Category Archives: spam

Scam within a scam

Posted on by The Old Wolf

This one goes layers deep. Lately my inbox has been swamped with an endless stream of these, (and I’ve written about them before)

But they are still going out, and people are still biting and losing lots and lots of money.

The first red flag is “Congratulation!!” – State Farm would never make such an egregious grammar error.

So if you Get Started, you’ll be taking through an inane survey – doesn’t matter what you click, you’ll be “qualified” – and then told you only need to pay for Shipping and Handling and you’ll collect a fabulous reward.

Well, you’ve just given your credit card number to a bunch of unscrupulous scammers, and it may be used for all sorts of illegitimate purposes. But you’ve also agreed (as outlined in the “terms and conditions,” which nobody reads) to sign up for not one but three recurring services which will be very, very hard to cancel.

Terms and Conditions Agreement
By participating in the contest, you agree to abide by the following terms and conditions (“Agreement”). This Agreement details the membership pricing, benefits, and terms associated with the Daily Win Prize website (the “Site”). The Site is operated by the Site Operator (“we,” “our,” or “us”).
Membership & Benefits
As a thank-you for your participation, you’ll receive complimentary access to exclusive resources within our renowned Epic Read Online, known for its high-quality offerings. As a member, you’ll also enjoy valuable monthly benefits, including significant savings on a variety of products. You can cancel your membership at any time by contacting us, and all recurring charges will be immediately stopped.
VISA Card Members:
 Initial Price: $14.77 Continued Membership: $73.85 billed monthly (every 31 days)
By becoming a member, you’ll access exclusive benefits like substantial savings on a range of products. You can cancel your membership at any time by contacting us, stopping all recurring charges. Review the terms carefully before proceeding. If you have questions or need clarification, don’t hesitate to contact us.
Mastercard Members:
 Initial Price: $11.47 Continued Membership: $76.49 billed monthly (every 31 days)
As a Mastercard member, you’ll enjoy monthly savings and exclusive benefits. If you wish to discontinue membership, you can do so at any time. If you choose to continue, your recurring membership fee will be charged every 31 days at the specified rate. We recommend reviewing the full terms before proceeding. Feel free to reach out for additional information.
Cancellations & Refunds:
You have the right to cancel your order at any time. To do so, please contact our customer service at +8554185206, and we will issue a refund within 5-7 business days. You may also email us at support@tradestreamshop.com for assistance.
Risk of Loss:
All purchases made through the Site are under a shipment contract. Once items are delivered to the carrier, the risk of loss and ownership transfers to you.
Permitted Use of the Site
You are granted a limited, non-transferable, and non-exclusive license to use the Site for personal purposes only. Unauthorized use, including the following, is prohibited:Resale or Commercial Use: You may not use the Site for commercial purposes or resell any products.Content Misuse: Reproducing, distributing, modifying, or exploiting the Site’s content without written permission is not allowed.Reverse Engineering or Copying: You may not disassemble or reverse-engineer the Site’s features or content.Framing or Unauthorized Embedding: Framing or embedding any proprietary content without permission is strictly prohibited.
Intellectual Property:
The Site’s content, including text, graphics, logos, and trademarks, is owned by the Site Operator and protected by intellectual property laws. Unauthorized use of the Site’s content is prohibited and may result in legal action.
User Content:
You are solely responsible for the content you submit to the Site, including text, images, or other materials (“User Content”). By submitting content, you grant the Site Operator a royalty-free, non-exclusive, worldwide license to use your content for marketing, promotion, and other purposes. You agree not to submit any content that violates intellectual property rights or is unlawful.
Acceptable Use Policy:
When using the Site, you agree not to:
Submit Infringing Content: Content that violates the rights of others, including intellectual property rights.Engage in Harmful Behavior: Harassment, abusive language, or activities that disrupt or damage the Site or its users.Upload Malware or Spam: You may not upload viruses or unsolicited advertisements, or collect user data without consent.The Site Operator reserves the right to take action against any violations, including content removal or account suspension.
Third-Party Sites:
The Site may contain links to third-party websites. The Site Operator is not responsible for the content or practices of these third-party sites. Any use of third-party sites is at your own risk, and their terms and conditions apply.
Disclaimer of Warranties
The Site is provided “as is” and “as available,” without any warranties, express or implied. We do not guarantee the accuracy, availability, or completeness of any content or services provided on the Site.
Limitation of Liability:
We are not responsible for any indirect, incidental, or consequential damages resulting from your use of the Site. Our total liability for any claim related to the Site will not exceed the amount you paid to us in the past 12 months. Claims must be filed within two years of the event.
Indemnification:
You agree to indemnify and hold the Site Operator harmless from any claims arising out of your use of the Site, your User Content, or any breach of this Agreement.
Arbitration:
Any disputes between you and the Site Operator will be resolved through binding arbitration. Class actions are not permitted, and all arbitration proceedings will be conducted individually. You must provide notice of your intent to arbitrate 60 days in advance.
Termination of Agreement:
This Agreement remains effective while you use the Site. The Site Operator reserves the right to suspend or terminate your account for violations of this Agreement. Upon termination, all content associated with your account may be deleted.
Copyright Law:
We respect intellectual property rights and expect users to do the same. Unauthorized use of content on the Site will result in removal of infringing materials and potential termination of accounts.
General Provisions:
The Site Operator may update the Site and this Agreement at any time. Continued use signifies your acceptance of the most current terms.Invalid terms will not affect the remainder of the Agreement.This Agreement is governed by the laws of Utah.
Fitness App Trial Offer:
By using our services, you agree to participate in a 45-day free trial of the Fitness Elite Daily App. If you do not cancel before the trial period ends, ➽ you will be billed at the regular rate of $45.78 every 45 days. To cancel or modify your subscription, please contact +18886971512 or support@fitnesselitedaily.com
By accepting these terms, you acknowledge that you have read and understood the Agreement and agree to comply with all conditions stated above.

So if you’re average Joe or average Jane, you’ll see charges on your credit card account for $122.27 every month unless you call to cancel, and those charges will repeat, and repeat, and repeat until you get wise and manage to get past the phone agents who are trained to deflect your cancellation request, and who are very, very good at what they do.

Be safe out there. Don’t click on these solicitations. Don’t give your credit card number out unless you’re on a secure website and know who you are dealing with.

I hate scammers with the fury of a thousand blue-hot suns.

An absolute flood of scam emails

Posted on by The Old Wolf

Today I’ve had 17 emails [Edit: over 100!] with basically the same solicitation appear in my inbox. And they are still coming. Sorted by section, here’s what they look like:

[TL;DR: If you get one of these, don’t respond. They will send you a link to your “personal account page” which contains a trojan, probably ransomware.]

Email Title:

It’s a pleasure to meet you, I’m Manager Kenneth Jackson D id vvne6
It’s a pleasure to meet you, I’m Manager Paul Green V id sikb2
It’s a pleasure to meet you, I’m Manager Jason Perez Y id kdfl5
It’s a pleasure to meet you, I’m Manager Jason Perez Y id kdfl5
It’s a pleasure to meet you, I’m Manager James Walker L id aezi2
It’s a pleasure to meet you, I’m Manager Christopher Garcia Q id icte9
It’s a pleasure to meet you, I’m Manager John Nelson Q id yyaa9
It’s a pleasure to meet you, I’m Manager George Miller Y id wlvj1
It’s a pleasure to meet you, I’m Manager James Moore M id apja5
It’s a pleasure to meet you, I’m Manager Paul Perez H id yflf5
It’s a pleasure to meet you, I’m Manager Kevin Davis P id rllh4
It’s a pleasure to meet you, I’m Manager Jason Scott B id vair6
It’s a pleasure to meet you, I’m Manager Charles Martinez C id pffv3
It’s a pleasure to meet you, I’m Manager Kenneth Clark T id yzhe7
It’s a pleasure to meet you, I’m Manager Brian Rodriguez V id kmni9
It’s a pleasure to meet you, I’m Manager Richard Lee S id klhi8

Sender:

Courtney Waide courtneywaide5@gmail.com
Marina Members membersmarina743@gmail.com
Erinn Pichard picharderinn@gmail.com
Kaylee Ricca kayleericca@gmail.com
Lahoma Hamil hamillahoma@gmail.com
Farrah Loter farrahloter@gmail.com
Ladonna Fought foughtladonna@gmail.com
Lakeesha Irestone lakeeshairestone@gmail.com
Thi Manis manisthi82@gmail.com
Caroline Keets carolinekeets@gmail.com
Earlie Farrer farrerearlie@gmail.com
Michelina Schomaker schomakermichelina@gmail.com
Dalene Shropshire daleneshropshire@gmail.com
Lue Luckenbach lueluckenbach@gmail.com
Felicity Survis survisfelicity@gmail.com

Salutation:

Good afternoon program client id kfet6114b
Greetings program client by number ejzc8095h
Hello member id xnzn4252w
Greetings partner by number zdar4054i
Hello program client by number xoyl4179p
Hello user id zhim7333n
Hello member id biex4965z
Greetings user No. xedp9085j
Greetings member id zvme5736c
Greetings member No. pezx1857k
Greetings program client No. dodp1543s
Hello program client id lquy5745m
Hello partner by number lluy7602m
Good afternoon program client by number jirz1269g
Greetings user by number opsu7619t
Greetings user No. epxl6557y

Email Body:

Yours Registered Check / Registered Account / Registered Main / Registered Invoice will be closed in 12:42:32 hours [or some other time]. Balance of your invoices 38,469.49 [or some other number]. Please contact us via return email and we will provide you with help
for withdrawal savings / receipt savings. If you would like to keep your account active,
please contact us in a return email.

Signature:

Support Thomas Johnson W
Sincerely, the assistant Michael Carter N
Sincerely, the assistant Donald Anderson P
Sincerely, the assistant George Miller T
Helper Kevin Rodriguez S
Sincerely, the assistant Steven Allen X
Sincerely, the assistant George Evans J
Helper Charles Baker S
Helper Ronald Thompson R
Assistant Kenneth Williams L
Helper Thomas Hall T
Assistant Richard Phillips D
Support Christopher Martin F
Assistant Steven Evans J
Support Mark Williams S
Support Daniel Clark M

I responded with “Please tell me what this is about?” The return email was:

Thanks for the answer. Please go to your personal account
http://simp.ly/p/[obfuscated]

I tried two different times, and got the same result each time:

Visiting this website would probably have loaded drive-by malware onto my computer, most likely ransomware.

Edit: Today’s crop of spam:

Some of these have included the following crudely-crafted attachment:

Be very cautious about emails like this. Protect your loved ones by educating them about safe computing practices. Make sure all your computers have robust anti-virus progams on them; the number of scumbags out there is increasing daily.

The Old Wolf has spoken.

Spammy blog followers, redux

Posted on by The Old Wolf

I have written about blog spammers multiple times. I had hoped that with time this repugnant technique for driving traffic would have died out, but no such luck.

Looked at my list of followers today, and the top ones are displayed here:

Every single one of these is a sleazy-looking marketing website. By following my blog, I assume they hope either a) I will follow them back, or b) this will somehow raise their rankings in Google or other search engines. A few examples of what you find if you happen to click their links:

Seriously, people? This is not how to advertise your businesses. It’s definitely a dick move, and is a solid guarantee that I will never ever use your services or do business with you.

The Old Wolf has spoken.

Facebook Login Scam

Posted on by The Old Wolf

The email above was in my spam folder, hence automatically suspicious. If you click on that “to cONTACT” button, you can see that the mail was not sent by Facebook but by someone at “beratinind.co.uk.” Maybe. That was probably spoofed as well.

Whether you “Report the user” or “Yes, me” (note the poor grammar), you will be sending email to this list of people:

PeterQuinn615@outlook.com; zikorugbyman87@gmail.com; frank.lion92@gmail.com; paulm8756@gmail.com; akilzachary3@gmail.com; frank.kolar@aol.com; brandon.mathis2@aol.com; addod.dghi@aol.com; zachary.akili20@gmail.com; saifalik654@gmail.com; manuchkacharm@gmail.com; anucharma04@gmail.com; apex.garcinia@gmail.com; skountnh01@gmail.com; jilaliikram467@gmail.com; selmajaydonqa@gmail.com; toddgarciaytt@gmail.com; johncardhg@gmail.com; lindaarreyytt@gmail.com; shelleyjamesvr@gmail.com; jackdodos18@gmail.com; benlysara1@yahoo.com; angiefieldni@gmail.com; jamessmiller2017@gmail.com; oliviajimmybr@gmail.com; feryoussra@gmail.com; crowellmaryjh@gmail.com; hamptonbenew@gmail.com; xaletoclaimservices8@gmail.com; jackdone974@gmail.com; lendingwinship@gmail.com; mariejfried@yahoo.com; zakary.akeli@gmail.com; elian-barr@hotmail.com; benlysara2@yahoo.com; ronnie.lamb11@gmail.com; zakaria.elakili2@gmail.com; poppyevie785@gmail.com; zakaria.elakili3@gmail.com; elghandour.ayman007@gmail.com; zakaria.elakili4@gmail.com; xidemotu1236@yahoo.com; goku_zakaria@yahoo.fr; belf.mana@gmail.com; skounza1991@hotmail.com; zaach2016@yandex.com; fighting.life@hotmail.com; iliana.canon@gmail.com; gary-ingram1235@hotmail.com; justin-merrill@hotmail.com; zachary-es@outlook.es; zachrary19332@outlook.cz; zachary-de@outlook.de; skounzaneg2@outlook.com; skounzabox0@hotmail.com; amelia-clemons@outlook.fr; zachary-sosa@outlook.fr; CarlBell528@outlook.com; support@itangerstory.site; CarlBell528@outlook.com; BorisEllison940@outlook.com

And who knows what you will be sending? Or what they will do with whatever you send them? At the very least, you are confirming to all these people that you are a live, valid email address and will thus be guaranteed to receive an even greater flood of spam and scam emails.

Be careful out there.

The Old Wolf has spoken.

The “Blog Follower” Bots are Still Busy

Posted on by The Old Wolf

Yesterday I posted an article about affiliate marketing and the underhanded, despicable lies they use in their come-on websites to hook gullible people into buying worthless products.

Surprisingly, this post attracted a flurry of new followers:

  • Online Health Offers
  • Net Millionaire Dudes
  • Online Arts Marketing
  • Digital Tools For You
  • Motivated to Lose Weight
  • Marketing Trends Secrets
  • Digital Marketing Blog Updates
  • Set Up Multiple Income Streams
  • Create Your Own Lifestyle Online Business
  • Three “empty” blogs
  • Marketer’s Handbook
  • Lose Fat in 21 Days
  • … and three empty blogs, placeholders for who knows what.

Clearly the keywords that triggered this inrush were “Marketing” and “Weight Loss.” Now, I’d like to think that all of these “fine people” were interested in what I have to say, but every single one of these was clearly out to promote their own product/scheme/system/scam, take your choice.

For what it’s worth, all of these were deleted this morning, just on general principles, but I have one very persistent follower, a cryptocurrency hawker, who came back five times before he finally gave up.

I can only assume that they think the more blogs they follow, the greater the likelihood that others will follow them automatically. In the case of WordPress, every time someone follows my blog, I get an email like this:

[Blogger] just started following you at http://playingintheworldgame.com. They will receive an email every time you publish a post. Congratulations.

You might want to go see what they’re up to! Perhaps you will like their blog as much as they liked yours!

The fact that WordPress tacitly enables this behavior ¹ is a bit disappointing, but in a perfect world where there were no spammers, it would not be a bad thing. I wouldn’t mind at all if like-minded individuals followed my blog or liked my posts, and I would be more inclined to go see what they had to say about relevant topics. Sadly, the vast majority of my current 1,578 followers never interact with my posts, so I can only assume they are – if not outright fakes – simply promoting their own schemes.

Fortunately, I’m not writing this blog for the purpose of making money, so I really don’t lose any sleep over how many people follow me; a lot of my posts are a form of public service announcement, placed out there so that people who are investigating potential scams can be warned and save their money. If people find me, and occasionally they do, then I’m satisfied.

The Old Wolf has spoken.

¹ The referenced article is 7 years old, but interestingly still entirely relevant. WordPress is a good platform, but they obviously have to monetize, and also have to live in a world where less-than-reputable people will do whatever it takes to increase their own exposure. It’s an ongoing conundrum.

The scammers are getting desperate

Posted on by The Old Wolf

A friend of mine in Finland just got one of these, it falls into the same category as the sextortion scam about which I have already written: desperate bad guys blasting out millions of emails to the entire world, hoping to catch the handful of people who *do* visit adult sites, have unsecured webcams, a guilty conscience, and very little education.

In this case, they’re hoping to snare the fearful and gullible segment of the world’s populace. It astonishes me that people could be so foolish as to fall for these kinds of scams, but if it didn’t work at some level, the bad guys wouldn’t do it.

But the takeaway here is the same as always: This is a scam, there’s no truth to it, and you should never send money to criminals. Please keep your loved ones, particularly the elderly and vulnerable, educated and protected.

The Old Wolf has spoken.

Text spammers know what we think about them.

Posted on by The Old Wolf

Received in my text inbox yesterday from 201-429-3058 (almost certainly spoofed).

Reply YES for Web-page link. See Visual proof and exact blueprint for generating $13K per/month, in 45 to 90 day. Guaranteed! A rated-BBB

My response: Anatomically impossible suggestion.

Instant reply: Okay, I am deleting you from my contacts at your request. You will not be getting anymore messages. Sorry to disturb you.

Whoever is blasting spam get-rich-quick messages to the world must have a database of possible negative responses, including the one I sent. Clearly, it was expected. Clearly, he doesn’t care.

Screenshot_2018-10-11-11-48-08

The “A rated-BBB” cracked me up. As if the Better Business Bureau would give a scummy pyramid scheme a good rating.

Be careful out there.

The Old Wolf has spoken.

No, I didn’t ask to cancel my Gmail account

Posted on by The Old Wolf

Scammers

Subject: Request to Terminate Your account has been accepted
From: AccountUpdate qAvmWq4@zbikfv.uk via physics.metu.edu.tr
Date: Apr 26 (10 days ago)
to _To: millions of people

Dear Gmail Customer,

You submitted a request to terminate your Gmail mail account and the process has started by our Gmail mail Team, Please give us 3 working days to close your mail account.

To cancel the termination request reply to this mail.

All files on your Gmail mail including (Inbox, Sent, Spam, Trash, Draft) will be deleted and access to your Gmail mail account will be Denied.

If you wish to Terminate your Email Address, you can Sign Up for a new Gmail mail account.

For further help please contact by replying to this mail.

Regards,
Gmail! Account Services

Please watch out for emails like this. No, I didn’t ask for my Gmail account to be terminated, and neither did you.

If you respond to the email, you will be confirming that you are a live sucker to these people:

reply@positndor.net,
replyme@pinewbrokers.net,
reply@raintrature.com,
hello@cestaticket.com.ve,
peru@minedu.gob.pe,
marco@geturoffrsnw.win,
admin@betterwithfn.com,
comm@edukouvola.fi,
notice@myegy.com

And it’s a penny to a quid that every one of them is a scammer who will do their best to get your personal information or your money.

How do you know this message is not from Gmail? It was sent from The Gmail! account team (Gmail doesn’t use a “!” in their name like “Yahoo!” does. In addition to that, the return address is:

AccountUpdate qAvmWq4@zbikfv.uk via physics.metu.edu.tr

A double redirect, one from the UK and one from Turkey. No, Virginia, that’s not Gmail.

Be careful out there.

The Old Wolf has spoken.

Don’t reply to spam. Ever.

Posted on by The Old Wolf

This should go without saying, but I just thought I’d point out one of many reasons why you should never respond to spam messages.

spam

(We wanted to let you know that we noticed that you still did not claim your $200 Amazon-shopping bonus that was gifted to you as a thank you for your business in past.
Please be sure to claim this before Aug 25
But Hurry! This Ends on Aug 25!
Please Go Here Now to Claim Your $200 Amazon-Shopping Bonus)

Click on the “Claim Your Bonus” link and your email program will generate a message to the following addresses:

  • info@delopment.net
  • sports@southeoffice.com,
  • mailtech@provintimate.net
  • reply@republck.com
  • info@templervices.net

Whatever message you send, such as “Ooh yes I want my bonus” or whatever, you have just given a live email address to five spammers/criminals/scammers or Mogg knows what, with a loud additional shout: “I am a sucker! Please Scam Me!”

Just don’t. Never respond to anything in your Spam box, and if you get email from people you have never done business with, delete it at once.

Be careful out there.

The Old Wolf has spoken.

WordPress users, please use strong passwords

Posted on by The Old Wolf

Just got phishing spam from bad guys pretending to the Bank of Ireland. Here’s the email:

Bank of Ireland Phishing

If you are fooled into clicking the link, you are redirected to:

http://personalbanking.bankofireland.obfusticated.com/ie/ie/authentication.html?e1s1

The “obfusticated” prevents anyone from actually going to the bad site, and protects the wordpress user whose website (“obfusticated.com”) has been compromised. For what it’s worth, I’ve done my best to warn the individual involved that there is a problem at their website.

The gateway page is below. It looks very official, but don’t let that fool you. It’s a fake.

Bank of Ireland Phishing 2

Then you get to give the criminals your login PIN:

Bank of Ireland Phishing 3

The malicious code appears to fail the first time and makes you re-enter the data. It doesn’t matter what you put in the second time, you’ll advance to the next page:

Bank of Ireland Phishing 4

Please be aware: BANKS WILL NEVER DO THIS. NEVER GIVE OUT SENSITIVE INFORMATION BY EMAIL OR ON THE WEB.

Next you are asked to hand the criminals your credit card password.

Bank of Ireland Phishing 5

Once they have your data – or in my case, a whole raft of obscenities – you are redirected to the real Bank of Ireland website.

If you have a WordPress blog (or any other website) please make sure you are using strong passwords. If bad guys get in, they can park malicious code in your web space and direct their victims there, not to mention steal whatever valuable data is there.

Never give out sensitive financial information over the web. If you suspect your accounts have truly been compromised or locked, call your bank directly and ask for verification.

Be careful out there.

The Old Wolf has spoken.