{"id":41,"date":"2005-10-10T07:50:21","date_gmt":"2005-10-10T07:50:21","guid":{"rendered":"http:\/\/69.195.124.246\/~wisecon1\/blog\/?p=41"},"modified":"2005-10-10T07:50:21","modified_gmt":"2005-10-10T07:50:21","slug":"high_quality_sp","status":"publish","type":"post","link":"https:\/\/wisecontradictions.com\/blog\/?p=41","title":{"rendered":"High Quality Spam"},"content":{"rendered":"<p><a onclick=\"window.open(this.href, '_blank', 'width=640,height=544,scrollbars=no,resizable=no,toolbar=no,directories=no,location=no,menubar=no,status=no,left=0,top=0'); return false\" href=\"http:\/\/www.wisecontradictions.com\/.shared\/image.html?\/photos\/uncategorized\/spam1.png\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"100\" height=\"85\" border=\"0\" src=\"https:\/\/i0.wp.com\/www.wisecontradictions.com\/wise_contradictions\/images\/spam1.png?resize=100%2C85\" title=\"Spam1\" alt=\"Spam1\" style=\"margin: 0px 0px 5px 5px; float: right;\" \/><\/a>This morning I got a notice from Chase Bank that my account had been accessed from a different location.&nbsp; Could I please go to their website and verify my identity?&nbsp; Considering I that I haven&#8217;t banked at Chase in at least 5 years it seemed a wee bit suspicious.&nbsp; My gut told me it was spam, but what did the message itself tell me? <br \/>The source code concealed as much as it revealed, but my inquiry showed me how these new fangled criminals cover their tracks.<\/p>\n<p><!--more--><\/p>\n<p>I told my trusty &quot;Mail&quot; program to reveal the original source of the<br \/>\nmessage so I could see where it actually came from.&nbsp; It certainly<br \/>\nwasn&#8217;t from Chase.&nbsp; Examining the source told me a few things:<\/p>\n<p>\n* Columbia University rates incoming messages with a spam score&#8211;not<br \/>\nsure how Apple Mail uses it, but this got a spam score of 7.4\/10 and<br \/>\nwas tagged &quot;CU_PHISHY&quot;<\/p>\n<p>\n* To make the mail look authentic they rely upon images from the Chase website itself.&nbsp; <\/p>\n<p>\n* The site they want you to click on resides in China&#8211;<br \/>\nhttp:\/\/www.langoit.com.cn&nbsp; The attached image of the site provides a<br \/>\nserious hint that they&#8217;re Phishing&#8211;it doesn&#8217;t use the actual chase<br \/>\nURL, rather a number.&nbsp; <a onclick=\"window.open(this.href, '_blank', 'width=640,height=422,scrollbars=no,resizable=no,toolbar=no,directories=no,location=no,menubar=no,status=no,left=0,top=0'); return false\" href=\"http:\/\/www.wisecontradictions.com\/.shared\/image.html?\/photos\/uncategorized\/spamsite.png\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"100\" height=\"66\" border=\"0\" src=\"https:\/\/i0.wp.com\/www.wisecontradictions.com\/wise_contradictions\/images\/spamsite.png?resize=100%2C66\" title=\"Spamsite\" alt=\"Spamsite\" style=\"margin: 0px 0px 5px 5px; float: right;\" \/><\/a><\/p>\n<p>\n* I tried to find out who owned those domain names by doing a simple<br \/>\n&quot;Whois&quot; search &#8211;both the mailer and the site in China&#8211;I wasn&#8217;t able<br \/>\nto learn anything other than that these folks own a bunch of domains.<br \/>\nNo physical addresses there.<\/p>\n<p>\nI reported the Spam to Chase but how do you fight this new form of<br \/>\ncrime?&nbsp; It must require strong coordination of different law<br \/>\nenforcement agencies in different countries and cost a good deal of<br \/>\nmoney.&nbsp; It preys on the ignorance of users and their trust&#8211;and makes<br \/>\nus all worse off.&nbsp; The Internet&#8211;so many new possibilities, so many yet<br \/>\nto be imagined&#8211;some wonderful, some not so good.&nbsp; As my soon to be 95<br \/>\nyear old grandmother often counsels, &quot;be good, and if you can&#8217;t be<br \/>\ngood, be careful.&quot;&nbsp; Good advice, regardless of context.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Crack down on Spam<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[27],"tags":[102],"class_list":["post-41","post","type-post","status-publish","format-standard","hentry","category-tech","tag-security-phishing-spam-crime"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/41","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=41"}],"version-history":[{"count":0,"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/41\/revisions"}],"wp:attachment":[{"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=41"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=41"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wisecontradictions.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=41"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}