The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Friday, December 08, 2006

Former congressman Ed Mezvinsky, victim of Nigerian fraud spams, now in jail

This one is truly weird. Former Democratic congressman Ed Mezvinksy was apparently suckered in by " just about every different kind of African-based scam we've ever seen", according to federal prosecutor Bob Zauzmer.

As a result, Mezvinksy began stealing from clients and even his own mother-in-law to raise money for the scheme. Now he's in prison for fraud. All told, he lost about $3 million to the scammers.

Mezvinksy fell particularly hard for the "black money" scam. In this scam, fraudsters tell the victim that the money was painted black to smuggle it out of the country, and now a special, very expensive chemical is needed to remove the black ink. The mark in this scam then ponies up the money to buy the ink remover.

OK, seriously. How can people be so fricking stupid? And on top of that, even if you do believe the fraudsters, you must've known you were participating in something illegal. I really have no pity for people who fall for this; it comes from being stupid, greedy, and unethical. The problem I have is all the innocent people victimized by dumbasses like Mezvinksy — a sort of secondary victimization. And all that spam, of course.

Earthlink losing email

(Via Slashdot) Robert Cringely is reporting that Earthlink is losing the vast majority of email, apparently due to overloaded servers. Cringley reports that up to 80-90 percent of Earthlink email is being lost.

Interestingly enough, recent news reports are that some email providers are reporting that 80-90 percent of email is spam. If Earthlink is seeing those same numbers, then we can safely say that there wouldn't be a problem if they didn't have all that spam to deal with.

One Slashdot reader says that the problem is not with the regular mail servers, but with a specialty server used by roaming clients.

Saturday, December 02, 2006

Zango (formerly 180 Solutions) connected to myspace virus

OK, follow the bouncing ball, it's a tricky one. You visit a scammers page on myspace. A Quicktime video on the page automatically runs. The video contains an href tag (whose damn dumb idea was it to a) include href tags in video files, and b) to follow those links automatically?)

The href tag contains javascript which overlays your myspace profile page with a fake login. If you use the fake login button, then you've been phished. The purpose of the phish seems to be to direct you to a collection of pornographic movies on the Zango web site.

For more details on the attack, see spywareguide.com, Slashdot andMashable.com.