The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Tuesday, August 19, 2008

New variants on the advance fee fraud hitting Craig's List

A couple of years ago, I wrote about a scam where you have something to sell, and someone from overseas (usually Africa) buys it but pays too much and asks you to refund the difference. In the end, the check they sent you turns out to be bad and you're out the refund money. This very commonly happens to people with rental property, who get emails from someone from overseas planning to visit the area and who puts down too large a deposit and ask the landlord to forward the difference to their travel agent.

The more recent variant involves someone who advertises a nice place to rent on Craig's List and then absconds with the deposit. Read more about it at An Unread Blog.

In general, take the Craig's List warnings about dealing with strangers very seriously.

Related scams: You're looking for a roommate, and the interested party sends too big a deposit. The blog Active Rain has a good analysis involving a college student looking for a roommate, and a scammer willing to take the student's college fund.

Wikipedia has a good compendium of advance fee frauds.

Thursday, August 14, 2008

Another spammer in the slammer — Michael Dolan

While all the world's attention has been on Robert Soloway, other spammers have been quietly getting their comeuppance.

Today's story concerns Michael Dolan who's just been sentenced to seven years in jail plus three years of supervised release. He's pled guilty to fraud and aggravated identity theft.

His scheme, along with five other people, was to troll AOL chat rooms for user ids. Those user's then would receive "greeting card" spam which quietly installed malware on the victim's computers. The next time the victim attempted to log onto AOL, the malware would ask for credit card numbers, bank accounts, and other personal info. If the user refused to cough up, the malware prevented them from logging in.

There were also more traditional email phishes asking for AOL billing details.

On top of all of this, Dolan engaged in various forms of witness tampering, including a death threat, and had violated a previous probation for computer crime.

Dolan's scam brought in over $400,000 from 250 victims. As might be expected, his lawyer tried to use the insanity defense, as was the case with Soloway.

Full coverage at ars technica and InfoWorld.

Eight ways to get yourself blacklisted

Good article today by Esther Schindler on Cio.com: Eight Quick Ways to Get Your Site Blacklisted.

It's a quick overview of bad email practices that can get you and/or your ISP on the anti-spam lists. If your business involves sending emails in any way, you should read it.

See also Slashdot coverage.