What the hell is he going to do with my IP Address? Come find my location? I'd love for him to come find me.

Not necessarily. Depends on how the mail was sent - what mail client and what provider.

It is becoming more and more common that the clients themselves and even more-so the SMTP services modify or even strip some SMTP headers. The Received headers are the ones of concern and in a small business generally only the last one matters as the others belong to the mail provider. Even if the header is not stripped or even modified it may be a public IP, may be a private IP. Of course exposing a private IP is undesirable but it does no good to somebody who can't get through the perimeter to it.

In response to Hancock's comment about Kyle having the scammer's, the same applies - not necessarily. In the case of the scammer it may be less likely for Kyle since scammers generally use web-based mail versus a local client and more web-based systems don't expose the actual client IP than local clients do.





DHCP doesn't normally work that fast. See DHCP leases and the renewal process. Though Kyle goes on to add that he has a static IP so [un]plugging won't help since DHCP is not in play.

The physical medium does not matter here unless that scammer is between your house and your providers switch that you're connected to. "FIPS Compliant Encrypted Firewall" is marketing lingo. FIPS and compiance is a thing though. Separate from that though how is your firewall encrypted? I've never worked on your prosumer device so I don't know if that's actually the case but given that it is a Linux-based device that is FIPS compiant I bet it is. But, like phyiscal medium (fiber vs twister pair copper vs coax vs etc) doesn't matter to a remote attacker, neither does the firewall being "encrypted". Somebody has access to it in the clear somewhere. For a simple example, we'll say you do from the computer that you exchanged emails with the scammer. ...means I do with only a little bit of social engineering like sending you a link in an email and you clicking on it for me by me pretending to be interested in getting a quote. Make no mistake though, that matter concerns configuration of the device. I believe you may have a false sense of security in terms of data in motion - Ethernet Frames > IP Packets > TCP/UDP Packets > Application Layer transitting your local network to the Internet and back. *That data is not necessarily encrypted*. That's important to understand.

Back to the topic though, Kyle if you want the possibility of somebody upping the fun factor with this guy hit me in a PM.

Not necessarily. Depends on how the mail was sent - what mail client and what provider.

It is becoming more and more common that the clients themselves and even more-so the SMTP services modify or even strip some SMTP headers. The Received headers are the ones of concern and in a small business generally only the last one matters as the others belong to the mail provider. Even if the header is not stripped or even modified it may be a public IP, may be a private IP. Of course exposing a private IP is undesirable but it does no good to somebody who can't get through the perimeter to it.

In response to Hancock's comment about Kyle having the scammer's, the same applies - not necessarily. In the case of the scammer it may be less likely for Kyle since scammers generally use web-based mail versus a local client and more web-based systems don't expose the actual client IP than local clients do.





DHCP doesn't normally work that fast. See DHCP leases and the renewal process. Though Kyle goes on to add that he has a static IP so [un]plugging won't help since DHCP is not in play.

The physical medium does not matter here unless that scammer is between your house and your providers switch that you're connected to. "FIPS Compliant Encrypted Firewall" is marketing lingo. FIPS and compiance is a thing though. Separate from that though how is your firewall encrypted? I've never worked on your prosumer device so I don't know if that's actually the case but given that it is a Linux-based device that is FIPS compiant I bet it is. But, like phyiscal medium (fiber vs twister pair copper vs coax vs etc) doesn't matter to a remote attacker, neither does the firewall being "encrypted". Somebody has access to it in the clear somewhere. For a simple example, we'll say you do from the computer that you exchanged emails with the scammer. ...means I do with only a little bit of social engineering like sending you a link in an email and you clicking on it for me by me pretending to be interested in getting a quote. Make no mistake though, that matter concerns configuration of the device. I believe you may have a false sense of security in terms of data in motion - Ethernet Frames > IP Packets > TCP/UDP Packets > Application Layer transitting your local network to the Internet and back. *That data is not necessarily encrypted*. That's important to understand.

Back to the topic though, Kyle if you want the possibility of somebody upping the fun factor with this guy hit me in a PM.

When I say FIPS compliant, it’s the standard state and fed government agencies are held to. I’m far from a network engineer.

Also your correct it was a GMail account and I have the GMail server IP but I don’t have the scammers actual IP. I also go through office 365 web mail that is attached to my hosting account so only IP he’d have from me would either be the Microsoft server IP or my hosting server IP.

Now you've done it. THF is now going to show up on technical searches and it'll just confuse the [censored] out of people.

Have him pay the CC and then tell him you have a 60 day waiting period to make sure it clears?

Nowadays, I deal with this type of contact in my battery business at least twice per week. I get a lot of business from the Middle East, Africa and Central/South America for marine and solar system batteries. All of these sales are based on wire transfer payment prior to shipment. "Real" international customers are used to it, but scammers disappear when faced with this of course.

Having a dedicated account at Wells Fargo just to accept the incoming payments, helps create a buffer. That money is moved to a different account as soon as it clears. I take the same position now with domestic sales that don't smell right - which is becoming FAR more common. My bank advised me that it can easily take 4-6 weeks before I realize that a stolen credit card was used, and the money is taken back from me.

Marc

You need to continue playing the game, tell him the bank messed up your ability to take credit cards. In the meantime, please send some Visa gift cards to cover the bill.

If you want to know who the inventor of spam mail is: Scott Richter
His companies were major senders of Email spam and he was at one time referred to as the 'Spam King' and at one point his company was sending some 100 million emails a day. He and his companies have been sued several times for mass sending unsolicited advertisements.

The government sued him for millions, in vain.

You're in the business, so you probably would have caught it. However, one thing to consider for others is that he could have phished you long before you got to the payment discussion. He sent you a link to a website that he wanted you to model. Just going to his sample website could have been enough to get you phished.

My mom has been scammed many times out of a lot of money. All different types of scams. Whenever we report to the police, they file a report then move on to the next one. What does it take to catch someone and press charges or throat punch?

I hope there is a special place in hell for those that take advantage of senior citizens

Yes, I have a website customer that had a website built by another builder, but came to work with me after this incident. Not that it was any fault of the previous website builder, it was weak passwords or phishing scam that got the employees of the business. This business does business all over the world and their email got hacked. The hacker sat and monitored the email waiting for an invoice to be sent out. He saw one go out to a large auto parts place in Germany. He emailed them back and told them that the new European bank was a bank in Spain. The German customer sent the money to the Spanish bank somewhere around 40,000 dollars. The customer lost the money and had to take the hit. Simple social engineering like Mickey was talking about previously it can cost you lots of money.

That's a new one me!

I had one threaten me when I backed out of dealing with him, so I just hung up. He called the next day and said that his brother was on his way over from Houston to change my mind - so I said "nope" and hung up again. Of course, he never showed.

Marc

Ha, that is funny.

"Kindly get back to me via email"

I hate to sound jaded but as soon as I read this an accent popped on in my head.