Scammin' ain't easy



  • In an age where online scams are so numerous and public awareness is greater than, say, 10 years ago, , you really gotta try hard to make a convincing scam e-mail.
    From the crudely written, grammar-mistake filled and implausible "accound confirmation" hotmail scams, we can now "boast" full-fledged fake bank websites and logon
    screens that look just like the real thing.



  • @C4I_Officer said:

    In an age where online scams are so numerous and public awareness is greater than, say, 10 years ago, , you really gotta try hard to make a convincing scam e-mail.
    From the crudely written, grammar-mistake filled and implausible "accound confirmation" hotmail scams, we can now "boast" full-fledged fake bank websites and logon
    screens that look just like the real thing.

    And...?



  •  I think TRWTF is people actually believing anyone in India has a million dollars.



  •  Toughest job in the world right now?  A legitimate venture capitalist in Nigeria.  No matter how many prospects you contact, nobody wants to take your money.



  •  @da Doctah said:

     Toughest job in the world right now?  A legitimate venture capitalist in Nigeria.  No matter how many prospects you contact, nobody wants to take your money.

    I disagree. Thoughest job in the world would be the email administrator of a Viagra manufacturer.



  • @da Doctah said:

     Toughest job in the world right now?  A legitimate venture capitalist in Nigeria.  No matter how many prospects you contact, nobody wants to take your money.

    Sure they do! Just contact the clueless people!

    Alright, that's still an issue.



  • [quote user="Renan "C#" Sousa"]

    And...?[/quote]

    I had a problem yesterday (was behind dial-up) and apparently the forum software doesn't like posts above a certain compexity over slow connections, so I had to try
    posting segment by segment, until I discovered the forum software would just die on anything longer than one paragraph over that connection.
    That's a whole WTF in itself (under what timeout assumptions do AJAX connections work? How come e.g. Google Mail need to move MORE data when using AJAX than when using HTML? Doesn't
    this defeat the purpose? Oh well)

    Anyway, I'm digressing, here's what I wanted to post, originally (now behind broadband again):



    In an age where online scams are so numerous and public awareness is greater than, say, 10 years ago, , you really gotta try hard to make a convincing scam e-mail.
    From the crudely written, grammar-mistake filled and implausible "accound confirmation" hotmail scams, we can now "boast" full-fledged fake bank websites and logon
    screens that look just like the real thing.



    Yet, from time to time, you see a "fallback to the roots". But I guess even wanna be scammers must start somewhere:


    ATTENTION BENEFICIARY,

    THIS IS TO OFFICIALY INFORM YOU THAT WE HAVE VERIFIED YOUR CONTRACT/INHERITANCE/LOTTERY PROMOTION FILE AND FOUND OUT
    THAT WHY YOU HAVE NOT RECEIVED YOUR PAYMENT IS BECAUSE YOU HAVE NOT FUFILLED THE OBLIGATIONS GIVEN TO YOU IN RESPECT
    OF YOUR CONTRACT / INHERITANCE /LOTTERY PAYMENT.
    SECONDLY WE HAVE BEEN INFORMED THAT YOU ARE STILL DEALING WITH THE
    NONE OFFICIALS IN THE BANK ALL YOUR ATTEMPT TO SECURE THE RELEASE OF THE FUND TO YOU. WE WISH TO ADVISE YOU THAT
    SUCH AN ILEGAL ACT LIKE THIS HAVE TO STOP IF YOU WISHES TO RECEIVE YOUR PAYMENT SINCE WEHAVE DECIDED TO BRING A
    SOLUTION TO YOUR PROBLEM.
    RIGHT NOW WE HAVE ARRANGED YOUR PAYMENT THROUGH OUR SWIFT CARD PAYMENT
    CENTER ASIA PACIFIC, FEDERAL REPUBLIC OF THAILAND.THIS CARD CENTER WILL SEND YOU AN ATM CARD WHICH YOU WILL USE TO
    WITHDRAW YOUR MONEY IN ANY ATM MACHINE IN ANY PART OF THE WORLD, BUT THE MAXIMUM IS ONE THOUSAND FIVE HUNDRED
    DOLLARS PER DAY,SO IF YOU LIKE TO RECIEVE YOUR FUND THIS WAY PLEASE LET US KNOW BY CONTACTING THE CARD PAYMENT
    CENTER AND ALSO SEND THE FOLLOWING INFORMATION:

    1. YOUR FULL NAME
    2. PHONE AND FAX NUMBER,
    3. ADDRESS WERE YOU WANT THEM TO SEND THE ATM CARD
    TO (P.O BOX NOT ACCEPTABLE)
    4. YOUR AGE AND CURRENT OCCUPATION
    5. A COPY OF YOUR IDENTITY

    So let's see...

    [list=1]
    []ALL CAPS: Check V
    [
    ]Telltale generic CONTRACT/INHERITANCE/LOTTERY social engineering text not specialized: Check V
    []Shitty grammar and spelling: Check V
    [
    ]Makes no fucking sense whatsoever: Check V
    [*]Vague and goofy attempt at sounding "ominous" by making the recipient think he/she'd done something wrong: Check V
    [/list]

    Yup, scammin' ain't easy... but I thought they all worked more or less like franchises with an accumulated
    know-how by now? Or each scammer must learn "on the street" or "in the joint" just like a new wannabe gangstah or pimp?



  • @C4I_Officer said:

    I had a problem yesterday (was behind dial-up) and apparently the forum software doesn't like posts above a certain compexity over slow connections, so I had to try
    posting segment by segment, until I discovered the forum software would just die on anything longer than one paragraph over that connection.
    That's a whole WTF in itself (under what timeout assumptions do AJAX connections work? How come e.g. Google Mail need to move MORE data when using AJAX than when using HTML? Doesn't
    this defeat the purpose? Oh well)

    Anyway, I'm digressing, here's what I wanted to post, originally (now behind broadband again):

    That has nothing to do with dial-up, that's how Community Server "works" when its running out of space in the database. It's happened before, and it'll happen again. (At least, until this forum is taken out and shot.)



  • @blakeyrat said:

    That has nothing to do with dial-up, that's how Community Server "works" when its running out of space in the database. It's happened before, and it'll happen again. (At least, until this forum is taken out and shot.)
     

     In what sense does the database "run out of space"?  Are we running out of primary keys in some table, or is the disk full, or is the database somehow constrained to a maximum total size, or what?



  • @Master Chief said:

     I think TRWTF is people actually believing anyone in India has a million dollars.

    [url=http://www.forbes.com/wealth/billionaires/list?country=66]Welcome to the 21[/url][url=http://en.wikipedia.org/wiki/List_of_non-Forbes_billionaires]st century[/url]. Please enjoy your stay.



  • @sprained said:

    @blakeyrat said:

    That has nothing to do with dial-up, that's how Community Server "works" when its running out of space in the database. It's happened before, and it'll happen again. (At least, until this forum is taken out and shot.)
     

     In what sense does the database "run out of space"?  Are we running out of primary keys in some table, or is the disk full, or is the database somehow constrained to a maximum total size, or what?

    The latter. It's running on SQL Express. Which I think maxes out at 10 GB per DB? IIRC. And it doesn't help that CS saves everything, even "deleted" posts and error logs/stack traces.



  • I guess the next step now would be introducing meta-scamming: scamming aimed at scamming other scammers (or wannabes).

    E.g. remember those dot-com bubble era "Start your online business! Work from home! Be a web enterpreneur/milionaire!" scams?There must be something equivalent for gullible scammer wannabes: "Did you know that you can get RICH ON THE WEB by sending poorly phrased, incoherent, vague ramblings and getting THOUSANDS of potential [s]marks[/s] customers to trust you with your personal data? Be second to none, join our ONLINE TRAINING COURSE FOR A MODEST FEE and learn the secrets of REAL WEB BUSINESS!".

     ....otherwise how would you explain that many scammers behave literally as if they started from zero and under someone else's (not entirely effective nor aimed at their best interests) directions? The very least it boosts bulk e-mail sales, and would surely allow selling canned scam instructions as a form of "franchise" to those desperate enough to blindly follow "instructions to success" which apparently involve sending poorly written text. Well, they should at least teach them to edit away the template. Did I win a lottery? Receive an inheritance or get a bank loan approved? Try scamming me with ONE thing at a time, not all three together!



  • @blakeyrat said:

    @sprained said:

    @blakeyrat said:

    That has nothing to do with dial-up, that's how Community Server "works" when its running out of space in the database. It's happened before, and it'll happen again. (At least, until this forum is taken out and shot.)
     

     In what sense does the database "run out of space"?  Are we running out of primary keys in some table, or is the disk full, or is the database somehow constrained to a maximum total size, or what?

    The latter. It's running on SQL Express. Which I think maxes out at 10 GB per DB? IIRC. And it doesn't help that CS saves everything, even "deleted" posts and error logs/stack traces.

    A simple text post like this could easily balloon up to a few megabytes in the database. The problem is that it keeps "reshoots" -- that is, a video recording of the computer monitor -- of a slideshow of full-screen JPG screen shots of every post just in case the alien conspiracy spaghetti noodle boondoggle random random random desktop search dinoskin geehaw!!



  • @C4I_Officer said:

    I guess the next step now would be introducing meta-scamming: scamming aimed at scamming other scammers (or wannabes).

    You mean like this?



  •  Actually, this particular piece of spam is pretty interesting. It looks like the spam ecosystem has evolved to the point where there are now parasites, and you have found one. The email is generic about the type of money involved because they are trying to hijack some other scammer's scam in progress. So if Scammer A has already got you started on a lottery scam, this email is designed to hijack it. Or if Scammer A has you started on an inheritance scam, this will hijack that too.

     That's what the "We see you have been dealing with non-bank officials" part is about. You've been dealing with Scammer A! No, you should be dealing with Scammer B instead! You have done wrong, but Scammer B is merciful and will forgive you for your dealings with Scammer A so long as you cease them now and just deal with Scammer B from here on out.



  • @Bumble Bee Tuna said:

     Actually, this particular piece of spam is pretty interesting. It looks like the spam ecosystem has evolved to the point where there are now parasites, and you have found one. The email is generic about the type of money involved because they are trying to hijack some other scammer's scam in progress. So if Scammer A has already got you started on a lottery scam, this email is designed to hijack it. Or if Scammer A has you started on an inheritance scam, this will hijack that too.

     That's what the "We see you have been dealing with non-bank officials" part is about. You've been dealing with Scammer A! No, you should be dealing with Scammer B instead! You have done wrong, but Scammer B is merciful and will forgive you for your dealings with Scammer A so long as you cease them now and just deal with Scammer B from here on out.

    You, sir, win an Internet in Cyber-biology.



  • @Bumble Bee Tuna said:

     Actually, this particular piece of spam is pretty interesting. It looks like the spam ecosystem has evolved to the point where there are now parasites, and you have found one. The email is generic about the type of money involved because they are trying to hijack some other scammer's scam in progress. So if Scammer A has already got you started on a lottery scam, this email is designed to hijack it. Or if Scammer A has you started on an inheritance scam, this will hijack that too.

     That's what the "We see you have been dealing with non-bank officials" part is about. You've been dealing with Scammer A! No, you should be dealing with Scammer B instead! You have done wrong, but Scammer B is merciful and will forgive you for your dealings with Scammer A so long as you cease them now and just deal with Scammer B from here on out.

    I was once playing with a Nigerian scammer when his "boss" stepped in and tried to steal the deal. 

    Scenario is like this: Boss guy hires blokes to manage the replies to spam mailings saying they'll get a percentage.  Blokes go out and hooks us idiots.  The boss monitors the blokes accounts and when they have one on the line the boss sends an email to the target saying that the original email account has been compromised so switch to this new address thereby screwing the blokes.  Boss gets the idiot and the bloke don't know what happened.

    I ratted them out to each other.


Log in to reply