Please support our effort by making a small donation. Thank you!

x

September 23, 2015

THE WEEK IN REVIEW

During the past week TDS saw a sharp increase in fake gift cards and consumer rewards, usually valued at $50. As you’ll learn below, all contained links to malicious websites.

Before we move on to this week’s scams we wanted to remind our readers to read our newest feature article posted last week about a brilliantly simple but scary scam… Underage Girl Sext Scam

Sample Scam Email Addresses

AARP- Health Insurance Starting at $30/mo. Policy #14184455

Aetna – Save Hundreds on Your Health Premium #17078312

Attention: Beneficiary

Borrow from a trusted resource

Carrier Furnace Savings expires 09/19/15

CBS News Release: Four Warning Signs You Are About to Have a Heart Attck

Fox News: Ancient medicine gives hope for MS patients

Hello

I saw this_on ABC News lastnight

Job Listings: Start at $3.5/mo., (5) positions available

Ontario and Lotto Max Online. View Attached and Claim Your Reward.

Southwest Air Thank You Travel Voucher, No. 13514224

Sample Scam Email Subject Lines

AlcoholismHelp@commodated.help

Callie-Gill@brightgables.pw (note 2-letter country code for Palau, an archipelago in Micronesia)

CVS-Bonus@etchrewardssips.win

DentalImplantoptions@rowisa.eu

HomeSecuritySystems@appials.help

Hotel-Deals@fastgrace.racing

Marriott-Gift-Card@withoutgrain.faith

One.Week.Fantasy.Football@closetguard.pw

Off-GridFreedom@weveir.help

OnlineCulinaryInstitute@imarkkaelin.help

Prevent-Your-Heart-Disease@shootfox.space

Sears-Bonus@padgifttagshob.review

TV-Mr.LidContainerSet@startgreens.faith

WIRED.iPad.Report@viahospitality.space

 

 

 

 

Phish NETS: Phishing Survey Disguised as Smartphone App JUST EAT

In Phish Nets this week we surveyed the web to learn some of the phishing scams that others discovered and reported on. One of the most clever scams targeted users disguised as a survey from a smartphone app called Just Eat.   It was a very clever scam and reported in detail by Simon Robinson on the public blog Medium.com. It’s worth reading…

Here are a few more samples of phishing scam from around the Internet during the past week:

  1. Debit Card Phishing Scam – First reported in New Jersey, these scams are actually targeting residents by phone. The scammer states that the account holder’s debit card has been locked and they need to provide information to unlock it. Learn more about this scam
  2. The News Sentinel in Fort Wayne, Indiana is reporting phishing scams targeting businesses by pretending to be an email from the Better Business Bureau (BBB) and asking recipients to take a survey. Learn more about this scam
  3. Binghamton University (New York) Sophmore falls prey to email phishing scam. Seen it a million times. Hacked account then targets all her friends. Learn more about this scam
  4. The website Scamicide is reporting a Google Docs phishing scam meant to steal a lot of personal information by offering a job opening. Learn more about this scam

 

YOUR MONEY: Coupons, Gift Certificates and Reward Vouchers

Coupons, gift certificates, and reward vouchers were a dime-a-dozen all week long! As usual, the scammers heavily targeted Amazon, Walgreens, and Southwest Air. But we also saw similar scams targeting BJ’s, Marriot, Sears and others. As best as we can tell, all of these scams lead to malicious files and/or are meant to steal personal information.

You’ll see by the common designs that these are most likely being pushed out by one or two criminal gangs we’ve talked about in past newsletters. All the links lead to odd top-level domain names such as dot-date (.date), dot-win (.win), dot-top (.top) and dot-racing (.racing). Just delete! And then read our article Exposing Gift Card Scams.

 

 

4-Sears reward voucher 50

5-Walgreens 50 reward

 

 

TOP STORY: Payment for Tax Refund

The simple email below was very cleverly crafted. The “from” and “reply-to” addresses were spoofed to appear as though they came from Office@irs.gov but they did not. As far as we can tell there isn’t even an IRS form 50579U. And the links in the email do indeed lead to the legitimate United States Government IRS website. The danger is in the attached zip file. It contains dangerous malware ready to infect PC computers. This was a very cleverly created email meant to generate enough curiosity to produce a click and, as a result, infect your computer.

We cannot emphasize enough how important it is to recognize risky file types that can be attached to emails, texts, and web links. Read our article Filenames Will Set You Free!

 

FOR YOUR SAFETY: American Airlines, Fantasy Football, eHarmony and Pet Coupons

The four scams below couldn’t be any more different from one another but they all have malicious intent and lead to computer infections. The American Airlines email contains a zip file containing malware while the other three have embedded malicious links. Notice that the eHarmony email doesn’t come from eHarmony and the link in it doesn’t lead to eHarmony.

 

 

 

 

10-Pet Coupons

 

 

 

 

 

ON THE LIGHTER SIDE: Quibids Deals on Macbook Air

We’re always looking for deals on electronics to feed our technology addiction! Good thing we got this notice for MacBook Airs as low as $36.60! But we have to hurry! Time is running out! Until next week , surf safely!

Until next week. Surf safely!