Category Archives: phishing

Todays Phresh Phish

3
Posted by chris on Wednesday, February 2, 2011 – 12:03 PM
Filed under phishing

Today’s phishing scam I find kind of amusing. Does anyone really believe that the United Nations will actually send you millions? Just in case they might; here is a copy of what I received today

United Nations Assisted Program
Directorate of International Payment
United Nations Liaison Office – Africa

Fund Beneficiary,

This email is to notify you about the release of your outstanding payment which is truly $4.7 million. The Federal Government scheduled a time frame to settle all foreign debts which includes Contract/Inheritance/Gambling/ Lottery (Sponsored by Microsoft and UK National Lottery) and other international loans. News had it that over the past, numerous individual(s) who happen to be impostors (claiming to be individuals, banks and organizations) are claiming to release numerous sums of fund via numerous ways.

You have two options to receive your payment which is either a Pin Based ATM card or Certified Cashiers Check. You are advised to select one out of the two options on how you wish to receive your $4.7 million. Your ATM card or Check/Bank Draft will be shipped via FedEx Shipping Company and would get to you within 2 to 3 working days at most.

DO NOT SEND MONEY TO ANYONE UNTIL YOU READ THIS:
We had to sign contract with them for bulk shipping which makes the fees reduce from the actual $125.99 to $96.99 nothing more and no hidden fees of any sort! You are advised to contact the dispatch officer responsible for the shipping of your Check or ATM card with the following information for shipping of your payment Check or ATM card.

Dispatch Officer: Dr.James Don
Email:jamesdon9522@yahoo.com.hk
Telephone: +234 70 3109 2113

As requested, provide the following information’s to my office:

Recipient full Name………….
Shipment Address:……………
Nationality…………………
Age:……………………….
Sex:……………………….
Current Occupation:………….
Home or Cell Phone:………….
Select Your preferred Payment Method (Check or ATM):……….

The dispatch officer will provide you with instructions on how you are to make payment of the $96.99 only for the shipping of your ATM card or Cashiers Check.

Remember that you are not paying any fees extra no matter what. Once again note that the actual FedEx Retail Price: $125.99 Your Price (Because of our contract signed): $96.99 ($29.00 Savings!).

Respectfully,
Amb. Anthony Moore
UN Envoy (African Region)

So do yourself a favor and don’t send these people any of your info.

Phishing & Fake PayPal e-mails

13
Posted by chris on Sunday, May 9, 2010 – 12:23 AM
Filed under cybercrime, e-mail, phishing, scams, security
Tagged as , , , ,

There are a lot of fake Pay Pal e-mails going around but I don’t think I’ve mentioned them before so I am now.

The practice of trying to trick someone into giving out their personal information, such as bank account, social security number, even your name and address, is called phishing. The goal of phishing is identity theft.

I received this e-mail last night. First lets, take a look at the e-mail itself and then I will point out some items of interest and common techniques used by phishers. And finally, what you can do to help in the fight against phishers.
Read More »

Survey Phishing Scams

0
Posted by chris on Friday, December 4, 2009 – 3:09 AM
Filed under phishing, scams
Tagged as

Phishing scams seem to keep on rolling. Recently I have been seeing a lot of them that claim to be survey companies. They aren’t too hard to spot. The e-mail address that they supposedly come from, may be a legit survey company.  In the body they will ask you to register by filling in all your information like name, address, phone number etc. and send it to and email address that is in the body of the e-mail. This is what makes it so easy to spot. The e-mail address they want you to send your “registration” info to is different than the one listed in the header and usually a variation of it. For example, I got one that said it was from register@surveys.com in the e-mail’s header, yet they wanted you to send your registration information to surveys@gmail.com or @yahoo.com or some other address. If these were legit, they wouldn’t have you register by e-mailing your information and to an address that’s different from where it supposedly came from. I don’t think any of them would have you e-mail them your information at all, you would register on a website. So far I have seen 6 variations of this in about a week. I wouldn’t be surprised if they actually set up websites with registration forms next. Just to be safe, I would never send identity related information to anyone no matter what they claim they need it for,  unless you expected the e-mail in the first place. Remember, just because an e-mail says it’s from someone, this can be spoofed to say anything.

Spyware Protect 2009 is a Virus

2
Posted by chris on Saturday, June 13, 2009 – 7:52 PM
Filed under botnets, conficker, cybercrime, free software, malware, phishing, scams, software, virus
Tagged as , , ,

ConfickerFakeAV I’m sure you have all seen this before. Your surfing along, when all of a sudden, you get a pop-up that alerts you that your computer is infected! YIKES! What to do!??! Ah, you can just download a “free” program that will fix it for you. I’d hope you already know, this is a scam. It’s one of two things. You can either download a legit program that will scan your computer, tell you how badly infected it is and you can purchase a full version of the program to remove all your “infections.” Just in case your not really infected, these programs will increase your infection count by adding your cookies to the list. Pretty good way to jack up the numbers, but I wouldn’t call cookies an infection. And I sure don’t have to buy any program to remove them. The other thing that could happen, and probably will is, you will download a program that will then install it’s own addware. Turns out they have a name for this stuff now, and that name is Scareware.

Turns out many people are still falling for this scam. I had to clean my parents computer up, from one of these. Try doing it over VNC, and you may have your patience tested like I did. Anyways, the old folks aren’t the only ones falling for this, and now their is a new variation. Spware Protect 2009, is the new breed of scareware. Not only does it con you by getting you to install it, it actually does damage to get you to “purchase” it for $49.99 and install a trojan downloader. Meanwhile it increases the pop ups telling you how infected your computer is. So you order the program with your credit card and guess what, you just gave them your credit card number, no hacking needed. A local electronics store, with the initials RS, got hit by it and from what I could get out of them, sounds like the whole corp has been infected through their network.

Since I first found out about this last week, I’ve found out that it’s now also being installed by the conficker virus. At first I was thinking, wouldn’t people be suspicious if there was a new piece of software, on their computer? I sure as hell would. Then I started thinking about it, in a corporate situation. Some poor schmuck, in accounting or where ever, could think it was installed by their IT Dept. So the keylogger installed would run until the computer crashed. The one good thing is, the domain that was selling Spyware Protect 2009 is gone. Keep an eye out for variations with new names and the same or slightly modified interface.

-Your friendly neighborhood PC Cybertek

2 More Phishing Scams

1
Posted by chris on Monday, July 14, 2008 – 12:55 PM
Filed under phishing, spam


Here’s a couple more phishing scams I came across today. The first one is another paypal scam. Here’s a screen capture from my gmail account. As you can see by the big red box warning you that this is a scam. That was added by gmail and obviously isn’t in the original e-mail.

The second one is supposed to be from Wells Fargo. It tells you that you have to update your information and that you will only have limited access until you do so.

As always, never respond or click on any links in e-mails that ask you to update any banking or personnel information

Google AdSense Phishing

2
Posted by chris on Wednesday, July 2, 2008 – 3:38 AM
Filed under adsense, google, phishing, scams, virus

Looks like the phishermen are at it again. There must be plenty of phish in the internet sea. However, you don’t have to be one of the phish attracted by their lures.

Phishing is what they call those e-mails that attempt to trick you into giving up personal information, usually financial, which is then used to steal your identity and rape your bank account and or credit cards.

The latest one, I have seen, is using some old tricks but with new bait. The e-mail appears to come from Google’s Adsense program. It warns you that you will not receive any more payments, unless you update your information. Which you can do with the link provided in said e-mail.

To the average user, everything might look ok at first glance. However, if you try to reply to the e-mail, it will bounce back. If you click on the Google AdSense link that is provided, you will most likely end up at a domain that has google and adsense in it. But on closer inspection you will see there is more to the domain, like a .tw or other domain. Don’t be fooled by how the page looks like the real thing.

So if you get one of these e-mails, don’t click on it. And if you do have a Google Adsense or any other account, that you have received an e-mail informing you that it needs updating, never click on the link in the e-mail. It’s very easy to forge a link in any e-mail and is common in phishing scams. Type the address directly into your browser, or use google or some other search engine to find it for you.

Stay tuned for an article on how to spot phishing scams.