New Scam Email Promises $16m

Posted by on 25 January, 2012 No comments

Here is a new scam email. It scams begin with a confusing story about millions of dollars and some official sounding name dropping (the FBI).

If you look closely you’ll see many spelling and grammatical errors. Also, the email was not sent from the FBI – you can see this in your inbox if you place the mouse pointer over the sender.

The emails is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Sir,

We the Federal Bureau of Investigations (FBI) Washington, DC in conjunction with some other relevant Investigation Agencies in the United states of America and right now in West Africa, headed by Wayne Mitchell (RPO), we understand that your fund has not yet been transferred to you do to an Outrageous Conduct.

We have to let you know the truth because we know that you have gone far in trying to get this fund and you must have paid some amounts of monies to persons you are not supposed to give out a dime to. Through our Global Networking Investigation, we discover that your fund (Sixteen Million United States Dollars $16,000,000.00 including the accrued interest is among the funds ON HOLD in West Africa (Ghana) do to one or two reasons which you have not been told.

As the Executive Director, Federal Bureau of Investigation FBI and a Principal Officer, We strongly know that the people you have been dealing with are not going to tell you the truth because they are all Criminals. You are hereby advised to stop every communication with any Office and feel free to explain to this Bureau why your fund is not yet released to you.

As a matter of fact, we do not have enough time to waste since we have consumed much time in going through your Payment files to ensure that these Funds are genuine and legit. On this Effect, this instruction requires urgent attention because the release of your fund is due.

We awaiting for your urgent response,

Sincerely,

Robert Muller III
FBI Director Headquarters

If you reply to the email they’ll make their story even more complicated and start asking for your bank account details. Their reply is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Kind Attn:

This is to bring to your notice that we have received your mail today.

We understand that your fund has not yet been transferred to you do to an Outrageous Government Conduct which you have not been told. What a mess? though the FBI expertise and the investigation teams has officially instructed the holding bank to release your long awaited fund valued the sum of Sixteen Million United States Dollars $16,000,000.00 to you with immediate and effect.

The financial expertise and the investigation team has resolved to the fact that the fund is genuine therefore you have to stop every communication with any Office and feel free to contact the holding/ paying bank with your banking details through the below contacts information for your fund to be release to you:

MERCHANT BANK GHANA LTD
Contact Person: Managing Director
Email: merban@accountant.com
Phone: +233-247630112
Fax: +233-303403381

Do this and let us know if there’s anything you do not understood so that we can give you further instructions to back you up for this claim.

Sincerely,

Mr. Robert Muller III.

If you see this email, mark it as spam, or delete it.

 

Scary emails with malware

Posted by on 22 September, 2011 No comments

Malware infected emails are getting scarier with subjects about wanting to sue you. Take the email below, it suggests that your email is sending spam and that you’re going to be sued. This kind of tactic is called social engineering, the words have been carefully crafted to add a sense of urgency, which in most people causes irrational decisions to be made such as opening the attachment in the email.

The email says,

Hello. Your email is sending spam messages! If you don’t stop sending spam, we will be impelled to sue you! We’ve attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!

The subject is one of

  • You are sending ad messages
  • We are going to sue you
  • This is the final warning
  • We’ve sent you a copy of a complaint
  • A message from our security service

If you see an email like this don’t click on the attachment. Delete the email. The attachment is a trojan that then installs viruses every time you reboot the PC.

 

Australian Taxation Office – New Rules

Posted by on 15 September, 2011 1 comment

The following email is a scam. It encourages you to click on a link about tax, but instead takes you to a website that tells you your computer has a virus. This is where the scam comes in – you don’t really have a virus. They just want to sell you a fake antivirus product.

The email says:

Australian Taxation Office informs you about the changes in the rules of submitting tax report.

Please, read about the changes to Click Here.

Important to know
We do not offer cashier services for tax payments or refunds. For further information on how to pay your taxes, see How to pay.
(http://www.ato.gov.au/content.asp?doc=/content/33696.htm) 

We are kindly asking you to keep to rules and terms of tax report submission to avoid penalty. 

Best regards,

Andrew Nichols
Australian Taxation Office

If you see this email, don’t click on the links. Delete it.

How can you be sure if it’s real or a scam?

Place the mouse pointer over the links, but don’t click. You should see the real address popup. If it looks dodgy then it’s probably a scam. See this screenshot,

Fake ATO emailThis type of scam email is common. Always use this trick to judge if the email is legitimate or a scam.

 

Security Questions

Posted by on 9 September, 2011 No comments

Have a look at the following screenshot and try to guess what’s wrong with it?

preferred internet password

 

This screenshot was captured from the US National Archives’ signup page (click here then click on New User). It asks for a challenge question and challenge answer, in case you forget your password. The problem here is one of the questions, “What is your preferred internet password?“.

Why would you give someone this information?

Challenge questions and answers are a way to recover lost passwords. Unfortunately this information is often not encrypted – it’s less secure. So whatever you set for your challenge question and answer is sometimes vulnerable to hacking. Also, the questions are often things that other people can easily find out about you, like your pet’s name. This is why I don’t like them.

Poll:

$114b Industry

Posted by on 8 September, 2011 No comments

Which industry made $114 billion in the past 12 months? Cybercrime did.

According to  Norton’s Cybercrime 2011 report, criminals stole US$114b worth of money using the internet. This is a serious problem. Think about where all that money came from? Who do you know that had stolen from their bank account, credit card, or other cases of fraud?

Here’s a breakdown the US$114b:

  • USA: $32b (74 million victims)
  • China: $25b
  • Brazil: $15b
  • India: $4b
These figures are calculated from survey results, so they’re not completely accurate but they do give a very good indication of the problem. The report also estimated that more than 1 million people lose money to cybercrime every day. That’s a lot of people!
Poll:

Facebook Security Guide

Posted by on 31 August, 2011 No comments

Facebook’s security and privacy have never been perfect but they’re now starting to take it more seriously. Maybe some strong competition from Google+ has something to do with it.

Facebook have published a security guide and it’s quite good. It covers topics like recognising scams, recognising hacked accounts and how to use SSL connections. All good stuff! For example,

The common scams offer prizes like free  virtual objects. Other lures claim that your account has been suspended and provide a link for you to remedy the problem.

If you use Facebook at all I recommend reading through the guide. I also strongly suggest you print it out and lend it to your friends and family – people who might not be able to do their own research on security.

The more people understand security on Facebook the better it will be for everyone. Click here for A Guide to Facebook Security.

 

Sharing Your Location Online

Posted by on 30 August, 2011 No comments

locationThere are many ways now to share your current location, including

  • Foursquare
  • Facebook Places
  • Bing and Google have their location sharing systems

It’s a popular thing to do. But have you ever had a good think about the pros and cons of doing this?

Pros:

  • It’s fun, everyone does it
  • It’s a novel way to share your life with friends and family
  • If you have good locks and security in your home then it might not matter
Cons:
  • You lose some privacy, both for yourself and for those you’re with
  • You could be letting people know that no one is at your home, potentially encouraging intruders 
Poll:
Post comments below, share your thoughts on location sharing sites.

Hotel “Wrong Transaction” Spam

Posted by on 28 July, 2011 4 comments

Lately there have been some spam emails claiming to have details about an incorrect hotel transaction. The email is a ploy to install malware on your computer. Here’s how it works,

  • You receive an email telling you that a hotel has incorrectly charged your credit card
  • The email also says that you should fill out an attached form for a refund (i.e. open an attachment and get some money)
  • The attachment installs a fake antivirus program
  • The fake antivirus program asks you to pay money to clean your PC (even though there’s really nothing wrong with it)
This spam email has many variants but they all seem to be based on a hotel transaction. Below are some example subject lines
Hotel Renaissance Chicago made wrong transaction
Hotel Westin St. Francis made wrong transaction
Wrong transaction from your credit card in Woodrun V Townhomes
If you see an email like these just delete it, or mark it as spam. Don’t open the attachment.

Google’s Malware Warning Screen

Posted by on 20 July, 2011 No comments

Google has added a new feature to its search engine – it can now detect if your PC is infected with malware. It’s a clever bit of code that just quietly watches for unusual activity.

At the moment it only detects one strain of malware, but since it’s transparent and non intrusive it’s a good thing. Also, this is only relevant to Windows.
Google Malware Warning

So if you see this message, your PC is probably infected with malware. Google suggests some steps to remove it, and you should really buy and install an antivirus program to prevent further problems.