Cool, Green and the best Coffee in the world
Ok, this will not be one of my regular computer help blog. This involves being on top of things, doing your homework and watching out for the bad guys. Spammers/scammers are all over the internet, right? Craigslists is no exception. Crigslists regularly posts these warnings: .
** CRAIGSLIST ADVISORY --- AVOID SCAMS BY DEALING LOCALLY
** Avoid: wiring money, cross-border deals, work-at-home
** Beware: cashier checks, money orders, escrow, shipping
** More Info: http://www.craigslist.org/about/scams.html
Yesterday, while answering my emails I received an inquiry into a computer I am selling. I listed this computer on Craigslists/Panama amoung other places.The header of the email had this information;
terry sidney a href="mailto:firstname.lastname@example.org">email@example.com>
dateTue, May 4, 2010 at 9:49 AM
subjectDELL Desktop 4 Sale - $650 (Chiriqui)
Ok, this guy wanted to know if my computer was still for sale and if I would accept PayPal as payment. Also he would pay me another $50 to ship the computer to him. I don't know this guy, ok but this is common I don't know everybody in Chiriqui. I mentioned I would only accept cash since I perfer not to use my PayPal account for such matters. Then tsidney777 replies if I would take a check. To which I said "no", sorry again too risky. Then I start listening to my gut.
Being a tech savy "ole' computer geek", with 20 years of computers/high tech forensics, it would be trivial for me to track where this email came from. Using a free service I trace the IP address to someplace in the middle of the ocean beteen Africa and South America. Ok, my hairs on my neck start rising. His IP address was 10.xxx.xxx.xxx ( I will cover up his real IP address for consieration) and at the bottom of the email it said "this message was remailed to you via: firstname.lastname@example.org". This tells me three important details,1) That tsidney777 is using the IP address of the 10.x.x x domain(hard to track), known as the common spammer's domain, 2) this domain is usually used by VPN's, again used as an attempt to hide a location, 3) this tsidney777 used Craigslists to "bounce" his email;"this message was remailed to you via: email@example.com"
First attempting to truely hide an IP address is hard to do and suspicious behavior in itself. Savy people can "spoof" or fake an IP address, again in attempts to hide location, spammers do this all the time. Using a VPN is not suspicious in nature, actually a lot of people use a well known VPN to get Hulu.com in Panama. Ah, but the bounce, the bounce! But my gut tells me that the combination of all the above shows deceit. I trust my gut, and very few people. And now the fun begins.
go to http://compprosvc.ning.com/ for the rest of the story