Please support our effort by making a small donation. Thank you!

x

November 30, 2014

Spam, including scams, had the largest decrease during the Thanksgiving week that we have seen since…. Well, since last Thanksgiving! Even Christmas 2013 didn’t show as prolonged and significant a drop. We can all give thanks to that! However, not to be disappointed, we saw some very clever and targeted scams, including one phishing scam with a terribly offensive outcome. (Read below.) Before we tell you about this week’s stories, check out these three scams that targeted shoppers for “Black Friday” deals:

1-Amazon black friday bonus rewards 2-Black Friday Dish TV deals 3-Shop Black Friday furniture deals

Your iCloud Account Has Been Locked

We’ve seen many phishing scams disguised to look like emails from Apple computer. The scammers usually try to register a domain that sounds official such as this sender’s domain “CloudHelpCentre.eu.” A mouse-over of the link “>>>Certify My Apple/iTunes ID” points to the website “account-securities.org.”

4-Apple account frozen 1

We decided to do some digging into this obvious scam. First we checked a WHOIS service to learn that the site was registered by someone in Great Britain with the registering service eNom.com on the day the scam email was sent. This is a typical scammer trick.

5-Apple account WHOIS results 2

We actually wanted to visit the website “account-securities.org” because we guessed it was a phishing site to collect Apple account passwords, so we checked with the Zulu URL Risk Analyzer to make sure we weren’t going to infect our computer. Zulu didn’t find anything malicious. (Zulu also didn’t correctly identify this as a phishing site! It isn’t a perfect tool but it is still one of the best.)

6-Apple account Zulu score benign 3

So we paid a visit to the full link in the scam email and here’s what we found. A well crafted phishing site:

7-Apple account phishing site 4

Our curiosity got the better of us so we entered the Apple ID of bob@bobthebuilder.com and a password of “IhateScams” and clicked “sign in.” What happened next was completely unexpected and offensive. We were immediately redirected to Google in the UK and automatically on a search for child pornography!

8-Apple account redirect to child porn 5

The people that produce these scams are the scum of the earth. We’re reading “Spam Nation” by Brian Krebs and learning that the same criminal gangs in Russia and Eastern Europe (e.g. Eukraine) who are responsible for the vast majority of spam in the world have also made tens of millions of dollars over the last decade by selling child porn across the Internet. We hope there is a special place in hell waiting for these men.

Fax or Download Waiting For You

Scammers try many different tricks to socially engineer your behavior and the trick that is often very effective is to tell a person that there is a fax or file waiting for them to download. Everyone likes the feeling of being told that there is something waiting for them…. Like a present. But not. Here are two recent examples:

9-Download dropbox doc I shared

This Google Doc email from “Sally” came from a hacked legitimate email account. The lnk leads to a URL shortening service called “TinyURL.” URL shortening services redirect visitors to other websites and it is often very difficult to know where you end up on the Internet, until you arrive. One website that will try to unshorten shortened URLs in advance is http://unshorten.it/ 

 The second email of this type we saw was about a fax waiting for you. The scammers didn’t even try to hide the hacked website in Greece that is being misused to deliver malware to your computer. (Notice the 2-letter country code in the link: .gr )

10-Three page fax for you

Your Verizon Account Has Been Locked

This email looks so professionally crafted to appear as a Verizon email but the sender’s address is not Verizon and a mouse-over points to a link located in Sierra Leone (.sl country code) Enough said?

11-Verizon account information


Finally, we wanted to leave you with a scam that is so clever in the way it appeals to our everyday household behaviors… We don’t know about you but our spice cabinet is a mess and sure could use some organizing!

12-organize your spice shelf

 

 

 

 

 

 

 

 

 

Surf safely!