PDA

View Full Version : Internet Fraud!



Flick
07-13-2002, 09:30 PM
Hi folks! I've been on the "net" for many years now and I know most (if not all) of the scams that lurk around the corner. I have always been careful to use a good anti-virus and firewall. I also reserve my "real" email address for close friends, the Pope and other trusted people and use various "throw away" addresses for most Internet contacts. Over the years, I have heard of the "Nigerian Letter" scam but I never got one, until last night! O joy! And the message came to my "private" (super secret bat cave like) email address. So, I thought, what do I do now? I contacted the Internet Fraud Complaint Center (IFCC) and forwarded the email to them. I'll let you know what (if anything) I hear back from them. Check out this link:

http://www1.ifccfbi.gov/index.asp

jabarnutcase
07-14-2002, 07:34 AM
Interesting link Flick!

Stuck that one in my "Favorites" (For now) :D

mjc
07-16-2002, 12:57 PM
A lot of spam coming into non-disclosed email addresses is the result of the dictionary approach...the spammer starts with a list of names and then uses a program to add some extra characters/numbers then tacks on a domain.

Looks something like this:

john@example.com
john1@example.com
john2@example.com
johna@example.com

The better ones BCC the emails, the not so good ones just CC and you will see a long list of names besides yours that the filth gets sent too. If this is the only one to this account then as long as you don't reply to it, you should be ok (the reply confirms the address is a "live" one).

Paul Komski
07-16-2002, 01:58 PM
Like Flick, I use a variety of eMail addresses, including 10 "virtual" ones that I can change from my Domain Forwarding Server. I too eventually got two of the Nigerian ones, (different context but the same idea), sent to two different eMail addresses of mine, a few seconds apart. One was to me and the other was to my farm-manager (also me!) LOL. :D

"My esteemed and gracious friend who has been highly recommended to me....etc etc". :mad:

But this gave away the source as being from two eMail hyperlinks on my website - since no-one had ever used one of them. So it must have been spambots that crawled their way there on a harvesting mission. Luckily it was easy to just go and change the addresses to new ones and if the originals were by then on any database, any more spam would be bounced.

Now I only use submit forms to send mail to me so that the mail URIs are never shown in the HTML or else include a "nospam_" addition to the address with a notice to users to remove it before sending. ;)

mjc
07-16-2002, 02:35 PM
Another nifty little trick I recently learned about was to make the email address into an image (jpg, gif, png...transparent gifs work quite nicely) and use the image as the link...does basically the same thing as your forms submit, Paul, but the person reading the page has an address they can write down or print. Spambots ignore pics, for obvious reasons....:D

Paul Komski
07-16-2002, 02:59 PM
.. and use the image as the link...[/B]

Wouldn't the bots just get the addy from the HTML tag though??


(a href="mailto:aa@bb.com"><img src="images/farmpic.jpg" width="48" height="60")(/a)

..or do you just mean a pic of the text??

Paul Komski
07-16-2002, 03:14 PM
LOLOL :D :D Don't know what's going on with the code above but when I went to edit my "[/b]" the whole message was outside the edit box!!

I had tried the code inside code-tags first and the whole post then disappeared when trying to view it! Substituted carets for round brackets and then can't get back in. :confused:

mjc
07-16-2002, 04:03 PM
My favourite way to get round the problem without inconveniencing users who you want to mail you, is to use a conventional "mailto:" tag, but to cast one or more characters in the actual email address using an escape sequence; for example, if your mail address contains the letter "M", you don't put the letter "M" in the address, you replace it with the "casted" escape sequence &#.77;. (or whatever other ASCII character you feel like changing).

The actual HTML used might then look like:

(A HREF="mailto:armadillo@&#_77;oo.com")Click Here to Mail Me!(A) (with the "click here" being the gif and no space...)

Now, when a genuine user clicks on this, the majority of decent mailer-programs will pick it up correctly and replace the &#_77; with the letter "M" in the desired way. Spambots, however, will get the fiddled ASCII string with the embedded cast-sequence in it, which will hopefully cause them all sorts of nasty problems when they try to mail to it.
Note that if you are using this method, Do not put your actual email address as the "user-displayed text" part of the HREF. if you do, it could still get scraped by spammers' webcrawlerbots!


and a few other tips..... http://www.canismajor.demon.co.uk/antispam/poison.htm

Paul Komski
07-16-2002, 05:00 PM
I like it. You seem to have so many tricks up your sleeve that youmust be in the Magician's circle :D

More things to play with! .. perhaps the whole address encoded with ASCI reference numbers!!

mjc
07-16-2002, 05:19 PM
If that won't give spambots fits.....hehe...:D

Paul Komski
07-16-2002, 08:21 PM
Only just read right through your link mjc. The javascript example is a neat way to go for non-cgi/perl WebHosts and could easily be modified to concatenate two or three components. I suppost the thing is to just try and stay one-step ahead of the game. All these ideas will work with some success until everyone is using them; then the bots will just be made more elaborate. Right now there's too much easy meat out there for them.

As for including the +++ATH0 sequence in a munged hyperlink; now that did make me laugh; fantastic if it was successful - but I have my doubts - too easy to watch-out for sadly. :) ;)

mjc
07-17-2002, 01:47 AM
I'm sure it would catch at least 1 or 2...:D

sorry, Flick for taking over your thread....

Flick
07-17-2002, 09:44 PM
I'm learning a lot in this thread. You guys can "take it over" anytime you wish. Also, I did get a reply from the IFCC. It was a form letter telling me that the information I provided would be forwarded to the appropriate international, national and local crime fighters. I was advised to save all material in the original format both on disk and on paper. They also said that I might be contacted by law enforcement investigators at a later date, pointing out that they get hundreds of complaints every day and that not all complaints trigger an investigation. So, although I don't really expect anything to come from it (in that I suffered no loss) I'll hang onto the information for awhile just in case.