Sure-Man Scam alert!

[cuesmith]

I've been a friend of Don Sherman's of Sure-Man Cues for over 25 years. I haven't spoke to him recently but I received an email this morning, below


Hello,
I'm very sorry to bother you with this email,I'm currently in the UK to attend an unexpected program.I'm in London and upset at the moment because I'm in a terrible predicament.
I got mugged on my way to the Hotel coming from the session i was attending and thereby loosing my funds and valuables.I'll like you to assist me with a loan of $3,400 to sort-out Hotel bills and for departure.
Please let me know if you can be of any help. I promise to make arrangements for refunds when i return.

Regards,
Don




I called Don's home to verify this and found that Don is actually working in Michigan at his "day job"! His wife was somewhat startled when I told her of the scam someone's perpetrating in Don's name. I just wanted to warn folks here about the scam attempt so no one here could get hurt. I'm sure I wasn't the only one to receive such an email. These things usually blanket the net!

Sherm

 

[ibuycues]

Scam!

I've been a friend of Don Sherman's of Sure-Man Cues for over 25 years. I haven't spoke to him recently but I received an email this morning, below


Hello,
I'm very sorry to bother you with this email,I'm currently in the UK to attend an unexpected program.I'm in London and upset at the moment because I'm in a terrible predicament.
I got mugged on my way to the Hotel coming from the session i was attending and thereby loosing my funds and valuables.I'll like you to assist me with a loan of $3,400 to sort-out Hotel bills and for departure.
Please let me know if you can be of any help. I promise to make arrangements for refunds when i return.

Regards,
Don




I called Don's home to verify this and found that Don is actually working in Michigan at his "day job"! His wife was somewhat startled when I told her of the scam someone's perpetrating in Don's name. I just wanted to warn folks here about the scam attempt so no one here could get hurt. I'm sure I wasn't the only one to receive such an email. These things usually blanket the net!

Sherm

Sherm,

I just got the identical email this morning.

Watch out AZ!

Will Prout

 

[Big Chris]

scam

I got one this morning as well. Thanks for the post. I didn't know what to think.

 

[oldzilla]

I wonder if any of you or all of you that posted so far use Facebook !

I have my doughts about the way things are there.

I myself try to be real careful there as i have seen bad reviews regarding info being passed on without your consent. not to mention the hacking and viruses !

 

[TheCueHunter]

I am not facebook friends with him and I got the email this morning as well. I sent him $4000 as I thought he could use the help. j/k

 

[StrokeofLuck]

I got the same one but no Facebook for me. I instantly knew it was a scam because I sold Don a cue a while back and other than that he doesn't know me from Adam. I was wondering though how does this virus use his email acct and get any money routed to the "bad guy?"

 

[cuesmith]

I got the same one but no Facebook for me. I instantly knew it was a scam because I sold Don a cue a while back and other than that he doesn't know me from Adam. I was wondering though how does this virus use his email acct and get any money routed to the "bad guy?"

After I made sure it was a scam, I sent a response to the original email leading him on. He wants me to send him the money via Western Union, the favorite of scammers world wide. LOL Hope he holds his breath!

 

[badabing]

i just got one also, thinking of responding "fork you"

 

[justaguy]

I was wondering though how does this virus use his email acct and get any money routed to the "bad guy?"

well, there are a couple of ways to do it, most common one is to fake the mail headers and put a different return address in the note. so, even though the note looks like it came from user@goodguys.com the return address is really user@badguys.com. most mail clients have an option to show the mail headers, and if you know what you are looking for, they will show up there...

 

[justaguy]

scams...

i just got one also, thinking of responding "fork you"

dont respond, you would just validate your email address as active. that would guarantee thousands more from this scammer and many others...

 

[pooln8r]

Sherman hacked

Hi...I also received this email. I contacted Don via email about checking out a cue a couple of months ago and that's my only contact with the man. It appears from the header and a little ip locator research that someone used a server from Benin, Africa to send this email. The IP Address originator in my email was 41.222.192.84. I'm curious to know if anyone else received a different address in their email header which would be shown as the originator or the first ip address toward the bottom of the header information. Having this information could definitely help Don out in his case to have this hacker tracked down by Yahoo. My brother got hacked a couple of months ago in a similar way and they were able to shut the hacker down, hopefully permanently. Why can't hackers find something positive to do with their skills! Sorry..I wish this didn't happen. I'd much rather talk about cues and pool.. Good luck Don.

 

[guycrunch]

i got one as well.

guy

 

[cuedoctor]

I got one also...they must have hacked into his email account,someone should call him back and he needs to change his passwords

 

[justaguy]

scam

I got one also...they must have hacked into his email account,someone should call him back and he needs to change his passwords

not necessarily (although it's always a good idea to change your password often), but they may have got him to download a trojan/worm/virus/spyware which transmitted his address book (or the email addresses of those he has received email from in the last 6 months) to their computer/server/blackberry/whatever. they need not have access to his actual email account to use his address book/email history. and once they have his history/address book, changing his password wont matter...

perhaps more importantly someone should have him follow these 8 steps on whatever computer(s) he checks his email:

http://www.techspot.com/vb/topic58138.html

 

[Bigjohn]

Help!... I'm injured and broke in Margaritaville. Blew out my flip flop - stepped on a pop top, cut my heel and need to cruise on back home. Send CASH!!!... I mean Western union.

 

[bobroberts]

can't someone who received one of these scams forward it to the F.B.I.internet fraud is a crime.

 

[justaguy]

can't someone who received one of these scams forward it to the F.B.I.internet fraud is a crime.

sure they can, the question is "then what?" since US government agencies dont have the right to go storming into foreign countries to enforce US laws (present wars not withstanding) there is little that the FBI (or any other US agency) can do directly. also, since these scams often come from painfully poor locales and can be one of the few sources of hard currency into an area, even well-intentioned law enforcement could be tempted to look the other way, let alone those who are "enticed" to look the other way...

above and beyond the social engineering part of the problem are the technical problems. what does an IP address really tell you? not a whole lot. in this case it would be the IP of the first SMTP (simple mail transfer protocol - ie, email) server which accepted the email for delivery, not the client which sent it. in the case of SMTP, there is no authentication built into the protocol, so you dont need to be authenticated to send an email. also, some SMTP servers will accept emails from any client on the internet, although that number has greatly diminished since the real advent of scam/spam marketing emails, so most only accept emails from a restricted IP address range. ok, so we can tell which server processed the outbound mail, if we are lucky, there is a log saying what the IP address of the originating client is, and we can convince the owner of the SMTP server to tell us what it is. so now we know the IP that sent the email, where does that get us? not very far... many/most scam emails originate in internet cafes in cities in third world countries. so the same laptop could use 10-15 different IPs in just a week and the same IP could be used by 10-15 different computers a day.

the better lead would probably be to try to identify the actual email address you are responding to (should be the "reply to:" line in the email headers) and notify the administrator of that email domain that their users are actively scamming (would generally be "postmaster@badguysemail.com"). problem is, most of those who are running the smtp servers are in on the action, so i wouldnt expect much of a resolution.

 

[mamono]

sure they can, the question is "then what?" since US government agencies dont have the right to go storming into foreign countries to enforce US laws (present wars not withstanding) there is little that the FBI (or any other US agency) can do directly. also, since these scams often come from painfully poor locales and can be one of the few sources of hard currency into an area, even well-intentioned law enforcement could be tempted to look the other way, let alone those who are "enticed" to look the other way...

above and beyond the social engineering part of the problem are the technical problems. what does an IP address really tell you? not a whole lot. in this case it would be the IP of the first SMTP (simple mail transfer protocol - ie, email) server which accepted the email for delivery, not the client which sent it. in the case of SMTP, there is no authentication built into the protocol, so you dont need to be authenticated to send an email. also, some SMTP servers will accept emails from any client on the internet, although that number has greatly diminished since the real advent of scam/spam marketing emails, so most only accept emails from a restricted IP address range. ok, so we can tell which server processed the outbound mail, if we are lucky, there is a log saying what the IP address of the originating client is, and we can convince the owner of the SMTP server to tell us what it is. so now we know the IP that sent the email, where does that get us? not very far... many/most scam emails originate in internet cafes in cities in third world countries. so the same laptop could use 10-15 different IPs in just a week and the same IP could be used by 10-15 different computers a day.

the better lead would probably be to try to identify the actual email address you are responding to (should be the "reply to:" line in the email headers) and notify the administrator of that email domain that their users are actively scamming (would generally be "postmaster@badguysemail.com"). problem is, most of those who are running the smtp servers are in on the action, so i wouldnt expect much of a resolution.

Good write-up, quite thorough... Even in an internet cafe, there are ways to disguise the origin such as utilizing a TOR network. That would throw the originating IP address all across the world from different nodes. Best solution to this issue is education. The more educated the users are, the less prone they will be to this type of scam.

 

[sureman183]

Scam sureman scam

i can sure use the money, but i have to get it honestly. darn it. i'm still stuck in Michigan, not London. i can't imagine what i'm up against. regards don ps thanks Sherm & all others

 

[mnorwood]

Within the last 2 months an attempt was made to hack my yahoo email account. Also my mother's Discover card number was stolen with thousands of others from hackers getting in to the bank's computer.

Hackers are always on the prowl for any information on anyone they can find. Often times information is stolen for thousands of people at a time. Its good advise to never open or return a strange email and never use a credit card online unless you have id theft protection of some kind.

What really burns my arse is when they catch one of these big hacker criminals they end up getting a lucrative paying job for their "knowledge.":angry: