Artists Against 419 Takes On Scammers

419scammers writes "Hello, The following site is an anti scammers 419 site (plus associated scams) which has started to receive a great deal of publicity in a number of countries national publications. Their fifth international flash mob has now started. Have a look at the monthly flash mob link. Enjoy." An anonymous reader adds "More than 50 identified websites of the Nigeria-Connection are being targeted and the first ones has been already disabled. It was a very bad idea to copy the website of an innocent lawfirm..."

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Joke's on who?

"Q: Why are there so many broken images on your site? A: That's not a bug! It's a feature! If you can see any picture it means that a website of a 419 criminal is still not down. But they have to pay a price for it! Actualy our aim is to present only broken images at our web site." So to answer your question, by slashdotting the site, we are helping take down the 419 sites.

Re:Joke's on who?

[nacturation]

It's a great idea. While the artists against 419 scammers have to serve up the HTML, they've hijacked the images, eg:

<img src="http://www.some-419-scam-site.ng/logo.jpg"&gt ;

So maybe a 1 KB of HTML vs. usually 10 to 20 KB of images, and that's for each image. You could easily add a 1 pixel frame which loads up dozens of images from the scam sites.

They Have a Game on the Site

[oobob]

Here is a game where you chase logos from the sites with your mouse, and if your cursor goes over them, they reload on the edges of the page.

Thing is, you can speed them up, and they automatically go towards your cursor. Even in the background (try it with a trillian window). And it's more addictive than you'd think.

Re:I'm sorry I haven't a clue.

[LostCluster]

Artists Against 419
A "419 Scam" is the attempt to defraud people of their money by claiming that they need to send money and/or account details in order to recieve a large ammount of funds. If any victim actually cooperates, they're told that they need to send more. Spam is commonly used because of the relatively low cost of sending massive e-mails, and the fact that the scammers net thousands of dollars from each fool that bites. The name comes from the chapter of Nigerian number in law that says this is illegal there, yet a majority of these scams come from there.

flash mobs
This is a concept that comes from people who send text messages to a mailing list of bunch of friends that says something cool is going on, so anybody free should come join them. In cities, this can cause 100s of people to show up on the "if you contact 10 friends, and they contact 10 friends..." principle. Singer Avril Lavigne is currently doing a tour of unadvertised events at shopping malls, which have attracted up to 6000 people that more or less depends on the first people to see the sign announcing the event telling their friends, and having those friends tell others. This group is encuraging a simple Slashdotting against 419ers, which is basically the same principle. More people showing up than expected causes problems...

Nice idea. "Community "ttacks" can work.

[hkmwbz]

This is a very good idea, and seems to work to a certain extent.

Organizing communities to attack hostiles is a good idea, and lately I've seen a lot of mails pretending to be from Citibank, apparently linking to citibank.com, but instead hiding the URL by using HTML, and sending the user to a different page instead.

These new phishing scams have been covered by the media, and basically it opens a popup with the address field hidden, and it uses HTML/JS to recreate a fake one, giving the impression that one is actually at citibank.com.

An example of a received spam, which claims to link to web.da-us.citibank.com, but really links to a page which opens a popup. The address of the popup is:

http://www.strongerinfobase.us/scripts/sys.php

This page gathers credit card info. Maybe if there was a site to gather these addresses, hundreds or thousands of people could cooperate and submit so much nonsense - either random crap or seemingly real, but fake, CC info. That way, the scammers would have to wade through thousands of fake entries.

Maybe someone could even write a script to spam the scammers into oblivion :)

... or as previously covered on slashdot

[cr@ckwhore]

Previous topic on the same subject ...

http://yro.slashdot.org/article.pl?sid=03/11/16/20 4210

definitions....

[Carbon+Unit+549]

Flash Mob
419

Re:Why this

[pyrrhonist]

This seems to be a round-about and innefficient way to do a DDoS (Distributed Denial of Service) attack. They should just automate the thing as opposed to having people sitting and clicking as they seem to plan on doing.

It is automated. RTFA. The pages automatically reload, or you can download scripts.

Their site features just about every grammatical mistake one can make.

English is not every person's first language.

They also accused me of stealing their bandwidth by going to their page. That seems to be a strange accusation coming from a group that is going out to crash other people's sites.

No they didn't. In fact they encourage people to, "...bookmark this site and revist us as often as possible", and, "link to us from your web site!".

Why is this guy's post modded "Informative"? I suppose wrong information is still informative, but jeez, people!

Re:Sounds like a job for wget

[MBAFK]

Something like this probably - I made it up on the fly - haven't tested it (yes I know it's cack and that you could probably do it in 2 lines of perl :)

#!/bin/sh

wget --mirror -np http://artists-against-419.mugus.com/
cat artists-against-419.mugus.com/*html* | tr ">" "\n" > all.txt
rm -rf artists-against-419.mugus.com/
cat all.txt | grep "http://" | egrep "\.jpg|\.gif|\.png" | sed -e "s/^.*http/http/g" | tr "'" " "| tr "\"" " " | cut -f 1 -d " " | grep -v "mugus.com/" | sort | uniq > urls

while [ true ]; do
for i in `cat urls`; do
wget -O tmp $i
rm tmp
sleep 1
done
done

Re:See for yourself.

[SydShamino]

Or, for the one I looked at...after going through their huge disclaimer page, they have a web form to fill out an application.

What do they ask for buried in the middle of the form? Your current bank information. Together with the other info, they have everything they need to initiate a wire transfer.

Pretty clear from that alone that they are scammers. No real financial institution would ask for that on an application.

make sure, you use the new version

It is here: http://www.freewebs.com/kinomakoto/lv-0305.html

Re:Verification?

[Raphael]

They are scammers, not legitimate businesses. They steal text and images from other sites. As others have already mentioned, you can use Google to search for some parts of the text on their pages and you will usually find the real source of the content.

It is also interesting to check where the images are coming from. For example, take a look at one of these fake sites: "Trust Meridien". The home page contains a link to the so-called professionals who are supposed to run this fake company: http://www.trustmeridien.com/directors.htm.

Take a look at the second picture. This woman is supposed to be called "Elizabeth Gideon". However, the name of the image file is: Kay_ivey1.gif. The name does not seem to match. Indeed, a little googling allowed me to find an identical copy of the image: Kay_ivey1.gif. That one is linked from the home page of http://www.kayivey.com/, who is the Alabama State Treasurer. The scammer did not even bother changing the name of the file!

I am sure that someone could find the source of the other images included in that page. Anyway, if you still had any doubt that the site is not a legitimate business, I suggest that you get in touch with Kay Ivey and ask her if she is really part of "Trust Meridien". Or maybe she has a twin sister?