[Cybertalk logo] Copyright (c) 1996 by Timothy C. Barmann. This article is intended for personal viewing only and may not be re-distributed in any form. Please e-mail link requests.

November 10, 1996

E-mail is vulnerable
to crank calls

By Timothy C. Barmann

The e-mail note started out friendly enough.

"Hi! I sent you this letter because your email address was on a list that fit this category."

From there, it took a sickening turn.

"I am a fan of child pornography and for the past 4 years, I have been able to gather quite a collection of it. . . . I am now selling my products. . . ."

Those are the first lines of an electronic message sent about two weeks ago to thousands of Internet users around the world, including at least 100 local residents.

The message then detailed how to buy graphic pictures, videos and audio tapes depicting children engaging in sexual acts, complete with a price list, and an invitation to use checks and credit cards for purchases. It was even signed by a man who listed his address as apartment in Jackson Heights, N. Y.

It appeared to originate from two accounts at America Online, which were promptly terminated, according to the online service.

"Unfortunately, this was after a number of messages made their way to the Internet," wrote David B. O'Donnell, AOL's postmaster, in a discussion group.

AOL spokesman Andrew Graziani was at a loss to explain how someone could have used its network to launch a mass mailing. The service has been waging a legal battle against companies that flood its own users with unsolicited e-mail, and recently implemented a measure that disposes of e-mail sent to its users coming from particular sources.

The FBI has been investigating the child-porn message incident, but early on, it issued a statement that confirmed what many Internet users had suspected: The message was a prank rather than a real attempt at selling child pornography.

After all, how many child pornographers sign their name and address to a message and then send it to thousands across the U.S. and around the world?

FBI spokesman Joseph Valiquette, an agent in the agency's Manhattan office, wouldn't say whether the agency had any suspects. In fact, it's unclear whether or not transmitting the message was a crime.

"That's what we're talking to the U.S. Attorney's Office about," he said.

Offended and upset

Crime or not, the message came as a shock and surprise to the unlucky recipients.

". . . It offends and upsets me personally because I was a victim of child sexual abuse," wrote Vickie Mapes, a Chicago resident, in a message she posted in a discussion group about abuses of the Internet. She said she received the message twice. "I'm appalled to have something like this stinking up my mail box."

A number of Rhode Islanders also received the message, including at least 100 customers and staff members of InteliCom Data Systems, an East Greenwich-based Internet provider.

One IDS user said he got two copies of the message as well, and tried to report it by going to various child-abuse sites and the FBI site, but couldn't find a way to do so while on line.

Bob Fayne, IDS's network systems administrator, said that about a dozen customers complained, which prompted the company to post a bulletin about the incident on its World Wide Web site.

"On Monday, October 23rd, a large number of IDS subscribers and staff received a particularly annoying email message from an account at AOL that advertised child pornography," the bulletin began.

Many who received the message wondered about its claim that they were somehow on a list of e-mail address that "fit this category." IDS tried to allay those fears.

"This is simply not true," said the bulletin. "It was very obvious from the list of known recipients that it was simply a list of people who had posted an article in a Usenet newsgroup."

IDS said they immediately contacted AOL.

Growing problem

The child porn message is a bizarre example of what's becoming a growing problem on the Internet: unsolicited e-mail. Such mass mailings, which are called "spams" in Internet jargon, are frowned upon by most Internet users.

"It is getting worse," said Fayne, postmaster of IDS's mail system. Many of the mailings are coming from sophisticated users who do their best to hide their identity.

"Addresses are being forged, and even machine names are being changed to make the mail look like it's coming from somewhere else," said Fayne.

That's the kind of message Irwin Nozick of Portsmouth got recently, which advertised a phone number for a party line service and another that puts you through to a psychic.

He sent back a note saying he wasn't interested, but his message was returned to him because the return address was invalid.

Jeff Thompson, who is the vice president of operations for Edgenet, another Rhode Island Internet service provider, warned of another mass mailing going around the Internet that may cost unwary victims a lot of money.

"I am writing to give you a final 24hrs to settle your outstanding account," the brief message warns. "If I have not received the settlement in full, I will commence legal proceedings without further delay. If you would like to discuss this matter to avoid court action, call Mike Murray at Global Communications."

Thompson said the message is a scam. It gives a phone number in the 809 area code, which covers the Caribbean. By calling that number users reportedly get charged $25 a minute, he said. (To read more about this scam, see the ScamBusters Web site at http://www2.scambusters.com/scambusters/alert.html.)

Fayne of IDS said it's difficult to stop people from spamming the Internet. Internet service providers usually have policies against it, and often terminate the accounts of those who violate such rules.

But with so many Internet providers available, its easy to move on to another one and continue the practice.

How to report it

If you are getting a lot of unsolicited e-mail, forward your message to the person responsible for mail at your Internet service provider. You can usually do so by sending it to postmaster@yourISP, substituting "yourISP" with the domain name of your Internet provider.

If you suspect the solicitation is a scam, forward the message to the National Fraud Information Center at nfic@internetmci.com. The organization says it will notify the Federal Trade Commission and the appropriate attorney general's office. It's web site is at http://www.fraud.org.

Contact phone numbers for the FBI's field offices is at http://www.fbi.gov/fo.htm. A handful of the offices have their own Web sites and e-mail addresses which can be found there too.

Macarena spoof

A local software company has made a hit with its latest program called the "Hey! Macaroni!" screen saver, a spoof on the recent Macarena craze.

Rhode Island Soft Systems of Woonsocket, offers the program for free through its Web site at http://www.risoftsystems.com .

More than 250,000 people have downloaded the program, according to the company's chief executive officer, Eric Robichaud. It features a group of pasta shells with arms and legs which dance the Macarena, the dance made famous at the Democratic National Convention.

Robichaud said he is one of the back-up singers in the screen saver's "wacky" music track. You can reach RISS at 767-3106, or send e-mail to info@risoftsystems.com.

Computer calendar

Nov. 20 -- Southern New England Network Users Group (SneNUG) will meet from 4:30 to 6:30 p.m. at CORE Business Technologies, 2224 Pawtucket Ave., East Providence. The group was formed to share information between network users and administrators and is affiliated with NetWare Users International (http://www.nuinet.com). For more information, call Dave Butler at 431-0700, or send e-mail to simple@ids.net .

Timothy C. Barmann is a Journal-Bulletin staff writer. His column runs every other Sunday on the On Line page. Send him comments via e-mail at tim@cybertalk.com or U.S. mail, c/o the Journal-Bulletin, 75 Fountain St., Providence, R.I. 02902.