WebApp Sec mailing list archives
RE: Web Scams
From: "Jerry Dixon" <jwdixonjr () hotmail com>
Date: Sun, 29 Aug 2004 09:22:53 -0400
Actually if you have over 5,000 counts that you can demonstrate that you've recieved via email (the spam piece) and also demonstrate that your users sent financial data or responded to these scams (look or conduct analysis on your outbound logs) then you will most likely be able to get a faster response. These are common counts and questions that a AUSA will ask the LE in order to determine if they'll move forward on it. Also identify those users who fell victim as they can file a report with the locals since they were financially impacted or released their information due to being social engineered.
There are usually task forces and state computer crime teams that can assit depending on where you are located. You can send me an email directly and I'll try to get you the information as a point of reference for you. I will also point out that local LE is getting involved with this emerging field of computer crime hence a lot of them getting involved with computer crime task forces which conducts training for them
Jerry
> -----Original Message----- > From: shawn [mailto:pakkit () codepiranha org] > Sent: Thursday, August 26, 2004 6:27 AM > To: Lawrence, Michael > Cc: webappsec () securityfocus com > Subject: Re: Web Scams > > I can virtually guarantee you that reporting it to any > "authorities" is useless. They aren't going to look at it at > all. There has been no damage and most likely they have no > expertise or jurisdiction and, frankly, have more important > things to do. > > You are probably better off looking at the headers of the > email message, getting the original IP and then finding out > what company owns that IP from ARIN. Then send the email > along with the full headers to the abuse or security contact > for that company. If you're lucky, they will track down who > sent the original email and suspend his account. Regardless > of what they do, you also will probably not hear back from them. > > Wish I had better news for you... > I would forward the message, with full headers, to the organization being spoofed. Usually there is an email listed for this, but some combination of abuse@spoofed.company, fraud@spoofed.company, spoof@spoofed.company usually works if you're lazy. Best Buy - bestbuysecurityinfo () postfuture com EarthLink - fraud () corp earthlink net eBay - spam () ebay com PayPal - spoof () paypal com The IFCC (Internet Fraud Complaint Center) is another resource, http://www1.ifccfbi.gov/
Current thread:
- Re: Web Scams, (continued)
- Re: Web Scams shawn (Aug 26)
- Re: Web Scams Louis Baumann (Aug 26)
- Re: Web Scams Edward Miller (Aug 26)
- Re: Web Scams Robert Hajime Lanning (Aug 26)
- Re: Web Scams Don Voss (Aug 29)
- RE: Web Scams Matt Fisher (Aug 26)
- RE: Web Scams Brown, James F. (Aug 26)
- RE: Web Scams Gite, Ashish (Security Consultancy) (Aug 26)
- Re: Web Scams Ronald Smith (Aug 26)
- RE: Web Scams Gilmore, Corey (DPC) (Aug 27)
- RE: Web Scams Jerry Dixon (Aug 29)
- Hacker Highschool Pete Herzog (Aug 30)