Feeds

Anti-fraud site targeted in Joe Job attack

Spammers try to discredit Bobbear.co.uk

Protecting users from Firesheep and other Sidejacking attacks with SSL

Fraudsters have upped the ante in their fight to discredit a respected UK-based anti-fraud website.

The email address of Bobbear.co.uk, which fights phishing fraud by exposing groups attempting to recruit money mules, was spoofed in obscene emails. The Joe Job attack represents a further attempt to make life difficult for Bobbear.co.uk, which operates on a voluntary basis, and site administrator Bob Harrison.

Just over a week ago the site came under a sustained denial of service attack, which remains ongoing despite largely successful attempts by BobBear in cooperation with ISP Fasthosts to minimise the effect of the assault. "The DDOS continues and the criminals are also now attempting to hurt me by spoofing my email addresses to send obscene emails," reports Harrison. "These are nothing to do with me and have not come from me or my domain. This is called a 'Joe Job'. Do not be fooled by them - simply discard them or use SpamCop to report the source IP. Oh, and I DO NOT send out newsletters - it's the same spoofed spam from the same criminals."

As well as forcing Bobbear to field angry messages about the junk mail and complaints the Joe Job email run has led to thousands of bounce-back messages from spoofed emails sent to non-existent addresses, clogging up the site's mail server.

Forged emails supposedly from Bobbear have been used in an attempt to discredit the site in the past. In October 2007, a spam run sought to ruin the reputation of Bobbear by bombarding intenet users with supposed begging request. In truth the junk mail messages, asking for donations through online payment service e-Gold, were nothing to do with Bobbear.co.uk. Fasthosts temporarily suspended Bobbear.co.uk in response to complaints over these emails at the time but have been far more supportive since, for example going out of their way to get the site up and running during the latest Job Job attacks, Harrison told El Reg. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.