Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!bcm!lib!mdaali.mda.uth.tmc.edu!dct
From: dct@mdaali.mda.uth.tmc.edu (David C. Tuttle)
Newsgroups: comp.unix.admin
Subject: Re: MONEY_FOR_BANKS offer
Message-ID: <4971@lib.tmc.edu>
Date: 16 Apr 91 16:36:24 GMT
References: <!vkg8.#@rpi.edu>
Sender: usenet@lib.tmc.edu
Organization: University of Texas M.D. Anderson Cancer Center
Lines: 45
Nntp-Posting-Host: dct.mda.uth.tmc.edu

fitz@mml0.meche.rpi.edu (Brian Fitzgerald) writes:
< 
< For anyone who is interested, on April 8, someone placed a commercial
< announcement for a "credit card indemnification club" in world writable
< anonymous ftp directories from here to Finland.
< 
>|Dear Reader:
>|        We are a multi-service comapny that needs your help.  We need
>|to secure as many banks in our computer banks as possible.  We don't
>|want no one else's help, but yours.  For each submitted bank you will
>|receive $5.00.  If you are a member of the credit indemnification club,
>|then you will receive $7.50/submission. Look under CREDIT_CARD_PROTECTION
>|for more details and the address of the company.
>|Sincerely,
>|P. L. Miller
>|President
>|Miller's Comsumer Service
< 
< I wonder why the bankers won't give him the list.
< 
< Look for:
< -rw-rw-rw-  1 ftp          1394 Apr  8 05:55 CREDIT_CARD_INDEMNIFICATION
< -rw-rw-rw-  1 ftp           473 Apr  8 05:55 MONEY_FOR_BANKS

Thanks for the tip!  After reading your message, I found these files on 
our FTP archive, too.  I've tried contacting the company by phone, but 
there's no phone number listed in the directory (that sounds 
suspicious...).  A quick look at our logs reveals that the Internet 
address of the machine used to perpretrate this is 131.204.21.12 .  Anyone 
know whose machine this is?  I'm not well-versed in Internet 
name-lookup-type things.

At best, this is one of those credit "services" that prey on people with 
bad credit.  At worst, it could be a bizarre pyramid-type con game where 
the guy skips town before paying out what he promises.  Either way, it has 
"DON'T TOUCH" written all over it, and I'm not happy about our machine 
being a part of it.  We've now shut off "world-writable" FTP permissions.

Is there another newsgroup discussing this in greater detail?  If so, 
somebody please e-mail me that info.

--
David C. Tuttle                             dct@mdaali.mda.uth.tmc.edu
Software Systems Specialist               Department of Biomathematics
University of Texas M.D. Anderson Cancer Center         Houston, Texas