Thursday, April 30, 2009

419 Scam Artists Using 'Email this' Feature

In times when more and more scammers/spammers are getting DomainKeys verified, others are finding adaptive ways to increase the probability of bypassing antispam filters.

Take for instance this 419s scam artist, that's been pretty active in his scamming attempts as of recently.

Basically, he's exploiting the fact that he's allowed to enter a message within's 'Email this" feature, whereas it will successfully reach the potential victim based on clean IP reputation of NYTimes - and sadly, he's right since he's already sending scam messages through the following accounts registered at the site:

His excuse for using - "Based on the bank high sensitiveness and security i have decided to contact you outside the bank's sever IP for a beneficial transaction."

Another scam that I've been tracking for a while is using a new "Hand bag stolen at Barcelona air port" social engineering attempt, and is attaching scanned copies of real baggage loss documents in order to improve the truthfulness of the scam. Pretty catchy if you don't know what advance fee fraud is.