 | This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
Artists Against 419 (commonly abbreviated to AA419) is an Internet consumer protection group dedicated to identifying and shutting down 419 scam websites. Its volunteers seek to stop, disrupt or hinder fraudsters' activities by cataloging and reporting fraudulent domains.
The Artists Against 419 site was set up in October 2003 and began tackling fraudulent websites in an artistic way: by hotlinking their images to drain their small bandwidth allowance over their monthly limit. Over time the fraudulent sites have evolved and so have the Artists. On November 30, 2003, the Artists Against 419 hosted its first international flash-mob see below . There were many subsequent mobbings designed to make internet hosting service providers aware that the Artists Against 419 would not tolerate hosters knowingly hosting websites that AA419 had evidence to show were criminal.
At the same time, they started to list the allegedly fraudulent sites that members had found in a database. With these database entries, if a potential scam victim were to search a website they had been sent by a possible fraudster, the victim might see the database entry on an anti-fraud site and be inclined to cease contact with the scammer. This list now contains nearly 100,000 websites (as of August 31, 2014), and is one of the world's largest databases of fraudulent websites.
Sophisticated tools and techniques are used to search for fake sites and domains. When there is sufficient evidence to prove that a particular domain is fraudulent, it is entered into the database by a select experienced member after careful review. AA419's members then compose abuse reports to the domain registrar and/or hosting service provider with the evidence and ask for them to review/suspend the fraudulent site. Frequently, fake sites are closed within days or even hours of being set up. The UK Metropolitan Police force has previously worked with AA419. [1] AA419 also escalates any websites found linked to South Africa to the South African Police Service (SAPS) and such websites will only be reported after giving those authorities the chance to investigate.
AA419 maintains constant relations with numerous internet registrars and hosting companies, who themselves have no wish to host criminal activity and cooperate willingly by suspending the fraudulent sites once the evidence is presented. However, certain companies fail to respond to AA419's abuse reports. In such circumstances (in the past) they arranged virtual sit-ins.
AA419 described its past actions as flash-mobbing, but in actuality, this activity is called a virtual sit-in. Virtual sit-ins entail large numbers of individuals intently visiting a target site and downloading pages or requesting large numbers of information, with the intent that their requests will cause a rapid drain of bandwidth, and if there is a bandwidth quota it goes offline. For example, if 100 people continuously download a 10 kilobyte image simultaneously for 12 hours, this uses 40 gigabytes of allocated bandwidth. Assuming that the fraudulent site has 40 GB of allocated bandwidth per month, it will automatically shut down after 12 hours, when the bandwidth threshold is exceeded. The fraudulent website will then remain off-line until the following month, when the bandwidth quota is reset. Virtual sit-ins were achieved using freeware tools such as Muguito or the Lad Vampire. A computer flash-mob is a similar case where the sites' sudden popularity brings an unexpected large numbers of visitors which the server is unable to handle. The difference is that, in a virtual sit-in, there is no actual audience and the action is designed to be disruptive.
In some cases, particularly when a small web-hosting company is involved, the volume of traffic can be so large that access is slowed to all sites on the server. This would hold the hoster at ransom until the scam site was suspended; the hosting service would resume operating normally afterwards. It is important to note that no site was ever "mobbed" until at least two letters had been sent to the hosting company notifying them of the abuse, informing them that they were hosting a fraudulent site, detailing evidence of such fraudulent activities and requesting that the site be shut down for violating the hosting provider's terms of service.
The Artists always preferred that hosting companies take responsibility for the actions of their clients as well as the content of their web sites. A virtual sit-in is a tool of last resort, and was used only after other attempts to shut down the fraudsters' website had failed. Fortunately, the vast majority of web-hosting companies find the activities of internet fraudsters highly objectionable and swiftly intervene to stop them.
What AA419 describes as flash-mobbing, is considered by others to be an illegal electronic offensive called a Distributed Denial-of-service attack (DDoS). By their own admission they affect "all sites on the server", and they have attacked systems without checking if bandwidth limits are in place.
Legal scholars like Susan Brenner, a law professor and expert on cybercrime at the University of Dayton School of Law, while sympathetic to aa419's aims and supportive of their more peaceable efforts, find these aggressive techniques akin to DoS attacks, which are illegal. Many jurisdictions prohibit anyone from sending a command to another computer with the intent of causing harm, and DoSes definitely aim to do damage.
The following is from the AA419 web site, discussing the discontinuation of Lad Vampire and other software from their site:
Since the announced change of direction, Artists Against 419 developed new legal techniques and have acquired numerous new members who find fraudulent websites. Artists Against 419 also has a long-standing partnership with the prominent scambaiting community 419eater and allowed members of this organisation to upload, under moderation, websites to their database of fraudulent websites. In 2020 this support was withdrawn. [2]
AA419 is constantly developing and building relationships with domain registrars, hosting companies and various security vendors and groups [3] while being a long term Anti Phishing Working Group member. [4] Because of this, even though more and more fraudulent sites are being found now, a limited number of private sector companies have been supported by AA419's efforts. By using responsive tactics Artists Against 419 has become more effective under its new method of operating.
Additional relationships has also since been established with other credible anti-fraud source groups such as ScamSurvivors, [5] Forum Scambaiter-Deutschland [6] and RomanceScambaiter [7] who use Artists Against 419's database to warn against verified malicious domains and websites.
The Artists have had considerable success in closing fraudulent websites. Of the more than 156,000 [8] sites listed in their database, roughly 4500 [8] are currently active, and many of these are very recent additions. The active status in the aa419 database has a very specific definition, it is a domain that is considered still under malicious control. [9]
Since January 2016, the Artists Against 419 database also reflects separate scam category, autonomous system number (ASN) and domain name registrar fields, enabling ISPs and registrars to easily determine which sites under their responsibility have been listed. An additional comments field was also added showing additional details such as the contact details the scam website used, a refinement of the scam category, links to other partner websites, trusted informational/alert links or related database entries.
A project field was added allowing related entries to be easily identified. This is used to alert on active threats in specific sectors. An example of this can be seen on the PetsPlace website where consumers in South Africa are alerted against known active pet scam websites. [10]
On 24 December 2019, Artists Against 419 also announced the Krampus program whereby information on cyber threats captured at Artists Against 419 is being shared with other security groups. [11]
Since December 2020, Artists Against 419 also started displaying the top three most Domain name registrars, autonomous system numbers (ASN) and Internet Protocol addresses (IP addresses) on their database page with more detailed Top 10 Areas of Badness available on a separate page in a chart. [12]
In the Internet, a domain name is a string that identifies a realm of administrative autonomy, authority or control. Domain names are often used to identify services provided through the Internet, such as websites, email services and more. As of December 2023, 359.8 million domain names had been registered. Domain names are used in various networking contexts and for application-specific naming and addressing purposes. In general, a domain name identifies a network domain or an Internet Protocol (IP) resource, such as a personal computer used to access the Internet, or a server computer.
An advance-fee scam is a form of fraud and is one of the most common types of confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster claims will be used to obtain the large sum. If a victim makes the payment, the fraudster either invents a series of further fees for the victim to pay or simply disappears.
A scam, or confidence trick, is an attempt to defraud a person or group after first gaining their trust. Confidence tricks exploit victims using a combination of the victim's credulity, naïveté, compassion, vanity, confidence, irresponsibility, and greed. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators at the expense of their victims ".
Tucows Inc. is an American-Canadian publicly traded Internet services and telecommunications company headquartered in Toronto, Ontario, Canada, and incorporated in Pennsylvania, United States. The company is composed of three independent businesses: Tucows Domains, Ting Internet, and Wavelo.
Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.
Bank fraud is the use of potentially illegal means to obtain money, assets, or other property owned or held by a financial institution, or to obtain money from depositors by fraudulently posing as a bank or other financial institution. In many instances, bank fraud is a criminal offence.
Domain name scams are types of Intellectual property scams or confidence scams in which unscrupulous domain name registrars attempt to generate revenue by tricking businesses into buying, selling, listing or converting a domain name. The Office of Fair Trading in the United Kingdom has outlined two types of domain name scams which are "Domain name registration scams" and "Domain name renewal scams".
Network Solutions, LLC, formerly Web.com is an American-based technology company and a subsidiary of Web.com, the 4th largest .com domain name registrar with over 6.7 million registrations as of August 2018. In addition to being a domain name registrar, Network Solutions provides web services such as web hosting, website design and online marketing, including search engine optimization and pay per click management.
Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.
419eater.com is a scam baiting website which focuses on advance-fee fraud. The name 419 comes from "419 fraud", another name for advance fee fraud, and itself derived from the relevant section of the Nigerian criminal code. The website founder, Michael Berry, goes by the alias Shiver Metimbers. As of 2013, the 419 Eater forum had over 55,000 registered accounts. According to one member, "Every minute the scammer I'm communicating with is spending on me is a minute he is not scamming a real potential victim."
Email fraud is intentional deception for either personal gain or to damage another individual using email as the vehicle. Almost as soon as email became widely used, it began to be used as a means to defraud people, just as telephony and paper mail were used by previous generations.
A spoofed URL involves one website masquerading as another, often leveraging vulnerabilities in web browser technology to facilitate a malicious computer attack. These attacks are particularly effective against computers that lack up-to- security patches. Alternatively, some spoofed URLs are crafted for satirical purposes.
Domains by Proxy (DBP) is an Internet company started by the founder of GoDaddy, Bob Parsons. Domains by Proxy offers domain privacy services through partner domain registrars such as GoDaddy and Wild West Domains.
Website spoofing is the act of creating a website with the intention of misleading readers that the website has been created by a different person or organization. Normally, the spoof website will adopt the design of the target website, and it sometimes has a similar URL. A more sophisticated attack results in an attacker creating a "shadow copy" of the World Wide Web by having all of the victim's traffic go through the attacker's machine, causing the attacker to obtain the victim's sensitive information.
Scams in intellectual property include scams in which inventors and other rights holders are lured to pay money for an apparently official registration of their intellectual property, or for professional development and promotion of their ideas, but do not receive the expected services.
A scam letter is a document, distributed electronically or otherwise, to a recipient misrepresenting the truth with the aim of gaining an advantage in a fraudulent manner.
A card-not-present transaction is a payment card transaction made where the cardholder does not or cannot physically present the card for a merchant's visual examination at the time that an order is given and payment effected. It is most commonly used for payments made over the Internet, but can also be used with mail-order transactions by mail or fax, or over the telephone.
EZTV is a TV torrent distribution group founded in May 2005 and dissolved in April 2015, after a hostile takeover of their domains and brand by "EZCLOUD LIMITED". It quickly became the most visited torrent site for TV shows.
