PDA

View Full Version : New Scam


anotherthing
14th Oct 2011, 19:00
Received the following e-mail today, instantly suspicious but it came from a friends valid e-mail address with their correct name at the bottom.

How are you doing? This has had to come in a hurry and it has left me in a devastating state. My family and I had a visit to (Spain) unannounced some days back for a short vacation, unfortunately we were mugged at the park of the hotel where we stayed,all cash, cell phones and credit cards were stolen off us but luckily for us we still have our passports with us.

We've been to the Embassy and the Police here they're not helping issues at all and our flight leaves tomorrow but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills. Please I really need your financial assistance..Please, Let me know if you can help us out?

I'm looking forward to hearing from you.

Thanks
XXXA few things set of alarm bells so I sent back a non commital 'How can I help'

I received in reply:

I'm glad you responded back to my message and you are willing to help, We need a financial assistance of (1,250 Euro),but anything you could assist with now will be helpful... sorry we never informed you before leaving for Spain. I was extremely happy when i saw your mail, please bear in mind that I'll facilitate your reimbursement as soon as we get home, the fastest and safest means you can get money to me is via western union as it takes only few minutes for the money to get across to me, below is all you need in sending the money via western union.

NAME- XXXX (actual name of my friend)
ADDRESS- Plaza de la Lealtad 5, Madrid, 28014
COUNTRY- (Spain)

Just help me write out the MTCN/Reference number and other necessary details. I'm looking forward to hearing from you.

Thanks
XXXX

When I replied to the e-mail it actually went to a different address from which it was allegedly sent.

Also the thieving f***wits have obviously used a generic e-mail that has been passed from scum to scum... you will see that both the country they have been visiting and the amount of money they need is in brackets... obviously this was for the theiving scum to fill in themselves. The thick twats couldn't even think t remove them before sending out the e-mail.

Anyhoo, this is just a friendly warning, it had me thinking for a couple of seconds before re-reading it and realising it was a scam.

rgbrock1
14th Oct 2011, 19:04
It probably did come from your friend's email account.
Because it was obviously hijacked. Now yours is too.

Capetonian
14th Oct 2011, 19:08
Given that your account is probably already compromised, you can now get mileage out of this by stuffing them around. However if your account is in your real name and identifies you then you may be better to do so from a non-identifiable account in a fake name.

You may as well post the scammer's email here and we can all spam them and waste their time! I certainly will.

anotherthing
14th Oct 2011, 19:10
Nah, mine isn't... took precautions as I thought that it was a case of hijacking

rgbrock1
14th Oct 2011, 19:13
Yours isn't? How can you be so sure? Once your "friends" email message made it to your account that in and of itself was a successful hijacking.

And by replying to your "friend's" email message you verified to the sender (scum bag) that yours is a real address.

anotherthing
14th Oct 2011, 19:17
What I meant was that they have not hacked into my account i.e. cannot get access to it.

It is easy enough to get peoples e-mail addresses and use them in an e-mailer programme, actually hacking passwords etc takes more than replying to an e-mail, especially if as soon as i replied, I took the precaution of changing things

rgbrock1
14th Oct 2011, 19:24
You are correct. What I meant by hijacking your account is: the scammers now have your email address. Not account. And they will use your email address to send spam, phishing messages to others.

ExSp33db1rd
14th Oct 2011, 20:55
And by replying ..........

That's why I never use an automatic 'holiday response', or 'out-of-office' auto message, 'cos that's a reply which verifies your e-mail.

mixture
14th Oct 2011, 21:11
You may as well post the scammer's email here and we can all spam them and waste their time! I certainly will.

Not much point, because someone is very likely to have reported to them to their ISP already who will have disabled their account per TOS.

mixture
14th Oct 2011, 21:13
What I meant by hijacking your account is: the scammers now have your email address.

No need to hijack/hack an account to be able to use someone's email address. Set the Reply-To header and the gullible muppets out there who respond to such scams will never notice they're communicating with someone else.

west lakes
14th Oct 2011, 21:23
Oh dear, looks like I've upset the IRS!!

Notice: CP01H
Tax year: 2011
Notice date: Thu, 13 Oct 2011 09:18:09 +0100
Page 1 of 1

Important information about your tax return
We are unable to process your tax return

We received your tax return. However, we are unable to process the return as filed.

Our records indicate that the person identified as the primary taxpayer or spouse on the tax return was deceased prior to the tax year shown on the tax form. Our records are based on information received from the Social Security Administration.
Based on this information, the tax account for this individual has been locked.

What you need to do

Visit review page on irs.gov
Keep this notice for your records.
Department of Treasury
Internal Revenue Service
http://mail.tools.sky.com/mail/images/cleardot.gif Reply
http://mail.tools.sky.com/mail/images/cleardot.gif Reply to all
http://mail.tools.sky.com/mail/images/cleardot.gif Forward





This one of 3 I've received!! Somehow I think I'd have noticed if MWL had not been around!

Capetonian
14th Oct 2011, 22:26
Not much point, because someone is very likely to have reported to them to their ISP already who will have disabled their account per TOS

Not really. They'll have a Yahoo, w.cn, o2.pl, gmail, aol, one.co.il, or Hotmail address which is quite independent of any ISP. Those email providers have made spam/scam reporting so difficult that most people rarely bother, and the email providers rarely disable them.

They won't have their own ISP, they'll be working from Internet cafes or similar, they are more or less untouchable.

hellsbrink
15th Oct 2011, 04:39
Dunno about others, but reporting a phishing scam on hotmail is easy peasy.

Slasher
15th Oct 2011, 04:58
I got the same west lakes and promptly sent a reply -

29 Shawwal-Thul-Qedah 1432 A.H.

Assalamu alaikum.

It is with deep regret my 12 year old wife has deceased (may
the holy prophet smile upon her soul) after she had accident
while making a small device of an incendiary nature.

Insh'allah a new tax file will be filed to you as soon as possible.

Allahu akbar.

Al Slasher A'amirah bin Ashif


No reply received yet!

Capetonian
15th Oct 2011, 07:17
Dunno about others, but reporting a phishing scam on hotmail is easy peasy.

It's not hard on the others, although it used to be just a question of forwarding the email to them along with headers.

Now it's filling in a form, but they rarely seem to take action. I have been playing with a scammer for nearly a month now, although I reported his Hotmail address as being used for fraud.

mixture
15th Oct 2011, 08:55
Not really. They'll have a Yahoo, w.cn, o2.pl, gmail, aol, one.co.il, or Hotmail address which is quite independent of any ISP. Those email providers have made spam/scam reporting so difficult that most people rarely bother

Nonsense.

Three emails that evaded my spam filters this week. I reported them to Yahoo, Google and Hotmail without much difficulty. No login required, just a simple form on the relevant website for Yahoo and Google. Hotmail you can email them in.

It's really not difficult. And if you can't be bothered to spend 10 seconds filling in a form on the web, just paste the email into Spamcop and let it do it for you.

If you're the first one to report, Yahoo will get you not just an automated reply, but generally you will also receive a follow-up personal reply confirming action has been taken. Google & Hotmail don't acknowledge, but they do take action.

hellsbrink
15th Oct 2011, 09:06
Now it's filling in a form, but they rarely seem to take action. I have been playing with a scammer for nearly a month now, although I reported his Hotmail address as being used for fraud.

Filling in a form? On Hotmail you click on "mark as" then "phishing scam" and that is it.

Couldn't be easier

Capetonian
15th Oct 2011, 10:06
Yahoo used to be very quick off the mark and used to respond confirming that the email address had been invalidated.

Gmail and Hotmail don't seem to do the same. That said, I haven't bothered trying to report them for a while, I get more mileage winding them up and wasting their time, and if you look on sites like 419eater and Scambaiters, the consensus is that getting their emails closed down is a waste of time as they just pop up with new ones.

Has anyone noticed that there are fewer lottery scams around now with Spanish and Netherlands cellphone numbers, as the authorities in those countries have taken steps to prevent the sale of SIM cards without some form of verification. When I was working in Holland I used to print out the emails which were from there and used NL numbers and take them to the Marechaussee at Schiphol, who apparently took it seriously. I once had the pleasure of witnessing them raiding an internet cafe which was used by scammers and they weren't exactly handling the scammers with kid gloves!

Checkboard
15th Oct 2011, 10:19
the consensus is that getting their emails closed down is a waste of time as they just pop up with new ones.

It doesn't stop them going on with a new email - but it DOES invalidate all of the scam emails they sent out on the invalidated address - protecting the little old biddy who is trying to reply (and send her cash) to it. :uhoh:

Capetonian
15th Oct 2011, 13:53
Reporting the email address from which they sent the scam does little to inconvenience them as it usually has a different address in the 'reply to' field. Both need to be reported.

The real problem is that when someone contacts the scammer, they will reply from a third email address, and of course the victim won't, for obvious reasons, report that.


Here is a phishing scam I just got, perhaps the most amateurish I've ever seen!


Your account was accesed by a third part
Friday, 14 October, 2011 13:14
From:
"The co-operative bank" <[email protected]>
Add sender to Contacts
To:
undisclosed-recipients
Message contains attachments
1 File (11KB)

* Verify.htmlVerify.html

Dear Customer,

We detected irregular activity on your Co-Operative Internet banking account on 14/10/2011.

For your protection, you must verify this activity before you can continue using your account.

Please download the document attached to this mail to review your account activity.

We will review the activity on your account with you and upon verification,
and we will remove any restrictions placed on your account.

If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.

We ask that you allow at least 72 hours for the case to be
investigated and we strongly recommend to verify (sic) your
account in that time.

Best Regards,
Colette Nugent
Head of Customer Communications

Copyright Co-Operative Holdings plc 2011 - All rights reserved

Loki
15th Oct 2011, 14:16
Here's my latest


Dear Valued Customer

We noticed a violation of our services on
your account.

this may have occurred due to a viral infection on
your computer

when you last accessed your account online.
For security reasons, we have temporarily
disabled access to your account until you complete
the account restore process.

PLEASE CLICK HERE TO (Restore Your Account)

Best Regards,
Halifax Bank

Gertrude the Wombat
15th Oct 2011, 14:35
New Scam
Hardly. It's ancient. It's even been in the dead tree newspapers for a couple of years now hasn't it?

Capetonian
17th Oct 2011, 16:09
Oh dear!

http://dl.dropbox.com/u/7593647/scam04.PNG

racedo
17th Oct 2011, 22:13
Heard today of someone wishing to buy a puppy and told oh we have moved up north now and have certs for pedigree puppy but will courier by pet courier with a mobile number to try and make it legit.

He called number about something else and asked where caller was.........no prizes for guessing in a West African country famous for it.

west lakes
17th Oct 2011, 22:17
I had a phone call from a call centre (Indian voice possibly) wanting to arrange a "refund" to my bank account. Offered a cheque or just debit the account. As part of the security they asked for my debit card number.
Hung up very quickly when I refused to give it!

Capetonian
19th Oct 2011, 13:48
About 5 000 contacts received an email from my account saying that I'd been held up at gunpoint in Madrid. My internet-savvy friends sent SMSes to say I'd been hacked, while my elderly, migrant and more vulnerable friends wanted to know where to send the cash. According to the story, my cellphone and credit cards had been taken and I was badly in need of money. There was a number to call to reach me at my hotel -- presumably chargeable -- and a Western Union account had been set up in my name to wire a transfer.

Thw whole article is here : How a hacker ruined my life and then tried to sell it back to me - Leisure - Mail & Guardian Online (http://mg.co.za/article/2011-10-16-how-a-hacker-ruined-my-life-and-then-tried-to-sell-it-back-me)

Al Fakhem
19th Oct 2011, 13:53
Capetonian:

The English used in your HMRC notice (above) is so [email protected] it could almost be from a real UK government office ;)

Capetonian
19th Oct 2011, 14:05
I'm still trying to work out how they got : "You have to sick the debt .........."

Another one : I'm not sure what sort of scam this is but it's clearly not a genuine email from Firefox.


New update available.
Wednesday, 19 October, 2011 19:29
From:
"Mozilla Firefox" <[email protected]>
Add sender to Contacts
To:
undisclosed-recipients
New update arrive.

Your security is our top priority. Our open source security process means we have an international community of experts working around the clock to monitor the latest threats. As soon as a security threat is discovered, we write a patch and release an update to stay one step ahead. Downloading Firefox updates is a very important part of staying safe online.
Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available. A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
Re-installing Firefox will not affect your settings, bookmarks or preferences in any way.
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available.
Update in a click : firefox-7.0.1

The link shown above goes to :

xxxx://mail.alnahlagroup.com:8887/products/download/product/uk/firefox-7.0.1/ (I've changed http to xxxx to stop it from working in case anyone clicks on it)

Keef
23rd Oct 2011, 11:07
It didn't take long...


Dear Friend

First let me introduce myself. My name is Abdul Umar.. I am the attorney for the son of Libyan leader Col Mommar Gaddafi. I am sure you must have heard about the revolution sweeping my country. as you can see on the following links:

Britain freezes Gaddafi family assets as 900m of Libyan currency impounded | World news | The Guardian (http://www.guardian.co.uk/world/2011/feb/27/gaddafi-family-assets-frozen-queen)
Wealth Warfare: US grabs Gaddafi assets, Libya to kiss cash goodbye? - YouTube (http://www.youtube.com/watch?v=4WCp5rxNa1k)

This has prompted me to leave the country to another African country which I will disclose to you in due time. Now to the reason of my writing to you. As a trusted aid and personal lawyer to the son of the Libyan leader Col Mommar Gaddafi.

We have secure the total of 11 million Pounds from access crude oil account, this fund was pulled out on the heat of this crises rocking Libya. said fund was deposited with a security company in a location, (
not Libya) which I will let you know in due cause.

Now it seems the regime of Col Gaddafi is coming to an end and no one knows what will happen next. Now I have received instruction from my client Saif Al Islam Gaddafi the second son of Col.Gaddafi to look for a partner to secure the money from security company. This will enable him have some thing to fall on, if the inevitable happens. We are ready to let you have 30% of the total sum,

while I will have 10% and 60 % will be kept by you for my client or even help in investing for him pending when things stabilize.

I have all the papers to help us in getting the fund from the security company. Please if you are interested in this transaction, urgently respond so that I can brief you in details.But if you are not interested, please treat the email as it never come to you.

This is confidential and must not be discussed by the third party or unauthorized person(s)looking forward to hearing from you.

Regard.

Barr Abdul Umar.