Adam Todd link at todd.inoz.com
Sat Mar 24 11:49:22 AEDT 2007

At 08:26 AM 24/03/2007, Jan Whitaker wrote:
>At 05:09 AM 24/03/2007, Howard Lowndes wrote:
>>Rick Welykochy wrote:
>>>Here is a new phishing scam: ATO taxt refund.
>>>I looked for an email contact for the ATO on their website - there is
>>>none I could find. Just phone, snail mail, or in person contact.
>>>The scam is here: http://tinyurl.com/2xrqgt
>I got two copies of this one. Looked at the full heading and it was 
>obviously not from the government.
>If anyone does follow up with AHTCC and gets anywhere, I'd like to hear 
>about it. I was at a consumer congress last week where a chart of agencies 
>taking reports of scams was put up on the screen by the AHTCC speaker: 
>SIXTEEN! They have no clue how to deal with this problem, 'they' being the 
>various agencies and govt offices.

Actually it's REALLY easy.

They come to someone like me who has not only the technical background by 
the film making expertise.

They ask us to take some of that $150,000,000 spent each year on tv 
commercials for rubbish and trash, (excluding the Centrelink "Report your 
changes" because that's just doing exactly what needs to be done to protect 
people from themselves")

They ask us to knock together a series of 30 second educational self 
contained stories to be broadcast nationally to educate people about 
phishing and how to avoid it.

It's not hard.

And we're getting DAMN good at the "short form" format.  Considering this 
last month I won an Award in Hollywood for a 3 minute piece.    I have to 
admit, I can tell a story in 30 seconds, 5-7 minutes, or 2 hours, but 3 
minutes is the most complex length I've ever been challenged with.

Here '15 that won the award:

As part of winning we have to make another film on the same topic, so we 
thought we'd go the other way this time.


And the Behind the Scenes:  THE LIST MAKER

Now if the Government were to commission me, then I'd actually have 
something to do other than take a nice pension payment each fortnight :)

>The only advice I was able to find was to delete the message. And even 
>though each speaker 'complained' that they weren't getting enough reports 
>of things happening so they could 'deal' with them, 'they' all made it so 
>difficult to communicate with 'them', I thought them insincere in that 

Yes most Government agencies don't provide an email contact.

The reason is generally pretty simple.  If you give people easy access to 
an e-mail address, you will get inundated with e-mail from people who are 
unemployed, in trouble with the law, being dragged through court etc.

There is nothing worse than "Your Honor I sent an email to the registry, it 
has failed to ...."

So they don't allow it and you have to ring, join a queue, speak to someone 
who hasn't a clue, get given another number, make another call, sit in 
another queue, wait, speak to someone who says you need to go back to the 
first number ... and so the cycle continues.

That's good governance.

And it keeps lots of people employed answering phones!  And it contributes 
to the Telecommunications Industry profits!

>When I tried to raise the first money laundering 'muling' email I 
>encountered, I gave up after a few hours of trying to report it to anyone 
>AUSCert was the only group who appeared to have any interest whatsoever.

AUSCert has changed much over the years.  Not sure they have the "punch" 
they use to have these days.

The Cert's use to take matters into hand, contact other network related 
parties and work with people to solve problems.  Most issues were security 
based and were easy to solve.

Now the issues tend to be external, or government regulated and it becomes 
political.  That's when things slow right down.  As much as AUSCert holds 
it's core activity in a positive sense, there is really little anyone in 
AUSCert can do about much of these things these days because of the 
Government's of the world's global stance and the fact that now most 
Internet related stuff is within multinational corporations who are only 
interested in one thing - Byte Count.

And SPAM is damn good for byte count.

Especially when Bell were constantly selling a New Connection to a very big 
spammer in the USA.  They chop the spammer off when the complaints and 
media got too hot, and sell him a new connection the next day.  "Oh but 
it's a new account."

>BTW, AHTCC just says call your local police. Yeah, right. I can't even get 
>them to come out to a real crime!

I don't think I want to make a comment about "the local" NSW Police, not 
whilst I have them in the Supreme Court as defendants, based specifically 
on their failings to INVESTIGATE and ATTEND appropriately.

Jan, if you want to get some action, make a formal complaint to the 
Police.  Tell then you want them to stop the problem.  Then get scammed, so 
you can sue them for breach of duty of care.


But then, the defence will be that you knew better and could have prevented 
being scammed.

More information about the Link mailing list