img source: wearecentralpa.com

My email used to be bombarded with spam or phising emails either for Paypal, Maybank or CIMB and sometimes Amazon as well. Usually these emails are in the same format (sometimes even same wordings), same email subject and lil bit different header images and of cause different sender address. But today (the email actually received yesterday but I only open my trusted Thunderbird today) the content is lil bit different, convincing enough and yeah even the sender address seems like from legitimate source for the unsuspecting users.

As usual my Thunderbird categorized this email as probable Scam Email (as for some of my unfortunate friends email as well haha). Anyway for the first time I just remove the Scam tag and let the image load (after checking the email content source of cause).

As you can see the link stated in this email SEEMS to point to actual maybank2u website. But wait.. do not click it yet. Just move your mouse over the link and you can see the exact place where this link will lead you..

Yup.. Instead of going to maybank2u website, the link actually will lead (or mislead in this case) you to http://foto.asmul.com/gallery2/modules/icons/iconpacks/KSIcons/M2ULogin.doaction=Login.htm . So what if you really click on that link? For a start Firefox will not publish the site immediately but will give you an ample warning about that site instead.

And if you superbly ignorant or stubborn and choose to ignore the warning instead, you will be presented with this page

Ok even though the page bear resemblance with the actual maybank2u login page (refer image below) but IF you compare with these two, there are few glaring items that HOPEFULLY will make you aware that you are in a wrong/spoof/phising/tipu/kencing site.

The most obvious one is the address of the link. IF you are presented with maybank2u login page but the url shows address others BUT maybank2u’s, close your browser/tab and for precautionary move, run your antivirus or whatever anti spyware/bot/adware that you have in order to detect any possible unwanted malware (malicious software) downloaded unwittingly into your precious computer.

Like in this case, instead of having this address on the url field: https://www.maybank2u.com.my/mbb/m2u/common/M2ULogin.do?action=Login; you can see the address actually is http://foto.asmul.com/gallery2/modules/icons/iconpacks/KSIcons/M2ULogin.doaction=Login.htm with maybank2u login page.

Besides there’s a date on actual maybank2u’s login page, there are other differences that you should notice. Be my guest to download the images and play the “spot the different” between those images yourself as I’ve had enough of this game during my school years

The real maybank2u's login page

Well what will happen if you login or inserting your credential at this page..

Unless your username is testing and the password is 12345678abcd, you have nothing to worry about. And even with this false information, the page will “process” and lead you to another page..

Yup.. the infamous “update your Profile” page. Again unless your email is spongebob@krustykrab.com (is it yours?? sorry but I think you do not have maybank2u account rite? You do?…)

And the rest of the process is similar with the old phising scam.. Get TAC number, enter your TAC number, and the usual do not login to your account within 24 hours..

That’s for now. it seems there’s something interesting from the traffic generated by these activities. Will update on later post.

Oh yeah, it seems the site has been taken down

Anyway.. be careful and IF you have doubts, ALWAYS call your bank whenever you received any email from them. Just for confirmation and yeah you have to call them even you know that their Customer service is SUCKS..

Pic source: kellepcharles.blogspot.com

Greeting guys..

I’ve spent the past two weeks getting the draft for forensic readiness policy complete for submission to our client in Indonesia. To be honest this time around I need to assist our sister company there in designing an SOC for that particular client. In sense of security policy, bulk of the task was done by my colleague there. She’s very good in integrating the client’s security policies into ours. I really impressed with her works tho

So what the heck is Forensic Readiness Policy?

The main objectives of this policy are to maximize the usefulness of incident data and minimize the cost of forensics during incident response. Very clear eh? Well the elements of forensic readiness usually:

• How Logging is done
• What are the activities/items that being logged?
• Intrusion Detection System (Network and host based)
• Forensic Acquisition
• Evidence Handling

So before this post become a mini howto, better for me to stop till there. Nowadays more and more organizations aware on the importance of preserving or maintaining a proper record especially on their network traffics (based on my limited encounter lah.) There was a time when firewall or filtering via the boundary routers can be considered enough for network security. Now it seems that at least Intrusion Detection Systems (IDS) is the must have within the list of security devices for an organization (whether there are analysts or at least people monitoring this IDS outputs is another story). Also from my (limited) experience, most of our clients do have either one or more logs repository. Again the question whether if these logs are reviewed or not is not for me to answer.

So what does it mean?

It means that nowadays the www is not as wild wild web like it used to be. You hit and then you left the scene without much fuss on the trail. Bypassing filtering device like firewall is something cool but now if you brag on how you managed to bypass layer 3 and 4 filtering device, I guess people will just shrug off and ignore you. Now there are mechanisms to detect your activities whether on network or on the attacked system itself. Hacking is not Harry Porter stuff and you do leave a trail. Sooner or later, your “hacking” activities trails will lead to you.

With this kind of policy and many other similar policies as well, organizations perhaps are well prepared to detect and respond to any security incidents. Because for me, eventually you will be hacked or compromised. The important thing that you have to remember is how do you detect, respond and recover from these attacks.

Prepared - source :www. antithesiscommon.com

So bragging about your “hacking” activities in forums or blogs IMHO is a NO NO. It makes the task for the LEA easier especially when you include your handler in the page that you “hacked”

Anyway, somehow crime doesn’t pay

For me personally, this year started well enough. I ended the January with 5 days at Jakarta assisting our sister company there on one project with one of the largest bank in Indonesia. That trip alone requires one entry as I had plenty of things that I’ve learned in that 5 days time.

The twins are getting naughtier, the eldest daughter is growing  and so does her sister which makes me start planning on future planning to monitor my daughters. Today’s Friday prayer sermon touch on Cyber Crimes and one of the points is the importance of knowing what your children are doing online. Well I’m not that worried on NOT knowing what they are doing online but more concern on mobile communication like sms, mms, and yeah I believe in the near future, soon Blackberry will be a norm. Cracking, Sniffing GSM or BlackBerry services seems not a bad idea though.. I should find a good way to include these devices in my monitoring system…

Currently I’m suffering from sunburn.. During last Chinese New Year holiday, we spent nearly one whole day at the beach (Balok Beach) and my children really enjoyed their time there.. So I am not that comfortable of meeting people now as I believe I do look like an alien…

Till next post then.. Have a nice weekend.. I will spend my weekend reviewing document though

p/s: To wifey, Happy Birthday dear…

Husband V/S Wife

Husband: Do you know the meaning of WIFE?

It means, Without Information, Fighting Everytime!

Wife: No darling, it means,

With Idiot For Ever

************ ********* ********* ********* ********* *********

Wife: I wish I was a newspaper,

So I’d be in your hands all day.

Husband: I too wish that you were a newspaper,

So I could have a new one everyday.

************ ********* ********* ********* ********* *********

Doctor: Your husband needs rest and peace. Here are some sleeping
pills.

Wife: When must I give them to him?
Doctor: They are for you

************ ********* ********* ********* ********* *********

Wife: I had to marry you to find out how stupid you are.

Husband: You should have known it the minute

I asked you to marry me.

************ ********* ********* ********* ********* *********

Husband: Today is Sunday & I have to enjoy it.

So I bought 3 movie tickets.

Wife: Why Three?

Husband: For you and your parents

************ ********* ********* ********* ********* *********

Wife: What will you give me if I climb the great Mount Everest ?

Husband: A lovely Push…!!!

************ ********* ********* ********* ********* *********

Q: What is the most effective way to remember your wife’s birthday?

A: Just forget it once and you will never forget it again

************ ********* ********* ********* ********* *********

After a quarrel, a wife said to her husband,

You know, I was a fool when I married you.

The husband replied, “Yes dear, but I was in love and didn’t notice

I get this from the email…

INSTALLING A HUSBAND

Dear Tech Support,

In addition, Husband 1.0 uninstalled many other valuable programs, such as Romance 9.5 and Personal Attention 6.5, and then installed undesirable programs such as EPL 2.0, F1 3.0 and Internet 4.1.

Conversation 8.0 no longer runs, and Housecleaning 2.6 simply crashes the system.

Signed,
Desperate.

DEAR DESPERATE,

Please enter command: ithoughtyoulovedme.html and try to download Tears 6.2 and do not forget to install the Guilt 3.0 update.

However, remember, overuse of the above application can cause Husband 1.0 to default to Grumpy Silence 2.5, Happy Hour 7.0 or Stella 6.1.

Whatever you do, DO NOT under any circumstances install Mother-In-Law 1.0 (it runs a virus in the background that will eventually seize control of all your system resources.)

In summary, Husband 1.0 is a great program, but it does have limited memory and cannot learn new applications quickly. You might consider buying additional software to improve memory and performance. We recommend Cooking 3.0 and Hot Lingerie 7.7.

Good Luck Babe!
Tech Support

Work hard at what you like to do and try to overcome all obstacles.

Laugh at your mistakes and praise yourself for learning from them.

Pick some flowers and appreciate the beauty of nature.

Say hello to strangers and enjoy the people you know.

Don’t be afraid to show your emotions laughing and crying make you feel better.

Love your friends and family with your entire being they are the most important part of your life.

Feel the calmness on a quiet sunny day.

Find a rainbow and live your world of dreams always remember life is better than it seems.

My Twin Happiness

Why I fired my Secretary
>
>
>
> Last week was my birthday
> And I didn’t feel very well
> Waking up on that morning.
>
>
>
> I went downstairs for breakfast
> Hoping my wife would be pleasant and say,
> ‘Happy Birthday!’,
> And possibly have a small present for me.
>
> As it turned out,
> She barely said good morning,
> Let alone
> ‘ Happy B irthday.’
>
> I thought…
> Well,
> that’s marriage for you,
> But the kids….
> They will remember.
>
> My kids came bounding down stairs to breakfast
> And didn’t say a word..
> So when I left for the office,
> I felt pretty low
> And somewhat despondent.
>
>
> As I walked into
>  my office,
> My secretary Jane said,
> ‘Good Morning Boss,
> And by the way
> Happy Birthday ! ‘
> It felt a little better
> That at least someone had remembered.
>
>
> I worked until one o’clock ,
> When Jane knocked on my door
> And said, ‘You know,
> It’s such a beautiful day outside,
> And it is your Birthday,
> What do you say we go out to lunch,
> Just you and me.’
> I said, ‘Thanks, Jane,
> that’s the greatest thing
> I’ve heard all day.
> Let’s go !’
>
> We went to lunch.
> But we didn’t go
> Where we normally would go.
> She chose instead a quiet bistro
> With a private table.
> We had two martinis each
> And I enjoyed the meal tremendously.
>
> On the way back to the office,
> Jane said, ‘You know,
> It’s such a beautiful day…
> We don’t need to go straight back to the office,
> Do We ?’
>
> I responded,
> ‘I guess not..
> What do you have in mind ?’
> She said,
> ‘Let’s drop by my apartment,
> it’s just around the corner.’
>
>
> After arriving at her apartment,
> Jane turned to me and said,
> ‘ Boss, if you don’t mind,
> I’m going to step into the bedroom
> For just a moment.
> I’ll be right back.’
>
>
> ‘Ok.’ I nervously
>  replied.
>
> She went into the bedroom and,
> After a couple of minutes,
> She came out
> Carrying a huge birthday cake …
> Followed
> By my wife,
> My kids,
> And dozens of my friends
> And co-workers,
> All singing ‘Happy Birthday’.
>
>
> And I just sat there…
>
>
>
>
> On the couch…
>
>
>
>
> Naked.

I got this from an email OK? It’s not my story. I dun have any secretary or SECRETary anyway. And my wife and kids do remember my birthday