Please support our effort by making a small donation. Thank you!

x

December 7, 2014

The past week was business as usual. …shocking videos, job openings and offers, celebrity shameful confessions, anti-wrinkle cream discoveries, PayPal accounts that need to be updated, new reverse mortgages, and much more. Before we dive into the few we’ve chosen to explore, here are three scams that caught our eye just because! We especially liked the removable designer tattoos and plan to get some soon!

 

Don’t Sit on a Public Toilet Again

Now there’s good advice! The problem is that it comes from the domain abusenils.com, whatever the heck that means. Though this domain was registered by a company in Alaska on May 30, 2014, it was immediately blacklisted and called malicious. Go figure… don’t sit on a public toilet or visit this domain.

There are so many red flags in this email. The sender’s name “die” doesn’t inspire confidence. The unsubscribe notice at the bottom of the page says “In moments you can end these when you see this p a g e. thanks” and then the link “you may stop thes now.” Well said.

Never Lose Your Keys Again

First of all there really is a Magic Finder! But the website is www.buymagicfinder.com/ not “shop3.getnewlost-specialsnow.link.”   A WHOIS lookup shows that this peculiar domain was registered in Amsterdam on December 5, the same day that we saw the scam email.

Do you see the block of random text underneath the ad for the Magic Finder? This is standard operating procedure for the scammer/spammer who is trying to trick anti-spam servers into thinking that an email is legitimate because it contains words that appear normal. The appearance of that random text is a big red flag that this is a scam at best and malicious at worst.

5-Never lose your keys again

Personal Invitation, Message from Cancer Foundation & Voice Message Waiting

We grouped the following three scams together because they share something in common. They have the appearance of a personal message sent to the email recipient even though they don’t contain a shred of personal information to identify the recipient.

The first is an invitation that was sent to a science teacher to join an organization with focused on climate change. This is a very credible email, especially because there really is something called the Climate Reality Project that is based in Washington, D.C. However, this email came from a French email courier service called NetCMail.com. In case you didn’t know, a PDF file can contain a number of exploits to take advantage of someone’s computer. Check out the conversation on this security blog about such PDF exploits.

The email below is a very sophisticated example of the Nigerian 419 (Advance fee) scam that so many people have written about across the Internet, including us. Here are two links about these type of scams. Just delete.

Nigerian 419 scam defined

TDS Collection of our 419/Advance fee scams

Apparently, so many of these scams claiming to be from Tom Crist’s charity foundation have appeared after the real Tom Crist won the lottery that the Huffington Post even wrote an article about it. If you want to read more about these, search Google for “tom crist scam.”

7-Tom Crist Cancer Foundation


Finally, we leave you with this simple email…You have a voice message waiting for you. Just click the link at TalkToMeICanHelp.com. Sadly, this domain is a legitimate domain used by the Sussex Police in the United Kingdom. However, their webserver has been hacked and is being misused to host malicious software. We’ve informed them.

 

 

 

 

Surf safely!