Scam Mail

[CaptainYooh]

I am pretty dumb when it comes to IT, so I have a question to all of you smart techies people. Why can't authorities trace scam mail senders? I see these e-mails asking to update bank account information, invest with ultra-rich high net worth individuals, accept inheritance and other garbage. All I do is curse and delete them. But I hear that a lot of old people become victims though. Isn't there a live person behind each and every e-mail account? Even the free servers (e.g. hotmail, yahoo, live, lycos) require some personal information to open a new e-mail account that could lead to a perpetrator. They do trace terrorists through e-mails. What is different with scam? Please explain at the popular level. Thanks.

[ken0042]

We get them at my work. Usually it's some or a combination of the following:

- The same email address isn't used twice.
- The 'reply to' email isn't the one sending it.
- It is coming from a country with fewer rules on acceptable internet/email use. (Nigeria most infamously.)
- Somebody has hacked a legitimate email account.

[photon]

You're a cop in Calgary, someone calls you that their bank account has been emptied because they accidentally signed into their bank account through a phishing site.

You look at the email, trace the site to an IP address in China.

After months of work somehow you manage to get someone in China to care enough to give you details for that IP, it was to a shared hosting account that was closed down 24 hours after registering because it used a stolen credit card from Russia and the IP address of the person that registered the account traces back to Brazil.

Now what?

Spam senders do an enormous amount of work to hide behind a long chain of false information.

That said, they do a lot of work to try and shut them down too.

It's more like the wild west with marshals and outlaw gangs though.

http://www.bbc.co.uk/news/technology-18898971

[sclitheroe]

Sender Policy Framework and DNSSEC and a ton of this crap goes away. Depressing to me that nobody can agree to get this widely implemented.

[To Be Quite Honest]

Got a scam email today.

Notice for Court Appearance.

Then you download the zip and blamo!

http://www.snopes.com/crime/fraud/courtnotice.asp

[Hack&Lube]

Quote:

Originally Posted by CaptainYooh

Isn't there a live person behind each and every e-mail account?

Nope. A large majority of email accounts on the internet do not belong to a person.

Also, the majority of spam is sent by botnets and completely automated. The more people that fall for spam with malicious urls or attachments, the more computers that are taken over and added to the zombie bot nets that do callbacks and send out more spam, ad infinitum.

[Hack&Lube]

Quote:

Originally Posted by sclitheroe

Sender Policy Framework and DNSSEC and a ton of this crap goes away. Depressing to me that nobody can agree to get this widely implemented.

SPF doesn't help if spam is coming out of an legitimate organization that has user systems compromised by a zero-day. Billy Bob in the field opens an e-mail that claims it's his ADP paystub, runs a .scr file disguised as a PDF, uses common UDP ports to tunnel to the internet and contact a spam bot net, then downloads further zero-days and spoofs traffic coming out of your domain and external IP...takes down e-mail for a company because internet blacklists automatically flag suspicious traffic within 15 minute of this occurring. In that time frame, a lot of bad e-mails could appear to be coming out of your organization that has a legitimate SPF record. There's a lot of spoofing and hijacking going on out there right now. That said, the speed at which blacklists/blocklists are reacting are helping a great deal.