[Dshield] Where should you start - I'll wrap it myself

John Sage jsage at finchhaven.com
Sun Mar 21 17:07:34 GMT 2004

You seem to be stuck on one of the most common points regarding all of
this "criminal" activity.

On Sun, Mar 21, 2004 at 02:48:49PM -0000, Roger Gelder wrote:
> From: "Roger Gelder" <roger.gelder at ntlworld.com>
> To: <list at dshield.org>
> Date: Sun, 21 Mar 2004 14:48:49 -0000
> Subject: [Dshield] Where should you start - I'll wrap it myself
> OK, most responses have been, reasonably so from the point of view of
> this being 'Dshield', concerned with the defensive approach. I was
> more interested in the offensive - rooting out the writers and
> distributors of the rubbish -difficult but not impossible. Only one of
> the replies seemed to feel that that was appropriate, which is
> surprising, given the damage.

ah, yes: "Why isn't someone *doing* something about all this!?!"

> However, I would have thought that with all the tracing and tracking
> effort put in place by the many subscribers to this list, that some
> reporting of these activities would have been possible. Whether such
> efforts result in reports to those with the legal authority to bring
> criminal proceedings - and thus 'terminate with prejudice' - take away
> their PCs and heavily fine/jail or whatever, does not seem to be
> happening. The result is the continuance of damage.

Many of the perpetrators are located offshore from the legal
boundaries of the United States - and here, note that I'm assuming
that *you* are an American and you speak in the context of American
laws and legal remedies.

The entire world is not subject to American legal constraints.

Add to this the fact that the sources - particularly spam email - are
obfuscated and impossible to determine with any accuracy, or, worse,
are using hijacked systems such that the actual owner is arguably
innocent of any conscious wrongdoing.

Add to this the fact that a lot of the web sites involved with
phishing scams, etc etc, are located offshore and hosted by ISPs with
a less than active interest in shutting down web sites that are:

1) paying customers;

2) may have been set up fraudulently in the first place;

3) and, add that said ISP's have technical support staffs that are
underpaid and overworked anyway;

4) and, again, are offshore and not subject to American laws

The net answer is that it is not anywhere so simple as you would like
to think.

> So, whenever I get a scam, attempted "Fill in your bank account
> details here" message , I DO report it to the cover name such as Ebay
> or my local bank, whose-ever name has been abused. I don't know enough
> about tracking and tracing to be competent in that field, so I am
> grateful for your efforts on my behalf.
> BUT, do you report the 'criminals' and end their activities, or, at
> least, make life difficult for them?

It all depends on where you want to spend your time.

Your choice. Your priorities.

- John
"Mad cow? You'd be mad too, if someone was trying to eat you."

More information about the list mailing list