The donts and definitely donts of scambaiting.

Way back then, when I first started baiting scammers, there were a lot of things being done that were deemed fine, but are frowned upon now. Unfortunately, not everyone seems to have gotten the message. Let’s look at some things that most baiting sites actively discourage people from doing.

Cash baiting. This involves flipping the script and persuading the scammer to send YOU money. Some people would keep the money, others would give it to charity. The problem is that, in most cases it’s not the scammer’s money being sent, but an unwitting victim.

Burning the scammer. This is when you tell the scammer that you know he’s a scammer. The big issue with this is that the scammer will learn from the experience. You’re in essence educating the scammer and making him better for the next person he talks to. This leads us on to:

Educating the scammer. When a scammer makes a mistake, don’t correct him on it. If his email still has Obama as president for example, don’t let him know. Far better is to DEeducate the scammer. Keep him making mistakes that can help others spot he’s not genuine.

Sending a scammer money. Yes, people have actually done this, claiming it was to prove they were a scammer. If a scammer receives money, then it encouages him to continue scamming and helps fund his continued life of crime.

Shut down their email addresses. Now, technically we don’t condone this completely. If a scammer has an email address for example that utilises a fake website to make his scam appear more genuine, then that’s fair game, and we will actively work toward shutting the site down. What we’re talking about here are email addresses set up using free hosts. Killing scamname1@ isn’t going to make the scammer go “Well then, time to go find some honest work I guess”. They expect and often prepare for exactly those cases. Many have a number of accounts already set up, so the worst you’ll do is inconvenience them for a short amount of time.

Making victims into baiters when they’re not strong enough to. Not everyone has what it takes to become a baiter. Victims may want “revenge”, but blindly recommending any victim you speak to become a baiter can put them at even more risk. There are cases where ex victims (or “survivors” as we call them) become great baiters, but those cases are rare. I’ve even seen people who were in no way ready to deal with other scammers create websites. It’s genuinely scary when you read their Tweets and can see they’re not over their own scam yet, but telling others what to do.

Sending scammers a virus. This is illegal, and that frankly should be enough. Let’s elaborate further though. Their infected PC then infects those of innocent people. Not so funny now, is it?

Involving innocent third parties. Giving a scammer details of someone else not involved in scambaiting is a definite no no now. If they’re not a part of the scam or the bait, then there’s no excuse to bring them in without their knowledge.

There are other things frowned upon these days, but I’d say those are the main ones.

I swear I don’t do it deliberately. Well, maybe a little bit ;)

I’ve been doing this antiscam thing for a long time. To give you an idea of just how long, I was in my mid 30s when I first started and now I’m getting close to being able to get over 50s life insurance. Suffice to say I (and in the same token those who have been by my side for a considerable percentage of it) have a lot of knowledge of both how scammers work and ways to fight back against them. Every so often we’ll receive a request for help relating to what we do. Most times the first conversation we have will be for maybe 20 or 30 minutes. Sometimes it can go on for an hour or so. In that time, we try to explain how the scams work, what we do, how we do what we do, dispel any common myths and try to give them a reasonable expectation of what can actually be achieved. It’s a lot to take in, and sometimes it may be too much to take in. There have been times when we’ve frightened people away. There have also been times when we’ve left people with their heads spinning from so much information. We don’t do this deliberately. Most of the time anyway. It’s incredibly hard to compress all those years’ worth of antiscam experience into a 30 minute conversation. Add in our passion for what we do, and the person on the other end of the line can be easily overwhelmed. Sorry, but not sorry. You speak to us and you’re going to get that passion, that desire to share as much information as possible and that dull ache in the back of your head when it all becomes too much. It’s all part of the package.

Woop-woop! That’s not the sound of da police.

At the time of writing this, it’s just a few short weeks until the 14th anniversary of my falling down this rabbit hole. People have made a lot of assumptions, one that we work hand in hand with the police. The reality couldn’t be further from the truth. I’m not denying the fact we do on occasion work with law enforcement, not that law enforcement has in fact contacted us asking for help/advice/an explanation into how we managed to track down the real person behind a particular scam. On occasion we’ve even been asked to be put in touch with other victims of a particular scammer. Here’s where it gets difficult though.

Sometimes we’re contacted by law enforcement asking us to plug a particular service they provide, to put a link on our site or to share a hashtag. In almost every case we politley refuse. Why? Well, there’s several reasons.

Firstly, why should we? This may sound selfish, but let me jump you back several years when we found the National Crime Agency had taken our work (and by “our” work, I mean words I’d likely rewritten a dozen or so times until I was completely happy with them) on sextortion and included it in their press release, a year after meeting with me to seek out my experiences on the scam. All well and good you may think, but this was done without our knowledge, permission or even acknowledgement. Imagine seeing the words you’d written, rewritten, deleted, written once again and ultimately rearranged many times used by someone else, who then told people who were dealing with that particular problem to go to sites who had NOTHING to do with the scam, but were under the same umbrella as them. Yes, that left a bad taste in our mouths that remains to this day.

Secondly, why bother? As I said earlier, I’ve been around for a long time. I’ve seen hashtags come and go, I’ve seen campaigns start in a blaze of publicity, to practically disappear within weeks. If we supported a particular movement, what’s to say it’ll still be around in a year’s time? Better to stand clear of them all and not get snared into putting your name against the LE equivelent of Betamax or HD DVD.

Thirdly, what have they done for us? Think about this one, something that has happened to me on more than one occasion. I get a call out of the blue from a policeman I’ve never spoken to before asking for me to put a link on our site to a campaign that’s never once so much as looked our way before, who the only dealings I’ve had with were due to one of them being in the same conference as me, and who pretty much looked down his nose at the work we do becasue we’re not Government funded. I’m happy enough to help out where I can, but I firmly believe in “quid pro quo”. Help among various agencies should never be a one way street. If we can help, we’re happy to help, but we’re not a charity and we’re not being paid for this. We do this purely because we want to help people. Common decency says there has to be reciprocation. If not, then I see no reason to help.

Fourthly, “screw those guys”. I’ll keep this one short, as I could rant for hours over it. If you’re going to try and belittle the around 40 years’ combined knowledge our volunteers have because you’ve never personally experienced one of the scams we have, why the hell should we give you the time of day? You’ve never seen it, so it must not exist? Screw you!

And fifthly, the “Action Fraud” effect. ScamSurvivors is independant, receives no government funding and has fought tooth and nail to be in the position where we’re at right now, where some people see us as “experts” and trust the information we share with them. the last thing we want is to be tarred with the same brush as organisations that have been outed in the public as not caring about the people who contact them. We care. We care enough to give up all our free time to help people. We care enough to do this for free, to have put our own money into it, and we care enough to have been doing this for a number of years.

There are instances where we’ve worked with law enforcement or government agencies, but they’re few and far between. It takes a lot to get us to trust you, and a single moment to blow that trust. We are always going to walk on the side of caution, and if that means we have a smaller profile then so be it. We are proud to be ScamSurvivors, and we wil never compromise our principles for anyone.

Financial domination.

We’ve spoken in earlier blog posts about what we will and won’t post on our forums. There’s another one that we haven’t mentioned yet, and this one is related to sextortion scams. There are people out there that make a living as dominatrixes. It’s a sub culture I personally have no interest in, nor any judgment about, similar to cam girls. I’ve actually had conversations with former Pinay scammers I dealt with, who switched to becoming cam girls and contacted me to let me know. This is how I see it. You agree to a contract with the person, and so long as both sides give/get what they agreed, then we can’t call it a scam. If, hypothetically, I paid a female $50 to strip naked on webcam for me and she strips naked on webcam for me, then both parties have followed through with their side of the deal. I’m not a lawyer, nor am I law enforcement. In the same vein, if someone agrees to be a financial domme and the other a financial sub, if both parties do what they agreed to, who am I to judge? I have enough to deal with as it is with the scams we receive every day. Again, this is just my opinion. If someone writes to us and says “Mistress Melania” (a name I made up purely for the alliteration value) has taken money from them, there’s nothing we can do. They both agreed to play their parts at the beginning, and they both did. If it’s a fake findomme, then yes that’s another story. However, if there was no hiding the fact that’s the agreement the person was entering into, we won’t post the details up on our forum. It’s a variation of “ignorance of the law is no excuse” would be the best way to describe our stance on it. More power (or “domme”) to those who make a living that way.

The path of least resistance.

Way back in the 1980s, I did my electronics O’level exam among others. It’s a subject I’ve always loved for most of my approaching 50 years on this planet, and the reason I would rather tear down a server than install a website on it. One of the basics we were taught way back then is that electrons will always follow the path of least resistance. Simply put, electricity will always flow in the easiest route from A to B. Imagine it like water trying to flow from high to low round. Of course, we have to make a comparison with scammers to justify this post. Simply put, a scammer will always use the simplest method to make money. Despite the scams being 14+ years old, the same methods are used. Why? Because they work and they’re easy. Want to get money from a young male? Sex is the answer. A female who isn’t into the “lovey dovey” stuff? Hit them with a fictional child. Greed? Offer them millions. Pure and trusting? Throw them a sob story as part of a charity scam. Very, very rarely are there new scams. 99 out of 100 times it’s simply the same old scam we’ve seen before, polished and presented as something new. Scammers are lazy and complacent in most instances. If they think a script from 10 years ago will work, then they’ll use that script. It’s all about, to quote John Wetton from way back in 1973, “Easy Money”.

Utterly disgusting!

We’ve been told about a “company” that supposedly helps victims of sextortion. I’d already seen their videos, which are a joke. Today though I was given more information after someone we previously helped actually called them up. Here’s what the email said:

I ended up giving them a call and was reached out to by someone who said they have several plans based on length of time and cost (ex. 1500 dollars for 9-5 support for a month up to 20000 for 3 days 24-hour surveillance). The guy sounded extremely confident and very knowledgeable on the phone but it seemed fishy as they have literally no reviews but he was claiming they have locations all over the world with ties to local police. Their proposed plan of attack is to track the person blackmailing you (which you guys have said isn’t really possible as they are hiding behind fake profiles etc.) and reach out to them and tell them to back down or they are going to contact local law enforcement. I said I’d call them back and never did they also said your proposed method (which is the one that I went with and I’m glad I did) wouldn’t work and then they tried to scare me into saying they were going to doctor the videos and still release everything anyway and that going into hiding would not work.”

What complete and utter bullshit! Everything they say is wrong. The videos they have up on YouTube are ridiculous, making it appear as if they do forensic examinations of your hardware, rather than tell the scammer “Don’t do it again or we’ll call the cops”. Yeah, like that’s going to work! The simple truth is, what they’re doing is dangerous and can cause much more trouble for the person. They claim ” We have a success rate of more than 90 percent for keeping these criminals from ever sharing our clients’ personal and private images and information”. 90% is good. No, wait, 90% is terrible as it still means 10% sent this company money and got no useful help. We’ve said time and again that our method works in well over 99% of the cases. It’s also used by law enforcement. On top of that, it’s free. It doesn’t cost anything up to the $20,000 they quote for “3 days 24-hour surveillance”. I mean, sure you can donate a few bucks if you want, but we’re not going to refuse to help you if you don’t.

If you want to see their videos, check out and let me know what you think.

Is Action Fraud fit for purpose anymore?

After even more media reports about Action Fraud recently, I genuinely have to question its future. No doubt people will continue pointing people there as that’s the status quo. Have they done irreparable damage to themself though? After reading all the articles about how the staff there act, how many people will be put off from reporting their crime? They can claim to have sacked or “retrained” the people in question, but this was the very large tip of the very large iceberg when it comes to them. For a long time now there have been reports about how unhappy people were with how Action Fraud reacted (or didn’t react) when they were contacted after the person was scammed. Bad publicity isn’t a new thing with them, and there are plenty of stories talking about how Action Fraud did nothing after a report. Let’s ask ourselves though, can it be replaced? Should it be replaced? If it is replaced, then with what? In my opinion, Action Fraud isn’t likely to be going anywhere, but will limp along continuing to do a job people aren’t happy with, but with no other realistic alternatives to take their place. Most of the people out there working to fight scammers don’t have the finances, backing or support they do. It’s a shame, a real shame. People are being let down badly on a daily basis, and it’s unlikely to change.

There’s a fine line between love and bait.

The whole purpose of ScamSurvivors is to educate the public in how scams work, so they can avoid falling for them. It’s essential that the information is out there and easily searchable. However, this also means that less desirables can also see it. It’s a difficult balancing act between sharing enough information to help and making a “scamming 101” for the scammers themselves. That’s why we often need to be vague when explaining the specifics of a scam. Sometimes a scammer will find us and assume we’re some kind of scammer education centre. A while back we had a scammer join our “live help” room asking for help that we made our new toy. Today I woke up to see this in my inbox:

I’ve been reading your articles and I found them so useful, but I do encounter some difficulties downloading some stuffs you recommended for screen recorder. Could you please help me with that and any other useful info, like good dating sites, latest formats, spoof numbers and all that. I look forward to reading from you. Thanks in anticipation.

Yup, another scammer who’s completely missed the point of the site. From the wording, it sounds like he’s a West African. The use of “formats” for example gives it away. A format is essentially another word for the script they’d use. Time for some more fun I think 😉

Updated to add:

Seems he’s finally grown a second brain cell, but now he thinks I’m the FBI!

“I know you FBI agent!”

We’re still upsetting people.

Recently we’ve had people trying to attack us via our web host. One is a company who still doesn’t get that, because they’re mentioned in a scammer email we’ve quoted, it in no way means WE’RE trying to encourage people to abuse their service. Apparently they missed all the warnings over the site explaing how scammers work and what we do. The other is a “faker maker” who’s pissed we won’t remove his details. Thing is, we’ve spoken to him before and given him an out where all he has to do is speak to law enforcement and provide us the reference number. That apparently was too hard for him to do, so he came back and tried the exact same thing, just via a different avenue. Here’s where we stand on situations like this. Give us a GENUINE reason to remove details, and then (and ONLY then) we will. Ignore our advice and all you’ll do is make us more convinced your details should be there for all to see. We don’t post information lightly, and I will stand by those members of our site who post the information and do EVERYTHING in my power to keep it there when it needs to be there. It’s really that simple.

Stay safe.

This week was fun. I had someone call Firefly (our other admin) a “tiresome little bit*h” and then told me to go kill myself when I slapped him for it. Of course it took me all of 10 minutes to get his full name, his phone number, where he works, his DOB, what forums he’s a member of, what operating system he uses on his computer, what computer he uses, exactly where he lives and some other information I won’t mention here. It reminded me of something that happened a while back, where someone was sending abusive text messages to a friend of mine. Being the resident “computer expert”, I was asked to try and help identify where he was. He claimed he was using an “untraceable server” so we’d never find him. What he actually meant of course is that he was using a VPN. That’s all well and good, but what he didn’t know is that we could still see clear as day enough information to identify where he was and what hardware he was using. Some people do the same thing when dealing with scammers. They think they’re well hidden, but in reality the scammer can identify them as simply as if they’d given them their calling card. If you’re going to bait, you ALWAYS have to bait safely. I’ve bent many a rule when it comes to safe baiting, but I always made sure there were safeguards in place. You have to know the rules before knowing how far some can be pushed. Unfortunately not everyone understands that and end up putting themselves in danger. If you want to mess with scammers, always ALWAYS put your own safety above all else.