Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Catch A Scammer/Spammer

Posted by Hemos on from the citizen's-arrest dept.

Joe 90 writes "An interesting story got posted on the Irish Linux Users group. It involves the arrest of a scammer/spammer working in an internet cafe. It even includes the attempt to eat a usb pen drive, several cops and a 10 minute struggle to subdue the man. Story is available on the Linux.ie mailing list By the way Gardai = the cops in Ireland."

3 of 382 comments (clear)

  1. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  2. Re:Just so I'm clear, here... by Steffen · · Score: 5, Informative

    Eh how about you read the mail.

    Our cafe was *BLACKLISTED* by spamcop. I checked the logs. I found his MAC address and when he came in with his laptop. I asked the staff. They described him. He came back and I caught him red handed.

  3. my W*O*R*K*I*N*G spam filtering method by pangel83 · · Score: 5, Informative

    I have bought a domain (let's say johndoe.org) from a very cheap url forwarding company (at a rate of something like $15/year). It comes with unlimited e-mail forwarding aliases, and a "catch-everything" alias (let's say notexisting@johndoe.org), that forwards any e-mail send to non-existing alias to the default e-mail address that I have defined.
    The default e-mail address (let's say secret@johndoe.org) is an alias that forwards everything to my real mailbox (let's say johndoe@aol.com). Of course, my real mailbox address, my catch-all address and the "default" address are not given to ANYBODY.

    For my communication needs, or whenever asked, I just makeup a e-mail address (jonamazon@johndoe.org for amazon so that I will remember easily what address I use on the site). Since the alias is not setup in the mailserver, when amazon tries to contact me, the e-mail will follow the following alias path:
    1) jonamazon
    2) notexisting
    3) secret (default)
    4) real mailbox

    When I see an spam message (once in two weeks!!!), I just divert the alias to point to an abuse address of a random spamhaus. The good thing, is that since I use random but descriptive addresses, I can see what websites actually harvest e-mails and sell them to spammers!!!
    It is interesting to note that at some point I received e-mail that were addressed at some ridiculus random aliases (e.g. jesus@, happykitty@ etc) of my domain (clearly not used by me). Just an indication of the use of wordlists (of course every such alias got blocked).

    I have not yet reached the levels of paranoia of giving seperate e-mail addresses to any of my friends of course :P

    Anyway, it is not as complicated as it looks, and of course way less complicated than using bayesian filters and the like. And believe me, it works :)