Slashdot Mirror


How To Catch A Scammer/Spammer

Joe 90 writes "An interesting story got posted on the Irish Linux Users group. It involves the arrest of a scammer/spammer working in an internet cafe. It even includes the attempt to eat a usb pen drive, several cops and a 10 minute struggle to subdue the man. Story is available on the Linux.ie mailing list By the way Gardai = the cops in Ireland."

12 of 382 comments (clear)

  1. Did I miss out on Ireland becoming the 51st state? by SuperMario666 · · Score: 4, Insightful

    I work for a busy Dublin Internet cafe, doing some sysadmining and general computer maintenance. On Sunday the 28th of March, I got a rather distressing email...

    ...I asked around, and a man, described as being black (or is the word African-American these days?)

    Hmmm...

  2. Re:Sounds like a Monty Python episode by kjdames · · Score: 5, Insightful
    Heh, more like "The Court Jester" circa 1956.

    "The pellet with the poison's in the flagon with the dragon; the vessel with the pestle has the brew that is true."

    --

    Typos... that's just how I role.

  3. Privacy Rights? by Monkey42 · · Score: 4, Insightful

    Where's all the posts saying how this guy's privacy rights were destroyed/taken/bushed by the sysadmin?

    This is /. we are supposed to ignore the fact he's in public and using someone else's internet.

    1. Re:Privacy Rights? by monstroyer · · Score: 4, Insightful

      Had the person been concerned with privacy, the guy should have used PGP/GPG. Since he was more concerned with exploiting an internet cafe for purposes of sending unsolicited and unencrypted mail to potential victims, fuck him.

  4. Neat :) but... by MacAndrew · · Score: 5, Insightful

    i'm trying to picture a revived miami vice, focused on computer crimes. imagine the possibilities. ok, there aren't many...

    congrats to the irish police for taking the offense so seriously. but is anyway here wary of the snooping involved? yes the sysadmin had every right to monitor traffic, but in what depth and for what purpose? for example, there's talk here of trying to fish out the suspect's email password and so on -- at police request. wouldn't it would feel a bit different in the police, without warrant, were to do the same themselves -- imagine worst case of them bugging all internet cafes to examine generic traffic without individualized suspicion. it's bad enough they want to see what we do at the library....

    practically speaking, i would imagine the government generally lacks the resources to parse large amounts of computer data. but just wait until it can be done by computers hunting for suspicious transactions, much as the credit card companies do now to catch fraud. the capability is there.

    i'm not sure where the legal stuff comes out here, this is not US law, but wonder about future possibilities. it is debatable what expectation of privacy you have in an internet cafe -- are keyloggers ok? is decrypting information different from reading plain text? must the user be warned? as an analogy, consider that when the federal exclusionary rule was first judicially established, it did not apply to states and the "silver platter doctrine" emerged whereby state investigators would get what the feds wanted and hand it over clean of any search and seizure problem. obviously this is a charade.

    someone who acts at the behest of the government -- an agent -- pretty much *is* the government, and i wonder if this interpretation colors the reaction of anyone here on privacy -- normally /.'rs are pretty, um, passionate on privacy and gov't intrusion, even if this IS an (alleged!) spammer who by definition is not humanoid. :)

    1. Re:Neat :) but... by OmniGeek · · Score: 5, Insightful

      Well, the following considerations have a strong impact on my view of the privacy issues:

      1) Scammer was using a public Internet cafe. For that matter, he was using the Internet, and don't we all understand that anything going out over the 'Net unencrypted can be considered seen by many eyes? There's no reasonable expectation of privacy in this situation. I certainly don't expect more privacy at an Internet cafe than I can get from using SSL on a machine I control; SMTP traffic is effectively public.

      2) Scammer was caught in flagrante delicto, turned in by the sysadmin on the basis of unsolicited information from a public source. This is far, far from the situation where Ashcroft tracks my every 'Net transaction in the absence of probable cause. (And the police in this case VERY likely have probable cause to get a warrant to search the perp's computer and crack his codes.)

      Even if this weren't a spam case, (say, a kidnapping or extortion rap instead), I don't see a fundamental issue of concern in the specific circumstances involved. I worry much more about snooping in the absence of clear evidence of a crime (yes, Mr. Ashcroft, I mean YOU).

      --

      "My strength is as the strength of ten men, for I am wired to the eyeballs on espresso."
  5. Re:whitelists rock by Anonymous Coward · · Score: 5, Insightful

    Sorry, that doesn't solve the whole spam problem. Your mail server is still getting hammered by spam, it's just that you aren't seeing it. You are still paying for, directly or indirectly, the bandwidth that is being gobbled up by all the unwanted email that is sent to you.

  6. Re:whitelists rock by Anonymous Coward · · Score: 5, Insightful

    And it also means that I can't email you, since I don't know your password, and the only way I could get your password is by asking you, and the only way I could ask you - since I don't have your address or phone number - is by emailing you.

    Doubtless that doesn't bother you, as you probably aren't interested in getting email from me. I, on the other hand, do frequently receive personal email from strangers. Your "solution" is worthless to me.

  7. Re:whitelists rock by Anonymous Coward · · Score: 5, Insightful

    Except that now, anyone who cares to do a simple whois lookup on the domain ww.com will quickly find himself in the posession of your name, address, and phone number, in addition to your e-mail.

    Not that anyone will call. But still, maybe you'd better think about that?

  8. Re:Spam vs Crackers by Graff · · Score: 4, Insightful
    Ugh please don't eat that crap. It's all fun and games until somebody gets mad cow from ground up whetever-the-hell is in that stuff.

    Given that Spam is spiced ham I doubt that anyone is going to get Mad Cow Disease from it...
  9. Re:Just so I'm clear, here... by bfree · · Score: 4, Insightful

    No, a sysadmin has his IP balcklisted because of spam, discovers it was sent from a laptop and when. Then he finds out that there was someone in with a laptop at the right time and they had visitors while they were there (which is not rare or suspicious of itself in a net cafe, but it attracts attention and can look suspicious depending on what they are doing). The guys description was male, black, 30 and a half london, half african accent. The sysadmin had the MAC address of the laptop and asked the staff to watch out for the same man. When the same guy appeared the sysadmin raced in and after the guy had waited to get a particularly private booth the sysadmin saw the mac address appear and hence had his confirmation. But the police wanted someone caught in the act of doing something illegal so he had to keep watching until the spam went again. Not quite as you described it eh?

    --

    Never underestimate the dark side of the Source

  10. "we can hardly block outbound smtp" by TBone · · Score: 5, Insightful

    Why not?

    You're a cyber cafe, not a shop that's set up with local accounts. Mail should be of one of two types:

    • Webmail/remotemail/etc, in which case, the mail actually doesn't get sent from your servers, it goes through the webforms/ssh/whatever to be sent from the remote server
    • Mail from actual local accounts for the Cafe's staff. This mail should be filtered to your mail server, and should only be forwarding mail from those accounts. Setting this up is fairly trivial with the many AUTH-before-SMTP methods out there.

    Either way, your proxy server should have a default DENY outbound port 25 EXCEPT from your mailserver, which itse'f is handling the authentication for the few accounts that really are allows to send mail.

    --

    This space for rent. Call 1-800-STEAK4U