jim_p: Net Avenger?
Jan. 8th, 2004 03:09 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
jim_pI don't know if my efforts did it, but an identity theif got shut down...
Last night I got the usual kind of identity-theft spam in my inbox... "Please update your security information" ostensibly from Citibank. Of course, the site that hosted the information-gathering wan't a citi.com site but was attached to something called "128encrypted.com". This got my suspicions WAY up, and with a bit of internet detective work I dug my way to their upstream provider and alerted them to the possible scam they were hosting.
They were good, BTW. When I looked up the registration information for 128encrypted.com, they led to a name and address that was easily verifiable in such places as switchboard.com. Thinking that was too easy, I dug a little further and found that the ostensible registrar was a geology author of some note in Nevada; pretty unlikely to be involved in an identity theft scam, but quite likely to be a victim thereof.
Just now, while cleaning out my inbox I came across the same spam and clicked on the harvester link again... lo and behold "128encrypted.com" is now no longer a valid domain name.
I'd like to think I made a difference :)
Last night I got the usual kind of identity-theft spam in my inbox... "Please update your security information" ostensibly from Citibank. Of course, the site that hosted the information-gathering wan't a citi.com site but was attached to something called "128encrypted.com". This got my suspicions WAY up, and with a bit of internet detective work I dug my way to their upstream provider and alerted them to the possible scam they were hosting.
They were good, BTW. When I looked up the registration information for 128encrypted.com, they led to a name and address that was easily verifiable in such places as switchboard.com. Thinking that was too easy, I dug a little further and found that the ostensible registrar was a geology author of some note in Nevada; pretty unlikely to be involved in an identity theft scam, but quite likely to be a victim thereof.
Just now, while cleaning out my inbox I came across the same spam and clicked on the harvester link again... lo and behold "128encrypted.com" is now no longer a valid domain name.
I'd like to think I made a difference :)
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2004-01-08 12:13 am (UTC)no subject
Date: 2004-01-08 12:32 am (UTC)