Please support our effort by making a small donation. Thank you!

x

February 1, 2015

The last week of January proved to be a creative week for the scammers. TDS saw several new scams we’ve never seen before! A Snapchat scam so successfully tricked Snapchat users to hand over their login credentials that we wrote a feature article about it and then had to add an update just days later. Check out Snapchat Scam SCLeak & SCPRV.com  The first graphic below is a screenshot of the second version of this scam and is sent from hacked accounts. It came just a few days after the first version of the scam.

The second scam below targets anyone interested in using eHarmony for free for a weekend. A mouse-over reveals that the link points to a scam site called bour.info, not eharmony.com. And the third scam in this group of three is just plain strange… Raise your IQ by 100, 200 or 300 points? Really?

 

The variety of scams that landed into inboxes was impressive! Below is a list of subject lines that says it all. We should note that over the course of two days last week we saw hundreds of scam emails promoting rental properties from “Voice Global Properties.” This scam demonstrates that the scammers pay close attention to people’s seasonal behavior. It is generally this time of year when families plan Spring and Summer vacations.

  • Alcohol rehabilitation
  • Amish wood milk (furniture polish)
  • Become a nurse
  • Bedbug infestations
  • Blood pressure solutions
  • Cheaper auto coverage
  • Costa Rica travel/resort trips
  • Diet notices
  • Earn your M.Ed. online at half the cost
  • Erase tinnitus
  • Garage floor coatings
  • Hawaii vacation deals
  • Heart help tips
  • Internet phones

  • MBA Degrees
  • Medicare Open Enrollments – Extension
  • Meet Amazing Singles / Senior Singles
  • Properties for rent from Voice Global Properties
  • Psychology department guide
  • Online education
  • Online health degrees
  • Razor sharp Aero knife
  • Replacement window deals
  • Substance abuse help
  • Student loan services
  • Term life insurance
  • VA Loans
  • Wireless home security cameras

 

 

 

 

 

The Danger of Zip Files

Look carefully at the next three scams and you’ll find they all have one dangerous thing in common. Each contains an attached zip file. A zip file is a compressed file format used to send a group of files as a single smaller file. The critical danger is that the recipient has no idea what the zip file contains until it is opened, or scanned with anti-virus/anti-malware software. As you can guess, these zip files are all malicious.

Each email cleverly tries to engineer the recipient into double-clicking the zip file. The email from RBS.com seems so official but what is it saying?   Enough of these emails were distributed to Americans to gain attention from many computer security companies such as the SaneSecurity Blog. The eFax scams have been circulating the web for several years now. Here are two links that exposed them in 2012:

  1. eFax Scams Exposed
  2. eMail Scam Alerts

4b-RBS Morning Commentary zip4c-eFax -sent from Portugal

 

 

 

 

 

 

 

 

 

Highly Effective: Your CVS Prescription is ready!

We believe that this is one of the most effective social engineering scams we’ve seen. It is certain to raise someone’s curiosity just enough to click the malicious link “see this now.” Notice that the email doesn’t come from CVS; a mouse-over of the link reveals that it doesn’t point to CVS and the domain used “cliftbronze.com” is a very strange website name. But people will click nonetheless because it is so unique and all Americans get prescriptions at one point or another…

 Just delete.

The last time we saw something new like this and that was as effective, were the scams targeting EZ Pass holders. Coincidentally, we saw another one of these this past week as well. But not only does the email come from a strange address but a mouse-over shows the “Get Invoice” link pointing to “vagep.hu.” .Hu is the 2-letter country code for Hungary. That means that the link in this email points to a server in Hungary. Definitely not EZ Pass.

Just delete.

 

 

 

 

 

 

 

 

 

Fine Italian Wines… And it Looks So Convincing!

Sometimes we are really impressed with the detail and effort that goes into creating the graphics and psychology of many scam ads. This scam, Fine Italian Wines, is one of the best we’ve seen. The English is superb, the graphics outstanding and the details are well thought out… Verisign secured, credit cards accepted! And red wine afecionados will be impressed to see that this collection includes two Barberas and Montepulcianos! We want to buy it! ….except for one small problem. Look at the domain revealed by a mouse-over of the link: “applebrandy.xyz” We had never heard of a Global Top Level Domain called “xyz” and didn’t think it was even possible to use it! However, a WHOIS lookup hows that it was registered on January 31, 2015 from Great Britain and is being hosted in Moscow, Russia. And if you think we are mistaken, a Google search shows no such website. Also the Zulu URL Risk Analyzer rates this ad’s link as 100% malicious. See below.

 

 

 

 

 

 

 

 

6b-Fine Italian wines zulu score

 Just delete.


Finally, we wanted to leave you with two wonderful emails. We never knew that bald spots could be cured by eating this simple green leafy vegetable. Guess what we’re going to have with dinner for the next seven nights? And finally, we’re excited to tell all our readers that we have been left a large sum of money by someone in the United Kingdom. We don’t know who yet but we know that the subject line applies to us! “Hello dear user.”

7-Bald spot cured by eating kale

 

 


8-Hello dear user - you are heir

 

 

 

 

Surf safely!