New scam killing tools (March 2012)


Inboxrevenge  has a proud history of providing useful tools for combating spam.

2012 has ushered in some new tools, with a new target - Scams.
We are seeing a considerable increase in the frequency of spams hitting our inboxes that have one clear purpose - to separate the unwary from their money.

There are many categories of scams. The most prevalent is known as the Advance Fee Fraud. These encompass fake lotteries, bequests of millions of dollars, fake scams involving smuggling money out of certain countries, claims by military personnel that they want to pass a stash of millions through your bank account, young girls seeking romance and so on.

These scams depend on communication back and forth via an email address. The scammers in over 99% of cases use free email services, most prominently from Yahoo, Microsoft, Google, GMX and Rediffmail.  But there are over 600 others also abused in the same manner.

The quickest way to nip these vermin's scams is to have their email addresses shut down before they can get their scams off the ground. To make this happen, the team at InBoxRevenge.com have put together some useful automated reporting tools and released the free of charge.  The members only forums at IBR provide support for such tools as

1. 419 Nigerian ScamerAtor
2. 419 Automated Reporters

The tools can be downloaded from the spamtrackers download site under Spam Reporters

Outage for maintenance Friday April 8, 2011

We expect some downtime of about 30 minutes for site maintenance on Friday, April 8th, 2011 at 10pm (EDT or GMT -4),

April 5, 2011 outage

Our hosting company had a hardware issue that caused a brief outage today. No malicious activity was occurring.

The DDoS is still going on at a low level, so members with dynamic IP addresses may have difficulty getting access. Contact an admin through the forum email address (see below), or submit as a comment here if you don't get email notifications for forum posts.

For those of you who aren't members and are wondering what got the spammers so pissed off at us, the public areas of the site are still available via Google cache. Just do a search on

site:inboxrevenge.com

with or without additional search terms.

Areas of the forum only visible to registered members won't be available that way, but apparently even the public areas were good enough to earn the spammer seal of disapproval.

InboxRevenge.com currently up with limited access

The attack on IBR has slackened, so the forum is available on a limited basis. Still, there is a high likelihood members will find themselves blocked or that the attack will ramp up again.

You can contact an administrator about problems with access by replying to the same email address your forum notifications come from. Otherwise, you can post a private comment to this blog to request assistance. (Comments are moderated and won't appear if you ask us not to post them.)

DDoS against InboxRevenge.com continuing

We obviously weren't surprised the DDoS would start up again. We've had plenty of experience with attacks, both against our forum and Castlecops.com. In those instances, they kept coming back, week after week, each time the forums reappeared.

But the intensity of this attack is a bit of a puzzle. They're conducting a much heavier attack this time. IBR just went off line the last time when hit with the smaller attack. So regardless of how much traffic they send, they're still not striking any target. They do allow us to collect more IP addresses during brief periods of data collection. But there's not much point going nuclear when we were perfectly happy to go off line and wait during the less intense attack.

On the other hand, I do hope law enforcement is noting that these attackers are a serious threat and should be addressed aggressively. Not all websites have the luxury of conducting their operations offline whenever needed. What would a bunch of criminals like these guys be doing with that botnet when they aren't attacking us? I'm sure they're not using it to sell Girl Scout Cookies.

InboxRevenge.com again under DDoS

InboxRevenge.com members who are trying to log in are getting time outs. Another DDoS has been going on for several hours now. Our server is off line for now, so they are attacking nothing.

As before, our strategy has not been to try to weather the attack head on. The reason we have accomplished so much in fighting internet crime is that we are patient and take the long view. We will can go off line and come back as often as necessary. Meanwhile this blatantly criminal attack exposes the attackers to greater scrutiny from law enforcement.

The best strategy for our members is to continue submitting reports on illegal websites to registrars, and to continue to get the word out about the fraudulent nature of spamvertised websites. As long as there is a person on the planet who thinks "Canadian Pharmacy" and "My Canadian Pharmacy" are in Canada, our work is not done.

Tell some friends about the following sources of information, put some links on your own websites, consider becoming a reviewer for SiteAdvisor or WebOfTrust to make sure anyone who tries to research a domain mentioned in a spam will find accurate information in the top search engine results:

The Spamwiki -- If possible, mention specific spamvertised brands and link to their spamwiki pages. This is an opportunity to educate people that buying from spammers means sharing your personal and credit card information with criminals:
http://www.spamtrackers.eu/wiki/index.php/Main_Page

Blogs and information sites including this blog. They can't shut them all down:
http://spamitmustfall.blogspot.com/
http://ikillspammers.blogspot.com/
http://garwarner.blogspot.com/
http://twitter.com/inboxrevenge
http://inboxrevenge.blogspot.com/
http://inboxrevenge.spaces.live.com/
http://inboxrevenge.wordpress.com/
http://spamtrackers.org/

SiteAdvisor and WebOfTrust-- many IBR members are highly rated reviewers for these:
http://www.siteadvisor.com/analysis/reviewercentral/
http://www.mywot.com/

Other antispam and security forums that many of our members participate in:
http://spywarehammer.com/simplemachinesforum/index.php
http://www.cybercrimeops.com/forums/index.php

Sites that accept forwarded spam/phish:
http://knujon.com/
http://www.spamcop.net/

Information on reporting active phishing sites, from IBR on Google cache:
http://bit.ly/238Ges