, 8 Jul 1997 13:00:46 -0700 (PDT)
Received: from adultpromo@earthlink.net {This line is clearly bogus as it displays email addresses rather than server names.}
by adultpromo@earthlink.net (8.8.5/8.6.5) with SMTP id GAA05239 {Another way to identify bogus IP adresses is to ping to see if it exists, or whois or

traceroute to check the servers match}
for ; Tue, 08 Jul 1997 15:48:51 -0600 (EST)
To: adultpromo@earthlink.net Message-ID:
Date: Tue, 08 Jul 97 15:48:51 EST
Subject: Hot News !
Reply-To: adultpromo@earthlink.net
X-PMFLAGS: 12345678 9 X-UIDL: 1234567890×00xyz1×128xyz426×9x9x
Comments: Authenticated sender is {FORGED!}
Content-Length: 672 X-Lines: 26 Status: RO

PS, copy-paste this into Notepad so that you can read it properly.

By: Ashish Motha

Ashish Motha — Sun, 08 Apr 2007 10:18:43 +0000

@Sharique: Keyloggers are something which is really difficult to beat down. You should know where you are using the system.

By: Ashish Mohta

Ashish Mohta — Sun, 08 Apr 2007 10:13:22 +0000

@Anirudh and Vikram: Thanks for sharing the tips here.

@Vikram: Thanks a lot, do tell other about it too, so they can remain secure.

@Kat: lol, just grow to be a ricj person, you will have people running around for your email id. https is the most important thing you should always know.

By: Spy Phishing - Latest weapon with cybercriminals

Spy Phishing - Latest weapon with cybercriminals — Sun, 08 Apr 2007 03:27:00 +0000

[...] which is used by the cyber criminals to get hold of your data. In my last post I discussed about “How to avoid identity fraud ?” , Now let’s discuss about phishing and spy phishing which is one of the major technique [...]

By: The Best ‘How To’ Guides On The Blogosphere

The Best ‘How To’ Guides On The Blogosphere — Sat, 07 Apr 2007 18:58:53 +0000

[...] How To Avoid Identity Fraud by TechBuzz [...]

By: Kat

Kat — Sat, 07 Apr 2007 09:48:34 +0000

Thanks for the tips, I never knew the thing about https! So you might have just saved my identity.
I’ve never experienced Identity fraud, maybe my identity is too boring to be stolen…how depressing…

By: Sharique

Sharique — Sat, 07 Apr 2007 03:10:55 +0000

I think my previous comment here was marked spam
Anyway I mentioned about the key logger software installed in many cyber cafes. They can steal your password so the best way is to confuse the logger with arbitrary keys pressed while typing the password. And changing the password as soon as one uses it from home.

By: knight17

knight17 — Fri, 06 Apr 2007 20:08:56 +0000

While you are posting your mail ID on web post like this
name[at]gmail[dot]com

spam bots can’t sniff those type od IDs

By: Sharique

Sharique — Fri, 06 Apr 2007 17:38:47 +0000

I have seen many softwares installed which record key presses. This might be used to steal passwords in cyber cafes. So the best way is to confuse the key logger by typing arbitrary letters in the middle (at some place other than the password box..obviously ).

By: Vikram

Vikram — Fri, 06 Apr 2007 16:31:10 +0000

These Tips are very useful. Thanks

By: Anirudh

Anirudh — Fri, 06 Apr 2007 16:22:27 +0000

sign your emails with GPG or open PGP it’s free and effective. I sign all my outgoing mails now