Internet Fraud Advisory
 

The firms which supplied fraud criminals with their mail services in 2011.  


 
This page: The e-mail service providers, see also

The lottery fraudThe money laundering fraud, Fraudsters haunting dating/matchmaking websites, The fake job offer fraud.  The bank accounts they use.   The fake loan offer fraud .  How Microsoft, Yahoo and others allow the fraud criminals to flourish. Why we need to attend to the Western Union problem.

 A painful duty - Exposing the British (and Irish) connection.  What happened to my money? All 419 fraud victims should read this.

 

Suppliers of e-mail addresses to fraud criminals in 2011

Internet fraud criminals tend to use anonymous web mail accounts that they can access from Internet cafes and public libraries. We looked at the addresses they use for replies. The accounts used to send fraud mail will be sacrificial and scammers know that they must get potential victims to respond to an alternative mail account. This is why they will include the alternative account in the body text of the mail (e.g. "reply to my private address ****@hotmail.com") and/or insert the alternative in the Reply-to line of the mail headers (e.g. "Reply-To: *****@gmail.com"). The chart is based on our analysis of these reply-to addresses.

We must assume that the fraud criminals have good reasons for their choice of e-mail account suppliers. They obviously think that Yahoo, Google and Microsoft are unlikely to close fraud accounts. Perhaps they know that some of the big names in the industry like to talk about their millions of users but are not too picky about who they are. We would like to point out that having millions of accounts in use for criminal purposes will destroy the reputations of some companies and ultimately have a negative effect on share prices ...  

The chart shows 84.6% of the addresses examined. The remainder is made up of addresses supplied by: blumail.org, voila.fr, gmx.com, qatar.io, rediffmail, gala.net etc. The "unsorted" section includes addresses given out by companies such as skymail.mn, excite.co.jp, one.co.il, xnmsn.com and an assortment of Chinese registered firms. 


 


  John Weston / IFA Group, UK. Please, before forwarding suspicious mail, check that you have included FULL INTERNET MAIL HEADERS (see below).  It is not always possible to respond to reports of fraud mail, but appropriate action is always taken. Please do not forward the forged documents that accompany these scams, unless by request.   

MAIL HEADERS. You will not normally see full headers when you read your mail but these can be important in investigating Internet fraud.

Microsoft Outlook Express for Windows: Right click on the message and select Properties. Choose the Details tab and select the Message Source Button. Copy the headers and send them along with the body of the email.

Microsoft Outlook: Click the View menu and select Options. You should see a pop up window "Message options" or similar. Notice the box called Internet headers near the bottom of the window. This box contains the full headers. To extract the contents, put your mouse pointer in the box and right-click then choose Select All. All the text in the box will then be highlighted.

Right-click in the box again and this time choose Copy to copy the selected contents to the clipboard. You can then paste the full headers to an email you may be forwarding. .

Netscape Messenger 4.7 - 6: Open the email; go to the view menu; pull the 'Headers' menu over and click on 'all'. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Netscape Messenger 6.2 and higher: Go to Netscape Messenger Inbox. Select View - Headers - All. Highlight the message and headers displayed in the email and copy them into the email you send to us.

Pegasus: Users of the excellent Pegasus for Windows will probably not need me to remind them of the Raw View tab and the option to include headers in the Reply and Forward dialogues.

Incredimail: In your mail program double click the email you would like to view, when it is open click on the FILE menu and choose PROPERTIES. When in the properties menu click on the DETAILS tab to view the Full Headers .

WEB MAIL HEADERS
Yahoo web mail:
First you must turn on "Full Headers". From your Yahoo! mail account, click on "Mail Preference". Scroll down the page to "Message Headers" and click on the "all" radio button. Save your preferences at the bottom of the page.

Hotmail: First, configure your options: On the upper right "Options | Help" links, click on "Options." Click on the "Mail Display Settings" link, find the item "Message Headers." Choose "Advanced" and click the "OK" button.