The scammers have surprised us! We saw several new scams this past week including a few we’ve included in this week’s newsletter. There were bogus Kohl’s Gift cards, sensational news about Martha Stewart and Rachel Ray (What have they got against these women?), ADT Home Security offers, online roofing quotes (What homeowner wants a quote for a new roof online?) and more. So much more! We almost kicked the week’s “thumb’s down rating” to a 5-thumb’s down week due to the uptick in spam and scams. Read on for some of the lovely highlights…
Apple and iCloud Accounts
Once again, the scammers are targeting Apple owners with phishing emails designed to capture LOTS of personal information including their Apple login ID and password. Check out the two below. Things to notice….
a) The emails are filled with too many typos to be professionally sent by Apple. Many words are missing space separation between them, e.g. “youraccount”
b) Neither of the sender’s email addresses are actually FROM Apple.com (Keep in mind that the sender’s email address can be spoofed so a correct FROM address is no guarantee of legitimacy.)
c) A mouse-over of the primary links to verify or update your information does NOT point back to an Apple.com website. In fact, the links point back to very strange websites:
These are very clearly phishing scams but we were very curious about the domain names the scammers were using so we used a WHOIS tool to look them up. Here’s what we learned about the domain from the second email:
Notice that the creation date of the domain “myios8cloud.info” is October 8, 2014, the same day that the scam email arrived. Just delete.
Sensationalist News (The “bread and butter” of scammers)
Sometimes it is so very hard NOT to click. Many of the tricks used by the scammers employ social engineering to manipulate the recipient to click or download a file. (For more about social engineering and scams, visit our article “Why is it so hard to resist the urge to click?” Perhaps the more sensational the news or information, the more curious people become. Drinking milk is worse than smoking? Really?
Follow me for the shocking story….click.
In case it isn’t already clear, the point of enticing the email recipient to click is to infect his or her computer with malware. Whatever type of malware is installed will ultimately benefit the scammers financially. Bad news for the computer owner.
Gift Cards: Groupon and Rite Aid
Keeping with the scammers continuing effort to target folks with bogus gift cards and coupons, we had a hard time picking which two to show you. We settled on these because we had never seen them before.
Notice the mouse-over for both of these scams reveal that the primary link points to a newly created domain “.link” (dot-link) The only folks we have found to be using this newly released domain are the scammers. “Getnewcouponsnow.link” is a far cry from Groupon.com!
Finally, we like to leave you with something a little funny or interesting in the world of Internet scams but this week we have three…
1) This week we saw a burst of stock tip scams. Here are just a few of the many emails hitting one email server. (On the right) Notice all the different email address senders. Many of these addresses end in two letters. These are 2-letter country codes. Can you guess the countries of origin? UK may be easy but what about “es” or “de”? Check out our video about 2-letter country code scams.
2) Have you ever heard about the “mugged in London” email scam? It was very popular a couple of years ago. We just got this variation of it (on the right)… Same basic scam. A person’s email or social media account gets hacked and the scammer impersonates the account owner. He or she claims they are stuck overseas because of some horrible event and need money. Yup, please send money…
3) Scam texts are a distant third to the volume of scam emails followed by social media scams but the scam texts are gaining ground. This one (on the right) was shared with us just recently by a thirteen-year-old. We’ll be honest and say that we haven’t quite figured out how the scammers are making money but we are 100% certain it isn’t legit. If you receive any scam texts, screenshot them and email them to email@example.com! Help us build our library of scam texts.