Author |
Message |
Bankster
Baiting Guru
Joined: 22 Jun 2007
Posts: 2239
Location: Gone for a while.
|
Posted:
Thu Dec 17, 2009 4:14 pm |
|
While my abilities as a baiter aren't exactly much to brag about, I do enjoy the numerous other ways of messing with scammers that modern technology so nicely is providing us with.
In particular, this thread has got me thinking about legal and easily feasible ways to tap into the data of as many lads as possible.
My best idea so far:
MuguMail, the friendly e-mail service with a backdoor for baiters!
Dear fellow scammer,
As you've probably already heard from your friendly fellow guyman / dolla chopper / oga (who in reality is a baiter), the stupid westerners have caught up to the fact that a real barrister, bank representative, president, ... doesn't use Yahoo Mail. Your scam letters are just so much more credible when they're sent from a domain that ends in "-ltd.com" or "-bank.ch". That's why the modern scammer uses this fun new e-mail service that lets you choose from a number of business-like domains. The service is currently invite-only, but I could give you an invite, maybe in exchange for (insert something here)?
What the scammer doesn't know is that the baiter who sends him the invite will have access to all mail they send or receive.
In order to keep this legal, the lengthy TOS agreement (that boring legal text above the AGREE button) would explain exactly how the service works. It's a well-known fact that nobody has ever read this, so it's probably safe to write something as "upon pressing the AGREE button, we will collect your first-born" and people would still sign up.
The only real risk I see is that the new domains in fact do add credibility to the scammer's mails. I'd say that risk is offset by the ability of the baiter to watch all e-mail traffic and warn any victims, or - if you buy MuguMail Enterprise Edition - redirect all mail to their own inbox and impersonate the victim.
I know the main reason why this works so well on paper is that I've missed some important piece of information. Does anybody care to enlighten me? |
_________________ Whoever said you can't touch happiness has never petted a dog.
( ) x10 __ x? |
|
|
|
N N N
Master of Master Baiters
Joined: 26 Sep 2008
Posts: 689
|
Posted:
Thu Dec 17, 2009 4:24 pm |
|
probably is a technically illegal idea as to all intent and purposes you're hacking someone elses private email/data. Which is a no no for discussion on these forums .... |
|
|
|
|
mugu_eater
Master of Master Baiters
Joined: 30 Aug 2009
Posts: 719
Location: Thailand
|
Posted:
Thu Dec 17, 2009 4:26 pm |
|
the idea is good but i am afraid you educate them this way...i could be wrong...on the other side i am not sure that this legal so eater will not back you up on this but again i could be wrong... |
_________________
mr Frank Bode
NOW I KNOW YOU ARE THE MOST STUPID ANIMAL THAT EVER EXIST ON EARTH. FB
ANYWAY THERES NO REASON TO WASTE MY PRECIOUS TIME WITH HE GOAT LIKE YOU..I KNOW ANIMAL LIKE YOU WOULD NOT KNOW SIMPLE COURTESY OF APOLOGY FOR WASTING A TIME OF A RESPONSIBLE BUSINESSMAN LIKE ME.
J0hns0n Prince K0fi |
|
|
|
Bankster
Baiting Guru
Joined: 22 Jun 2007
Posts: 2239
Location: Gone for a while.
|
Posted:
Thu Dec 17, 2009 4:57 pm |
|
Quote: |
as to all intent and purposes you're hacking someone elses private email/data. |
Well technically it's not hacking. But you're of course right. That's why I'd explain everything in detail in the TOS. Something along the lines of "the person inviting you to this service will have full access to your account and be able to f*ck with you in any way they deem appropriate and/or fun."
You're of course free to refuse that offer, but once you've clicked the I have read and agree to blah blah blah button, you're obviously asking for it.
I'm well aware of this forum's rules on the discussion of illegal activities, and if this idea leads to something at all, it'd of course have to be legal (not only because of the forum rules, but also in order to protect the people behind it).
I don't see how this would educate the lads though...? |
_________________ Whoever said you can't touch happiness has never petted a dog.
( ) x10 __ x? |
|
|
|
Mr Tambourine Man
Baiting Guru
Joined: 06 Jun 2008
Posts: 3398
Location: Magic swirlin' ship
|
Posted:
Thu Dec 17, 2009 5:33 pm |
|
Bankster wrote: |
I don't see how this would educate the lads though...? |
The bit about Yahoo addresses not being used by barristers, etc.
Some l;ads do know this and register free websites for the email address. We try and close those, and don't want more lads using them. |
_________________ is always Good when you have the zeal to be a hitwoman when you out of school,it makes you bold and reall and it makes you more high than any other of your friend.
NOW AMBACK FOR YOU AGAIN STURBORN SHIT
you dont have a phone.that makes makes you joe butt
Fuck you and go find something to do man. Stop disturbing me please.
This is definitely why you will remain and die in poverty, ignorant of good things and easy acknowledgment of bad things and words. Shame on you, you wicked generation children.
i went you to no that this is not a cheld pray. i went you to get back to me
we are not scammer,we hate scammer as you do.scammer make out life harder and harder,a lot of people think we are scammer,in fact,we are not!! please trustt us |
|
|
|
Bankster
Baiting Guru
Joined: 22 Jun 2007
Posts: 2239
Location: Gone for a while.
|
Posted:
Thu Dec 17, 2009 5:37 pm |
|
Quote: |
The bit about Yahoo addresses not being used by barristers, etc. |
Aw, man. Forest and trees. I see. |
_________________ Whoever said you can't touch happiness has never petted a dog.
( ) x10 __ x? |
|
|
|
martijntje
Hello I'm New here!
Joined: 16 May 2007
Posts: 17
|
Posted:
Thu Dec 17, 2009 5:54 pm |
|
@Tambourine: That is of course a valid concern. However, on the other hand, if your mugu decides to join your mailservice this has many, many applications.
For example, you can make it so that outgoing mail does not actually reach it's recipient. This way, the scammer will not be able to send any scammail. It of course looks like it has all been sent. Instead of delivering the mail to the intended recipient it will be sent to selected baiters.
I am not sure of exactly what percentage of people normally responds to a scammail, but if we know this we can make sure to assign the correct number of baiters. The scammer receives replies to his emails and will keep using the service. In fact, the baiters he reaches will be so thick he'll think he has just struck gold! |
|
|
|
|
MrBadLuck
Master Baiter
Joined: 07 Nov 2009
Posts: 201
|
Posted:
Thu Dec 17, 2009 6:19 pm |
|
I don't think you could legally make a TOS that violates peoples basic rights (as pertaining to the service). Didn't microsoft get in some hot water over this in the late 90s? |
_________________ x3 x2 x5 x2 |
|
|
|
Jammy
Master of Master Baiters
Joined: 24 Oct 2009
Posts: 517
Location: Absolutely, last time I checked.
|
Posted:
Thu Dec 17, 2009 6:41 pm |
|
I think it's a good kernel of an idea: Providing lads with some kind of fake web-based tool that they think will help them with scamming, when it actually feeds them right to baiters.
Also, I suspect that a TOS that said "We retain the right to review all mail posted and received through our email service" would be perfectly valid and legal (unethical perhaps, but almost certainly legal). I've seen worse in TOS's!
However, there are some problems:
Educating the lads has already been mentioned.
How would you prevent ITPs from finding your free mail service?
What would you really do with the information you gathered? Warn everyone that each lad was communicating with? The lads would just stop using the service. Would you bait each and every email sent out by every lad?
You could be overwhelmed quickly without a well-defined plan. If this worked, you could have hundreds or thousands of fresh emails a day. Will you read and sort through them all? Will you simply delete them all, making it seem (to the lad) that it's just broken?
But I like the basic idea though! |
_________________ X 4
Published Bait: The Miseducation of Chief Mrs Watusi FBI Mrs |
|
|
|
manbiteslion
Baiting Guru
Joined: 12 Dec 2007
Posts: 4816
Location: Connecting my chair and keyboard
|
Posted:
Thu Dec 17, 2009 7:21 pm |
|
We don't step close to that illegal line, let alone all of the other implications of using non-yahoo addresses, hosting (by definition) spam servers, etc. |
_________________ Premium Wimp Convincer - Click Me! |
|
|
|
Bankster
Baiting Guru
Joined: 22 Jun 2007
Posts: 2239
Location: Gone for a while.
|
Posted:
Thu Dec 17, 2009 7:22 pm |
|
Quote: |
Also, I suspect that a TOS that said "We retain the right to review all mail posted and received through our email service" would be perfectly valid and legal (unethical perhaps, but almost certainly legal). |
If the idea took off and it was me who provided the hosting, the server would be located in a country where this would be waterproof. (And even if it were not, the 'victim' would have to either show up personally or hire a local lawyer to file charges.)
The fact that such additions to the TOS are generally considered unethical doesn't bother me very much in this particular case.
Quote: |
How would you prevent ITPs from finding your free mail service? |
That's why I'd make it invitation-only. That won't work well for a large-scale deployment for reasons you've already mentioned, but would be a nice start for the pilot phase.
Quote: |
What would you really do with the information you gathered? Warn everyone that each lad was communicating with? The lads would just stop using the service. Would you bait each and every email sent out by every lad? |
I was kinda hoping that some elite baiters come up with a good plan.
For starters, I'd just let the lad send anything he wants. He'll probably want to send a few test mails and see if it works. The system would provide you at least with means to block and redirect outgoing messages (though to the lad they'll appear as having been sent), wait for your confirmation before actually sending a message, edit any message in his mailbox, send messages to the lad from any sender, and disable his account for "violation of our TOS". Blocks and filters could be applied to all messages or to messages to a particular e-mail recipient. That way you could watch him, impersonate a victim, silently neuter him altogether or bluntly kick him off the service. (Maybe there's a special modality to re-enable an account that has been disabled for security reasons?)
The only legal problem I see here is that if you watch him talk to victims, you might (at some point) knowingly let him use your infrastructure for illegal activities. Whether that's a problem remains to be clarified, and preferably by somebody who's more familiar with the law than me.
Of course the lads will eventually wise up to it and abandon the service. But hey, think of the fun that is to be had until then! (Not to mention the information collected and victims warned.)
The question is, how would one convince the lads to use the service without educating them too much? |
_________________ Whoever said you can't touch happiness has never petted a dog.
( ) x10 __ x? |
|
|
|
Juan Freizwidatt
Associate
Joined: 18 Apr 2004
Posts: 20834
Location: Hanging out at In-n-Out
|
Posted:
Thu Dec 17, 2009 7:29 pm |
|
A creative idea but unfortunately it's flawed for all the reasons mentioned. It's skirting the line both ethically and legally, and the cardinal rule of not educating the lads is a huge impediment.
Keep your thinking cap on, I'm sure you can come up with another idea that will cause lad pain without all the potential ramifications of this one. |
_________________ "SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"
"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"
I apologize again that I will lick the dust from your sandals - Shorty
x4: Shorty
x 16:
US lad w/Capone: ( )
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
|
|
|
|
lakeside77
A chaff in the USA
Joined: 11 Jul 2008
Posts: 2700
Location: Out there in the cold, getting lonely, getting old
|
Posted:
Thu Dec 17, 2009 7:52 pm |
|
Quote: |
As you've probably already heard from your friendly fellow guyman / dolla chopper / oga (who in reality is a baiter), |
Personally, I would never acknowledge the existence of baiters or scambaiting to a lad. My guess is that there are thousands of them out there who have never been baited and we don't need to be on their radar. |
_________________ ls77
x26 x3 x2
Father Frank
I must let you know that am sick and tired of all this whole bull sheet do you know my ass is on the line - Jonh Raymund
i want to say i am very sorry for the Mother that gave Barth to you -- Jim Ovie
. . . it is disrespectful,malicious, an ILEDAN EYE,to our corporation and embarrassing to my secretary as he was messed up by your action. I thought I was assisting a true American gentleman without knowing that I am trying to help one of the most chaffs in the USA. --Dr. Leo Stan Ekeh
. . . I hate you with all my Live, you may not understand the Laval of hatred I have in you -- Dr. Lambert |
|
|
|
Technomancer
Master of Master Baiters
Joined: 08 Dec 2009
Posts: 671
Location: Sailing the infinite sea of the Net
|
Posted:
Fri Dec 18, 2009 3:21 am |
|
N N N wrote: |
probably is a technically illegal idea as to all intent and purposes you're hacking someone elses private email/data. |
But it can't be illegal. The government does it!
Bad jokes and legal issues aside though, even if it was possible to set this up, I think the scammers would have to be incredibly stupid not to notice the sudden drop in their income just at the time they started using this new service.
Still, might be some potential here if you can trick them into using some sort of service that doesn't bend any laws in the process yet still gives you useful info.
Keep thinking |
_________________ ***************
* TechnomanceR *
***************
-------------------------------------------------------
I went to the Mr Biggs' drive-in... And all I got was this lousy Easter Egg with fries!
x1 |
|
|
|
jose_cuervo
Baiting Guru
Joined: 01 Mar 2006
Posts: 8175
Location: Packing Vaseline in my frilly boots, I can’t help if it gets in other places.
|
Posted:
Fri Dec 18, 2009 4:04 am |
|
Bankster wrote: |
If the idea took off and it was me who provided the hosting, the server would be located in a country where this would be waterproof. |
But you are not located in a country that is "waterproof".
Regardless of the where and the wonderful fine print, if an individual who is not a lad were to sign up or even read the terms of service you may quickly find yourself in a legal mess. Even if you were 99% certain that you could get out of it, it could ruin you financially.
Personally, I do not see this as any different than phishing and that is against 419eater's rules.
click |
_________________ ~
“I guess a man is the only kind of varmint sets his own trap, baits it, and then steps in it.” ~ John Steinbeck |
|
|
|
|