Category Archives: spam

Spammy blog followers, redux

Posted on by The Old Wolf

I have written about blog spammers multiple times. I had hoped that with time this repugnant technique for driving traffic would have died out, but no such luck.

Looked at my list of followers today, and the top ones are displayed here:

Every single one of these is a sleazy-looking marketing website. By following my blog, I assume they hope either a) I will follow them back, or b) this will somehow raise their rankings in Google or other search engines. A few examples of what you find if you happen to click their links:

Seriously, people? This is not how to advertise your businesses. It’s definitely a dick move, and is a solid guarantee that I will never ever use your services or do business with you.

The Old Wolf has spoken.

Facebook Login Scam

Posted on by The Old Wolf

The email above was in my spam folder, hence automatically suspicious. If you click on that “to cONTACT” button, you can see that the mail was not sent by Facebook but by someone at “beratinind.co.uk.” Maybe. That was probably spoofed as well.

Whether you “Report the user” or “Yes, me” (note the poor grammar), you will be sending email to this list of people:

PeterQuinn615@outlook.com; zikorugbyman87@gmail.com; frank.lion92@gmail.com; paulm8756@gmail.com; akilzachary3@gmail.com; frank.kolar@aol.com; brandon.mathis2@aol.com; addod.dghi@aol.com; zachary.akili20@gmail.com; saifalik654@gmail.com; manuchkacharm@gmail.com; anucharma04@gmail.com; apex.garcinia@gmail.com; skountnh01@gmail.com; jilaliikram467@gmail.com; selmajaydonqa@gmail.com; toddgarciaytt@gmail.com; johncardhg@gmail.com; lindaarreyytt@gmail.com; shelleyjamesvr@gmail.com; jackdodos18@gmail.com; benlysara1@yahoo.com; angiefieldni@gmail.com; jamessmiller2017@gmail.com; oliviajimmybr@gmail.com; feryoussra@gmail.com; crowellmaryjh@gmail.com; hamptonbenew@gmail.com; xaletoclaimservices8@gmail.com; jackdone974@gmail.com; lendingwinship@gmail.com; mariejfried@yahoo.com; zakary.akeli@gmail.com; elian-barr@hotmail.com; benlysara2@yahoo.com; ronnie.lamb11@gmail.com; zakaria.elakili2@gmail.com; poppyevie785@gmail.com; zakaria.elakili3@gmail.com; elghandour.ayman007@gmail.com; zakaria.elakili4@gmail.com; xidemotu1236@yahoo.com; goku_zakaria@yahoo.fr; belf.mana@gmail.com; skounza1991@hotmail.com; zaach2016@yandex.com; fighting.life@hotmail.com; iliana.canon@gmail.com; gary-ingram1235@hotmail.com; justin-merrill@hotmail.com; zachary-es@outlook.es; zachrary19332@outlook.cz; zachary-de@outlook.de; skounzaneg2@outlook.com; skounzabox0@hotmail.com; amelia-clemons@outlook.fr; zachary-sosa@outlook.fr; CarlBell528@outlook.com; support@itangerstory.site; CarlBell528@outlook.com; BorisEllison940@outlook.com

And who knows what you will be sending? Or what they will do with whatever you send them? At the very least, you are confirming to all these people that you are a live, valid email address and will thus be guaranteed to receive an even greater flood of spam and scam emails.

Be careful out there.

The Old Wolf has spoken.

The “Blog Follower” Bots are Still Busy

Posted on by The Old Wolf

Yesterday I posted an article about affiliate marketing and the underhanded, despicable lies they use in their come-on websites to hook gullible people into buying worthless products.

Surprisingly, this post attracted a flurry of new followers:

  • Online Health Offers
  • Net Millionaire Dudes
  • Online Arts Marketing
  • Digital Tools For You
  • Motivated to Lose Weight
  • Marketing Trends Secrets
  • Digital Marketing Blog Updates
  • Set Up Multiple Income Streams
  • Create Your Own Lifestyle Online Business
  • Three “empty” blogs
  • Marketer’s Handbook
  • Lose Fat in 21 Days
  • … and three empty blogs, placeholders for who knows what.

Clearly the keywords that triggered this inrush were “Marketing” and “Weight Loss.” Now, I’d like to think that all of these “fine people” were interested in what I have to say, but every single one of these was clearly out to promote their own product/scheme/system/scam, take your choice.

For what it’s worth, all of these were deleted this morning, just on general principles, but I have one very persistent follower, a cryptocurrency hawker, who came back five times before he finally gave up.

I can only assume that they think the more blogs they follow, the greater the likelihood that others will follow them automatically. In the case of WordPress, every time someone follows my blog, I get an email like this:

[Blogger] just started following you at http://playingintheworldgame.com. They will receive an email every time you publish a post. Congratulations.

You might want to go see what they’re up to! Perhaps you will like their blog as much as they liked yours!

The fact that WordPress tacitly enables this behavior ¹ is a bit disappointing, but in a perfect world where there were no spammers, it would not be a bad thing. I wouldn’t mind at all if like-minded individuals followed my blog or liked my posts, and I would be more inclined to go see what they had to say about relevant topics. Sadly, the vast majority of my current 1,578 followers never interact with my posts, so I can only assume they are – if not outright fakes – simply promoting their own schemes.

Fortunately, I’m not writing this blog for the purpose of making money, so I really don’t lose any sleep over how many people follow me; a lot of my posts are a form of public service announcement, placed out there so that people who are investigating potential scams can be warned and save their money. If people find me, and occasionally they do, then I’m satisfied.

The Old Wolf has spoken.

¹ The referenced article is 7 years old, but interestingly still entirely relevant. WordPress is a good platform, but they obviously have to monetize, and also have to live in a world where less-than-reputable people will do whatever it takes to increase their own exposure. It’s an ongoing conundrum.

The scammers are getting desperate

Posted on by The Old Wolf

A friend of mine in Finland just got one of these, it falls into the same category as the sextortion scam about which I have already written: desperate bad guys blasting out millions of emails to the entire world, hoping to catch the handful of people who *do* visit adult sites, have unsecured webcams, a guilty conscience, and very little education.

In this case, they’re hoping to snare the fearful and gullible segment of the world’s populace. It astonishes me that people could be so foolish as to fall for these kinds of scams, but if it didn’t work at some level, the bad guys wouldn’t do it.

But the takeaway here is the same as always: This is a scam, there’s no truth to it, and you should never send money to criminals. Please keep your loved ones, particularly the elderly and vulnerable, educated and protected.

The Old Wolf has spoken.

Text spammers know what we think about them.

Posted on by The Old Wolf

Received in my text inbox yesterday from 201-429-3058 (almost certainly spoofed).

Reply YES for Web-page link. See Visual proof and exact blueprint for generating $13K per/month, in 45 to 90 day. Guaranteed! A rated-BBB

My response: Anatomically impossible suggestion.

Instant reply: Okay, I am deleting you from my contacts at your request. You will not be getting anymore messages. Sorry to disturb you.

Whoever is blasting spam get-rich-quick messages to the world must have a database of possible negative responses, including the one I sent. Clearly, it was expected. Clearly, he doesn’t care.

Screenshot_2018-10-11-11-48-08

The “A rated-BBB” cracked me up. As if the Better Business Bureau would give a scummy pyramid scheme a good rating.

Be careful out there.

The Old Wolf has spoken.

No, I didn’t ask to cancel my Gmail account

Posted on by The Old Wolf

Scammers

Subject: Request to Terminate Your account has been accepted
From: AccountUpdate qAvmWq4@zbikfv.uk via physics.metu.edu.tr
Date: Apr 26 (10 days ago)
to _To: millions of people

Dear Gmail Customer,

You submitted a request to terminate your Gmail mail account and the process has started by our Gmail mail Team, Please give us 3 working days to close your mail account.

To cancel the termination request reply to this mail.

All files on your Gmail mail including (Inbox, Sent, Spam, Trash, Draft) will be deleted and access to your Gmail mail account will be Denied.

If you wish to Terminate your Email Address, you can Sign Up for a new Gmail mail account.

For further help please contact by replying to this mail.

Regards,
Gmail! Account Services

Please watch out for emails like this. No, I didn’t ask for my Gmail account to be terminated, and neither did you.

If you respond to the email, you will be confirming that you are a live sucker to these people:

reply@positndor.net,
replyme@pinewbrokers.net,
reply@raintrature.com,
hello@cestaticket.com.ve,
peru@minedu.gob.pe,
marco@geturoffrsnw.win,
admin@betterwithfn.com,
comm@edukouvola.fi,
notice@myegy.com

And it’s a penny to a quid that every one of them is a scammer who will do their best to get your personal information or your money.

How do you know this message is not from Gmail? It was sent from The Gmail! account team (Gmail doesn’t use a “!” in their name like “Yahoo!” does. In addition to that, the return address is:

AccountUpdate qAvmWq4@zbikfv.uk via physics.metu.edu.tr

A double redirect, one from the UK and one from Turkey. No, Virginia, that’s not Gmail.

Be careful out there.

The Old Wolf has spoken.

Don’t reply to spam. Ever.

Posted on by The Old Wolf

This should go without saying, but I just thought I’d point out one of many reasons why you should never respond to spam messages.

spam

(We wanted to let you know that we noticed that you still did not claim your $200 Amazon-shopping bonus that was gifted to you as a thank you for your business in past.
Please be sure to claim this before Aug 25
But Hurry! This Ends on Aug 25!
Please Go Here Now to Claim Your $200 Amazon-Shopping Bonus)

Click on the “Claim Your Bonus” link and your email program will generate a message to the following addresses:

  • info@delopment.net
  • sports@southeoffice.com,
  • mailtech@provintimate.net
  • reply@republck.com
  • info@templervices.net

Whatever message you send, such as “Ooh yes I want my bonus” or whatever, you have just given a live email address to five spammers/criminals/scammers or Mogg knows what, with a loud additional shout: “I am a sucker! Please Scam Me!”

Just don’t. Never respond to anything in your Spam box, and if you get email from people you have never done business with, delete it at once.

Be careful out there.

The Old Wolf has spoken.

WordPress users, please use strong passwords

Posted on by The Old Wolf

Just got phishing spam from bad guys pretending to the Bank of Ireland. Here’s the email:

Bank of Ireland Phishing

If you are fooled into clicking the link, you are redirected to:

http://personalbanking.bankofireland.obfusticated.com/ie/ie/authentication.html?e1s1

The “obfusticated” prevents anyone from actually going to the bad site, and protects the wordpress user whose website (“obfusticated.com”) has been compromised. For what it’s worth, I’ve done my best to warn the individual involved that there is a problem at their website.

The gateway page is below. It looks very official, but don’t let that fool you. It’s a fake.

Bank of Ireland Phishing 2

Then you get to give the criminals your login PIN:

Bank of Ireland Phishing 3

The malicious code appears to fail the first time and makes you re-enter the data. It doesn’t matter what you put in the second time, you’ll advance to the next page:

Bank of Ireland Phishing 4

Please be aware: BANKS WILL NEVER DO THIS. NEVER GIVE OUT SENSITIVE INFORMATION BY EMAIL OR ON THE WEB.

Next you are asked to hand the criminals your credit card password.

Bank of Ireland Phishing 5

Once they have your data – or in my case, a whole raft of obscenities – you are redirected to the real Bank of Ireland website.

If you have a WordPress blog (or any other website) please make sure you are using strong passwords. If bad guys get in, they can park malicious code in your web space and direct their victims there, not to mention steal whatever valuable data is there.

Never give out sensitive financial information over the web. If you suspect your accounts have truly been compromised or locked, call your bank directly and ask for verification.

Be careful out there.

The Old Wolf has spoken.

Dear Google News, what the hqiz is this?

Posted on by The Old Wolf

I’m used to seeing all sorts of spam and junk ads on the internet – not so much since I have ad blockers at work for me, but a lot of the ads on pages are served up in ways that ad blockers don’t identify them as such.

But when I go to Google News, I expect news articles and not clickbait, bayesian-filtered camel ejecta.

Here’s my news feed this morning (click the image for a larger view):

health

Look at the last five items. Obviously computer-generated text with garbage descriptions designed to thwart bayesian filtering. These are not even tagged as obvious advertisements as they should be.

Even though the “sources” show “The Boyne City Gazette” and “The Inland Empire News,” each link takes you via multiple redirects to “topcanadiandrugs24rx,” a scummy outfit probably operating out of India or Eastern Europe.

canada

Click on the “Real Time Coverage” button for the “story” and this is what you get:

realtime

Come on, Google – you can do better than that.

The Old Wolf has Spoken.

Domain Registraton Scam – Bad Actors from China

Posted on by The Old Wolf

Be careful out there. I just got this email the other day, and while it looked dodgy from the outset, I thought I’d follow it down the rabbit hole to see where it went.

Dear sir or madam,

We are a registrar for domain names authorized by Chinese government. Today, we received an application from Daoc International ltd applying to register [domain] as their brand name and some top-level domain names(.CN .HK etc). After our initail checking, We found the main body of domain names is same as yours.

We are handling the application and we need to confirm whether or not you authorize them to register them? Let me know your positon ASAP so as to solve it promptly. Looking forward to your reply.

Best regards,
Elvin Lee
Tel:+86-551- 6349 1191
Fax:+86-551- 6349 1192
Address:No.413,Changjiang Road,Hefei City,Anhui Province

OK. So I simply responded and said, “These domains are not authorized, thank you.”

Next up:

Notice: regarding this case, we did not receive any of your reply until now. Concerning the mentioned brand name please confirm whether you need to register by yourselves? If need, please let us know in time, we can send an application form to you. If you think the registration of that company or the use of the brand name will not bring any negative effect to your company, i suggest you can give up the brand name, then we will accept that company application unconditionally. Further questions please contact me in time.

Followed the same day by this:

Notice: hi, i am Elvin Lee. We had discussed the case about disputing your company’s brand name. You have never registered the brand name, the dispute period will come soon. If your company does not register the brand name, we will start aforesaid company registration within 2 workdays. That company will become the legal owner of the brand name in the world. We had notified you, so we are not responsible for any dispute question about your intellectual property right and trademark after they succeed in registration. If you have any questions, pls contact us within 2 workdays.

Basically telling me I’ll lose worldwide rights to my domain name if I don’t quickly take action, or alternatively, I should abandon my own domain so that they can legally register it with other companies.

Lastly, today:

Thanks for your confirmation. As soon as receiving the application of that company, we checked and found [domain] is your company’s using name. We are concerned that your name might be affected negatively by their applications, this is why we informed you. Following brand name and domain names are applied by that company:
Brand name:
[domain]
Domain names:
[domain].asia
[domain].cn
[domain].com.cn
[domain].com.hk
[domain].com.tw
[domain].hk
[domain].in
[domain].net.cn
[domain].org.cn
[domain].tw
[domain].co.in

You know that the domain names registration is open in the world, that company also has the right to apply for the available domain names. You only have the preferential rights to register them.

At present, we haven’t passed their application, we need your opinion. If your company consider these names of importance to your company’s business or interest, i suggest that your company register these names first so as to avoid confusion or speculation. Of course, If you don’t think their application will affect your company in the future, you can give up these names so that we can finish registering for them. Please give me your company’s decision as soon as possible.
Uh, no. While I have no doubt that there are many good and honest Chinese businesses, this is not one of them – in fact, falls under the rubric of “morals of a honey badger.”
Above and beyond the standard advice, “Never deal with spammers,” I’d add that you be extraordinarily careful when unsolicited business proposals come from China – in other words, be doubly vigilant.
The Old Wolf has spoken.