scambaiter needs advice.

Started by corporalpunishment, March 11, 2006, 02:48:15 PM

Previous topic - Next topic
Anyone here involved in scambaiting? If so you will know what I need to learn. At the moment I am totally reliant on social engineering to extract their passwords.  Which is time consuming and haphazard at best. Once in, I am able to warn any potential victims, and sometimes find personal info on the lad and get them arrested.

I just need pointing in the right direction. I have been looking around various forums today for info but am finding it hard to put together a reading list from the vast and disparate amount of information on this subject.
I suppose html is the basis (which I have started) and php will be next. Have also started the web basics at:
What then?
I would be grateful if someone could draft a rough guide in some kind of linear order for me, so as I can cut down the leaning curve and weed out the unnecessary reading If that is possible.

Html experience nil, programing experience nil.
Thanks for any help on this.

Not familiar with them, so not sure how to help.

What is it that you're trying to do, and what kind of knowledge could you stand to learn ?

Might be able to help but largely depends on what you need..
"My Terminal is my Soul"

This is the kind of thing I mean. I mess with these crooks by wasting their time. If they won't play, I wanna take em down. ;D

Well it depends really. In this case I guess it's unfortunate but there is really no 'step by step' guide.

I mean, you have to examine each situation and go from there. I'm not sure I'm clear on everything you're trying to learn, but for a loose example (and if this seems not what you're after see further below):

Let's say I was going to target some site (say [from thin air]), the things I'd try to establish are:

1. What OS (operating system) are they running ? (this can often be found by way of deliberately going to an invalid file on their webserver .. if they have a webserver obviously although there are other ways too)

2. Are they running any services that might be exploitable ?

3. If so, which ones and are there any known exploits or do we need to come up with one on our own ?


Tools that might be useful:


- Look up info about a host (who owns it etc). This can be done on websites or third party or natively built tools in your OS (i.e., linux/unix has the tools built in, but you might have to find a third party tool for windows).

'traceroute' (on windows this is tracert)

- Trace the route (can often find where the server/host is located or get a general idea and some tools have a graphical front end which make it even easier)

There are others as well.

If it's a dedicated/static ip, then you can use the above to get more info about them. Otherwise, maybe report them to the provider (possibly citing their terms of service/acceptable use policy).

Also, be careful with laws, since even though you're doing good, it can lead you to trouble (inteferring with the law or ay other thing possible). Don't do anything questionable but instead go to their provider or ...

If this doesn't help let me know what you need specifically and we'll see if I can help ...
"My Terminal is my Soul"

March 15, 2006, 07:03:46 AM #4 Last Edit: March 15, 2006, 07:06:25 AM by corporalpunishment
Metgod, Sorry Metgod you seem to misunderstand me.
It's not the site that I want to attack, (we are the good guys!) it's the 419 Advance fee fraud scammers. These are the people who send you those emails promising a percentage  of millions of non existent money or informing you of a huge lottery win, from some national or on-line lotto that you never even entered.
The members of this site and others like it dedicate them selves to try and frustrate the perpetrators of this scam and warn potential victims of what is going on. What I have been trying to avoid saying is: How do I learn how to gain access to their email?.....There, said it!

Tracing servers and the source of these e-mails is second nature, indeed we have shut down thousands of fake bank sites that they use to convince their victims that they are genuine by alerting the server admin.

I understand the principles, but want to cut down the time required to learn. I have started my own training by reading up on html, php, java, and c+. I already have the nous for this kind of activity, I just lack the practical know-how. I agree that it is difficult to explain this artful craft in any kind of meaningful way, but would appreciate a nudge in the right direction as regards the minimum knowledge base I can use as a springboard towards my goal.

As regards your warnings on the legality of this. Yes I am well aware of this, but doubt that much would happen even in the unlikely event that I was caught. National law enforcement agencies takes little or no interest in the criminals that carry out  this activity. They would take even less on those of us trying to stop them. Plus....would you report on someone that was interfering in any illegal activity you were involved in?

Thanks for any help or further advice you can offer.
Corp. ;)


It kind of depends as you seem to understand (which is a good thing). You're already aware of social engineering, so I won't mention that anymore except to say this: it may be quite useful in conjunction with what other things you do.

Since there is no single answer, I can maybe give you some suggestions. This kind of routine works for most things in life that involve learning (read, experiment, start over kind of thing).

1) Read a bit more on what you're trying to do (this means fighting scammers [what others have done to do the same, etc.] and also more on how email works.

2) Experiment. So for example, if you found a scammer using a hotmail mail, you could set up your own hotmail account, and try to figure out how it authenticates you etc. This could be done various ways, such as looking at the html code (or whatever language) or any other possible thing you see when logging in/using the service. Basically: know the provider.

3) Note that often web mails will store your IP address in the mail (X-Originating-IP field/header) ... and this could be useful in some ways (not necessarily in getting their mail but useful in finding out their isp or so -- assuming they don't bounce or something similar).

4) And continue on ...

Does that help one iota ?

"My Terminal is my Soul"

Thanks Metgod,
Yes that is a great help. Most of the anti 419 sites discourage discussion of this topic for the obvious reasons. But there is a sort of understanding that anyone who has the skill is a benefit to the hobby/cause.
Like I said, I am doing the hacking tests on hackthissite (any chance of similar stuff here?) they are great fun regardless of any other reason for attempting them.
You seem to be saying that I am going the right way about it and heading in the right direction, which is pretty much all I needed to hear, Will keep going till it starts to click.

I have been involved in scambaiting for two years now. Reading headers is the first thing we do when we hook a scammer so I'm ok there.

If anyone here is interested in having a go at baiting these lads look up '419 scambaiting sites' on google and take your pick. It's great fun as well as being socially useful.
Thanks again.

Glad I could be of help ...

And no, we don't have any challenges, although I suppose that could be neat.

Either way, glad to be of help and let me know if you have any other questions.
"My Terminal is my Soul"

SMF spam blocked by CleanTalk