PC You Trust, RSS  Web Forum  Sales  News  Site Tree  Search  Registration  Login
Skip Navigation LinksHome > Learning Center > Learning Spammers > Learning Jakarta
Skip Navigation Links

Learning Jakarta

We have already reviewed couple email offers from so called local businesses and from Nigeria. Below is one more example. This time our "friend" writes from Asia. Here is the message that we got.

 

Spam email message from Jakarta

 

First, never click any links provided you by unknown people! In 99.9% there will be a computer virus that will silently install a software so that your computer will be widely opened to the strangers. The results can be very sad - your stolen personal info, SSN, bank accounts, names, addresses, etc. This info can be used to steal your money from your accounts, to open new loans that you will never find until you realize that you need to pay for something that you've never bought, etc. And you will  be unable to prevent that if your personal info is widely spread over the Internet. Sometimes people are very naive and provide their own info for free to whoever wants to get it. There are many TV and Radio programs, Internet web sites, newspapers, magazines, showing and telling how to prevent that, but... People never learn. In this particular case the author of this email message simply wants you to enter your personal info! How simple that is! Will you do that?

Let's skip this incredible salary of 300-500 per month and tons of promises and dig deeper using the trick that we have already described here. Below is what we got from this email message.


Return-Path: <"kekechi06@yahoo.com">kekechi06@yahoo.com>

Delivery-Date: Sat, 10 Jul 2010 09:24:54 -0400

Received: from web57001.mail.re3.yahoo.com (web57001.mail.re3.yahoo.com [66.196.97.105])

      by mx.perfora.net (node=mxus1) with ESMTP (Nemesis)

      id 0M56CE-1PJU8u0kwQ-00yZa1 for <"support@pcyoutrust.com">support@pcyoutrust.com; Sat, 10 Jul 2010 09:24:54 -0400

Received: (qmail 23789 invoked by uid 60001); 10 Jul 2010 13:24:53 -0000

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1278768293; bh=y1i6YO1rfD3LTTGKvV6JDPEt7Q+/oMiLyiLu5N38iPo=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=...

DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;

  s=s1024; d=yahoo.com;

  h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;

  b=hJH21...

Message-ID: <<"mailto:585823.23227.qm@web57001.mail.re3.yahoo.com">585823.23227.qm@web57001.mail.re3.yahoo.com>

X-YMail-OSG: o5WJFa0VM1lnyOfh57jKYJCRyQNZetJe5Wr2Vdbfrd0wRKG

 8xHpIZdZx8VULVj_3IyFpyvThvQ1U9xnt7nDUTzzKpjJ0pP1gR2dgGEU79yX

 nwIFDCsg80z9lKP.jXkAJrRsm8382D7S.INEckmKOjXthMvYoNSJdVGPrvTa

 PWbZalJn2DsR5HmxFFdGIfdWvGKH0t5stOoJZZD6j9lLFAo796ro8fyhdLwX

 aa8Rnrlixc7ehbDHhDtsJ4KQEyu8delM9S9g0vbh_vDTg8alMaOqgGv997AN

 oc.9YPOZDSqiCVXx522OV.yKobak-

Received: from [125.166.239.228] by web57001.mail.re3.yahoo.com via HTTP; Sat, 10 Jul 2010 06:24:53 PDT

X-Mailer: YahooMailRC/300.3 YahooMailWebService/0.8.104.276605

Date: Sat, 10 Jul 2010 06:24:53 -0700 (PDT)

From: kyanna williams <kekechi06@yahoo.com>

Subject: re: phoenix

To: support@pcyoutrust.com

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="0-1653735271-1278768293=:23227"

Envelope-To: support@pcyoutrust.com



We skip all the details and get the IP address this message was sent from. As we have already written before there are many free Internet services to find the sender. Let's use this one and get some info from it. Here we go.

 

Spam Email message from Jakarta

 

Take a closer look at the comment:

 

Comment:    ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:    for the Asia Pacific region. APNIC does not operate networks
Comment:    using this IP address range and is not able to investigate
Comment:    spam or abuse reports relating to these addresses. For more
Comment:    help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming


It's very important to know that even this IP address is not registered at the web site that we tried, there are still ways to find it. Here is the quote from this link:

 

Email message back tracing with APNIC

As we can see each region has its own web site:

 

 

APNIC has different laws and regulations. Here is another quote.

 

Spam Complaints to APNIC

 

This region is really huge and it's divided into several parts.

 

Back tracing spam email message

 

Each part has its own center and if you really want you can contact these databases.

 

NIR
Nation
Whois Database
APJII Indonesia Refer to  APNIC, Indonesia APNIC Whois Database
CNNIC China
Refer to  APNIC, China APNIC Whois Database
JPNIC Japan http://whois.nic.ad.jp/cgi-bin/whois_gw
KRNIC/NIDA* Korea
http://whois.nic.or.kr/english/
TWNIC Taiwan http://www.twnic.net/index2.php
VNNIC Vietnam Refer to  APNIC, Vietnam APNIC Whois Database

 

Let's return back to our original message. Here is the link to find the IP address this message came from. The report is relatively long since there are 5 records found for our IP address. Here is the report.

 

 

APNIC, Spam Tracing Report

 

As you can see, all these addresses are located in Indonesia and have nothing to the local business. There are so many questions that we can ask about this business and this particular offer. And the first question could easily be - are they unable to find somebody local to work with? The second question, that we could probably ask, can be - how these people work with "Google, Facebook, Myspace, Amazon, eBay, and Yahoo" living in Indonesia? The most obvious answer is - they never worked with these companies, they are just using their names to trick the people receiving their messages. Usually if the people see the names of the well-known companies they at least don't delete the message right away and read a little more. So these names are used to pay your attention. It's not important what's inside these messages. All that was done just to get your personal info. As a possible way, they can tell you that they sent you a check in a mail, but you didn't receive it. So why don't you provide them your personal info and bank account to make a direct transfer? As a result, you will probably lose everything including your identity. Do you really want that? Absolutely not! These people want to get your personal information using any trick. So don't be widely open and never provide anything whatever they want!

Good luck!

 

Advertisements