RE: Re[2]: Distressing, possibly life threatening emails from fre e accou nts (yahoo, hotmail

["Robinson, Sonja" <SRobinson () HIPUSA com>]

The sender did not indicate that this was spam or otherwise innocous e-mail,
chain mail, etc.   The sender indicated "possible life threatening" which is
extermely serious.

I realise that you can't always trace someone but most of the time you can
and most users are not savy enough to go through a number of chain proxies,
etc.   Not that its impossible, it is unlikely inmost cases.  But first
steps should be as indicated and if you can't traceback then atleast you can
bring what you have to LEO.  Most Local PD's don't have the expertise or
people to perform trace and if you can do most of it then it is helpful for
them - it cuts down on time.  In additon, 99% of e-mails can't be traced
because the user never saved the headers for LE.  If headers are not saved
then you have no hope.  I also have a number of contacts for local pd's and
I can get the victim in touch with those who can help. Part of my job is
digital forensics and investigations.  I would rather have a report now and
potentially be able to help now then to have a physical crime scene later if
the person was assualted or worse. 

I suggest that it is better to try to trace then to do nothing at all.  If
it sufficient for someone to write that they are receiving possibly life
thrreatening e-mail then it is our duty to try to help them with advice that
will help fund the culprit and hopefully protect thembby advising LEO.

Sonja Robinson, CISA
Network Security Analyst
HIP Health Plans
Office:  212-806-4125
Pager: 8884238615

[snip]
You see, if the "terrorist" is smart enough, there is no way to detect
his identity. If the attacker will use a chain of proxies and will
combine the letter via Telnet-session, even the log-files of mail
server will not help you in any way.

-- 
Best regards,
 Street                            mailto:streetseeker () mail ru


**********************************************************************
This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or 
others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby 
notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have 
received this communication in error, please notify the sender of the error immediately, do not read or use the 
communication in any manner, destroy all copies, and delete it from your system if the communication was sent via 
email. 




**********************************************************************


---------------------------------------------------------------------------
----------------------------------------------------------------------------