On 4/27/20 9:15 AM, Anne P. Mitchell, Esq. wrote:
What exactly is this "basic internet research"? I thought the big problem is
that they are trivially capable of covering their tracks.
There is always a money trail. Always. Because the whole point of these
calls/sms messages is to get money out of you. And the money trail almost
always provides a nexus to the U.S. (or whatever country you are in).
In the case of spam calls, you do have to get a bit creative (and actually
interact with the spammers on the phone...ewwww), to try to get them to give up
on whose behalf they are working. In the case of text message spam, it's often
much easier because there will often be a link to a website, which, yeah, is
likely a front for another website, but hey, if you are part of NANOG,
following those trails should be trivially easy.
In the case of the outfit that just coughed up the $1000 to me, it was a text
message spam that was ostensibly about one product, but the url in the text
message actually forwarded through two intermediate urls to land on a site
hawking a completely unrelated product - no big surprise there (this was nice
because I was also able to accuse them of violating laws about misleading
advertising ;-) ). Even with whois basically being useless now in terms of
figuring out who is behind stuff, it was pretty easy to figure out who exactly
stood to profit from my buying what was advertised on the landing site.
As it happened, when I contacted them, they (rather surprisingly) referred me
to their lawyer - which turned out to be great because he understood
immediately the predicament they were in. :~)
From everything i've read, the complexity of finding them is directly
related to their cost of doing business. If they can get by with few
layers of indirection, they do. If they need more, they will. You can be
guaranteed that they will add layers if they need to. Which is to say, I
don't see how this scales to actually reduce these scams.
Mike
