Pros and Cons of reporting to ESPs

Original topic was: Welcome to ScamWarners, come and say hello here!

I have just registered, after reading the stickies and announcements about this Internet Fraud Center.

I would like to hear from the managers of the site what the objectives for this site are.

It is clear that one reason for its existence is to warn the unwary of the types of scams that are being conducted over the net. That's obvious. What I don't know for sure, is whether there are more objectives.

I have looked at 419eater.com, and their objective is clear - to decrease scammers' effectiveness by tying them up, wasting their time, and counter-scamming or humiliating them. A similar approach applies at thescambaiters.com

Although there are people here who call themselves scambaiters, it is not obvious that that is the objective for scamwarners.

Welcome here Reportandie.

The objectives of Scamwarners.com is stated on the front page:

We are here to warn, advise, and increase awareness about internet fraud.

Our mission is to:

Increase general awareness of internet scams
Identify individuals or groups who may be vulnerable to scams
Provide accurate and reliable information to victims and potential victims
Advise and support those who have been scammed
Warn people about fraud on the internet
Help people protect themselves against scammers

Scambaiting is not one of the objectives of Scamwarners.com

Welcome ReportAndie (and others),

It is true that many of our support team members are also scambaiters over at 419eater--the interaction with scammers in baiting is a valuable addition to our knowledge and understanding of scams, and some specific scammer information may actually be obtained in a bait. In fact, information gathering is one of the primary motivations for many baiters.

However, as David already pointed out, scambaiting is not our mission here.

The sad reality is that these scammers are not going away any time soon. Right now, awareness and education are the best tools to help victims and potential victims, and Scamwarners was set up to help provide that.

Welcome here Reportandie.

The objectives of Scamwarners.com is stated on the front page:

We are here to warn, advise, and increase awareness about internet fraud.

Our mission is to:

Increase general awareness of internet scams
Identify individuals or groups who may be vulnerable to scams
Provide accurate and reliable information to victims and potential victims
Advise and support those who have been scammed
Warn people about fraud on the internet
Help people protect themselves against scammers

Scambaiting is not one of the objectives of Scamwarners.com

Great. So there is no objection to companies like Google, Yahoo!, Microsoft, AOL, GMX, checking in here, seeing which of their email customers are abusing their terms of service, and closing them down?

You see, your objectives do not include any efforts to interface with the Email Service Providers to shut down the frauds by cutting off their email accounts. And the baiter sites specifically discourage such actions.

Welcome to Scamwarners, Reportandie!

We also discourage the closing of scammer's email addresses. Why? When a potential victim comes across a scammer and posts his information here, the next suspicious victim who googles the address will learn that they are dealing with a scammer. If the scammer's email account has been closed and they are using a new address, the scammer is anonymous and we have no way of warning victims.

It is an interesting theory. I do not subscribe to it.

The other side of the coin is that when a scammer has 10 victims on the hook, about to part with their money, the loss of the scammer's email account will require a switch to a new one, the re-establishment of the conversation with the victims, the need to explain the change of address, and a warning signal to the victims that something is amiss. With suspicions aroused, a Google search of the old email address will still be as effective. Likewise a Google search of a few keywords from the script will turn up results, irrespective of the scammer's email address and fictitious name.

My original question was posed to the administrators of this site. To date, I have not received a reply from a recognized spokesperson.

Allowing crimes to continue in the hopes of exposing their email addresses and thus warning potential victims appears to me to be leaving oneself open to accusations of aiding and abetting the crime.

When people sign up for free accounts that agree to the terms of service of the provider. They acknowledge that infringement of those terms will lead to the loss of the account. Providers of free services do not regard it to be in their interests to have their company name become synonymous with crime. So they are more than willing to enact the provisions of their contracts, once informed of the breach.

^^^

My original question was posed to the administrators of this site. To date, I have not received a reply from a recognized spokesperson.

You have already had a response from an administrator in your original post viewtopic.php?f=1&t=10135&p=82297#p82297

Do you have a problem with this site and it's reason for being here?

A Google search of the old email address will only be effective if it is reported and posted for all to see. Therefore, if the address is available through a search engine such as Google, is it not better that people see our warning of the email address involved in the scam?

Not everyone thinks the same as you, especially people who's first language is not English.
I'm sure that you would prefer someone to search the email address of a scammer and find a warning than to do the same search and find nothing at all, thus giving them the confidence to part with their money!

Hello Reportandie,

The main problem is these email accounts the scammers use are free and takes seconds to setup. Scammers get their accounts shut down all the time mainly because someone reports it as spam. They have plenty of excuses for the victims they are targeting ready to go just in case. We want to have as many details about scammers posted as possible so when a victim does search they find results. Shutting down their accounts simply means the scammer will use more email addresses which is exactly opposite of what we want.

If you take some time to read the threads here you will see most victims are brought here because they were suspicious searched and found the scammers details here. Although it would be great if people searched parts of the emails I think most people search the name and email address.

I know our stance may seem more defensive than offensive to you but sometimes a defensive strategy works best.

I have separated this into its own thread as we don't need the welcome thread hijacked.

As noted above, an administrator did in fact respond to your original post. However, you have now raised a specific question, which I am more than happy to address.

I'm sure the many victims who have found their way here and avoided being scammed because they googled an email address would strongly disagree with your methods, which would result in scammers constantly changing email addresses. If their scammers' posted email addresses had been killed, their searches of the new email address would yield nothing, and they would likely have lost their money. Below are two examples of people who benefited from a posted email address. They are nowhere near the only ones.

http://www.reviewcentre.com/Online-Forums/ScamWarners-www-scamwarners-com-reviews_144870
http://www.scamwarners.org/forum/viewtopic.php?f=39&t=25981&p=76021

I have encountered hundreds of people who have avoided scams by googling an email address, while I have encountered none who have twigged because the scammer changed addresses during the scam. On the other hand, I have encountered plenty of victims who didn't think twice when their scammer changed addresses, with an incredibly simple explanation that the old one was hacked/not working/etc. They just kept going and lost even more, until something else led them to recognize the scam.

We do not support the closing of scammers' free email addresses, period. This policy is based on an incredible wealth of experience with scammers and their practices, as well as extensive interaction with victims. It is completely supported by our admins, moderators, and other support staff, and we are very confident that this policy is the most effective one possible right now. Until email providers find a way to permanently block users who have been implicated in scamming, instead of allowing them to open another address in less than 5 minutes, that policy is not going to change.

Your personal opinion may differ, and you have a right to that opinion. However, coming to scamwarners simply for the purpose of attacking our policies is not helping anyone, and is not going to be tolerated.

Thanks for splitting the thread to its own topic. It was my first posting and indeed, it was starting to get off the topic of introductions.

I came here to ask questions and clarify the purpose of this conference. I disagreed with one of the responses and pointed out my reasoning as a courtesy.

I am surprised that this has been construed in such a way as to warrant this response:
'However, coming to scamwarners simply for the purpose of attacking our policies is not helping anyone, and is not going to be tolerated.'

Over the past few months I have been amassing a base of 419 scams, fitting the usual categories. Out of that I have extracted some useful information - 2,600 email addresses used by scammers for example. But I can't see a way of seeding those into search engines via this forum as its structure does not lend itself to such a posting. That was part of my reason for asking questions.

Another analysis that was published elsewhere is a breakdown by ESP (Email Service Provider) showing their relative abuse rates over a sample of 2,000 scams -

36% Yahoo
26% Microsoft
22% Google
4% Rediffmail
3% AOL
2.5% mail.com
etc

From this it can be seen that if the top 3 ESPs (accounting for 84% of scammers) paid attention to the scam abuse infringing their terms of service and acted immediately and even preemptively to eradicate them, they could have a significant deterrent effect on the scams emanating from their services. I believe that it is inevitable that this will happen, in the same way as these ESPs have implemented highly successful inbound spam (and effectively scam) filtering.

Furthermore, I can confidently predict that they will be implementing spam-trap feedback measures to do their own detection and removal of offenders. Why? Because there is intense competition out there for the penetration and market share of the ESP business. The key to success lies in acquiring reputation. Spam (scam) filtering at ingress is now very sophisticated and a pre-requisite to market acceptance and approval. Spam and scam filtering at egress is the obvious next new point of differentiation.

I welcome further debate.

I am surprised that this has been construed in such a way as to warrant this response:
'However, coming to scamwarners simply for the purpose of attacking our policies is not helping anyone, and is not going to be tolerated.'

You said earlier:

Allowing crimes to continue in the hopes of exposing their email addresses and thus warning potential victims appears to me to be leaving oneself open to accusations of aiding and abetting the crime.

This was a hostile statement You are basically accusing  us of aiding in 419 activity because you do not agree with our tried and true methods of dealing with the scammers. It differs from your belief so you accuse us of aiding scammers? Then you wonder why you were warned ? 

But I can't see a way of seeding those into search engines via this forum as its structure does not lend itself to such a posting

We do require that scam emails are posted with proof it is a scam. This protects innocent people from being tagged as a scammer by some one possible looking to just tarnish someone's image in a vindictive way. So no you cannot just post a list of scammer email addresses without proof.

I don't think anyone would argue with you that we wish the free email providers did more to stop Internet fraud. In a perfect world yes Google would zap the scammer from the Internet permanently after one scam mail was sent. This is not the reality now though and we have developed our methods after years of experience with Internet fraud. 

But I can't see a way of seeding those into search engines via this forum as its structure does not lend itself to such a posting.

As Justin said, the need for evidence is paramount, which is why we aren't structured for a database.

From this it can be seen that if the top 3 ESPs (accounting for 84% of scammers) paid attention to the scam abuse infringing their terms of service and acted immediately and even preemptively to eradicate them, they could have a significant deterrent effect on the scams emanating from their services.

Nobody is arguing that this is not true. But reporting individual email addresses does nothing to make this happen.

Furthermore, I can confidently predict that they will be implementing spam-trap feedback measures to do their own detection and removal of offenders.

The major providers do in fact have some policies on the outgoing side already. Most have a maximum number of daily emails per account, to prevent spamming. Exceeding that limit may result in immediate suspension or closure. Some do have limited keyword filters on outgoing emails too. That is why many scammers send their formats from one email address, and use a different email address for replies.
In fact, if you look at many of the formats posted here, it is very common for them to be sent via a minor provider, or through a compromised domain, with the recipient directed to contact an address with those major providers. But that doesn't mean they are going to invest millions of dollars to better screen outgoing email. They are going to invest money on the things their users want.

Spam (scam) filtering at ingress is now very sophisticated and a pre-requisite to market acceptance and approval.

Very true. Users do not want to have to wade through a bunch of spam to get at their email, and they are likely to drop an email provider that doesn't filter well.

Spam and scam filtering at egress is the obvious next new point of differentiation.

Not true at all. Your average user doesn't know or care very much about the email providers' outgoing filters (unless they are too tight and affect them in a negative way--then they care very much). Reputation and marketability are tied to the features users want--things like uptime, interface / ease of use, storage space, and additional features (organizing, chat programs, etc.) Whether they can get the username they want is more important to the average user than whether scammers are sending emails through the provider.

The fact is, ESP's are not the only businesses that are used/abused by scammers, and that could play a larger role in preventing scams. The same exact point can be made about dating and classified sites that are flooded with scammers who choose not to more strongly filter new accounts, and for that matter, money transfer and shipping companies that fail to act on a name or account when first reported, allowing many other victims to be scammed before action is taken. But, these are all businesses--their goal is to make money--and decisions are made based on cost/benefit and risk--and it is cheaper for them to follow their current practice.

If and when ESP's reach a point at which they can ban someone permanently and prevent him/her from opening email addresses after they have been determined to be scammers, then baiters and sites like ours will certainly reconsider our approach.

For now, though, the facts remain the same: Report a scammer's email address, and he can open another in minutes (if he didn't open extras to start, which many do) at no cost. He will keep right on going with his scam (any experienced scammer will have forwarded his victim info to another account), and the next victim he approaches with his new email address will lose the opportunity to be warned.

You said earlier:

Allowing crimes to continue in the hopes of exposing their email addresses and thus warning potential victims appears to me to be leaving oneself open to accusations of aiding and abetting the crime.

This was a hostile statement You are basically accusing  us of aiding in 419 activity because you do not agree with our tried and true methods of dealing with the scammers. It differs from your belief so you accuse us of aiding scammers? Then you wonder why you were warned ? 

Thanks for the clarification, I did not mean to accuse, rather to explain why I feel uncomfortable with the answer I had been given. If you read my statement again, you will see that I tried to word it carefully to avoid it being such an accusation, but obviously not carefully enough! I accept that members here are acting in good faith and in accordance with their experience.

Analogies are odious, but let me try to draw one. Sitting in my car outside a bank, I see an armed robbery in progress. I flick on my camera and record the evidence. If I post the video on Youtube, I can expect that the bank will view it and instruct their staff to activate security shields if those same varmints enter any of their branches again.
If I turn the video over to the police, then there is a good probability that the varmints will be apprehended.
Laws vary from state to state, country to country, but in some jurisdictions I could be in trouble for failing to take the latter approach. That is the context in which I raised the legal point.

Ok not sure exactly where you are going with the analogy but it reminds me of a Seinfield episode

I think you have drawn a simple solution to an extremely complex problem. I'm not or any of the rest of the staff here disagreeing that cutting the scamming off at the source would be great. It's not something we can do though. All we can do is continue to use the tactics and defensive strategy we have established. It helps a lot of people albeit not everyone.

One other thing you do not understand is sometimes a victim (or family member of a victim) comes here that is not convinced they are being scammed. This is very common with romance scams. The only way to get through to them is with concrete proof they are dealing with a scammer. Showing the victim that the scammer's email address is posted elsewhere on our site or other antiscam sites gives them the proof they need. This is just another point I wanted to make as to why we do not want email accounts shut down so scammers can use a new one.

Sitting in my car outside a bank, I see an armed robbery in progress. I flick on my camera and record the evidence. If I post the video on Youtube, I can expect that the bank will view it and instruct their staff to activate security shields if those same varmints enter any of their branches again.
If I turn the video over to the police, then there is a good probability that the varmints will be apprehended. Laws vary from state to state, country to country, but in some jurisdictions I could be in trouble for failing to take the latter approach. That is the context in which I raised the legal point.

That's a faulty analogy. For starters, in many cases in which scammers are identified, we don't have evidence of them actually receiving money as you do in the armed robbery case. Second, you are talking about photographic evidence that can be used to identify and convict perpetrators that are in the jurisdiction of the local authorities. We are talking about an email address, opened anonymously using false information, created and used by someone far out of the jurisdiction of those authorities. And, even if money has been sent and received, you don't have the evidence to link the scammer directly to the money, as there is likely a mule in the middle--and all this is before we look at the relative severity of the crimes in terms of prosecution. There is no comparison.

But let's ignore that, and assume the analogy (email address is equal to a video of the crime) is accurate for a minute. You specifically (and correctly) mention that the appropriate thing to do is to turn the video over to the police, i.e. law enforcement.

The email service providers are not law enforcement, nor do they represent law enforcement. In the US, the law enforcement agency that is responsible for receiving reports on this type of crime is IC3. While we don't encourage them to expect to get their money back, we do in fact recommend that victims who have been scammed file a report with IC3 or the appropriate law enforcement agency.