Weekly analysis – 20th February 2010 to 27th February 2010

No Comments

MillerSmiles provides its weekly phishing analysis for the week of 20th February 2010 to 27th February 2010

Originally posted here:
Weekly analysis – 20th February 2010 to 27th February 2010


Weekly analysis – 16th January 2010 to 23rd January 2010

No Comments

MillerSmiles provides its weekly phishing analysis for the week of 16th January 2010 to 23rd January 2010

Read more:
Weekly analysis – 16th January 2010 to 23rd January 2010


CONGRATULATION! / Winning Notification!!! / Payment Notification / Re: STATUTORY ANOMALIES ON YOUR FUND TRANSFER

No Comments

To anyone who’s been investigating spam, or even vaguely following the transformation of illegal spam over the years, the concept of the Nigerian scam seems ludicrous and pathetic. It seems impossible that anybody would NOT know about this scam in this day and age. (They’ve been received by millions starting in around 2002. How people could not be aware of this scam is beyond me.)

I’m not going to describe what this scam is because there are already thousands of places which do so very effectively. Google the term “Nigerian scam” or “419 scam” and read any of the results you get back.

Numerous websites engage in the “baiting” of the criminals behind these scam messages, often keeping them on the hook for months at a time, wasting considerable time and energy. I highly recommend reading any of the baits going on as we speak on TheScamBaiter.com. If you don’t know what a Nigerian scam is, read the “recommended reading” in the postscript. (And tell your friends. More people need to be made aware of how this scam works.)

Since the freezing of SanCash a month ago (which appears to have not slowed them down any, more on that in a subsequent post) my spam intake initially slowed to a crawl across numerous accounts I monitor. Then suddenly all I was seeing was one or another variety of lottery, inheritance or other money exchange scams. They’ve been abusing every free mail system on the Internet, and I and several colleagues have had numerous successes in getting their email addresses shut down quite rapidly.

However it isn’t stopping the influx of spam, and it’s now to the point where I am seeing several dozen such emails every single day, often with four to six of them received within the same hour.

Ignoring for the moment the utter stupidity of whoever is mailing this (how could you possibly think anyone would be fooled when they’re told they’ve simultaneously “won” 12 “lotteries” within the same day?), or the effectiveness of these scams, this type of influx in illegal cheque fraud attempts raises numerous questions about how to report this spam, not all of which is very straightforward at all.

Of course, there is no “lottery”. I have not “won”. There is no “inheritance”. It’s a scam to get me to send money for any number of “fees” which must be paid first to ensure the money makes its way to my account. It’s illegal, and it’s most commonly known as check fraud.

Prior to October 2008, reporting abuse of any freemail system was a straightforward affair. Each company has their own contact addresses or abuse processing forms. But you would be surprised at just how ineffective each of these can be when trying to report these abuses, something that takes a bit of extra effort to do in the first place.

I’ll itemize the current state of abuse reporting and my experiences with each. I would also like to put out an open call to the abuse teams of Yahoo, Hotmail and Gmail with regards to how to make this abuse reporting process more seamless and effortless for the average user, most of whom have absolutely no idea how to report this abuse to your teams. Further: Hotmail – seriously – wtf? Your abuse team is now among the absolute worst I have ever dealt with. We’ll see why in a second.


Gmail has arguably the very best method of reporting, and given that they’re very much aware of what this scam entails, they are really, really fast at investigating and shutting down offending accounts.

Where to report it: Their abuse reporting form is located here. Make a point of outlining what kind of scam this is. If it’s one of those “you have won” messages, that’s cheque fraud (aka: Nigerian fraud, “419″ fraud.) If it’s a “work from home” message, that’s money laundering. Make a point of outlining that this is illegal, and abuses their terms of service.

Expected response: Automated single email with a ticket ID. States they are looking into it. Often this is the only response you’ll get from Gmail, but guaranteed you’ll never see another spam using that Gmail account as the response address.


Yahoo also has an abuse form, but their responses lately lead me to believe that, honestly, that entire abuse team is asleep at the wheel.

After months of successful reports throughout 2008, I suddenly noticed that whoever it is that responds to these abuse reports doesn’t really read the reports at all.

Anyone reporting any kind of spam knows that the headers are usually 99% forged. Yahoo apparently focuses solely on the headers, and if they determine that the message wasn’t sent using Yahoo mail, they’ll conclude that there’s nothing wrong with the account, even if the message body says “I want to steal your money and kill your family, so email me at myillegalaccount@yahoo.com”. They will, almost to a person, completely ignore the message body and the complaint. This HAS to change. This is not 1999 anymore. This scam should be extremely well-known to every free-mail provider on the planet. I spend more time explaining this scam to abuse handlers than should ever be necessary.

Where to report it: The Yahoo abuse form is located here. As mentioned above, you really have to spell out not only that this is illegal, you have to try to get their attention that the headers are not necessarily how to tell that Yahoo’s mail service is being abused.

Expected response: Automated single email with a ticket ID, followed anywhere from 2 to 6 days later with a followup as to what their conclusion was. If that conclusion is “we saw that Yahoo was not used to send this message”, you have to reply to that message and clarify that 1) they need to learn how to handle a nigerian fraud message and 2) They need to look beyond the headers.

Why this is the case now is baffling. Yahoo: clean up your act!


AOL is quite long-in-the-tooth at handling abuse requests – which isn’t surprising, since they originated a lot of the filtering and other abuse processes we now all take for granted. They appear to have a decent, if slightly slow, abuse team. In light of recent successes in shutting down Gmail and Yahoo addresses, AOL is fast becoming the free-mail provider of choice for Nigerian scammers.

Where to report it: Send the entire message, including full headers, to: TOSEmail1@aol.com.

Expected response: Automated single email. I often don’t hear anything else after that, but I also don’t appear to receive any further messages sporting the offending address.

Sify.com Email

I know what you’re thinking: Sify.com??

Sify is the Indian equivalent of Hotmail or Yahoo mail. It’s an independent portal located in Mumbai. Over the past year I have seen a shift from Gmail and Yahoo to Sify, which indicates there have been enough successful shutdowns that now they’re really looking for any free-mail port in a storm. Sify has an abuse reporting address, but, as far as I can tell, no defined abuse process.

Where to report it: Send the entire message, including full headers, to: customercare@sify.com.

Expected response: [crickets...] I’ve never received any response from Sify mail. It’s really sporadic when I do see an inbound scam message featuring a sify.com address.


Here’s where I begin to lose my mind, and I’d have to say at this point that Hotmail effectively has no abuse reporting process for this type of scam, or indeed for any abuse of Hotmail involved with spam.

For years I was reporting these scams to abuse@hotmail.com, but then last year they introduced report_spam@hotmail.com. Reports sent to that address went unanswered, but then in June would send an automated message claiming that I should instead report the abuse to abuse@hotmail.com. (Huh?)

I later discovered that MSN also has the same two addresses, so I began reporting every such abused address to all four:


That resulted in four of the same automated messages, but it did finally also result in a followup message stating that the account had been terminated.

Starting in October 2008, however, all messages reporting abuse sent to those four addresses were all bounced. The reason?

They contained content which appeared to be spam.

Honestly: Hotmail abuse team – HOW do we report this abuse to you? If anyone at Hotmail abuse is reading this, I would very much appreciate you responding by posting a comment here (I won’t publish it if you want to just reach me directly.) This has GOT to change.

Hotmail and MSN Live Spaces are, as we speak, essentially owned by criminals. The only sites I am ever referred to on MSN live spaces featured content which has been automatically generated for use in spam campaigns, by “users” who have clearly also been created via some automated means.

If anyone at Hotmail / MSN abuse is reading this: we as angry recipients of illegal spam would like an explanation. You’re clearly falling way, way behind in handling this type of abuse, and it’s leading to many people being scammed out of their life savings. What gives?

In closing, here’s the recent tally of my “lottery winnings” from just this past Friday (Nov. 15, 2008) and today (Nov. 17, 2008)

  • $1.500,000.00 in cash [Apparently waiting for me in a package being held at the FEDEX DELIVERY COURIER COMPANY.]
  • Six million US Dollars [Waiting to be invested "into profitable areas of business in your country"]
  • US$2,500, 000.00 [My prize from the SOUTH AFRICA WORLD CUP LOTTERY 2010 Sweepstake Award Promo]
  • a cash prize of One Million British Pounds [£1, 000,000.00] [from the South Africa FIFA 2010 World Cup Organizing Lottery Promotion - I won twice?!?! In one day?!?!]
  • $4.2Million USD [from the nondesript CONTRACT AWARD COMMITTEE]
  • USD18M {EIGHTEEN MILLION UNITED STATES DOLLARS} [an inheritance from the death of one "MR.TONY.RAYMOND"]
  • £850,000,00 POUNDS (Eight Hundred And Fifty Thousand Pounds Sterling) [THE CASINO-WEB LOTTERY PROMO]
  • US$ 2Million (TWO MILLION UNITED STATES DOLLARS) [International Human Rights Organization (IHRO) in Nigeria, West Africa]
  • US$3,600,000.00 [UN Fund recovery Committee]
  • £1.500,000 GBP (One million five hundred thousand) Pound Sterling [Online Sweepstakes® I.P Award Department.]
  • US$3,600,000.00 [CCH & Securities (Advancing Payment Solution WorldWide)]

Grand total as of this writing (in USD): $55,925,912.79

If I wait two more hours I guarantee I will win at the bare minimum another million dollars USD. The best part is: it looks like everyone’s a winner (they are always sent to “multiple recipients”, never just to me.) Let’s buy each other a drink shall we?

I’ll see about including a tally widget on the sideline of this blog. Any wagers that I “win” a billion dollars by Xmas?

Don’t believe these stupid, pathetic and desperate messages.

SiL / IKS / concerned citizen

P.S. Recommended reading:

Nigeria cracks down on e-mail scams
The ‘yahoo-yahoo boys’ who are behind the country’s infamous export have few job prospects.

Wikipedia: Advance-Fee Fraud

FOXNews.com: Oregon Woman Loses $400,000 to Nigerian E-Mail Scam

See more here:
CONGRATULATION! / Winning Notification!!! / Payment Notification / Re: STATUTORY ANOMALIES ON YOUR FUND TRANSFER


Yahoo sues lottery spammers

No Comments

Yahoo has filed a lawsuit against an unknown group of defendants it says masqueraded as Yahoo, sending emails claiming recipients had won prizes and instructing them to click on a link or forward personal information to a “Yahoo lottery coordinator” to get their prize.

“At times, recipients were instructed to contact another party to arrange for the prize payment, Yahoo said in the filing, and this other party would charge them ‘hundreds of dollars in various processing and mailing charges in order to complete the payment process’,” says Associated Press, going on:

“Such ‘phishing’ scams are meant to trick consumers into sharing financial information.”

Yahoo doesn’t know who the defendants are, but believes information, “acquired during a discovery period from third-party e-mail service companies will lead to their identification” will identify them.

Several days before Yahoo filed its suit, a federal judge ordered a notorious ‘Spam King’ and his partner to pay MySpace about $230 million in damages, says AP, adding:

“Service providers have a hard time collecting such awards, though, as it is often hard to track down defendants.”

.Add to Technorati Favorites .

Excerpt from:
Yahoo sues lottery spammers


Payment fraud rife in Europe

No Comments

Crime involving electronic payment fraud is still rife and is undermining citizens’ confidence in buying and selling online, says the European Commission.

Its report on fraud and countermeasures taken between 2004 and 2007 shows even though the number of discovered cases is a small minority of the overall number of transactions using new payment services,  “they undermine the general level of confidence among citizens in the European Union,” says PC World, going on:

“In addition, electronic payment fraud is increasingly moving to non-face-to-face situations such as Internet payments, the report said.”

EU legislators have tried to tackle the issue with a payment services directive, and a money laundering directive, says the story, adding:

“The money laundering law includes a ‘know your customer’ rule for electronic transactions, but the Commission now believes more work is needed to raise citizens’ awareness of the dangers.”

SlashdotSlashdot it!

See more here:
Payment fraud rife in Europe


Bird Flu – The Complete Survival Guide.

Comments Off

Simple, concise, easy to read. Written by a Biology teacher. Lists natural foods effective against the virus and more!

Go here to see the original:
Bird Flu – The Complete Survival Guide.


Serious SunGard student security breach

No Comments

At least 18 US colleges are, “scrambling to inform tens of thousands of students they are at risk of having their identities stolen after SunGard, a leading software vendor, reported that a laptop owned by one of its consultants was stolen,” says the Chronicle of Higher Education.

The full extent of the problem is still unknown, “though many of the campuses that have been identified are in Connecticut and New York,” says the story, going on:

The laptop contained students’ names and Social Security numbers. In some cases, the exposed data also included financial aid information, e-mail addresses, birth dates, and driver-identification numbers.

Now college officials are accusing SunGard of waiting too long – about one month – to inform them of the security breach. The Connecticut attorney general has opened an inquiry into the incident. And there are widespread concerns that SunGard may not be adequately protecting college data.

SunGard Higher Education, the division of the company that employed the consultant, said it found out on March 13 that the laptop was stolen. Colleges said they weren’t told of the theft until the second week of April. A spokeswoman for the company, Laura Kvinge, said that was not an undue delay, noting that the company needed to analyze backup data to determine the affected colleges before alerting them.

SunGard now has a web page 24-hour toll-free phone number , and has also offered to pay for one year of credit monitoring for affected students, but that’s not good enough for Connecticut attorney general Richard Blumenthal.

“We are extremely troubled by the delay in alerting us about the breach in security,” he told the Chronicle.

“SunGard waited about a month, which is inexcusable.”

Kvinge said the company is stepping up its policies and procedures for securing data in the wake of the incident, and has, “offered to reimburse many campuses for their costs in verifying which students were affected by the breach, and notifying them of the security lapse,” the story adds.

SlashdotSlashdot it!

View original post here:
Serious SunGard student security breach