InBoxRevenge KS Forum

Good work Jim,

Can you tell us what email address(es) you send your reports to at Yahoo?

Like I have mentioned before my list is so long I am embarrass even to list it. At one point I tried to eliminate addresses that bounced or yahoo said were no longer used. After that exercise I was getting no responses so I added all email addresses back. I use filters on all yahoo responses so my inbox is clean except for what I want to see from yahoo.

Jim_P the fact that this is a "solution" in 2013, coupled with the fact that I routinely see notices in Gmail's spam folder that state that the message is in the spam folder because yahoo.com.cn was the domain name is all I need to know about how utterly broken Yahoo's situation is.

I haven't heard any updates from the Yahoo contact yet and it's been two full days of regular reporting of all Yahoo Nigerian scammer accounts to him (121 distinct email addresses and counting.)

He responded when he shut one single account down, but that was a long time ago. I'm hoping he'll do more than just the one, and that the conversation can switch to "this is obviously the 91st account that has "western_union" or "wunion" in the username - do you REALLY need to take 24 hours on this one?!"

SiL

Just as I expected, SIL. The layoffs and outsourcing have taken a toll on Yahoo. They think changing their logo will spice things up. Pshaw!

randy67 - I have to actually clarify: I hadn't heard more than "I'm on it" from my contact, becuase he's not at liberty to disclose any action he's taking.

The good news is that my Yahoo-based inbound Nigerian scam messages are already down by 1/3rd. So he's doing *something*. I just don't know what, and I can't narrow it down further than that. Phase 2 is after 3 weeks of this consistent reporting, we do a recap phonecall to see what the ongoing reporting can be for all Yahoo mail addresses that are in violation of the law.

I should have been more clear. I was not implying that absolutely nothing was taking place, just that there was no response.

I had one scammer burn through eleven distinct Yahoo mail accounts all indicating they were representing DHL. I have never seen that before. Best part: they all featured an "x-originating-IP" header value which made it clear: it's the same guy, and his previous one must have been removed.

So there's hope. Just not confirmed hope is all.

SiL

<Fingers crossed>

Hi SIL,

Another month has passed.

Are there any updates on this? I would like to get back into reporting scams, but Yahoo is a problem for me, now that they have put a captcha on my favorite reporting page

Just one email address that works would be great.

Good luck getting anything from YAHOO. I was getting a few results from my batch of email addresses but nothing lately.

YAHOO also threw another one at me. Since Comcast started blocking spammy smtp mail sometime ago I switched to using YAHOO smtp for reporting spam. Now I find my password is being disabled and I have to created a new password which only last a day or two Now I am using Gmail smtp. This is all getting too complex for me.

Maybe I should spend more time playing Pogo Payday FreeCell

I submitted a few recently. Here is the response to one of them, who knows which? I highlighted the puzzling phrase

Well: I have an update, but I'm unsure what the next steps are to set this into wider use.


And this is the thing: the "experiment" so far is definitely generating results. But they're kind of all over the place.

That form, effectively, is useless. IF someone does something with it at all on the Yahoo side, they do so extremely slowly, and inefficiently, and it does nothing to reduce the problem.

Since I've been single-handedly reporting the scam accounts for (so far) 9 individual people, I've seen some real action taken against the accounts, in record time, with interesting secondary actions.

Per day, I was personally receiving 116 at the max of the amounts I was reporting. That's just my accounts.
When my Yahoo contact decided to take me up on the reporting, he shut them all down within a few minutes of receiving my reports. The first four or five days we were doing that, you could really see it was having a devastating effect on my repeat scammers. They all switched to solely-non-Yahoo accounts, and in one case it looks like a couple of them even took a break from the scam initiations.
But now that we've been doing this over several weeks, I'm beginning to see that it's not really any kind of big improvement, since they always come back, and now they always have multiple Yahoo accounts.

The scammers who have retaliated against me have all boasted that they have "thousands" of these accounts at their disposal, and I believe that, but it still has to have *some* impact when even one account is shut down, especially at the outset of trying to snare a new victim.

Red, if you want to report your Yahoo accounts (or really if any of you do) - just send them to me in "one file at a time" postings that contain all of the offending messages. The format I'm using for one of these files is as follows:



So for example here's one set from this morning.



Also: do not redact anything. We're sending these to Yahoo's legal team as well as a set of abuse people who are dealing specifically with criminal abuse. We have to treat it as evidence in a court of law. No alterations at all.

Note also: I report multiple offending accounts on the same row for some messages. This was how the contact wanted to receive them. To my knowledge, he is the only one processing these reports.

He really wants to keep it just to me for now, unfortunately. It's been difficult getting answers from him as to what further processes could be put in place. An obvious one that I assume should be possible is to hunt for every account that references the term "Western union" in some way in the username. Or "Robert S. Mueller". These represent a huge amount of the accounts I report every day. Imagine the impact of shutting down 2000 of these in one single day. I understand that Yahoo needs to protect itself legally in the event a non-criminal person has created a "Western Union" account for some purpose, but... come on. How many of those accounts would really be legitimate?

So yes. If you want to, let me know. I am okay being the conduit while he wants to hear from a single source.

SiL

All my scammers swung over to solely Gmail or Hotmail accounts again. They don't even use Mail.com or rediffmail today, just these two providers.

All the IP ranges are always from the same four African providers (when they aren't from botnets):

In Benin:

benintelecoms.bj
mtn.bj

In Nigeria

vodafone.com.ng
gloworld.com

SiL