Please support our effort by making a small donation. Thank you!


November 23, 2014

Considering that we believe most of the scams we see are perpetrated by criminal gangs located outside the United States, we are often impressed by how well these criminals target their scams to United States events and culture. But we’ll get to that shortly. First a review of the scam subjects we’ve seen this week…

  • Leggings that look like jeans
  • Switch to solar power and save big
  • Sell your timeshare and save money
  • The truth about your glasses
  • Is sciatic pain keeping you from…
  • Refinance rates have dropped?
  • Energy bills out of control?
  • Shocking solution burns fat fast!
  • How kidney beans work. See famous doctor…
  • Could this be a secret ebola cure?
  • Final warning to NOT ignore this message
  • ADT home security offer
  • Official letters from Santa
  • And many more…

  • Background checks anytime
  • Reduce your utility bills by 80%
  • Massage therapy school
  • 20/20 vision secrets
  • Walk-in bathtub right for you?
  • Re: Open Enrollment Notice No.
  • Get maximum coverage
  • Bra designed with everlast comfort
  • Train your dog
  • Need a medicare solution?
  • See foreclosure listings
  • 40% off Nutrisystem
  • Palm reading for free


However, our favorite subject line concerns the increasingly ridiculous emails about curing diabetes. The winner?

0-Diabetes cure with spaghetti

Cure Diabetes with Spaghetti! …followed by “You can get the cure right now right here.” There must be no diabetes amongst Italian-Americans!

Why Macs Need Anti-Virus, Anti-Spyware Software Protection

We often hear from Apple computer owners that they don’t have AV (Antivirus) software installed because “Macs don’t get viruses.” This isn’t true and you can read this article from bout Apple’s claims and the reality of infection rates. Apple computers do get infected by many forms of malware and there are thousands of malware programs that target Macs (which is still far less than the MILLIONS of viruses and malware that target the Windows operating systems.)

We were reminded of this point twice this past week when we were contacted by a woman who’s Mac became infected. She was asking for a recommendation for software to remove the infection. Sophos has a free product available that we can recommend. Click here to download.

After the woman took our advice, installed Sophos and ran a full system scan she sent us this email:

“…random things pop up (ads/videos) and when on youtube random ads start playing and don’t stop. When we ran the Sophos it found 2 threats labeled;

OSX/Geonei-A      file name: FlvtoMac.dmg

OSX/VSearch-A    file name: VSearchAgent

We did a cleanup and now things seem to be running fine.

Thanks for your help!”

NOTE: Geonei-A is a common piece of Adware that is often hidden in free downloadable software.

The second reminder came when we saw an email from a hacked user’s account containing a malicious link to a Thai restaurant located in Arlington, Massachusetts called “” WARNING: DO NOT VISIT THIS WEBSITE! Google is usually very good about identifying risky or dangerous websites but this time Google missed the mark.

1-Google eval of infected Thai site

We clicked the link to gather some contact information so we could inform the business owner that he/she had a problem. Here’s what popped up next…

1-High Risk website blocked

BOOM! Sophos saved us! We looked up the malware “HTML Gen-A” and learned that it can infect Apple computers too!

So, if you have a Mac and don’t already have AV software installed give yourself some piece of mind and install it!


Compare Medicare Provider Rates

We know we’ve spoken about this in recent newsletters but the scammers have really turned up the heat as the enrollment deadline approaches. We’re seeing hundreds of these scams disguised as medicare provider evaluation emails and in several different designs. Everyone of the emails we have seen so far have been malicious, here’s an example (be careful).

2-Compare Medicare Provider Rates

Notice that the sender’s email address ends in the 2-letter country code “.at” which means that the domain is hosted in Austria. (You can look up hundreds of 2-letter country codes at Wikipedia and check out our video about 2-letter country code scams

The email says you can unsubscribe from Medicare Providers in El Segundo, CA and they are indeed a real business but they didn’t send this email! (But the real website is

We’re seeing a significant increase in scams coming from websites hosted in Austria. Check out this small snapshot of scam domains:

2-Scam websites in Austria


Black Friday Sales!

Here’s another example of targeted American culture and the misuse of domains pointing to Austria lately. The really important thing to notice here is that the scammers are well aware of the mega-shopping day known as “Black Friday” and are ramping up their bogus ads. It is so important to mouse-over and look carefully at the links embedded in advertising. If it doesn’t look or feel right, or point to a well known store domain, don’t take the risk. Delete, delete, delete!

3-Black Friday Tires special

This website is actually being hosted on a server in Bulgaria according to the WHOIS lookup.

Finally, we leave you with two very nasty tricks we saw this past week that have been very successful in fooling people in the past… The first is an official email “from Docusign” saying you have an important document to view. It looks very official and legal but it is anything but!

4-Docusign documents from AT&T

And the last are fake notices that look like merchandise to bid on at the bidding site known as The email says it is “from” This is not the same as!

Surf safely!