Email Scams

Scamdex Data used in Research – if only they’d asked!

So a routine search turned up a little Research Paper from the University of Nebraska in Omaha.

Trends in Phishing Attacks: Suggestions for Future Research (2011) | Ryan M. Schuetzler | University of Nebraska at Omaha, rschuetzler@unomaha.edu

While I’m flattered by being used as a creditable source, I am upset that they:

  1. Used the Scamdex Email Archive without permission.
  2. Did not contact Scamdex to get permission.
  3. Used ‘Screen Scraping’ tools to (in their words)

    …To obtain a corpus of phishing emails, we scraped 2709 emails from Scamdex.com (“Email Scam, Internet Fraud, IdentityTheft & Phishing Resource,” n.d.). This corpus contained emails over a 3-year period from November 2006 to June 2009.These emails were submitted to Scamdex by recipients of phishing attacks..

  4. Did not credit Scamdex in their references.

The legality of screen-scraping, a term used for software tools that extensively mine or extract information or complete contents of a website, is debatable – Generally speaking, if commercial use is made of the result then it gets a bit tricky, but for research purposes a lot more latitude is generally given. The Electronic Frontier Foundation has a good one-pager on Fair Use.

If asked, Scamdex would have been completely happy to collaborate. We do ask (nicely) that …

“Any derived content from the Scamdex.com website must clearly show attribution to Scamdex.com as the source and must include a link to the original information”. –http://www.scamdex.com/About-Scamdex.php#use

Scamdex is happy to be used as a research tool, but in future – ask first, then make sure it is credited – is that too much to ask for?

$22M in UN Bribe Money to dispose of…… (immoral) suckers wanted

 

Return-path: <HarryJantaman@un.org>
Delivery-date: Tue, 23 Sep 2008 13:55:08 -0700
(envelope-from <HarryJantaman@un.org>)
id 1KiEua-0001DI-Em
Received: from smtp-out.orange.net (smtp59.orange.fr [80.12.242.30])
X-ME-UUID: 20080923205501279.4453E6C00180@mwinf5902.orange.net
Reply-To: <“harryj@e-mile.co.uk, jan_harry”@un-aaid.org>
From: “H. Jantamanta” <HarryJantaman@un.org>
Subject: [Bulk?]From Harry & Partners
Message-Id: <20080923205501.4453E6C00180@mwinf5902.orange.net>

From: Harry Jantamanta
3 Whitehall Court, London,
SW1A 2EL London
Private Mobile: 44 704 576 2068

My name is Harry Jantamanta, UN humanitarian abuse reporter here in UN Independent Station United Kingdom.  I got your contact through cross border business information centre situated here in London as an online investor.

On behalf of my partners, I seek your assistance to accommodate and invest for us the sum of USD22.6M. The money in question is sourced to us by a particular head of states as a gesture for appreciation of a good work rendered to their country, but In line with the moral principal of our services, we are not required to accept gift of any kind nor own more than 10,000 USD in our respective bank account, hence our plea to be represented by a trust worthy person to accommodate and invest the sum for us. 

Please note that this request is not a hoax.

We count on your ability to accommodate and invest the funds for us until we are able to process our resignation successfully. 

If you are interested please provide me with the following in return email:

YOUR NAME IN FULL
YOUR OFFICE OR RESIDENTIAL ADDRESS
TEL AND FAX NUMBER 

As soon as I hear from you, further details regarding the transaction will be unveiled to you.

I look forward for your urgent response.

PhishTank.com – Anti Phishing Website that Gets Results!

PhishTank.com – Anti Phishing Website!

Here’s the thing – from now on, ANY TIME you get an email that sends you to a PayPal/Bank of America/Google Adsense/eBay/your-bank-name site that you know is a scam site [that just wants your login/password/credit card/bank details] – immediately report it to PhishTank.com.

Image

They are the database that many browsers and security firewalls automatically use – within seconds, millions of people are protected!.  To see if YOUR browser/network is using this service, try this url picked at random from Phishtank’s database this morning – http://bloccatoinlinea.net/

I use Firefox mainly and for me, I get a nice message like this:

Firefox Warns about visiting a Phishing Site

Firefox Warns about visiting a Phishing Site

If you get ‘straight through’ without any warnings then you need to seriously consider upgrading your browser to FireFox 3 or even the spiffy new Google Chrome.

Is it worth the effort of reporting it?

Trust  me , this isn’t the same as sending an email to abuse@hotwebsites-r-us.cn and hoping that something will happen – this is the real deal – Your submission goes into the Phishing database, people are invited to check your submission and vote on it (for or against) and (assuming it’s approved) one more scam website is defeated!

Once you’ve done it once, you might like to signup and join the band of selfless individuals who monitor, verify and discuss these things (look out for ‘scamdex’!).

Good for your sense of moral outrage and good for the general public – help stamp out Phishing – go to Phishtank.com and sign up NOW!

Internet Crime down slightly, but not by much!

According to a report issued by the FBI in April (View report in full HERE), internet crimes decreased slightly in 2007 but still resulted in millions more dollars being lost to fraud.Chart showing complaints recieved by IC3

Internet crime complaints are primarily submitted to IC3 online at www.ic3.gov, although people without Internet access can submit information via telephone (or, presumbly, snail-mail!). After a complaint is filed with IC3, the information is reviewed, categorized, and referred to the appropriate law enforcement or regulatory agency.

From January 1, 2007 to December 31, 2007, there were 206,884 complaints filed online with IC3. This is a 0.3% decrease compared to 2006 when 207,492 complaints were received

Electronic mail (e-mail) (73.6%) and web pages (32.7%) were the two primary mechanisms by which the fraudulent contact took place.

Recent high activity scams commonly reported to the IC3 in 2007 were those involving pets, checks, spam, and online dating sites, all of which have proven effective as criminal devices in the hands of fraudsters.

Internet auction fraud and the nondelivery of goods purchased on the Internet accounted for almost 60 percent of the complaints that were received by the FBI and the National White Collar Crime Center.

Interesting, albeit depressing reading – shows that the public are becoming more aware of internet fraud, but that there are still plenty of suckers out there, still waiting for the box of gold from mrs Abacha!