ram wrote: > https://ecm.netcore.co.in/tmp/dinner.eml.txt > > > > The scam works like this: > > They send you a mail asking wether you accept credit cards at your > hotel > > They get you to confirm you will accept credit card for payment. Once > you agree they ask you to bill them extra fictional charges for taxis, > etc on the card, and then wire transfer back (a portion) of the > fictional overcharges. The victim thinks he will make some extra free > money on top of the dinner charges. > > The people never show for dinner, and you are out the wire transfer > amount. > Hmm, that looks like a highly targeted variant of a 419 scam. ie: it only works against resturant owners, and only those who agree to engage in shady (and possibly illegal) credit transactions.
I think for now your best bet is hash based systems like razor, etc. We may have to start looking for this to generalize, i.e. targeting a variety of businesses and people, but right now there's not really enough to generate rules based on. In particular, I'd be uncomfortable deploying rules right now as most of the text looks like it could occur in a legitimate reservation request, so it might be better to target the follow-on emails that attempt to get them to engage in credit fraud. > And my SA scores nothing on this spam ? That's not too surprising. This is a fairly new scam, and there's nothing in there that jumps out as "spam like".
