Police in Burwood, Sydney, Australia, are investigating recent fraud cases whereby local women were targeted in online dating sites. The women are lured into an online relationship, complete with emails and phone calls, and once they gain their trust they ask for money. The con artists in these cases are based in Singapore and Malaysia.

In one case a lady sent over $100,000. And in nearby Erskineville a woman was tricked into sending $275,000 to a con artist in England.

The scam begins with an ad on an online dating website, targeting asian women in Sydney. They describe themselves as wealthy bankers or businessmen. They send photos, stolen from other websites on the internet. They lure their victim along for up to six months, gaining their trust, and eventually start asking for money.

These scams happen all over the world. Please help raise awareness by talking about this issue with people you know.

Note: because I used the words “online dating”, Google has placed ads on this page with links to online dating websites. Some people who post ads on these sites are not genuine, use your own judgement here.

If you run a website sooner or later you’ll see spam in the comments. Here are some tips for recognising them:

Spam comments are very vague. Instead of discussing your content, it says something very generic, such as “your website is great”. E.g.

naturally like your web-site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I to find it very bothersome to inform the reality nevertheless I will surely come again again.

There is nothing useful in this comment, and it could apply to anyone’s website. So obviously it was sent to every website they could find hoping someone clicks on their link.

Another place to look is the sender’s URL. Some website software such as WordPress allow commenters to include their URL (their web page). Look at it closely, if it says something like paydayloansonlinecash.com then it’s spam – they’re trying to make money off your site.

Facebook has a new “Timeline” feature. At the moment it’s optional but soon all Facebook users will have it. Some people aren’t happy with timeline, so scammers have stepped in to “help”.

If you see something claiming to help you remove the Timeline feature in Facebook, it’s likely a scam. It starts with someone claiming to have instructions on removing Timeline. If you click on the link, spam is added to your Facebook profile. Another variation asks your Facebook friends to provide their details to the scammers. 

Some variations of the “Remove Timeline” scams are a little more complicated, and install software on your computer. To cover up the fact that it isn’t really helping you it says that it will take up to 24 hrs to take effect. This is just a trick.

If you see a scam like this on Facebook, ignore it, or click on the “Report App” button on the left menu – this will alert Facebook staff about the scam app (this is only visible on Facebook Apps).

At the moment there is no official way to remove the Timeline feature – I’ll update this post if this changes.

Here is a new scam email. It scams begin with a confusing story about millions of dollars and some official sounding name dropping (the FBI).

If you look closely you’ll see many spelling and grammatical errors. Also, the email was not sent from the FBI – you can see this in your inbox if you place the mouse pointer over the sender.

The emails is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Sir,

We the Federal Bureau of Investigations (FBI) Washington, DC in conjunction with some other relevant Investigation Agencies in the United states of America and right now in West Africa, headed by Wayne Mitchell (RPO), we understand that your fund has not yet been transferred to you do to an Outrageous Conduct.

We have to let you know the truth because we know that you have gone far in trying to get this fund and you must have paid some amounts of monies to persons you are not supposed to give out a dime to. Through our Global Networking Investigation, we discover that your fund (Sixteen Million United States Dollars $16,000,000.00 including the accrued interest is among the funds ON HOLD in West Africa (Ghana) do to one or two reasons which you have not been told.

As the Executive Director, Federal Bureau of Investigation FBI and a Principal Officer, We strongly know that the people you have been dealing with are not going to tell you the truth because they are all Criminals. You are hereby advised to stop every communication with any Office and feel free to explain to this Bureau why your fund is not yet released to you.

As a matter of fact, we do not have enough time to waste since we have consumed much time in going through your Payment files to ensure that these Funds are genuine and legit. On this Effect, this instruction requires urgent attention because the release of your fund is due.

We awaiting for your urgent response,

Sincerely,

Robert Muller III
FBI Director Headquarters

If you reply to the email they’ll make their story even more complicated and start asking for your bank account details. Their reply is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Kind Attn:

This is to bring to your notice that we have received your mail today.

We understand that your fund has not yet been transferred to you do to an Outrageous Government Conduct which you have not been told. What a mess? though the FBI expertise and the investigation teams has officially instructed the holding bank to release your long awaited fund valued the sum of Sixteen Million United States Dollars $16,000,000.00 to you with immediate and effect.

The financial expertise and the investigation team has resolved to the fact that the fund is genuine therefore you have to stop every communication with any Office and feel free to contact the holding/ paying bank with your banking details through the below contacts information for your fund to be release to you:

MERCHANT BANK GHANA LTD
Contact Person: Managing Director
Email: merban@accountant.com
Phone: +233-247630112
Fax: +233-303403381

Do this and let us know if there’s anything you do not understood so that we can give you further instructions to back you up for this claim.

Sincerely,

Mr. Robert Muller III.

If you see this email, mark it as spam, or delete it.

The following email is a scam. It encourages you to click on a link about tax, but instead takes you to a website that tells you your computer has a virus. This is where the scam comes in – you don’t really have a virus. They just want to sell you a fake antivirus product.

The email says:

Australian Taxation Office informs you about the changes in the rules of submitting tax report.

Please, read about the changes to Click Here.

Important to know
We do not offer cashier services for tax payments or refunds. For further information on how to pay your taxes, see How to pay.
(http://www.ato.gov.au/content.asp?doc=/content/33696.htm) 

We are kindly asking you to keep to rules and terms of tax report submission to avoid penalty. 

Best regards,

Andrew Nichols
Australian Taxation Office

If you see this email, don’t click on the links. Delete it.

How can you be sure if it’s real or a scam?

Place the mouse pointer over the links, but don’t click. You should see the real address popup. If it looks dodgy then it’s probably a scam. See this screenshot,

This type of scam email is common. Always use this trick to judge if the email is legitimate or a scam.

Lately there have been some spam emails claiming to have details about an incorrect hotel transaction. The email is a ploy to install malware on your computer. Here’s how it works,

• You receive an email telling you that a hotel has incorrectly charged your credit card
• The email also says that you should fill out an attached form for a refund (i.e. open an attachment and get some money)
• The attachment installs a fake antivirus program
• The fake antivirus program asks you to pay money to clean your PC (even though there’s really nothing wrong with it)

Hotel Renaissance Chicago made wrong transaction

Hotel Westin St. Francis made wrong transaction

Wrong transaction from your credit card in Woodrun V Townhomes

Australia’s National Broadband Network (NBN) is slowly but surely being rolled out, already covering some parts of Tasmania. Certainly this has been advertised and discussed in the region, raising local awareness. Unfortunately, scammers have used this publicity and gone door knocking in parts of Tasmania that don’t yet have access to the NBN.

Details of the scam:

a salesperson wearing a jacket bearing the logo of a telco is going from door to door in Hobart telling customers that they can only get on the NBN with that particular telco. The alleged salesperson also made errors about broadband speeds, and was unfamiliar with the local area

So there you go, if someone tries to sell you something to do with the NBN, get it in writing and do some research. Details here.

Another Facebook scam. This one works like most others, you see an interesting post by one of your friends. You’re tempted to click on a link, then the trouble begins. This one is about Casey Anthony with a message saying,

“BREAKING NEWS–Leaked Video of Casey Anthony CONFESSING to Lawyer!”, don’t believe the hype. Please. Don’t say I didn’t warn you

If you see this don’t click on it, it’s a scam.  If you click and try to watch the video it accesses your Facebook profile and spams all of your friends. It then takes you to an online survey that makes someone else money. Then your friends will also have the scam posted from their own Facebook accounts, spreading the scam down the network.

If you see this message on Facebook let them know it’s a scam. Don’t click on it.

A new Facebook scam starts with a message saying,

Enable video calls

This scam installs a malicious app in your Facebook account that reads through your profile and spams all of your friends. The malicious app then sends them to an online survey that has nothing to do with Facebook.

Facebook does have a video feature but you don’t need to click on someone’s post and enable a Facebook app to enable it. So why would one of your friends post a link to malware? They probably don’t know, malware has a way of using people’s Facebook accounts to advertise itself.

If you see a message like the one in the post above, let your friend know it’s a scam.

The right way to use Facebook video is by opening up the chat window then clicking on the icon of a video camera,

This scam has appeared on Twitter recently. There are a few minor variations but they all seem to work the same. It starts with a Twitter message saying,

I will follow back if you follow me

There’s a link at the end of the message that goes to a web page. On this page are two signup options, one free and a paid one called VIP.

The free one asks for your  Twitter username and password. It then asks prompts Twitter to grant you access to your account. You should not enter these details into any untrusted service.

Once they have your account password they send spam using your Twitter account, sending them to this same web site.

The VIP service is just as bad. It asks for your credit card details and Twitter account details, promising hundreds of Twitter followers. People who fall for this also end up sending spam from their own account, with the added risk of losing money.

Please help stop this scam by letting people know about it.

I received a phone call that began with

Can I speak to the user of the computer?

Then the caller started explaining he’s from Windows. I hung up, frustrated, because it’s a scam. Never believe anything like this from an unsolicited caller. Talking to other people it’s evident the scam involves the caller gaining remote access to your computer, installing spyware, then invoicing you for their time.

Have you received phone calls like this? Care to share your experience?

Update: List of phones numbers these calls have come from:

• 00496075278802 [UK]
• 760 429 2887 [USA]
• 760-429-2887 [USA]

The following SMS is a scam,

Congratulations! You have won One Million Euro on orange mobile promotion; send your names and Mobile No. via email to; orange [at] citynew [.] com

Please don’t respond to this message. It’s part of a scam. Just delete it.

This scam uses Facebook to trick people into completing a survey. It starts with an interesting Facebook message like the ones below,

CLICK HERE to see the status udpate that got a girl expelled from school!!

or

OMG… This GIRL KILLED Herself After HER DAD Posted This ON Her WALL!

or

OMG! Look What this Kid did to his School after being Expelled! After this 11 year old child was expelled from his school he went beserk

Anyone curious enough to click on the link is taken to a page that “looks like” Facebook, but isn’t Facebook. Then two things happen:

1. You’re asked to “Like” the page, which adds the scam to your own Facebook wall. This is how the scam spreads.
2. You’re also asked to fill in a survey. This is how the scammer is making money. They’re being paid by a marketing company to fill in these surveys.

And that’s it. There’s no interesting video or article. It’s just a viral scam – it spreads because it sounds interesting.

So if you come across this, don’t click on the links, and let the person who posted it know about the scam.

Thanks to DBM for writing in and letting me know about it. I’m sure that by letting others know about scams we can all help reduce them.

This email claims to be from Skype, offering a new version to download. It’s fake, the link has nothing to do with Skype.

Remember, Skype does not email you and me with links to download. Skype will update itself.

NEW VERSION OF SKYPE 2011 IS RELEASED

Dear Skype Users,

To start New Year 2011 with new features, options and improvements, we’ve just released the new version of Skype Software.

<link removed for security reasons>

New in this version :

* Up to 5-way group video call.
* Redesigned calling experience.
* Improved video snapshots gallery.
* Improved browser plugins performance on some websites.
* Reduced false positives on browser plugin phone number recognition.
* New presence icons.
* Improved handling of calling attempts made when the user has run out of credit.
* Improved access to sharing functionality  

To check and download the latest version , go to :

<link removed for security reasons>

Start downloading the update right now and let us know what you think about it.

We’re working on making Skype better all the time !

Talk soon,

The people at Skype

====================== PROTECT YOUR PASSWORD ===========================
Skype or Skype Staff will NEVER ask you for your password via email. The only place you are asked for your password is when you sign in to the Skype application or our website.

If you see the above email, delete it or mark it as spam.

The following email claims to be from Adobe and suggests to install a new version of Adobe Acrobat Reader. It’s fake. Adobe does not email people asking them to download and install new versions.

The email says:

ADOBE ACROBAT READER 2011 UPDATE NOTIFICATION

This is to remind that a new version of Adobe Acrobat Reader 2011 with enhanced features for viewing, creating, editing, printing and internet-sharing PDF documents has been released.

To check and download the latest version , go to :

<link removed for security reasons>

Start downloading the update right now and let us know what you think about it.

We’re working on making Adobe Acrobat Reader better all the time !

Thanks and best regards,

Adobe Support

© 2011 Adobe Systems Incorporated. All rights reserved.
Adobe Systems Incorporated |343 Preston Street | Ottawa | ON | K1S 1N4 | Canada |

Remember, if you see this email just delete it, or mark it as spam.

Update: There’s now another version of this email, it too is a scam. The email looks like:

Adobe is pleased to announce that a new version of Acrobat PDF Reader was released today with new features, options and improvements.
<link removed for security>
What’s new in this version :
* Read, search, and share PDF files. * Convert to PDF. * Export and edit PDF files * Add rich media to PDF files * Combine files from multiple applications * Increase productivity and process consistency * Streamline document reviews * Collect data with fillable PDF forms * Protect PDF files and content * Comply with PDF and accessibility standards
To get more and upgrade to this version, go to  :
<link removed for security>
Start downloading the update right now and let us know what you think about it.
We’re working on making Adobe Acrobat Reader better all the time !
Talk soon,
The people at Adobe
Copyright © 2011 Adobe Systems Incorporated. All rights reserved.

The following email is a scam, it looks confusing and encourages readers to click on a link. And there are many links in this email, all pointing to a hacker’s virus infected site.

Below is the email, with personal details and all of the malicious links removed:

Dear …,

Thank you for scheduling your recent credit card payment online. Your ($USD) $117.00 payment will post to your credit card account (CREDIT CARD) on 08/06/2010.

Now that you’re making your payment online, are you aware of all the convenient ways you can manage your account online?

Just log on to www.chase.com/creditcards today. Using the "I’d like to…" links for your credit card account, you can access more than a dozen features, including links to:
See statements – Choose to stop receiving paper statements, and see up to six years of your statements online.
See automatic payments – Set up monthly payments to be made automatically.
Transfer a balance – Transfer a balance to your credit card account.
Go to Personalized Alerts – Schedule Alerts to remind you of key account activity.
You can also see past payments you’ve made online by logging on to www.chase.com/creditcards and clicking "See/cancel payments" under "I’d like to …"

If you have questions, please call the Customer Service number on the back of your credit card.

Thanks again for using online payments.

Sincerely,
Cardmember Services

Never trust emails like this, especially if you don’t have an account with the company.

A useful trick to spot these scams is:

• Identify which company the email claims to be from. In this case, it’s a company called Chase.
• Place your mouse pointer over a link, but don’t click.
• Look at the bottom of your screen, you should see the real link it points to. (You need to be using a modern web browser for this to work).
• If the addresses don’t match then it’s likely a scam.

E.g., the email above talks a lot about chase.com. This is a real company in USA. When I place my mouse pointer over the link, my browser says it goes somewhere different. The addresses don’t match, this is a scam. See the picture on the right.

Any unsolicited email that asks you to open an attachment is bad. If that attachment is a program then you can consider it a scam. Below is an email I received with a link to malware. It’s asking me to download and run an unknown program. The email also says it was sent by me, rather odd. I’ve removed personal details from the email,

A new settings file for the <email address> has just been released

Dear user of the <email address> mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox <email address> settings were changed. In order to apply the new set of settings please click to this link and open file((If clicking the link in this message does not work, copy and paste it into the address bar of your browser.)

http://<removed>/ settings.exe

Best regards, <email address> Technical Support.

The words in italics and in < > are my changes, to make it easier to read and search, and to avoid linking to the actual malware.

Any email that looks like the above is suspicious. Any attachment (and especially one that ends with .exe) is suspicious, and when it says that I sent it to myself it leaves no doubt that this is a scam that links to malware.

Learning to recognise these scam emails is important. Relying on virus scanners is good but common sense also helps.

Here’s something that happens every day, a message appears in your web browser telling you a virus was found and to click OK to do a scan. To get straight to the point, this is a fake antivirus program designed to trick you into installing real malware.

If you see this on your browser, close the browser. Don’t click on any buttons. And most importantly, don’t panic. These scams are designed to scare you into making irrational decisions.

Below are screenshots of how it looks (click to enlarge the screenshots):

This type of scam happens on both Windows and Mac computers.

If you receive the following email about SmileWorld delete it, don’t click on the attachment. It’s a scam.

Dear Customer,

This e-mail was send by smileworld.com to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else. Please run attached file and Follow instructions.

(C) smileworld.com

Note how many spelling mistakes and typographical errors there are in the email. A serious company would proof read any emails such as this.

Also, there is no reason for any company to send you unsolicited attachments. It’s a sure sign of a scam.

Some ads have appeared on Facebook and Twitter. The ads are:

• Contratulations. Get a free $1,000 Ikea Gift Card
• Get A Free Apple Ipad Just For Testing It!: Would You Like To Test Apple Ipod? Get Your Free IPad Here Hurry
• Get the Aple iPad Free

Note how many mistakes there are on the second one, a clear sign of a scam.

All of these ads are part of a scam. They take you to a site that asks for your name, address, date of birth, and email. These details are used to send you more spam.

Then you are taken to an online gambling site, hoping that you’ll be tempted to hand over money.

Nearly 40,000 Facebook users have been tricked by this scam, and it doesn’t end there. The same scam is also used for fake food gift certificates, and no doubt will continue to evolve.

If you see scams like these, please don’t forward the message along. You don’t want your friends and family to fall victims of a scam. Do proper research before passing any “bargain” messages along.

Emails like this are scams. They are not legitimate jobs and you should not contact the sender – it’s part of a money mule scam.

Some words in this email can change but the general part of it remains the same:

Hello,
My name is Earnest and our company currently has several positions it needs to fill in your region.
We are a well known company with offices throughout Europe, Asia and North America.
Our current turnover is over 130 million annually and we are still seeking for expansion.
I have 12 vacancies of Financial Assistant that need to be fulfilled immediately.

Major operational duties are prompt receiving and processing customer’s payments for their further transfer according to the specified method. Detailed work scheme will be provided upon request.

I am looking for self-motivated individuals with strong work ethics and ability to schedule work hours effectively.

Requirements:

* Expert skills in managing payments and transfers between our company and clients
* Knowledge of basic payment systems
* Bank account (personal or business)
* Advanced PC and Internet skills
* Minimum 24 y.o.

Benefits:
*Salary plus commissions
*Full reimbursement of banking and Western Union fees.

NOTE: This vacancy is valid for American residents ONLY.

Contacts: <removed>

So if you see an email like this delete it. Don’t fall for the scam.

There is a facebook group that promises some special abilities but it’s actually a bit of a scam. The group is called:

NOW YOU CAN SEE EVERY 1 WHO VIEWS YOUR PROFILE

Apart from the annoying all-caps writing, the group suggests you install a toolbar to make this possible.

You should never install toolbars unless you completely trust the company who made it and really need it. In this case, Facebook didn’t make the toolbar. A stranger did. And you don’t really need it (and it doesn’t do what’s promised).

So do people fall for these things? I looked at this group in Facebook and 146,604 have joined it. That’s a lot of gullible people who don’t understand how Facebook’s privacy works.

There isn’t much information on what the toolbar actually does but it seems to spam your friends. Spamming is not nice (and possibly illegal in some places).

The Nigerian scam goes by a few names and I’ve explained how it works before.

Here is an interview with someone who really scammed people using this technique. He explains how the scam operations work, how much work they put into building people’s trust and eventually take their money.

It’s an interesting read and it’s certainly a different way to learn about these scams and avoid them. It would be useful to show this interview to people who might be new to the internet. Then hopefully less people will fall victim to it.

The full interview is split into three parts:

• Part One
• Part Two
• Part Three

The following email is a phishing scam. It tries to trick people into handing over some account details. The usual trick for phishing scams is to make the email sound important, and there’s a link in the email to make it easier to get to the scammer’s web site.

The phishing email says:

Dear member:

We have recently updated our Online system to include new layer secure authentication. This is intended to provide you with the best security possible when accessing your account.
You will need to update your account in order to continue using your card.

CUA Update

Your ticket code is L690545X.
We apologize for any inconvenience this may cause and appreciate your patience and understanding.
Member ID 690545

The domain name they use is cua-members-australia (.com). After doing some simple research, CUA is a credit union in Australia. Their real address is www.cua.com.au so the one provided is obviously fake, even though it might sound real. Further research shows that the fake address was registered in USA (even though these details could also be fake).

Below is a screenshot of the phishing scam site:

They get straight to business asking for a card number and a PIN. Very private information that no one should ask you.

I’ve written about money mule scams before, here’s another one.

When a scammer has a large amount of money to move, such as stolen money they want transferred into their own bank, they don’t do it themselves. That would make them too easy to get caught.

What they sometimes do is ask other people to transfer the money. They tell these other people that it’s a legitimate job, and trick them into making these bank transactions.

They even go so far as to invent a company in order to recruit innocent people, or sometimes borrow the name of a legitimate company.

One such example is a job ad that claims to be from a US company called Texaco. The scammers sent a forged email with a link to a fake website, made to look like the read Texaco.

The scam email says:

Texaco/Chevron Downstream Europe
  1 Westferry Circus Canary Wharf
  London E14 4HA

Dear Job Candidate,

The TEXACO Online Employment System wish to inform you that your posted information onlinehas been carefully and confidentially reviewed by our Recruitment Team Professionals and we have considered under our current vacant opportunities within the Firm to employ you for work in our company.

TEXACO Online Employment System is affiliated to various job recruitment websites and your information was submitted to us by our online agent that submit job candidate resumes for consideration of employment depending on the vacancies we have in any branch of TEXACO Company Worldwide.

As regards to this, you have been automatically granted this employment to work in TEXACO Oil & Gas Field with a monthly salary of Eight Thousand
Five Hundred Pounds (£8,500).

Kindly acknowledge the content of this message by reconfirming your interest in working for us and indicating your area of job interest, ensuring that you
have quoted your vacancy title below or send your CV with a covering letter.

For further details relating to your employment, kindly send an email to
Texaco/Chevron Downstream Europe H/R Recruitment Service Department
texaco@post.com / http:// texaco.us.ms / http:// texaco.com/portal_default.asp/.

  Regards,
  Paul Matins
  HR Recruitment Manager

This email is a scam. The web site that they give ends with .us.ms – this is not the real Texaco’s domain name.

So the next time you see a job ad too good to be true, consider if it might be a money mule scam. Does the job ad promise to pay an unusually large rate? Is the work unusually easy? Is the job description vague? Is the web address correct? Did you receive the job ad in an unsolicited email? These are all questions you need to ask yourself.

Here’s a combined hoax and malware. Let’s start from the beginning.

People have been posting notes on Facebook about something called “un named app”. It tells you to remove something from Facebook. It’s a hoax. Don’t believe what it says, don’t follow the instructions, and don’t pass it on.

Below are some quotes of the hoax:

ALERT >>>>> Has your facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… It’s an internal spybot. Pass it on

this is real.. i checked and found this app and deleted it… hopefully, my facebook will run better now.

Cannot believe how much quicker mine is running after doing this….

I don’t have this app on my Facebook account but if you do, don’t worry. It’s a normal part of Facebook and you shouldn’t delete it.

Now the second part of this hoax is a real trojan. If you go to Google and search for “facebook unnamed app” you’ll see quite a few results. Some of these results are fake antivirus programs.

A fake antivirus program is actually a trojan. It pretends to scan your PC and quietly installs malware in the background. It goes under the name of Security Tool, it has a fancy detection screen and everything. But it’s definitely bad.

The rule of thumb is that if a web page tells you that your PC might be infected, don’t trust it. Go and get your own antivirus program, not something that pops up on your screen (see here for a good free antivirus program).

There’s a lot to learn here. Basically, be careful who you trust. These days scammers have to trick you into installing malware and they’re good at it (it’s called social engineering).

More fake ATO emails are being sent in Australia. If you receive an email about your “taxe refund” keep in mind that it’s a scam. The real ATO would never misspell tax.

Clicking on the link in the email takes the reader to an exact copy of the real ATO website. The address is clearly wrong,

• Fake address: www.a-imbn . org
• Real address: ato.gov.au  (all Australian government web sites must end with .gov.au)

If you’re in Australia please let others know of this scam.

There’s a fake email being circulated in the UK asking for donations to help with the recent earthquake in Haiti. The email claims to be from the Red Cross but it’s really just a scam.

This is what the email looks like:

The British Red Cross Society
British Red Cross
UK Office
44 Moorfields
London EC2Y 9AL

MAKE YOUR DONATIONS NOW
=====================

Dear reader,

A devastating earthquake measuring 7.3 on the Richter scale struck Haiti on 12 January 2010 sending the Haitian Capital Port-Au-Prince into chaos, killing hundreds and affecting thousands more. Please give what you can today to help thousands of people there in desperate need of humanitarian assistance.

Relief aid workers from the Red Cross have already been arriving at the Haitian capital with relief materials.

Donations have been grouped into two cartegories:

1: Group A (£250 British Pounds to £1,000 British Pounds
2: Group B (£1,000 British Pounds and above)

Donations are to be made payable immediately via WESTERN UNION MONEY TRANSFER immediately and directly to our donations accounts liason officer as RECEIVER’S name:

DONATIONS ACCOUNT LIASON OFFICER:
LOCATION: 44 Moorfields, London EC2Y 9AL

Please provide us via return email the following informations below as they appear on the Western Union Money Transfer slip;

1. Name and Address of Sender
2. Exact Amount Sent ***
3. MTCN ***

NOTE: At British Red Cross we are committed to protecting your privacy as a STANDARD practice. We will not share your information unless you have previously indicated that you are happy for us to do so.

Hope to receive your donations soon as thousands need your help.

Please send return email with donations details to

Yours Sincerely,

For and on behalf of The British Red Cross Society

The email has a few spelling and grammatical errors. They unnecessarily capitalise a few words. Both of these things are unprofessional and would not be done by a serious organisation. Also, they want money sent to Western Union! Any legitimate organisation would have a professional method of accepting money. All these things should make you suspicious of the email.

If you see this email remember that it’s a scam. And there’s no doubt that there’ll be dozens more emails with similar Haiti scams. If you want to donate to help with humanitarian efforts then find an official (and recognised) charity organisation and donate to them. Don’t click on links in emails that you receive.

Also be aware that scammers will use every event that makes the news as an excuse to send these type of emails. When celebrities die they send out similar emails, asking for money or asking you to click on a link (that goes to a malicious site). They never stop sending out these emails.

Android is a system used by some smartphones (similar to iPhone or Windows Mobile, but made by Google). Like other smartphones you can install apps on Android.

One Android app that showed up recently is a free banking app. It looks like it supports US banks. But instead of logging into your bank it sends your online banking details to a scammer. Then it won’t be long until someone steals money from your bank account.

Google has been notified of this malicious app and they have removed it. But for some people it may be too late.

There’s a lesson to be learnt here. Smartphones are cool, installing apps on them is cool. But we shouldn’t let our guard down and trust everything to them. Know what you’re installing, know who wrote the software, and how it stores and sends your login details.

As more people buy smartphone scams are only going to become more common.

I just received the following email. It’s a scam made to look like Google Adwords, however the web site was registered just a few hours ago to somebody else.

If you go to this site and enter your Google account details you’re actually letting a stranger (hacker) know your account details. It’s a scam.

———————————————
This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
Message id:388520237785520
———————————————

Hello,

You have a new text alert from adwords

Please use the link below to login:

http://www.adwlordls.com/Selects/Login/static/index.html?ref=56105007342

Advertise your business on Google

Best regards, Google AdWords Customer Team © 2009

———————————————
This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
Message id:847914946168909
———————————————

So if you see this email or one like it, delete it. Google did not send this email.

Update: another version of this scam is,

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message. If you
have any questions, please our Help Center to find answers to
frequently asked questions.
————————

Hello,

Please update your primary and backup payment information, even if you
plan to use the same information. Please follow the steps
below to update your information and trigger our billing system to try
processing your payment again. We’ll attempt to process your balance on
whichever card you update first.

1. Log in to your AdWords account at <link removed>
2. Enter your new or updated payment information.
3. Click ‘Save Changes’ when you are finished.

To update your backup credit card:
1. Visit the ‘Billing Preferences’ page, as described above.
2. In the Backup Credit Card section, click ‘Edit’.
3. Re-enter your backup credit card details.
4. Click ‘Save’.

To update your bank account:
1. Visit the ‘Billing Preferences’ page, as described above.
2. In the Bank Account section, click ‘Edit’.
3. Re-enter your bank account details.
4. Click ‘Save’.

Thank you for advertising with GoogIe AdWords.
Grow your business with us.

Sincerely,

The GoogIe AdWords Team

If you see this email delete it, don’t click on the link, don’t give them your Google password.

And yet another version:

Dear Valued Customer,

You have a new alert from Google Adwords.

Sign in to your AdWords account at http://adwords.googlxmcn.com/Select/login

Yours Sincerely,
The AdWords Team

Notice the domain name above, googlxmcn.com. This is not google.com, it’s spelt differently, so it’s a scam.

This link was posted on Facebook – it’s a scam. It says that Google is hiring people to work from home, no experience is necessary, and the article goes on and on about how good it is.

Below is an extract from the scam site:

Breaking News: Google Now Hiring People To Work From Home

If you live in America and you have been wanting to work from home, you might be in luck. Google has now released a new "Work From Home Program" that will allow Americans to work for the titan from the comfort of their own homes.
To thousands of Americans this means that they will soon have a safe and bright future working for one of the fastest growing companies in the world.
…
What you need: A Computer, an Internet Connection and the desire to make a living working from home. No special skills are required other than knowing how to use a computer and navigate the internet.
…
Google will send out your checks weekly. Or you can start to have them wire directly into your checking account. (Your first checks will be about $750 to $1,500 a week. Then it goes up from there. Depends on how many links you posted online.)

Like most scams, you don’t need any experience, you can work from home, and you can make $1500 a week so easily. It’s all too good to be true!

The fake article is hosted on a site called ValuePromotions.

If someone were gullible enough to sign up they’ll be asked to pay US$2 to get started. But instead of paying $2 they’ll be charged US$80 a month directly from their bank account.

There are so many scams similar to this one. They all feature the same principle – a promise of free or easy money. Always do research on articles like this (use Google) and have a sceptic mind – if it’s too good to be true it’s probably a scam.

The following email contains a virus, it was not sent by Facebook:

Because of the measures taken to provide safety to our clients, your password has been changed.

You can find your new password in attached document.

Thanks,

The Facebook Team

If you see this email just delete it. Don’t click on the attached file.

Here’s an example of a very sophisticated piece of malware designed to steal money. It was discovered recently in Germany and was used to steal €300,000 in 3 weeks. Here’s how it works:

1. You visit a web page that has been hacked. It’s an ordinary web page (such as a news site), nothing looks out of the ordinary.
2. A trojan is installed on your computer without your knowledge. It sits there on your PC waiting and watching.
3. You log onto your internet banking site. Everything still looks normal.
4. The trojan detects that you’ve logged into an internet banking site and it makes a transaction, transferring money from your account to the account of a money mule (more on this later).
5. When you look at your bank statement online, the trojan captures the network data and changes it to hide the transaction it made. The numbers it shows on the screen have been altered.

Step 5 is the sophisticated part of this attack. Normally you’d notice if money was transferred from your bank account without your approval, but the trojan hides this by showing you a fake statement on your screen. If you can’t see the money being taken from your account the criminals have more time to keep making withdrawals.

The amount of money it steals is different each time so that the bank’s anti-fraud detectors don’t see the pattern of theft.

More details here on this attack works.

So what’s a money mule?

Stealing money from people’s bank accounts is a big business. Criminals not only write sophisticated malware to carry out the transactions, they also recruit money mules to launder the money.

They place ads online offering jobs to desperate people. These jobs require no experience and you work from home (sound familiar?). People who sign up to these jobs receive money in their bank accounts, then they have to transfer it to someone else’s account. They do this willingly and are paid for it, but they usually don’t know that it’s part of a criminal organisation.

This is how the criminals receive their stolen money and cover their tracks. It’s a form of money laundering and is illegal. And to avoid a pattern detection they usually only use these money mules twice.

Here’s an example of a money mule job ad.

Lessons Learnt:

• Always use an antivirus program that not only scans your PC for malware, but also checks every web page you go to. Good antivirus programs cost money and it’s a good investment to protect your online security.
• Only use internet banking from a PC you trust.
• Always update your PC with the latest patches. For example, tomorrow there’ll be a large Windows update, you should install this as soon as possible (after you make a backup).
• Don’t trust job ads that promise the world for little to no effort.

I received the email shown below, Googled it and saw that it’s a scam. Unfortunately I also found that quite a lot of people have fallen for this scam so I’ll explain how it works.

Firstly they send out the email shown, it offers to list your business on a register. Their email mentions the word “free” several times and they never mention a price – but it’s misleading, they’re actually offering a paid service. It’s called deceptive marketing and it’s illegal in most countries.

Then if you sign up to list your business they send an invoice for approx €995 (quite a bit of money).

Now this is when the stress begins for most victims. If you ignore their invoice they start sending a stream of nasty letters threatening legal action. Based on what I’ve read in forums it seems that they’re empty threats (see for yourself here).

So please do a bit of research on any unsolicited marketing offers you might receive. Search on Google, even if you think it’s a free offer.

The email that they sent is:

Ladies and Gentlemen.

In order to have your company inserted in the registry of World Businesses for 2009/2010 edition, please print, complete and submit the enclosed
form (PDF file) to the following address:

WORLD BUSINESS GUIDE
P.O. Box 2021
3500 GA Utrecht
The Netherlands

email: register@wbgtoday.net
FAX: +31 20 524 8107

Updating is free of charge!

If you are not the intended recipient, please submit an email to
unsubscribe@wbgtoday.net
Your request shall be dealt with accordingly.

And the attachment that they sent looks like this:

If you see this email just delete it.

I just received this email – it’s a scam. If you click on the links it takes you to a site letting you download some spyware. Below is the text of the email. If you see this, delete it. Don’t click on the links, don’t download the program they have.

PDF Reader 2009 – New Version for Windows and Mac
The latest PDF Reader: Open, Edit & Create PDF Files
http://www.adobe-pdf-update.info
Included in this package:
Open Office Suite – Get things done more quickly and improve your work efficiency.
-Open, edit and view all PDF files.
-Enhanced performance with faster loading and zooming.
-Collect your data and combine it into a high quality document.
http://www.adobe-pdf-update.info

Download the complete Office solution today and also receive free updates
and 24/7 customer support.
"Since the 90′s, PDF has become the standard file format for document exchange." – Adobe
http://www.adobe-pdf-update.info

Thank you for choosing us, the worldwide leader in PDF Reader Solutions.
Best Regards,
Mary Norman
PDF Reader 2009

Adv Media Ltd  | 890 Avenue| Sydney | 1002 | Australia

Click here :
http://www.listmanagerservices.com/unsubscribe.php?M=
to Unsubscribe out of mailling list.

This product is a scam. It’s made to look like a real antivirus or antispyware program but all it does is ask you for money. It’s not a legitimate program, it doesn’t stop spyware, viruses or do anything useful.

It’s called PC Antispyware 2010, a name that sounds a bit serious (and misleading). The screen looks pretty fancy, maybe people trust things that look nice or shiny – don’t be fooled by it.

If you see the screen above then don’t click on the download link, don’t install it. You can see a larger screenshot by clicking here. Only use antivirus products from known and trusted vendors.

I’ve written about Nigerian scams before, they’re very common and in most cases the scammers are based in Nigeria. It starts with an email telling you that someone wants to give you a million dollars, you just need to send over a bit of money to get things started.

The promise of money is enough for some people to get hooked into the scam, they believe all the stories and keep sending money to the scammer hoping to get their “reward”.

A woman in Oregon, USA, was scammed of US$400,000 over a 2 year period using this scam. If you have friends or family who aren’t aware of these scams, please let them know how it works. Show them this video and help raise their awareness. There are still many people in the world in a vulnerable position.

Watch the video below, or if it doesn’t load click here to access it.

This one has been reported in Australia but could just as easily happen anywhere.

Scammers have been knocking on people’s doors and claiming to be officials from the Australian Tax Office. They ask the resident to sign up to a program in return for reduced taxes. This is the bait part of the scam, offering you a way to pay less tax.

The scammers just need your credit card or bank details in return for their generous offer of reduced taxes. This is confidential information that you shouldn’t be giving out to strangers.

The Australian Tax Office has said that they’ll never initiate unsolicited house calls, if they do ever visit your home they’ll make an appointment first. And they will always show some ID on arrival. If this happens to you and you’re unsure what to do, the ATO’s phone number is 1300 686 636, they’ll be able to verify the situation.

This scam was also happening earlier this year using phone calls – the scammer calls random people and gives them the same story about reducing their tax and claiming to be from the Australian Tax Office.

If you have any comments on how this works in other countries please post below in the comments.

This particular type of fraud targets shop owners and police say it has been happening in Sydney.

The criminals go to a retail shop dressed as electrical contractors and cut their phone lines. They then go into the shop as customers and buy products using a stolen credit card.

Because the phone lines have been cut the store’s staff can’t verify the card to process the transaction. So they either have to trust that the card is legitimate and process the order on paper, or turn away customers.

If you work for a retail store you should be aware of this fraud tactic. There may also be things you can do to protect access to your store’s phone lines, and it may be possible to organise credit card processing facilities that use a mobile network as a backup.

Some people have been receiving threatening SMS’s on their phones. The messages include death threats and it seems they’re a part of a money laundering scam. A typical message is:

I am about to kill you. If you want to live, contact (hbko@pobox.sk) to get information on what you will have to do to live. If you ignore this message, you will die!

This particular SMS came from the number 856 207 580 237.

If you reply and contact the sender they ask you for money (up to $10,000). They use all the typical scam tactics like asking you to pay a legal fee and a processing fee.

Investigators have tracked the senders to Laos and Slovakia. Hopefully the senders are caught soon.

If you receive an SMS like the one above don’t reply to it. You can either delete it or report it to a local authority if you’re concerned (e.g. your local police). Remember that it’s just a scam.

Lottery emails are a pretty old scam and they’re still around. This time some words have been changed and this one claims to be from Microsoft.

If you see this email, delete it, it’s just another lottery scam:

Subject: Microsoft Email Promo:Official Prize Notification
To:
Microsoft Email Promo:Official Prize Notification
The MICROSOFT EMAIL PROMO TEAM is glad to announce that
after a successful completion of the PROMO DRAWS held on the
28th June 2009,your e-mail address,attached to winning
numbers:(55) (73) (14)(41) (36) (29) won in the Tenth
lottery category.
You have therefore been approved to claim a total sum of
£150,000,00 GBP(One Hundred and Fifty Thousand Great British Pounds
Sterling) in cash credited to file REF NO:MSW-L/009-28793, BATCH
NO:2009MJL-05, this is from a total prize money of
£3,750,000 (Three Million,Seven hundred and Fifty Thousand
British Pounds Sterling),shared among the Twenty five (25)
international winners in this category.
All participants were selected through our Microsoft computer
ballot system drawn from 167,000 Names,as part of our
International  "E-MAIL" Promotion Program for our prominent
MS-WORD users all over the world and for the continuous use
of the internet. You are advised to contact the claims
processor with the details below via his e-mail address :
NAME:  Michael E Ross
EMAIL: michaele.ross1@yahoo.com.hk
TEL:   +44 703 590 2789
PLEASE NOTE THAT YOU ARE TO SEND THE FOLLOWING INFORMATION TO
CLAIM YOUR WINNINGS:
1.Full Name………………………………
2.Address:………………………………
3.Phone:……………Fax:……………….
4.Country:………………………………
5.Sex/Gender……………………………..
In order to avoid unnecessary delay and complications,please
remember to quote your reference and winning ticket number in
all correspondence with your claims officer.Your secret pin
code is ML0757985.Be warned that cases of double claims and
unwarranted abuse of this program will be legally pursued.
YOURS FAITHFULLY,
JESSICA SCOTT.

The names are no doubt made up, they’re just trying to encourage you to provide your personal details.

I know that 0.4% of Fraudo readers are from Spain, 99.6% of you are from other parts of the world. So it’s safe to assume that if you receive an email saying you won the Spanish lottery, then it can’t possibly be true.

Scams are usually designed to excite or shock you, and to make something seem urgent. This has the unfortunate effect in most people of urging them to make rash decisions, to not think things through properly. For example, if you don’t live in Spain and haven’t been there, and haven’t purchased any kind of Spanish lottery ticket, then how could you have possibly won?

And even if you did, how do you suppose they got your email address? If you really did win, they’re most likely to send you a letter, again assuming you really  bought a ticket and registered your name and address.

So why is it that people fall for these scams?

Below is the email I received, it’s fake:

REF NO: HKD/7684/ES/97
BATCH:  YJM879/OLS/09

Winner in the 2nd category of our ONCE LOTERIA  free Net Lottery
Promotional award draws held in May, 2009. I am writing in respect to
your lotto winning prize of ONE MILLION, EUROS(1,000,000.00 Euros) which you won through the email ballot draws in the EUROMILLION Promotional Award in June, 2009 in the second Category prize winnings categories.

We wish to inform you that your total prize money of One Million
(1.000,000.00) Euro has remained unpaid by our treasury and credit office after the initial letter to your address for your payment was not successful.
You are hereby requested to contact your claims agent with your full names,telephone,batch and reference numbers respectively and immediately update your claims process for your payment.
Mr.ADRIANA WOOD,
FOREIGN TRANSFER MANAGER,
QUALITAS DE SEGUROS
MADRID SPAIN
Email:quainfo40@aim.com
TEL: 0034-615-730-594
Accept our felicitations!
Signed:Clara Casadoro
(Events,Draws and Promotion).

If you receive this email, or any similar lottery scam, please be cautious. It’s more likely to be a scam. And if possible try to discuss this with people who are new to the internet (such as the elderly), awareness is a great defence against scams.

This email tries to trick you into running a virus attached to the email. Why would anyone do this? Well, the email is vague and it sounds like it’s a serious and technical matter.

If you receive any of the emails shown below, delete them:

Subject: Outlook Setup Notificataion

You have (1) message from Microsoft Outlook

Please re-configure your Microsoft Outlook again.

Download attached setup file and install.

Subject: TheBat Setup Notification

You have (98) message from Outlook Express.

Please re-configure your Outlook Express again.

Download attached setup file and install.

A spam email pretending to be sent from the Bank of America tells readers they need to install a digital certificate. What it really does is install malware.

Not only does it install malware, it also asks you for your user ID and password.

Here are some tips to help you avoid this sort of scam:

• When you use any online banking service, look for the padlock icon in your browser. Then click on it, it needs to say your bank’s name, it’s full web address, and shouldn’t show any errors.
• If you receive an email from your bank, don’t click on any links. Instead, open a new web browser and type in your bank’s web address. This way you can’t be tricked into clicking the wrong link.
• Always be wary when you receive unsolicited emails. More often than not they’re scams.
• Use a good antivirus product

The email below suggests you can receive $20k from the US government. They ask you to send an email with your personal details. These type of scams then ask you for more details.

Your details are then used for fraudulent activities, under your name (this is called identity theft). It’s also common for the scammer to start asking you for money – there’s usually an excuse that they need to pay lawyers or some other convoluted story.

Below is the scam email, if you see this just delete it:

Hello

Secure $20k in Govt Grants and you never need to pay it back.

All American residents can apply for Govt Grants.

Allotment of grants doesnt depend on your credit history.

The strength of our firm is grants writing.We’re doing business since 1999 and we have helped around 20,000 people obtain grants.

Our company is taking fees of 10% only after our clients receive funds from Govt.There’s no risk for you at all.You’re paying our fees only when you’ve received grant money in your bank account.

Send us details including first name, last name, address, profession, date of birth, annual income, reason for govt grant.

grantswriting27@mail.com
Reply back to this email.

Regards

Johnathon Hodge

There are many fake anti-virus products out there, they try to convince you there’s something wrong with your PC or Mac then either ask you for money to fix it or install real viruses.

This new one’s the kind that asks you for money, it’s called System Security. It begins when you download the program believing it’s a new anti-virus product. It’s designed for Windows PCs.

When you install it, it pretends to scan your PC, then informs you it found a whole lot of malware on your PC including viruses, adware and spyware. This part is meant to scare and shock you.

Then it does something truly evil, it stops you doing anything on your PC until you “activate” the anti-virus. And by activate they mean pay them money. So at this stage the only thing you can do with your PC is go to the scammer’s website (which looks nice and professional), hand over your credit card details, and they’ll supposedly make your PC work again.

If you happen to download and install this fake product and it blocks your PC from working, don’t give them your credit card details or otherwise pay for it to be unlocked. You will be able to boot your PC in Safe Mode – ask for a PC technician to help you with this if necessary. You’ll then be able to remove the fake anti-virus.

This highlights the importance of using a good anti-virus product, one that’s known and respected in the IT industry. I generally try not to recommend one product over another but below are some of the trusted anti-virus companies available today:

• Trend Micro
• Symantec / Norton
• McAfee
• F-Secure
• AVG

There are many more and the market’s always changing. Feel free to write about your preferred products in the comments below. These days you can buy them online or walk into a computer store and buy one.

If you receive an email similar to the one shown below, it’s a scam. Delete it. 

With this type of scam the sender tries to start a conversation with you, sending you many emails with similarly broken English and a collection of photos. There’s also a tale about how poor she is and eventually she’ll ask you for money.

In reality it’s probably a guy, not a girl. And the emails generally have Russian addresses.

Again, remember not to reply to these or fall for the story. It’s just a scam, one of many on the internet.

Here’s a copy of one of these emails:

Hello my new friend! You probably will be very much surprised to my letter. And where I could find your electronic address. One of these days I was registered a site of acquaintances. And today to me from him there has come the reference with your address. In it it was spoken, that we with you harmonious pair. And I have decided to write to you this letter. My name is Elena, me of 27 years. My growth of 168 sm, my weight of 53 kg. I the quiet, romantic girl. I want to meet in the life the present love. In my opinion, At all a variety of nationalities occupying our planet. In the world there is that uniqu person, With which I can find happiness and family rest. My dream, it to create family, To leave in marriage for remarkable the man, to give birth to children. And together with the loved person To aspire to bring up ours with it children that they became the most remarkable people. Actually I very modest girls and vulnerable. To me to not like, when people to face speak one, And behind a back another is completely. And I think, that from the very beginning of ours with you of acquaintance. We should be fair with each other. As in the first letter, I want to send you the photo. I hope that it to like you. If you were interested with my letter. And you as well as I want to meet the present love in the life. That I think to us with you it is necessary to begin ours with you acquaintance. Who knows, it is possible we are really harmonious with you. Also we shall create the best in the world a pair.

Another Western Union scam email is being sent to people. The email claims that you sent money with Western Union and that it has been returned to you (this is the incentive designed to catch your attention, free money).

The email has an attachment that is supposed to be an invoice. Instead the attachment infects your PC with a virus that waits for you to use internet banking then steals your password.

The email reads:

Dear client!

The money transfer you have sent on the 12th of April was not collected by the recipient. Due to the Western Union regulation the transfers which are not received in 15 days are to be returned to sender.

To collect money you need to print the invoice attached to this email and visit the nearest Western Union branch.

Thank you!

If you see this email, or one similar to it, delete it. Western Union didn’t really send it. And don’t open the attachment.

Tell-tale signs of a scam email:

• There are a few grammatical errors in the email. It’s common for scammers to have poor English skills (though they’re getting better)
• Did you send money with Western Union in the past 15 days? If not then it’s almost definitely a scam. Don’t be tempted.
• If you’re unsure, copy & paste parts of the email into Google. Then read through the results looking for evidence of known scams.

You should also be scanning your email for spam and malware. This will filter out most of the scams before you have a chance to read them.

There was another Western Union scam that has been quite popular, read about it here.

I don’t recommend this, I just want to share what others are doing and raise awareness of the problem in general.

Nigerian scams are emails (or letters) telling you that some random stranger in Nigeria wants to give you a very large sum of money, and they need your help (and your money) to make it happen.

And some people are starting a trend in baiting the scammers, making them waste time and giving them misleading information, just for amusement. It’s a vigilante action fraught with real danger hence why I don’t recommend it. But it’s certainly interesting to read about it.

Click here for the full article.

Sometimes hackers find innocent web sites and find a way to hack it and add malware. Below is an example. A (fake) message comes up telling you your PC is infected:

Warning!!! Your computer contains various signs of viruses and malware programs presence. Your system requires immediate anti viruses check! System Security will perform a quick and free scanning of your PC for viruses and malicious programs.

Notice that the message is full of grammatical mistakes, scammers generally aren’t very good at English.

If you see a message like this click Cancel and close the window.