From: eiwasaki@gol.com (Ellen Iwasaki)
Date: Wed, 19 Feb 1997 19:41:19 -0800 (PST)
To: www-security@ns1.rutgers.edu
Subject: security breached by NaughtyRobot
Message-ID: <199702200340.MAA04535@gol1.gol.com>
MIME-Version: 1.0
Content-Type: text/plain


HELP! Can anyone tell me what this message is that I received in my mail
today? Is it real? Should I do as it suggests? I have used the Internet
once to purchase some books? Was my credit card number stolen in the
process? How did this happen and how will it affect me? What should I do?
PLEASE ADVISE ASAP! Thank you for your help
Ellen Iwasaki
Kumamoto, Japan

> From: eiwasaki@gol.com
> Date: Wed, 19 Feb 97 02:27 CST
> Apparently-From: eiwasaki@gol.com
> Apparently-To: eiwasaki@gol.com
> Reply-to: eiwasaki@gol.com
> Registered-mail-reply-requested-by: eiwasaki@gol.com
> Sensitivity: PERSONAL-CONFIDENTIAL
> Precedence: EMERGENCY
> Priority: URGENT
> Comment: Authenticated sender is <eiwasaki@gol.com>
> Organization: NaughtyRobot
> Subject: security breached by NaughtyRobot
>
> This message was sent to you by NaughtyRobot, an Internet spider that
> crawls into your server through a tiny hole in the World Wide Web.
>
> NaughtyRobot exploits a security bug in HTTP and has visited your host
> system to collect personal, private, and sensitive information.
>
> It has captured your Email and physical addresses, as well as your phone
> and credit card numbers.  To protect yourself against the misuse of this
> information, do the following:
>
>         1. alert your server SysOp,
>         2. contact your local police,
>         3. disconnect your telephone, and
>         4. report your credit cards as lost.
>
> Act at once.  Remember: only YOU can prevent DATA fires.
>
> This has been a public service announcement from the makers of
> NaughtyRobot -- CarJacking its way onto the Information SuperHighway.
>