Tuesday, February 24 2004

Scam spam

Not only did I finally get one of the “you use illegal file sharing” extortion scam spams, it actually slipped past OS X Mail’s filters. Just the once, of course, now that I’ve told the system about it.

I’d love to know where they came up with the phony IP address they claim I’ve been using, though. I suspect it’s just boilerplate, since even if I were using a file sharing app, there’s no way they could associate it with that email address. Unless they (gasp!) really did manage to confiscate the contents of my computer. Tee hee.

Of course, there’s also a trojan attachment for infecting Windows boxes, which pretty neatly undercuts any claim that they ever got anywhere near the contents of my Macintosh…

Best part: the use of a phony Italian email address (from a machine that really is in Italy) while claiming to be associated with the FBI’s Department for “Illegal Internet Downloads”. They even supply a phone number.

Worst part: according to multiple news reports, there are quite a few people who are dumb enough (or, to be charitable, “sufficiently unsophisticated about the Internet and con artists”) to fall for this cheesy scam, and the associated “we found illegal porn on your computer” version.

From WI@genie.it Tue Feb 24 10:25:01 2004
Return-Path: 
Received: (qmail 55148 invoked by uid 26688); 24 Feb 2004 10:59:33 -0000
Received: from unknown (HELO OEMCOMPUTER.it) ([151.25.177.135]) (envelope-sender )
          by 128.121.104.64 (qmail-ldap-1.03) with SMTP
          for <____@jgreely.com>; 24 Feb 2004 10:59:33 -0000
From: WI@genie.it
To: ____@jgreely.com
Subject: You use illegal File Sharing ...

Ladies and Gentlemen, Downloading of Movies, MP3s and Software is illegal and punishable by law.
We hereby inform you that your computer was scanned under the IP 224.33.49.8 . The contents of your computer were confiscated as an evidence, and you will be indicated. In the next days, you'll get the charge in writing. In the Reference code: #46645, are all files, that we found on your computer.
The sender address of this mail was masked, to fend off mail bombs.
- You get more detailed information by the Federal Bureau of Investigation -FBI- - Department for "Illegal Internet Downloads", Room 7350 - 935 Pennsylvania Avenue - Washington, DC 20535, USA - (202) 324-3000