Monday, August 09, 2004

John Kerry, John Edwards and Jaipur

John Kerry, John Edwards and Jaipur – The connection might seem vague in reality but in the unpredictable world of cyber crime the three fall into place. SurfControl, an American Internet security firm, on Thursday blew the lid off two phishing scams in the US that were soliciting funds from Internet users, claiming they would be used to finance the political campaign of the Democratic Party in the forthcoming US presidential election.

One of these sites,, was found to be registered in Jaipur. Moments after the beans were spilt, these sites folded leaving cyber crime experts fumbling in the dark about their identity or the amount of money they could have amassed since they went online around the date of the Democratic Convention in Boston.

But why Jaipur of all places? In an email interview with Hindustan Times, the SurfControl vice president Susan Larson wrote that many American spammers host their operations outside the US to circumvent the law there. “Moreover, certain countries, including India and Thailand, have become popular destinations because the overhead costs are considerably lower than in the US,” she said.

Because SurfControl’s primary responsibility is to identify and classify spam, the nature of the site’s work is still in the dark. For example, it is still unclear whether the site had any physical presence in this city and how many people were involved. There are reports that Kerry-Edwards Campaign did contact the US Department of Justice. Concerned authorities in Jaipur are clueless about any such event. Considering they had a presence in Jaipur, Larson mentioned that it is “likely that few, if any, of the funds were diverted to India”.

Each site has to be registered against a name and physical address. However, many choose to base their sites outside the US to exploit loopholes in the US CAN-SPAM law and other national laws that have no international provisions. So the possibility that the spammer had some fascination for Jaipur remains open because of his choice of city. Larson stressed that international cooperation is one of the keys to establish effective anti-spam and anti-phishing legislation.


What is phishing?

Phishing attacks use 'spoofed' e-mails and fraudulent websites to fool recipients into divulging personal financial data such as credit card numbers and account usernames. By hijacking trusted brands, well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them. Once such private information is in their hands, these scamsters make purchases, withdrawals and the like on accounts of the unsuspecting users.



Post a Comment

Subscribe to Post Comments [Atom]

<< Home