I’ve gotten the occasional Nigerian scam e-mail and forwarded it to spam@uce.gov. That’s supposed to link to the government’s website to track and fight internet spam/scams.
I have a sneaking suspicion that all that stuff just piles up and once a week someone deletes all the e-mails. What info could they get off something I forwarded to them that would allow the feds to track down a scammer operating out of a coffeehouse in Nigeria?
In theory, they could have someone clueful read the headers of the email and track down the most likely point of origin, or at least the most likely place to blacklist to effectively block the spam. In practice, there is very little reason for them to do that because nobody’s career in the government hinges on fighting spam. The most useful thing they could probably do is forward a summary of the header information to the backbone ISPs in this country (the ones that directly handle trans-Atlantic and trans-Pacific data) and let them institute the blocking. They have a good reason to: Spam costs them money.
Furthermore, most spam these days is sent by people with hijacked (“zombie”) systems that have contracted a virus, trojan horse, etc. The person orchestrating the spam behind the scenes isn’t listed in even the most detailed headers. The originating IP is just some poor old grandma running an unpatched XP SP1 machine.
My vote for the effect of forwarding to spam@uce.gov is “makes you feel like you’re doing something about it”.
But are you actually “doing something about it?”
Spam costs them money to send through the networks. That is a good point! Just to confirm: We should trace the IP address or server name that is sending the spam. Next we lookup who is responsible for the domain. How do we hold that server accountable with the main “backbone ISP”? How do you trace that link? whois.com?
Don’t bother. It’s rare even for professional security researchers to succeed in tracing and shutting down spammers these days. Someone who doesn’t really know what they’re doing won’t have anything useful to contribute, and may hinder rather than help. (I don’t mean to sound patronizing, but it’s true - most complaints received by service providers are useless, and just wind up obscuring the good ones).
If you want the satisfaction of smiting bad guys, try Spamcop or similar.
I have been using <submit.NKOkoOk5sxzNduAT@spam.spamcop.net> I suspect my best option is to delete and forget.
That would be incorrect. In fact, the FTC does use submitted spam in cases against spammers. Yes, sometimes headers are forged, but there are other ways to determine who the criminal is behind a given spam run (doing a purchase, for example).
I suggest people continue to submit spam to them.
–
Neil Schwartzman
Executive Director
CAUCE - the Coalition Against Unsolicited Commercial Email
Skype: (303) 800-6345
Web: http://cauce.org
Twitter: @cauce
Please join the CAUCE J.D. Falk Memorial Kiva Team Kiva Lending Team: CAUCE J.D. Falk Memorial Kiva Team | Kiva
I was scam on a 23,million fund from ministry of finance Togo on feb,5 2014 Email Address <info.mftogo@finacier.com> telling me they sent 23 million to the Swiss national bank email <swissconsultantservices@hotmail. com>they ask me for my I D, and a lot of money for fees, I was not falling for this and did not send a thing, then I get this email a scam from the FBI trying get me to fill out forms for US Customs on the above scams for my Identify, claiming I would be summons if I didn’t comply, email <fbicrimegov@yahoo.com> and fill out there form to clear the assume funds. so I contacted my attorney who in his early years work with the FBI in San Francisco and he told to the grammar in the letter for the assume FBI was very poor, and was fake, and not to answer any more email of any the above, and that it was all fake, please let me know if any of these email are real, I have enrolled in life lock to protect my identity and credit accounts , you can put these emails on your 419 scam list
Yeah, it works just as well as filing out the online form that you received a call violating the Do Not Call list.
Zombie spam is most definitely fake.
And they are wrong - I bet that the person who could beat spam could effectively ride that to the presidency … so many people are so pissed off at spam that they probably would vote for them on that basis. Beats voting for someone because they were a war hero I guess … :dubious:
Dude - your attorney (who I assume you have met/used before - and is not someone you hired off the internet from one of the emails) told you that it was fake - and you still think one of them might be real?
As someone mentioned - the FBI doesn’t use yahoo email. Legitimate Swiss bankers aren’t using hotmail. Even if it wasn’t for the email addresses - you can’t get in trouble with the FBI for not responding to an email. They don’t send out threats/summons by email. When the FBI contacts you - you will get two very nicely dressed people showing up at your door. More than that - and you are in trouble - less than that and it is just a reference check for a background check 
Obvious fake. If the FBI is asking you to do something, on threat of legal consequences, they won’t just email you about it.
DEAR mR DENIS,
SO good to BE HEARING FROM YOU. WE HAVE BEEN TRYING TO MUCH CONTACT YOU. YOUR MONEY WAITING AT BANK OF SWISSERLAND. PLEASE FILL OUT CONTRACT FORM ALONG WITH CASHIER CHECK FOR CUSTOM FEES. YOU MAY ALSO SEND TO ME WESTERN UNION. CONGRATULATION ON MONEY.
yours IN CHRISTS NAME
mariam abacha
FINANCE MINISTER OF TOGO
(0234)-419-031756
FinanceMinisterofTogo6969@hotmail.com
52 APAPA ROAD
EBUTE METTA WEST
LAGOS, NG
I think one thing about the email header could help thwart such spamming and virus spreading activity and that would be to guard the email servers sending the spam.
Its a lazy minded security analyst that poo poos the value of this.
Sure some old lady maybe on the internet with an un patched windows 95 machine
and be the victim of a Trojan or virus running on their machine but’
every email had to come through an SMTP enabled server and spoofing emails is a large part of the problem. SPF enabling while limiting access to specified servers helps this process. Most users might use common ISP like Verizon or AT&T or AOL
whatever they use those ISPs could do a much better job of tracking SMTP usage
further more there are three types of spam today:
(1) Worthless -meant to annoy or waste time spam with only destructive purposes in mind
(2) Well meant spam - meant to inform or advertise products and services
(3) Destructive spam meant to truly destroy people’s lives
While we can probably get by with the first two the 3rd is unacceptable and should be expunged from every smtpd server on the planet.
It all starts with the sending SMTP entity. They need to all be secure and when unusual activity occurs out of normal behavior it needs to at least be analyzed
case #1 - normally 8 emails a day at most are sent by granny but unknown circumstances granny gets an infected dvd from a friend who pirates off the internet
the DVD introduced Trojans etc… so now when Granny sends from her outlook 100 emails which or not be legitimate and a scanner on smtp server scans the emails and detects a virus or Trojan guess what? that email is stopped dead
Now that could be done for every outbound email as it should be and any such emails should be handled by the email dameon to the effect that contents are suspect for xyz virus or Trojan.
What does it do it stops those emails from the virus or Trojan dead.
No wonton exposure. Sure Granny will be inconvenienced because a virus checker is checking every email she sends and the email will be delayed by a few miliseconds but the email wll stay secured or at least a best effort will have been made.
Now regarding spoofing SPF records in DNS can make it necessary to use specific smtp server but it also confines the permutations of roués the email will take
thus stopping the threat of viruses
I honestly do not understand why this has not been widespread implemented because these days its necessary.
The next line of defense would be firewalls. Every ISP these days has a firewall
They need to be checking packets for virus signatures even between packets
Why because somehow the viruses and Trojans have to be sent over the internet or delivered by sneaker net(CDs,DVDs Blueray, USB drives)
Even the drive manufacturers and OS people could help thwart the spread of such software. If they really wanted to stop it it would have been stopped
It amazes me how stupid we all are to let this continue.
That we find ourselves performing CAPTCHAs on every web site because we do not properly monitor web behavior.
Tell me I am wrong?
Bottom line keep FORWARDING those emails because if there is one thing that the headers provide it is the source SMTP Email Servers involved in their send off.
Not to be underestimated what that will do.
If the uce sees a huge number of servers from china sending emails with Viruses they can respond by cutting Chineese traffic and counter attacking or Estonia or where ever the SMTP servers are located. or cut off the traffic from those places and servers.
Those SMTP server absolutely count and so does the lack of SPF records involved!
Spam (UCE, Unsolicited Commercial Email) is a true form of terrorism and should be treated as such. Spam is criminal offense, an act of terror. Spammers are true terrorists and should be prosecuted as such.
I am annoyed, but not terrified by spam.
So, I really can’t sanction devaluing the word “Terrorist” by applying it to spammers.
I am terrified, very much. Everyday. I have losses from spam, I receive hundreds and sometimes thousands of spam daily and I would like spam to be treated as terrorist activity since a lot of spammers intentionally send rubbish (garbage) just to annoy, terrorize internet users. I am more terrified by spam than by terrorists who blow up people.