The Straight Dope

Go Back   Straight Dope Message Board > Main > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 09-28-2006, 05:47 PM
ivylass ivylass is offline
Guest
 
Join Date: Mar 2002
Does forwarding spam to spam@uce.gov really work?

I've gotten the occasional Nigerian scam e-mail and forwarded it to spam@uce.gov. That's supposed to link to the government's website to track and fight internet spam/scams.

I have a sneaking suspicion that all that stuff just piles up and once a week someone deletes all the e-mails. What info could they get off something I forwarded to them that would allow the feds to track down a scammer operating out of a coffeehouse in Nigeria?
Reply With Quote
Advertisements  
  #2  
Old 09-28-2006, 06:08 PM
Derleth Derleth is offline
Guest
 
Join Date: Apr 2000
In theory, they could have someone clueful read the headers of the email and track down the most likely point of origin, or at least the most likely place to blacklist to effectively block the spam. In practice, there is very little reason for them to do that because nobody's career in the government hinges on fighting spam. The most useful thing they could probably do is forward a summary of the header information to the backbone ISPs in this country (the ones that directly handle trans-Atlantic and trans-Pacific data) and let them institute the blocking. They have a good reason to: Spam costs them money.
__________________
"Ridicule is the only weapon that can be used against unintelligible propositions. Ideas must be distinct before reason can act upon them."
If you don't stop to analyze the snot spray, you are missing that which is best in life. - Miller
I'm not sure why this is, but I actually find this idea grosser than cannibalism. - Excalibre, after reading one of my surefire million-seller business plans.
Reply With Quote
  #3  
Old 09-28-2006, 06:14 PM
Jayrot Jayrot is offline
Guest
 
Join Date: Sep 2002
Furthermore, most spam these days is sent by people with hijacked ("zombie") systems that have contracted a virus, trojan horse, etc. The person orchestrating the spam behind the scenes isn't listed in even the most detailed headers. The originating IP is just some poor old grandma running an unpatched XP SP1 machine.

My vote for the effect of forwarding to spam@uce.gov is "makes you feel like you're doing something about it".
Reply With Quote
  #4  
Old 09-28-2006, 07:39 PM
ivylass ivylass is offline
Guest
 
Join Date: Mar 2002
But are you actually "doing something about it?"
Reply With Quote
  #5  
Old 09-17-2011, 07:06 PM
bitbugsbyte bitbugsbyte is offline
Guest
 
Join Date: Sep 2011
Good Advice!

Quote:
Originally Posted by Derleth View Post
In theory, they could have someone clueful read the headers of the email and track down the most likely point of origin, or at least the most likely place to blacklist to effectively block the spam. In practice, there is very little reason for them to do that because nobody's career in the government hinges on fighting spam. The most useful thing they could probably do is forward a summary of the header information to the backbone ISPs in this country (the ones that directly handle trans-Atlantic and trans-Pacific data) and let them institute the blocking. They have a good reason to: Spam costs them money.
Spam costs them money to send through the networks. That is a good point! Just to confirm: We should trace the IP address or server name that is sending the spam. Next we lookup who is responsible for the domain. How do we hold that server accountable with the main "backbone ISP"? How do you trace that link? whois.com?
Reply With Quote
  #6  
Old 09-17-2011, 07:26 PM
tellyworth tellyworth is offline
Member
 
Join Date: Dec 2009
Posts: 1,975
Quote:
Originally Posted by bitbugsbyte View Post
Spam costs them money to send through the networks. That is a good point! Just to confirm: We should trace the IP address or server name that is sending the spam. Next we lookup who is responsible for the domain. How do we hold that server accountable with the main "backbone ISP"? How do you trace that link? whois.com?
Don't bother. It's rare even for professional security researchers to succeed in tracing and shutting down spammers these days. Someone who doesn't really know what they're doing won't have anything useful to contribute, and may hinder rather than help. (I don't mean to sound patronizing, but it's true - most complaints received by service providers are useless, and just wind up obscuring the good ones).

If you want the satisfaction of smiting bad guys, try Spamcop or similar.
Reply With Quote
  #7  
Old 09-17-2011, 08:30 PM
thelabdude thelabdude is offline
Guest
 
Join Date: Feb 2011
I have been using <submit.NKOkoOk5sxzNduAT@spam.spamcop.net> I suspect my best option is to delete and forget.
Reply With Quote
  #8  
Old 12-05-2012, 09:03 AM
spamfighter spamfighter is offline
Guest
 
Join Date: Dec 2012
Quote:
Originally Posted by tellyworth View Post
Don't bother. It's rare even for professional security researchers to succeed in tracing and shutting down spammers these days. Someone who doesn't really know what they're doing won't have anything useful to contribute, and may hinder rather than help. (I don't mean to sound patronizing, but it's true - most complaints received by service providers are useless, and just wind up obscuring the good ones).

If you want the satisfaction of smiting bad guys, try Spamcop or similar.
That would be incorrect. In fact, the FTC does use submitted spam in cases against spammers. Yes, sometimes headers are forged, but there are other ways to determine who the criminal is behind a given spam run (doing a purchase, for example).

I suggest people continue to submit spam to them.

--
Neil Schwartzman
Executive Director
CAUCE - the Coalition Against Unsolicited Commercial Email
Skype: (303) 800-6345
Web: http://cauce.org
Twitter: @cauce

Please join the CAUCE J.D. Falk Memorial Kiva Team http://www.kiva.org/team/cauce_falk_memorial
Reply With Quote
  #9  
Old 02-27-2014, 07:32 PM
dennis coatney dennis coatney is offline
Guest
 
Join Date: Feb 2014
Dennis Coatney

I was scam on a 23,million fund from ministry of finance Togo on feb,5 2014 Email Address <info.mftogo@finacier.com> telling me they sent 23 million to the Swiss national bank email <swissconsultantservices@hotmail. com>they ask me for my I D, and a lot of money for fees, I was not falling for this and did not send a thing, then I get this email a scam from the FBI trying get me to fill out forms for US Customs on the above scams for my Identify, claiming I would be summons if I didn't comply, email <fbicrimegov@yahoo.com> and fill out there form to clear the assume funds. so I contacted my attorney who in his early years work with the FBI in San Francisco and he told to the grammar in the letter for the assume FBI was very poor, and was fake, and not to answer any more email of any the above, and that it was all fake, please let me know if any of these email are real, I have enrolled in life lock to protect my identity and credit accounts , you can put these emails on your 419 scam list
Reply With Quote
  #10  
Old 02-27-2014, 07:59 PM
Twoflower Twoflower is offline
Member
 
Join Date: Dec 2004
Location: Sacra-tomato
Posts: 953
Any "official" email using a yahoo.com address is fake. Case closed.
Reply With Quote
  #11  
Old 02-27-2014, 08:26 PM
jtur88 jtur88 is offline
Guest
 
Join Date: Aug 2011
Yeah,, it works just as well as filing out the online form that you received a call violating the Do Not Call list.
Reply With Quote
  #12  
Old 02-27-2014, 09:09 PM
cochrane cochrane is offline
Guest
 
Join Date: Jun 2006
Zombie spam is most definitely fake.
Reply With Quote
  #13  
Old 02-28-2014, 06:24 AM
aruvqan aruvqan is offline
Charter Member
 
Join Date: Feb 2004
Location: Eastern Connecticut
Posts: 15,277
Quote:
Originally Posted by Derleth View Post
In practice, there is very little reason for them to do that because nobody's career in the government hinges on fighting spam..
And they are wrong - I bet that the person who could beat spam could effectively ride that to the presidency ... so many people are so pissed off at spam that they probably would vote for them on that basis. Beats voting for someone because they were a war hero I guess ...
Reply With Quote
  #14  
Old 02-28-2014, 06:38 AM
DataX DataX is offline
Member
 
Join Date: Jan 2012
Posts: 1,454
Quote:
Originally Posted by dennis coatney View Post
I was scam on a 23,million fund from ministry of finance Togo on feb,5 2014 Email Address <info.mftogo@finacier.com> telling me they sent 23 million to the Swiss national bank email <swissconsultantservices@hotmail. com>they ask me for my I D, and a lot of money for fees, I was not falling for this and did not send a thing, then I get this email a scam from the FBI trying get me to fill out forms for US Customs on the above scams for my Identify, claiming I would be summons if I didn't comply, email <fbicrimegov@yahoo.com> and fill out there form to clear the assume funds. so I contacted my attorney who in his early years work with the FBI in San Francisco and he told to the grammar in the letter for the assume FBI was very poor, and was fake, and not to answer any more email of any the above, and that it was all fake, please let me know if any of these email are real, I have enrolled in life lock to protect my identity and credit accounts , you can put these emails on your 419 scam list
Dude - your attorney (who I assume you have met/used before - and is not someone you hired off the internet from one of the emails) told you that it was fake - and you still think one of them might be real?

As someone mentioned - the FBI doesn't use yahoo email. Legitimate Swiss bankers aren't using hotmail. Even if it wasn't for the email addresses - you can't get in trouble with the FBI for not responding to an email. They don't send out threats/summons by email. When the FBI contacts you - you will get two very nicely dressed people showing up at your door. More than that - and you are in trouble - less than that and it is just a reference check for a background check
Reply With Quote
  #15  
Old 02-28-2014, 06:53 AM
Mangetout Mangetout is offline
Charter Member
 
Join Date: May 2001
Location: England (where it rains)
Posts: 51,047
Quote:
Originally Posted by dennis coatney View Post
I was scam on a 23,million fund from ministry of finance Togo on feb,5 2014 Email Address <info.mftogo@finacier.com> telling me they sent 23 million to the Swiss national bank email <swissconsultantservices@hotmail. com>they ask me for my I D, and a lot of money for fees, I was not falling for this and did not send a thing, then I get this email a scam from the FBI trying get me to fill out forms for US Customs on the above scams for my Identify, claiming I would be summons if I didn't comply, email <fbicrimegov@yahoo.com> and fill out there form to clear the assume funds. so I contacted my attorney who in his early years work with the FBI in San Francisco and he told to the grammar in the letter for the assume FBI was very poor, and was fake, and not to answer any more email of any the above, and that it was all fake, please let me know if any of these email are real, I have enrolled in life lock to protect my identity and credit accounts , you can put these emails on your 419 scam list
Obvious fake. If the FBI is asking you to do something, on threat of legal consequences, they won't just email you about it.
Reply With Quote
  #16  
Old 02-28-2014, 08:28 AM
lost4life lost4life is offline
Guest
 
Join Date: Oct 2002
Quote:
Originally Posted by dennis coatney View Post
I was scam on a 23,million fund from ministry of finance Togo on feb,5 2014 Email Address <info.mftogo@finacier.com> telling me they sent 23 million to the Swiss national bank email <swissconsultantservices@hotmail. com>they ask me for my I D, and a lot of money for fees, I was not falling for this and did not send a thing, then I get this email a scam from the FBI trying get me to fill out forms for US Customs on the above scams for my Identify, claiming I would be summons if I didn't comply, email <fbicrimegov@yahoo.com> and fill out there form to clear the assume funds. so I contacted my attorney who in his early years work with the FBI in San Francisco and he told to the grammar in the letter for the assume FBI was very poor, and was fake, and not to answer any more email of any the above, and that it was all fake, please let me know if any of these email are real, I have enrolled in life lock to protect my identity and credit accounts , you can put these emails on your 419 scam list
DEAR mR DENIS,

SO good to BE HEARING FROM YOU. WE HAVE BEEN TRYING TO MUCH CONTACT YOU. YOUR MONEY WAITING AT BANK OF SWISSERLAND. PLEASE FILL OUT CONTRACT FORM ALONG WITH CASHIER CHECK FOR CUSTOM FEES. YOU MAY ALSO SEND TO ME WESTERN UNION. CONGRATULATION ON MONEY.

yours IN CHRISTS NAME

mariam abacha

FINANCE MINISTER OF TOGO
(0234)-419-031756
FinanceMinisterofTogo6969@hotmail.com
52 APAPA ROAD
EBUTE METTA WEST
LAGOS, NG
Reply With Quote
  #17  
Old 03-15-2014, 01:10 PM
rss245@gmail.com rss245@gmail.com is offline
Guest
 
Join Date: Mar 2014
Does forwarding spam to spam@uce.gov really work? Reply to Thread

I think one thing about the email header could help thwart such spamming and virus spreading activity and that would be to guard the email servers sending the spam.
Its a lazy minded security analyst that poo poos the value of this.

Sure some old lady maybe on the internet with an un patched windows 95 machine
and be the victim of a Trojan or virus running on their machine but'
every email had to come through an SMTP enabled server and spoofing emails is a large part of the problem. SPF enabling while limiting access to specified servers helps this process. Most users might use common ISP like Verizon or AT&T or AOL
whatever they use those ISPs could do a much better job of tracking SMTP usage
further more there are three types of spam today:
(1) Worthless -meant to annoy or waste time spam with only destructive purposes in mind
(2) Well meant spam - meant to inform or advertise products and services
(3) Destructive spam meant to truly destroy people's lives

While we can probably get by with the first two the 3rd is unacceptable and should be expunged from every smtpd server on the planet.

It all starts with the sending SMTP entity. They need to all be secure and when unusual activity occurs out of normal behavior it needs to at least be analyzed

case #1 - normally 8 emails a day at most are sent by granny but unknown circumstances granny gets an infected dvd from a friend who pirates off the internet
the DVD introduced Trojans etc.. so now when Granny sends from her outlook 100 emails which or not be legitimate and a scanner on smtp server scans the emails and detects a virus or Trojan guess what? that email is stopped dead
Now that could be done for every outbound email as it should be and any such emails should be handled by the email dameon to the effect that contents are suspect for xyz virus or Trojan.
What does it do it stops those emails from the virus or Trojan dead.
No wonton exposure. Sure Granny will be inconvenienced because a virus checker is checking every email she sends and the email will be delayed by a few miliseconds but the email wll stay secured or at least a best effort will have been made.
Now regarding spoofing SPF records in DNS can make it necessary to use specific smtp server but it also confines the permutations of roués the email will take
thus stopping the threat of viruses

I honestly do not understand why this has not been widespread implemented because these days its necessary.

The next line of defense would be firewalls. Every ISP these days has a firewall
They need to be checking packets for virus signatures even between packets
Why because somehow the viruses and Trojans have to be sent over the internet or delivered by sneaker net(CDs,DVDs Blueray, USB drives)
Even the drive manufacturers and OS people could help thwart the spread of such software. If they really wanted to stop it it would have been stopped
It amazes me how stupid we all are to let this continue.
That we find ourselves performing CAPTCHAs on every web site because we do not properly monitor web behavior.

Tell me I am wrong?


Bottom line keep FORWARDING those emails because if there is one thing that the headers provide it is the source SMTP Email Servers involved in their send off.
Not to be underestimated what that will do.
If the uce sees a huge number of servers from china sending emails with Viruses they can respond by cutting Chineese traffic and counter attacking or Estonia or where ever the SMTP servers are located. or cut off the traffic from those places and servers.


Those SMTP server absolutely count and so does the lack of SPF records involved!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 06:08 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright © 2013 Sun-Times Media, LLC.