Sneaky ATS'ers Thwart Con Artist? I hope...Help!

Hello all you fantastic researchers and suspiscious minds. Have I got a doozy for you (and I REALLY hope it is something you can help me with). A relative has just nearly been a victim of a scam, and I’m not really satisfied with her decision to let it rest. I’ll start at the beginning and hope that the wonderful community here has some good ideas to help me. Here goes:

My mother-in-law is currently out of work (that’s a long, unrelated story). She was living outside of the country and returned several months ago. Concurrently, my new wife and I were moving to a different state. Being that her mother had just returned and had no job and no home, she was staying with us. She is still staying with us now that we’ve moved. The three of are sharing a two bedroom apartment. It’s cozy, but she’s nice, so I don’t really mind. Now to the good stuff.

Recently, while conducting her job hunt, my mother-in-law—let’s just call her Annie for now—came across a particularly promising job posting. Now, let me give you some background on her field. She is a Ph.D. Biological Anthropologist by training (in fact, she is quite brilliant and discovered that one can roughly tell the diet of a 10,000-year-old human skeleton by the amount of Strontium (90, I think) in the bone (that’s an oversimplification). Much of her work, especially recently, has been in program evaluation, particularly in HIV/AIDS research.

The reason for telling you this is so you are aware that she didn’t just find the job posted on Monster or Career Builder. She frequents a job board specifically for evaluators. My guess is that it is actually a service of a professional organization. Kind of like how the Society for Technical Communicators has its own job posting service that only members can access. So, she found this job, applied for it, and shortly thereafter she received a lengthy questionnaire.

To the best of my knowledge, the questions were not personal (bank account, SSN, that sort). Instead, they were essay-type questions on things like honesty at work (I’ll ask her tonight to clarify this, in case any of you think it’s important). I don’t know if there was a phone interview, although I do know that there was no in-person interview So, that was the last of it, until…

Two days ago, Annie received a long e-mail from the organization, basically offering her the position. It detailed their offer for starting salary ($112,000/year), benefits, and their requirements for training. And that is where the scam comes in.

She happily accepted, and started reading up on the requirements for this month-long training. She would have to go to Seattle, stay in the designated hotel, attend the requisite training sessions, and then start working after this 4-week training. The scam is, they try to get you to pay up front for the hotel (which is like $2,500). You see, it’s not really a job. It is a twist on the Nigerian Scam to get suckers to send money. Here is the actual organization’s take on this whole situation (which has obviously happened before.

Various scam emails purporting or implying to be from or associated with UNAIDS, the Joint United Nations Programme on HIV/AIDS, have been circulating on the Internet. Some of these emails request detailed information and/or money from individuals, businesses or non-profit organizations with the promise that they will receive funds or other benefits in return.

Other emails ask for registration fees for conferences allegedly sponsored by UNAIDS and for hotel reservations, again with the promise of certain benefits. These emails sometimes carry the UNAIDS logo, and emanate from or refer to an email address which is made to look like a United Nations address.
www.unaids.org..." target="_blank" class="postlink">UNAIDS Alert

Luckily for Annie, she caught on before she sent them money. Others may not be so lucky. She is embarrassed, and therefore wants to just let it drop. My concern is that this isn’t spam in the inbox, this was on a legitimate job board, making these some rather bold con artists. It pissed me off a bit too, to be honest.

What I want to know is, is there any way to trace these e-mails? They came from [email protected]. I did a WHO IS on kettconsulting.com and got this:

Domain Name: KETTCONSULTING.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: www.melbourneit.com...
Name Server: PDOMNS1.MSN.COM
Name Server: PDOMNS2.MSN.COM
Status: REGISTRAR-LOCK
Updated Date: 14-dec-2005
Creation Date: 05-sep-2005
Expiration Date: 05-sep-2006

Domain Name.......... kettconsulting.com
Creation Date........ 2005-09-06
Registration Date.... 2005-09-06
Expiry Date.......... 2006-09-06
Organisation Name.... KETT Barry
Organisation Address. 7000 Bryan Dairy Road
Organisation Address.
Organisation Address. Largo
Organisation Address. 33777
Organisation Address. FL
Organisation Address. UNITED STATES

Admin Name........... KETT Barry
Admin Address........ 7000 Bryan Dairy Road
Admin Address........
Admin Address........ Largo
Admin Address........ 33777
Admin Address........ FL
Admin Address........ UNITED STATES
Admin Email.......... [email protected]
Admin Phone.......... +1.7275474110
Admin Fax............

Tech Name............ MSN NOC
Tech Address......... One Microsoft Way
Tech Address.........
Tech Address......... Redmond
Tech Address......... 98052
Tech Address......... WA
Tech Address......... UNITED STATES
Tech Email........... [email protected]
Tech Phone........... +1.4258828080
Tech Fax.............
Name Server.......... pdomns1.msn.com
Name Server.......... pdomns2.msn.com

whois.com..." target="_blank" class="postlink" rel="nofollow">WHOIS

But, I’m not really sure what a bunch of this means. I tried the phone number, but, surprise!. It’s disconnected.

Is there a way to trace the e-mail itself? I seem to remember Valhall discussing tracing IPs on one of the infamous SERPO threads. Is that possible? If so, what do I need, and how do I do it?

I hope you guys can help. Perhaps if I can dig up some usable info on this con artist, I can convince Annie to go the cops or the feds, or at least go holler at the evaluation organization who allowed a scam to show up on their job board to begin with.

Anxiously awaiting some creative answers from the many creative folks here,

Hamburglar


Oh, and I don't really know what forum this fits in best, so Mods, please move as necessary. Thanks.

and for that matter virus propergators - can be that they will "spoof" a genuine email account - I know of one that can be found for $70+ that allows you to not bother specifying the send "address" but rather let it find one - the adress therefore the mail is recieved from may very well not be attached to the mails send address - but rather an arbitrary choice made by the programme.

I know this to work because i have had email bounces sent to one of my accounts - containing mails I am alleged to have sent - but which have nothing to do with me - or even the business i am in. Well spotted and I suggest a quick mail to www.scamorama.com... might be in order. Even if the person does not wish to taake this further the good guys over there may like to have some fun at the expense of the scammers doing this.

Originally posted by Silk
Well spotted and I suggest a quick mail to www.scamorama.com... might be in order. Even if the person does not wish to taake this further the good guys over there may like to have some fun at the expense of the scammers doing this.

Now supposing I may like to have some fun at the expense of the scammers? What do I do then?

Having, until recently, worked for an ISP, we may be able to help track down things. At least provided the scammers were dumb enough to send the mail from a traceable computer (e.g. their own PC, or a public terminal that records who used it). If they're using a compromised PC (one infected with a virus that allows scammers and spammers to use it as a mail relay) we may be out of luck.

What we'll need is the full headers of the mail they sent to your mother-in-law. If you don't know how to get that, let me know what program she's using for e-mail and I should be able to tell you how to view that.

Originally posted by Hamburglar

Now supposing I may like to have some fun at the expense of the scammers? What do I do then?

Have a look on the site mentioned - and you will find loads of hints and tips - just remember to make sure you never give out any real information about yourself to those guys.

Doh I can't believe I offered that up as advice to someone on this board - sorry

Originally posted by Whiskey Jack
What we'll need is the full headers of the mail they sent to your mother-in-law. If you don't know how to get that, let me know what program she's using for e-mail and I should be able to tell you how to view that.

Jack, it looks like she is using some sort of AOL Web-mail. She is just getting it through her browser, not by going on AOL, though. Can you let me know how to find the headers?

And Silk, that site was awesome.

Thanks

I think this is the best "scamming-the-scammer" act ever perpetrated on the internet, check it out:



Scamming the Scammer

Read and laugh 'till you weep!