PGTS PGTS Pty. Ltd.   ACN: 007 008 568

point Site Navigation

point Other Blog Threads



  Valid HTML 4.01 Transitional

   Stop The Internet Filter!

   No Clean Feed

   The Internet Filter Is An Ex-parrot!






PGTS Humble Blog

Thread: Internet Security/Malware/Spam

GP JPG
There are 10 types of people in the world. Those who understand binary and those who don't.

Now I'm In Who's Who


Chronogical Blog Entries:



Date: Wed, 22 Oct 2008 23:45:04 +1000

Ok dear reader, now I'm really, really excited!

Guess What? ... Well you'll never guess. So I'll tell you I've actually been nominated for Who's Who!.

Wow! How cool is that? Your humble blogger is gonna be joining all the famous people in Who's Who. Yes, dear reader, it's official! Today I was thrilled to receive this email:

Dear Mr Gerry Patterson:

On behalf of International WHO'S WHO of Professionals, I am pleased to inform you that you have been nominated as a candidate for inclusion in the 2008 Edition. We congratulate you! Nomination into WHO'S WHO is an honor in itself. WHO'S WHO has over 20,000 members in 154 countries worldwide. It is the most elite professional network in the world. Our members assist each other daily with business and career opportunities. It is in times like these that such a network is most valuable and we are seeing members help other members expand their businesses, find new positions, even relocate to another country.

We congratulate you! Nomination into WHO'S WHO is an honor in itself. WHO'S WHO has over 20,000 members in 154 countries worldwide. It is the most elite professional network in the world. Our members assist each other daily with business and career opportunities. It is in times like these that such a network is most valuable and we are seeing members help other members expand their businesses, find new positions, even relocate to another country.

If selected into WHO'S WHO, you will also be listed in the 2008 Edition of International WHO'S WHO of Professionals. This is the definitive work on the world's leaders in commerce, economics, policy, and trade.

We do require additional information to complete the selection process and we ask that you provide your biographical data by accessing the form on our website at: http://tx3.ssprd10.net/track.aspx?1290623.416947.2075735517.5988.162628

Our editorial deadline is quickly approaching. I urge you to act today. If you delay, I cannot guarantee the committee will have ample time to review your submission.

Sincerely,

Terrence Leifheit
Chairman and CEO
2020 Pennsylvania Ave. N.W., PMB #504
Washington, D.C. 20006

P.S. There is no cost or obligation to be listed in the International WHO'S WHO of Professionals. To ensure your biographical data is received in time, please complete this online form http://tx3.ssprd10.net/track.aspx?1290623.416947.2075735517.5988.162628, November 30, 2008. Upon review, our Membership Selection Committee will be in touch with you.

Members of our Board of Advisors include: Wallid Abdo, CEO, Eurobrokers-Greece; Michael Gondive, CEO, Eastern and Southern African Trade and Development Bank-Kenya; Fehmi Sami, Senior VP, Citibank, N.A.-Great Britain; Yusuf Alami, COO, Abdu Dhabi Investment Company-UAE; Mikhail Zaitsev, Finance Director, Volvo Car-Russia; DR. Jung Kook Paeng, CIO, Hyundai Motor Company, Korea; John Sai Chi Mak, Managing Director, Bulova Watch International, Ltd.-Hong Kong; and Aldo Castelli, President, Shell Brasil, Ltda.-Brazil

Note: If you wish to unsubscribe from International WHO'S WHO of Professionals please click on the link below: http://tx3.ssprd10.net/track.aspx?1290623.416947.2075735517.5988.44501

Now I should mention dear reader, that the above is the text version of the email. This message is (technically) described as MIME multipart/alternative content-type. It consists of a plain text version of the email (for plain text mail reader programs) and an HTML version of the text, which can be rendered by many modern GUI mail reader programs or Internet browsers.

And some of you may have gathered by now that my mail reader program is rather spartan. It is a "pine" descendant called "mutt". This is a plain text program that runs on a unix console. I usually open it in an X-term window on a Kubuntu workstation.

Perhaps I should also mention that with a mail reader program like mutt, one tends to notice things that your average GUI user wouldn't notice. For example, I could see the complete email headers with the press of one key. And this particular email had headers that clearly did not come from the "Who's Who" domain. Furthermore, the URLs which I have shown in the plain text (above) appeared quite different in the HTML alternative part. I should explain further that if you were using a mail reader like Microsoft Outlook with Windows XP, then you would see only the HTML portion as a page rendered within Outlook. So even though clicking on that first URL would actually take you to the rather funky looking URL hosted on tx3.ssprd10.net, in Microsoft Outlook you would see this URL:

http://www.internationalwhoswho.com/Nominations/FE2069C.aspx

And of course Microsoft in their infinite wisdom, don't show the actual URL anywhere in the Outlook window. It is possible to "view the source", but even if you knew how to you would need to have eyes like an eagle to pick it out from the source code in a "notepad" window. (BTW Mutt, depending on how it has been configured, can open the "alternate" HTML source in Vim with syntax highlighting -- in which case it is very easy to see the way that the URL has been disguised.

And so, to investigate further, I followed the link ... the actual link (at tx3.ssprd10.net). And guess what? They kindly re-directed me to www.internationalwhoswho.com. However I should add that I was using w3m, a very robust plain text browser. I am not entirely confident that if I had been using Internet Explorer (as I probably would have been if I had been using Microsoft Outlook) then they would have been equally as kind. However, this appears to be a relatively benign "click-through" scam. In other words the spammer is not trying any "malware" tricks, and is only attempting to accumulate "brownie" points for referring the nomination.

When I tried the tx3.ssprd10.net link with Firefox (in Linux), I was also re-directed to the Who's Who site.

Alas dear reader, your humble blogger may not end up in Who's Who after all.

But Hey! At least the spammer knows how to spell my name!

Now if I were a Microsofty, I'd still be jumping with joy, calling people up and telling them the good news! Although generally speaking (wise) Microsofties these days are rather timid. Well, they're either timid or they're "zombies". And all they hear from so-called experts is the negative feedback Don't click on anything! - in fact don't even open it!. This sorta limits their Internet experience especially with regard to e-mail.

If you are in this situation, you should consider a more secure Mail agent and browser combination such as Evolution and Firefox. The combination of Outlook and Internet Explorer is probably the greatest single security risk on the Internet today. Of course, you could just Install Ubuntu,.

Just for the record, here are the whois details of ssprd10.net

Registrant:
   SmartSource
   3 New England Executive Park
   Burlington, Massachusetts 01803
   United States

   Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
   Domain Name: SSPRD10.NET
      Created on: 11-Dec-02
      Expires on: 11-Dec-09
      Last Updated on: 12-Oct-08

   Administrative Contact:
      admin, net  netadmin@smartsourceonline.com
      SmartSource
      3 New England Executive Park
      Burlington, Massachusetts 01803
      United States
      781-785-3300

   Technical Contact:
      Registrar, Domain  domain-registrar@register.com
      Register.Com
      575 8th Avenue 11th Floor
      New York, New York 10018
      United States
      1-902-7492701

   Domain servers in listed order:
      DNS5.NETTICA.COM
      DNS3.NETTICA.COM
      DNS1.NETTICA.COM
      DNS4.NETTICA.COM

The who's who spam originated from 66.151.226.78, which is owned by ssprd9.net. They appear to be the same outfit that run ssprd10.net.


Other Blog Posts In This Thread:

Copyright     2008, Gerry Patterson. All Rights Reserved.