If you find our resources valuable, please support us by making a small donation. Thank you!

x

Secrets of Scammers: Part 1

The Secret of Scammers

[Do you get our weekly free newsletter with the latest scams and tips to stay safe? Sign up now and be smarter and safer using the Internet! ]

It is a common practice for scammers to try to trick their potential victims into visiting a website where the scammer can carry out the scam.  The scam might be a marketing trick, phishing scam designed to capture login information, or a website that simply causes a computer infection through a “drive-by download” of malicious software.  Preparing for any of these scams requires some advance work by the scammer including obtaining a “domain” for hosting the scam. If the scammer doesn't have a domain then he or she must hack into someone else’s legitimate website.  A domain is the name of a website on the Internet. For example, TheDailyScam.com, Verizon.net, or IRS.gov.  The .com, .net and .gov are all "global top-level domains" (gTLDs) and stand for COMmercial, NETwork and U.S. GOVernment websites respectively. The words that appear before the gTLDs are the unique domain names of the company or organization, etc.  (To learn more about top-level domains, check out our Member's article “How to Surf Safely." Understanding website domain names is critical to recognizing scams!)

Please support our cause by visiting our advertiser's offers:

I recently received the following email… Get a free phone

Please support our cause by visiting our advertiser's offers:

And a few minutes I received this email... Shop here for replacement windows Both emails contained links pointing back to a domain called “accants.com.”  I found that curious, so I conducted a search for all email from accant.com directed to the email server.  Here’s a sample of what I found… Accants-com Use of a malware delivery domain Accants.com had all the signs of being a scammer’s domain meant to cause harm.  The usernames of the senders at accant.com appear to be randomly generated letters. Many emails were sent out in a very short period of time on the morning of August 13, and containing a variety of subject lines offering deals, rewards and free things. I visited a WhoIs tool to look up who owned accants.com and to learn when it was registered.  (http://whois.domaintools.com/accants.com)  The WhoIs showed me that the domain name was registered on August 13th at 5:34 am. The scam emails began at about 6:10 am to our server.  Also, I learned that the owner of this domain paid a domain proxy service, called WhoIsGuard located in Panama, to hide their domain registration information.  This means that it is WhoIsGuard who actually registers the domain to protect the privacy of the real owner.  To us at TDS this serves as one more piece of evidence to demonstrate that all of these emails are scams. The owner of accants.com sent out thousands of scam emails containing malicious links from bogus email accounts at their bogus domain.  It may take several hours before the world’s domain monitoring services catch wind of this website’s scams and blacklist the domain.  These few hours are all that are needed for a few hundred unsuspecting folks to click a link and fall prey to their tricks. We all need a healthy dose of skepticism when using email, the Internet and today’s telecommunications technologies. It is simply too easy to trick people and get away with it. Deception is routine.

 

s2Member®