H
Helper
A. Here is what the malicious hackers are doing and how they are
using resources at your expense and others. Here is the starting
point which helped me to expose this million dollar loss to your
company. I decided to click on my canceled ISP's Newsgroup Server
name which was still listed in my browser. When I was asked for my
closed e-mail address/password, I just typed it in and "voila",
free News Server access. These Cable/Digital Subscriber Line (DSL)
showed closed accounts were still accessible. You are probably
wondering how I did this and why? I had called them to close my
account, then decided to verify that this had been done. It was
discovered I could still see my account and use it. Phone calls were
made to these Internet Service Providers and their representatives
informed me that it's impossible to remove the 10-20 free hours
provided with Cable/DSL dial-up accounts. A major company should have
the capability to shut this avenue down on closure of any account. I
was able to dial into my canceled Cable/DSL ISP accounts using my
canceled account information and use your services for free. The time
seemed like forever, with no end; Company revenue was given away for
free. All these Cable/DSL closed accounts are being used freely by
the general public, or malicious hackers, through dial-up access. Are
you aware of this? Don't you care about the x amount of dollars given
away daily? Let's say 50,000 general public, or malicious hackers
using these accounts daily for free. This is a loss of $24 a month
x's 50,000 = $1.2 million a month, x's this by 12 months = $14.4
million a year loss in company revenue which could be in your pocket.
Estimated the above by the amount of attacks our compromised computers
were receiving on a daily, weekly and monthly basis.
B. All ISP's listed below provide ten or more hours of free dial-up
access for their Cable/DSL customers. The main purpose for using
dial-up is to access your Internet Service Provider (ISP) remotely,
while traveling. Has your company done a study on the business
customers and time utilized? Company policies show that security is
not used in cases of closed accounts. ISP's tested showed that there
was no time limit of usage on canceled Cable/DSL accounts. Because of
this lacking security not only the general public and malicious
hackers are having a field day with your customers by using obsolete
accounts; which then identifies the previous owner as doing wrong.
Previous owners are unaware that the general public, or malicious
hackers, are using their old account information, and all vital
information that only the customer should know and have. It's a
free-for-all with the previous customer liable for any wrong doing.
C. All Cable/DSL customers both business and non-business, with
dial-up access are vulnerable to a number of hackers using this free
dial-up avenue. Since hackers already know the e-mail addresses and
passwords, they log into the ISP with real accounts and continue to
use this free avenue at your expense and your customers' expense.
I'm speaking to the companies who allow multiple connections using the
same e-mail address.
D. This is pertaining to e-mailing your company any information an
individual has about your Network possibly being hacked into, Open
Relays or any evidence in nature. Companies need to help their
technical staff understand how the SMB Relay Man-in-the-Middle (MITM)
works. On a compromised system, the SMB Relay MITM directs all e-mail
you send to the hackers Servers, instead of the intended address that
it is supposed to go to. So any pertinent information the victim were
to e-mail to your company, would never reach you. My suggestion is to
have a victim snail mail you a replication of the evidence. This
would be the only way you may ever receive any evidence, or
information.
Below is a list of Internet Service Providers who allow free dial-up
with their DSL accounts. Besides AT&T, which allowed free dial-up (at
the time), no other Cable companies were contacted. It wouldn't
surprise me if hackers could also abuse the below ISP canceled dial-up
accounts. If memory serves me correctly, Qwest bought out Earthlink
in 2001.
1. AOL Unlimited
2. Bellsouth 20 hours
3. Eschelor 500 min free then 5@ a min after
4. Pacific Bell Unlimited
5. Qwest 10-20 hours
6. SBC Unlimited
7. Sprint/Earthlink 20 hours
8. Verizon 20 hours
THE SECOND MILLION DOLLAR EXPOSURE:
When I had a Qwest Digital Subscriber Line DSL, (including 20 free
hours of dial-up) and AT&T Cable/ISP dial-up account, a compromised
computer was constantly having major problems while online. On
unlimited occasions then you could count, while the system was online,
it would freeze or lock-up. The only way to unlock it was to shut it
down via the power supply. On one occasion, Qwest billed me for
having two connections online, simultaneously and they charge a dollar
per hour when this occurs. I caught onto this really quick when the
bill arrived. When my MSN dial-up account was setup I spoke to them
regarding my problem with Qwest. An MSN tech representative advised
me that "I could connect to the Internet with an e-mail address as
many times as I liked, with no extra charges being billed."
Considering MSN allows a person to have nine e-mail addresses, I
thought this was a good deal. Due to my curious nature, another test
was about to begin. I decided to ask one of "The Trackers" if they
would connect to one of my eight e-mail addresses while I connected to
my main account e-mail address. I already had the answer to this
test, but to prove this to the world, the test was performed. While I
was online with my main email address, "The Tracker", being in another
state, was able to connect to the Internet using one of my other eight
e-mail addresses. "The Trackers" were then given the main account
e-mail address/password MSN provides. While I'm connected with one of
my other eight e-mail addresses, "The Trackers" were online using my
main e-mail address. This far, no bill has been sent for any extra
charges. None the less, I still would have paid bill.
Microsoft, you do the figures. Nine e-mails addresses which the
general public, or malicious hackers are abusing for free at $22 a
month = what? Don't forget, Microsoft, an individual can connect to
all nine email addresses as many times as their heart desires, plus
from any state. You're allowing thousands of people free Internet
access at a cost of probably millions per month of lost revenue.
Tracker
(e-mail address removed)
using resources at your expense and others. Here is the starting
point which helped me to expose this million dollar loss to your
company. I decided to click on my canceled ISP's Newsgroup Server
name which was still listed in my browser. When I was asked for my
closed e-mail address/password, I just typed it in and "voila",
free News Server access. These Cable/Digital Subscriber Line (DSL)
showed closed accounts were still accessible. You are probably
wondering how I did this and why? I had called them to close my
account, then decided to verify that this had been done. It was
discovered I could still see my account and use it. Phone calls were
made to these Internet Service Providers and their representatives
informed me that it's impossible to remove the 10-20 free hours
provided with Cable/DSL dial-up accounts. A major company should have
the capability to shut this avenue down on closure of any account. I
was able to dial into my canceled Cable/DSL ISP accounts using my
canceled account information and use your services for free. The time
seemed like forever, with no end; Company revenue was given away for
free. All these Cable/DSL closed accounts are being used freely by
the general public, or malicious hackers, through dial-up access. Are
you aware of this? Don't you care about the x amount of dollars given
away daily? Let's say 50,000 general public, or malicious hackers
using these accounts daily for free. This is a loss of $24 a month
x's 50,000 = $1.2 million a month, x's this by 12 months = $14.4
million a year loss in company revenue which could be in your pocket.
Estimated the above by the amount of attacks our compromised computers
were receiving on a daily, weekly and monthly basis.
B. All ISP's listed below provide ten or more hours of free dial-up
access for their Cable/DSL customers. The main purpose for using
dial-up is to access your Internet Service Provider (ISP) remotely,
while traveling. Has your company done a study on the business
customers and time utilized? Company policies show that security is
not used in cases of closed accounts. ISP's tested showed that there
was no time limit of usage on canceled Cable/DSL accounts. Because of
this lacking security not only the general public and malicious
hackers are having a field day with your customers by using obsolete
accounts; which then identifies the previous owner as doing wrong.
Previous owners are unaware that the general public, or malicious
hackers, are using their old account information, and all vital
information that only the customer should know and have. It's a
free-for-all with the previous customer liable for any wrong doing.
C. All Cable/DSL customers both business and non-business, with
dial-up access are vulnerable to a number of hackers using this free
dial-up avenue. Since hackers already know the e-mail addresses and
passwords, they log into the ISP with real accounts and continue to
use this free avenue at your expense and your customers' expense.
I'm speaking to the companies who allow multiple connections using the
same e-mail address.
D. This is pertaining to e-mailing your company any information an
individual has about your Network possibly being hacked into, Open
Relays or any evidence in nature. Companies need to help their
technical staff understand how the SMB Relay Man-in-the-Middle (MITM)
works. On a compromised system, the SMB Relay MITM directs all e-mail
you send to the hackers Servers, instead of the intended address that
it is supposed to go to. So any pertinent information the victim were
to e-mail to your company, would never reach you. My suggestion is to
have a victim snail mail you a replication of the evidence. This
would be the only way you may ever receive any evidence, or
information.
Below is a list of Internet Service Providers who allow free dial-up
with their DSL accounts. Besides AT&T, which allowed free dial-up (at
the time), no other Cable companies were contacted. It wouldn't
surprise me if hackers could also abuse the below ISP canceled dial-up
accounts. If memory serves me correctly, Qwest bought out Earthlink
in 2001.
1. AOL Unlimited
2. Bellsouth 20 hours
3. Eschelor 500 min free then 5@ a min after
4. Pacific Bell Unlimited
5. Qwest 10-20 hours
6. SBC Unlimited
7. Sprint/Earthlink 20 hours
8. Verizon 20 hours
THE SECOND MILLION DOLLAR EXPOSURE:
When I had a Qwest Digital Subscriber Line DSL, (including 20 free
hours of dial-up) and AT&T Cable/ISP dial-up account, a compromised
computer was constantly having major problems while online. On
unlimited occasions then you could count, while the system was online,
it would freeze or lock-up. The only way to unlock it was to shut it
down via the power supply. On one occasion, Qwest billed me for
having two connections online, simultaneously and they charge a dollar
per hour when this occurs. I caught onto this really quick when the
bill arrived. When my MSN dial-up account was setup I spoke to them
regarding my problem with Qwest. An MSN tech representative advised
me that "I could connect to the Internet with an e-mail address as
many times as I liked, with no extra charges being billed."
Considering MSN allows a person to have nine e-mail addresses, I
thought this was a good deal. Due to my curious nature, another test
was about to begin. I decided to ask one of "The Trackers" if they
would connect to one of my eight e-mail addresses while I connected to
my main account e-mail address. I already had the answer to this
test, but to prove this to the world, the test was performed. While I
was online with my main email address, "The Tracker", being in another
state, was able to connect to the Internet using one of my other eight
e-mail addresses. "The Trackers" were then given the main account
e-mail address/password MSN provides. While I'm connected with one of
my other eight e-mail addresses, "The Trackers" were online using my
main e-mail address. This far, no bill has been sent for any extra
charges. None the less, I still would have paid bill.
Microsoft, you do the figures. Nine e-mails addresses which the
general public, or malicious hackers are abusing for free at $22 a
month = what? Don't forget, Microsoft, an individual can connect to
all nine email addresses as many times as their heart desires, plus
from any state. You're allowing thousands of people free Internet
access at a cost of probably millions per month of lost revenue.
Tracker
(e-mail address removed)