Search  Rules  Login
TheBat English » The Bat! - Configuring the E-mail Client
Pages: 1
RSS
nigerian scammers trolling these forums, nigerian scammers
 
#1
0  
It would appear that the the Nigerian Scammers are using this forum to harvest new "leads".

The following is the start of the email message body.

"Informational message from www.ritlabs.com
---------------------------------------

You have private message on the forum at www.ritlabs.com.

Topic:
URGENT REPLY

Sender: joy joypsalm1@yahoo.com
Date: 01.08.2007 16:11:34
Message:

Hello Dear,"

Doug
 
 
 
#2
0  
I had a similar email
They are using Ritlabs in the REPLY TO field

I used to get hate mail from spam victims since the email came apparantly from my domain "grunwalds.com" although an examination of the source IP would show otherwise - many came from India and the ISP could care less

Most I could never trace it as all I received were bounce messages from mail I never sent.
 
 
 
#3
0  
Could you please export these messages to .EML (with full headers), compress into a password-protected archive, and send to me.

The password-protected compression is needed to prevent antispam software to filter the messages.
 
 
 
#4
0  
I don't understand how they would harvest your email addy? If it is not in the posting, how do they get access? Correct me if I am wrong but by posting here my email address is not shown?
 
 
 
#5
0  
They are sending the scam via PM so they may not get your email address, they have a script that will call up each member via PM and paste their message into the form

You could actually create a script and use any form filler although I am sure they have it automated
 
 
 
#6
0  
Thanks Rick - I guess that would be the case for every forum?
 
 
 
#7
0  
Quote
Maxim Masiutin writes
Could you please export these messages to .EML (with full headers), compress into a password

The email addy used in this Forum is a Yahoo throw away account. If you can tell me how to display full message headers in Yahoo mail, I'll attempt it. If I forward the email to my regular account the email attachment strips of the message headers.

I used the Send E-Mail message link from the left side of the Forum posts to send myself a message. (One doesn't need to be logged in to do this). I got the same Message header and tag lines as what I got from the Nigerian scammer.

Wed, 1 Aug 2007 16:11:34 +0300 (EEST)
To: <my addy here>@yahoo.com
Subject: www.ritlabs.com: [private] URGENT REPLY
From:  joypsalm1@yahoo.com  

I'll send a reply to joypsalm1 and ask her how she found my email address. Maybe it'll still be in time to help her recover the 5.5M dollars ;-)
 
 
 
#8
0  
this scenario is just too complicated for a spammer/scammer. If an email address can't be obtained by parsing the source code of a page, it's highly unlikely this address to be spammed. Creating and testing scripts that automatically click links, fill forms, click buttons etc. is not something a spammer would do, nor he/she will do something like this manually - it just makes no sense, when there are so many addresses that can be easily obtained & spammed automatically, without any extra effort.

Or maybe you're a victim of a newbie spammer :)
 
 
 
#9
0  
bigg one
You haven't got a CLUE as to what is going on out there do you :|

Do some research then post back. There are scripts for sale to spammers doing exactly what I stated.

I haven't personally been hit with a PM script but I moderate all new users. The only one you can email before approval is the webmaster. No scammer/spammers have been bouncing in that account so my assumption is that they are not trying, although a PM script might not pick up the contact us form - perhaps on purpose

I guess it could be a newbie spammer but that is VERY far fetched. When everyone got one within a couple of hours it points to a script not to someone clicking names one at a time

Google it or read the VB forums - it will be an education (not patronizing - it was an education for me.)
 
 
 
#10
0  
Quote
bigg one writes:
Creating and testing scripts that automatically click links, fill forms, click buttons etc. is not something a spammer would do, nor he/she will do something like this manually - it just makes no sense, when there are so many addresses that can be easily obtained & spammed automatically, without any extra effort

I agree they wouldn't do it manually but again Google this. There are scripts for sale to spammers that do some exotic stuff. VBulletin is as secure as it gets yet they keep on coming up with new ways - which are immediately patched but everyone doesn't apply the patches right away  :D

Easy to get addresses? Millions of them perhaps? They get those with scripts but "fresh meat" is always welcome and they are continually looking for new ways to meet new people  :D

 
 
 
#11
0  
well I really don't have a clue :) , it just seems quite impractical to create automated procedures or even to use ready ones (as I guess not everybody can handle this right away) when there are so many addys you can get just like that. I wouldn't do this if I was a spammer, but I guess you're right and they really do it.
 
 
 
#12
0  
I'm sure a new spammer doesn't use this stuff right away. Most of them cost $$$
Here's a link on how to creak CAPTCHA systems
http://www.cs.sfu.ca/~mori/research/gimpy/

Again some Googling will come up with stuff you can buy to hack past spammer guards (not that you would want to)
 
 
 
Pages: 1