Cyber crooks are sending spoof messages by hacking into e-mail accounts. Experts say the tactic is difficult to trace
Cyber crooks are sending spoof messages by hacking into e-mail accounts. Experts say the tactic is difficult to trace
What is common between Vaibhav Sinha (name changed), a student of journalism at a Noida media school and US national Ken Haywood?
While Haywood's Internet account was hacked by terrorists involved in the July 2008 Ahmedabad serial blasts to send out threat e-mails, cyber crooks took over Vaibhav's e-mail account to sent spoof messages from his ID.
The 24-year-old student was baffled to find pictures of a girl from his institute in his mailbox. The e-mail, originating from his e-mail account, was sent to a number of other addresses. When he checked the sent items folder the mail was there too.
ADVERTISEMENT
"Many students, especially girls, have complained against me. I can't even explain, as all the details of the sender are mine. It is even there in my sent items folder," said Vaibhav.
The mail contained five pictures of a girl of the same institute and were stolen from her account on a social networking website. "I am not at all tech savvy but a cyber crime expert told that the header of the mail was spoofed and it is next to impossible to trace the sender. I don't know what to do," said a clueless Vaibhav.
Cyber crime experts pointed out that it was a new exploit being used to send threatening mails.
Can it be traced? "The problem with such spoofing is that it reverts the content to the reader. In simple words, it cannot be traced easily," says Sunny Vaghela, a cyber crime expert with Techdefence.
Security agencies cite the e-mail header as one of the most crucial links to reach the culprit. "The header contains the identity of the computer from which it has been sent. It also has the service ID from where it originated. It is like a postal stamp in your conventional mailing system that shows the post office from where it was dispatched," says a senior Delhi police official.
Vaghela says that the spoof programme ambushes the target computer. "Even if the situation is investigated, it will only be tracked to you - the sent items in your account," he said.
"There is no guarantee that a safe system or even spam filter can hold such mails. With certain tools of investigation, we can track the real sender. However, the ambush makes the process a bit lengthy," he said.
Ken connection
Kenneth L. Haywood's wireless connection was allegedly used by terrorists to transmit a message to news channels before the Ahmedabad serial blasts. It was subsequently revealed that Haywood had been living a double life as an "executive skills trainer" and a Christian pastor. Though he was questioned by the cops, charges were not pressed against him.