Anti-Fraud sites under attack

Several of the main sites dedicated to fighting online scams are currently inaccessible because of a “Denial of service” (DoS) attack.,, and occassionally have been offline. and are two of the oldest sites that fight “419” scams (named of the section in the Nigerian penal code that prohibits fraud). and deal with a wider range of online scams, Nigerian scams as well as Escrow and commercial scams often run by Eastern European crime rings.

It is still unclear who is behind the attack. The selection of websites for this concurrent attack suggests Nigerian scammers, but technically the type of attack is more typical for Eastern European scammers. It may well be a sign of increased cooperation between both crime communities.

The exposure of websites to the danger of cyber attacks in a more and more net-centric world was highlighted earlier in the year when websites in Estonia were crippled for several days in large scale attacks, many of which originated from next-door Russia, with which Estonia has had a strained political relationsship.

Throughout this year criminals have been building the Storm botnet, a network of remote-controlled zombie computers infected with Malware that lets the criminal masters download and run any software on them that they chose. So far the Storm botnet has been used primarily fo sending pump-and-dump penny stock spams (see here). However, experts estimate the network as being comprised of between 1 and 10 million computers, far larger than needed to spam every computer on the planet. It’s probably the only peer-to-peer network comparable in size to eBay’s voice-over-IP giant Skype, which currently has 4 to 7 million concurrent online users.

Botnets have the potential to cripple the information infrastructure that countries increasingly rely on. Greater efforts need to be made to prevent infections, clean up or quarantaine infected computers and to track down the criminals who control them.