Please support our effort by making a small donation. Thank you!


September 2, 2015


We were thrilled to see a few new tricks during the past week and also new variations of old tricks. Scammers have often targeted dog-lovers with malicious emails but this is the first time we saw a malicious email target cat owners. We also continued to see many email “ALERTS” about shocking videos and “someone viewing your criminal or personal records” yada, yada, yada. Fortunately, we received an email to help us manage our anxiety about all those people looking at our private records!

1-Savings on Cat Food




2-Shocking video reveals church coverup

3-Manage Anxiety













Sample Scam Email Addresses

#1 Method to Restore Your Hearing

8%–returns.. compare annuity rate Quotes

$5000 deposited to your account (this week)

ALERT: Your Court Report has been Reviewed Record #3414283

Costa Rica Travel Guide

Dr. Oz: She 10# in 15 days, Ships Free 8/30/15

Experienced and aggressive Personal injury Lawyers!!!

Free a Family – member from addiction.

Greetings Dear Friend

Important Notice

Toxic bug makes you fat

Unable to deliver your item, #0000355209



Sample Scam Email Subject Lines

Eharmonypartner-(your email address)







Phish NETS: Apple GSX Access Blocked

Fortunately phishing scams were hard to find this past week. However, this “Important Update” scam we found was very artfully crafted and contained a very risky attached file. The scammers used a domain look-alike trick in the from address so it seemed to come from The domain is a legitimate website but not Apple Computer’s website. The legitimate Apple “Global Service Exchange” website is

What makes this scam possibly more risky than just a phishing site meant to capture login credentials of those who offer repair services of Apple computers is that the attached file is a web document (.htm file). A web document can have all kinds of code in it that will instruct a web browser to do various things. This can include code to retrieve/deliver malware, notify someone on the Internet with information about the user who opens the file, etc. Please visit our article “File Names Will Set You Free.”





YOUR MONEY: Marriott Gift Card, Labor Day Clearance Sales

Our readers should recognize the design of this next scam. It has been used many times before but with the names of other businesses such as CVS and Amazon. The email came from  This is a perfect opportunity to remind our readers that anyone can create an email with any username in front of the “@” symbol but that username doesn’t make it true. “MariottCustomerRewards” is no different than seeing “JohnSmith” or “putmynamehere.” What is most important is to look at the domain name that follows the “@” symbol:  And if you think for a moment that it will help you to click the Opt out link at the bottom of the email, do not click! Read our article Unsubscribe me…Not!

5-Marriott gift card 50 dollars








Scammers often link their scams to major events and holidays, such as Labor Day. Check out the email below that seems to be about a blow-out cybersale from for Labor Day. The email comes from and the link leads to, not Also notice that the Labor Day sale expires on the day the email was sent (hurry now to take advantage….) and before Labor Day is here! Anyone can say anything on the Internet and get away with it! In case you had any doubts, check the Zulu URL Risk Analyzer’s score for the website. Just delete!

6-Labor Day clearance sale








7-Labor Day clearance sale- Zulu score









TOP STORY: Sex Manipulates Internet Traffic to Dangerous Websites

Remember the adage “sex sells?” That is certainly true on the Internet as well. And this explains why sexual content is often used to entice people to click links and visit websites that result in computer infections, financial losses, and other serious consequences. Below are a variety of scams related to sex/porn that targeted people during the past week. The first is an email invitation that seems harmless from a woman named Gretchen. There are no links or attached threats that may be threats and “” simply seems interested in getting to know you.  Though there is an insurance company by this name which registered its website in 2004, there is no guarantee that this email came from that company or from anywhere in the United States. (Notice the bad grammar and spelling… “you was online 3 days ago” and “Hellow”) Innocent email contact is often the first step to manipulate the recipient.


8-My name is Gretchen


Check out this blatant porn email to “meet sexy singles for free!” Before your curiosity gets the better of you, know that the website was registered in Russia (dot-ru) just ten days before the email was sent and the Zulu URL Risk Analyzer states that it is hosted in China.  Also both Websense ThreatSeaker and the Zulu URL Risk analyzer have identified this website as malicous.

9-Meet Sexy Mates-ru



10-Meet Sexy Mates-ru Zulu Score




11-Meet Sexy Mates virustotal score

Finally, in this week’s top story we wanted to turn your attention to the app called Tinder. Tinder says that it is “a fun way to connect with new and interesting people around you.” Parents should be forewarned that this is a VERY ADULT app with many risks and is primarily used by college students and twenty-somethings to meet/hook up. However, Tinder users are also targted by phony text messages such as this one below from “Paulene.” The link in the text message is a shortened URL and purposely obfuscated. Using the website, we were able to demonstrate that the shortened link points to a live sex cam porn site displayed in German. Ownership of the site is hidden behind a WHOIS Guard proxy service. Caveat emptor.













So the next time your sexual curiosity takes you onto the Internet, we recommend keeping a very healthy dose of caution by your side. If you know of any young adults using Tinder, though they may roll their eyes at you, please urge them to raise their awareness about scams that target Tinder users. Here are several articles worth sharing:


FOR YOUR SAFETY: Tricks to Engineer Your Clicking Behavior

During the past week we saw many samples of short malicious emails meant to produce a click. Some of these emails were sent to us from our readers. Thank you! Each of the attached files or links in these emails results in a computer infection. (Didn’t we mention you should read our article Filenames Will Set You Free? These emails claim to be EZ Pass notices, FedEx deliveries, attached resumes, fax notifications, and even Visa card payment notices. (And yes, Word documents can contain malware.)







16-Resume attached




17-You have a fax - zip file




18-Visa Card Payments this month







ON THE LIGHTER SIDE: Mystery Shopping Opportunity!

We’ve needed to get some back-to-school shopping done and coincidentally received this email that couldn’t have been better timed! Shop AND make money! We are so psyched! We emailed our reply to Mr. White right away so we won’t miss our chance! (By the way… We reported on “mystery shopping” scams in our July 15, 2015 newsletter!)

Until next week. Surf safely!