Monthly Archives: May 2015

Professor Klaus Brunnstein

Many people in the security industry have expressed their regret at the passing of Professor Dr Klaus Brunnstein, who died on 20th May 2015, just a few days before his 78th birthday, as I noted in an article for ITSecurity.

I’ve been particularly struck, though, by the fact that so many people were willing to share their thoughts: not only at ESET (where so many people expressed their regret that I felt I had to post the article at a vendor-neutral site so that it wouldn’t look like some kind of twisted PR exercise), but also by the many people who responded to requests for comments before the article was published and even after it was published. I’m only sorry I couldn’t include all the commentary I received.

I think it all indicates just what a legacy Klaus leaves behind him, not just politically, and not just to the security industry (including CARO and EICAR) and to academia (notably the Virus Test Center at the University of Hamburg), but to the entire online world. The article and the links it includes give only barest impression of how immense his contribution was, and just how much he’ll be missed personally. As Andrew Lee observed:

A thoroughly decent man. Sadly missed, he wasn’t able to make it to the CARO conference a couple of weeks ago. I only met him a few times, but it was always memorable.

David Harley
ESET Senior Research Fellow

Nepal earthquake scam: out for a duck…

(But there are plenty more where he came from…)

It was, I suppose, inevitable that the earthquake in Nepal would provide an opportunity for scammers to capitalize on the misery of others. I haven’t been tracking this particular subcategory of scamming nastiness, but a pingback on one of my articles written in 2011 for the AVIEN blog about Japanese earthquake-related scams and hoaxes – actually, a link to some of the many articles relating to those scams – drew my attention to a blog by Christopher Boyd for Malwarebytes on Nepal-related scams.

In that article, the Nepal earthquake scam he highlights is a bizarrely-expressed donations scam message claiming to be from the weirdly named ‘Coalition of Help the Displaced People’:

We write to solicits [sic] your support for the up keep [sic] of the displaced people in the recent earth quack [sic] in our Country Nepal.

He also flags an assortment of Nepal themed scam emails listed at Appriver, and a ‘dubious looking donation website’ covered in detail by Dynamoo.

Appriver’s collection includes:

  • A classic 419 claimed to be from one of the earthquake victims (daughter of a deceased politician – stop me if you’ve heard this story before…)
  • Another giving the impression it’s on behalf of the Salvation Army and World Vision: who’d have guessed that big organizations like those would use Gmail accounts? 😉
  • An exercise in guilt tripping from ‘Himalaya Assistance’ whose real purpose seemed to be to distribute a keylogger.

US-CERT also warns of ‘potential email scams’. As well as generic advice about mistrusting links and attachments and keeping security software up to date, the alert very sensibly advises the use of the Federal Trade Commission’s Charity Checklist. The FTC’s page includes sections on:

There are a number of ways of checking the bona fides of a charity, including Charity Navigator (http://www.charitynavigator.org/) and Charity Watch, formerly the American Institute of Philanthropy (http://www.charitywatch.org).

In the UK, GetSafeOnline also has a guide to protecting yourself from charity scams, including resources for checking the status of UK charities:

I’ll leave the last word to Chris Boyd, since I couldn’t agree more and couldn’t have put it any better:

Scammers riding on the coat-tails of disasters are the lowest of the low, and we need to remain vigilant in the face of their antics – every time they clean out a bank account, they’re denying possible aid to the victims of the quake and creating all new misery elsewhere. That’s quite the achievement…

David Harley