My inboxes seem to be magnets for new viruses, 419 scams, stock spam with images or .pdfs and occasional phishing attempts for banks I don’t even belong to. I seem to get all the dumb ones; or at least, only the dumb ones get through my regularly updated Bayesian-trained SpamAssassin setup to my main inbox folders.

The lotto scam is of course a variant of the traditional 419: the main difference is that people who get taken in should be treated a bit more sympathetically (but only a bit more) than those who get done by the standard 419 as they don’t think they’re doing anything illegal. This one ticks all the moron boxes, however.

It was sent from another hacked/dodgy American Linux webserver, which means I think it’s from the same or a related gang to the one that sent the phishing scam I mentioned a few days ago. The domain name resolves to “host4seo.com”, which appears to be a spam nest. Looking at the webserver mentioned, it’s a default Apache with cpanel.

FROM: THE LOTTERY DIRECTORINTERNATIONAL PRIZE AWARD DEPT NL.21 NIN NAMARAL SRAATWEG 5009 GL.
GL.GTI 1815GA AMSTERDAM,
Amsterdam,Netherlans.

Hmm, “Netherlans”. That sure sounds legitimate.

PRIZE AWARD DEPT. REF No: 9590 ES 9414BATCH No: 573881545-NL/2007TICKET No:PP 3502 /8707-01
SERIAL No: 05908 LUCKY No: 9-43-97

[FOR CATEGORY "A" WINNER ONLY]

See the random numbers! SEE THEM! They mean.. Uh. What do they mean?

ATTN: LOTTERY WINNER.We wish to congratulate you over your email success in our computer balloting sweepstake held in Netherlands.

At least they can spell it right this time.

This is a millennium scientific computer game in which email addresses were used.

A “millennium scientific computer game”. Whew, I feel reassured already.

What are 419 scammers actually on in order to think that people will be taken in by this crap? You’d surely have to be thicker than the spammers themselves to fall for that one.

It is a promotional program aimed at encouraging internet users,therefore you do not need to buy ticket to enter for it. You have been approved for the star prize of $1,500,000.00 (One Million,Five Hundred Thousand Dollars) To claim your winning prize you are to contact the appointed agent as soon as possible for the immediate release of your winnings, with your Full Names, Contact Telephone Numbers (Home, Office and Mobile Number and also Fax Number)and also with your winning informations via email to process the immediate payment of your prize.The Validity period of the winnings is for 7 working days hence you are expected to make your claims immediately, any claim not made before this date will be returned to the MINISTERIO DE ECONOMIA Y HACIENDA.

I assume seven days is the usual length of time it takes Netcollection to cancel email accounts for sub-moronic Dutch 419ers.

I like the fact that this has obviously been edited from a version of the lotto scam relating to the Spanish lottery (notoriously big, hence the original target of the lotto-scam 419 variant) and they’ve forgotten to correct the name of the ministry. Very “professional” work from these losers.

Contact Person
Mr.Leonaert Bramer
Fax: +31-847-368-137
Tel: +31-614-797-465
Email: mail@adminclaimsdeptnl.netcollection.co.uk

Incredibly, these numbers are actually in the Netherlands (although the email is with a UK ISP who should hopefully cancel the bastards). The fax number has been around for months, the telephone number only shows a Google hit on 419eater.

Of course, sending hundreds of large pages of alternating dark greys interspersed with a decent greyscale representation of a certain notorious goat-related shock site image to the fax number via, say, tpc.int and a disposable webmail account in order to clog up their fax machine and stop them receiving messages from victims would somehow be very very wrong. Christ knows why, of course, these are Bad Guys and they need to be taken down, but because I know that vigilantism doesn’t actually work I won’t descend to their level.

(Besides, it’s probably a computer anyway, and the phone is probably voicemail.)

Which of course means letting them get away with scamming people until someone with authority actually does something other than cut off their email dropbox. It’s a great ethical dilemma which exists with regard to scambaiting and scambusting: the law is currently completely ineffective at punishing people like these, whether it’s 419ers, eBay scammers, fake “I’m from the water board” guys doorstepping OAPs, or to be honest most other white collar offences.  The laws are on the books already, there just isn’t the enforcement power. Jail isn’t generally even offered to these people, and the fines given are miniscule – especially for big companies scamming, who can get away with murder (amount earned by ITV scamming X Factor red button voters out of 15p a vote, £250,000; Ofcom fine, nilch – amount earned by the BBC from the Blue Peter screwup, nilch; Ofcom fine £50,000. Should have been the other way round, I think.)

These people must do a tremendous amount of damage. 419ers wreck lives. They’re just like bogus callers; in the case of the lotto scams, there was recently a local news story in my area about a pensioner who got done by a lotto scam, just like this one but handled entirely over the phone. I want to wreck their life for once. Why the hell can’t the Dutch do anything? The Netherlands have been 419 central for years. I simply cannot believe that these aren’t the same people.

Part of the problem why nobody does anything about scammers is local corruption, of course, which works in Nigeria where the kind of money brought in by 419 scamming can shut up even the highest up of prosecutors, but not nearly as much here or in the Netherlands. The main problem is tying them down, and this requires work – worse, the kind of work that is in a very grey legal area, that is sending the scammer an affirmative to see whether he’ll come out in the open. There’s so much 419 spam and so few legal investigators that only a token effort can ever be made, and as a result people will continue to be conned by them.

All we can do without becoming like them is to keep deconstructing their schemes, putting them out in the open,  and occasionally lead them along entertaining garden paths. The more the average person knows about scam-spotting, the less likely they are to be taken in; what is needed is a heavy bout of publicity, which we could have if Panorama or Tonight with Trevor McDonald go back to their consumer protection roots instead of just making up scare stories about Wi-Fi. Hopefully, with a bit of luck, the 419ers, spammers and all the other scumbags who scam over the net will find their mark supply dried up with no possible replacement. That will be a joyous day. In the meantime, we just have to keep working at it.

X-Spam-Status: No, score=4.6 required=5.0 tests=BAYES_40,HTML_50_60, HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,REPLY_TO_EMPTY autolearn=no version=3.1.7
Subject: Ensure The Integriety Of Your Online Banking
From: Royal Bank Of Scotland <digitalbanking@rbs.co.uk>
Banking Online with Bank Of Scotland is about to become even more secure!As a valued Bank Of Scotland and Halifax Bank customer, the security of your identity and personal account information is extremely important. We are installing Enhance Online Security as an additional way of protecting your Bank Of Scotland online access.

Yes – a Bank of Scotland phishing email that claims to be sent by RBS. I got one from obviously the same gang with an HSBC “from” line and NatWest graphics. I love phishers that make spelling errors – it should hopefully mean that they don’t get that many marks.

Sent from an obviously hacked freenix box (“ftp” user on a web server) in South Africa. Phishing site on another similar hacked box in Argentina. Can people just upgrade their systems already?