419 scammers using Dilbert.com

419 scammers using Dilbert.com

Summary: Scammers too, know Dilbert.On their way to search for clean IPs through which to send out yet another scam email, 419 con-artists (Mrs Sharon Goetz Massey) have recently started  using Dilbert.


Scammers too, know Dilbert.

On their way to search for clean IPs through which to send out yet another scam email, 419 con-artists (Mrs Sharon Goetz Massey) have recently started  using Dilbert.com's recommendation feature in an attempt to bypass anti-spam filters -- and it works. The use of Dilbert.com's clean IP reputation comes a month after 419 scammers used the same tactic on NYTimes.com 'email this' feature.

Isolated incidents or an indication of a trend? 419 scammers are like spammers circa 1997, technically unsophisticated but fully capable of maintaining a fraudulent infrastructure by using legitimate services only.

Case in point - automatically registered email accounts next to compromised ones already represent the source of a close to 20% of the overall spam volume, and these levels remain steady. A logical question arises, why hasn't 419 advance-fee fraud reached the efficiency levels of phishing or spam in general, taking into consideration the fact that spam is already outsourced as a process? It's because South Africa-based scammers lack the networking skills necessary to approach international cybercrime groups which would not only manage the entire scamming process for them, but would help them improve the quality of the campaigns.

Data detailing the magnitude of advance-fee fraud varies. According to the U.S Internet Crime Complaint Center, Nigerian letter fraud represented a 5.2% of the total loss reported in their annual 2008 report, with non-delivery scams topping the chart. Internationally, the number of advance-fee fraud cases and the number of victims is higher:

In the last two years, the Electronic and Financial Crimes Commission (EFCC) of Nigeria has been putting scammers in jail. The commission has invited journalists on a successful high-profile operation to apprehend a scamming ring and has helped foil Nigerian-led groups that ran multimillion-dollar fraud schemes. In a 2007 report, the EFCC said it handled more than 18,000 advanced-fee fraud cases, a six-fold increase in just four years.

From a technical perspective, advanced-fee fraud is still in its infancy, however the results of its tactics are pretty evident in the face of the thousands of scammed people across the globe. Don't be one of them, spot the scam, take a minute and report it.

Topics: Security, Collaboration, Legal

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • You know, you'd think 419 schemes would be famous by now

    Why do people *still* fall for them? Quite aside from the cynicism factor this has been going on for years. Surely everybody's heard about it by now???
    • Well, as PT Barnum once said...

      ...there's a sucker born every minute.

      Combine an opportunity cost of near-zero and high
      potential rewards, we'll likely never be rid of
      • Well, as PT Barnum once said... (not)

        Actually, David Hannum said that in reference to one of the shows PT Barnum was promoting.
    • Greed

      Unfortunately, for many people greed often trumps common sense.
      • Victim's dishonesty

        From what I have read about most con jobs; the victim's dishonesty is the con's focus. Most people think of themselves as decent and law abiding but yet will entertain receiving a kick back for doing something to help.

        An honest person would refuse to accept a fee in exchange for their help, especially if the help is to by pass a law (fair or unfair laws. It is said that an honest man can not be cheated; Diogenes searched but could not find an honest man.
        • Think of it as Evolution in Action

          Sorry! I just had to say that, but Larry Niven was one of my favourite SF Authors in my younger days. Unfortunatelely as I get older I believe in TOIAEIA less and less. Western society seems to have evolved to protect the terminally stupid over and above the rest of society. I am afraid that I have no solution, just continuing disillusionment with human stupidity.
          • not quite the "natural selection" process

            >>>[i]Western society seems to have evolved to protect the terminally stupid over and above the rest of society.[/i]

            Unfortunately, this "terminal stupidity" is not something that nature seems to reject. It is a persistent defect.
            David A. Pimentel
    • It's the new users, not the old hacks

      The Internet has 1.661 billion users (see http://www.internetworldstats.com/emarketing.htm).
      The growth is linear with about 65 million new users per year.
      That's 65 million fresh targets per year who have never heard of any Internet scams.
      Just because you and everybody you might know has heard of it, don't generilize to the entire Internet. The Internet is a heck of a lot bigger than you think.
  • Sometimes they're nearly believable

    I'm as suspicious about these spam letters as the next
    person - to the point that that I've trashed legitimate
    email questions. But, every once in awhile, one of
    those spam mails is crafted well enough and - more
    importantly - coincidentally is coming from
    (supposedly) a company that I might actually be doing
    business with. Sometimes, on occasion, I am looking
    at a message and thinking that this time it might be
    legitimate. Then I check the embedded email link.

    I suppose I am talking more the fake security alert time
    emails, and not the 'so-and-so has died and left you a
    ginormous $ of an estate' .

    I came across an alert the other day, supposedly from
    a bank, that claimed it was a security reminder - told
    me [b] that no action [/b] was required on my behalf,
    just to be careful about clicking email links. And if I
    had any questions I should fill in the form at this link.
    And of course it was that form that was the culprit.
    Reverse psychology. Since it claimed to be coming
    from a bank I do business with, I could see how falling
    for this would be easy.

    I tried forwarding the email to my bank's security
    department, but my email provider bounces these back
    to me - since their system identifies them as spam.
  • anyone still filtering on pure IP is retarded.

    IP filtering now is simply useless and has been for several years. I might give more favor to a static ip system than a dynamic ip, but its not the sole reason i may block/junk it.

    a good spam filter looks at the entire message, where it came from, the time it came in, the time it was sent and where its going.
  • RE: 419 scammers using Dilbert.com

    I respond to NO requests. Period. No matter how formal they look. If my bank wants me, they send me a #10 envelope in the mail.
    • Bravo

      I went one further and demanded proof of identity from my bank when they called me unsolicited.
  • RE: 419 scammers using Dilbert.com

    I would think that 419 scammers are using as much technology as they need to do their deed. Their penetration through antispam measures is probably higher compared to botnet spam because there is always a human behind the creation of each message. The various contents they include and the services they abuse add many vectors to defend against.

    We have also seen these fraud messages from Dilbert.com ourselves:

    Of course, Dilbert.com is just another service they are abusing. Other services, such as Yahoo! Calendar invites, has been abused for a number of years now.

    Savio Lau - SophosLabs
  • RE: 419 scammers using Dilbert.com

    Sic Catbert on 'em! They'd better pucker their many sphincters to keep their souls from being sucked out! Bwaah!
    John N.
  • RE: 419 scammers using Dilbert.com

    This type of spam works because it gets past the usual 'trusted host' type spam checkers - that only leaves content-based spam identification, which can be further stretched by embedding the 'meat' of the email in a suitable attachment.

    Once the user's eyes scan this type of email, the usual victims (Old or Greedy or Naive or Innocent) can easily be hooked, especially the 'please for help' type solicitation.

    Scamdex.com has examples of many of these emails and plenty of contact from victims to prove that they're still working. After all, it's based on the 'Spanish Prisoner' scam, from the early 1900's ...
    • Hey!

      Less of the old! Some old people are quite astute (and I'm feeling that category approaching me disoncertingly fast and I trust NOTHING online).
  • Re: 419 scammers have a new "FACE" on Facebook

    My son's (age-31) Facebook account was hacked into. They were able to easily figure out that he was an international traveler, started contacting people on his friends list and having very REALISTIC conversations with them. the hacker would get around to a line that said he was in real trouble in London, was robbed of all but his passport and needed cash to get home when he'd quickly access his money and pay them back. They play on the emotions of the person they are "talking" to on Facebook. My sister and a friend of my son's (from Stamford!!) fell for it and sent via Western Union $860 and $680 respectively. Two other friends on my son's list , who initially were convinced it was Sean and then asked personal questions that he was unable to answer, had converstions that they saved, printed and provided to the authorities in an attempt to solve this. The FBI has been notified as well as state, local and other federal agencies. Facebook is not only aware of this but has hidden deep in their help section a link to go to if you think you or a friend has been a victim of this 419 scheme on Facebook. I am disgusted with Facebook that they are not warning people or putting an easy link on everyone's home-page if you suspect you've been hacked into. Western Union is also part of the problem as they do not have stringent enough security to make it harder for these 419 schemers to operate. 419 has a new "Face" and it's ugly! BEWARE!!! Facebook is NOT protecting you!
  • RE: 419 scammers using Dilbert.com

    Unfortunately, not all of the scams are 419 'Advance Fee Fraud'. Many of these scams involve making a purchase from a victim using a fake check, asking the victim to pay the courier out of the check funds and then the victim sends the payment to the 'fake' courier. Sounds too easy but it is that easy!
    The victim is not greedy.

    There is also the 'donations' scam. Straight forward attempt to make the victim feel guilty about the suffering in Africa (of course they have got plenty of examples). They beg the victim to send them money to rebuild their church and/or feed the starving children. Make no mistake... these scammers are artists when it comes to manipulation.
    The victim is not greedy.

    Then there is 'Sweetheart' Scammer. He will sucker the lonely victim looking for love into a world of heartache and drain their bank account.
    The victim is not greedy.

    Its not all about greed people. These scammers are cancerous polyps on the anus of humanity. They will lie, cheat, steal, brutalize or murder to get their dollar. The scammer uses the same excuse that the victim is greedy just to justify their own greed. The root cause of this problem is the scammer. We should not forget that.
  • RE: 419 scammers using Dilbert.com

    how far i wan join scamers club make o na link me. sabonetagent@yahoo.com
  • RE: 419 scammers using Dilbert.com

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>