|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: Distressing, possibly life threatening emails from free accounts (yahoo, hotmail
Date: Fri May 30 2003 - 14:35:00 EDT
If the messages are, in fact, illegal threats AND CREDIBLE, then do not
delay contacting law enforcement.
Even if the sender is in the US, spoofing headers is relatively easy, so there's no guarantee that the message can be traced by that method. A lot depends upon the technical sophistication of the sender. In other words, even if Yahoo cooperates in the investigation, that alone may not be sufficient to discover the sender's identity. It may be possible to back trace through the log files of the various systems through which the mail passed. The writers of some viruses have got themselves caught this way. Typically, log files are not kept very long, and only a law enforcement agency would have the authority to demand them from the owners.
This is a lot of work, and there's no guarantee of success, so it's rarely used in such cases. If the threats are targeting someone who is not "in the public eye", it's very probable that the recipient knows the sender. Any respectable investigator would begin with the "disgruntled" employees, "jilted" boyfriend, or other classic "hate crime" candidates known to the sender.
It would be nice to think that people smart enough to be sophisticated hackers would also be smart enough not to engage stupid or illegal behavior, but unfortunately, technical skill and emotional maturity are independent qualities.
mike.h
-----Original Message-----
From: Shawn Duffy [mailto:pakkit@codepiranha.org]
Sent: Thursday, May 29, 2003 1:49 PM
To: Jay Woody
Cc: stephenbbaker@hotmail.com; security-basics@securityfocus.com
Subject: Re: Distressing, possibly life threatening emails from free
accounts (yahoo, hotmail
You need to get the original headers from the recipient of the message. That will have the sender's IP address. From there you can send the headers to Yahoo's abuse department (don't know the address offhand). Who knows if it will actually be addressed by them but that is all you can do.
If they ARE life-threatening then your best bet is to contact your local law enforcement agency, give them the headers and the emails, and they will submit a subpoena or search warrant to Yahoo for user records. Yahoo HAS to respond to those. However, if the offending user is outside the US, there still may ne nothing they can do. Though Yahoo will close the account. Either way, you will never know the identity of the real sender, at least from this... the law enforcement agency won't tell you who it is once they have the records, nor should they, and neither will Yahoo.
Shawn Duffy, CCNA CCSE
email: pakkit at codepiranha dot org
web: http://codepiranha.org/~pakkit
gpg key: http://codepiranha.org/~pakkit/pakkit.asc
gpg fpr: 8988 6FB6 3CFE FE6D 548E 98FB CCE9 6CA9 98FC 665A
having problems reading email from me?
http://codepiranha.org/~pakkit/pgp-trouble.html
On Wed, 28 May 2003, Jay Woody wrote:
> Send them an e-mail telling them they have won $1,000,000 and you need
-
> --------------------------------------------------------------------------
--Received on Sun Jun 1 15:20:42 2003
>
>
>
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>
--------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:04:38 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |