I sent this out to my entire staff at the school the other day after a staff member alerted me:
There is an email floating around that warns you to “Validate” an email account. The email is a phishing scam that attempts to get you to visit a form and input your email details including your password. If you receive an email similar to the one below, delete it immediately!
You have exceeded the limit of 23432 storage on your mailbox set by your WEBCTSERVICE/Administrator, and you will be having problems in sending and recieving mails Until You Re-Validate. To prevent this, please click on the link below to reset your account.
Failure to do this, will result in limited access to your mailbox Warning !!! Do not send your username and password via email.
I have been getting a deluge of spam comments to my various posts on this blog from a one Glory Johnson who goes by various nicknames. The most common nickname is “Glory39,” but the number is a moving target; “she” has posted as Glory342, Glory50, Glory34, and Glory38 among others. Well over 50 comments just today and they are still coming in. This is obviously a come-on for a scam, I’m just not sure what kind. I doubt that “Glory Johnson” is actually a female, nor does she have amorous intentions.
See what you think about the text of the comments. They are all identical, regardless of which version of “Glory” is posting them:
Hello My name is glory johnson i saw your profile today techtarget.com) and became intrested in you,i will also like to know you the more,and i want you to send an email to my email address so i can give you my picture for you to know whom i am.Here is my email address ( gloryjohnson001 at yahoo.com) I believe we can move from here!I am waiting for your mail to my email address above. glory. (Remeber the distance or colour does not matter but love matters alot in life) please contact me here ( gloryjohnson001 at yahoo.com)
I decided to play along and use one of my anonymous email addresses to appear to take the bait. Here’s what I sent to “her” email address:
Subject: I will like to know you the more
8:09 PM (16 minutes ago)
You sent me this. I am wanting picture.
My name is glory johnson
i saw your profile today(techtarget.com) and
became intrested in you,i will also like to know you the more,and i
want you to send an email to my email address so i can give you my picture for you to know whom i am.Here is my email address (firstname.lastname@example.org)
I believe we can move from here!I am waiting for your mail to my email address above.
(Remeber the distance or colour does not matter but love matters alot in life)
please contact me here (email@example.com)
Unless this post has just tipped off the scammers, I’ll keep you posted on what transpires.]]>
The message comes with one of these subject lines:
Rejection of your tax appeal.
Your tax return appeal is declined.
IRS notification of your tax appeal status.
I’ve seen other variations in the past, but the above are the most common ones.
The text of a typical message is shown below. Variations are common, but generally don’t stray far from this example:
Dear Business owner,
Hereby you are notified that your Income Tax Refund Appeal id#6636527 has been DECLINED. If you believe the IRS did not properly estimate your case due to a misunderstanding of the facts, be prepared to provide additional information. You can obtain the rejection details and re-submit your appeal by using the instructions in the attachment.
Internal Revenue Service
Of course, the attachment is malware and anyone clicking the link will be immediately infected. Sophos detects is as Mal/Iframe-AE.]]>
With the kickoff to holiday shopping the day after US Thanksgiving–”Black Friday” as it is commonly known–come the spammers, scammers and thieves. There will undoubtedly be waves of fake gift card deals and other “click candy” full of scams and malware. A big one floating around right now is a fake iTunes gift certificate. It arrives with the subject line “iTunes Gift Certificate” and contains an attachment that is supposedly the gift code. The attachment is a ZIP file containing malware. (Sophos detects this file as Mal/BredoZp-B.)
This is nothing new; we always see such things around the big holidays. But there are a few things you can do to avoid getting fooled. Here’s a list from Sophos’s Naked Security Blog:
Here are some other things to watch out for, adapted from a list posted by USA Today:
* Beware bogus forms. Beware emails and pop-up messages that ask you to type your account username and password, credit card number or personal information such as Social Security number and date of birth. Legitimate organizations don’t solicit sensitive information via email.
* Don’t blindly believe urgent, personalized warnings. Phishers often claim that you need to take urgent action with official organisations such as IRS (taxation), Social Security or the Department of Motor Vehicles.
* Don’t fall for that cute-baby photo. Even if you recognise the sender’s name, don’t open attachments. Distrust all email until and unless you’ve verified that the sender actually intended you to get the message and can vouch for its content.
Have a Happy Thanksgiving and stay safe out there!]]>
Dear Mr. Hendrik:
God bless you, sir! This grant could not have come at a better time. You see, I had a dog for many years that I truly considered my friend and I had to put her to sleep recently. This devastated me so much that I went on a bender for six weeks and woke up in the hospital missing both of my legs. I have no idea what happened, but one of the nurses said I passed out on the railroad tracks. I don’t remember, but I guess I have to believe her.
They tell me that I have been here (in hospital) for almost a month now and the bill is approaching $500,000.00, so I really need this grant and it couldn’t have come at a better time. I will be able to pay off my hospital bills and have enough left over to re-build my life, such as it has become. Perhaps with the remaining money, I will be able to afford (barely) a pair of bionic legs.
However, your letter has left me with a dilemma: I have no money to pay your processing fee. Since I am to be granted $950,000.00 USD, I can certainly afford to pay you back should you be so kind as to lend me the $560.00 processing fee. In fact, I would be happy to pay you back $1,120.00 in exchange for your generosity.
Mr. Hendrik, I truly appreciate your contacting me in my time of need and look forward to receiving your loan of the processing fee via Western Union immediately upon receipt of this email. You can well imagine how desperate I am and your benevolence at helping a fellow human being in need will certainly be rewarded in whatever afterlife you find yourself.
On 7/24/2011 3:04 PM, Mr. Franklin Hendrik wrote:
International Monetary Fund (IMF)Independent Corrupt Practices and Other Related Offenses CommissionWuse Zone 5, GarkiATTN: BENEFICIARY,Your International Monetary fund (IMF) grant of $950,000.00 USD has been approved by the International Monetary fund (IMF) board of directors during their last meeting. The amount to be transfered to your nominated bank account is to be carried out by one of our partner banksowing to the fact that the International Monetary fund(IMF) does not directly remit funds into the bank account of its beneficiaries .The last hurdle you would have to scale to have your pending funds transfer transferred to your nominated bank account is the International Monetary fund (IMF) grant processing fee of $560.00 USD.Once this fee is paid! The necessary documents the bank will require from you will be presented to you by us to enable you have access to your $950,000 USD.This transaction can and should be concluded within 48 or at most 72 working hours after you have made payment of the International Monetary fund (IMF) grant processing fee of $560.00 USD.Do respond swiftly, So that we can conclude this transaction as soon as possible.Once again congratulations on your just approved grant of $950,000.00 USD.Regards,Mr. Franklin HendrikINTERNATIONAL MONETARY FUND.
Here’s a screen shot of a portion of one of the more interesting scams purportedly directly from the FBI:
Not surprising, I have also been called upon to remove more malware infections than usual. Some of them are getting quite stealthy. Sunbelt Security’s Threats Page maintains and up-to-date list of the top ten malware detections as well as a handy meter of the worldwide threat activity level. Right now, it’s recommending that you take a guarded approach in your computing practices.
Six out of the 10 listings are Trojans that are normally delivered through email. No surprise there, either: email is the #2 vector for malware eclipsed only by malicious websites.]]>
Got an email this morning from “Skype Newsletter” with the subject “New version of Skype has been released ! Upgrade now.” If you use Skype and you get such a notice, delete it: it’s a scam to get you to “join” some bogus software site. It is NOT from Skype. I did not see any attempt at installing malware. Here’s the text of the email:
Skype Voip Upgrade Notification
This is to notify that new updates have been released for Skype.
Following are major new features :
* Up to 5-way group video call.
* Redesigned calling experience.
* Improved video snapshots gallery.
* Improved browser plugins performance on some websites.
* Reduced false positives on browser plugin phone number recognition.
* New presence icons.
* Improved handling of calling attempts made when the user has run out of credit.
* Improved access to sharing functionality
To download the latest version , go to :
Start downloading the update right now and let us know what you think about it.
We’re working on making Skype better all the time !
The people at Skype
====================== PROTECT YOUR PASSWORD ===========================
Skype or Skype Staff will NEVER ask you for your password via email. The only place you are asked for your password is when you sign in to the Skype application or our website.
My wife got this email notice yesterday:
As a valued U.S. Bank customer, we want to make you aware of a situation that has occurred related to your email address.
We have been informed by Epsilon Interactive, a vendor based in Dallas, Texas, that files containing your email address were accessed by unauthorized entry into their computer system. Epsilon helps us send you emails about products and services that may be of interest to you.
We want to assure you that U.S. Bank has never provided Epsilon with financial information about you. For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails.
Please remember that U.S. Bank will never request information such as your personal ID, password, social security number, PIN or account number via email. For your safety, never share this or similar information in response to an email request at any time.
Stay alert to anyone who requests personal information via email. It just isn’t done by any financial institution.]]>
I'm interested in purchasing kennyhart.com. I'd likely be able to pay in the $200 - $700 range for it. Let me know whether or not you are open to hearing a formal offer.
Now, that seemed right in the range of what I know the domain is probably worth, so I answered the email:
Sure. I was thinking about flipping it and my website. Let me know what you have in mind.
To which I received this reply back:
Thanks for getting back to me. I can offer you $xxx for KennyHart.com and all associated content. Let me know if you are interested and we can get the ball rolling on the transfer.
I wrote back and told him I was up for it. The offer was a fair one and I was ready to accept it. He wrote back with this:
Great. The easiest way to send the payment will be paypal. Do you have a paypal account?
Something felt a little odd that this was going so quickly and way too easy, but since I have PayPal locked down with 2-factor authentication, I wasn’t too worried about getting hacked. Still, I had to ask a simple question, so I replied with this:
I have PayPal. The PayPal email address is firstname.lastname@example.org. Please clarify what you mean by "all associated content." I assume you mean the content at Ask the Geek and Singing Songwriter web sites. The writer website has no content at this time and copyright for my original music is not subject to transfer, as I do not own 100% of the songs.
No reply. No payment. Nothing. It just stopped dead. As it stands right now, I believe it’s possible that I was targeted with a manual phishing attempt. It’s either that, or he decided my terms were a deal killer. Like I said, it appeared to be legitimate. He does have a website posted that solicits people to sell him their sites.
What could someone do with my PayPal email address? Attempt a brute force attack on my password, that’s what. Though that would never work because of the 2-factor requirement.
I’ll probably never know.]]>
Here are the top ten tips, courtesy of OnGuardOnline.gov for avoiding online scams:
- Don’t send money to someone you don’t know.
- Don’t respond to messages that ask for your personal or financial information.
- Don’t play a foreign lottery.
- Keep in mind that wiring money is like sending cash: once it’s gone, you can’t get it back.
- Don’t agree to deposit a check from someone you don’t know and then wire money back.
- Read your bills and monthly statements regularly—on paper and online.
- In the wake of a natural disaster or another crisis, give to established charities rather than one that seems to have sprung up overnight.
- Talk to your doctor before buying health products or signing up for medical treatments.
- When considering an investment, remember that there’s no such thing as a sure thing.
- Know where an offer comes from and who you’re dealing with.
I’ve been saying these same things all along, but I will continue to repeat them for as long as I need to.]]>