The Ol' TNT Scam

[emanmb]

Although an email I received walks the fine line between spam and scam, I fwd'ed it to SC anyway since I wanted to know where it came from. SC can do a better job of that than me using Whois etc, and in most cases I hit "cancel" after finding out which Nigerian ISP the email came from. This usally confirms my suspicions so I can send them lovely insults! I hate scammers perhaps more than spammers...but I'm not sure!

This time, as the scammer seems pretty slick in their email presentation and so on, I reported it with a note added to each address the scam/spam was being reported to. "scammer trying to rip off people using a non-existent deilvery company".

This is the scam where upon enquiring about an item for sale online somewhere, the responder tells you to they are in England and "we need a safe way to complete this deal that will allow us to make sure we receive what we are after.

I have found a way for us to complete the deal fast (3 days) and easy. The solution is a worldwide delivery company called TNT." Most of us know this is a scam but for the poor noob sod that doesn't, they stand to lose quite a bit of cash.

After reporting the scammers email w/SC I received a personally addressed email from the Infortech Abuse Investigator, who was one of the reporting addresses this was reported to, sent to me from spamcop[at]devnull.spamcop.net, which I GUESS was fwd'ing the reponse from abuse[at]infortech.net.

Now I don't mind that abuse[at]infortech.net has some inkling of who I am in this case, but I always thought that reported spams don't include my address. Otherwise I'd never report 95% of my spam as they all originate from .hu, .ru, .tr, .cn, .kr and so on. Personally I don't think ANY of those ISP's give a sh_t about spam or Spamcop reports as long as the spammers keep paying their bills and they are probably complicit with the spammers. Therefore I don't want these .ru, et al ISP's to know I am reporting spam to them.

So how is it that abuse[at]infortech.net knew my name?

Hello Eric,

Thank you for taking the time to report this incident. We have

notified

the end user customer of this complaint with a demand to take immediate

action to resolve this matter.

Thanks again,

Infortech Abuse Investigator

Thanks for any insight here!

Eric

[turetzsr]

<snip>

So how is it that abuse[at]infortech.net knew my name?

<snip>

...Hard to tell without knowing a bit more, such as how you communicated to infortech.net (did you include that in your post but I missed it? If so, I apologize...). If you are a reporting-only user, what is in your Preferences | Report Handling Options | Display Name?

[emanmb]

...Hard to tell without knowing a bit more, such as how you communicated to infortech.net (did you include that in your post but I missed it? If so, I apologize...). If you are a reporting-only user, what is in your Preferences | Report Handling Options | Display Name?

I didn't communicate w/them at all.

Oops! My name is in the reporting prefs. No biggee. Wondered about that and also have it set to forward only replies from sentient people so must be a human responded.

My report can be seen here I guess. http://www.spamcop.net/mcgi?action=gettrac...rtid=1973948365

[Wazoo]

1. your parsed, reviewed, approved spam submittal Report goes out to the targets you selected/approved. Clicking on the "Preview" Button will allow you to see waht os going to actually be sent.

2. The receiving ISP/Host has options in that Report to "do" something. One of those options is to 'talk to the originator of the Report' .... thus us accomplished by replying to that e-mail, which is sent to the SpamCop.net system addreessed to the 'ReportID' .... the SpamCop.net system then forwards that e-mail to 'your' Registered e-mail account.

3. Your posting of a ReportID here doesn't do much good, as that data is not accessible by other than a small handful of folks, most of them not here .... This comes up so often, a FAQ entry here was generated Getting a Tracking URL from a Report ID

[emanmb]

1. your parsed, reviewed, approved spam submittal Report goes out to the targets you selected/approved. Clicking on the "Preview" Button will allow you to see waht os going to actually be sent.

2. The receiving ISP/Host has options in that Report to "do" something. One of those options is to 'talk to the originator of the Report' .... thus us accomplished by replying to that e-mail, which is sent to the SpamCop.net system addreessed to the 'ReportID' .... the SpamCop.net system then forwards that e-mail to 'your' Registered e-mail account.

3. Your posting of a ReportID here doesn't do much good, as that data is not accessible by other than a small handful of folks, most of them not here .... This comes up so often, a FAQ entry here was generated Getting a Tracking URL from a Report ID

Sorry I thought that most folks might not be able to access that, but then again I thought I'd seen postings w/folk's report page links so I went ahead. Anyway thanks for clearing that up!

e

[Wazoo]

Sorry I thought that most folks might not be able to access that, but then again I thought I'd seen postings w/folk's report page links so I went ahead. Anyway thanks for clearing that up!

Perhaps not actually caught in that ... it's the Tracking URL that gets posted here (and in the newsgroups) that allows other users to see the actual data involved with the specific spam parse.

These terms are defined in the Dictionary, Glossary, and Wiki ...