[meteorite-list] eBay/paypal phishing

From: Dave Freeman mjwy <dfreeman_at_meteoritecentral.com>
Date: Sun Jun 5 16:36:11 2005
Message-ID: <42A3623C.2010608_at_fascination.com>

Dear Sterling;
Yikes! Soylent green in my refridgerator in 20 years!!!!
Dave-spooked!



Sterling K. Webb wrote:

>Hi,
>
> Yes, I know "phishing" is the current techno jargon, like phone "phreaking"
>was decades ago, but it just piles an flashy verbal disguise on top of frauds,
>thieves, con men, grifters and scum, and makes them sound cute. They're not.
>
> The reason why eBay / PayPal does nothing is that there is nothing eBay /
>PayPal can do, in any practical way, except to warn you off, which they do in
>every response when you report these things.
>
> These criminal enterprises are segmented into task clusters that each work
>on their own with the other task clusters.
>
> Bulk emailing is not a crime. The bulk emailer doesn't create the email,
>just sends it. He would be violating the law if he were to look at somebody's
>else mail, as if FedEx were to open your package or letter before they send it
>along.
>
> Selling 100,000,000 email addresses at a time is not a crime; it's a
>respected business called marketing. Collecting other people's email addresses
>by questionable means isn't a crime, either, as it turns out.
>
> eBay itself will sell you a special access that allows the collection of
>data from their sales for the purposes of market research. How do you think
>they got your email address?
>
> This List's own archives contain the email address of everyone who's ever
>posted here. I can't imagine how else I would get email solicitations for what
>purport to be porn sites that contain the word "polymict" in the subject line in
>any other way!
>
> The creator of the email has his fake site, the one you go to, hosted by
>another innocent party who hosts hundreds of sites in his gateway, How is he
>going to check out the honesty of every one of his customers? How would you?
>He probably doesn't care, but if the law came to him and said this customer of
>yours is a crook (we think), he'd just say he didn't know and satisfy the law by
>dumping the client. No penalty.
>
> Besides which, the creator of the criminal site only places it with a host
>for a very short while, only a few days if he is really careful, then moves it
>to another host. He may just sneak into a server in Lativa and have it host his
>site without even knowing it.
>
> He doesn't steal anything from you using that data. When he has collected
>enough personal and credit data to be worth something, he sells it to a broker /
>distributor of stolen credit data, then physically destroys the media that
>contain any trace of it (media, even hard drives, are cheap).
>
> The broker of stolen credit card data doesn't steal from you -- he re-sells
>the data at a profit, in various sized chunks to middle men who re-sell it to
>those who alter or manufacture physical fake cards from it or, increasingly,
>cyber-thieves who just work a few or only one victim at a time or very small
>brokers who sell one person's fake card to some guy on the street so dumb that
>he has to show him how to use it.
>
> So, crime too is increasingly operating by means of distributed networks of
>clusters whose only connection is the exchange. Some clusters, while not
>exactly innocent, have committed no crime. Most have only committed only very
>low-grade offenses; many can claim ignorance, some of them genuinely.
>
> Lots of burglars go to jail; very few fences do. "Yer Honnir, Mr. Blapp had
>no way to know that TV was stolen; it wasn't marked or tagged; people hock their
>TV's all the time -- he's as much a victim as the homeowner it was stolen from!"
>
> Only the end-user of a single stolen credit dataset is likely to get caught,
>for a single, first-time offense, rated only as a Class C or D felony, and he's
>likely to escape any serious punishment. Besides, that's what little crooks are
>for -- to get caught and take the heat.
>
> The Mob model of organized crime, formed at the same time as Durant was
>putting together a collection of failing independent car makers into something
>he called "General Motors," is a top down model, and that model is dead. Crime
>is reforming into distributed networks which have as their salient
>characteristic the extreme resiliency of the system. When's the last time the
>ENTIRE internet "went down"? The answer is never.
>
> We are in the process of creating a world run by distributed networks. You
>can buy a refrigerator that will monitor your food purchases and re-order from
>the store when you get low on enough items, then print a reminder to tell to go
>by the store and pickup your groceries. OK, it's a pilot program, but it's
>coming, or something like it is. In five years or so, most food will have RF
>chips attached. Your food will be data.
>
> Your car is a computer, so is your toaster (true if you have the right
>brand). Eventually, every physical object or device in your life will be.
>Everything will look the same on the surface for a while, but underneath, it's
>changing in strange ways very fast.
>
> Why should crime be any different?
>
>
>Sterling K. Webb
>------------------------------------------------
>Dave Harris wrote:
>
>
>
>>..yep - ignore them - I get at least 3 a day - and eBay & Paypal do nothing
>>to stop them.
>>
>>Just forward to spoof_at_ebay.com or spoof@paypal.com
>>
>>Actually if you click on the link as if you were going to be fooled, you can
>>see the address bar change to a suspect URL, not eBay or Paypal.
>>
>>What I do then is find the owner of the URL (using a WHOIS or similar
>>lookup) and advise them yourself - then send them megabytes of crap data as
>>an attachment until they tell me to desist, then I quote them the suspect
>>URL again telling them again that they are supporting criminal activity.
>>They probably delete them, but it's fun for me.
>>I do the same with 419 scammers - I have a fast link so I can send a 6 Mb
>>file in a few secs and I do that a dozen times until their server crashes at
>>their end.....
>>
>>I have nothing better to do with my time....
>>
>>Ho hum.....
>>
>>best!
>>
>>dave
>>IMCA #0092
>>Sec.BIMS
>>www.bimsociety.org
>>______________________________________________
>>Meteorite-list mailing list
>>Meteorite-list_at_meteoritecentral.com
>>http://six.pairlist.net/mailman/listinfo/meteorite-list
>>
>>
>
>
>______________________________________________
>Meteorite-list mailing list
>Meteorite-list_at_meteoritecentral.com
>http://six.pairlist.net/mailman/listinfo/meteorite-list
>
>
>
>
Received on Sun 05 Jun 2005 04:36:12 PM PDT