Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.

2007-01-25

News: US County treasurer gets 419ed

Who falls for these outlandish tales of untold wealth endemic to the 419 scene? Sadly, it's sometimes people who are entrusted with the care of other people's money. Sophos is reporting that one Thomas Katona, treasurer of Alcona County, Michigan USA, for thirteen years, invested more than $1.2 million of county funds in Nigerian fraud scams. That's in addition to whatever of his personal wealth he poured down the 419 drain. He had been advised by bank officials that he was investing in fraudulent schemes, but denial is a powerful thing, it seems.

Sickening, isn't it? He's been charged with various counts of forgery and embezzlement, and can expect a sentence of ten years or more. It seems to me that imprisonment is counterproductive, though. There are probably lots of things that he can do to actively pay off his debt. Just make him an indentured servant of the county, pay him minimum wage, and get him to do work valued above that level of pay. The difference can go towards paying off the $1.2M he stole. For one thing, he can visit schools in his county and give the kids a lesson in "don't be an idiot sucker like me". Make some lemonade out of those lemons.

I can dream, can't I?

2007-01-21

Info: UK 070 numbers

Many lottery spam scams in particular use UK 070 prefix telephone numbers as a means of contact. These look like mobile numbers, but I've known for a while that they are actually "personal numbers" which the owner can redirect to anywhere. Thus, if you move around a lot, you can forward the number to new locations as you go.

What I didn't know was that you could obtain one of these numbers without being in the UK, and forward it to a number which is also outside the UK. Consequently, all those lottery scams which appear to be UK-based thanks to UK phone numbers aren't necessarily in the UK at all! Furthermore, the sign-up process can be done online, just like signing up for a free webmail address, so the scammers aren't even obliged to re-use the same number on their next scam. All in all, UK 070 numbers (starting with "+44 7" when expressed as an international number) tell us absolutely nothing about the location and identity of the party so contacted.

Thanks to Sophos for pointing this out.

2007-01-07

Info: Tempting prices might be bait

I'm seeing quite a few reports around of people finding really good offers on new equipment for sale online, but they don't know whether it's a scam or not. A search on the company in question reveals no feedback, good or bad, so is it a scam? In general, where there is no feedback, the safest assumption is "scam": scam artists have to change identities regularly, since their bad reputation starts to catch up with them after a while. If that in itself is not enough to convince you to play it safe, then let me explain a little about the business of organised crime.

One kind of organised crime is trade in stolen credit card details. A person who compromises a great online database of credit card details does not necessarily then go and use those details himself: it's probably easier for him to "cash out" directly at that point by selling them to someone else, perhaps in bundles of 100. The purchaser of that data buys with the intention of using the credit card details to commit fraud well in excess of the price paid. One such avenue is to purchase goods online, then sell them off at reduced prices before the fraud is noticed. It's a race against the clock: can the scammer "cash out" of the game before the fraud is noticed?

But having goods shipped directly to yourself is not such a great idea if you're a fraudster: it makes you too easy to trace, and too easy to detect the fraud up front. Nobody ships to Nigeria for that very reason. So what's a con artist to do? Answer: get middle-men involved. The more convoluted the process, the harder things are to trace, and the more difficult it is to spot the fraud. How convoluted can it get? Dizzyingly convoluted. Let me tell you a tale by way of illustration.

Sammy the Scammer has a pile of compromised credit card credentials, and he wants to cash them out (use them to make money). He sets up an online shop-front which can't be traced back to him, and offers some great prices on laptop computers. People won't trust him with their credit card details (just as well for them!), so he accepts payment through a reputable escrow agency. This has the benefit of giving him an air of legitimacy. Sammy has also contacted another person called Roger the Reshipper, and we'll find out about Roger's role shortly.

Meanwhile, Barry the Buyer decides he wants to purchase one of Sammy's laptops, given as how the prices are so tempting. Barry places his order, and puts the payment in escrow. Sammy now springs into action, ordering the same laptop from Honest Ed's Laptop Shop at a much higher price, using one of the compromised credit cards. Honest Ed is directed to ship the laptop to Roger the Reshipper, who lives in the same state as Honest Ed, so Honest Ed thinks this is a low risk sale: Roger is within reach of local law enforcement if there's a problem.

Meanwhile again, Roger has accepted a work-at-home job opportunity from Sammy the Scammer as a reshipper. His job involves accepting various packages, and forwarding them elsewhere. Sammy has been paying him for this work: Roger regularly collects his salary from the local Western Union office. Today Sammy tells Roger he will be receiving a laptop from Honest Ed, and he should reship it to Barry Buyer. Roger dutifully does his thing.

A little later, Barry the Buyer receives a perfectly good laptop computer, as per his order with Sammy Scammer. He's a little confused by the "Honest Ed" material in the box -- does Sammy trade as Ed, or what? Still, the goods are good, and Barry informs the escrow agency to clear the payment. Sammy receives the cash, and has succeeded in turning one compromised credit card into a cash payout. He forwards a small portion of the cash to Roger the Reshipper, since the police haven't put a stop to him yet, and he's a useful dupe to have around.

Eventually the fraud is detected. The credit card company reverses the payment, and Honest Ed is out of pocket. He reports the matter, and the law agencies start to note a lot of complaints pointing to Roger the Reshipper. Agents of the law take Roger into custody for a little questioning. Roger, anxious to prove that he's not a bad person, hands over all the details he can find about where he's been sending what. Barry the Buyer is among those implicated. Roger and Barry could be charged with receiving stolen goods, or similar.

Sammy the scammer, on the other hand, has long since shut down the old online shop, started a new one, and recruited a new mule or two. He's off scott free, because he can't be traced. Any time he needs to do something which could be traced, he hires a middle man to take the risk for him, like Roger.

Does this sort of thing really happen? Hell yeah. There's big money to be made in ripping people off, so long as you don't mind being an evil scumbag.

So how do you prevent yourself from becoming a Barry? Well, like I said: be sure that you're dealing with a company that has an established history and positive feedback. It's really hard to know whether goods are stolen or not, under the circumstances. And bear in mind that super-cheap prices are probably bait in a trap.

2007-01-05

Info: Impex Consult and Their Annoying Spam

Hi everyone, and a happy new year to you all. The new year has kicked off with the Impex Consult job scam crowd shifting tactics a little. Whereas I've previously been getting spammed by them (and their predecessor identities) at old addresses, I'm no longer seeing much of that activity. That's not to say that they've slowed down the spam: on the contrary, I've received a lot of Impex spam over the past few days -- around seven a day. It's just that it's now sent to my blog contact address rather than my old spamtrap addresses.

Anyhow, the shift seems to have attracted a lot of new people to my blog to see what the heck all this Impex spam is about, and one of the most frequently asked questions is "can I make it stop?" Well, there are two ways to stop spam: one is to get the senders to stop spamming, and the other is to prevent it from being delivered. In this case, the senders are a pack of evil scamming fiends who regard you in a manner similar to the way a wolf regards a sheep, so asking them to stop is probably not going to work. That leaves us with the "dodge delivery" approach.

The absolute best way to solve your spam problem is to retire your old email address and start with something new and unique. There's effort involved, since you have to inform people about your new address, but you can phase it in slowly. Eventually the new address will be discovered by spammers through various kinds of leakage, and you'll have to go through the same change again. That's the price spammers make us pay, sadly.

It's not all doom and gloom, though. If you're a Gmail user like me, then all your Impex spam is already landing in the "spam" folder. I only know about it because I study my spam folder in my capacity as a deception spotter. If you are a Gmail user and can't stand the Impex junk even in your "spam" folder, then you can create a filter to delete it automatically. Just click on "create a filter", put "Impex Consult" in the field marked "From:", check the box marked "Has attachment", and click on "Next Step". In the next step, check the box marked "delete it", then click on "Create Filter". This will send all incoming Impex spam directly to the deleted items folder -- until such time as they change their name or stop sending the spam as image attachments, at least.