If you're gonna scam, don't give your name (NA)

RotaryWingBob

RotaryWingBob

En-Route
Gone West
Joined
Feb 23, 2005
Messages
2,597
Location
Chester County, PA
Display Name
Display name:
iHover
I just got one of those emails trying to scam you into giving out PIN numbers and other financial data (never mind that I've never heard of the bank):

===============================

southtrust logo
Dear Southtrust customer,

Please read this message carefully and follow it's instructions.

Southtrust is committed to maintaining a safe environment for its community of customers. To protect the security of your account, Southtrust employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Southtrust system for unusual activity.

Recently, our team identified some unusual activity in your account. In accordance with Southtrust User Agreement access to your account will be limited. This is a fraud prevention measure meant to ensure that your account is not compromised.

In order to secure your account we may require some specific information from you. We encourage you to log in by clicking on the link below and complete the requested form as soon as possible.

https://southtrustonlinebanking.com/retail/Login.asp

This e-mail contains information directly related to your account with us, other services you have subscribed, and/or any application you may have submitted.

Sincerely,
Southtrust Security Department.

========================================


Now I noticed when you mouse over the link, it comes back to southtrustaccountverification.com instead of simply an IP address like most scammers use. A WHOIS lookup of the domain name came back to someone, who presumeably, is the not too bright scammer (or maybe all the info he gave is bogus, I don't know):

==================================


Domain Name: southtrustaccountverification.com

Status: ACTIVE

Registrar: YESNIC CO. LTD.
Whois Server: whois.yesnic.com
Referral URL: http://www.yesnic.com

Expiration Date: 2006-05-26
Creation Date: 2005-05-26
Last Update Date: 2005-05-27

Name Servers:
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com


===============================================================================

-----------------------------------------------
Queried Domain Information as follows
-----------------------------------------------

Domain Name : southtrustaccountverification.com

::Registrant::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :

::Administrative Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :

::Technical Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :

::Name Servers::
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com

::Dates & Status::
Created Date 2005-05-26 12:02:23 EDT
Updated Date 2005-05-26 12:02:23 EDT
Valid Date 2006-05-26 12:02:23 EDT
Status ACTIVE
 
my guess is that its spoofed - but - report it anyways, maybe he's that stupid and deserves to be busted
 
Interesting. Looks like something fun to forward to the FBI then go sit at the end of this guys street and get some pictures of nonexistent black helicopers at 2am.

I don't understand how people are so naive that they still fall for this stuff.
 
I thought we weren't posting personal addresses here....
 
I get these for Paypal's at least 15 times a week, maybe more. Most of them source back to Russia.
 
RotaryWingBob said:
Of scammers? Hello?

That's public info pal...
Click to expand...

I don't disagree. But one of the other members posted info from the (public) FAA database and it was summarily removed. A rule is a rule....
 
I get a bunch of these every week. Yesterday I got one supposedly
from PayPal. And I don't even use PayPal. It had a nice site where
you were supposed to sign on with your user id and password. I made
one up. Surprise .. it worked. They were asking for credit card number,
bank accounts, and all sorts of stuff. Are people really that stupid
that they give them all this info?

RT
 
wsuffa said:
I don't disagree. But one of the other members posted info from the (public) FAA database and it was summarily removed. A rule is a rule....
Click to expand...

I think a scam warning with the perpetrator's identity is different in that the scammer isn't expecting anonymity.
 
RogerT said:
I get a bunch of these every week. Yesterday I got one supposedly
from PayPal. And I don't even use PayPal. It had a nice site where
you were supposed to sign on with your user id and password. I made
one up. Surprise .. it worked. They were asking for credit card number,
bank accounts, and all sorts of stuff. Are people really that stupid
that they give them all this info?

RT
Click to expand...
You'd think they wouldn't be that stupid. But I guess they are. Otherwise we wouldn't be getting this flood of emails pretending that they're from financial institutions.

PayPal actually issued a warning (via email) a couple of months ago essentially saying that they never ask for this kind of information, and that users shouldn't espond to these requests.
 
For you computer gurus out there any chance the scammer stole someones email and IP info a sent the email under the stolen ID? Some one once used my old email address to send thousands of pieces of spam in a single day
 
AdamZ said:
For you computer gurus out there any chance the scammer stole someones email and IP info a sent the email under the stolen ID? Some one once used my old email address to send thousands of pieces of spam in a single day
Click to expand...
Hey Adam -

It's pretty easy to make your return address appear to be whatever you want. In this case, although the sender appeared to be the bank, a look at the full message header simply showed it originated at an IP address (200.79.235.9). The return path is the obviously bogus email address <donotreply@southtrust.com>. What I find interesting about this one is that the scammer actually registered a domain name for his site.
 
Bob: I handle a good amount of criminal defense in my practice. I find crimnals fall in to three intelligence catagories: 1) Very very intelligent ie the guy in catch me if you can. 2) Sociopaths 3) Absolute unmitigated morons. There are of course exceptions.
 
AdamZ said:
For you computer gurus out there any chance the scammer stole someones email and IP info a sent the email under the stolen ID? Some one once used my old email address to send thousands of pieces of spam in a single day
Click to expand...
This is a favourite game of spammers - the addresses they harvest to send their junk to they also use as the addresses their junk appears to come from. And sometimes this is done by viruses. But you can pretty much always determine the actual address the mail originated from by looking at the Received headers, which are added by the various Mail Transport Agents as they relay the mail down the line. Spammers can't change headers that are added after the mail has left their local network.

Liz
 
RogerT said:
I get a bunch of these every week. Yesterday I got one supposedly
from PayPal. And I don't even use PayPal. It had a nice site where
you were supposed to sign on with your user id and password. I made
one up. Surprise .. it worked. They were asking for credit card number,
bank accounts, and all sorts of stuff. Are people really that stupid
that they give them all this info?

RT
Click to expand...

Not a computer expert by any stretch of the imagination, but doesn't clicking on that link to begin with provide them things like your IP address? I'd probably clear temporary files and cookies, update and run virus and spyware protection, just to be safe..... but then, I'm known to be a bit paranoid at times B)
 
RogerT said:
Are people really that stupid
that they give them all this info?

RT
Click to expand...

Yup!!! We get calls every week from little old ladies with their first computer who get one of these emails and they respond to it. Most times, its because they don't know any better. But then, you do get the folks that are complete dimwits. A lady called a couple of weeks ago, says she got an email and phone call from a guy who told her she had won 150K in the Australian lottery. He send her a check for about 3,500 to cover the taxes. She was supposed to cash the check, and send him a money order for 3,200 to show that she paid the tax on the winnings. Wing nut takes that check to her bank, cashes it and then immediatley drives to Walmart and Western Union'd him the rest of the cash. Of course the bank calls her a couple hours later to tell her the check is no good........ Then she whines to us. It's times like that that I really want to ask them, "excuse me, but are you really that STUPID??? What the hell were you thinking? And why would someone from Canada tell you you've won the AUSTRALIAN lottery?? You are a dumba$$, it's your own fault. Now go away and call back when you have a real crime to report." Yes, there are stupid people out there. I talk to them every day.
 
You must log in or register to reply here.
Back
Top