More memories.

After posting up about some of the memories from the past thirteen years, a bunch more have come to me, so here’s some more:

Having a scammer rant about “The blood of Jesus” and “Holy Ghost fire” for 90 minutes on the phone because he didn’t like Firefly’s accent.

Sipping on a freshly opened coconut in Mexico.

Persuading a scammer to spend another night in another part of the country in order to meet someone who was never there.

Having people call me at 3am expecting help, despite clear warnings not to do so.

Finding out a scammer I’d baited had given my details to another scammer, then watching them running away from the next cubicle where they were working when they got the webcam pointed at them.

“Panti Claus”.

Speaking to someone days before they were being sentenced for being a money mule for scammers, even though they’d already been to prison once for doing it.

Being threatened by a company for having a post with their name as part of a scam format on our forum, posting their name almost 50 times in the thread and ending up with an apology from them.

The absolute feeling of dread when finding out someone had taken their own life after being victimized by a scammer we’d posted the details of just a few days before.

Being asked to help someone close down a blog a scammer had made using webcam footage of her from when she was 14 years old that she had no idea existed for 8 years.

Listening to a scammer have an argument with a soundboard of himself from a few weeks ago.

The very first romance scammer I spoke to, and the vow to never deal with another one due to feeling utterly grossed out by it.

The very next romance scammer I spoke to, after deciding to gross the scammers out 10x more than I felt that first night, leading to 6 years of specializing in baiting romance scammers.

Receiving handwritten letters and photographs from a particularly innovative Russian scammer as a way to make it look genuine.

EXIF data revealing the real identity of a scammer that had posed for a photo, then Photoshopped a different face over his own.

Being told by someone I’d helped earlier that he had managed to stop his son losing hundreds of dollars with seconds to spare after using the information he’d learned to spot that he was being scammed.

Pretending to be NASA.

The crazy call that involved a scammer pretending to be the Pope praying for a talking hamster (played by Slaphappy), while we popped his limbs back onto his body after he was torn apart by a dog (played by a dog, who was the only one of us not lying about his identity).

Having to call the police after a victim threatened to bomb a mall.

Sitting in with a victim as she gave a statement to the police, and watching their reaction.

The numerous songs we persuaded scammers to sing, including some really stupid ones.

Seeing myself on TV for the first time.

I think that more than covers it now.  There’s still likely other stories I could tell, but time to move on from this subject.

 

Thirteen years of memories.

It’s been thirteen years since I joined the antiscam community.  A lot has happened in that time, certainly too much to actually tell the stories.  Instead I’m going to just name the incidents in no particular order.  Each one could be a headline for a story that I may go into in more detail at some point.  You can preface each one with “I remember the time I….”

Convinced a scammer his email had caused me to shoot my wife.

Heard the worst singing scammer ever.

Was accused of being a racist because I insulted the outfit a female was wearing in a photo I was sent by a scammer.

Was called a “drunkard and a drug addict” by a scammer.

Had the same scammer tell a bedtime story to my “daughter”.

Had the same scammer then insist on having me talk to his own daughter, who turned out to be him attempting a high pitched voice.

Flew for the first time so I could attend a conference in America.

Drove 2000 miles so I wouldn’t have to fly to a conference.

Convinced a scammer to pretend to shove a banana up his bum to give himself an orgasm – on the radio!

Met Jeremy Kyle.

Met Jeremy Kyle again, and had him ask me about stuff he’d remembered us talking about the previous time.

Stood outside a hotel in the middle of the night due to a fire (not my doing).

Had a scammer wander around Swansea looking for me, while I was sat at home on the phone to him.

Did my first podcast.

Was distracted by a pigeon whilst being recorded for TV.

Made some great friends.

Made some enemies.

Blanked Firefly the first time we met as I didn’t recognise her from her photo.

Was suckered into creating scamsurvivors.com

Had the proof copy of my first book arrive in the post.

Realised not everyone in this community is as altruistic as I am.

Had my first death threat from a scammer.

Had our first DDoS attack on the site, that was so big it took down over 100 other sites on the same node.

Drove everyone mad with the constant changing of our site logo.

Did a radio interview in a supermarket car park.

Received our first sextortion victim.

Was called a dictator by another site.

Saw the site go down for almost a month due to a faulty hard drive.

Had a scammer join our chat room asking for our help, convinced it was to help scammers.

Was threatened with legal action by the owner of a model’s site, only to have him join our forum three months later to tell us he’d put a link to us on their front page.

Introduced Firefly and Big Al to caravan holidays, Cornish pasties and scrumpy.

Won an award.

Had my mind go completely blank on live radio whilst trying to remember the word “profile”.

Witnessed others stealing our work for their own gains.

Had way too much interest taken into my t-shirt choices.

There are many more, but that’s just a small sampling of some of the stuff that’s happened in these past 13 years.  If you’d like to hear more details about any particular one, let me know and I’ll expand on it.

Romance scams aren’t just about romance.

At the conference I mentioned in an earlier post, a question was asked whether a romance victim had ever been subjected to a “black money” scam as part of it.  That gave me the chance to tell them about the time that had happened to someone I was helping.  It also begs the question, what other scams are done as part of a romance scam.  People know about the “I love you, I need money” part, but let’s look at some variations people may not know about:

Sextortion.  Scammers can ask for “intimate” images or video, and it’s not just for their own titillation.  Once a person finally sees they’re talking to a scammer and refuses to send any more money, the scammer can then use those images as a threat and demand more money to stop them being posted online.

Muling.  This can involve money, stolen goods or even drugs.  A parcel asked to be forwarded may have been paid for with a stolen credit card, the money they ask a person to accept into their bank account and then sent on via money transfer could be from another victim and there have even been cases where people have been tricked into unwittingly smuggling drugs.

The fake courier.  People are told not to send money or goods to people they’ve never met, but what if it appears to be the other way around.  A scam that’s becoming increasingly popular involves a fake website pretending to be a courier service.  The scammer claims to have sent gifts or even money to the person, then gives them the URL of the fake site as a convincer.  When additional fees are requested, it’s not the scammer’s persona asking for it, but what appears to be a legitimate company, and for goods already sent.

The true identity/sponsorship.  In this scenario, the victim has finally realised that they’ve been scammed and confronted the scammer.  His response is to admit everything, tell the “truth” and claim they really did fall in love with them or that they’re only doing this to make ends meet.  If only they could find someone to sponsor them, they wouldn’t need to do this shameful thing.  It’s a safe bet to assume you all can guess who would be a perfect sponsor.

Recovery scams.  The victim has lost money, maybe finally broken free from the scammer, and then they receive an email claiming to be from law enforcement.  The scammer has been arrested and they can get the money back.  Of course, it’ll involve paying some admin fees, yadda yadda yadda….  The end result is the victim sucked into a new scam and sending even more money to the same scammer while trying to chase back the money they already lost.

These are just a few of the side scams that can be done.  It’s never a simple case of “Hello, I love you, won’t you send me some cash”.

Translation troubles.

Something short and sweet here.  Let’s just say that some translation software is better than others, as can be demonstrated by this wonderful gibberish when trying to translate a “we put spyware on your PC and recorded you” scam email using Chrome’s built in translation facility:

We问候你!

I have a good deal.
22/08/2018 – I am disappointed, my best regards you Operating system Complete Visit Completion Check your

account.
In your case, Tianyi Indirect Juggling Device Software, Existence One piece of a gut.
We have ahead of our predecessor.
When you are importing Internet, I’d like to have a wooden horse cake installation your own operation control system.

This later, we finished Ryo你的磁盘转储(We Yes你Possessive Institute Add book,查看网站basis历史records, owned Bunken, Telephone No.码和owned联系human land ruins).

A month ago, Ideal Stacy 你 的 设置 设计 Request small amount funds.
我 我 看看 看 您 常 normally 訪問 的 网站. 你 Most Joyful Resource Order.
I think that adult 网站.

My idea – 你 是 个 个人. 你 有 一个 Order eye flower disgusting illusion!

Lady Nagoya, I was thinking Shinichi ‘s idea law.
Yeah Yeah Yeah Yeah Young adult 网站 的 图图 (你 知道 我 的 意意, 是 是?).
Afterwards, we are in a good location. We are pleased to hear from you. (Used 你 accomplished facility).
RESULT REASON! Unnecessary 犹!!

I’m sorry to inquire about your relatives, friends or the same exhibit.
My acknowledgment 327 Mimoto 对 于 I silence 是 minority.
Outside this time, I’ve got time to spare time and time to live!

Ikuhito Farewell receipt.
We specifically BTC钱包: 1P7bLeCJywaaDRQpT7iwb4qzUHa4CpRFyP

您不Tomomichi how补充ratio especially币钱wrapped?
How many searches are undertaken pull – in copying “How to supplement btc package”.
这 很 简单.

Attached articles, 你 有 两 天 N point (好 好 50 个 时).
Complaints of mind, timing instruments ladies Please do when you believe in this case. Strategy, 是 的 .. 其 已 经 Started!

After the supplementary notice, my disease poisoning hazards compromised self – destruction.
As a result you have received a wealthy designation amount, your own equipment coverage, your own ownership 联系 联系 系 系 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱 娱…………

Necessary attention!
– Unnecessary trial 到 Congratulations 毁 我 的 毒毒! (您的own number据都ERROR传到远程clothing务器)
– required试图联系I (这是impossible manner, we communication过您manner帐户countercurrent您发OkuRyo此电Ko邮件)
– each种安All clothes务对您没chromatic帮助; formality of磁盘Certainly, you are in a situation.

Attachment: WEBOOKEN, after the supplementary notice, we are misunderstood.
Hacker criteria for black and white customers.

Ũ Start now, I Chen Yo Used good antiseptic victims Software update period (每 天 則)!

Unnecessary living my 气, 个 个 人 都 有 有 self work.
Looking again.

 

If you want to see a better translation, here’s one using Google translate:

 

I greet you!

I have a bad news.
22/08/2018 – On this day, I attacked your operating system and fully accessed your account

That’s it.
There is a vulnerability in the software of the router you are connecting to that day.
I first attacked this router and put malicious code on it.
When you type over the Internet, my Trojan is installed on your device’s operating system.

After that, I completed your disk dump (I have all your address books, view the history of the site, all files, phone numbers and addresses of all contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock it.
But I looked at the websites you visit frequently. I am shocked by your favorite resources.
I am talking about adult websites.

I want to say – you are a big pervert. You have a dazzling fantasy!

After that, I thought of an idea.
I made a screenshot of your favorite adult website (you know what I mean, is it?).
After that, I took photos of you and your entertainment while browsing this website (I used your device’s camera).
The result is great! Do not hesitate!

I am convinced that you do not want to show these photos to your relatives, friends or colleagues.
I think the $327 is a small amount for my silence.
In addition, I spent a lot of time on you!

I accept money in Bitcoin.
My BTC wallet: 1P7bLeCJywaaDRQpT7iwb4qzUHa4CpRFyP

You don’t know how to add Bitcoin wallet?
Write “How to add a btc wallet” in any search engine.
this is very simple.

For payment, you have a little more than two days (just 50 hours).
Don’t worry, the timer will start when you open this letter. Yes, yes.. it has already started!

After the payment, my virus and your compromise are automatically destroyed.
If I don’t receive the amount you specify, your device will be blocked and all your contacts will receive your entertainment photos.

Be cautious!
– Don’t try to find and destroy my virus! (all your data has been uploaded to the remote server)
– Don’t try to contact me (this is not possible, I sent you this email through your account)
– Various security services don’t help you; formatting a disk or destroying a device doesn’t help, because your data is already on a remote server.

PS: I promise that I will not bother you after payment, because you are not my only customer.
This is a honour criterion for hackers.

From now on, I recommend that you use good anti-virus software and update it regularly (a few times a day)!

Don’t be angry with me, everyone has their own work.
Goodbye.

“Too good to be true” is old hat now.

Recently I was invited to a “Preventing MMF” seminar.  Sounds fancy, but it was simply some presentations regarding research on internet fraud.  It was a good chance to make some new contacts and touch base with some old ones.  A lot of what was said confirmed what we’ve been saying for years, and isn’t worth mentioning here as it’d be preaching to the choir.  However, a few things are worth discussing further.  One of them was the opinion “If it seems too good to be true….” doesn’t work anymore.  Let’s look further into it to explain why.

This was specifically related to job scams, and the initial messages.  You see, unlike your common or garden 419 scam email, these don’t immediately offer large sums of money.  Some barely mention money at all, and some are vague to the point of not actually saying anything at all.  That’s the problem – there’s nothing in the early stages that say “this is definitely a scam”.  By the time the scam is in full effect, the person is already sucked in.  Let me ask this question.  What can we do to deal with this?  Do we need to change the phrase to “If it seems too good, or too vague to be true…”?  Your guess is as good as mine right now.  All I do know is that we need to do something to counteract it.

Sometimes real life gets in the way.

It’s worth pointing out that what we do here, we do purely on a voluntary basis.  We don’t get paid, but do this because we feel it’s the right thing to do.  We all have lives away from the site.  We work, have families, need to do our laundry, drive the kids to hospital appointments etc.  These past few weeks for example have been particularly hectic for me.  As the only member of the family that drives, when our eldest moved into his first flat, it was up to me to transport all his belongings to the new place.  Add to that my car deciding to refuse to work (still not fixed, but I have the new part ready and it’ll be done as soon as the weather stays dry long enough to fit it), redecorating and moving my “office” into his old bedroom (still in disarray as I’m waiting on a new carpet to go down before permanently getting things fixed in position), me being hit by a stomach bug (thankfully over now) and still having to do all the normal things that need doing on a daily basis, the site has had to take a bit of a back seat lately.  Next week I’m away at a conference as a representative of the site, and that’s sandwiched between seeing three different live shows around the country.  But I promise after all that, things’ll be back to normal.

What happens to the information we receive?

It’s a question we get asked a lot, so let’s explain.  Firstly, we get our information from three sources.  The first is ourselves and the accounts we set up specifically to be contacted by scammers.  The second is by people who fill in the forms we created.  Thirdly, people contact us with information after seeing details on our forum.  That last sentence is the key.  The information we get is posted on our forum and made publicly available for everyone.  Not everyone does that.  Some bodies only ever use the information they receive for their own databases, or to be shared with companies.  The general public never get the benefit of being able to search for someone’s email address, phone number etc. and be given proof they’re a scammer.  So this is the main thing the information we receive is used for, getting the word out to the public.  There are however other uses for that information.  Everything we receive gets researched, and sometimes is the key we need to burst open the floodgates with other information.  A single email may for example lead to the discovery of dozens (or even hundreds) of fake websites used by scammers.  With this information we can do some serious damage to the scammers as we have connection we can contact to get these sites closed.  Likewise with bank accounts.  An email with enough proof can lead to a scammer’s assets being frozen.  There’s also the times law enforcement has contacted us about the details we’ve posted asking for more information or how we were able to connect the dots between an email address and a scammer’s real life details.  Every piece of information we’re given is used to track down or financially hurt the scammers.  That’s why we constantly ask for more information.  Information is power.  Information is also the best weapon in the fight against scammers, especially when it’s shared.

Anti vigilante.

The media seem to love the term “vigilante” when it comes to anyone in the anti scam community.  Some may love it, but we definitely don’t.  It implies doing things outside the law, and that’s not how we work.  There have been times when the police have approached us asking us to explain how we managed to identify a scammer’s real details.  It would be impossible to do that if we in any way did anything that wasn’t completely legal.  Likewise, when the media contacts us, we have to be able to jump through numerous hoops to keep their legal departments happy.  Most of the time we even have to prove that it was the scammer that contacted us first so we can’t be accused of entrapment.  In short, we have to be whiter than white and be seen to be so.  That’s why seeing the media bandy round the term vigilante drives us round the bend.  We’re not Batman.  Most of the time we’re nothing more than people sitting at a desk copy and pasting information between Google and our forum.  It’s not exciting, it’s not glamorous and it’s definitely not vigilantism.

No news is good news.

Nothing to report.  Seriously, there’s not been anything exciting or even remotely interesting to post about here.  Is that a bad thing?  Nope.  We’ve had no issues, no threats, nothing major to complain about and nothing to write about.  I mean sure, we’ve had a few gripes, but not anything worth kicking up a fuss over.  There’s some news on the horizon, but we’ll talk about that when it happens.  Until then, this post is the equivalent of “9am and all’s well”.

It had to happen eventually. I’ve been sextorted.

Today when I checked my inbox, I saw an email titled “account was hacked”.  Nothing unusual there.  I often get people writing me saying that their account was hacked and asking for help.  On second glance, I noticed it had one of my own email addresses showing as the “From” address.  To be precise, it’s my @RomanceScamBaiter account.  That was my very first site, and hasn’t been updated in years after being superseded by StupidScammers.  First thought, “Oh crap, someone’s hacked the server”, followed a second later by “Oh hang on, I know what this is going to be”.

Sure enough, on clicking it I saw this:

account was hacked

Hello!
I’m a member of an international hacker group.

As you could probably have guessed, your account XXXXXX@romancescambaiter.com was hacked, because I sent message you from it.

Now I have access to you accounts!
For example, your password for XXXXXX@romancescambaiter.com is XXXXXX

Within a period from July 7, 2018 to September 23, 2018, you were infected by the virus we’ve created, through an adult website you’ve visited.
So far, we have access to your messages, social media accounts, and messengers.
Moreover, we’ve gotten full damps of these data.

We are aware of your little and big secrets…yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know..

But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!
I think you are not interested show this video to your friends, relatives, and your intimate one…

Transfer $700 to our Bitcoin wallet: 13DAd45ARMJW6th1cBuY1FwB9beVSzW77R
If you don’t know about Bitcoin please input in Google “buy BTC”. It’s really easy.

I guarantee that after that, we’ll erase all your “data” :)

A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount.

Your data will be erased once the money are transferred.
If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.

You should always think about your security.
We hope this case will teach you to keep secrets.
Take care of yourself.

We’ve been reporting this kind of scam since August of last year.  You can see the thread at https://scamsurvivors.com/forum/viewtopic.php?f=20&t=60846 and follow along with how the scam has evolved during this past year.  Spoiler alert:  It hasn’t changed that much at all.

Back to my email though.  The first thing I did was check for a “Reply to” address, but unfortunately it doesn’t have one.  It did however have an IP address we could check out.  That leads to a mobile connection originating from Kosice in Slovakia.  Checking out the  Bitcoin reference shows that one person appears to have paid; not the $700 demanded, but around $90.  Not much info that can be used unfortunately, but it does mean that I can now speak as someone who’s received one of these emails myself, and not just posted up ones others have sent us.  What I can say is that the password is old.  It’s VERY old.  I haven’t used that account to sign up to anything in around seven years.  It’s so long ago I can’t even remember what the password was for, which is a shame as I could have said what breach it came from if I could.

Now I’ve received one myself, can I call myself an “expert”?