Attn;Beneficiary!

Posted on by The Old Wolf

The Lads from Lagos never seem to give up. What saddens me is that as long as these letters keep going out, it means that somewhere people are falling victim to this fraud.

38_021022_nigerianemailmain.jpg.CROP.original-original

From: “MR.JOHN FRANK” <office_moneygram@yahoo.com>

Subject: WELCOME TO WESTERN UNION HEAD OFFIC

WELCOME TO WESTERN UNION HEAD OFFICE
BENIN REPUBLIC COTONOU
MR.JOHN FRANK

Attn;Beneficiary,Information reaching us from our corporate headquarters now, states that you only have 72hours to effect payment for the activation of your MTCN to enable you cash up your first $5,000.00 from your total (fund us$4,800,000,00,) since you are finding it difficult to make this payment we have decided that you are to go ahead and pay whatever you have from $105US above for the activation fee since you are not able to come up with the required sum, time is of the essence here.

You are to pay what ever you have from $105US above for the activation fee we will activate your MTCN upon receipt of this payment.here is the payment for the $5,000 usd but you can not pick it up because the chairman of the western union say that before you pick that money you must pay the any amount you have from $105US above OK

Here is the Senders Information;
Sender Name, MIKE
sender last name, OGUEJI
MTCN:):759054421
Amount Sent $5000.00

Please be inform that we just give you Nine Numbers for now and the remaining one number will be giving to you as soon as you send the activation fee of $105 usd today I will give you the complete number to pick up your fest payment of $5,000.00 uas as well,

Be informed that you will have to pay the balance sum of your activation upon cashing up of your first 5,000.00 usd, also i am using this medium to inform you that failure to pay the balance sum will leave us with no option but to deactivate your mtcn of which you will and can never cash up the balance sum  I will wait to hear back from you in regard to this massage so that I will give you the information that you will use to send the $105 usd.

You are advice to get back as soon as you receive this massage so that we will furnish you with the information needed to send the activation fee of $105 usd to able us release your first payment to you as promise kindly give urgent attention we are waiting

MR.JOHN FRANK
EMAIL: (westernunion132@qq.com)
WESTERN UNION HEAD OFFICE BENIN
REPUBLIC COTONOU OPERATION MANAGER)

For what it’s worth, qq.com is a Chinese hosting outfit. For the love of Eudora Welty and the Concert of the Galaxy, never respond to emails of this nature.

☛ NO ONE IN AFRICA HAS MONEY FOR YOU. THEY ONLY WANT YOURS, AND THEY WILL HAPPILY TAKE AS MUCH AS YOU ARE WILLING TO SEND THEM. ☚

Please protect your loved ones. Make sure they understand this.

DrudgeSirenSmall NEVER SEND MONEY BY WESTERN UNION, MONEY GRAM, GREEN DOT MONEYPAK, OR ANY OTHER METHOD TO SOMEONE YOU DO NOT KNOW. YOU ARE BEING SCAMMED. DrudgeSirenSmall

Phishing: My Yahoo Account has “expired.”

Posted on by The Old Wolf

Phishing, as I have mentioned numerous times elsewhere, is rampant. In a world with over 7 billion people, it’s hard to say how many electronic bad guys there are out there, but even if its a relatively small number, the nature of the web gives the bad actors a lot more access to a global pool of potential victims than your average con-man enjoyed in pre-internet days.

This email arrived this morning:

yahoo1

Two things:

  1. YahooMail is always free. There’s a no-ad service you can pay for, but the drones are counting on the fact that grandma or grandpa (or any other potential sucker) won’t know that.
    77
    A significant portion of internet users are terribly un-technical, and find computers are to be feared; if they use them at all, it’s on a cookbook level. “If you see it on the internet, it has to be true” is sadly a part of far too many people’s psyches, hence many people get taken advantage of in myriad ways.
  2. See that little yellow circle by the link? If you hover over it with your mouse, you’ll get a popup indicating how any particular website has been rated by users for trustworthiness and child safety.Yahoo2That’s a function of a browser extension called “WOT” (Web of Trust) that I have mentioned elsewhere. It’s invaluable for stopping problems before they start. The circles displayed are green, yellow, or red, and you can follow the “Click to view details” link for more information, user reviews, or to rate a site yourself if you have a (free) account.It’s not perfect by any means – WOT can be subject to shill reviews and malicious comments from unethical competitors and the like, but like anything else on the internet, it’s part of a body of evidence and I find it extremely useful as a canary in the mine.  In this case, the top-level domain “twomini.com” is rated very poorly on both counts, with the one user-posted review stating “Domainhoster hosting sites used for fraud, scam and Accountphishing.” Which is certainly true in this case.

If you hover over the “go here” link, your browser indicates that you are being directed to “http://bit.ly/10VyM2I&#8221; which is most definitely NOT a Yahoo address. It’s a shortened link which expands to:

DrudgeSirenSmallhttp://infoskale.twomini.com/obyno/Connect%26True%3DUser1%25%3DXclusiv-
3D%23Anonymous7Dole%3DReason%26Upgrade1%25continue%25True4.php DrudgeSirenSmall

Web addresses like that are not necessarily bad in and of themselves, but they are not what you would expect to see when you visit a major site like Yahoo, or Comcast, or your financial institution. Those little drudge lights up there point out that this kind of URL is a red flag for suspicious activity, and to proceed with extreme caution.

If the victim unwisely clicks on the link, they get this:

Yahoo3

which quickly redirects to this:

Yahoo4

If you try to “log in” from this screen, your account information is sent to Russia or the Ukraine or Nigeria or somewhere else, and the bad boys now have access to all your email, as well as an account to send out spamvertising or other scams with, and they do so on a regular basis. The victim is then sent back to the regular Yahoo Mail  website, and continues on their merry way none the wiser.

indiana_jones_grail_knight-you-have-chosen-poorly

I logged in several times with user names like “ScammersEatCamelDung”, just to make sure they got the message. Of course, it’s possible that responses are simply harvested into a login script that will never be seen, but what the heck; I’ll take any opportunity to insult one of these wastes of human cytoplasm.

Please be careful out there, and for the love of Ella Wheeler Wilcox and the music of the spheres, protect your loved ones. If you have people you care about who use the computer and who are not tech-savvy, educate them on how to protect themselves from scammers.

We demand that people get licenses to drive a car; it’s a shame no basic training is required before venturing into the potentially-scary world of the internet.

The Old Wolf has spoken.

Kids love puppets, past and present.

Posted on by The Old Wolf

FTP_children_watching_marionettes

Children watching marionettes in New York, 1935 (From Wikimedia)

174140

Alfred Eisenstaedt Children At A Puppet Theatre Paris Picture. It appears the French kids really get into this.

431411

Children watching a puppet show in the street. Honshu Shizuoka Izu Peninsula, Japan
Photograph: George Dixon Aked, 1937

pr20136

Children watch puppets and performers at the Polynesian Luau – Orlando, Florida
Photo: Philip Guataer, 1981
State Archives of Florida, Florida Memory

295306_4298965316207_677064745_n

Modern puppeteer Nicola McEldowney entertains children with Just So Stories in Cambridge, MA, 7/20/12 — at Henry Bear’s Park.

Of course, marionettes are not only for kids. Although the puppet show in the Sound of Music was put on ostensibly by the children of the family, it was actually the famous Bill Baird and his troupe who created the puppets and the segment, for the enjoyment of the adults.

soundofmusic

Puppets can be useful, too:

Grondahl - Puppets

© Calvin Grondahl

The Old Wolf has spoken.

How to have a Merry Christmas

Posted on by The Old Wolf

Well, according to one math professor, this is how it’s done:

  1. CodeCogsEqn
  2. CodeCogsEqn (1)
  3. CodeCogsEqn (2)
  4. CodeCogsEqn (3)
  5. CodeCogsEqn (4)

Funny. But all joking aside, Oxfam has come up with a practical formula for knowing whether or not you’re really enjoying the holidays, and it looks like this (and there’s no reason this wouldn’t work for Chanukkah as well):

formula-oxfam

That’s a bit more complex; here’s what it boils down to as a “word problem”:

“It’s great to see that ultimately, happiness at Christmas comes down to quite simple things, such as enjoying time off work to spend with friends and family.”

Key ‘happiness factors’ include:
• Number of calories consumed on Christmas Day (any more than 7,000 calories and you’ll be too stuffed to enjoy yourself)
• Amount of time off work (just one day off boosts happiness by 70%, with three weeks being the optimum amount)
• Centimetres of snow (15cm is ideal)
• Family arguments (more than five and happiness levels plummet)
• Number of hours spent trawling the shops for gifts (any more than 10 hours and shopping-induced stress sees happiness decline rapidly)
• Miles driven to see friends and family (0 miles is ideal, with 500 miles generating a 40% reduction in happiness levels)
• The number of gifts you receive has an impact on happiness (6 gifts gets you to optimum happiness levels), but….
• ….most crucially, how many gifts you give (even giving just one present makes a huge difference to happiness levels, increasing Christmas enjoyment by 50%).

To estimate your score, visit the original article. (But we need a bigger picture of the formula there.)

The Old Wolf has spoken.

Why I love reddit

Posted on by The Old Wolf

Yes, it can be a tar pit of trolls and Not Safe For Work posts, but if you arrange your settings to filter out the garbage, it’s also an amazing community.

Example 1:

  1. User /u/thespite posts a clever way to send a holiday greeting using Google Maps. You can try the Holiday Message yourself.
  2. User /u/benlaor tries it, and discovers a picture of his beloved dog of blessed memory. He wrote: “Thank you, thank you, thank you for this. You don’t understand what happened because of this video.I have never looked at my house on street view before (strange, huh?). This was the first time. The images for Israel are a few years old, probably around 5 years in most cases.

    At the end of the video it lets you just look around freely. I look around my house, look over at my parking stop, and there he was. Lazying about in the sun was my plump little fatass of a dog, who was my favorite thing in the world until he died a few years ago. I have almost no pictures of him due to my not backing anything up and my HDD being destroyed in a power surge.”

  3. User /u/jangoo identifies the location.
  4. User /u/thespite extracts a high-res image
  5. User /u/fatty_tines creates a lovely color drawing of the dog.
    tS2shSI
  6. Tears all around.

Example 2:

  1. User /u/LE_POOR_MERIT has a teenaged son who does an awesome drawing entitled “Who Dares Summon Chrismotron?”
    egQ6lO5
    ©2014 “Unknown ben LE_POOR_MERIT”
  2. User /u/pohjankonna, a freelance artist from Finland, does an amazing digital rendering of the drawing
    Chrismotron
    ©2014 Pekka Veikkolainen
    and makes this offer: “You have of course the permission to print & frame it, after all I took the original without asking first! I do have a slightly larger version that I can send you. Better yet, I could also send you the original Photoshop file with all the different layers on it, if your son would be interested in deconstructing the painting to see what it’s actually made of (kind of a step-by-step view to creating a digital painting).”
  3. Tears all around.
  4. For those interested, a wallpaper version.

Keep in mind these people don’t know each other from Adam’s off ox. They’re just regular people being awesome to one another for no good reason, which is what the best of humanity is all about. Also, these are only two recent examples; similar things happen all the time on reddit. It always lifts my spirits to read about one.

The Old Wolf has spoken.

How to get your senators’ and representatives’ attention on any issue without being a wealthy donor

Posted on by The Old Wolf

Seen at reddit: Protip from a former Senate intern, with thanks to /u/SomeKindOfMutant.

This is worth sharing, since most of us are not among the 1% who have access to government:

An email to your senator or representative may result in a form letter response and a phone call to the office may amount to a tally mark on an administrative assistant’s notepad. But, for any given policy concern, if you want to get their attention a letter to the editor in one of your state’s 5-10 biggest newspapers that mentions them specifically BY NAME is the way to go. If your message is directed to your representative, pick a newspaper that is popular in your district.

That is the crucial thing to know–the rest of this post is an explanation of why I know this is true.

I know this because, when I interned in the D.C. office of a senator one summer, one of the duties I shared was preparing a document that was distributed internally both online and in paper format. This document was made every day and comprised world news articles, national news, state news, and any letters to the editor in the 5-10 largest newspapers within the state that mentioned the senator by name. I was often the person who put that document on his desk, and it was the first thing he read every morning after arriving to the office.

I began to suspect that this was standard operating procedure because several other senators’ offices share the same printer in the basement of the Russell Senate Office building, and I saw other interns doing the exact same procedures that I was involved in.

Since the internship, I’ve conferred with other Senate and House employees past and present and determined that most–if not all–offices use essentially the same procedure.

Usually when I write or call or email a senator or representative, I get the expected form letter in return. Recently I was actually contacted by a staffer at Orrin Hatch’s office who had some more questions about a letter I wrote regarding the regulation of money-transfer services like Western Union who are participating in so many Nigerian scams. It was gratifying.

That said, this is an excellent tip.

The Old Wolf has spoken.

Don’t Help the Scammers

Posted on by The Old Wolf

There’s an old joke circulating out there that occasionally crops up in people’s inboxes:

You have just received the [Amish/Polish/Aggie, etc.] Virus! Because we don't know
how to program computers, this virus works on the honor system.
Please delete all the files from your hard drive and manually
forward this virus to everyone on your mailing list.
Thanks for your cooperation.

It goes without saying that this would be a Bad Idea. That said, there is a very current scam going on which I ran across yesterday, in which the victim is carefully walked step-by-step through the operations necessary to allow Bad Guys to take control of their computer. I referred to it in a previous post, but here’s the complete run-down.

While researching spoofed and phishing URLs, I decided to use a misspelling of a popular website as an example. I typed in http://www.micorsoft.com (DO NOT DO THIS!) and discovered a rat’s nest of scam operations embedded in this one redirect.

According to WHOIS, the domain is registered thusly:

Domain Name: MICORSOFT.COM
Registrar: EPIK, INC.
Whois Server: whois.epik.com
Referral URL: http://epik.com
Name Server: NS1.DNSLINK.COM
Name Server: NS2.DNSLINK.COM
Status: ok
Updated Date: 19-oct-2014
Creation Date: 13-oct-2001
Expiration Date: 13-oct-2015

Epik is a domain-name registry service, so beyond that I don’t have the chops to dig deeper and see who is really running this operation, but this much I know – they’re wastes of human cytoplasm.

This domain redirects to a number of different scams.

1) You’ve won a prize!

Prize1

Here’s the first popup. The URL is your typical scam alphabet soup address.

Prize2

After answering four inane questions about age, whether you shop on line, gender, etc. you’re presented with this:

Prize3

Well, of course I qualify. You think the scammers would turn down a sucker? No, I didn’t win a prize, I won a “chance” for a grocery gift card. Call the number, and what you hear is “Congratulations! Won a chance to win a gift card!. Stay on the line to complete your entry! Dingdingding your initial entry has been registered, but stay on the line for other additional offers!” You then are bombarded with advertising. Since I used Google Voice to call, there’s no way they could possibly know who is calling or how to contact you if you were really a winner – this is just spamvertising, pure and simple.

2) The Random Cybersquatting Page

Next, i was redirected to this horrific URL:

http://www.searchnet.com/Search/Index?
utm_source=8&utm_campaign=AuctionErrorWithInfo&utm_term=XP%20Home%20Premium;
Microsoft;microsoft;download%20internet%20explorer%2010;microsoft.com;www.microsoft.com;
microsoft%20windows;window%20live%20messenger;servers%20xp;microsoft%20help%20support;
microsoft;microsoft%20help%20center;online%20ms%20training;
microsoft%20programs;xp%20small%20business%20edition%20;downloads;
microsoft.com;windows%20updates&utm_medium=Ciclostare32

User Nokkenbuer at WOT (Web of Trust) posted on 09/21/2014:

  • I don’t trust
  • Malware or viruses
  • Poor customer experience
  • Scam
  • Misleading claims or unethical
  • Privacy risks
  • Suspicious
  • Spam
  • Potentially unwanted programs

This website was involved in redirecting me to a malicious site after accessing a typosquatter website (http://www.micorsoft.com/). I do not trust it and may aid in infecting your computer with unwanted malware, spyware, or grayware.”

By the way, if you don’t have the WOT extension on your computer, I’d recommend it. It gives you advance warning of sites that have been flagged as malicious, like this:

Wot1

For any site, you can always “read more” to see what users have said. It’s wise to do, because on occasion a website was flagged early for suspicious behavior, but domains change hands and it could be a legitimate site at the present time. User comments will usually reflect this. At all events, you have the option of leaving before you actually visit a potentially dangerous website. Sign up, and you can leave your own feedback for websites as well.

3) Is Your Computer Running Slowly?

slow1

If you click OK, you’re directed to this page:

 Slow2

This one looks slick and official, but it’s a solid guarantee that if you call that toll-free number, you’re at risk for being scammed or having your computer infected or both.

4) The Scare Tactic

This is the one I referred to in my earlier post, and today I followed up on the game to see how it plays out.

Viruse2

This page is a little different than the first one I encountered; it doesn’t mention specific viruses, but includes an annoying, repeating, and loud chirp to add urgency to the scam. If you try to navigate away from the page, you get this:

virus1

If you bite and call the number (855- 979-7382) you will be connected to a polite-sounding Indian or Pakistani boiler-room worker who will engage you as follows:

  1. I was asked kind of problems you are experiencing, what kind of computer I am running, and what my operating system is.
  2. On a Win7 box (your mileage may vary for other operating systems) I was asked to hit “Windows-R” to open the Run dialog, and then type in “MSConfig” and hit enter. This is harmless, but displays running services on your computer.
  3. I was asked if more than 15 services were stopped?
  4. I responded that yes, more than 15 services were stopped.
  5. The agent informed me that since more than 20% of my services were stopped, my system was vulnerable to application errors. Once Windows 7 has services stopped, that is the main problem. This, of course, is utter bulldust, but is technobabble enough to flummox most callers who get this far.
  6. I was told that we need to check why these services are stopped. Again directed to the “Run” dialog, I was instructed to type in “hh h” and hit “Enter”. This brings up the HTML Help Window, which “Cannot be Displayed.”
    Help1
  7. I was instructed to hover my mouse over the little question-mark icon in the window, and select the “Jump to URL” option.
    Help2
  8. I am presented with a dialog box, and asked to enter the specified URL:
    Scam3
    N    ote: This is a sneaky way to get you to visit a website, instead of typing it directly in the URL bar.
  9. Once this is done, I am directed to this website: https://secure.logmeinrescue.com/customer/code.aspx
    Login
    This is a website which allows outside users to take control of your computer, usually for tech support reasons. If you trust the party on the other end it can be useful, although I prefer to use TeamViewer.
  10. Before proceeding, the agent had me run inetcpl.cpl, click on the connections tab, and ensure that no proxy was being used.
  11. Having done this, the agent instructed me to enter the code 941073, and hit “Enter.” He asked me what I saw on my screen.
  12. At this point, I told him the only thing I saw was myself closing Chrome, because I had no intention to give control of my machine to a bunch of scammers, and hung up.

There are enough methods out there that the Bad Guys can infect your computer if you’re not careful, but helping them with the process is generally a Lousy Idea.

Be careful out there.

The Old Wolf has spoken.

Taking the High Road with a Scammer

Posted on by The Old Wolf

Man-shouting-into-a-phone-012

Photo: Alamy

If you follow my blog, you’ll know it has become somewhat of a warning beacon against scams and frauds, which little crusade began after my own mother was scammed by cross-border fraudsters out of a large chunk of her savings.

Here, however, is an interesting article from The Guardian entitled “How I Talked a Scammer Into a Better Life Choice.”

Written by Amanda Willis, it describes her conversation with a Pakistan-based boiler-room worker who was trying to get her to download malware. The results were encouraging, and worthy of being shared. Her entire essay is definitely worth a read.

The tagline of the article is “Getting angry with fraudsters dehumanises them, but if we engage them in conversation we might be surprised by the results.”

Unfortunately, many scammers who are directly involved in criminal enterprises become frighteningly abusive when confronted with their scam, and I’m not sure I want to get involved with inviting that sort of negative energy into my life. But the principle at work here is the one found in Proverbs 25:21-22:

If thine enemy be hungry, give him bread to eat; and if he be thirsty, give him water to drink:For thou shalt heap coals of fire upon his head, and the Lord shall reward thee.

The Old Wolf has spoken