Ever since the Internet was in its infancy, spam emails started flowing. Even folks on Usenet had to deal with the incessant emails from folks trying to peddle everything from pyramid schemes to instant money programs. As the Internet grew, so has the plague that we know as spam. Luckily, you now have a number of tools you can use to bust email scams.
Recognizing an Email Scam
People are constantly receiving emails for things like male enhancement products (what’s that all about anyway?) or for hotel and travel deals and other offers, but the really nasty emails are the ones you get that try to trick you into parting with your money. A few examples of the most common scams include:
- The Nigerian email scams
- The PayPal Scams
- Foreign Money Transfer scam
- Check out my webcam scam
- Pyramid Chain Letters
In almost every case, the email comes from a con artist who’s intent on taking you for as much as they can. In the case of the Nigerian scam, folks have actually traveled overseas to collect what they believe are multi-million dollar cheques, only to either get kidnapped or robbed. The Paypal scams fool countless Internet users every year into entering their Paypal logon information and emptying their accounts.
The other scams are all similar – a promise of a large electronic transfer into your bank account if you provide your bank account details, links to websites that install a trojan keyboard logger script that can capture your credit card information when you visit your online bank account. According to a 2009 survey by the Consumer Federation of America, about 2 percent of email users exposed to “fake check” scams actually responded to them with a loss totally about $3000 to $4000 each.
Protecting Yourself From Email Scammers
The first step in protecting yourself from these con artists is by using your email account in a way that doesn’t put you at risk. If a company that you do business with sends you an email that offers a link where you can click to log into their account – don’t click it! Open up a separate browser, type in the URL, and log in. There’s never a need to click on any link in an email. One of the fastest ways to identify such a scam email is by using an email client that displays the link when you hover your mouse over it. You’ll see that in every case the actual link is never the same as the legitimate company’s website.
Tracking Down the Culprit
If you have the time, dedication and passion to take a stand against these spammers and con artists, there are a few tools you can use to track them down and report email scams. The first step is to trace the email to the source. Stefan wrote an excellent article on how to trace emails, and that’s where you should start.
In most cases, spammers try pretty hard to hide their identity using various methods, including “spoofing” the header with bogus information, using proxy servers to hide their location of origin, or using hijacked “spam-bot” home or business computers or misconfigured SMTP servers. However, there are times when the sender won’t be very smart, they’ll mess up or best of all they may not even properly cloak their IP at all.
Even if you can’t extract their originating IP and location, you may still be able to determine:
- Which infected computer is serving as the spam-bot
- Which mis-configured company smtp server is hijacked
- Which internet service provider is allowing the spammer to send out unsolicited mass emails
- Which proxy server (or servers) were used to attempt a “cloaked” identity
- Whether an anonymous email service was used to send the illegal scam message
You can also find some great resources for tracing emails and locating the spammers at Spam.Abuse.net. And of course make sure to support the Coalition Against Unsolicited Commercial Email (CAUCE) which works to promote legislation against unsolicited spam. Since 2000, more and more states have created some excellent laws – and the more legislation there is moving forward, the more successful you’ll be in the next stage of this process, which I like to call… Fighting Back.
Fighting Back – How to Report Email Scams
Finally, depending on what information you can extract from the header, you can follow the steps below to shut down the scammers one spam-bot or SMTP server at a time, and in some cases you can even earn some extra money taking the scammers to court. Don’t believe it? Steve, over at AngryOx.com, successfully sued a company for spam.
On April 7 of this year, he collected a check from PrintPal for $623.54. Why did they have to pay? Because they willingly used a spammer to send unsolicited email, against the current laws of the state of Virginia. Businesses beware – users no longer have to try to chase down that elusive shadowy scammer through forged headers and proxies. If your company is advertised, then you’re busted. So don’t purchase the service of spammers or you’ll end up in court!
Steve even offers a free template for a settlement letter that you can use when you file your small claims lawsuit against the spammer. Just search the spam email for any links to purchase a product or that advertises a legitimate site. That’s the company you should go after if you choose this tactic in your war against spam. In the case of the scams, it’s a different story. However, the laws are still on your side.
- A Forged Header: Even if the spammer tried to forge the header, uses a proxy or uses an anonymous email service – once you have a court proceeding, you can issue each of those entities legal documents that require them (in most cases) to open up their logfiles and provide the court with the identity of the spammer who used their service or server. Also check out technique of issuing “Notification and Offer” letters to spammers in order to force a lawsuit if the spammer doesn’t comply with a request for payment for every unsolicited message sent to your email account.
- If it’s a pyramid money scheme or “deceptive,” as in attempting to steal your money in some manner – report it to the FTC in addition to filing your own lawsuit. They’ve been known to go after major spammers, and your report could make a big difference in alerting them to a significant scamming operation.
Of course, the most important thing you can do to protect yourself in the first place is to filter out the spam. Tina’s article on how to get a grip on spam or Will’s article on five free “throwaway” email services that can help, are both excellent guides that can help reduce or eliminate spam.
To find out if you have the right to sue spammers (and make quite a bit of money in the process), check out SpamLaws.com for the laws in your state that limit spam. Many of these are from 2003 or later, so you may have legal rights regarding spam that you don’t even realize. Suing the spammers, or the businesses that hire them is one of the most effective ways to put an end to this madness once and for all.
Have you ever successfully tracked down a spammer? What tools or techniques did you use? Share them with us in the comments.