Category: Scumbags

Much worse than idiots – people who know what they’re doing is bad, but don’t care.

Guess who’s partly responsible for the child benefit cockup?

~ Inquisitor ~ 1 Comment

EDS, that’s who: who would charge the child benefit people £5000 for a SQL job of the sort that would take a couple of minutes, thus resulting in a civil servant using an old dump with all the data intact, burning it to CDs and then unfortunately ending up with another stupid outsourcing partner (that is, TNT) losing them. Oh, what a surprise. It’s not like EDS haven’t ripped any British government agencies off before… (They even have occasional problems doing corporate IT outsourcing properly.) This failure is exactly the reason why no government IT services should be outsourced under any circumstances: good practice is swamped under charges and contracts.

Unity at Ministry of Truth has the best analysis of the details of the emails so far. Also, b3ta have by far the funniest comment on the issue. Probably more to come.

The rumour mill: Nintendo may not be your friend

~ Inquisitor

This might not be true and I have no way of checking since I don’t need a Wii, but apparently Amazon France and Germany have stopped selling said consoles to the UK (but will allow shipping of other consoles, even the PS3). The source is the Wii thread on the DVD Forums. Since there aren’t any Wiis in the UK but there are in France and Germany, and since we’re meant to have a single market, can one see the problem with this?

Obviously if it’s not true and just Amazon deciding not to sell electronics beyond their local store then this won’t be a problem, but if Nintendo has threatened Amazon into stopping shipping then they’re just as bad as SCEE (who of course threatened Lik-Sang out of business, amongst other things, for selling PSPs at a fair price.) Worrying.

Harassment kills a fantastic blogger

~ Inquisitor

Read this.

I genuinely fear for her safety at the hands of this person (I will refrain from calling someone who picks on children ‘a man’). Three days running he has posted blog entries about her, two of which assume her identity and one of which is attempting to gain money in her name. I do not know where he would stop. Therefore the only way to make her safe is to remove us from his presence.

Get angry.

Left Brain/Right Brain was one of the best autism blogs on the net, unafraid to bash those who credulously exploit autistic spectrum disorders to sell quack cures or promote vaccination scares. Fore Sam/John Best, on the other hand, is an absolute asshole. Losing LB/RB is a loss for everyone and it will be missed.

Giving with one hand, taking with another

~ Inquisitor

Sony have cut the price of the PS3 in the UK to something a little more reasonable, months after they did so in the States. Previous to this price cut, the £425 60GB PS3, which excluding VAT (the right way to compare these things) is £361.70, was the only model in the UK. In the US, this model is $499, which when converted to pounds is £244.65 – so an entire £115 (a little over $230) was going directly into Sony’s pockets as a stupidity tax on Brits. Now the 60GB is £349, £297.02 excluding VAT, meaning the ripoff is now only £50.

Never give Sony an even break however – they’ve also introduced the 40GB cut-down PS3 we’ve been hearing about, for £299 (removing VAT and converting, $520), but it’s a serious ripoff – they’ve reduced the number of USB ports, removed the SD card etc. slots and even worse than that, they’ve removed PS1/PS2 backwards compatibility.

Which was in software anyway so doesn’t cost them anything to include whatsoever. And of course this crocked model is going to be the only PS3 in Europe in the future. Always give it to Sony to mess things up big time – the US’s only PS3 in the future will be a $600 80GB model with the same backwards compatibility and sockets as the original Euromodel.

And there still aren’t any games. If you want a console, buy a 360 and/or a Wii. If you want to play PS2 games, buy a PS2 – you can buy it very cheaply. If you want a Blu-Ray player, buy a Blu-Ray player. Do not buy the PS3; if you must, buy the 60GB, but it only encourages them.

Another “clever” 419 in my mailbox

~ Inquisitor ~ 9 Comments

This one is new to me – it’s all done in Jesus’ name! So of course I had to do another deconstruction.

Dear in Christ,

Well, I’m not “in Christ”, so there’s a hit right away. Hell, I even link to Pharyngula on my linkbar. Obviously has just bought a mailing list from one of the other scumbags in the area.

Calvary greetings in the name of our Lord Jesus Christ. I am Deacon George Useh, a member of Day Spring Ministry, basically a Prayer and deliverance Ministry.During a Prayer and fasting session in my Ministry, I asked our Lord Jesus Christ to give me the opportunity to redeem my life and purify what remains of my wealth, God delivery revealed to me to Invest in His Kingdom through you and your
 Ministry.

Jesus told me to, uh, “Invest in His Kingdom” by scamming the unbelievers out of their savings! Wow, how cynical.

As the bible says\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"Go to the world,preach the gospel,spread his words,heal the sick............\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"

…and scam all the mugus? Oh, not there in my copy, but maybe Nigeria’s translation is different. I have no idea.

I got your email when i was lead by the spirit to be in search of the man of god on Christan search on the Internet.Like i have told you earlier in my last email that the lord minister to me to give to charity.

Well, except for the inconvenient fact that I’m somewhat lacking in religon and I’ve never seen any email from this known 419er before…

The first link on Google for the name, by the way, is a police blotter in Chatanooga which features someone who’d received fake money orders from the exact same scammer earlier this year – this particular variant has been operating for a while. You’d have thought a spammer would make sure that he was using names that couldn’t be zeroed out by a run on Google, but there you go.

I am not interested in the Earthly commissions as my rewards is from the Heaven above.I and my institution are blessed to help the needy and not after the rewards of the world as the bible says if not the lord that buideth the house the laborer labour but in vain...........

…and then the labourer sent out a mass spam campaign to a bought-in list of email addresses and rolled in it for a few years.

Nice spelling issue there – “laborer labour”. It does look like there’s more than one hand in this letter from the fluctuations in spelling and capitalisation, one American English speaker and one UK English speaker at least.

I will like to donate to you/ministry and i will like to donate through a money order of 6,500 dollars for him to cash.Better still,i have some other charities which i wants to donate funds to and i will wants oncashing the cheque to help me donate some part of the money to the other charities or needies as well.

And now we get the money order element of the scam. $6500 seems awfully small for a scammer to use, but it would be big money in Lagos.

I am giving you 2,000 dollars out of the money and i wants you on cashing the cheque to help me donate the remaining 4,500 dollars to some other charities or needies whose in formations i will give you when the cheque is cashed in the cash stores.I will want you to furnish me with the following in formations below:
(1)Name which you wants the check to be addressed
(2)Address where you wants me to send the cheque to(NOT P.O BOXES)
(3)Your Mobile telephone number for prompt communication.

Wow, nice way to have enough information to steal someone’s identity. This scam could be extremely lethal:

  • “I want your bank account number for security” or
  • “Can you send me a photocopy of something with your address on it so I can verify?”
  • Hence, identity theft for credit card applications/loans/bank accounts/passport applications/so on and so forth

But because the scammers are thick, this is probably just a cheque cashing scam (and notice this uses both British and US spellings in different parts of the email again). You cash the cheque, the scammers receive $4500 in the post and then the local cheque cashing place calls up demanding all their money back when it comes through as fraudulent.

That NOT PO BOXES thing is probably to catch out scambaiters, but I’m not entirely sure on that one. Maybe there is an ID theft element here of some sort, but I can’t be certain.

The ending is quite something:

As soon as i received this informations,i will go ahead to send you the check.After the successful completion of this first phase of the lords works with you then i can go ahead to send you another cheque and hence the continuous works of the lord.

I Am Yours In Christ,
Deacon George Useh
E-MAIL: Gospelpromoters001@yahoomail.fr

Look! A promise for more! And a disposable Yahoo France email address! Look at the confidence engendered by this guy.

And the ‘Lord’ has “continuous works”! Well, this scammer certainly does, that’s for sure. At the very least, however, we can be assured that if the Christian God, or for that matter a Jewish or Muslim God really does exist he’s going to hell – that’s at least four commandments right there (the third and eight through ten), and you could push for six (one and two, because as a 419er and as a scammer he obviously idolises Mammon.) I think nothingness is probably better, but who’s to say?

World’s dumbest scammers #2, and a rant

~ Inquisitor ~ 1 Comment

My inboxes seem to be magnets for new viruses, 419 scams, stock spam with images or .pdfs and occasional phishing attempts for banks I don’t even belong to. I seem to get all the dumb ones; or at least, only the dumb ones get through my regularly updated Bayesian-trained SpamAssassin setup to my main inbox folders.

The lotto scam is of course a variant of the traditional 419: the main difference is that people who get taken in should be treated a bit more sympathetically (but only a bit more) than those who get done by the standard 419 as they don’t think they’re doing anything illegal. This one ticks all the moron boxes, however.

It was sent from another hacked/dodgy American Linux webserver, which means I think it’s from the same or a related gang to the one that sent the phishing scam I mentioned a few days ago. The domain name resolves to “host4seo.com”, which appears to be a spam nest. Looking at the webserver mentioned, it’s a default Apache with cpanel.

FROM: THE LOTTERY DIRECTORINTERNATIONAL PRIZE AWARD DEPT NL.21 NIN NAMARAL SRAATWEG 5009 GL.
GL.GTI 1815GA AMSTERDAM,
Amsterdam,Netherlans.

Hmm, “Netherlans”. That sure sounds legitimate.

PRIZE AWARD DEPT. REF No: 9590 ES 9414BATCH No: 573881545-NL/2007TICKET No:PP 3502 /8707-01
SERIAL No: 05908 LUCKY No: 9-43-97
[FOR CATEGORY "A" WINNER ONLY]

See the random numbers! SEE THEM! They mean.. Uh. What do they mean?

ATTN: LOTTERY WINNER.We wish to congratulate you over your email success in our computer balloting sweepstake held in Netherlands.

At least they can spell it right this time.

This is a millennium scientific computer game in which email addresses were used.

A “millennium scientific computer game”. Whew, I feel reassured already.

What are 419 scammers actually on in order to think that people will be taken in by this crap? You’d surely have to be thicker than the spammers themselves to fall for that one.

It is a promotional program aimed at encouraging internet users,therefore you do not need to buy ticket to enter for it. You have been approved for the star prize of $1,500,000.00 (One Million,Five Hundred Thousand Dollars) To claim your winning prize you are to contact the appointed agent as soon as possible for the immediate release of your winnings, with your Full Names, Contact Telephone Numbers (Home, Office and Mobile Number and also Fax Number)and also with your winning informations via email to process the immediate payment of your prize.The Validity period of the winnings is for 7 working days hence you are expected to make your claims immediately, any claim not made before this date will be returned to the MINISTERIO DE ECONOMIA Y HACIENDA.

I assume seven days is the usual length of time it takes Netcollection to cancel email accounts for sub-moronic Dutch 419ers.

I like the fact that this has obviously been edited from a version of the lotto scam relating to the Spanish lottery (notoriously big, hence the original target of the lotto-scam 419 variant) and they’ve forgotten to correct the name of the ministry. Very “professional” work from these losers.

Contact Person
Mr.Leonaert Bramer
Fax: +31-847-368-137
Tel: +31-614-797-465
Email: mail@adminclaimsdeptnl.netcollection.co.uk

Incredibly, these numbers are actually in the Netherlands (although the email is with a UK ISP who should hopefully cancel the bastards). The fax number has been around for months, the telephone number only shows a Google hit on 419eater.

Of course, sending hundreds of large pages of alternating dark greys interspersed with a decent greyscale representation of a certain notorious goat-related shock site image to the fax number via, say, tpc.int and a disposable webmail account in order to clog up their fax machine and stop them receiving messages from victims would somehow be very very wrong. Christ knows why, of course, these are Bad Guys and they need to be taken down, but because I know that vigilantism doesn’t actually work I won’t descend to their level.

(Besides, it’s probably a computer anyway, and the phone is probably voicemail.)

Which of course means letting them get away with scamming people until someone with authority actually does something other than cut off their email dropbox. It’s a great ethical dilemma which exists with regard to scambaiting and scambusting: the law is currently completely ineffective at punishing people like these, whether it’s 419ers, eBay scammers, fake “I’m from the water board” guys doorstepping OAPs, or to be honest most other white collar offences.  The laws are on the books already, there just isn’t the enforcement power. Jail isn’t generally even offered to these people, and the fines given are miniscule – especially for big companies scamming, who can get away with murder (amount earned by ITV scamming X Factor red button voters out of 15p a vote, £250,000; Ofcom fine, nilch – amount earned by the BBC from the Blue Peter screwup, nilch; Ofcom fine £50,000. Should have been the other way round, I think.)

These people must do a tremendous amount of damage. 419ers wreck lives. They’re just like bogus callers; in the case of the lotto scams, there was recently a local news story in my area about a pensioner who got done by a lotto scam, just like this one but handled entirely over the phone. I want to wreck their life for once. Why the hell can’t the Dutch do anything? The Netherlands have been 419 central for years. I simply cannot believe that these aren’t the same people.

Part of the problem why nobody does anything about scammers is local corruption, of course, which works in Nigeria where the kind of money brought in by 419 scamming can shut up even the highest up of prosecutors, but not nearly as much here or in the Netherlands. The main problem is tying them down, and this requires work – worse, the kind of work that is in a very grey legal area, that is sending the scammer an affirmative to see whether he’ll come out in the open. There’s so much 419 spam and so few legal investigators that only a token effort can ever be made, and as a result people will continue to be conned by them.

All we can do without becoming like them is to keep deconstructing their schemes, putting them out in the open,  and occasionally lead them along entertaining garden paths. The more the average person knows about scam-spotting, the less likely they are to be taken in; what is needed is a heavy bout of publicity, which we could have if Panorama or Tonight with Trevor McDonald go back to their consumer protection roots instead of just making up scare stories about Wi-Fi. Hopefully, with a bit of luck, the 419ers, spammers and all the other scumbags who scam over the net will find their mark supply dried up with no possible replacement. That will be a joyous day. In the meantime, we just have to keep working at it.

World’s dumbest phishers

~ Inquisitor

X-Spam-Status: No, score=4.6 required=5.0 tests=BAYES_40,HTML_50_60, HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,REPLY_TO_EMPTY autolearn=no version=3.1.7
Subject: Ensure The Integriety Of Your Online Banking
From: Royal Bank Of Scotland <digitalbanking@rbs.co.uk>
Banking Online with Bank Of Scotland is about to become even more secure!As a valued Bank Of Scotland and Halifax Bank customer, the security of your identity and personal account information is extremely important. We are installing Enhance Online Security as an additional way of protecting your Bank Of Scotland online access.

Yes – a Bank of Scotland phishing email that claims to be sent by RBS. I got one from obviously the same gang with an HSBC “from” line and NatWest graphics. I love phishers that make spelling errors – it should hopefully mean that they don’t get that many marks.

Sent from an obviously hacked freenix box (“ftp” user on a web server) in South Africa. Phishing site on another similar hacked box in Argentina. Can people just upgrade their systems already?

A spectacular own goal

~ Inquisitor ~ 2 Comments

I’ve just received an email from Virgin Media:

Hello,

From 1st July, our broadband helpline number is changing and from then on it’ll cost 25p per minute to call from a Virgin home phone, plus 10p to connect. Mobiles and other networks may vary. The new number is 0906 212 1111.

That’s “0906” as in “scam”.

Access to technical support, at least on the ex-Telewest side, has always been

  • 0845 local rate for those with a BT line
  • free (through 150) for those with a Telewest line

After July 1, this is no longer the case – customer services on 150 will give you the 0906 number if you have any trouble with your line (or, as has been the case with all my dealings with ex-Telewest tech support, they have a problem they refuse to recognise and/or their equipment has become faulty.) With the standard “reboot your modem, reboot your computer, repeat that the connect light on the modem is not on numerous times to the minimum-wage checklist operative on the other end until they finally get that the modem isn’t getting a signal from the UBR and it’s not your computer” routine that VM’s call centre staff follow, at 25p/min they’ll probably earn about £5 a call. Hopefully the broadband support USENET groups will continue to exist, and they’re certainly better than any of VM’s call centre staff, but with the cost-cutting they’ve been doing I’m not so sure.

Last I remember, not even the ex-NTL people got screwed with a premium rate support number. At least putting people on hold is banned under the premium rate regulations, but having your only recourse for support being an 0906 number is unacceptable under any circumstances – it is anti-consumer, it is an added cost on top of the already overpriced £25/month I am paying for 4Mbit/384K, it is an imbecilic idea thought up by someone who wants to make even more money out of people with real problems instead of caring about fixing them. Telewest already had a line (at a staggering £1/min) for people with spyware problems and other issues not covered by the broadband support service, so the explanation in the FAQ about cost saving does not hold water.

All this is going to do is annoy long-serving customers like me. I’ve already been annoyed quite a bit by VM in recent months; the swapping out of the only good music channel at TV L for MTV and VH1, the major speed issue I and everyone else in my region of Edinburgh suffered between January and April, the small-print switch from per-second to per-minute call billing, the special deals given to those who whine about the loss of Sky One on the cancellations line, the fact that VM only accept email support through a webform that cuts off after a tiny number of characters, and the fact that they still haven’t admitted anything about the speed limiter (which I actually agree with to an extent) to customers in email. At least they sent out a message warning of this.

VM have to be very careful – the local-loop unbundled providers are setting up in cable areas for a reason, because unless VM stop thinking like the penny-pinching NTL of old and start acting the way Richard Branson obviously wants them to instead of just throwing red paint over the infrastructure they stand a real danger of a customer exodus to BT, Freeview or Sky and ADSL2+ LLU. I’m already sizing up the cost of getting an aerial fitted.

I have been a Telewest customer since August 2003. I’ve had the same package all the time, and been very satisfied with it. I never had any serious problems with the service until after the NTL takeover. Now, with this change in the customer support system, they are simply being outclassed by their competition: Sky have 0870 support. Be Unlimited are freephone (0808) and, right now, very technically proficient. They are the competition here. I have a moral objection to Murdoch and Sky, but none to O2 (owners of Be). I even have a BT master box in my flat just ready to re-enable.

The change in the support structure says, quite simply, both that they think we’re all stupid and that the company is desperate for money: this is not a company that I wish to be paying £45/month to. A sad end for what for a long time was the best broadband provider anywhere in the country, is forthcoming I feel unless Richard Branson can force the banks that really own the company to get their act together. I’m not sure that even he can manage that, unfortunately, so it might soon be goodbye.

Persistent spam campaign on WP.com right now

~ Inquisitor

One of my XBMC posts is continually being hit by someone posting identical spam messages: the text of the post consists entirely of

<a></a>

i.e. a blank anchor. Akismet doesn’t detect this and WordPress’ blank post filter obviously doesn’t hit it, so for a time these posts were getting through to actual comments page. This is basically designed to have their name hyperlink to one of a series of semi-randomly named .biz domains which, incredibly, don’t have DNS right now. Each message is being posted by a different IP from various consumer DSL IPs around the world, so almost certainly a botnet; I am getting an identical post once every two-three hours. I’ve heard that this is how a lot of scumware purveyors work right now – send out the spam, appears blank to start with, and then have the domains pointing at various botnet servers triggering the conversion of more machines into botnet servers.

I have added this blank anchor tag into my moderation list, but can’t bring myself to put it into the automatic blackhole list (because it is a genuine mistake people can make), so it’s merely downgraded from visible to you to just an annoyance for me. I would recommend other wordpress.com bloggers do the same until Akismet fix it.