Data Wales index page ...

Internet Fraud Advisory
 

The Good the Bad and the Pathetic -
how the industry is coping with Internet fraud. 


 This page: The e-mail service providers, see also

The lottery fraudThe money laundering fraud, Fraudsters haunting dating/matchmaking websites, The fake job offer fraud.  The bank accounts they use.   The fake loan offer fraud .  How Microsoft, Yahoo and others allow the fraud criminals to flourish. Why we need to attend to the Western Union problem.

NEW: A painful duty - Exposing the British (and Irish) connection.  What happened to my money? All 419 fraud victims should read this.

 

Internet fraud criminals tend to use anonymous web mail accounts that they can access from Internet cafes and public libraries. We looked at the addresses they use for replies. The accounts used to send such mail will be sacrificial and scammers know that they must get potential victims to respond to an alternative mail account. This is why they will include the alternative account in the body text of the mail (e.g. "reply to my private address ****.hotmail.com) and/or insert the alternative in the Reply-to line of the mail headers (e.g. "Reply-To: <*****@gmail.com>"). The chart above is based on our analysis of these reply-to addresses.

We must assume that the fraud criminals have good reasons for their choice of e-mail account suppliers. They obviously think that Yahoo, Google and Microsoft are unlikely to close fraud accounts. Perhaps they know that some of the big names in the industry like to talk about their millions of users but are not too picky about who they are. We would like to point out that having millions of accounts in use for criminal purposes will destroy the reputations of some companies and ultimately have a negative effect on share prices ...  
 

Service provider Grade Notes ...  (We will expand on these throughout 2010)
Yahoo

 

 Patchy

 

 It is rather ironic that we try to protect innocent Yahoo users from the criminals (often Yahoo users themselves), but do not get proper cooperation. See: aiding and abetting
Gmail Inscrutable Google will know why the fraud criminals have given them the no. 2 position, the company should take action .
Hotmail Patchy We should expect an exemplary service from Microsoft. It is just not happening. e.g. this from Hotmail:  "in order to process your request, Hotmail Support needs a valid MSN/Hotmail hosted account." (i.e. We don't care that the criminal has included a hotmail.com address for replies in the body of his mail.) See: aiding and abetting .  The criminals thrive on many Microsoft services - reporting them is a nightmare. There should be a central reporting address - and Microsoft should be responsible for routing abuse reports to the correct departments within the company. 

A colleague asks: "How does one get MS/hotmail's attention. This was the usual Shell lottery with a a reply to live.com and their computer bounced it . Is there a real 419 address for Microsoft?" 

Aol

Inscrutable

 Aol became a player when the company offered free mail accounts - scammers love a free mail account!
Sify.com (India) Useless The scammers have used sify.com addresses for years but in 2010 the problem has become worse. Sify.com do not even send out auto-responses to abuse complaints any more, it seems they are content to allow 419 scammers free access to their mail services.
China:
various - e.g. w.cn, 9.cn, 8u8.com, neu.com.cn		 Inscrutable It is very unusual for a Chinese mail service provider to respond to an abuse report. Perhaps reports are ignored - or perhaps offenders are harshly dealt with. We just do not know ...

Many fraud criminals ask for replies to w.cn addresses. Microsoft seems to be involved, but they reject our abuse reports....   

     
     
     
     
     
 


 

  John Weston / IFA Group, UK. Please, before forwarding suspicious mail, check that you have included FULL INTERNET MAIL HEADERS (see below).  It is not always possible to respond to reports of fraud mail, but appropriate action is always taken. Please do not forward the forged documents that accompany these scams, unless by request.   

MAIL HEADERS. You will not normally see full headers when you read your mail but these can be important in investigating Internet fraud.

Microsoft Outlook Express for Windows: Right click on the message and select Properties. Choose the Details tab and select the Message Source Button. Copy the headers and send them along with the body of the email.

Microsoft Outlook: Click the View menu and select Options. You should see a pop up window "Message options" or similar. Notice the box called Internet headers near the bottom of the window. This box contains the full headers. To extract the contents, put your mouse pointer in the box and right-click then choose Select All. All the text in the box will then be highlighted.

Right-click in the box again and this time choose Copy to copy the selected contents to the clipboard. You can then paste the full headers to an email you may be forwarding. .

Netscape Messenger 4.7 - 6: Open the email; go to the view menu; pull the 'Headers' menu over and click on 'all'. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Netscape Messenger 6.2 and higher: Go to Netscape Messenger Inbox. Select View - Headers - All. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Pegasus: Users of the excellent Pegasus for Windows will probably not need me to remind them of the Raw View tab and the option to include headers in the Reply and Forward dialogues.

Incredimail: In your mail program double click the email you would like to view, when it is open click on the FILE menu and choose PROPERTIES. When in the properties menu click on the DETAILS tab to view the Full Headers .

WEB MAIL HEADERS
Yahoo web mail: First you must turn on "Full Headers". From your Yahoo! mail account, click on "Mail Preference". Scroll down the page to "Message Headers" and click on the "all" radio button. Save your preferences at the bottom of the page.

Hotmail: First, configure your options: On the upper right "Options | Help" links, click on "Options." Click on the "Mail Display Settings" link, find the item "Message Headers." Choose "Advanced" and click the "OK" button.

    Data Wales Index