Zyra's website //// email //// spam //// Rogues Gallery //// scams //// spoofing //// Site Index
What is an e-mail Drop-Box?
How to really hurt scammers!
When you receive a scam email, it's worth knowing that the senders of these things are inherrently dishonest. Besides the messages themselves often being laughably poorly constructed and full of lies which anyone who bothers to do a search can suss within a few minutes, the messages are often dishonestly formed.
For one thing, the "From" part isn't necessarily anything to do with the sender. Also, the "Reply To" address is not necessarily the same as the "From". These are easily faked-up by a technique known as spoofing. Scamsters often use a disposable spam-sender account and have something quite different to reply to.
However, what many scammers use is a DROP BOX. That is, an account which is not in the headers of the spam message at all, and is mentioned in the text of the body of the message. That is the address which the scammers beg and implore you the poor gullible punter to send to as a response.
The following fictional example illustrates the point...
|From: Santa Claus <email@example.com>
I am Chief Oojamaflip of Nigeria. I was riding through the streets of Lagos the other day on my aardvark and I happened to find a big sack with fifty million dollars in it. I'd like to give half of it to you, and all you've got to do is to send me one hundred dollars and the following personal information:
Furthermore, 2+2=5, the moon is made of green cheese, and I am a fanatical believer in GOD.
If you are stupid enough to reply, and I think you are, please respond to sneaky_address@ISP.net
In this silly example, the person sending the message is not Santa Claus, and the account firstname.lastname@example.org is a spam-sending account which is disposable. The reply-to address email@example.com is not the spam sender's address, but instead it's the address of whosoever the scamster wishes to take revenge on this week. It's a spoofed address, and it can typically be someone who upset the scamster by squealing on them to their previous ISP!
But then we get to the serious stuff: The address at the end, which in this case is sneaky_address@ISP.net . This is the DROP-BOX . Anyone naive enough to be duped into falling for the scam will reply to that address.
However, this is where the scamster has a fatal weakness, and this shows how you can really hurt scamsters. That drop-box account is what keeps the scammer in business, and if you can target it and get it shut down, you are damaging the business racket of the scammer.
Notice how the drop-box address is not implicated in the sending of the spam in the first place, and there are probably a few ISPs left in the world that are so inadequately educated that they can't see there's any problem with such things. The drop-box isn't the sender of the spam, so if they work by law and not by moral sense, they might think they could get away with not bothering about it.
You should snitch on the scamster by reporting the drop-box to their ISP! That is how to put these racketeers out of business.
Also notice how in the fictional example, the personal information is requested purely so the criminals can do bad things to you, and is typically downright personal things which they have no legitimate business in asking. Furthermore, GOD is often gratuitously name-dropped in scam messages, especially those from West Africa.
Real scams are often almost as ludicrous as the fictional example (but not quite). It is bizarre what nonsense the scamsters expect punters to accept despite the absurdity of it.
Senders of scam messages aren't going to like being shown-up like this, but then again, they should set up in an honest line of work instead!