rconner Posted March 18, 2007 Share Posted March 18, 2007 Most of the 419 scams I get are decidedly low-rent, probably originating from Nigerian internet cafes. Here's one, however, where the perp seems to have gone an extra mile or two (tracking ID link). Typical 419 otherwise, but the gimmick is that he asks for reply to an e-mail address at the goldencitybank.com domain. I found that the domain was registered at Melbourne IT just a few days ago, and that there's even a website and no fewer than 8 MX hosts serving the domain, all at Lycos addresses. I larted this to Lycos and Melbourne IT, and will be bookmarking this domain to see what happens. Seems like an unusual degree of diligence and technical know-how for a 419 scammer. -- rick Link to comment Share on other sites More sharing options...
Farelf Posted March 18, 2007 Share Posted March 18, 2007 Good work Rick! That thing also has a convincing looking website to back up the email address. It ought to be convincing, it looks to me like the content was filched from Barclays (but with some of Barclays' credentials "improved"!!) and re-badged. One thing that seemed a little suspect to me (in "About Goldencity Bank") was the phrase " It serves affluent, high net worth personal and corporate clients worldwide, ..." but, no, Barclays uses exactly that phrase. Note to Barclays - "affluent" may be truthful but has negative marketing connotations, hire professionals to write your blurb for pity's sake. Anyhow, web references to "Golden City Bank" include Golden City Bank 06/30/1986 NYS Chartered Golden City Bank 04/02/1990 Name Change To Golden City Commercial Bank 12/10/1999 Closed 12/10/1999 FDIC Receiver 12/10/1999 Assets Sold To Cathay Bank - and precious little else. No hits from the wayback machine which is inconclusive (for a real bank) but points up the very recent registration you have discovered. These things can be so sophisticated - though the emails themselves are very formulaic and easily recognized. There have been reports of similar websites in the past but not for some time. And we general spamsufferers are, no doubt, only seeing the "second tier" efforts - there has to be a whole upper level of "targeted" stuff aimed at specific individuals and their "personality keys" (either that or the conmen are getting fat and lazy in this post-modern information age of ours). What a world, eh? Still, it's the only one we have. Link to comment Share on other sites More sharing options...
rconner Posted March 19, 2007 Author Share Posted March 19, 2007 Lo and behold, goldencitybank.com is listed this morning by Melbourne IT as a cancelled domain, and I can no longer get any info via dig. So, looks like the scammer won't be getting his inbound mail anytime soon. -- rick Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.