In article ,
Woodchuck Bill wrote:
(Robert Bonomi) wrote in
:

Even in the U.S. I'm not sure what crime it is, **IF ANY**, to
trick somebody into revealing 'sensitive' account information.

Isn't unsolicited, commercial spam e-mail considered a crime in some
jurisdictions now?

for 'unsolicited, commercial spam e-mail',_in_and_of_itself_, the answer
is "No". It may be an actionable 'civil tort', however.

Sending email _can_ be a criminal offense, if there are specific
characteristics of that message that meet other specifictions in law.

To
-use- that information once you have it is definitely a crime --
any of several sorts, depending on the use to which that
information was put.

Yeah, but by that time the crooks can be in the clear...leaving only a
very blurry, multi-offshore-jurisdiction trail behind.

Yuppers. tracing back to the perps _is_ a problem.

In article ,
Lee Gordon wrote:
Even in the U.S. I'm not sure what crime it is, **IF ANY**, to trick
somebody
into revealing 'sensitive' account information. To -use- that information
once you have it is definitely a crime -- any of several sorts, depending on
the use to which that information was put.

Sure sounds like fraud to me.

"Fraud", 'bunco', etc. almost invariably require that the victim have
had something "taken" from them -- something that they thereby _no_longer_
_have_the_use_of_. "

Information theft -- where material is 'merely' "copied" -- is a "different
kettle of fish".

*IF* the information is provided 'voluntarily', it's hard to argue that it
was 'stolen'.

"Deception" to cause someone to disclose information, is relatively uncharted
waters.

Swingman wrote:

"Robert Bonomi" wrote in message

"Fraud", 'bunco', etc. almost invariably require that the victim have
had something "taken" from them -- something that they thereby _no_longer_
_have_the_use_of_. "

Howdy Robert,

What about "theft of services" ... as in unauthorized use of bandwidth and
cpu cycles needed to process the spam that are subsequently no longer
available to your customers?

Having to increase and pay for additional, and expensive, bandwidth due to
the increased volume of spam is most definitely a financial burden for
smaller companies and has the same bottom line result as outright theft.
....

Yes, it's real but impossible to prosecute successfully...

"Robert Bonomi" wrote in message

"Fraud", 'bunco', etc. almost invariably require that the victim have
had something "taken" from them -- something that they thereby _no_longer_
_have_the_use_of_. "

Howdy Robert,

What about "theft of services" ... as in unauthorized use of bandwidth and
cpu cycles needed to process the spam that are subsequently no longer
available to your customers?

Having to increase and pay for additional, and expensive, bandwidth due to
the increased volume of spam is most definitely a financial burden for
smaller companies and has the same bottom line result as outright theft.
DAMHIKT

--
www.e-woodshop.net
Last update: 7/12/05

Gary wrote:

NEVER, NEVER, NEVER...click on a link within an email thinking you're going
to a legitimate log in screen. Always, close the email and log in on the
secure webpage as you normally do.


I just wanted to reinforce what Gary wrote. I'm a computer programmer
in my day job. The emails these "phishers" send out often encourage
you to click a link to log in to ebay or PayPal or whatever, and the
link actually says "http://www.ebay.com/login" or something like that.
In HTML, you can have the text of a link say anything you want, but
the actual target of that link is something entirely different. So
while the link says http://www.ebay.com/login, the actual target is
http://user32.hypernet.ru/boris119/ebayscam/ or something.

Worse yet, there was a bug in Internet Explorer last year that let a
knowledgeable hacker exploit the browser so that the address bar at
the top of the page would actually say whatever they wanted, even
though the page was actually being displayed from a completely
different location! So if you clicked on a link in these phishers'
emails, your browser would go to a page that looked just like eBay's
login page, and the location bar of your browser would actually
say "www.ebay.com/login", but the page is actually coming from a
completely different location.

Be careful out there. Trust no one when it comes to your money.
Type in the address yourself, or use your bookmarks. Never trust
links in emails, even if they appear to be from trustworthy sources.

Kevin.

Kevin wrote in
:

Gary wrote:

NEVER, NEVER, NEVER...click on a link within an email thinking you're
going to a legitimate log in screen. Always, close the email and log
in on the secure webpage as you normally do.


I just wanted to reinforce what Gary wrote. I'm a computer programmer
in my day job. The emails these "phishers" send out often encourage
you to click a link to log in to ebay or PayPal or whatever, and the
link actually says "http://www.ebay.com/login" or something like that.
In HTML, you can have the text of a link say anything you want, but
the actual target of that link is something entirely different. So
while the link says http://www.ebay.com/login, the actual target is
http://user32.hypernet.ru/boris119/ebayscam/ or something.

Worse yet, there was a bug in Internet Explorer last year that let a
knowledgeable hacker exploit the browser so that the address bar at
the top of the page would actually say whatever they wanted, even
though the page was actually being displayed from a completely
different location! So if you clicked on a link in these phishers'
emails, your browser would go to a page that looked just like eBay's
login page, and the location bar of your browser would actually
say "www.ebay.com/login", but the page is actually coming from a
completely different location.

Be careful out there. Trust no one when it comes to your money.
Type in the address yourself, or use your bookmarks. Never trust
links in emails, even if they appear to be from trustworthy sources.

Kevin.


The version of Firefox running on my machine warns me when the target
url: differs from what the html says. Or at least I think it does. I
get a pop-up box...

Patriarch

This very thing happened to my wife and me. I got a really wierd vibe from the potential buyer and told him I didn't want to sell the him our brand new $1200.00 Asko washing machine. He literally flipped out on me on the phone. I just thought I crossed paths with a damaged soul but the above quote is identicle to what we experienced on Craigslist. We have sold many things on Craigslist before with no problem, I guess as with everything else in life you just need to really pay attention to that little voice within.

"Matisse" wrote in message
received. The basics are that they send you a cashier's check or money
order that you bank will accept but will later reject once they find
it's fake. By that time you have already shipped the product.

And where was the ship-to address? Unless it was some bogus address, it
shouldn't be all the difficult for authorities to track to who was using it
even if it was a rented postal mail box. Must have been something more
elaborate than that to evade detection.

In article ,
Swingman wrote:
"Robert Bonomi" wrote in message

"Fraud", 'bunco', etc. almost invariably require that the victim have
had something "taken" from them -- something that they thereby _no_longer_
_have_the_use_of_. "

Howdy Robert,

What about "theft of services" ... as in unauthorized use of bandwidth and
cpu cycles needed to process the spam that are subsequently no longer
available to your customers?

Wishful thinking, I'm afraid.

In general, law holds out that if you make a service/facility available to
the 'world at large', you have to give 'actual notice' to the specific party
that you wish to prohibit from using tat service/facility. "Notice by
publication" is _not_ sufficient -- you have to be able to show that they
actually *read* that notice, and ignored it.

Similar issue/problem with a civil suit for the common-law tort of 'trespass
to chattel' -- which *has* been used successfully against spammers.

Having to increase and pay for additional, and expensive, bandwidth due to
the increased volume of spam is most definitely a financial burden for
smaller companies and has the same bottom line result as outright theft.
DAMHIKT

Yes, the _effect_ is virtually indistinguishable. Unfortunately the law
does not regard the 'cause' as equivalent.

"Robert Bonomi" wrote in message ...
Swingman wrote:
"Robert Bonomi" wrote in message

"Fraud", 'bunco', etc. almost invariably require that the victim have
had something "taken" from them -- something that they thereby
_no_longer_
_have_the_use_of_. "

Howdy Robert,

What about "theft of services" ... as in unauthorized use of bandwidth
and
cpu cycles needed to process the spam that are subsequently no longer
available to your customers?

Wishful thinking, I'm afraid.

In general, law holds out that if you make a service/facility available to
the 'world at large', you have to give 'actual notice' to the specific
party
that you wish to prohibit from using tat service/facility. "Notice by
publication" is _not_ sufficient -- you have to be able to show that they
actually *read* that notice, and ignored it.

Similar issue/problem with a civil suit for the common-law tort of
'trespass
to chattel' -- which *has* been used successfully against spammers.

Having to increase and pay for additional, and expensive, bandwidth due
to
the increased volume of spam is most definitely a financial burden for
smaller companies and has the same bottom line result as outright theft.
DAMHIKT

Yes, the _effect_ is virtually indistinguishable. Unfortunately the law
does not regard the 'cause' as equivalent.

Thanks for the reasoned response ... I'll keep that rope handy just in case.

--
www.e-woodshop.net
Last update: 7/12/05

On 7/14/2005 1:39 PM Dave Hinz mumbled something about the following:
On Thu, 14 Jul 2005 11:24:22 -0500, Swingman wrote:

"Charlie Self" wrote in message


I'm basically just curious as to whether or not ebay itself has any
kind of active program against this sort of activity. It sure isn't
effective, if they do.

Since it's third parties who are doing the spamming/phishing, eBay has no
control whatsoever over it.


Right. They can do what's called "whack-a-mole" and react to each one,
or they can try to educate their customers that they'll never send mail
to verify accounts.


Just imagine, if you will, what it's like if you run a mail server or two
... all this crap goes to _every_ e-mail address on the servers. It's past
the point where a small company can afford the bandwidth/cpu cycles to keep
up with it.


Well, they can always hire a consultant to set up spamassassin and or
RBL checking for them...

Even with RBLs and spamassassin, a lot of these get through just fine.
Too many kiddies put up linux boxes with wide open SMTP relays and
spammers find these as fast as they show up. I use 8 different RBLs,
including maintaining one of my own, and I still get an avg of 5-10 spam
emails a day coming through my mail server.


Another interesting thing is to take a look at just one day of a server's
logs ... there's a war going on that you never hear about, mostly emanating
from the Pacific Rim/China and the old Eastern Bloc countries.


I block entire continents these days, for that reason.

Blocking entire continents only prevents them from sending directly to
you. They still get through those open SMTP relays that show up daily.


I'd gladly supply the rope to hang a few of these idiots in the public
square if you can catch'em.


I'll supply the marksmanship and ammunition. Standing/unlimited offer.



--
Odinn
RCOS #7
SENS(less)
SLUG

"The more I study religions the more I am convinced that man never
worshipped anything but himself." -- Sir Richard Francis Burton

Reeky's unofficial homepage ... http://www.reeky.org
'03 FLHTI ........... http://www.sloanclan.org/gallery/ElectraGlide
'97 VN1500D ......... http://www.sloanclan.org/gallery/VulcanClassic
Atlanta Biker Net ... http://www.atlantabiker.net
Vulcan Riders Assoc . http://www.vulcanriders.org

rot13 to reply

On 7/14/2005 1:41 PM Charlie Self mumbled something about the following:

Swingman wrote:

"Charlie Self" wrote in message


I'm basically just curious as to whether or not ebay itself has any
kind of active program against this sort of activity. It sure isn't
effective, if they do.

Since it's third parties who are doing the spamming/phishing, eBay has no
control whatsoever over it.

Just imagine, if you will, what it's like if you run a mail server or two
... all this crap goes to _every_ e-mail address on the servers. It's past
the point where a small company can afford the bandwidth/cpu cycles to keep
up with it.

Another interesting thing is to take a look at just one day of a server's
logs ... there's a war going on that you never hear about, mostly emanating
from the Pacific Rim/China and the old Eastern Bloc countries.

I'd gladly supply the rope to hang a few of these idiots in the public
square if you can catch'em.


Seems to me that there should be some kind of internaitonal cooperation
on catching, and punishing, these people. I don't see anyone who is
very bright falling for their cons, but the damned things are super
annoying, almost as annoying as the new variants on the Nigerian scam.


Ebay and Paypal (who is owned by Ebay) have a team that investigates
these fraudulent sites, but only if they're alerted to them. Since very
few people forward these emails to Ebay and Paypal, they are unaware
that a new fraud site has shown up. When you get one of these, forward
the email, headers and all to


--
Odinn
RCOS #7
SENS(less)
SLUG

"The more I study religions the more I am convinced that man never
worshipped anything but himself." -- Sir Richard Francis Burton

Reeky's unofficial homepage ... http://www.reeky.org
'03 FLHTI ........... http://www.sloanclan.org/gallery/ElectraGlide
'97 VN1500D ......... http://www.sloanclan.org/gallery/VulcanClassic
Atlanta Biker Net ... http://www.atlantabiker.net
Vulcan Riders Assoc . http://www.vulcanriders.org

rot13 to reply