Showing posts with label spam. Show all posts
Showing posts with label spam. Show all posts

Saturday, March 14, 2020

Bitcoin scam

You probably found this blog by doing a web search after the following ids after receiving a mail from a Bitcoin spammer.


Bitcoin scam often comes as blackmailing. The scammer sends a mail claiming you have been visiting a porn web site. He adds while enjoying yourself this site hacked your computer and recorded you with your web cam while having fun. There might also be a password in the spam as proof. He threatens to send this footage to other contacts he found in your address book and to other sites in the internet, if you don't pay a certain sum to the given Bitcoin id. But don't worry, this is usually not true, although an internet newbie might believe this. It's just a random shot to make money by scaring mail recipients. Don't pay, delete the mail.

There might be a slim chance that it is true though. If the password he mentions looks familiar, and is not something like 123456, he might actually hacked you. Check your computer for malware. If you find evidence the computer is infected, backup data like documents, videos or audio files to an external drive (USB stick or SD card) and wipe the hard disk clean before installing your operating system from scratch. Yes, that might be painful, but in my opinion better than knowing your are watched.

Thursday, April 25, 2019

How to prevent VOIP Spam

What is SPIT?

Spam over Internet Telephony (SPIT) is telephone spam that is transmitted over the Internet Protocol using IP (Voice over IP) telephony. Telephone spam refers to unwanted telephone calls that are automatically and in large numbers recorded. Phone spam is similar to email spam, but is currently less common and requires other safeguards due to synchronous communication.

How abuse takes place

IP telephony, as well as email and other Internet applications, is prone to being abused by unwanted messages and connections. Call machines can be used for telesales, telemarketers, for alleged winning messages, or as phone calls. In particular, IP telephony offers this freely available software (such as Asterisk or SIP) and inexpensive options to automatically sell a large number of calls. The IP telephony is often based on the Session Initiation Protocol (SIP) [1] for setting up, controlling and reducing the telephone connections. After establishing a SIP session and accepting the call by the called party, a pre-recorded spam message can be recorded. For pure lock or ping calls, no audio data is transmitted.

Large numbers of unwanted and automated phone calls

SPIT is characterized by a large number of unwanted and automated phone calls that are transmitted using the Internet Protocol. The caller (spammer) tries to establish a large number of connections using suitable software and plays a recorded message as soon as the called party answers the call. Using the widely used Session Initiation Protocol (SIP), the connections to INVITE messages are initiated and then configured and set up with other messages; The audio data is then transmitted via the Real-time Transport Protocol (RTP). The spammer can this telephony software such. B. Asterisk use. The spam calls can be transmitted via gateways of the telecommunications network operators in the conventional telephone network (PSTN).

How to prevent VOIP Spam?

Many users have no problem with SPIT already being "shielded" behind NAT or a package filter, AKA firewall. Others, running a Linux server with VOIP server and client on it might be exposed to VOIP Spam. These can protect themselves by setting up one package filter rule:

iptables -A INPUT -p udp ! -s 217.10.79/24 --destination-port 5060 -j REJECT
assuming 217.10/16 is the IP range from your ISP. In this case it's Sipgate. That will throw away all UDP packages to the SIP port (5060, might differ on other setups) unless they come from 217.10.79/24.