Please support our effort by making a small donation. Thank you!


August 21, 2019


It’s a reasonable guess that most of our readers have Facebook accounts, or Instagram accounts, which is owned by Facebook. (Facebook tried to purchase Snapchat in 2018 but the offer was rejected.)  For some years now it feels like Facebook’s CEO, Mark Zuckerberg, is always apologizing to its users or to a Congressional panel for misuse of user’s data, enabling/allowing fake or misleading information to be posted on Facebook, or for providing our personal information and user access to shady characters from around the world. Of course, all of these activities earn money for Facebook.  Our families and friends stopped believing Zuckerbergs’ apologies and “sincere effort to do better” years ago, how about you? Surprise! Here is the latest Facebook news to add to their long list of broken lies to do better. If you have the Facebook Instant Messenger app on your smartphone, it is possible that Facebook has used their app to listen to and record your voice (i.e. conversations).  Equally worrisome, according to this article on, is that Facebook hired third party companies with offices around the world to listen to and transcribe user conversations.  Below are two more articles about this breach of user’s trust and loss of privacy, in addition to the Bloomberg article. When reporters recently asked Facebook to confirm these allegations, Facebook representatives declared that Facebook stopped doing this…. A week ago!

This is a reminder how very important it is for Smartphone owners to periodically look at the settings of Apps on our phones and turn off the features we don’t need/want.  You can see below in our screenshot of the settings for Facebook Messenger that we have turned off Location, Contacts, and Microphone. (If you do not see the Microphone setting in your Messenger settings on an iPhone, it will likely be available in Settings, within Privacy → Microphone.) Anytime that an app is updated it is important to go back and check your settings!  Companies have been found to override previous consumer setting choices when an update has been installed. It’s important to remember that since these apps are free, you are the “product” — meaning these services make money from you and your data.



During the last six months we have seen an overall uptick in the number of job scams.  Some are very sophisticated, such as the bogus company Tradex Plus Corp (scroll about half way down the web page), while others are just amazingly lame, like the email below sent to us by one of our readers for a job as a Package Manager.  Here are a few links to some of our more recent articles about job scams. 

   Package Reshipping Scams
Job Interviews in Google Hangouts
  You’re Hired! (Job Scams)

Phish NETS: Paypal Important Notice

A longtime TDS reader sent us this very funny phishing scam pretending to be from Paypal.  Of course, it didn’t come from This phishing scam is obvious if you look closely at the domain that follows the “@” symbol.  The phishing domain is funny because of a spelling error in the sub-domain which precedes the domain  Instead of using “onlinebanking” the scammers created the subdomain “onlinebaking!”  The link for “Restore my account” points to a hacked automaker’s website in Russia (“.ru”) called Uazavtoset.


YOUR MONEY:  Right Tool for the Job and Home Improvement Loan

There is a real tool called “Tiger Wrench” but this crap clickbait isn’t the real deal!  All the graphics were stolen by the criminals who created it. The real domain is “” and it was registered in 2017.  The domain linked to this clickbait is tigerwrnc[.]pro. It was registered the day this email was sent.  Look at the sentence in the opening of this email that says “This offer is for United States only.”  We often see this in malicious clickbait created by the same cybercriminal gang. The Zulu URL Risk Analyzer tells us this clickbait is malicious AND that it will forward you to a website we have identified as malicious several times in the last few months…. NextCoolDeal[.]com. (Read about our first description of this malicious website on June 26.)


According to, FIGURE is a very reputable online home equity loan service that was created in 2018.  However, once again, this email did not come from FIGURE and the domain involved wasn’t purchased by FIGURE.  The domain, wpnnont[.]com, was registered in India in February.  This email is another example of malicious clickbait to malware or a phishing scam…or both! (By the way, no real human being in their right  mind, who isn’t paid to say it, would EVER say what “Noah B.” says in this email!) Both and the Zulu URL Risk Analyzer had no problem determining that this website wpnnont[.]com is 100% malicious.


TOP STORY: NOT a “Happy Meal!”

According to several recent articles we found online, McDonalds has been creating healthier options for customers over the last year or so.  For example…

Still, this doesn’t mean that McDonald’s is the healthiest place to purchase a meal or offers the healthiest choices.  Also, readers will have to cut us some slack but we can’t get over our own childhood memories of the HIGH FAT, HIGH CALORIE meals served by the McDonalds of our youth.  They elicit feelings of a train wreck in a clogged artery! And so our first reaction to this email forwarded by a TDS reader was “GROSS!” Who would want “Free MacDonalds Meals for 1 year!”  But our follow up reaction to this clickbait was just laughter! Look at the errors in this email! They write “McDonalds” followed by “MacDonalds.” The email was sent from “McDonalds” but the criminals used the domain “”  And what’s up with the missing word in the BIG RED Button “ ___ for a chance to win” Did someone forget to type “CLICK?” Also, notice that every time these idiots wrote the word “free” they wrote it as f.r.e.e. This is on purpose because they are hoping that anti-spam servers won’t notice it. “Free” anything is almost always suspicious.  If someone were really going to eat McDonald’s meals for a year, we strongly advise getting cholesterol testing (a lipid profile) before you start, followed by testing every 2 months! In case you didn’t know, trying this didn’t turn out so well for Morgan Spurlock, the Director of the movie “Supersize me!” in 2004.

But this is just malicious clickbait anyway and not real.  The link points to a Dutch link-shortening service in the Netherlands called “Verkort.” (“.nl” = Netherlands) confirms that two security services have identified this link as malicious. We therefore want you to consider healthier choices.

Is it an interesting coincidence that we were sent another malicious clickbait made to look like an offer for McDonalds just two days later?  How unusual! From the oddball domain buzztis[.]com comes this offer for a $100 McDonalds gift card.  Again, our first reaction to seeing the Big Mac in this email was YUCK! (By the way, the criminals who created this clickbait may have stolen the Big Mac image directly from the McDonalds website here.)  This wasn’t created by any “promotional” or marketing firm.  The domain buzztis[.]com has clearly been identified as 100% malicious.  Just delete and consider healthier eating choices!  Your heart will love you for it. (According to and other sites, the “Big Mac Meal” is more than half of the calories of an adult 2000-Calorie daily diet.)

FOR YOUR SAFETY: Hospitals, U.S. Military, Childless Widows, Nigerian Officials and Scams

It has been such a joy to read the many Nigerian 419 scams appearing lately in our inboxes.  We wanted to take this opportunity to share these precious literary moments with our readers.  They are often written in such a way as to pull at our heartstrings or connect to our faith. “May Almighty God bless you and use you to accomplish my wish.” “I am a childless widow who was diagnosed of breast cancer.” (sent by fax to a healthcare provider’s office!) “I am sure I can trust you with everything I have.”  “We are very sorry for all the stress/Fees you spent to the Fraudulent Officials who claim to be a Good Nigeria”





Until next week, surf safely!