Jet Blast Topics that don't fit the other forums. Rules of Engagement apply.

Scammers

Old 21st May 2019, 14:37
  #201 (permalink)  
 
Join Date: Aug 2007
Location: Brazil
Posts: 67
I had a couple of those. Made me wonder how much he got out of a sideways view of the backside of my monitor. If he'd had a legit mail I'd have requested a copy of whatever.
belfrybat is offline  
Old 21st May 2019, 15:16
  #202 (permalink)  
 
Join Date: Jan 2008
Location: Reading, UK
Posts: 10,684
Originally Posted by Pontius Navigator View Post
That scam was doing the rounds a few months back. I think some people paid up but its big failure was asking for $X to be paid in Bit coin. I suspect that less than 1% of those targeted had the vaguest idea of how to send a bit coin.
On the contrary, from the scammers point of view asking for Bitcoin payment is far safer than requesting funds to be transferred into a physical bank account. If that means that fewer recipients know how to do it, just send a few million more of the scam emails at negligible cost to restore the balance.
DaveReidUK is offline  
Old 21st May 2019, 15:26
  #203 (permalink)  
 
Join Date: Nov 2015
Location: Here
Posts: 295
Like many I do occasionally muse on how to stop these scam emails or indeed any amount of unwanted spam email concerning goodness knows what. I have some techniques which do work. I am surprised that software developers cant offer a solution to it. I did wonder if - on the very grand scale of things - people and organisations should be charged a small amount by their service provider for each email sent. Compared to the cost of surface postage charging say 10p per email would be peanuts for most organisations and even for private individuals I suspect. But 10p per email for scammers and assorted toe rags sending thousands per day would perhaps become too much of a burden to substantiate?

On the other hand, why oh why did the email software developers make it so easy for scammers to spoof email senders addresses and make it so hard to find out the actual source of scam emails so that they can be reported to the service providers and stopped. I'm not a software expert so I ask of any here who are - is this so difficult?
yellowtriumph is offline  
Old 21st May 2019, 16:37
  #204 (permalink)  
 
Join Date: Jan 2003
Location: Southampton
Posts: 664
Had some unusual texts recently.

"Hi", then followed by "Who are you?"

Deleted of course but I wonder what the angle is?
Saintsman is offline  
Old 21st May 2019, 16:41
  #205 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,594
Originally Posted by DaveReidUK View Post
On the contrary, from the scammers point of view asking for Bitcoin payment is far safer than requesting funds to be transferred into a physical bank account. If that means that fewer recipients know how to do it, just send a few million more of the scam emails at negligible cost to restore the balance.
l don't disagree but the greater the quantity of spam the greater the chance of people becoming aware.
Pontius Navigator is offline  
Old 21st May 2019, 22:41
  #206 (permalink)  
 
Join Date: Nov 2000
Location: Cambridge, England, EU
Posts: 3,428
Originally Posted by yellowtriumph View Post
On the other hand, why oh why did the email software developers make it so easy for scammers to spoof email senders addresses and make it so hard to find out the actual source of scam emails so that they can be reported to the service providers and stopped. I'm not a software expert so I ask of any here who are - is this so difficult?
Erm ... email was developed to enable one user of a vast expensive (but, by modern standards, mind-bogglingly underpowered) university mainframe to send messages to another user of the same vast expensive university mainframe. Then a couple of universities hooked up, and a couple of computer companies, and so on, so that you could actually send a message to someone on a different computer!

To be a scammer you'd have to be an employee of the tech company or university, and you'd get sacked. And how could you scam anyone anyway? Send them a message saying "please send me a cheque, here's my postal address"?

What, exactly, was the threat model that the developers of the protocols were supposed to have recognised and guarded against? In the 1970s when even the concept of a "threat model" wasn't a thing? Using the mind bogglingly underpowered computers, 300 baud dial-up connections (if you were being posh and expensive and could afford better than 110 baud), and no generally available crypto (even if you had the CPU cycles to run it, which you didn't).
Gertrude the Wombat is offline  
Old 22nd May 2019, 07:04
  #207 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,594
Had our first local phone scan call yesterday. Had UK number scans but not local. Until this call we had no idea that TalkTalk had a local call centre that reported my internet had been hacked.

Also a first, had a url link sent on my mobile.
​​​
Pontius Navigator is offline  
Old 22nd May 2019, 08:49
  #208 (permalink)  
 
Join Date: Nov 2015
Location: Here
Posts: 295
Originally Posted by Gertrude the Wombat View Post
Erm ... email was developed to enable one user of a vast expensive (but, by modern standards, mind-bogglingly underpowered) university mainframe to send messages to another user of the same vast expensive university mainframe. Then a couple of universities hooked up, and a couple of computer companies, and so on, so that you could actually send a message to someone on a different computer!

To be a scammer you'd have to be an employee of the tech company or university, and you'd get sacked. And how could you scam anyone anyway? Send them a message saying "please send me a cheque, here's my postal address"?

What, exactly, was the threat model that the developers of the protocols were supposed to have recognised and guarded against? In the 1970s when even the concept of a "threat model" wasn't a thing? Using the mind bogglingly underpowered computers, 300 baud dial-up connections (if you were being posh and expensive and could afford better than 110 baud), and no generally available crypto (even if you had the CPU cycles to run it, which you didn't).

Um ... I know someone sending me an email can obscure their source address from me the recipient, but can someone sending an email hide their originating address from the interconnecting systems and software between them and me? In other words, can internet service providers trace the originating source even if I cant?
yellowtriumph is offline  
Old 22nd May 2019, 09:15
  #209 (permalink)  
 
Join Date: Jan 2008
Location: Reading, UK
Posts: 10,684
Originally Posted by yellowtriumph View Post
Um ... I know someone sending me an email can obscure their source address from me the recipient, but can someone sending an email hide their originating address from the interconnecting systems and software between them and me? In other words, can internet service providers trace the originating source even if I cant?
Yes and no. It depends what "address" you are talking about.

Spoofing an origin email address is child's play, as already discussed. Spoofing the IP address from which an email originates, while not impossible, is rather more difficult and most scammers don't go to that trouble.

Look at the headers in the next scam email you receive and you will see the IP address from which it (very probably) originated. That will tell you which ISP the sender was using and the ISP (if they wanted to, which of course they don't) could tell you the customer that was using that address at that point in time.

ISPs could solve the scam/spam problem overnight, if they were sufficiently motivated to do so.
DaveReidUK is offline  
Old 22nd May 2019, 11:24
  #210 (permalink)  
 
Join Date: Nov 2015
Location: Here
Posts: 295
Originally Posted by DaveReidUK View Post
Yes and no. It depends what "address" you are talking about.

Spoofing an origin email address is child's play, as already discussed. Spoofing the IP address from which an email originates, while not impossible, is rather more difficult and most scammers don't go to that trouble.

Look at the headers in the next scam email you receive and you will see the IP address from which it (very probably) originated. That will tell you which ISP the sender was using and the ISP (if they wanted to, which of course they don't) could tell you the customer that was using that address at that point in time.

ISPs could solve the scam/spam problem overnight, if they were sufficiently motivated to do so.
I think you have hit a nail on the head with your last point. Up until a short while ago we were receiving perhaps 20-30 unwanted 'scam' emails a day. I looked at the Properties of one of the emails (using Outlook) and could see all sorts of what seemed to me to be pertinent information. I contacted my email service provider (Fasthosts) through which all my email passes and advised them of these unwanted emails. They asked me to forward to them a copy of said email Properties. After a short while they came back and said I had likely visited a rogue site that had harvested my email details and that it would most likely quieten down after a few weeks. Seems to me even though I had furnished them with the information to enable them to go back to the source ISP (and even given them direct access to my email account) they were not inclined to do anything about it.

For completeness sake I should add I looked at the spoof senders email addresses incoming to me and each and everyone contained a specific and constant set of characters, I have now set up Outlook to look for these characters and just delete these emails without bothering me. So far this has been 100% successful but I appreciate the sender only has to change his modus operandi and I will be back to square one.

Last edited by yellowtriumph; 22nd May 2019 at 16:51.
yellowtriumph is offline  
Old 22nd May 2019, 14:28
  #211 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,594
There was a period, may be 4-5 years ago that spammers used a device to defeat spam filter. Can't remember the detail but it was like 'spam' which would be detected was sent as 'sp-am' and then 'sp---am' and so on.

Thankfully they have moved on.

The other that was difficult was spam messages from ME.
Pontius Navigator is offline  
Old 23rd May 2019, 05:39
  #212 (permalink)  
 
Join Date: Jul 2008
Location: Only occasionally above FL50
Age: 67
Posts: 116
Got my first totally spam SMS yesterday - apparently from ‘RESULTS’ not in.my contacts. Read

Hi Nicola!

Final round for £500 gift card!

Call now: 09115624580

Cheers! 99ppm

Took me a few moments to realise 99ppm was advisising the cost of calling the phone number. I suspect that calling from a mobile it may cost even more.
Andrewgr2 is offline  
Old 23rd May 2019, 07:47
  #213 (permalink)  
 
Join Date: Feb 2018
Location: Wolverhampton
Posts: 2
Originally Posted by Andrewgr2 View Post
Got my first totally spam SMS yesterday - apparently from ‘RESULTS’ not in.my contacts. Read

Hi Nicola!

Final round for £500 gift card!

Call now: 09115624580

Cheers! 99ppm

Took me a few moments to realise 99ppm was advisising the cost of calling the phone number. I suspect that calling from a mobile it may cost even more.
09 numbers, in case anyone doesn't know are PREMIUM RATE numbers. They can, and DO charge astronomic rates - and its all legal.
sixchannel is offline  
Old 28th May 2019, 10:29
  #214 (permalink)  
 
Join Date: Aug 2016
Location: Ilmington, Warwickshire
Posts: 74
In view of the increasing sophistication of these scammers, this looks like good news. As long as the victim hasn’t been completely negligent, it suggests that they have a very good chance of getting their money back.

https://www.bbc.co.uk/news/business-48385426
BehindBlueEyes is offline  
Old 28th May 2019, 17:57
  #215 (permalink)  
 
Join Date: Oct 2017
Location: UK
Posts: 4,151
I delete ALL e-mails without opening them unless they are recognisably from family or friends.

Then I also empty the deleted items box.
dook is offline  
Old 28th May 2019, 18:01
  #216 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,594
Hacked

Miss PN1 had £2,000 lifted from her bank account (refunded immediately by her bank) for a Virgin Holiday.

Today she received a postcard from Virgin Holidays addressed to the thieves.
Pontius Navigator is offline  
Old 28th May 2019, 18:38
  #217 (permalink)  
 
Join Date: Aug 2016
Location: Ilmington, Warwickshire
Posts: 74
Originally Posted by Pontius Navigator View Post
Miss PN1 had £2,000 lifted from her bank account (refunded immediately by her bank) for a Virgin Holiday.

Today she received a postcard from Virgin Holidays addressed to the thieves.
And were the authorities interested? I would have hoped a bit of easy policing would have been a gift for them?

I've related this rather disappointing story on here once before. Several years ago, we had a family holiday on the Gulf Coast of the US. I was meticulous about not letting my credit card out of my sight the whole time. Our return flight was from Miami which entailed a journey across the state. Just before we reached the airport, as we had time, it was decided we would stop at a restaurant for a last meal. That was the one time that I stupidly let my card go off with the waiter.

Three or four months later I got a call from my card provider asking me if I had recently made a $5000 purchase in the Apple store in Miami. Clearly, it wasn’t me and I could prove I was in the U.K. at the time of the transaction. I told the company I knew exactly when, where and probably who had cloned my card. Unless there was a highly improbable coincidence, the waiter who had served us at our last stop was most likely something to do with the fraud.

They weren’t interested at all and just refunded the money.

BehindBlueEyes is offline  
Old 28th May 2019, 19:18
  #218 (permalink)  
 
Join Date: Feb 2018
Location: Wolverhampton
Posts: 2
Originally Posted by dook View Post
I delete ALL e-mails without opening them unless they are recognisably from family or friends.

Then I also empty the deleted items box.
That won't help if their accounts have been hacked.
Simply hover over 'sender' and the address of said Sender will be revealed. If it looks wrong - it IS wrong. Then you can bin it.
And if your friends and rellies send you an email that is just a link - open at your Peril!!
sixchannel is offline  
Old 28th May 2019, 20:46
  #219 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,594
Originally Posted by sixchannel View Post
That won't help if their accounts have been hacked.
Simply hover over 'sender' and the address of said Sender will be revealed. If it looks wrong - it IS wrong. Then you can bin it.
And if your friends and rellies send you an email that is just a link - open at your Peril!!
Indeed, got one from an acquaintance, last saw him two years previous. The underlying URL was .JP

I sent him a message to tell him. I should also have sent him the message and source code.
Pontius Navigator is offline  
Old 28th May 2019, 21:00
  #220 (permalink)  
 
Join Date: Nov 2000
Location: Cambridge, England, EU
Posts: 3,428
Originally Posted by sixchannel View Post
And if your friends and rellies send you an email that is just a link - open at your Peril!!
Get several of those most days. Delete unread.
Gertrude the Wombat is offline  

Thread Tools
Search this Thread

Contact Us Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.