Vaezy.com: Follow the spam

Monday, October 29, 2007

Follow the spam

These are all real subject lines for spam messages I've received today alone. I've never been tempted to buy a fake watch from a spammer, but I've always wondered what would happen if I really did shell out the $49 for one of these AMAZ1NG R0L3X REPLICAS!!! Now I no longer have to: Computer Associates bought just such an item from a spammer, tracked the money, and reported the results for you to see.

The original spam, advertising a "T4g Heuer w4tch" for $200 from a place called Lagetyo.com, likely originated from a malware-infected PC sitting in a church in Washington state, almost certainly sent without the knowledge of the user. Clicking on the spam link, off our buyer was whisked to Lagetyo, a professional-looking (though merely temporary) website (see screenshot) which included a privacy policy, shopping cart, and contact details. Even the credit card transactions were encrypted.

A security audit showed that there was no malware in the site; everything was on the up and up. This makes sense: Once you have your victim on your grasp, you don't want to scare him off. He's about to give you his money (and credit card info) willingly. Why bother with malware now?

So he bought a pair of earrings on the site for $52 plus $29 shipping. Using software, web services, and good-old sleuthing to follow the money, which is a convoluted trip to China and Korea (where the websites he used were located), to a shell company in Las Vegas, to another shell company in Washington, and finally to the island of Cyprus, where the cash was collected.

Much to everyone's surprise, our hero's item was apparently actually shipped from China to him in Virginia according to shipment tracking information. Alas, there's a surprise ending, as the post office appears to have lost it only miles from his doorstep.

Surprised? I am. It's a much smaller crime to send spam email than to fraudulently charge someone's credit card. Maybe less lucrative, sure, but when it comes to spamming, I guess it really comes down to a question of risk.

No comments:

Post a Comment

Biography

After starting out as an unsuccessful pop singer (working under the name Vance Arnold), Joe Cocker found his niche singing rock and soul in the pubs of England with his superb backing group, the Grease Band.

He hit number one in the U.K. in November 1968 with his version of the Beatles' "A Little Help from My Friends." His career really took off after he sang that song at the Woodstock festival in August 1969.

A second British hit came with a version of Leon Russell's "Delta Lady" in the fall of 1969 (by then, Russell was Cocker's musical director) and both of his albums, With a Little Help from My Friends (April 1969) and Joe Cocker! (November 1969), went gold in America. In 1970, his cover of the Box Tops hit "The Letter" became his first U.S. Top Ten. Cocker's first peak of success came when Russell organized the "Mad Dogs & Englishmen" tour of 1970, featuring Cocker and over 40 others and resulting in a third gold album and a concert film. Subsequent efforts were less popular, and problems with alcohol (both on-stage and off-) reduced Cocker's once-powerful voice to a croaking rasp. But he returned to the U.S. Top Ten with the romantic ballad "You Are So Beautiful" in 1975 and topped the charts in a duet with Jennifer Warnes on "Up Where We Belong," the theme from the 1982 film An Officer and a Gentleman.

He has survived, still charting into the '90s, albeit with less frequency than he did in the '70s and '80s. He also continued to work throughout the new millennium. No Ordinary World was his first release since 1997's Across from Midnight. Respect Yourself appeared in 2002, and the covers album Heart & Soul followed in 2004. The European release Hymn for My Soul, which features cover versions of songs by Stevie Wonder, George Harrison, Bob Dylan, and John Fogerty, was issued on Parlophone in 2007. ~ Cub Koda & William Ruhlmann, All Music Guide