August 14, 2012

The Case of the Cameroon Cat Scammer – Social hacking at its best

 

GavinTomlins Social hacking

Recipe for a Good Scam

 

– A Cameroon Social Hacker

– Some Cute Kittens

– An a emotive buyer aka my wife

Scam Overview

Everyone has heard of the Nigerians trying to scam the Elderly and the unsuspecting in Australia, trying to convince them to part with their hard earned cash. (this has been prevalent with the Elderly of recent in Queensland. Even to the case where the Nigerians phoned the Sundale ICT help desk within our Aged Care facility !) Well my wife, Natasha (www.facebook.com/public/Natasha-Tomlins) who is an educated lady and avid cat lover, almost fell victim to an elaborate social hacking scam.  Kevin Mitnick a noted hacker of his time, speaks nowadays of the human element and the threat of social engineering/hacking as being the next major threat. Read on

How the Scam Played Out

The scam that almost played out with Natasha came in the form of a cute kitten. Natasha a former cat breeder, was after a specific breed on the higher end of the cost spectrum up around the 1k mark. Being a thorough researcher, Natasha scoured the internet looking for a reputable breeder or the chance of possibly finding a cheaper option of the breed that she was searching for. Lo and behind, she seemed have struck gold on a website called www.adpost.com. Multiple breeders with a variety of offerings. Now to narrow the search and wouldn’t you know, a post matching what she is after. Fast forward, the kittens are located in Brisbane, only a 100km from where we live. We’re on a winner, or are we ?

 

Firstly, I would not classify adpost.com as having wide spread recognition i.e. not in the same league as oebay.com.au, trading post.com.au or gumtree.com.au within the Australian classified space. Though, the add seemed genuine enough. Let the email traffic begin

GavinTomlinsEmailHeaders

Natasha, sends a general enquiry email to which our Scammer responds. Take note, of the personal touch, the caring attitude and what seems like a caring owner after the best interests of the интернет магазин кондиционеров в витебской области kittens

GavinTomlinsCatEmail1BW

The email also included 2 adorable images to further entice the end-user and appeal to the emotive buyer. i.e. refer to the lines about kids and sending of photos.
My wife Natasha asked me my thoughts on including photos of our house/where the kittens were going to stay etc.

Insert Flashing Siren and Alarm Bell

A little alarm bell went off and we decided to look in a little more detail about the email and its origin.
Step 1 Lets check the authenticity of those photos
We fired up fire fox and we checked the kitten photographs using Google Images.
For those of you who don’t know, you can drag and drop an image from your collection into Google’s Images URL and Google will run an algorithm and try locate similar photos and the locations they were taken in.
GavinTomlinsKittenDesktop1BW
Kabam !, the photo sent by our friend, returns close to 20 matches ie. it is a photo from a stock photo library or from an original breeder eg. a sample
GavinTomlinsKittenSearchMatchBW
Our friend Serah had his Pinocchio nose growing…
Hmmm, we are more than suspicious now but the email dialogue still continued in the background (omitted some emails for brevity). He’s moved, having an operation, leaving the country but is stopping at Darwin on the way out…….
Still ongoing, but to cut it short, our scammer has moved from Brisbane to Darwin and is about to leave the country. We don’t have to purchase the kittens as he is wishing to give them away free, we only have to transfer funds to pay for the transport now from Darwin.

It just so happens though, we have a fictions relative in Darwin ;-). A quick Google, we find a land mark and say we can meet our Pinocchio-Cat Breeder-Darwin Tourist-Surgery Patient-Overseas bound-scammer at one of the local land marks. Again, we can’t coordinate, but just transfer the funds and all will be good.

Where are you located Mr Scammer ?

3 Emails later we decided to see if we can narrow down the location of where our All Caring – Pinnochio nose growing, cat caring breeder, Darwin Tourist, Surgery Patient, Overseas bound and wannabe thief comes from.
Let’s have look at the email header and see if we can trace the source.
A free email tracking service I find good is
GavinTomlinsMailAddressBW
Simply paste your email header into the My-Addr (google is your friend for finding your full headers)
GavinTomlinsEmailHeaderBW
The helpful My-Addr website brings back a table with IP addresses and rough origin of email sender.
GavinTomlinsCameroonLocatorBW
Hmmm that’s not Brisbane… Hmmm that’s not Darwin.. Serah are you telling fibs ? A quick google search for Cameroon in Australia reveals zip. http://goo.gl/cOJGA

The Demise of Pinocchio Serah the Cameroon Scammer

The final email that our friend Serah, didn’t respond to :-)
Tsk, Tsk, Serah exploiting the cuteness of Kittens….
GavinTomlinsFinalEmailBW
It is unfortunate that these parasites exist out in the internet. Worse still, they are preying on elderly Australians and convincing them to part with their hard earned cash.
You may wish to visit the Australian Government Scam Watch website on other potential scams
Tell us if you think you have been scammed, or would like some assistance in working out the origins of dubious emails.
ENJOY
admin

admin

Posts

No Comments

Be the first to start the conversation.

Leave a Reply

*


two − = 0

Text formatting is available via select HTML. <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>