Spoofed!

Whats more irritating than spam? Spoofed spam. Just ask ISC2.

. What's this?

By

January 16, 2003CSO — If anyone should be able to recognize a hoax, its the kind of person who corresponds with ISC2, that awkwardly named organization known for doling out certifications to security professionals. But four months ago, the International Information Systems Security Certification Consortium became the target of an e-mail spoofing campaignand even a group of so many security brainiacs still hasnt been able to close the case.

It started last autumn, when the security community got blasted with a legal notification allegedly from ISC2. On Sept. 3, I myself got the e-mail, which warned that my name, banking information and Social Security number had been sold for marketing research. Supposedly I could send $10 to ISC2, which would then consider deleting its records about me. Otherwise the organization would deduct $50 from my account.

Despite the fact that the e-mail seemed to come from ICS2, listed its real mailing address and was signed with the name of a real staff member, it had hoax written all over it. Its claims were ludicrous, and it gave a vague citation of something called the privacy act as its legal rationale.

Later the spoofing campaign turned really nasty, with antisemitic rants and photos, the details of which arent worth repeating. This round of e-mails appeared to come from ISC2s webmaster.

Dorsey Morrow, general counsel for the Framingham, Mass.-based organization, has been on the case ever since, working with law enforcement officials in Massachusetts, Australia and now Israel, to try to track down the suspect. Theres just one problem: Morrow is not sure exactly what crime has been committed. Because the perpetrator wasnt trying to collect any money himself, the spoofed e-mails dont count as fraud. The crime seems to have been committed in Australia, where defamation and slander are difficult to prove. And the antisemitic e-mails inferred violence but did not explicitly threaten it. He walks up the line, Morrow says. This guys more of an annoyance than anything else.

Morrows biggest hope for prosecution comes from an unlikely place: spam legislation that would have allowed ISC2 to bring charges for misrepresenting the origin of an e-mail. This seems a stretch. After all, 26 states have anti-spam laws already, and have you noticed how much good theyre doing?

The sad truth is, e-mail spoofingin which a message appears to come from someone that its nothas become a way of life. Users have long been told not to trust e-mails from unknown sources. Spammers, and virus writers too, have responded by making it appear as though an e-mail is from a trusted source. (A note for you geeks out there: whos going to slog through the IP header looking for the real trail? As far as most e-mail users are concerned, all that really matters is the from line.)

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER