 dardin
join:2002-11-19
Tucson, AZ
1 edit | Funny but easy to block..... The web site owners can simply disable remote hotlinking of images. Even worse, they can disable and redirect back to this groups site and nail them back. The effectiveness of this method will be very short lived.
Not saying I'm against this, I have no love for these sites being abused by this, but this method is very easy to defeat for any server admin. | |
|  | 
cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
| Re: Funny but easy to block..... said by dardin  :The web site owners can simply disable remote hotlinking or even redirect the hotlinking back to this groups web site and this method is no longer effective. Maybe. Depends on how things are written. The phishing sites want "legitimate" traffic to come to their sites so that they can scam them. They could look at the referrer information or maybe the user agent to see what is trying to request the information and if it matches a criteria that the vigilantes are using, block/redirect it elsewhere. But the referrer or user agent can be spoofed. I can make my request look just like a request from "legitimate" traffic.
--
Win some of $250 in prizes. Try your luck with The Amazing Race Contest. | |
| | | | | 
DaveDude
No Fear
join:1999-09-01
New Jersey
 ·Comcast
| Re: Funny but easy to block..... said by MIllIlITER :These efforts are well intentioned, but doomed to failure. The scam artists just shut down and start up another web site somewhere else within the day. The only thing that will work is to find them and take every nickel they own. And maybe in China, have them executed. I agree, but disagree, Once they are targeted, and this repeatedly happens they may change there minds. Kinda like anti-virus telling every machine to not allow this file to execute.
--
I dont support the **aa! | |
| | | JPCass
join:2001-01-23
Denver, CO
| said by MIllIlITER :These efforts are well intentioned, but doomed to failure. But how do you "find" the ones in places like China, unless local authorities are involved? What sort of approaches or tactics will realistically work with offshore sites?
On a large enough scale, action against the sites, which also has an impact on the ISPs that host them, at least provides negative feedback to the system. It does make operating a bit harder for the scammers, and lets them to get fewer positive responses before they're shut down, while it also puts pressure on hosting ISPs to keep scammers off their networks.
China and other countries actually have an economic interest in turning a blind eye towards dubious activities that do little harm domestically but bring in foreign dollars, and some may actually have some political interest or motive in seeing richer countries drained of assets any way possible. So how do you apply pressure to counter that, when they may have no little or no internal motiviation to crack down on certain kinds of fraud? | |
| | | | 
BonezX
Basement Dweller
Premium
join:2004-04-13
Canada
| Re: Funny but easy to block..... said by JPCass :said by MIllIlITER :These efforts are well intentioned, but doomed to failure. But how do you "find" the ones in places like China, unless local authorities are involved? What sort of approaches or tactics will realistically work with offshore sites? On a large enough scale, action against the sites, which also has an impact on the ISPs that host them, at least provides negative feedback to the system. It does make operating a bit harder for the scammers, and lets them to get fewer positive responses before they're shut down, while it also puts pressure on hosting ISPs to keep scammers off their networks. China and other countries actually have an economic interest in turning a blind eye towards dubious activities that do little harm domestically but bring in foreign dollars, and some may actually have some political interest or motive in seeing richer countries drained of assets any way possible. So how do you apply pressure to counter that, when they may have no little or no internal motiviation to crack down on certain kinds of fraud? i think he was aiming for the, "kill them all you'll eventually get one of them" approach | |
|
| 
dddane
join:2002-01-10
Chicago, IL
| yes, they could check the refererr... but the entire point of DDOS is it uses up your bandwidth... the hits alone are enough to take the site offline. any response, or lackthereof, only adds to the cause of knocking themselves offline..
also, checking the referrer for remote images might cause the images to not load in spam too? | |
|
Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY
 ·Qwest.net
1 edit | Great I think this is great. Yes I know two wrongs don't make a right but still if nobody else is going to do anything about this way not. I just got a Phish from "E-Bay" over the weekend trying to scam me out of credit card info. GO For it. I see with the above post this no longer works so again a feel good thing that does nothing.
--
Low voltage Tech's are wimps, Real tech's use 45 pound filament transformers, plate voltages no less then 2400 volts with at least 10 amp's lighting 8877 triodes...BPL I'm coming to get you.
| |
| |
DaveDude
No Fear
join:1999-09-01
New Jersey | Re: Great I kinda have to agree, when nothing is done, then regular people try to take care of things. I recieved 3 phishing scams this weekend that looked so authethic it was scarey.
--
I dont support the **aa! | |
| | scr4t
join:2003-03-11
Jefferson City, MO | I agree, something needs to be done. This may not be as good as actually finding them and giving them the punishment they deserve, but it is a start. | |
| | 
zoom314
Superman
Premium
join:2001-04-30
Yermo, CA
| said by Transmaster :I think this is great. Yes I know two wrongs don't make a right but still if nobody else is going to do anything about this way not. I just got a Phish from "E-Bay" over the weekend trying to scam me out of credit card info. GO For it. I see with the above post this no longer works so again a feel good thing that does nothing. I agree completely Transmaster, Something needs to be done, If this is the only way to deal them a blow, Then fine DDoS them to death!;)
--
Firefox forever!»mysite.verizon.net/zoom314/ | |
|
oroper
Patriots Rule
join:2004-06-01
Beverly, MA | Can anyone say..... ..bounty Hunting??? | |
| | cbiggers
join:2000-08-10
San Luis Obispo, CA
1 edit | Not a DDoS... The title of this news, is as usual, incorrect. It is not a DDoS attack. The websites are NOT supposed to become unavailible, otherwise you can't leech the data and the whole idea is useless. Did whoever wrote this article actually even have a clue what this project is about? Not to mention the fact that hosts are only put on this list after they have been contacted numerous times, and have been found to either a) not respond b) be criminals themselves c) respond that removing an obviously fake bank site from their servers is not their job. Perhaps people should try actually learning about a topic before speaking about it.
»www.aa419.org
»www.419eater.com/forum
The members of both of these online communities don't just leech bandwidth 24/7, they also have contacts with several police authorities and make good on arresting the scammers. Does it help? Sure, maybe only a little, but that's one less person who has to be scammed. If you want to help anti phising, use the Netcraft toolbar and submit anti phising reports. It will at least help the people who have the Netcraft toolbar installed to not be fooled...
Research is helpful. | |
| | 
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA
| Re: Not a DDoS... True, the leecher is setup to pause for a period of time if the destination isn't reachable just for that purpose...to not cause a DDoS attack. And it says right in their faq that they're only targeted after all authorities are notified and the site still remains operational.
--
Don't get it, demand it! The Anime Network www.theanimenetwork.com | |
|
TheOtherEric
@63.135.x.x
| An eye for an eye. I don't see the point of objections to the program. The scammers need to have this happen to them wherever they hide.
Any ISP that willingly and knowingly hosts such scammers needs to have the attack happen to them as well. Legitimate custoomers, inconvenienced by the denial of service, will take their businesss elsewhere. *Especially* if they become aware that their ISP is being targeted by vigilantes because they harbor scammers. We're looking for the ISPs to tell the scammers "Look, no matter how much you pay us, we can't have you as a customer if we can't do business!"
If the scammer can't be shut down directly, then the ISP will terminate their service so as to protect their business and their other, less troublesome customers.
Similar pressures are already exerted against spammers by sites such as Spamcop and Spamhaus. The difference here is that the punishment is *preemptive* rather than passive.
I have no sympathy for the scammers.
I have no sympathy for ISPs that harbor scammers.
I have some sympathy for legitimate customers who unknowingly patronize 'corrupt' ISPs, but they'd be better off taking their money elsewhere.
The affected innocent customers would be inconvenienced one way or antoher soon enough. If not by a direct denial of service than by being inexplicably blocked from routers and email servers in attempts to block the traffic they're associated with.
whether or not this is a legal or correct thing to do, it's still a good thing.
Yes, some people will be inconvenienced, but in the long term, they'll benefit, as ISPs learn that harboring scammers is a quick way to get shut down. | |
| RasputinX
join:2002-06-25
Waterloo, IL
| anyone else see the parallels? its like the an online version of the Bush Doctrine...
Any ISP who harbors a scammer is no better than the scammer they are harboring, and the right to take unilateral action in order to remove an online threat is reserved.
Any ISP who finds themselves involves with this needs to determine where they stand, and in fact should already have a policy in place to handle such an eventuality.
The Internet is a community, and eventually, the members of any community will fill a percieved void, in this case by forming a "Vigilance Committee".
IMNSHO, String 'em up. | |
| |
DaveDude
No Fear
join:1999-09-01
New Jersey
·Comcast
2 edits | Re: anyone else see the parallels? I think your pushing things too much with that statement. Is it possibly that "bounty hunters", whoever have filled the a void in your everyday life? This is a common occurance in our lives. For example one "bully" takes things to far on the playground and the teacher does nothing. Then mysteriously the " bully" gets beaten. I think you have a very vivid imagination..
--
I dont support the **aa! | |
| | | RasputinX
join:2002-06-25
Waterloo, IL
| RE:Schoolyard Bullies I don't even see your point, if there is one...
Is the schoolyard example mocking or supporting the analogy (because it looks sorta supportive, if simplistic and, well, schoolyard)?
And how would "Bounty Hunters" have filled a void in my life?? I am not one, thought I support their activities in principle. And I am steadfastly in support of individuals asserting their rights, lest they atrophy...
Also, slight difference...
a "Bounty Hunter" would be the big, tough girl taking $10 from a consortium of geeks and/or dweebs to beat up the bully.
Whearas a "Vigilance Committee" (a member of which would be a "Vigilante") would consist of the actual geeks themselves and possibly other interested parties (possibly altruistic jocks) banding together and beating the bully up for the good of all concerned. | |
|
| 
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| Nope Re: anyone else see the parallels? The analogy breaks down.
Bush invaded Iraq and lots of people died. He justified his invasion based on Iraq supposedly aiding its own rival (Al Qaeda), and on Iraq having WMD.
The anti-419 groups are targetting known sites, only those sites, and have no plans to invade China or kill anyone.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
| | | RasputinX
join:2002-06-25
Waterloo, IL
| Re: Nope the analogy wasn't in comparing the results of the application of the Bush Doctrine in practice, but in the restatement of the principle of "first strike"...even though in either case its hardly first strike, since both Saddam Hussein and spammers have targeted and attacked us before, and certainly had/have the capability and intention to do so again...to argue againt this point would be ludicrous. Both sides have their economically-linked apologists (France and greedy spamhosting ISPs)...but lets get back to your comment...
invade China...well I'd say that the anti-419 groups have probably already conducted offensive operations in ChiCom Cyberspace and I am aware of no plans for an American invasion of China by anyone besides Wal-Mart.
...kill anyone...well, they also have no plans for saving anyone from anything more dangerous than spam, so unless they were gonna start conducting assasinations of spammers or build a time machine and go back and kill Al Gore, thereby preventing the Internet and spam from ever being invented in the first place..the comparison is sorta moot.
Besides, I mean come on get with the program...Iraq has held free and fair elections, the situation vis-a-vis Palestine is showing some light at the end of the tunnel...Almost no one, aside from poking at the faulty intelligence ans the like, think the end result of the invasion of Iraq has led to anything but a net increase in the stability of the region and the world.
But I didn't raise the point so that you could bash the President with no real point, it was more of a philosophical observation dealing with the rights of individuals and organizations, be they govenmental or an ad hoc collection of citizens (or 'netizens) to take direct, preemptive action to protect themselves against a percieved threat. But I suppose there will always be those who cannot resist an opportunity to denigrate our President.
In the present era of possible WMDs the only intelligent policy is to determine who our enemies are and annihilate them by whatever means neccessary before the have the chance to do the same to us. Its just too easy to kill large numbers of people to wait until they actually do it, then try and prove it.
Similarly, in the present age of browser hijacks, trojans, exploits, zombies, and the like, combating Internet abuse through whatever means neccessary is entirely appropriate.
In both cases such a policy could easily be abused, but then so can anything humans are in charge of...look at the UN. | |
|
jester121
Premium
join:2003-08-09
Lake Zurich, IL | Pointless.... These guys are probably using stolen credit cards to pay for their hosting service anyhow, so they don't care if they hit the bandwidth cap for the plan. | |
| |
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB | Re: Pointless.... When the bandwidth cap is hit, the ISP shuts down the site for non-payment.
And that means success.
Another 419 scam site taken down. | |
| | |
dddane
join:2002-01-10
Chicago, IL
| Re: Pointless.... well if we're assuming some "legit" ISP is hosting these sites, why aren't people contacting them to make them stop hosting it... or better yet DDOS the ISP.... it seems like this would be a more proactive approach to keeping them from hosting this smut | |
| | | | cbiggers
join:2000-08-10
San Luis Obispo, CA
| Re: Pointless.... said by dddane :well if we're assuming some "legit" ISP is hosting these sites, why aren't people contacting them to make them stop hosting it... or better yet DDOS the ISP.... it seems like this would be a more proactive approach to keeping them from hosting this smut Did you even bother to read anything? You obviously have no idea what this is about. Visit:
»www.aa419.org
Then you can speak and perhaps not look so foolish. | |
|
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| When we have a lawless internet When we have a lawless internet, where legislators and law enforcement are unwilling or unable to operate, what do we expect?
The internet is the wild west.
And in the wild west, not having access to anything better, they resorted to vigilante justice.
The real solution is proper regulations, laws, enforcement, and penalties.
But until we have that, this particular vigilante group, carefully targetting 419 scammers in a manner that does not disrupt other customers, is something I'll support in spirt.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
| | 
bent
and Inga
Premium
join:2004-10-04
Loveland, CO
clubs:
| Re: When we have a lawless internet Real Solution? I'm not so sure. The problem there is that you are trying to regulate some thing that is by definition international. When Heads of State get together, they cant even agree on what to have for lunch, much less "laws" for the internet. What are we going to do? Leave it up to the UN?? That would be even more effective. lol
If the strong can't (or shouldn't) protect the weak, where does that leave us?
I applaud the people behind this, and wish them the best of luck. | |
|
| | |
|
|
Mugu Marauder: Vigilante Justice
·
·