Please support our effort by making a small donation. Thank you!

x

May 13, 2015

THE WEEK IN REVIEW

Headlines vying for your attention this past week…

A Special Invitation

Advisory: Your online file was accessed

Breakthrough in joint-comfort!

Broaden your perspective for as low as $1 a week

Celebrate Mom this Sunday with an exquisite $29.96 bouquet

Delicious, sweet blueberries from home

Get noticed and watch your career take off

Learn about harp

Mother’s Day bouquets with DESIGNER VASES

Now just $5 for 12 weeks

Reverse hearing loss in 17 days

Russia’s dumping U.S. dollars

Service cancellation May 10

SHIPPING DOCUMENT / BL CONFIRMATION

The ‘holy grail’ of dark spots correctors

Turn your backyard an incredible hummingbird playground!

Welcome to the Who’s Who Connection

Why the Law Of Attraction is BROKEN Click to see

Scammers obviously have a staple set of tricks that must routinely have a level of success because we see many of the same types of scams over and over. Like these two…

Someone Has Just Viewed Your Background

Someone Has Just Viewed Your Background

Get Your Free Credit Score

Get Your Free Credit Score

 

 

 

 

 

Of course, the “background check” scam doesn’t contain a stitch of personal information to identify the recipient and both emails point to very peculiar websites. But these are part of the bread and butter arsenal that scammers use and last week was filled with them!

 

 

 

 

 

Phish NETS: Wells Fargo and PayPal

From Wells Fargo Bank… “We recently detected numerous failed attempts to provide the correct answers to your security questions.” If that’s the case, why can’t you at least address me by name or list my account number?  Hello! Did anyone notice that the email didn’t come from wellsfargo.com? It came from WellsFargo@secureserver.com and that is NOT the same as wellsfargo.com. In fact, if you Google secureserver.com and the word scam you’ll see a list of links from people and businesses all over the web identifying this domain as being used in various American Express and other bank phishing scams. (So WHY isn’t this domain shut down? The reason is because ICANNs doesn’t care about protecting netizens! Remember… ICANNs is the non-profit service responsible for coordinating all web names and numbers across the world.) And that attached html file is a web document that will have you thinking you’re about to log into your Wells Fargo bank website but it is just a clever phishing site!

1-Wells Fargo-confirm your account info

 

And how about this phish about your PayPal account?   “Notice of Policy Updates.” The scammers even tried to ease your concerns by dropping in the virus-free notice from Avast at the bottom of the email. This is still rotten phish!   A mouse-over of the link “Update your account” reveals that it points to the web domain 7minuteworkoutx7.com, not paypal.com! Even PhishTank.com has identified this website as being misused for phishing scams. Simply use Google to look up the domain 7minuteworkoutx7.com and the word “phish.”

Just delete!

2-PayPal-notice of policy updates

 

 

 

 

YOUR MONEY: Walmart Gift Cards and Amazon Coupons

The scammers LOVE Walmart and Amazon, though we’re not sure why. Perhaps it is because these businesses are universally recognized across the United States and used by millions of Americans. We often see scam emails disguised to look like they are special rewards or coupons from these companies, like the two emails below. But look carefully. The Walmart “gift card” was sent from clicknowtoolsforyou.com and the link leads back to this strange website. Google shows the following text underneath this website search listing… “Find Cash Advance, Debt Consolidation and more at Clicknowtoolsforyou.com. Get the best of Insurance or Free Credit Report, browse our section…” Does this sound like Walmart to you?

3-Walmart gift card rewards

 

The same can be said about the scam email below disguised to be an Amazon $100 coupon for your next order. The strange domain that sent the email is “onlineallnewshopping-alerts.us.” Certainly not Amazon.com. And when you read the email you’ll notice that it liberally uses dashes in strange places.  These are meant to trick antispam servers from blocking the email. An antispam server might recognize scammy, spammy phrases like “this week only” but might not recognize “this week-only” that includes the dash.

Just to show that we’re not the only ones calling this website a wolf in sheep’s clothing, we asked the Zulu URL Risk Analyzer to rate the website. Zulu responded with 100% malicious!

 

4-Amazon $100 coupon

 

 

 

 

TOP STORY: Donations from Howard Buffet

Scams disguised as charity have been around for decades, if not centuries. Some of the online scams are so unbelievable or amateurish that we wonder why they bother. Take this scam email sent by Howard G. Buffett, philanthropist, CEO and Chairman of the Buffett Charitable Foundation claiming to give money to randomly selected individuals worldwide. Even if you are stupid enough to believe the message, we hope you’ll notice that the email was sent from scanner@juresa.com.br. Do you recognize the 2-letter country code? This email was sent from Brazil. If you search Google for this Brazilian domain you’ll see that Google reports a by-line for this business which translates to “The Best Steel Partner.” Doesn’t sound like a charitable organization to us. By the way, on the legitimate Howard G. Buffett website you’ll find a fraud alert about these bogus emails.

5-Donation from Howard Buffett

 

 

 

Footnote: We believe it is ALWAYS important to see how well a charity uses donated money and goods by checking charity review websites such as CharityWatch.org, CharityNavigator.org, or Give.org.

 

 

FOR YOUR SAFETY: Malicious Attachments – exe, zip

We have often reported in the past about simple, short emails designed to make the recipient curious enough to click on an attached file. These attached files are EXTREMELY dangerous because they either carry malware or cause it to be delivered to the recipient’s computer. Below are screenshots of more of these malicious emails that targeted email servers last week. “Zip” files are compressed files and these can carry dangerous payloads that do their damage the moment they are opened. The email below with the attached “exe” file is a slightly different threat. The “exe” file is an executable on a Windows computer and clicking it launches and runs a malicious program for the scammer on the recipients computer.

Notice how the subject lines are meant to get your attention:

My photo

ADP Invoice for week ending 05/06/2015

Incoming FAX

Received Invoice message

Shipping document

Rejected invoice notification

Would you have been curious enough to open any of these or click the attached file?

In all these cases…. Delete, delete, delete!

8-exe-my new photo

 

9-zip attached-ADP invoice for week ending 

 

 

 

10-zip attached-incoming fax 

 

 

 

 

 

11-zip attached-received invoice attached

 

 

12-zip attached-shipping doc confirmation

 

 

 

 

13-zip attached-rejected invoice notification

 

 

ON THE LIGHTER SIDE:

We’re very suspicious guys (As if you didn’t know.) and always looking for a good conspiracy so we couldn’t resist this email from “The Washington Post.” Finally, they’ve uncovered the dirty details that Vatican leaders are involved in a Presidential coverup! We knew something was fishy in Washington!

And if we had any doubt whatsoever about a Washington conspiracy, we received the second email below about Bill O’Reilly’s White House interview revealing the shocking truth! Never mind that the email came from India!

14-Wash Post Story-Americans harmed

 

 

 

 

15-Bill OReilly Report-Obama serious trouble

 

 

 

 

 

 

 

 

 

Until next week, surf safely!