/ / who.is scam solvers

who.is scam solvers

1 Comment Edit
#identitytheft #scam #whois #beginner #education

Scam emails, we all get them, we all hate them, and we all just kind of deal with them.  Sure we can inform the FBI or police but, a large majority of these come from overseas and we can't do anything about them, so whats the point really.  Rarely though we get ourselves a little gold nuggets of tremendous failure on the end of the scammer that just leaves excessively large holes in their plans.  Here's a little tail from yesterday... can't black hat on the clock sadly.

I'd like to start by stating I'm proud of the CEO of my company, it seems my subtle educational lessons are starting to make some headway.  But here is what happened.  The CEO gets a very suspicious email, saying "just confirm your information and you're 300,000 commission check will be on its way."  Ok to start here, really?  Sadly people fall for things like this, "confirm your information," which means "we want your information" identity theft much?  Instead of clicking buttons, or doing anything with said email, he calls me into his office.  Not sure if anyone else gets a small hint of anxiety when the presidents name appears on their phone, but totally happens to me.  I look over the email briefly, giggle a little and forward it to myself to inspect further.  Its also saved in our firewall so I still have access to it even in a worse case scenario; I just want to see what this is about though.

Already, loving what I see, its just so bad and so pathetic that its funny.  There are links that supposedly go to a identity confirmation website, stating it was "strictly confidential" and near the end "earn up to $500 a day with this".  The address listed in the email is to some poor bloke out in North Dakota whom seems to have that address listed as having nothing but fake identities after I did a quick Google search.  So obviously these guys are good right?  They know to use false address so they can't be traced, woot.  How can I ever possibly find how to save my butt?  How can I ever escape the grasps of this insanely complex situation?  What will I ever do to become free from their hold?

But wait there's more, one little tiny bit more info to share.  A little tool called who.is.  A small tool that may not be the greatest tool in the world, but good none the less.  Let me explain a little about who.is.  If you go to that website, literally it is who.is there is no.com or .net its just .is.  You can type in a domain name.  For example lets use mine goblinbyte.com, go there and test me out... I guess you I should say "good luck" because... you're not going to find anything out about me on there.  There is an extra layer of security enabled on my registration account.  As for other people... not entirely true.  Right now, within 30 seconds I can get you a persons address.  For the sake of security I'm not going to give out anyones personal info, instead I'll use spiceworks.com as my example.  Why using who.is on spiceworks website, you can find their phone number of 512-346-7743.  You can find their address of 7300 FM 2222, Austin Texas, 78730.  For a business leaving this available for the public, isn't really a bad thing, or a crazy idea.  Gaining access to a business's information, just kind of makes sense... now for people like myself, just a no name guy with no business address?  There a'int no damn way I'm enabling access to my information.  My registration has my personal cell phone, my personal home address... no-one needs that stuff.

Why is this important you ask?  Well all the "links" in the email we received were actually hyperlinks to someone elses domain, well hmm.  Hyperlinks to another domain?  What I'm saying is these links to www.access.now weren't real... they were hyperlinks to some ne'redowells hideaway of evils.  No I didn't click the links, I'm not that kind of person, this info can be found by simply hovering over the link.  So what did I do?  I checked the who.is information of this secret domain and... low and behold I have access to all of this guys personal information, his phone numbers, his email address, his home address, and to top off this ice cream sundae... HE REGISTERED THAT DAY.

Am I going to outright say this guy Frank (yeah that's the name registered) is 100% without a doubt the guy who tried to screw me?  No, I really can't, the email I got came from the Ukraine, but that doesn't really mean anything.  Sure I can sit here an speculate what this guy had done, but really to have a domain name made in Arizona, hosted in Arizona, and website set up with email access all in one day?  Yes its most likely some scammster who used a previously compromised identity to screw someone else over.  I think this is most likely the outcome, in that case sorry Frank that you fell for
such a simple and sad con, try harder next time.  But I have this sinking suspicion that this guy actually was the creator of the scam, just seems too gramatically accurate to be a foreign scam.

With all of that said I do have to applaud the new efforts to circumvent email firewalls, the generic layouts have all been flagged by spam filters, where as this particular email  (and others as of recent) put a page from a book at the bottom of their email.  Decreases the flag count by the firewall, well played scammers of the world, well played indeed.

Really it boils down to this, if you feel it would be a good idea to make a scam domain... don't use your own information.  And if you get an email that seems fishy, use who.is to find out more, you can even report the domain as abuse and decrease the amount of scammers on the internet.  Entry level hacker gone failed today, well played CEO.  And as always, be safe my goblins.
SHARE

About Unknown

    Blogger Comment
    Facebook Comment

1 comments:

  1. AnonymousApril 8, 2015 at 1:57 PM

    I googled Whois and this link came up to your blog. Very good information, thanks for posting it. :)

    ReplyDelete

Subscribe to: Post Comments ( Atom )