Author |
Message |
NobodyYouShouldRecognize
Hello I'm New here!
Joined: 06 Nov 2009
Posts: 7
Location: Michigan, maybe...
|
Posted:
Fri Nov 06, 2009 1:44 pm |
|
I go by NobodyYouShouldRecognize, but you can call me NYSR
Favorite Site: http://www.foimb.com <caution, mature content>
I'm between 25 and 35 and have had my own computer since I was around 5, so I have basically seen the evolution of online scams.
I work in an IT related field.
I definately enjoy playing the role of a white-hat nowadays.
I had visited this site for the first time maybe a year ago, made a few more visits and finally decided to start posting and looking for leads on scammers to mess with.
While I have worked with various programming languages and grammers through the years including MS-BASIC, Q-BASIC and even COMMO, nowadays I prefer Python. Python can be ran in most any current environment such as L/U/nix, Windows and Mac.
For a long time I have taken random attacks against me somewhat personally and have done things like contact hosting companies, ICANN, registrars, the IC3 and even neighbors of the vilians. Back when VB explots were more commonplace, specifically those that traveled via Windows Shares being accessible directly accross the internet ( before routers were common ) I would even leave people notes on how to contact me and instructions for how to secure their computers. Once upon a time I rewrote a virus that would use the same mechanism for travel, but I swapped out the payload for one that automatically removed the vulnerability that is used to get there. I was kind of suprised it didn't make headlines, but then again it was also still detected as a virus by AV software.
Lately I wrote a program to help me combat phishers, those people who send SPAM that is meant to trick someone into thinking it links to their bank or some other valuable site with the goal of capturing login details and other personal information. Information on the program I wrote will be posted in the 'Publish your work' area.
I have shared information about baiting and leading on scammers with others and heard some first hand stories of what they did.
My intent here is to create a topic ( if it doesn't already exist ) where people can post phishing emails so that I can retrieve them and have a little fun while preventing the phishers from getting valuable information. |
|
|
|
|
Inspector Gadget
Angel of unrealistic meetings
Joined: 20 Feb 2007
Posts: 6259
Location: Trumpton
|
Posted:
Fri Nov 06, 2009 2:12 pm |
|
Welcome to Eater.
Phishing mails we don't normally have much to do with, unless they have fake sites attached that can be dealt with. Are you looking for those types? If so, the Fake Banks and websites forum is where you'll find them. |
_________________ x2 Co bait with Rumbero Sao Tome island to Gabon van donation
Co bait with Jayhawk and VJD. Stanley's bottle tour Aba to Lagos
Team Hector, airport in installments and St Louis to Kayes
Halil, Cotonou to Accra
+ Precious 10/08/11
x8 x34 x 73
grown up man like him, still doing all this shit games - Stanley, (he doesn't like Parcel Direct)
You again do the strange reflections stuffed with drugs? - Natalia
x3 Hector 24/1/13 Moses 15th Oct 2011
x 2Mick Ole 11th Sept 2014-16 Asare Akuffo start 4th Aug 2014 |
|
|
|
thud419
Baiting Guru
Joined: 04 Jan 2006
Posts: 3193
|
Posted:
Fri Nov 06, 2009 3:11 pm |
|
Welcome to eater NYSR. It's nice to have another Python fan around.
You should be aware that any topic discussing sending viruses, trojans, keyloggers and the like will be shut-down immediately. (The number one reason being it's illegal, and the number two being it is too easy to affect innocent parties.) |
_________________ Click here to feel warm and cozy.
I did not f**k your wife in any way -- Nike Akanbi
I don't know what else to do or do I continue filling and filling forms. -- Barr. Koloti
you has been dribbling me up and down but I will show some thing you have never seen before, I think you breath air wait and see. -- Barr. Cole
x14
x 0.25 won from Reaper in a sucker's bet
x8 x several |
|
|
|
NobodyYouShouldRecognize
Hello I'm New here!
Joined: 06 Nov 2009
Posts: 7
Location: Michigan, maybe...
|
Posted:
Fri Nov 06, 2009 3:50 pm |
|
thud419 wrote: |
Welcome to eater NYSR. It's nice to have another Python fan around.
You should be aware that any topic discussing sending viruses, trojans, keyloggers and the like will be shut-down immediately. (The number one reason being it's illegal, and the number two being it is too easy to affect innocent parties.) |
Understood, although I don't think what I spoke about should be considered as this since what I sent out was actually an 'antibody' as I like to call it.
Just as there are T-cells and such travelling through your body to fight infections,... I created a digital version of that for the internet, atleast for a particular baddy that was out.
Admin, if you want to talk to me, go ahead
Inspector Gadget wrote: |
Welcome to Eater.
Phishing mails we don't normally have much to do with, unless they have fake sites attached that can be dealt with. Are you looking for those types? If so, the Fake Banks and websites forum is where you'll find them. |
The emails in question do have links to real looking mock-ups... but I will take a look at the forum area you mentioned. Thanx! |
|
|
|
|
Ima Baeder
Baiting Guru
Joined: 03 May 2007
Posts: 18313
|
Posted:
Fri Nov 06, 2009 4:45 pm |
|
Welcome, NobodyYouShouldRecognize.
Please do check out the fake sites forum but we don't shut down phishing sites/pages there. Our focus there is on fraudulent sites set up by scammers to prop up their advance fee fraud scams. (fake banks, couriers, law firms, etc.). Many of us do report phishing pages to the companies being spoofed, we just don't post them here. |
_________________ 348 Fake Sites killed
x 100 2 Years |
|
|
|
NobodyYouShouldRecognize
Hello I'm New here!
Joined: 06 Nov 2009
Posts: 7
Location: Michigan, maybe...
|
Posted:
Fri Nov 06, 2009 4:58 pm |
|
Ima Baeder wrote: |
Welcome, NobodyYouShouldRecognize.
Please do check out the fake sites forum but we don't shut down phishing sites/pages there. Our focus there is on fraudulent sites set up by scammers to prop up their advance fee fraud scams. (fake banks, couriers, law firms, etc.). Many of us do report phishing pages to the companies being spoofed, we just don't post them here. |
Yeah, actually I don't want to shut them down either... I haven't posted it yet, but the program I made directly connects to the website in question and uses POST to transmit faked information to them. There is a ton of random things including the delays inbetween each page, over 1500 proxy servers that are used, fake referrer information, browser agent info... basically the whole gammet, although the information looks valid. It can even answer security questions.
I figured that this way, with the delays, even people who get tricked are somewhat protected because the phishers will not know what information is real and what's fake. |
|
|
|
|
Dya Reyarunen-Downmeleg
** REMEMBERED **
Joined: 10 Aug 2009
Posts: 4129
Location: At the toilet door yelling are you almost done in there? Oops, too late...
|
Posted:
Fri Nov 06, 2009 5:36 pm |
|
Welcome here , NobodyYouShouldRecognize.
Happy baiting! |
_________________ ^ You are my favorite Canadian on Earth. Pastor Frank
x163
so as to enable the conclusion of this transaction on your behalf since you are not dead because if you are dead you would not have write me because I know that never will a dead
write to living...
I could receive the document official which you want to forward me for adhesion with TW@T
I am captivated, impressed and hypnotised with your sincerity
This you’re TW@T has it existed some how somewhere before?
Your ASSCODE is: 999-035-2655
"I Am Not a Justin Beiber Fan" innocent.being
Steward, WTF?
SAY NO TO SCURVY |
|
|
|
Slightlyoutofit
Baiting Guru
Joined: 13 Feb 2007
Posts: 14310
Location: Foraging for Nuts.
|
Posted:
Fri Nov 06, 2009 5:52 pm |
|
NobodyYouShouldRecognize wrote: |
Yeah, actually I don't want to shut them down either... I haven't posted it yet, but the program I made directly connects to the website in question and uses POST to transmit faked information to them.
I figured that this way, with the delays, even people who get tricked are somewhat protected because the phishers will not know what information is real and what's fake. |
There's at least one service out there that does the same job:
http://www.phishfighting.com/
A great tool. Hopefully yours will be as successful. |
_________________
God will see you true for all this you have done to me you bastard. - Collins Kalu
MAY THE HAND THAT TYPE ON KEYBORD BECOME STRICKEN AND TRANSMIT VIRUS TO YOU ENTIRE BODY. - Dr Linda Akeem
oh what a mess its time cabbage punks like u will be expose for trully what they are. - David Cole |
|
|
|
Roycropper
Baiting Guru
Joined: 14 Nov 2005
Posts: 7992
Location: Luxury Coffin
|
Posted:
Fri Nov 06, 2009 5:56 pm |
|
Welcome NYSR. There was a program or a website that flooded phishing sites with fake logins and pw's, was it Phish Fryer or something? It was discussed on here, but not really what we normally do.
BTW, please don't quote whole posts, we can see them above yours. As it's your first day, I won't get all heavy handed with my 'Edit' button, but just be aware we don't do it, some forums that do end up with posts viewed down a long oblong tunnel.
ETA: Phishfighter, that's the one, thanks Slightly. OP, please ignore the fact that the rabid squirrel just did what I just told you not to do, he's new. |
_________________ the European Union has bounced on our freckles
COULD YOU IMAGINE WHAT HAPPENED WHEN I WENT TO THE BANK
our Agent is Completely broke, pocketless and stranded
I WLL SEND AN AFRICA WITCH TO ATTACH YOU BASTARD
You go die like bird
i started shouting HALLELUJAGOBBLE but none of them notice me immediately police arrested me due to the shouting
f*ck u asshole ur damn mother will loose ur fcuking skull brain ur brain is nothing to compare with rat f*ck ur u
MY FRIEND ALEX WAS DETAINED IN POLICE STATION
I am not happy due to the question i answered at money office. Let me tell you do not play with me ok.
x4 6Yrs x6 |
|
|
|
NobodyYouShouldRecognize
Hello I'm New here!
Joined: 06 Nov 2009
Posts: 7
Location: Michigan, maybe...
|
Posted:
Fri Nov 06, 2009 6:05 pm |
|
I definately would edit the quotes, so there was only the last one in my reply. I actually didn't use quote, and then I went back and edited the post
Either way, thanks for the links peoples... I'll check them out and eventually I will publish some of the anti-scamming that I have done.
Thanks Again! |
|
|
|
|
Slightlyoutofit
Baiting Guru
Joined: 13 Feb 2007
Posts: 14310
Location: Foraging for Nuts.
|
Posted:
Fri Nov 06, 2009 6:30 pm |
|
I never quoted the whole post either.
Just the pertinent points that make my post more glorious.
Bloody pedants. |
_________________
God will see you true for all this you have done to me you bastard. - Collins Kalu
MAY THE HAND THAT TYPE ON KEYBORD BECOME STRICKEN AND TRANSMIT VIRUS TO YOU ENTIRE BODY. - Dr Linda Akeem
oh what a mess its time cabbage punks like u will be expose for trully what they are. - David Cole |
|
|
|
Pastor Frank
Baiting Guru
Joined: 31 Jan 2007
Posts: 12237
|
Posted:
Sat Nov 07, 2009 3:28 am |
|
Hi NYSR and besco, welcome to Eater.
@besco, Assuming that your post was not spam, I suggest you remove the link, it exposes your real life details. If you really want to become a baiter, I am sure your services as a Mandarin translator could prove invaluable. |
_________________ "Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R |
|
|
|
Reaper
Hello I'm New here!
Joined: 06 May 2007
Posts: 0
Location: Travelling in a fried-out combie. On a hippie trail, head full of zombie...
|
Posted:
Sat Nov 07, 2009 3:37 am |
|
You know those masks aren't very effective. Surgical ones at least.
But on topic, welcome NYSR. |
_________________ 110+
x15 x18 50+
Shola - 4.3k miles Lagos - Abidjan | Lagos - N'Djamena, Chad | Lagos - Sokoto "i have not eaten anything except water"
Mr Floyd - Lagos - N'Djamena, Chad | Lagos -N'Djamena --> Abeche, with RS (7 days in hell ) "we are dieing here"
Art Trophies: <a href="http://forum.419eater.com/forum/viewtopic.php?t=129502">Eva Bust</a> - <a href="http://forum.419eater.com/forum/viewtopic.php?t=135167">Reaper's Art Gallery</a>
- I am the King of Rome, and above grammar
|
|
|
|
NobodyYouShouldRecognize
Hello I'm New here!
Joined: 06 Nov 2009
Posts: 7
Location: Michigan, maybe...
|
Posted:
Sat Nov 07, 2009 5:23 am |
|
below is a little animation that shows some of the things my phisher program sends to phishing sites... basically though, I adjust copies of the software to be specific to each phishing site I come across. The graphic is just of the information generation front end, the actuall programs I use are console based.
The program uses over 1500 proxies that are grabbed daily from a proxy site and if they fail 3 times in one session then they are removed from the current proxy list.
Fake referrer information as needed, otherwise it's the previous page as it should be.
Randomly chosen web browser user agent per cycle.
The drivers license numbers are valid based on the generated name and such.
The addresses do NOT exist, but the phone numbers and zip codes match up with the randomly selected city.
I'm adjusting the social security number generator to not generate certain known non-issued SSN's.
The type of credit card is selected random, out of around 6 choices and the length and format match up with the proper card type. No check digits though since I don't want to generate real numbers.
Around 30 security questions and answers are generated each round that I can choose from as needed depending on how the site is setup.
Multiple passwords and emails each round, so I have backups and since some will look more real than others.
There are random delays between filling out each set of forms.
blah, blah, blah...
It also generates a log of all the information sent to the phisher...
The program can operate at speeds ranging from DoS ( which I don't use ) to as few times per day as I want based on an internal timer.
The program stops and notifies me when the site goes down... then can try again at a predetermined interval and alerts me if the page comes back but has changes or is mostly changed.
This program runs on *NIX, Windows and Mac OS X+... and uses VERY LITTLE resources... best is when it's ran in the background on a high power web server
I have sent hundreds of thousands of batches of fake information over the last few months.
Normally while it is running, I contact a half dozen places with information on the site address being used and once the site is no longer active I like to make sure that the registrar and host know that it was a scammer.
|
|
|
|
|
|
|
View next topic
View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|