Artists Against 419
Encyclopedia
Artists Against 419 is an Internet community dedicated to identifying and shutting down 419 scam
websites. Its members work pro bono
to stop, disrupt or hinder fraudsters' activities.
see below. There have been many subsequent mobbings designed to make hosters aware that the Artists Against 419 will not tolerate hosters knowingly hosting websites that AA419 deems criminal.
At the same time, they started to list the allegedly fraudulent sites that members had found, so that potential scam victims would see their website and be warned when looking for the sites to which the scammers direct them. This list now contains more than 31,000 websites (as of November 24, 2008), and is one of the world's largest databases of fraudulent websites.
Sophisticated tools are used to search for fake sites. Once a site is proved to be fake, it is entered into the database, and the hoster is contacted with the evidence and asked to close down the fraudulent site. Frequently, fake sites are closed within days of being set up. As great care is taken to check each site before it is listed, the AA419 website is increasingly used by law enforcement agencies as a source of information. The UK Metropolitan Police force
is reported to work with AA419.
AA419 has good relations with many webhosting companies who themselves have no wish to host dishonest sites and cooperate willingly by closing down the fake sites once the evidence is presented. However, a few companies fail to respond to AA419's evidence, and in such circumstances they arrange a virtual sit-in.
. Virtual sit-ins entail large numbers of individuals intently visiting a target site and downloading pages or requesting large numbers of information, with the intent that their requests will cause a rapid drain of bandwidth, and if there is a bandwidth quota it goes offline. For example, if 100 people continuously download a 10 kilobyte
image simultaneously for 12 hours, this uses 40 gigabytes of allocated bandwidth. Assuming that the fraudulent site has 40 Gb of allocated bandwidth per month, it will automatically shut down after 12 hours, when the bandwidth threshold is exceeded. The fraudulent website will then remain off-line until the following month, when the bandwidth quota is re-set. Virtual sit-ins are achieved using freeware
tools such as Muguito
or the Lad Vampire
. Both tools are very easy to use and everyone is welcome to participate. A computer flash-mob is a similar case where the sites' sudden popularity brings an unexpected large numbers of visitors which the server is unable to handle, except that there is no actual audience and the action is designed to be destructive.
In some cases, particularly when a small web-hosting company is involved, the volume of traffic can be so large that access is slowed to all sites on the server, this holds the hoster at ransom until they pull the site, then things return to normal. It is important to note that no site is ever "mobbed" until at least two letters have been sent to the hosting company on two separate occasions:-
The Artists much prefer that webhosters take responsibility for the actions of their clients as well as the content of their web sites. A virtual sit-in is a tool of last resort, used only after other attempts to shut down the fraudsters' website have failed. Fortunately, the vast majority of web-hosting companies find the activities of internet fraudsters highly objectionable and swiftly intervene to stop them.
The artists have had considerable success in closing these sites, since out of the 14,786 sites listed in their database, 876 are still active and some of these will be very recent additions.
(DoS). By their own admission they affect "all sites on the server", and they have attacked systems without checking if bandwidth limits are in place.
Legal scholars like Susan Brenner, a law professor and expert on cybercrime at the University of Dayton School of Law, while sympathetic to aa419's aims and supportive of their more peaceable efforts, find these aggressive techniques akin to DoS attacks, which are illegal. Many jurisdictions prohibit anyone from sending a command to another computer with the intent of causing harm, and DoSes definitely aim to do damage.
Advance fee fraud
An advance-fee fraud is a confidence trick in which the target is persuaded to advance sums of money in the hope of realizing a significantly larger gain...
websites. Its members work pro bono
Pro bono
Pro bono publico is a Latin phrase generally used to describe professional work undertaken voluntarily and without payment or at a reduced fee as a public service. It is common in the legal profession and is increasingly seen in marketing, technology, and strategy consulting firms...
to stop, disrupt or hinder fraudsters' activities.
History
The site was set up in October 2003 and began tackling fake banks in an artistic way: by hotlinking their images to drain their small bandwidth allowance over their monthly limit. Over time the fake banks evolved and so have the Artists. On November 30, 2003, the Artists Against 419 hosted its first international flash-mobVirtual sit-in
A virtual sit-in is a form of electronic civil disobedience deriving its name from the sit-ins popular during the civil rights movement of the 1960s. The virtual sit-in attempts to recreate that same action digitally using a distributed denial-of-service attack. During a virtual sit-in, hundreds of...
see below. There have been many subsequent mobbings designed to make hosters aware that the Artists Against 419 will not tolerate hosters knowingly hosting websites that AA419 deems criminal.
At the same time, they started to list the allegedly fraudulent sites that members had found, so that potential scam victims would see their website and be warned when looking for the sites to which the scammers direct them. This list now contains more than 31,000 websites (as of November 24, 2008), and is one of the world's largest databases of fraudulent websites.
Sophisticated tools are used to search for fake sites. Once a site is proved to be fake, it is entered into the database, and the hoster is contacted with the evidence and asked to close down the fraudulent site. Frequently, fake sites are closed within days of being set up. As great care is taken to check each site before it is listed, the AA419 website is increasingly used by law enforcement agencies as a source of information. The UK Metropolitan Police force
Metropolitan Police Service
The Metropolitan Police Service is the territorial police force responsible for Greater London, excluding the "square mile" of the City of London which is the responsibility of the City of London Police...
is reported to work with AA419.
AA419 has good relations with many webhosting companies who themselves have no wish to host dishonest sites and cooperate willingly by closing down the fake sites once the evidence is presented. However, a few companies fail to respond to AA419's evidence, and in such circumstances they arrange a virtual sit-in.
Flash-mobbing
AA419 describes its action as flash-mobbing but in actuality, this activity is called a virtual sit-inVirtual sit-in
A virtual sit-in is a form of electronic civil disobedience deriving its name from the sit-ins popular during the civil rights movement of the 1960s. The virtual sit-in attempts to recreate that same action digitally using a distributed denial-of-service attack. During a virtual sit-in, hundreds of...
. Virtual sit-ins entail large numbers of individuals intently visiting a target site and downloading pages or requesting large numbers of information, with the intent that their requests will cause a rapid drain of bandwidth, and if there is a bandwidth quota it goes offline. For example, if 100 people continuously download a 10 kilobyte
Kilobyte
The kilobyte is a multiple of the unit byte for digital information. Although the prefix kilo- means 1000, the term kilobyte and symbol KB have historically been used to refer to either 1024 bytes or 1000 bytes, dependent upon context, in the fields of computer science and information...
image simultaneously for 12 hours, this uses 40 gigabytes of allocated bandwidth. Assuming that the fraudulent site has 40 Gb of allocated bandwidth per month, it will automatically shut down after 12 hours, when the bandwidth threshold is exceeded. The fraudulent website will then remain off-line until the following month, when the bandwidth quota is re-set. Virtual sit-ins are achieved using freeware
Freeware
Freeware is computer software that is available for use at no cost or for an optional fee, but usually with one or more restricted usage rights. Freeware is in contrast to commercial software, which is typically sold for profit, but might be distributed for a business or commercial purpose in the...
tools such as Muguito
Muguito
Muguito was a freeware Java application used by the Artists Against 419 to take some fraudulent websites offline. It was a replacement for the Mugu Marauder tool....
or the Lad Vampire
Lad Vampire
The Lad Vampire was a freeware web-based application used by the Artists Against 419 to take some fraudulent websites offline. Using it was very easy: users simply started up the Lad Vampire webpage and left it running....
. Both tools are very easy to use and everyone is welcome to participate. A computer flash-mob is a similar case where the sites' sudden popularity brings an unexpected large numbers of visitors which the server is unable to handle, except that there is no actual audience and the action is designed to be destructive.
In some cases, particularly when a small web-hosting company is involved, the volume of traffic can be so large that access is slowed to all sites on the server, this holds the hoster at ransom until they pull the site, then things return to normal. It is important to note that no site is ever "mobbed" until at least two letters have been sent to the hosting company on two separate occasions:-
- informing them that they are hosting a fraudulent site
- detailing evidence of such fraudulent activities
- requesting that the site be shut down for violating the hoster's terms of business
The Artists much prefer that webhosters take responsibility for the actions of their clients as well as the content of their web sites. A virtual sit-in is a tool of last resort, used only after other attempts to shut down the fraudsters' website have failed. Fortunately, the vast majority of web-hosting companies find the activities of internet fraudsters highly objectionable and swiftly intervene to stop them.
The artists have had considerable success in closing these sites, since out of the 14,786 sites listed in their database, 876 are still active and some of these will be very recent additions.
Controversy
What AA419 describes as flash-mobbing, is considered by others to be an illegal electronic offensive called a Denial-of-service attackDenial-of-service attack
A denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
(DoS). By their own admission they affect "all sites on the server", and they have attacked systems without checking if bandwidth limits are in place.
Legal scholars like Susan Brenner, a law professor and expert on cybercrime at the University of Dayton School of Law, while sympathetic to aa419's aims and supportive of their more peaceable efforts, find these aggressive techniques akin to DoS attacks, which are illegal. Many jurisdictions prohibit anyone from sending a command to another computer with the intent of causing harm, and DoSes definitely aim to do damage.
Recent change in direction
The following is from the AA419 web site, discussing the discontinuation of Lad Vampire and other software from their site:- As of September 14th 2007 the Artists Against 419 discontinued the use of Bandwidth Hogging tools
- As regular viewers will have noticed, the Artists discontinued the use of the Deadly Duo, Mugito and Lad Vampire on September 14, 2007.
- As a community we have grown more sophisticated and effective in the art of shutting down fake web sites with words alone. Our database is the largest of its kind, and our expertise at identifying, cataloging, and terminating fraud sites is unmatched. We have shut down over 95% of the fakes in our database by letter-writing and establishing good relationships with hosts and domain registrars, and so we believe that it's time to move on.
- We have listened to feedback from all sections of the internet, and realise that there is less need for these tools. With so many reputable hosting companies supporting the work of AA419, we no longer need the pressure tactics that worked in our infancy.
- This is not to say that AA419 has lost its teeth. We remain committed to locating, and closing fakes web sites of all descriptions. We will continue to make known the names of web hosts and registrars that support fakes within their ranges, and we will bring our reputation, and our artists with us to every fight.