Please support our effort by making a small donation. Thank you!

x

December 23, 2015

 Read our latest feature article “If I Could Teach The World of Internet Users…”

THE WEEK IN REVIEW

Last week we reported that the number of Xmas holiday scams was on the rise and that still rings as true as Christmas bells. Here are three samples of the types of Christmas scam emails we continue to see…

1-Personalized package from Santa2-Macys Xmas gift card 503-Amazon Holiday Voucher Giveaway

 

 

Last week’s Top Story reported about the questionable practices of the International Women’s Leadership Association that lead us to believe the association is little more than a marketing scheme to make money. Well, last time Doug checked he was still a male. Apparently the IWLA thought otherwise because they sent him a direct invitation with the subject line “Confirm your selection as a female business leader!” Hey, IWLA…. Newsflash! Doug is not a woman. And Doug doesn’t work in Business! (But he’s flattered that you think so highly of him.)

4-Confirm female business leader

 

 

Sample Scam Subject Lines:

Become – an Engineer –classes Starting-Soon

Compare Specials for Cloud Services

Have Acid Reflux?

Important Message Revealing New Diabetes Solution

Need Extra Cash? Here’s How

Playboy: What Chris Hemsworth does for 6-pack abs

Re: Donald Trump credits all of his success to this

Re: Have the night of your life with a new partner!

Scientific- breakthrough Eliminates Herpes!

Setting up a call this week

Sponsored offers for Aerial Drones

Treat Pain and Inflammation Naturally

Your Amazon Christmas Reward Balance is $50

Sample Scam Email Addresses:

bathroomremodelingoptions@bathcare.download

BetterThanBotox@loume.download

BloodPressureAlert@orcile.top

Business_Class_Airfares@enciency.download

CloudStorage@hydrit.top

CNNSpecialReport@wellhotp.top

EarlyChildhoodEducation@etivir.top

OnlineEducation@30xi.top

PsoriasisMiracle@abuine.top

santa@giftbest.date

SeniorHousing@dicuin.top

SolarPanelOffers@billyme.top

VARateLock@dolapa.top

 

 

 

 

Phish NETS: USAA Bank

The large number of phishing scams we’ve been seeing the past few weeks  seems to have decreased significantly, except those targeting USAA Bank. “We’ve posted a new security safeguard for you on usaa.com.”

As is usually the case, you can spot the fraud with a simple mouse-over of the link before you click it like you can spot a red Santa on a snow mound. A mouse-over of the green graphic “sign on” points to a website registered in India called linksonclub.com. Also, the fact that this email has empty fields in the gray box where it is supposed to identify your account number should make everyone suspicious. And so too, should the poor grammar and misuse of English. We found three English errors. Can you find more?

Your Money: Digitize your home movies and protect your home.

This first scam is actually a great idea if it were real! We must have over 50 hours of old tapes of the kids that we would love to turn into digital movies. But it won’t be through these criminals who want you to believe they are iMemories, a legitimate tape digitizing business located in Arizona. The links in this first scam go to a strange website called decrous.top, which was registered on the day this scam email was sent according to a WHOIS look up by someone named “Kris Mark Kopina.”

6-Digitize your home movies


 

This next scam should appeal to many homeowners looking to protect their home through a “home warranty” including an offer for the first month free! “Get your free instant price quote!” What could be so bad? A quote won’t cost anything, will it? Think again…. And then check out the score below given to the link in this email by the Zulu URL Risk Analyzer.

DELETE!

7-Protect your home with a home warranty

8-Protect your home zulu score

 

 

TOP STORY: Docusign confidential agreement.

A subject line all in caps saying “CONFIDENTIAL AGREEMENT” is designed to get your attention and it did. It got the attention of many people in one organization as it slipped past their anti-spam filter and network security. “Your document has been completed. Review document.” But the email recipient hasn’t been identified and the email was sent “BCC” (blind carbon copy) meaning that it was sent to many recipients so that each recipient could not see who else received it.

Docusign is a legitimate business providing electronic signature technology but that’s not where this email came from or leads to. A mouse-over reveals a shortened URL through the service tinyurl.com.

9-Confidential Agreement 1 to short URL

 

We visited Unshorten.it to have a look at the shortened link and it didn’t lead to DocuSign. The link pointed to an online journal hosted for Nepalese students in South Korea! The journal’s website has been hacked and is hosting malicious software waiting to infect your computer. How do we know this? We asked VirusTotal.com to check it out. Have a look below to see what it reported…

10-Confidential Agreement 1 unshortened

11-Confidential Agreement 1 virus

To add insult to injury, less than an hour later, the same organization received another wave of these malicious emails disguised to look like emails from someone named Ron at First Choice Business Brokers. They contained the same exact shortened URL. It was like watching a bad movie all over again.

Now delete!

12-Confidential Agreement 2

FOR YOUR SAFETY: Invoice, American Airlines Ticket….

We have been reporting for weeks about a similar collection of small emails disguised as invoices, e-tickets and other things. They all carry very dangerous malware files. These threats have not abated. Here are a couple more from the past week.

13-Broadband invoice

 

14-American Airlines ticket 

 

 

 

 

And now for something different… Have you ever heard about the scam called “pump and dump?”  Investopedia.com describes it very well on their website. Below is a perfect example that arrived in someone’s email inbox without any “from” address in the header. A simple word of advise… ANY stock tip received randomly through the Internet should be considered fraudulent. The only person getting rich is the sender.

 

Subject: Ground Breaking news ready to be unleashed

Dear Trader,

I am letting you know once more, buy Accelera Innovations, Inc (AC_N_V)

immediately, and prepare to ride the wave to substantial trading with

earnings. The shorts appear to have been trading stock within this close

span, additionally, the chart appears ready to explode any time. The

winter holiday’s are nearly all over, your stocking stuffer ahead of

Santa’s special day should be the gift of AC_N_V, which has been packaged

for everybody. Find out more concerning the corporation today, and earn

extra christmas earnings. It’s my opinion that the graph or chart on

AC_N_V is prepared to go skyrocket. Get ahead of the competition, do not

wait in line for the stampede, and thus place you to ultimately be early.

First in as well as first to take the gains!

Concerning the company:

Accelera Innovations, Inc focuses on combining healthcare data

technological know-how to transmit into the health care information

market. All of our systems happen to be HIPPA certified and absolutely

safe, allowing for medical practitioners along with facilities globally

to communicate effectively thereby lowering costs of medical care as well

as boosting the quality from patient results. AC_N_V seems to have

assembled by way of licensing, solutions that will address the existing

marketplace necessities of linking the patient to appropriate health

related info to guarantee favorable overall health ultimate results. This

can be done by using a production which offers cloud based technology,

that is in front of the industry even while offering flexibility along

with rapid use capacities. Accelera Innovations Inc finished one purchase

during 2013, Behavioral Health, with profits of $3.1 million as well as

an EBITDA around 1.2 million. In 2014, Accelera finalized purchasing of

SCI (Advance LifeCare Home Health); SCI’s revenue is $920,728 which has

an EBITDA of $132k. Both the purchases in Chicago offer personal care to

approximately 10,000 patients every year, and thus teaming up with about

15 medical facilities as well as Twelve hundred health professionals

while in the Chicago area.

 

Purchases, revenues, positive EBITA, online platform, this corporation

seems as if it’s doing all the correct actions. AC_N_V is ready for

investors to ensure cash, do not overlook! Get Ready For Bullish Gains!

 

15-Confirm document I shared with you

 

 

 

ON THE LIGHTER SIDE: Mugged in Manila!

Dear TDS Readers, we are deeply concerned about the safety of one of our friends. He was attacked in Manila, Philippines! We didn’t even know he had left his home in Pennsylvania! And he doesn’t like to travel, especially internationally! And he didn’t post anything about his trip on Facebook… In fact, he just posted photos about a Lacrosse game the day before. WOW! It’s amazing how fast one can travel to Manila! Anyway, gotta go. Gotta wire him some cash fast!

 

Subject: URGENT

 

I am sorry for reaching you rather too late due to the situation of things right now. I had a trip visiting Manila, Philippines, everything was going on fine until last night when i got attacked by some unknown gunmen. All my money,phone and credit card was stolen away including some valuable items, It was a terrible experience but the good thing is that they didn’t hurt me or made away with my passports. Unfortunately for me, I’ve made contact with my bank but they are not providing a fast solution. I need you to lend me some money to sort my self out of this predicament, I will pay back as soon as I return.

 

All hopes on you.

Thanks.

Until next week, surf safely! And if you’re in Manila, watch your back!