Category Archives: e-mail

Facebook Admin E-mail

0
Posted by chris on Friday, April 15, 2011 – 11:34 AM
Filed under cybercrime, e-mail, Facebook, malware

Just in case you still think one day you may get a useful attachment in your e-mail, you should know it won’t be coming from someone claiming to be a Facebook Administrator. Here’s a scam e-mail I got this morning..

from: Administration of Facebook [official-no.893@facebook.com]
subject: Facebook Support. Personal data has been changed! No81864
attachment: Facebook_Password_INM.152.zip (99k)

body:

Security service of FaceBook.

Your password is not secure!
To secure your account the password has been changed automatically!
Attached document contains a new password to your account and detailed information about new security measures.

Thank you for attention,
Your Facebook

He was astonished at the ease with which he twisted Deane upon his back and put the handcuffs about his wrists.The work was no sooner done than he understood. A rag was tied about Deanes head, and it was stained with blood. The mans arms and body were limp. He looked at Billy with dulled eyes, and as he slowly realized what had happened a groan broke from his lips. In an instant Billy was on his knees beside him. He had seen Deane twice before, over at Churchill, but this was the first time that he had ever looked closely into his face. It was a face worn by hardship and mental torture. The cheeks were thinned, and the steel-gray eyes that looked up into Billys were reddened by weeks and months of fighting against storm. It was the face, not of a criminal, but of a man whom Billy would have trusted– blonde-mustached, fearless, and filled with that clean-cut strength which associates itself with fairness and open fighting.

That’s kind of weird, isn’t it. I mean do they think this little piece of a story will make you lose all control and run the attached virus file? Maybe the author is looking for a book deal and wants to steal a publishers identification. Either way, do not open the attachment, it contains a virus/trojan. At the time of this writing, 25 of 42 antivirus programs detect it, according to VirusTotal

One final thought. Facebook has come under major attack lately. By now you should know better than to ever open an attachment from anyone you don’t expect to get one from. I would also go a step farther, and not click on any links that come in e-mails claiming to be from Facebook. Just go directly to Facebook, either by typing in the address yourself, or using a bookmark YOU created yourself.
Stay Safe

Phishing & Fake PayPal e-mails

6
Posted by chris on Sunday, May 9, 2010 – 12:23 AM
Filed under cybercrime, e-mail, phishing, scams, security
Tagged as , , , ,

There are a lot of fake Pay Pal e-mails going around but I don’t think I’ve mentioned them before so I am now.

The practice of trying to trick someone into giving out their personal information, such as bank account, social security number, even your name and address, is called phishing. The goal of phishing is identity theft.

I received this e-mail last night. First lets, take a look at the e-mail itself and then I will point out some items of interest and common techniques used by phishers. And finally, what you can do to help in the fight against phishers.
Read More »

iTunes Store & DHL & UPS e-mail Virus

8
Posted by chris on Friday, May 7, 2010 – 11:35 AM
Filed under e-mail, itunes, virus
Tagged as , , , ,

It’s been a busy 48 hours for the e-mail virus ruffians. I suspect with Mother’s Day approaching it will only get worse. Keep an eye out for fake Mother’s Day e-cards and the like. The following examples were all received in the last 48 hours.

The first one I have a feeling might trick a few people. It claims to be from the iTunes Store..

From: iTunes Store [certificate@itunes.com]
Subject: Thank you for buying iTunes Gift Certificate!

Hello!

You have received an iTunes Gift Certificate in the amount of $50.00 You can find your certificate code in attachment below.

Then you need to open iTunes. Once you verify your account, $50.00 will be credited to your account, so you can start buying music, games, video right away.

iTunes Store.

The payload is in the attachment iTunes_certificate_497.zip which contains the file iTunes_certificate_497.exe
ESET NOD32 identifies this as Win32/Oficla.GT trojan

Next up, are 3 variations of the, we missed you and couldn’t deliver something scam.

From: DHL Support Kimberly Parsons [delivery@dhl-usa.com]
Subject: DHL delivery problem Nr22755.

Hello!

We were not able to deliver the postal package sent on the 8th of March in time because the addressee’s address is not correct.
Please print out the invoice copy attached and collect the package at our department.

DHL Customer Services.

From: DHL Manager Javier Stratton [courier@dhl-usa.com]
Subject: DHL delivery problem Nr00684.

Dear customer!

We were not able to deliver the postal package which was sent on the 21st of February in time because the addressee’s address is wrong.
Please print out the invoice copy attached and collect the package at our office.

DHL Express Services.

From: Service Manager Chandra Morales [manager@ups.com]
Subject: UPS Delivery Problem NR 52979.

Dear customer!

We failed to deliver postal package which was sent on the 15th of February in time because the recipient’s address is erroneous.
Please print out the invoice copy attached and collect the package at our department.

DHL Customer Services.

The attachments for these were:
DHL_invoice_6817.zip which is Win32/Oficla.GQ trojan
DHL_invoice_2817.zip which also is Win32/Oficla.GQ trojan
UPS_invoice_5978.zip – which is a variant of Win32/Injector.BNG trojan

Remember to keep an eye out for fake Mother’s day scams too.