Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.

2006-08-21

News: Stock spammers charged

The US Securities and Exchange Commission has charged a "recidivist securities law violator" and his wife with "orchestrating a fraud scheme to inflate the price of WebSky, Inc., a San Francisco-based penny stock company, using spam email." According to the press release, "the couple pocketed more than $1 million in proceeds as a result of the scam." It should come as no shock to discover that they haven't been entirely honest about things, both in the spam they used to promote the stock, and in their dealings generally. Thanks to The Register for bringing this to my attention. It's always nice to hear of a scammer facing justice.

2006-08-16

Meta: Blog Upgrade

A quick apology to anyone who was using the Atom feed of this site and just received a bunch of old posts as though they were new. This is a result of my cutting over the blog to an upgraded version that Google are now offering. Hopefully there won't be any other undesirable side-effects.

2006-08-05

Phone Scam: Your 1 True Love

This is a bit different for me, but this kind of practice peeves me no end. There is a site called "Your 1 True Love" which is apparently targeting Britons and Australians through a Google AdWords campaign. "Predict your one true love," says the ad. "Find your ideal soul mate predicted right down to the name." Obvious baloney, but a harmless bit of fun, right? Wrong: it's a nasty little trap for the unwary.

The page to which the ad links has a form for your name, your mobile phone number, and your date of birth. The button is a pretty graphic that says "YES, I wish to receive my soulmates name" with "and agree to the terms and conditions" in small print underneath. Mobile number? Terms and conditions? I can see where this is going: it's a premium rate SMS scam.

Digging a little deeper into the HTML source for the page, I see there's Javascript code to ensure that the mobile number entered follows the form of either a UK mobile number or an Australian mobile number. I also find a mention of the terms and conditions, but its hidden inside an HTML comment, so you can't see it at all unless you look at the source. The deactivated link goes to a poorly-formatted page which has the following text.

Terms and Conditions Of Service

Your 1 True Love is a subscription based mobile phone service, you must be at least 16 years of age or older and have the bill payers permission.

You will receive a prediction of your true love followed by love predictions. Cost is $5 per message with up to 15 predictions/messages sent to your phone per month.

You can stop subscription at any time by sending stop to 19999003. For full terms and conditions click here.

Note that the "click here" text in the above quote is not a link. I can't tell at this stage what that "19999003" number is about: numbers of that form (starting with "1") in the UK are "Access/Short code" numbers, and the same applies in Australia to the best of my knowledge. In the UK, however, the range starting with "199" is not yet allocated. I have no idea what the state of affairs is in Australia. The number could be completely bogus, I suppose.

Anyhow, this is fairly typical for a premium SMS scam: trick people into "signing up" for an indefinite supply of useless, expensive messages, then suck their phone account dry with it.

I'm not usually one to advocate vigilantism, but in this particular case I think turnabout is fair play: if you find a Google Ad for this particular crowd, be sure to click on it early and often, since they pay per click. Their assumption is that they can make the scam pay, so long as they get enough suckers to "sign up" by submitting their phone number on that form. Go ahead and give them a taste of their own.

The domain name in question is "your1truelove.com", and the registration for that domain is through "Domains by Proxy, Inc." -- for obvious reasons.