Artists Against 419 Takes On Scammers

419scammers writes "Hello, The following site is an anti scammers 419 site (plus associated scams) which has started to receive a great deal of publicity in a number of countries national publications. Their fifth international flash mob has now started. Have a look at the monthly flash mob link. Enjoy." An anonymous reader adds "More than 50 identified websites of the Nigeria-Connection are being targeted and the first ones has been already disabled. It was a very bad idea to copy the website of an innocent lawfirm..."

Verification?

How do we know we're actually participating in a DDoS against a 419 site and not a legitimate business?

This kind of mob mentality is a little unsettling. I guess it doesn't matter as far as slashdot is concerned though. They'd take down a bus full of nuns if they were a website.

Re:Verification?

[|absolut|]

This kind of mob mentality is a little unsettling.

ALL kinds of mob mentalities are more than a little unsettling, they are frightening.

Re:Verification?

[Old+Coaster]

Why not do as aa419 does and check with the regulator of the bank or institution in the country concerned? The regulator for English Solicitors is the Law Society of England and for British Banks is the Financial Services Authority. Google these and check the position for yourself, or are you too lazy? At the moment you just look silly!

Re:OK it's probably me but

Basically this, 419ers are basically scammers. They try to get you to give them you bank information or credit information or just give them lots of money by making you think they're a bank or an investment firm.

The idea is you're stealing bandwidth to cost them a lot of money and wipe their site off the internet.

Are you attacking a good guy or a bad guy? That's a good question. You don't know, do you? You could be attacking a bad guy but you're taking down a small business internet provider that got duped themselves and you just ran up their bill thousands of dollars putting them out of business. You could be attacking a bad guy but their site is running off zombied machines in a hospital so you just shut down their network and killed a few people. Someone could have compromised that site and changed the pictures to ones on humanitarian websites and you're hurting the good guy. I don't know, you don't know. Who does?

And that is why a DDoS is generally regarded as a bad thing by everyone no matter who it's against.

See for yourself.

[cryptor3]

If you're suspicious, check the targets out for yourself. Here's the clues that I relied on:

Mechanical/Formatting - The sites are decent, (i.e., not foreign spam bad) but they have enough errors and inconsistencies that I think they aren't up to the caliber of an international financial organization. If they really have any international dealings, they can afford a decent marketing firm or department to do their web site.

Sitebuilders - Look for systematic naming, formatting, and telltale HTML tags. Again, I wouldn't trust a financial org that uses a sitebuilder.

Plagiarized Wording - Try Googling some of the complex wording. A number of them show up word for word on other sites.

Take for example, financialsecurities.org.uk. The wording "has a highly experienced team of professionals providing unbiased and highly qualified services exclusively to its clients in selected technology & health care industries which drive the high-tech revolution" appears only at this site. Notice also the >>high tech revolution<< punctuation that appears afterwards.

Now it's possible that Viscardi is plagiarizing financialsecurities.org.uk, but Viscardi leaves a phone number, so you can call them and ask about it.

Now sure, this isn't hard evidence, but the consistency of clues on so many sites tells me these people (the artists) have gone through some work to come up with such a reasonably self-consistent list.

Re:Disturbing

[Graftweed]

A: Yes, they're also mass spammers, but there's a distinction I make. The typical mass spammer is someone who is paid money for having his systems churn out spam 24/7, often trying to sell legitimate (if somewhat dubious) products.

A 419 scam is actually a crime of persuasion, so while they might start out as just spammers they usually escalate to targeting specific individuals, and this is no gray area as in spam, it's a crime, period.

B: I was actually trying to make a joke. But really, clueless and senile? Have you actually taken a look at the content of some 419 e-mails? That stuff is sometimes so far fetched it enters the realm of common sense.

Being lured in by an url that looks like a legitimate bank and handing over your details, that's being clueless. But being scammed into handing over thousands of dollars to help some nigerian astronaut stranded in space?...

Who really is punished here?

[mabu]

I'm sorry, but DDoS'ing 419 sites seems really stupid. You might take their site down temporarily but you're also wasting just as much of your own bandwidth and affecting other more important services.

The 419'ers exploit stupid people. These efforts don't address either the stupidity of people or the illegal activities of the scammers. It seems more like a publicity stunt to call attention to the artists than a legitimate and effective effort to stop 419ers.

While I don't condone the activities of the 419'ers, they don't bother me that much. Turn on the television and it'll take you about ten minutes before you see a commercial from an American company that's basically doing the same thing, misleading people into giving them money for something that is questionable. I have trouble distinguishing the current spate of weight-loss and penis enlargement pills from the tactics of 419'ers.

I figure anyone stupid enough to fall for these schemes will do so eventually, so we might as well let them learn from their mistakes sooner rather than later. That also goes for the goofy fake-cashiers check scams being perpetrated on people posting online classified ads. If you're selling something for $3000 and someone sends you a check for $6000 and wants you to wire the difference to another country, you're a fool who needs to be parted from your money.

Re:Who really is punished here?

[hkmwbz]

"I'm sorry, but DDoS'ing 419 sites seems really stupid. You might take their site down temporarily but you're also wasting just as much of your own bandwidth and affecting other more important services."

I am not wasting my bandwidth if I think it's a worthwile cause. And it's not like it will suck up all my bandwidth either. All it does is to download images from a web server. I do that all the time anyway.

So we are wasting their bandwidth, but I can decide to stop downloading their images at any time. So it is not a problem at all.

And what more important services does it affect?

"The 419'ers exploit stupid people."

And they spam all kinds of people, including smart ones who will never fall for their scams anyway. And spam is a major problem today.

"While I don't condone the activities of the 419'ers, they don't bother me that much. Turn on the television and it'll take you about ten minutes before you see a commercial from an American company that's basically doing the same thing, misleading people into giving them money for something that is questionable."

Yeah, except these American companies don't kill their victims, which has happened to 419 victims.

"I figure anyone stupid enough to fall for these schemes will do so eventually, so we might as well let them learn from their mistakes sooner rather than later."

So it's OK by you that they send spam? I don't like it, so I'll be happy to use some of my bandwidth to take their sites down. If they can't scam people because their sites keep being taken down, maybe they'll stop spamming me.

" If you're selling something for $3000 and someone sends you a check for $6000 and wants you to wire the difference to another country, you're a fool who needs to be parted from your money."

And the money they make from scamming people will be used for what? Funding wars, for example? Drugs? Getting people tortured and killed?

Sorry, I can't accept that.

Re:Natural selection

[YOU+LIKEWISE+FAIL+IT]

Of course, there can be substansive collateral damage, vis that lady who embezzled her company to finance her advance fee fraud, and another gentleman who collected money from his circle of friends and acquaintances on the pretext that it was to finance a large shipment of clothing items for his business.

These second tier victims aren't necessarily weak and gullible - nor are they all on the internet. They were often approached by someone they knew and trusted. These cases, if none other, are a reason for us to be vigilant, and do what we can to put the frighteners on people that would purvey such scams.

( Although personally I think the time would be better spent educating people instead of trying to slashdot some website which the proprietors will just take down and put up somewhere else... )

Re:Joke's on who?

[giberti]

While I would agree with you most of these sites are running on $8.95/month hosting and so don't have that kind of customization.

Re:Nice idea. "Community "ttacks" can work.

[YOU+LIKEWISE+FAIL+IT]

Yeah, what a good idea. I'll just join my computer up to a botnet and let some probably unknown individual give me a list of targets to attack. Perhaps when they run out of 419's they could start bombing the sites of political campaigns they don't approve of, or auction websites or microsoft.com.

If you're going to punch someone, don't let someone else guide your fist. You might end up biting off more than you can chew, if you'll excuse my mixed metaphor.

Re:Joke's on who?

[nacturation]

In addition to the points raised by others, the easiest way to avoid the referrer issue is to have their HTML page load up in a 1 pixel frame. That way, it's their referrer header for the images and, because the frame is only 1 pixel wide/tall, the user can't see the content anyway.

Re:Why this

[downunda_wookiee]

by having a bunch of individuals DDoS'ing the 419 sites they are not having to use their own bandwidth...
a bunch of slow connections can do much more damage than a few faster connections.

It's just a bit of human nature

[annielaurie]

Everybody with any sense hates spammers and scammers, and any measures we take against them seem like spitting into the ocean.

I have to think that even the most rational and law-abiding among us have at least fantasized briefly about launching attacks of various sorts against spammers and spam gangs. Innumerable fiendishly clever ideas for how to accomplish this have been launched right here on Slashdot--usually to be rebutted by wiser and/or more technically savvy heads.

The lovely thing about 419-baiting is that they're low-hanging fruit. They're accessible. Unlike the spoofers and joe-jobbers, they leave themselves right out in the open. It's as if they've hung a digital KICK ME sign on their virtual butts.

Revenge is sweet.

Re:Joke's on who?

just post them on /.

Re:OK it's probably me but

[WWWWolf]

You could be attacking a bad guy but their site is running off zombied machines in a hospital so you just shut down their network and killed a few people.

Some nitpicking - if someone manages to zombie a hospital machine, that means someone is already in danger of dying. Which is precisely why hospitals don't put their critical computer systems in a public network and tend to have pretty high security standards on those as well =)

Re:Verification? They don't pay interest.

[Stephen+Samuel]

Check out Their online banking login. Control-U (view source) will get you a list of 'bank accounts' (it's a real obvious set of case statements). Pick any one to view an account statement. (you can use anything for the PIN number). Note that they're not paying interest on their multi-million dollar bank accounts, even though they claim 1.51 % for checking accounts.

(Yeah, and the fact that they have the account numbers in the source of their web page should tell you something too, never minding the lack of SSL).

Hmm... for the real lazy, it appears that any odd number between 2206076832141101 and 2206076832141165 (among others) will work