Please support our effort by making a small donation. Thank you!

x

May 4, 2016

THE WEEK IN REVIEW

The past week brought us a couple “firsts” and surprises, including this first-ever email inviting foreigners living in the United States to participate in a green card lottery. However, the idiots who created this scam misspelled an important word. Some might call the misspelling a Fruedian slip. We call it hysterical. “Participate in the Official American Greed Card Lottery.” Of course VirusTotal.com is reporting that two services have already identified justkit.net  as a malware site.

1-American GREED card lottery

 

Sample Scam Subject Lines:

Attached Doc

Be a teacher in less time than you think

Be Warned and Protect Yourself against intruders

Browse Best Tires for Your Vehicle

Cash back Credit card providers

Congratulations You Made a Sale –

How to Protect Your Pets For illness And Injury Low – cost Animal Insurance

Low Rate Credit Cards

Mother’s Day Gift Ideas

Olive Garden Gift Inside – Tuesday only

RE: Outstanding Account

Search Car Insurance Solutions

Substance-Abuse affects the Entire family.. find Drug Rehab resources

Sample Scam Email Addresses:

AcceleratedTeachingCertification@abource.top

ALASKACRUISE_LINER@best2at.pro

ATTENTION-DEFICIT-DISORDER@firstup.pro

barker@hiltonofsantafe.com

BasementWaterproofing@zoean.download

chocolatechipcookies@dessertts.top

CorporateLending@philition.top

Costco_Reward_Center@vujw2azik.intellisystem.science

DUIAttorney@tenmy.pro

info@chilirewardscard.com

OilCoupons@othetical.download

ProcessCreditCards@waterals.download

yahoonews@summertriim.com

 

 

 

Phish NETS: It’s a Miracle!

An exceptionally rare event happened this past week and we are thrilled to report it! TDS didn’t find a single phishing attack hitting our honeypot servers. This has happened only once since we’ve been conducting our research and producing this newsletter. Amen. Enjoy the respite and these articles from around the web from folks who have seen phishing attacks of various kinds…

New Phishing Attack Against Facebook Business Pages
https://barracudalabs.com/2016/04/new-phishing-attack-against-facebook-business-pages/

Spear-Phishing Attack Hits High Level Execs With Ransomware
http://www.extremetech.com/internet/226105-spear-phishing-attack-hits-high-level-execs-with-ransomware

Phishing Email that Knows Your Address
http://www.bbc.com/news/technology-35977227

Phish Bowl: Fraudulent Email Examples from Cornell University
http://www.it.cornell.edu/security/phishbowl.cfm

How to Spot a Phish Infographic
http://www.bankinfosecurity.com/whitepapers/how-to-spot-phish-w-2390

Your Money: Amazon Daily Deal, Create the World’s Healthiest Desserts, Walgreen’s $50 Reward, and Grocery Store Savings!

Hurry! There are only 12 left of this Amazon daily deal! The email was sent by men@moincil.com. This email address, according to a Google search leads us to believe it was created by the disposable, temporary email service called Guerrillamail.com. And the only thing this Dellop Pro Flashlight will illuminate is a way to hack your computer. Delete! (By the way, the random text at the bottom of the email was so bizarre that we simply had to find out where it came from! Turns out it came from this Travel Magazine post about Three Days in Bonnie Loch Lomond, Great Britain. Sounds lovely!)

3-Amazon daily deal -only 12 left

OMG! “Create the worlds healthiest desserts! Your friends & family will be amazed when they learn just how good-for-you these desserts can be!” What a lovely domain name they chose… dessertts.top And all presented by a lovely young lady with half-an-arm.   We wondered about that missing arm and decided to use TinEye.com  to do an image search to find her, and perhaps, the rest of her arm. We learned that this photo has been used on at least 4 websites since 2013. The woman appears to be Kelley Herring, who runs the website HealingGourmet.com.

4-Create Worlds Healthiest Desserts

But hold on a moment! If you think we are suggesting the above email is legitimate, think again! (Plus we’re certain that Kelley knows how to spell “dessert.” –see the link revealed in the mouse-over.) We asked the Zulu URL Risk Analyzer to check out the link in this email. It proves once again that you can’t have your cupcake and eat it too…

Deeelicously deeeleete!

5-Create Worlds Healthiest Desserts zulu score

When we looked closely at the domain this email came from, and link points to, we had a great laugh! And it was no surprise to us to learn that the domain obamaismuslim.science  was registered through Alpnames, the latest stooge-for-hire being used by the criminal gangs who push out these scams by the thousands. Someone identified as Maria Roberts, from Humlegardsgatan, Sweden registered the domain in March, 2015 but the domain was updated on April 29, 2016. Does any of this sound like Walgreens to you? We didn’t think so either.

6-Walgreens 50 Reward

If you have had teenagers we bet you’ve stood in front of your open refrigerator lamenting that they’re eating you out of house and home. We just bought groceries yesterday! Why is the frig empty!? This weekly lament makes an email like this last one all the more appealing. “Save on groceries at your local store. Buy groceries at your local store, get cash back.” The email leads you to believe it comes from the marketing service called SavingStar.com but it doesn’t. The link points back to a weird domain called learnneew.xyz. Nothing good will come from clicking that link.

Delete!

 7-Grocery Savings

 

TOP STORY: American Businesses in the Bull’s Eye of Scams

TDS sees hundreds of scams every week. In the past, we have reported that the criminal gangs most responsible for generating these scams tend to target broad groups of people whom they think are most vulnerable to their social engineering tricks. These include people battling health issues, such as diabetes or COPD, and those dealing with addiction. However, we want to remind readers that the criminals also heavily target businesses, including small business owners. Take these next two bogus emails meant to generate a click to malicious websites.

9-Need Business insurance

Businesses are inundated with bogus and legitimate solicitations, ads, and queries daily. Trying to determine the legitimate Internet offers/contacts from the fake and malicious requires critical thinking and significant Internet skills. Many employees don’t have these skills which explains why so many businesses end up with infected computers and hacked accounts, putting both themselves and their customers at risk. Social engineering of business employees is extremely lucrative to criminals. Take a look at these lists of emails targeting business owners that made it into our honeypot servers. Each email is malicious.

10-Business email list 1

11-Business email list 2

12-Business email list 3

And this represents just a drop in the bucket. Criminals also inundate businesses with fake invoices and demands for payment of overdue bills. Each of these emails contained malware in the form of a zip file. Check out the example below.

13-Business unpaid invoice email list

14-Missing payment for invoices

These are just some of the reasons why we strongly urge all businesses to provide their employees with Internet skills training so they can recognize the con artists before they accidentally do something you’ll all regret. And now we all say…

Note: TheDailyScam offers this type of employee training, both in person and via webinar. Contact us at info@thedailyscam.com to learn more.


FOR YOUR SAFETY: Confirm Your Registration and You account have a problem

“Complete your qualification form today!” “Your social networking reputation among your peers and colleagues of your profession entitles you for pre-qualification!”

Wow! Really!? Of course we love the line that says “you have nothing to lose.” Yah. Right. Nothing. The Zulu URL Risk analyzer score below will disagree with them….

“You account?” Now here’s great English skills. Once again, the Zulu URL Risk Analyzer confirms the obvious. They are no client we want!

17-You account have a problem

18-You account have a problem zulu score

ON THE LIGHTER SIDE: How Lucky Are We!

We must be the luckiest people on the planet! No, really! Just days apart we were informed that we are receiving millions of dollars! In fact, the first payment of $5000 is just sitting ‘there’ waiting for our reply. Maybe we should begin playing the lottery since our luck is so high!

 

 

20-Welcome to Western U - 1 million

 

 

 

 

 

Until next week , surf safely.