Please support our effort by making a small donation. Thank you!

x

March 11, 2015

THE WEEK IN REVIEW

Over the past week we saw many of the same old scams but incorporating some new content to trick potential victims into clicking malicious links. For example scam emails tried to capitalize on the popularity of the TV show “Shark Tank” and others focused on “alleged sins” committed by Pope Francis. We think many people would fall for the Pope Francis scam email. What do you think?

0-Sins comitted by Pope Francis

 

By the way, if we swiped our mouse across those red banners we found red-colored random text meant to fool the anti-spam filters into thinking this was a legitimate email.

We also saw multiple instances of legitimate AOL accounts getting hacked and being used to trick friends and family into sending money to bail out someone who’s stuck in the Philippines. This is the new version of the older “mugged in London” scam. We wonder how the scammers decide how much money to ask for in these scams. From Peter’s hacked AOL account they wanted $2,450, but from Tom’s hacked AOL account they only ask for $1950. Are they trying to tell us something about Tom? ….or about Peter?

1-Sad news from Philippines

And of course during the last week we continued to see many gift card scams like this Walmart scam:

 

 

 

 

 

Phish NETS

The Apple account and banking phish scams have finally cooled off after weeks of seeing them in high volume.  This past week we found only a few Amazon phishing scams trying to capture people’s Amazon login information. Check out this one sent from the email address me@localhost.com. Of course the email contains no personal information to identify the recipient by name or account. In addition, if you read the paragraph under “Dear Amazon.com Customer” carefully you’ll find several grammatical mistakes, once again suggesting that many of the scams targeting Unites States citizens are perpetrated from outside the U.S. We recently wrote a feature article about the inability of anyone to protect U.S. citizens from scams coming from overseas. It is called My Hacked Website Costs You Money and No One Cares.” Check it out!

 

 

 

 

 

 

 

 

YOUR MONEY

The Nigerian 419 scam, otherwise known as the advance fee scam, has a very long history and we’ve reported on it many times in the past. It is a very effective scam that successfully targets professional people, white-collar and blue-collar alike. Check out the email below. Imagine receiving this and thinking that someone wants to give you money! How can you lose on this, right? But wait….Customs is requiring a small $50 processing fee to release the money. Hold on, now the money is being held up by a court ruling that requires a $100 for special documents to transfer that money. And so on… You’ll get milked a hundred times along the way. It’s like death from a thousand paper cuts.

Notice that this scam contains a legitimate link to Western Union. The link is not the risk. The scam comes when you try to get your money. Just delete.

Visit our “Advance Fee” scam collection to see a more detailed explanation of many of these scams.  Also, download a pdf of dozens of examples of these scams! 

 Just delete.

 5-Attn Beneficiary - via western union

 

 

 

 

 

TOP STORY

TDS has seen a growing number of scams coming from new and unusual “top level domains.” Familiar Global (or Generic) Top Level Domain (called gTLDs) include .com, .org, .net, .info, .gov, and so on. These gTLDs are controlled and governed by ICANN, the International Consortium for Assigned Names and Numbers. Since the Internet has been running out of domain names for the most common gTLDs like “dot-com,” ICANN has been on a long campaign to create and make available new gTLDs. A listing of them, along with their release dates can be found at the ICANN website.  The Daily Scam has noted that scammers are taking full advantage of the creation of new global top level domains by pushing out thousands of scam emails that appear to come from, and/or contain links that lead to malicious new domains. For example they have misused new global top level domains such as .work, .click, and .energy. Just last week they began a new campaign of scams using .science. Check out this example which also happens to be the first time TDS has seen a scam that targets people searching for assisted living centers…

 

 

 

 

 

 

 

 

 

 

Here is a collection of scams targeting one email server over a couple of hours. The sender’s email address in each case is a “dot-science” global top level domain:

7-Dot-Science domains

The take-home message here is simple… Until these new top level domains gain greater legitimacy from real businesses and people wishing to use them, we strongly recommend just deleting emails that come from these odd-ball top level domains. They are overwhelmingly used only by scammers.

Just delete!

 



FOR YOUR SAFETY

In “for your safety” this week we have two new examples of common scams seen in the past. The Canada Post parcel scam is an effective social engineering trick to get someone to click a malicious link. Mousing-over the link for the delivery notice card easily reveals that the link points back to a Canadian insurance company called Dejongs Insurance. (Dejongs’ web server was hacked and misused and we’ve informed them about it.) If you look closely at the link you’ll notice that it leads to a zip file. That zip file contains malware.

Just delete!


 

The next email is contains bogus information that should appeal to conspiracy theorists and the ultra-paranoid in our country. Do you think they’ll notice that the link they are asked to click leads to a webserver in India? “.in” is the 2-letter country code for India.

Just delete!

 

9-Dear Concerned American - Stock crash coming 

 

 

 

 

 

ON THE LIGHTER SIDE

Finally we wanted to leave you this week with a sampling of some very personal emails we received from lovely ladies around the world who have, no doubt, heard how amazing we are! We’re certain they just can’t resist us ‘cuz we’re that cute! But we can’t make up our minds which one to choose! Should we choose the email with the link that leads to France, Turkey or Montenegro?

Until next week, surf safely!

 

 10-Hello baby - join me

 

 

 

11-Hello friend - my prince charming

 

 

 

12-Hello I am a strong woman

Until next time….

Surf safely!