Viewing conflicts through the eye of Counterinsurgency COIN – Since 2007
I recently received a reply from the IRS scam I sent/reported to a few places. one of those is www.scamorama.com where I report any Bank scams I receive in emails or IMs. Once in a while I get a funny remark back from a reviewer on a specific bank scam I report to them. Things like “wow you must be really cold hearted”, of course a joke in refernece to a scam that was meant to feed of peoples emotions, then talk about how they wouldn’t click on the link in the Email either (for fear that it may have a spy or other type virus, and a nice thank you also….. hehe.
These guys do great things no one else seems interested in. I hope to encourage others to help report these scams to as many places that will review and help in shuting them down. http://www.scamorama.com. You can Email susspect scams to them at email@example.com.
Here is Scamarama’s response to the IRS Scam mail. ( by the way – one of the places I sent the info about the Scam was to firstname.lastname@example.org )
Thanks for sharing the scamosity. You could complain to the e-mail
provider(s) and the hoster of the web site.
E-mail provider (apparently):
% whois 188.8.131.52 –> Emirates Telecommunications Corporation,
Dubai (contact info spits out) (see http://www.ripe.net)
But, it could also be:
X-Originating-IP:[184.108.40.206] –> Cooperative Communications, NJ
The above could be forged. The response from the ISPs will tell you.
The web host feels more certain than the e-mail providers.
Hoster of fraudulent web site (apparently):
(that’s what’s under ‘click here’)
% dig softics.ro –> 220.127.116.11
% whois 18.104.22.168 –> thevault.ro (theVault SRL – Webhosting
Services) (contact info spits out) (see http://www.ripe.net)
Sorry to say, but Romania, Brazil – these are suspect, based on long experience with barrages of attacks from those places.
And, of course, the IRS:
.. Recipients of questionable e-mails claiming to come from the IRS should not open any attachments or click on any links contained in the e-mails. Instead, they should forward the e-mails to
email@example.com (follow the instructions). …”