ASCAP Issues Fraud Alert
YNOT – Someone may be attempting to extort adult webmasters in the UK by posing as a representative of the Association of Sites Advocating Child Protection, the non-profit group warned on Wednesday.
According to a prepared statement distributed Wednesday afternoon, a webmaster in the UK received a hostile email bearing the return address “joan@asacp.co.uk.” The email’s author threatened to reveal the presence of child pornography on the webmaster’s site unless the webmaster and his hosting company took some kind of action ASACP declined to reveal.
“Thankfully this webmaster contacted ASACP directly to ask us about this,” said ASACP Chief Executive Officer Joan Irvine. “Know that ASACP does not own ASACP.co.uk and never sends such emails to individuals or owners of suspected [child-porn] websites. We forward all confirmed reports of suspect [child sexual abuse] directly to law enforcement and other international hotlines.”
Tim Henning, ASACP’s vice president for technology and forensic research, investigated as though the perpetrator were a child-porn suspect. He discovered ASACP.co.uk is registered to “Jane Harman.”
“Obviously, whoever bought this domain knew about the recognition Congresswoman Jane Harman presented to ASACP for its Restricted to Adults – RTA label,” he said, indicating the as-yet-unknown individual intended to hide his or her identity in order to commit online fraud.
The domain was registered through registrar Dynadot LLC in September 2010 and is hosted by Silicon Valley Web Hosting. Henning obtained a list of other domains that share ASACP.co.uk’s IP address, which was set up to auto-forward all traffic to ASACP’s legitimate website at ASACP.org.
“Because domains owned by the same person or organization usually are grouped under the same IP on servers, this may be an indicator of who is behind this illegal activity,” he said. “Plus, this information will help law enforcement with their investigation.”
ASACP has turned the matter over to law enforcement, since the owner of ASACP.co.uk clearly intended commit fraud, Henning said. Information that may lead to the identity of the real owner is protected by the site’s registrar and the site’s web hosting company and ASACP is unable to afford the cost of obtaining a court order requiring disclosure of the customer’s true identity; therefore, ASACP contacted the Internet Crime Complaint Center, a quasi-governmental clearinghouse for reporting and taking action against cybercrime, for help.
“Since this criminal used Congresswoman Jane Harman’s name to register ASACP.co.uk, ASACP has provided the results of our investigation and the IC3 case number to both her California and Washington staffs,” Irvine said. “So we are expecting a speedier investigation.
“We have also been working with the registrar and hosting company to inform them of this matter and assist them with their own internal investigations,” she added. “ASACP’s hosting company has also been contacted by us in order to place a referrer block on ASACP.co.uk. All referred traffic is now redirected to [an ‘access forbidden’] page instead of ASACP.org.”
Irvine and Henning suggested webmasters who find themselves under attack by cybercriminals pursue a similar route. They also requested anyone who has been contacted by anyone using an email address at ASACP.co.uk [EMAIL=Tim@asacp.org]send[/EMAIL] the details to Henning or forward the offending messages.