• Emails with the subject “Happy Easter.” Make sure they are actually from someone you know and don’t click any links or open any attachments until you have verified that the send is who they say they are.
• Fake ads for animals such as bunny rabbits and ducklings. Buy them live from a local dealer. Don’t have them shipped.
• Solicitations by “charities” using the Easter holiday as the motivator. One such scam I have seen tugs your heartstrings by showing hungry children and tying it to Easter’s resurrection theme. Don’t fall for it.
• Cheap “clearance” sales of Easter candy. Some of it has been known to be five years old and rancid. It could make you or your children sick.
• Cheap Easter toys and baubles that come from countries that still use lead-based paints.

And, for those of you who celebrate the holiday, Happy Easter!

Source: FortBendNow.com

Last week, I started to get emails in my Yahoo! mail, purportedly from Amazon.com, about a cancellation of my order. I figured these were bogus and confirmed this when my wife got identical emails. I decided to dig a bit deeper to see what they really were all about. Here’s a recent one:

Dear Customer,

Your order has been successfully canceled. For your reference, here's a summary of your order:

You just canceled order 111-219-44774 placed on May 5, 2012.

Status: CANCELED

_____________________________________________________________________

1 "Araby"; 2003, Second Edition
  By: Rachel Armstrong

Sold by: Amazon.com LLC

_____________________________________________________________________

Thank you for visiting Amazon.com!

---------------------------------------------------------------------
Amazon.com
Earth's Biggest Selection

http://www.amazon.com

---------------------------------------------------------------------

The order number and URL for Amazon both linked to a URL pointing to a Canadian drugstore site pitching those familiar male enhancement drugs. Here’s a partial screen shot:

Fortunately, there’s nothing malicious in this URL. It’s just scam drug spam. Put it where it belongs: in the trash.

Unfortunately the tactics these criminals use are highly effective against the average user who doesn’t know any better; this is why the scams are so prevalent – they make a tremendous amount of money for the criminals. For this reason, they are not going to go away any time soon and you need to know everything you can about how to keep this threat off of your network and away from your users.

Sophos has released a white paper entitled “Stopping Fake Antivirus: How to Keep Scareware off Your Network.” It contains a wealth of information and tips on how to combat this threat. I highly recommend your download and read it.

The video will appear as a status update with text similar to this:

[video] – Whitney Houstons autopsy reveals a shocking secret that explains her death.

[LINK]

Breaking News: Coroners autopsy reports reveals a dark past and secret life which tragically led to Whitney Houstons death.

Here’s a screen shot courtesy of Sophos:

Do NOT fall for this scam. It will take you to a fake YouTube screen that says you need an update. You don’t. The “update” is malware.

[video] Chuck Norris dies at age 71! Not a Joke.
[LINK]
See the video to find out how he died. News today of Chuck Norris death at age 71 has been met with confusion and humour, but sadly it is true.

If you are gullible enough to click on the link, you will be presented with a survey scam like the one below.

If you do fall for this scam, or one like it, make sure you aren’t now allowing rogue applications or “liking” questionable pages. These can help spread the scam.

And it’s probably a good idea to change your Facebook password while you have it on your mind.

Why do people do things like this? Simple, they do it for the money. Every survey someone fills out results in a payment to the scammer. It’s called “Cost Per Action” marketing and the scammers are just trying to run up their numbers. It’s illegal and they’ll get banned from the program if they get caught, but they can make a good haul before that happens.

Don’t help line their pockets.

On Oct. 7, the District Attorney of Queens County, N.Y., and City of New York Police announced the results of a two-year investigation that resulted in the biggest identity theft takedown in U.S. history.

The elaborate scheme, which involved five organized crime rings with ties to Europe, Asia, Africa and the Middle East, resulted in financial losses exceeding $13 million over a 16-month period.

So far, 111 individuals have been indicted, and authorities say 86 are now in custody.

The operation was dubbed “Operation Swiper.”

The criminals focused on credit card fraud, using stolen credit card numbers which they then used to create counterfeit credit and identification cards. Skimming devices were used in restaurants and on bogus websites to obtain the credit card numbers.

“The counterfeit cards were supplied to hired shoppers who were instructed to purchase high-end electronics and other merchandise, items that could easily be fenced and re-sold, usually over the Internet. Some of the shoppers also have been accused of using counterfeit cards to stay in five-star hotels and rent luxury cars during their so-called shops. In one case, a shopper allegedly commissioned a private jet to travel from New York to Florida,” BIS reports.

This is why it pays to keep careful tabs on your credit cards.

Dear Mr. Hendrik:

God bless you, sir! This grant could not have come at a better time. You see, I had a dog for many years that I truly considered my friend and I had to put her to sleep recently. This devastated me so much that I went on a bender for six weeks and woke up in the hospital missing both of my legs. I have no idea what happened, but one of the nurses said I passed out on the railroad tracks. I don’t remember, but I guess I have to believe her.

They tell me that I have been here (in hospital) for almost a month now and the bill is approaching $500,000.00, so I really need this grant and it couldn’t have come at a better time. I will be able to pay off my hospital bills and have enough left over to re-build my life, such as it has become. Perhaps with the remaining money, I will be able to afford (barely) a pair of bionic legs.

However, your letter has left me with a dilemma: I have no money to pay your processing fee. Since I am to be granted $950,000.00 USD, I can certainly afford to pay you back should you be so kind as to lend me the $560.00 processing fee. In fact, I would be happy to pay you back $1,120.00 in exchange for your generosity.

Mr. Hendrik, I truly appreciate your contacting me in my time of need and look forward to receiving your loan of the processing fee via Western Union immediately upon receipt of this email. You can well imagine how desperate I am and your benevolence at helping a fellow human being in need will certainly be rewarded in whatever afterlife you find yourself.

On 7/24/2011 3:04 PM, Mr. Franklin Hendrik wrote:

International Monetary Fund (IMF)

Independent Corrupt Practices and Other Related Offenses Commission

Wuse Zone 5, Garki

ATTN: BENEFICIARY,

Your International Monetary fund (IMF) grant  of $950,000.00 USD  has been approved by the International Monetary fund (IMF) board of directors during their last meeting. The amount to be transfered to your nominated bank account is to be carried out by one of our partner banks

owing to the fact that the International Monetary fund(IMF) does not directly remit funds into the bank account of its beneficiaries .

The last hurdle you would have to scale to have your pending funds transfer transferred to your nominated bank account is the International Monetary fund (IMF) grant processing fee of $560.00 USD.

Once this fee is paid! The necessary documents the bank will require from you will be presented to you by us to enable you have access to your $950,000 USD.

This transaction can and should be concluded within 48 or at most 72 working hours after you have made payment of the International Monetary fund (IMF) grant processing fee of $560.00 USD.

Do respond swiftly, So that we can conclude this transaction as soon as possible.

Once again congratulations on your just approved grant of $950,000.00 USD.

Regards,

Mr. Franklin Hendrik

INTERNATIONAL MONETARY FUND.

Dear customer.

The parcel was sent your home address.
And it will arrive within 3 business day.

More information and the tracking number are attached in document below.

Thank you.
© 1994-2011 United Parcel Service of America, Inc.

Just delete it upon receipt.

Best thing to do is set up an email filter and send the emails to the junk bin. If one really wants to help, contact the local Red Cross chapter, or other lawful and recognized charitable groups.

At any rate, direct contact with those organizations is your best bet. Consider any email solicitation a scam.

Kaspersky Lab has detected a malicious spam campaign whereby if someone clicks on the link, the malicious website uses JAVA exploits to install malicious applications on their machine:

My friend and colleague, Jim, over at Dave’s Computer Tips had this to say in our forum:

DO NOT under any circumstances:
*Follow any Web links included in these e-mail messages.
*Open any attachments or click on photos and videos that claim to show dramatic images or footage of disasters.
*Provide any sensitive information, such as bank account information or credit card details.

ALWAYS ascertain the legitimacy of the email before doing anything; Most genuine charities have email addresses which emanate from their own domain and typically direct recipients to their own Web site to make donations….e.g. almost all legitimate charities have a web address that ends with “.org” rather than “.com”. Verify the authenticity of an email by going directly to the charity’s web site or by giving them a call on the telephone.

I concur.

• First of all, the call will be unsolicited. Even if you asked on a forum, so not assume that the call is in relation to that. You didn’t ask for a phone call, so if you get one, be wary.
• They will ask you for personal contact information, or perhaps pretend they already know it.
• You are asked for your Windows activation code or CD key. There’s no reason why anyone would need this to fix your PC; it’s just a tactic to make you think they’re legitimate.
• They will ask you for some other sort of code or “warranty check” information which you won’t have, and which, of course, is completely bogus anyway.
• Something like this will happen next (as described by the almost-victim in the above article. The person was put on hold while the “technician” purportedly “checked” the warranty: “A few minutes later, he was back and gave me the unfortunate news that my free support period had ended. He told me I would have to pay $99 for extended support and directed me to a place on the website to enter my credit card information. I’m not sure why, but I smelled a rat, so I hung up on him.”
• The website you are referred to looks legitimate and may even say things like, “Microsoft Registered Partner” and have an official Microsoft logo, or it may say “This company is a Technical Support Provider.”
• The domain name is registered in a foreign country and/or does not have legitimate contact addresses or phone numbers associated with it.
• The website they refer you to may have numerous spelling and grammatical errors or just “doesn’t look right.”
• The “support engineer,” or whatever he calls himself wants you to review your event viewer logs and points out that there are numerous yellow and red flags. This, of course, is normal for most Windows machines, but they will try to convince you of the dire consequences of ignoring the warnings and errors.

Don’t fall for it. Most of this will be social engineering in one form or another. They will get your money, they will get your personal information, and they may steal your identity.