I was doing a Cyber Security and IT audit for a company.
I was told that they had very little in terms of fraud protection, one of the only ways that they detected potential fraudsters was by manually checking if the email address was Yahoo or not. This was for orders on their website.
To my surprise it was almost completely perfect!
My question is why do scammers use email addresses such as yahoo and not try to blend in with legitimate users that have gmail and hotmail? I have seen many cases online of scammers still using yahoo, AIM, yahoo forums etc...