ARCHIVE
 

 

News

SCAM WARNING!

Oct 08, 2004 -- It seems some fool is going through the alumni roster sending everyone a solicitation that will only result in you being at worst poorer and at least embarrassed.

DO NOT reply to it or click the links in it.
UPDATE: 10/20/04 -- Another episode of annoying mail found a number of users last week. This one called "herself" Biyanca (various spellings).

These senders are not sending bulk mail, which is virtually impossible with our system, as we do not publish email addresses.

The sender actually went through the list clicking the little envelope symbol and sent individual messages to each person. This is one of those things we cannot control while also enabling alumni to freely contact one another.

Very few people have enough time on their hands to do this in quantity. Our staff observed the sequence of events in our log; the sender sent them out one after another to a couple of classes, realized it was too time consuming to be worthwhile, and gave up after about 15 minutes. Because the sender used the "blind" form procedure, he/she did not see your email address unless you replied to the message.

About 40 alumni (out of 1,200 registrants) received this recent scam spam. There have been only two episodes of this practice in all the time we've been operating (2 years and 8 months), a total of about 100 messages, among several thousand normal messages sent through the blind form procedure. Statistically, all service providers dream of such a low number, as it contrasts with over 50 percent of all email in general circulation. Because these senders constantly change (free) email providers it is difficult for spam filters to recognize them when they send in small quantities or as in this case individual messages.

We continue to monitor this problem and are considering alternative mail procedures. We will consult participating alumni before making changes.

--RC


The sender is - for now - calling himself Ismail or Izmail or Dr. Ismail. We suspect the academic degree was self-awarded. The scam bears a return address and web site link with an address in France (.FR).

This is a classic scam in which the victim is induced to front some money in order to achieve some purported financial transfer, usually international. The current wrinkle is getting the victim to provide a bank routing number so money can be transferred into a US account. What actually happens is that ALL the victim's money is transferred OUT, usually overseas, never to be seen again. DO NOT even let the person know your name or address.

Your address has NOT been released to the spam-scammer by us, but if you reply in any way, it will be captured and you'll get thousands of these.

During the Great Depression, hoboes would leave a mark on houses that gave them food or other help, which sometimes resulted in worse visits. Similarly, if you respond to these scams, you'll find yourself on list after list after list.

This reveals a great truth: YOU SHOULD JOIN the alumni association. Members get a FREE email address that is (while they keep it to themselves) used only by our roster system's little links. People can send you messages, but they don't get your address unless you give it to them.

The particular guy sending this scam ends by asking for God's help in the endeavor. We suggest you pray elsewhere, or be preyed upon.

RC

More about online scams...

There are several broad categories of online scams. This summary is not intended to be comprehensive. For more information do a web search on "protect from online fraud" on our search page.
  1. Email "Phishing"
  2. Email "spoofing"
  3. Fraudulent Sites
  4. Good old direct approach

Plain Old Fraud 101

The pitch, as in the case we've observed in the magazine, is usually a purported way to receive some big amount of money by providing a channel to move money or goods across frontiers. The typical come-on is something like "my cousin who ended up with the money from the corrupt (dictator, oil company, general...) needs help moving it into the US and we'll give you part of it if you will only (a) front some money (in cash or a bank deposit) or (b) let us put the money in your account (just give us all your routing info and passwords). The hook is getting you to provide access to your funds, and the sting is waking up in the morning to find that your money has been transferred out of your bank, out of your country, and out of your life.

Phishing 101

As the name implies - phishing involves hanging a lure out to see who bites. The crooks send massive numbers of messages asking recipients to "verify their contact and/or account data" for "security" purposes. These appear to come from banks and insurance companies and web sites such as eBay. They often emulate the appearance of legitimate web sites of those companies. However, on close examination, the addresses linked from the messages or the sites they induce readers to visit are not legitimate. Following the instructions will indeed improve security, namely the secure retirement of the thieves who will steal your money if you follow the instructions. What they want is access to the stored credit card information. NO BANK WILL EVER ask you for such information via email. DO NOT follow the instructions. Just as it takes only a few fish to fill the basket, it takes only a few fools to fill the crooks' accounts.

Spoofing 101

Spoofing is providing a false return address that makes the message appear to come from a legitimate site. If you get a suspicious message, don't click Reply, but instead, go to the company's web site and use their legitimate contact forms or addresses, or look up the sender in your address and start a new discussion sequence. That way, YOU are initiating the contact and know to whom you're communicating.

Phony Sites 101

Anyone with an hour's time and a little knowledge of HTML can make a clone web site that looks exactly like the original.
  • look-alike names: e.g., tchs-alumni.org instead of tchsalumni.org
  • subdomains in the first page you encounter: e.g., tchsalumni.some_site.com

Conclusion

These are only the tip of the iceberg. The historic principles of avoiding fraud are the same on the Internet as everywhere else.
  1. If it seems too good to be true, it probably is.
  2. You can't cheat an honest man.

Staying off lists...

The first line of defense is to stay off spam lists in the first place. Here are some simple techniques to protect you and your correspondents.
  • Use the BCC field for group mailings. Never put a list of names into the TO or CC field of an email. Instead, send the mail to yourself and put all the other names into the BCC field (every mail program has a BCC field, sometimes you have to turn it on in the settings/preferences). This way each person sees only his own address and yours; in addition he/she gets the warm, fuzzy feeling that you're theirs alone. Using the TO or CC fields sends your entire address list to all the recipients, and it only takes one of them to forward it to someone else who forwards it... to a spammer.
  • Don't sign up for free stuff. Many of the sites on the web are nothing more than email address collectors. NEVER, NEVER sign up to win the free teddy bear.
  • Get a "public" address and keep your real address private. Lots of sites offer free mailboxes. Sign up for one and put that into "free offers." Use it for a while and then abandon it. Send a change of address message to family and friends, and you're again spam free for a while.
  • Be firm with friends and family. It's often a close friend or family member who gets you onto lists. Share these dos and don'ts with your friends, and embarrass them publicly at holidays if they put you on a spam list (free teddy bear).
Note: At TCHS Alumni News your address is never published (unless by yourself) and nearly all contact with alumni is managed via indirect forms.

Reader Comments

Discuss this article in the forums!

   No comments yet!
 

© 2008 TCHS Alumni News.

Powered by JournalMaker.