- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Until just a few months ago, Gary Warner did not have the kind of day job you'd expect from an antiphishing crusader. He didn't work for a security vendor or a bank, or any kind of company you'd expect to care about phishing.
Warner's career as a cyber-sleuth began on Halloween 2000. That's when his company's Web site was defaced by a hacker named Pimpshiz as part of a pro-Napster Internet graffiti campaign.
"My boss came to me and said, 'Find out who did this and put them in jail,'" said Warner, who was at the time an IT staffer with Energen, a Birmingham, Alabama oil and gas company.
It was an eye-opening experience. "I called the police and they were like, 'What do you want us to do?'" he said.
Months later, when Pimpshiz struck servers at NASA, Warner reached out, calling staff there and saying "Hey, we know who this guy is. Here's his name and address."
Since then, Warner has quietly become one of the most-respected authorities on phishing in the U.S. -- the kind of guy that federal agents and banking IT staff call when they want to know how to catch the bad guys and shut down their credit-card-stealing Web sites.
With Warner's help, authorities eventually arrested Pimpshiz, whose real name is Robert Lyttle, [cq] in connection with the hacks.
Fishing for Phishers
Warner said that the Pimpshiz case was formative, underlining how hard it is for law enforcement to catch the bad guys on the Internet.
"The experience showed me that it's not that they don't care," Warner said. "Their hands are tied by the legal process."
Soon, Warner found himself spending dozens of hours each week compiling data on spammers and phishing attacks. "I would sit for a couple of hours every morning and find all the new phishing sites that I could," he said.
He'd take screenshots of the sites, e-mail the Webmasters who were hosting them and ask them for Web logs, and eventually he started making connections -- he'd connect one phishing group with several different attacks -- and learn who he needed to call to get Web sites removed, no matter where in the world they were hosted.
He'd get calls from IT staff at small credit unions asking for help taking down fraudulent sites, every day, all day long. It was cutting in on his work. Late last year, he decided to make a change. "I went to my boss and told him that I'm going to look for a way to do this full time."
Rss FeedRss Feed
In this whitepaper learn how Retrospective Network Analysis (RNA) has proved a different type of...
SNMP Monitorin One Critical Component to Network ManagementSNMP is a valuable tool to any network administrator who requires complete visibility into the...
Monitoring and Managing App PerformanceThis paper defines application analysis, discusses the different categories of tools on the market,...
Double-Take (r) Software and Microsoft are teaming up on September 9, 2008 for a webinar focusing...
Transforming the Enterprise WAN Edge: Video from CiscoLife on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Archiving, backup and data protection take on ever more critical roles in the enterprise. Data...
The New Network/System Management ChallengesIncreasingly popular technologies such as virtualization, wireless networking and data center...
Virtualization Reality CheckFind out why analysts say approaching virtualization with an ounce of caution is wise. And also why...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find out more
Disk and Tape Square Off
Discover what disk and tape really cost -- and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download the White Paper
Don't Fall For The Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Download the White Paper
Will You Add Tape Too?
Over two thirds of disk-only users look to add tape back into storage infrastructure according to recent survey.
Download Survey Information
Comment