Please support our effort by making a small donation. Thank you!

x

January 11, 2015

We’ve learned a lot by analyzing scams and talking to the people targeted by them. What works and what doesn’t? What makes people curious enough to open and click? Below are three recent examples that are pretty good at engineering people’s behavior. (Curious about social engineering? Check out this video on YouTube that explains it in more detail. The first claims to report on celebrities in some embarrassing manner, the second reports on some “shocking” news (Notice the “extreme” word use… hate, furious, shocking, desperately), but the third scam employs the best tricks of all for manipulating behavior.

In the third example the scammers managed to hack a legitimate email account and send an email to a woman just minutes after the REAL email account holder had sent this same woman a legitimate email. The second email, which is malicious, is disguised to look like a link to a Dropbox document but a mouse-over easily reveals that it points to a website in Poland (The mouse-over reveals the domain “plngs.pl” .pl is the 2-letter country code for Poland. Check out all 2-letter country codes or view our short video on country-code scams. Would you have clicked the link without noticing where it went because you knew the sender and had just received a legitimate email from the sender?

 

 

Advance Fee Scams – The Lame to the Famously Brilliant

Advance fee scams have been targeting people for hundreds of years and are one of the most common types of scams. They have been made more famous recently since many con artists in Nigeria began reaching across the world using snailmail and then the Internet to perpetrate these scams beginning in the 1980’s. Check out some interesting links about Advance Fee scams:

Learn why they are called “419 scams.”

Advance Fee Fraud Defined

Advance Fee Fraud Info

Here is one small lame example of an advance fee scam. We see at least a dozen every week and most are laughable.

 

There are so many “red flags” about this email BESIDES the fact that NO ONE is going to give away two million dollars to a stranger…

  1. Sender’s email is different than the contact email in message and asks you to contact someone else to arrange the transfer of money
  2. “Dear Friend” means that this email was most likely randomly sent to thousands of people
  3. The recipient of this email made no “past effort and attempts to assist” the sender
  4. A complete random stranger is asking for personal information

We would like to think that anyone would recognize this as a scam but unfortunately there are people who don’t which explains why these scams continue today. You can check out a bunch of these types of scams in our Scam Collection or download a TDS pdf containing 21 pages of them!

However, when is an advance fee scam so sophisticated that the victim is taken for thousands of dollars before realizing that he or she has been victimized? About a month ago TDS reported on a very sophisticated advance fee scam targeting young adults who use Care.com to find jobs. That article generated a lot of interest and we’ve since been contacted by many young adults who have been targeted by variations of this scam. These advance fee scams targeting Care.com users are all very similar. We recently posted a feature article on our site about them. Check out both articles to see how an advance fee scam can be sophisticated enough to trick recent college graduates and read some of their stories:

Nanny Scam hits Care.com

Care.com Scam Strikes Again!

Big Picture – What Do These Scams All Have in Common?

We believe that two or three criminal gangs are responsible for at least 80% of all the scams in the world that target Internet users. Sounds like a bold statement, right? However, if you look carefully at the face of these scams below, you’ll see what we see… They all appear to have the same design. This is even more prevalent if you look at the code used to create them. It is as if the scammers have a few basic templates and simply fill in a new graphic, a few words into empty fields, and then hit send. Every week it feels like the great majority of the scams we see fit into three or four such templates. You be the judge…

 

6-Relieve ADHD symptons in your child

7-Security camera system

Just delete.

Amazon & Walgreens Rewards – It’s Nice to be Rewarded

“Red flags” on this first Amazon scam should send anyone to the delete key:

  1. The email doesn’t come from Amazon.com but from today@kafirlefts.com. A Google search turns up no website or business of that name.
  2. The email says we have a $65 balance at Amazon but a mouse-over shows that the links lead to kafirlefts.com, not Amazon.

The second email for Walgreens is no better. And a mouse-over of the links in the Walgreens email show that they lead to a domain called

“getyour-ebalancepointsupdate.rocks”

We’ve seen a LOT of scams using new global top-level domains such as “.rocks” “.link” and “.website” but not a single legitimate user of these domains.

Just delete, delete, delete!

 

10-Walgreens eBalance Reward Points


Finally, we wanted to close this week’s newsletter with two points. Before you let curiosity get the best of you because you think that a Word document can’t cause harm, think again! A Word document, such as the one attached to this BMW Lottery scam, can contain a virus, a malicious script, or links to malicious websites embedded in the document. Just delete!

11-BWM end of year winner

 

 

 

 

Today as we were writing the newsletter a TDS visitor sent us this very lame phishing scam and it gave us a good laugh. We thought you would enjoy it as well….

12-Lame Rotten Phish

 

 

 

 

 

Surf safely!