A Weblog About Topics and Issues Discussed in the Book Spam Kings by Brian McWilliams

« FTC opts out of Spamhaus input | Main | Charlie Crist's lax email etiquette »

December 23, 2005

My new career ... as a cyber mule?

got_mules.jpgSome cybercrooks have apparently harvested a bunch of email addresses from the New York Times online resume database. Mine was among them. (Yes, I'm looking for a full-time job.)

The criminals then spammed the addresses with emails written to look like they came from a legit company seeking what they called couriers. "We have read your resume and application on NYtimes.com, and believe that you may suit our standards," said the emails.

The messages said the company's "correspondance department" (sic) wanted to hire couriers to receive packages ("usually electronic devices") via US mail and then re-ship them to a new address using mailing labels provided by the company, SDSolutions Inc. Payment ($30/package) would come via Western Union.

Apparently these scam artists didn't take the trouble to read my resume real closely.

It's pretty clear that I and other people in the NY Times database were being recruited as "mules." The equipment we would be re-shipping undoubtedly would be purchased by the crooks using stolen credit card numbers. We mules would help the scammers turn those stolen cards into cash, by shipping the goods to them for sale on the black market. Or perhaps by mailing the items to someone who had won them in an eBay auction hosted by the crooks.

The emails included a link to the company's web site, which looks fairly convincing. (Check out the page listing the company's management.) Except that much of the site's text is borrowed from a real company's site. And somebody left an "author meta tag" in the home page's HTML source code, indicating that the dummy page was created by "Nemesis Lab." (For what it's worth, I'll be reporting the scam to the NYT and to the ISP hosting the site.)

I doubt that the scammers read this blog, so I'll keep you updated if and when my new career as a mule unfolds further. In the meantime, you can peruse a USA Today story from this past summer that describes in more detail how scams like this work.

Posted by brian at December 23, 2005 9:41 PM


Well, they may not read this blog regularly, but they may take a look now that their web logs are filled with referrers coming from this site.

Posted by: Dave at December 29, 2005 11:40 AM

This sounds so much like Alex Polyakov's money laundering and stolen goods / stolen credit card reshipping ring...

He's already pulled the scam several times in the past, I think Joe Wein (sp?) had some evidence of it on his site.

Any leads pointing back to Polyakov on this?

Posted by: SpamSlayer at February 10, 2006 2:39 PM

Who is Joe Wein?

Posted by: Nick at April 25, 2006 7:59 AM


Weblog authors are solely responsible for the content and accuracy of their weblogs, including opinions they express,
and O’Reilly Media, Inc., disclaims any and all liability for that content, its accuracy, and opinions it may contain.

All trademarks and registered trademarks appearing on spamkings.oreilly.com are the property of their respective owners.

O'Reilly Home | Privacy Policy

© 2004 O'Reilly Media, Inc.
For assistance with this site, email: