Tag Archives: scam

Phishing: My Yahoo Account has “expired.”

Posted on by The Old Wolf

Phishing, as I have mentioned numerous times elsewhere, is rampant. In a world with over 7 billion people, it’s hard to say how many electronic bad guys there are out there, but even if its a relatively small number, the nature of the web gives the bad actors a lot more access to a global pool of potential victims than your average con-man enjoyed in pre-internet days.

This email arrived this morning:

yahoo1

Two things:

  1. YahooMail is always free. There’s a no-ad service you can pay for, but the drones are counting on the fact that grandma or grandpa (or any other potential sucker) won’t know that.
    77
    A significant portion of internet users are terribly un-technical, and find computers are to be feared; if they use them at all, it’s on a cookbook level. “If you see it on the internet, it has to be true” is sadly a part of far too many people’s psyches, hence many people get taken advantage of in myriad ways.
  2. See that little yellow circle by the link? If you hover over it with your mouse, you’ll get a popup indicating how any particular website has been rated by users for trustworthiness and child safety.Yahoo2That’s a function of a browser extension called “WOT” (Web of Trust) that I have mentioned elsewhere. It’s invaluable for stopping problems before they start. The circles displayed are green, yellow, or red, and you can follow the “Click to view details” link for more information, user reviews, or to rate a site yourself if you have a (free) account.It’s not perfect by any means – WOT can be subject to shill reviews and malicious comments from unethical competitors and the like, but like anything else on the internet, it’s part of a body of evidence and I find it extremely useful as a canary in the mine.  In this case, the top-level domain “twomini.com” is rated very poorly on both counts, with the one user-posted review stating “Domainhoster hosting sites used for fraud, scam and Accountphishing.” Which is certainly true in this case.

If you hover over the “go here” link, your browser indicates that you are being directed to “http://bit.ly/10VyM2I” which is most definitely NOT a Yahoo address. It’s a shortened link which expands to:

DrudgeSirenSmallhttp://infoskale.twomini.com/obyno/Connect%26True%3DUser1%25%3DXclusiv-
3D%23Anonymous7Dole%3DReason%26Upgrade1%25continue%25True4.php DrudgeSirenSmall

Web addresses like that are not necessarily bad in and of themselves, but they are not what you would expect to see when you visit a major site like Yahoo, or Comcast, or your financial institution. Those little drudge lights up there point out that this kind of URL is a red flag for suspicious activity, and to proceed with extreme caution.

If the victim unwisely clicks on the link, they get this:

Yahoo3

which quickly redirects to this:

Yahoo4

If you try to “log in” from this screen, your account information is sent to Russia or the Ukraine or Nigeria or somewhere else, and the bad boys now have access to all your email, as well as an account to send out spamvertising or other scams with, and they do so on a regular basis. The victim is then sent back to the regular Yahoo Mail  website, and continues on their merry way none the wiser.

indiana_jones_grail_knight-you-have-chosen-poorly

I logged in several times with user names like “ScammersEatCamelDung”, just to make sure they got the message. Of course, it’s possible that responses are simply harvested into a login script that will never be seen, but what the heck; I’ll take any opportunity to insult one of these wastes of human cytoplasm.

Please be careful out there, and for the love of Ella Wheeler Wilcox and the music of the spheres, protect your loved ones. If you have people you care about who use the computer and who are not tech-savvy, educate them on how to protect themselves from scammers.

We demand that people get licenses to drive a car; it’s a shame no basic training is required before venturing into the potentially-scary world of the internet.

The Old Wolf has spoken.

Don’t Help the Scammers

Posted on by The Old Wolf

There’s an old joke circulating out there that occasionally crops up in people’s inboxes:

You have just received the [Amish/Polish/Aggie, etc.] Virus! Because we don't know
how to program computers, this virus works on the honor system.
Please delete all the files from your hard drive and manually
forward this virus to everyone on your mailing list.
Thanks for your cooperation.

It goes without saying that this would be a Bad Idea. That said, there is a very current scam going on which I ran across yesterday, in which the victim is carefully walked step-by-step through the operations necessary to allow Bad Guys to take control of their computer. I referred to it in a previous post, but here’s the complete run-down.

While researching spoofed and phishing URLs, I decided to use a misspelling of a popular website as an example. I typed in http://www.micorsoft.com (DO NOT DO THIS!) and discovered a rat’s nest of scam operations embedded in this one redirect.

According to WHOIS, the domain is registered thusly:

Domain Name: MICORSOFT.COM
Registrar: EPIK, INC.
Whois Server: whois.epik.com
Referral URL: http://epik.com
Name Server: NS1.DNSLINK.COM
Name Server: NS2.DNSLINK.COM
Status: ok
Updated Date: 19-oct-2014
Creation Date: 13-oct-2001
Expiration Date: 13-oct-2015

Epik is a domain-name registry service, so beyond that I don’t have the chops to dig deeper and see who is really running this operation, but this much I know – they’re wastes of human cytoplasm.

This domain redirects to a number of different scams.

1) You’ve won a prize!

Prize1

Here’s the first popup. The URL is your typical scam alphabet soup address.

Prize2

After answering four inane questions about age, whether you shop on line, gender, etc. you’re presented with this:

Prize3

Well, of course I qualify. You think the scammers would turn down a sucker? No, I didn’t win a prize, I won a “chance” for a grocery gift card. Call the number, and what you hear is “Congratulations! Won a chance to win a gift card!. Stay on the line to complete your entry! Dingdingding your initial entry has been registered, but stay on the line for other additional offers!” You then are bombarded with advertising. Since I used Google Voice to call, there’s no way they could possibly know who is calling or how to contact you if you were really a winner – this is just spamvertising, pure and simple.

2) The Random Cybersquatting Page

Next, i was redirected to this horrific URL:

http://www.searchnet.com/Search/Index?
utm_source=8&utm_campaign=AuctionErrorWithInfo&utm_term=XP%20Home%20Premium;
Microsoft;microsoft;download%20internet%20explorer%2010;microsoft.com;www.microsoft.com;
microsoft%20windows;window%20live%20messenger;servers%20xp;microsoft%20help%20support;
microsoft;microsoft%20help%20center;online%20ms%20training;
microsoft%20programs;xp%20small%20business%20edition%20;downloads;
microsoft.com;windows%20updates&utm_medium=Ciclostare32

User Nokkenbuer at WOT (Web of Trust) posted on 09/21/2014:

  • I don’t trust
  • Malware or viruses
  • Poor customer experience
  • Scam
  • Misleading claims or unethical
  • Privacy risks
  • Suspicious
  • Spam
  • Potentially unwanted programs

This website was involved in redirecting me to a malicious site after accessing a typosquatter website (http://www.micorsoft.com/). I do not trust it and may aid in infecting your computer with unwanted malware, spyware, or grayware.”

By the way, if you don’t have the WOT extension on your computer, I’d recommend it. It gives you advance warning of sites that have been flagged as malicious, like this:

Wot1

For any site, you can always “read more” to see what users have said. It’s wise to do, because on occasion a website was flagged early for suspicious behavior, but domains change hands and it could be a legitimate site at the present time. User comments will usually reflect this. At all events, you have the option of leaving before you actually visit a potentially dangerous website. Sign up, and you can leave your own feedback for websites as well.

3) Is Your Computer Running Slowly?

slow1

If you click OK, you’re directed to this page:

 Slow2

This one looks slick and official, but it’s a solid guarantee that if you call that toll-free number, you’re at risk for being scammed or having your computer infected or both.

4) The Scare Tactic

This is the one I referred to in my earlier post, and today I followed up on the game to see how it plays out.

Viruse2

This page is a little different than the first one I encountered; it doesn’t mention specific viruses, but includes an annoying, repeating, and loud chirp to add urgency to the scam. If you try to navigate away from the page, you get this:

virus1

If you bite and call the number (855- 979-7382) you will be connected to a polite-sounding Indian or Pakistani boiler-room worker who will engage you as follows:

  1. I was asked kind of problems you are experiencing, what kind of computer I am running, and what my operating system is.
  2. On a Win7 box (your mileage may vary for other operating systems) I was asked to hit “Windows-R” to open the Run dialog, and then type in “MSConfig” and hit enter. This is harmless, but displays running services on your computer.
  3. I was asked if more than 15 services were stopped?
  4. I responded that yes, more than 15 services were stopped.
  5. The agent informed me that since more than 20% of my services were stopped, my system was vulnerable to application errors. Once Windows 7 has services stopped, that is the main problem. This, of course, is utter bulldust, but is technobabble enough to flummox most callers who get this far.
  6. I was told that we need to check why these services are stopped. Again directed to the “Run” dialog, I was instructed to type in “hh h” and hit “Enter”. This brings up the HTML Help Window, which “Cannot be Displayed.”
    Help1
  7. I was instructed to hover my mouse over the little question-mark icon in the window, and select the “Jump to URL” option.
    Help2
  8. I am presented with a dialog box, and asked to enter the specified URL:
    Scam3
    N    ote: This is a sneaky way to get you to visit a website, instead of typing it directly in the URL bar.
  9. Once this is done, I am directed to this website: https://secure.logmeinrescue.com/customer/code.aspx
    Login
    This is a website which allows outside users to take control of your computer, usually for tech support reasons. If you trust the party on the other end it can be useful, although I prefer to use TeamViewer.
  10. Before proceeding, the agent had me run inetcpl.cpl, click on the connections tab, and ensure that no proxy was being used.
  11. Having done this, the agent instructed me to enter the code 941073, and hit “Enter.” He asked me what I saw on my screen.
  12. At this point, I told him the only thing I saw was myself closing Chrome, because I had no intention to give control of my machine to a bunch of scammers, and hung up.

There are enough methods out there that the Bad Guys can infect your computer if you’re not careful, but helping them with the process is generally a Lousy Idea.

Be careful out there.

The Old Wolf has spoken.

Your Bank of America Account is Under Review. Right.

Posted on by The Old Wolf

Well, since I don’t have one, that would be a Neat Trick. But here’s the email:

From: Bank Of America <dugginp@pitt.k12.nc.us>
Date:12/08/2014 1:39 PM (GMT-07:00)
To:
Subject: Your Bank Of America Account is under review

Your Bank Of America Account is under review

Bank Of America is reviewing some costumers account for possible Fraudulent & unpaid bills. The balance for your checking & saving account has reached reviewable level (uncharged & un-deducted billing).This information is accurate as of 5/12//2014 03:44:12 CST. You are required to, sign on and verify  your account informations.If you have questions, Bank Of America Online Customer Service is available 24 hours a day, 7 days a week. Sign on to send a secure email.    bankofamerica.com | Fraud Information Center

Suffice it to say this is a phishing email of the worst kind. The embedded “sign on” links take you to this link (obfuscated):

http://conwaycentralbaptist.org/blah-blah-blah/.safe.ssl-comfirmed-onlinebankingofamerica.com/index.html

In case you needed an additional hint, this is not a Bank of America website.

Conway Central Baptist Church will probably not be pleased that someone has infiltrated their servers and is using them to host phishing data; they have been informed.

But the website looks like this:

bank

They want all sorts of information from you, including “Father’s Maiden Name” and “Father’s Middles Name.” If those aren’t screaming red flags , I don’t know what would be.

So many scumbags out there want your identity, your financial information, and your money, and they would sell their own mothers to get it.

Be careful out there.

The Old Wolf has spoken.

Thank God He Found Me (Scam)

Posted on by The Old Wolf
From: “Dr George Ben.” <ginikaoffice@yahoo.hu>

Subject: Thank God I Found You

Only I wish these onioburus¹ would keep their filth out of my inbox…

 ATTN;
This is to officially inform you that we have verified your contract/inheritance fund file and found out that you have not received your funds via ATM CARD valued$3.5m, Now ever, you are hereby advise to get in touch with the HSBC BANK DIRECTOR today with your Full Contact information as follows:
  1. YOUR FULL NAME:………..
  2. YOUR RESIDENCE ADDRESS……
  3. YOUR TELEPHONE/FAX:……….
  4. AGE:………………..
  5. SEX:……………………
  6. YOUR OCCUPATION:…..
Below is their Contact Information’s,
Contact Person: Dr George Ben.
Email: ( drgeorgeben21@yahoo.co.uk )
 
Regards
Dr. Juliet Jude

If you get this email or one like it, do not respond. It should go without saying that this is a bald-faced scam, but since so many people continue to be robbed by Nigerian scammers, it’s worth it to say it again.

The Old Wolf has spoken.
——————-
¹ onioburu (n.) Nigerian word for “gong farmer” or night-soil handler.

Scam: Permanent Position – Work at your home

Posted on by The Old Wolf

Hello,

European consultatory office is hiring regional agents in Canada! Our company is one of the biggest consultatory companis in Europe. We we are among TOP-5 companis by development rate in 2013-2014.

Our main areas of work are outsource turnkey solutions, opening accounts at financial institutions, taxes refinement. Business running demands in Canada have TRIPLED over the previous 1 2 months. We currently maintain 320 clients. And over 1000 potential clients with whom we are discussing plans at the moment.

To maintain this customer data base we are hiring about 15 to 20 regional agents on the Canadian territory.
Overall hiring schedule: a fortnight of intensified preparation followed by monitoring clients’ contracts and performing some marketing investigations afterwords.

Our nominal reward (even during preparation) is 2000 $ a month.

Get back to me for more detailed information.

Best regards,
Human Resources Department
Mack Maia

It should be painfully obvious that this is a scam. Do not answer this email if you should receive it. I’ve had it three times in the last week, with different names attached: Range Stephenie, Mack Maia, and Hudson Lettie (all fabricated names and email addresses, of course.

The Old Wolf has spoken.

To Protect Yourself from Common Scams, Do This

Posted on by The Old Wolf

FIRST:

Be Very Careful with Cashier’s Checks!

Secret Shopper Bogus Check

These are extremely easy to forge on pre-printed forms available anywhere like Staples, Office Max, etc. All the criminal needs is a laser printer.

NEVER send money to someone who has sent you a cashier’s check until you have verified with your bank that it has cleared. If the check is bogus, you can also be arrested for passing fraudulent documents. This is a rare occurrence, but it has happened and probably will happen again.

SECOND:

Do Not Use Money Transfer Services with Unknown Persons

Generic_MoneyPak_Front

We’re talking here about Western Union, MoneyGram, and Green Dot MoneyPak cards, or anything else like it.

If you send money to a criminal with Western Union or a similar service, it’s gone. You can’t get it back. If a criminal asks you to buy a Green Dot MoneyPak card and send him/her the PIN, do not do it. Your money will be gone, and you won’t get it back.

These services irresponsibly enable fraudsters all over the world to perpetrate their scams on vulnerable or unwitting people. They should be regulated in much the same was as pawn shops.

THIRD:

Do not believe everything you read on the internet, or in your email box.

Scams are rampant. Criminals all around the world want your money, and they will stop at virtually nothing to get it. An example received just yesterday.

FOURTH:

Do not click on links in emails.

If you’re curious about a link in an email, type the address in your URL box directly, like this:

walmart1

If you click on a link directly in the email, you may be redirected to a bogus site:

redirect

In this example, the link that looks like it will go to a legitimate Walmart site is actually taking you to a questionable internet marketing website that is being used by criminals.

FIFTH:

Do not click on attachments in emails unless you know who sent them.

mail

This email looks like it has attached a .PDF file. However, any attachment can be deceptive. TXT files, DOC or DOCX files, PDF files, XLS or XLSX files, and many others – all can actually be .EXE files in disguise.

If you do not know who is sending you an attachment, never click on it.

SIXTH:

Never pay money to collect a prize.

This just goes without saying. You can’t win a lottery or sweepstakes you didn’t enter. Legitimate lotteries or sweepstakes, and there are precious few of these, will never ask you for up-front money to collect a prize. Again, never send money to a stranger hoping to get a large payout. If you do, you are being robbed.

SEVENTH:

There is no Nigerian prince or government official who wants you to help get money out of the country.

nigerians

This is the “419” fraud, so named for the section of the Nigerian legal code that makes this sort of scam illegal. None of the above schemes will work if people avoid sending money to strangers using Western Union or MoneyGram or other methods. This also applies to “reshipping work” or “lonely hearts” scams. At some point, all of them will ask you to send money somewhere. Don’t Do It!

There are more ways to get scammed and one post can’t cover them all, but if everyone would follow these few simple steps, the incidence of fraud would decrease dramatically. Protect your loved ones. Educate them, or watch over their finances. Be careful out there.

The Old Wolf has spoken.

“Walmart” Secret Shopper Scam

Posted on by The Old Wolf

Today’s scam email:

From: “Walmart .” <appstore_–itunes@outlook.com&gt
To: [obfuscated]
Subject: Part time Job

Hi there,

Will you like to make extra cash, click the link below for more details.

http://www.walmart.com/job_requirement_000032.html

Thanks
Walmart
Note: Do not reply this email follow the link if you are interested.

It should be painfully obvious that this email is not from Walmart. It comes from an address that is totally unrelated to Walmart; most large companies have their own domains, and never use mail aggregator services like Yahoo, Gmail, Outlook, Hotmail, Rogers.com, and the like. Not to mention that the English is poor: “will you like to make extra cash,” “do not reply this email,” etc.

But let’s see where that link goes.

One of the prime tenets of Safe Computing is that you never click directly on links in emails. My email client, the old but still-faithful Eudora 7, warns you if the link you’re clicking on goes somewhere else, like this:

redirect

Notice that this link redirects to somewhere called “moziawomensnetwork.com,” which is definitely not a Walmart link. If you type the link as seen directly into your URL bar, you get this:

404

In other words, 404: Not Found. Walmart has no such link.

If you are foolish enough to click the link, thinking that this is a real job offer, here’s what you get:

scam

So, in addition to the noise about being a secret shopper, and giving your personal information to filthy criminals, the money shot is here:

  • You will be mailed a cashier’s check for $1950. It will be bogus, and even though your bank might give you the money, it will bounce and then you will be in debt to your bank.
  • You are being asked to buy a Green Dot Moneypak card, probably in the amount of $1750 or so, and send the PIN to the scammers. In other words, you are sending your own hard-earned cash to scum-sucking descendants of pigs, and you will be responsible to pay that money back to the bank.

DO NOT DO THIS!

Be very afraid of cashier’s checks, and never send money via Western Union, MoneyGram, Green Dot MoneyPak card, or any other untraceable, unrecoverable method to people you do not know personally.

Be careful out there.

The Old Wolf has spoken.

THE MOST IDIOTIC SCAM OKAY

Posted on by The Old Wolf

I’ve gotten hundreds of emails from Nigerian (or other nationality) scammer, but this one just made my head spin with its stupidity.

From: “BARR. JOHN KURTY” <office_moneygram@yahoo.com>

Subject: U.S. DEPARTMENT OF HOMELAND SECURITY

U.S. DEPARTMENT OF HOMELAND SECURITY, MG Richard Peter; Adjutant General and Director State Military Department Washington Military Dept., Bldg1 Camp Murry ,Wash 98430-5000 USA GOOD DAY TO YOU.

MY NAME IS MR. JOHNSON WILLIAM, WHAT IS HOLDING YOU TO SEND THE MONEY RIGHT NOW PLEASE GO AHEAD AND SEND THE MONEY SO THAT YOU WILL RECEIVE YOUR BOX WITHIN 24HOURS YOU HAVE IT ONCE YOU SEND MONEY THAT IS THE ONLY DELAY WE HAVE RIGHT NOW TO DELIVER YOUR CONGNMENT BOX TO YOU SO TRY YOUR POSSIBLE BEST TO SEND THE MONEY TODAY BECAUSE YOU HAVE ONLY (3 DAYS)IF YOU DID NOT MAKE THE PAYMENT THEN I WILL DIVERT YOUR FUNDS TO US GOVERNMENT FUND OR BENIN GOVERNMENT TREASURY.

I WILL WAITING TO HEAR FROM YOU WITH THE PAYMENT INFORMATION AS SOON AS POSSIBLE OKAY. MAY GOD BLESS YOU.

WHEN I ARRIVE IN THE BENIN PARLIAMENT IN COTONOU, I FOUND YOUR CONSIGNMENT BOX CLEARANCE FILE LYING ON THE FOREIGN AFFAIR OFFICE DESK WITHOUT ANY ATTENTION ON A THOROUGH SCRUTINY I DISCOVERED THAT YOUR CONSIGNMENT HAVE BEEN ABANDONED BY YOUR DELIVERY AGENT. MEANWHILE, I WAS MADE TO UNDERSTAND THAT THEY HAVE TRY TO REACH YOU, BUT NO WAY AND THEY HAVE MADE SEVERAL ATTEMPTS TO CONTACT YOUR DELIVERY AGENT BUT TO NO AVAIL. TO MY GREATEST SURPRISE, DURING MY RECENT ROUTINE RE-CHECKING, I PERSONALLY DISCOVERED THAT YOUR CONSIGNMENT CONTENT DECLARATION DOCUMENTS STATED THAT YOUR CONSIGNMENT CONTAINS PERSONAL EFFECTS MEANWHILE, IT CONTAINS UNITED STATES DOLLAR BILLS WORTH OVER US$40 MILLION DOLLARS, WHICH MADE IT IMPOSSIBLE FOR THE CONSIGNMENT TO BE DELIVERED TO YOU EARLIER BEFORE NOW.

BASED ON THIS PERSONAL DISCOVERY, I AM CONTACTING YOU NOW TO LET YOU KNOW THAT WITH MY POSITION AND POWER AS THE SECRETARY OF U.S DEPARTMENT OF HOMELAND SECURITY, I CAN ASSIST YOU TO LEGALLY CLEAR YOUR CONSIGNMENT FUND, BUT YOU MUST AGREE WITH THE FOLLOWING CONDITIONS. BECAUSE I HAVE CALLED OUR OFFICE IN WASHINGTON,DC FROM BENIN, WHO HAS BEEN INTERCEPTING ALL YOUR TELEPHONE CALLS, WITH THE HELP OF MTN, TIGO VODAFONE AND AIRTEL NETWORK BENIN.

I ALSO RECEIVED SOME INFORMATION FROM OUR HOMELAND SECURITY OFFICE IN BENIN REPUBLIC, ABOUT YOUR EMAILS, THAT YOU HAVE BEEN DEALING AND SENDING MONEY TO PEOPLES IN BENIN GHANA SOUTH AFRICA TOGO BENIN AND NIGERIA , WHO CLAIMS TO BE THE MONEY GRAM DIRECTOR. YOU ARE ALSO DEALING WITH A BANK, AND OTHER NAMES WHICH I AM STILL WAITING TO BE FORWARDED TO ME FROM OUR OFFICE IN WASHINGTON,DC. WHO HAVE MONITORED ALL YOUR DEALINGS WITH THIS HOODLUM. YOU ARE ADVICE TO HENCE FORT STOP FURTHER DEALINGS WITH ALL THE ABOVE MENTIONED PEOPLE, UNTIL WE COMPLETE OUR INVESTIGATION. BECAUSE YOUR DEALING WITH THEM IS TERMED AS ILLEGAL TRANSACTION.

I WISH TO INFORM THAT WE THE HOMELAND SECURITY IS ON LOOK OUT FOR ALL THE ABOVE MENTIONED NAME, MOSTLY THOSE WHO CLAIMS TO BE THE DIRECTOR OF WEST AFRICAN DEBT MONEY GRAM AND MONEY GRAM AND PROPERTY RECOVERY BENIN. ALL THIS MENTIONED PEOPLE ARE IMPOSTOR, AND WE INTEND TO APPREHEND THEM SOON. I WANT YOU TO PLEASE STOP COMMUNICATING, AND DEALING WITH THEM UNTIL WE COMPLETE OUR INVESTIGATION. I WISH TO NOTIFY YOU ABOUT THE LATEST DEVELOPMENT CONCERNING YOUR BOX OF CONSIGNMENT THAT WAS HANDLE OVER TO ME AFTER THE MEETING HELD BETWEEN ME AND SOME OF THE TOP PARLIAMENT MEMBERS OF BENIN AND THE FOREIGN AFFAIR MINSTER IN THE BENIN CAPITAL HEADQUARTERS COTONOU, DUE TO THE DELAY FOR YOU NOT HAVE RECEIVED YOUR CONSIGNMENT BOX FOR LONG TIME NOW.

ACCORDINGLY, WE HAVE WAIVED AWAY ALL YOUR CONSIGNMENT BOX CLEARANCE FEES AND AUTHORIZED THE GOVERNMENT OF BENIN REPUBLIC TO ALLOW ME FLY WITH THIS YOUR APPROVED CONSIGNMENT BOX TO YOU WITHOUT ANY DELAY WHICH THEY HAVE AGREED. THE ONLY FEE YOU WILL PAY TO CONFIRM YOUR CONSIGNMENT BOX RECEIVED IN YOUR POSSESSION IS THE WEIGHT FEE OF YOUR CONSIGNMENT BOX WHICH IS SUM OF $75.00 ONLY.

IN ORDER WORDS YOUR BOX IS WITH ME NOW AND I SHALL BE COMING TO YOUR COUNTRY AS SOON AS I HEAR FROM YOU AND I WILL BE COMING ALONG WITH YOUR BOX OF CONSIGNMENT,BUT REMEMBER THAT AS THE SECRETARY OF THE DEPARTMENT OF HOMELAND SECURITY UNITED STATES OF AMERICA, I AM A US GOVERNMENT SECURITY AGENT AND I HAVE THE POWER TO GO THROUGH ANY AIRPORT CUSTOMS WITHOUT INSPECTING WHAT I CARRY ALONG. AND AS SOON AS I ARRIVE IN YOUR STATE I WILL GIVE YOU A PHONE CALL FOR YOU TO GIVE ME DIRECTION TO YOUR HOME ADDRESS SO THAT WE CAN MEET FACE TO FACE AND HAND OVER YOUR BOX TO YOU BEFORE PROCEEDING BACK TO THE STATES. SO I WANT YOU TO RE-CONFIRM TO ME THE BELOW INFORMATION FOR PROPER UNDERSTANDING BY FILLING THE ATTACH HOMELAND SECURITY REGISTRATION FORM OKAY.

BENEFICIARY NAME. . . . .
ADDRESS. . . .
TEL PHONE. . . . . . . . .
OCCUPATION. .  . . .
COUNTRY. . . . . . . . . . .
SEX. . . . . .. . . . . . . .

AS SOON AS I ARRIVE I SHALL CALL YOU ON YOUR TELEPHONE NUMBER THEN MEET YOU IN PERSON AND HAND OVER YOUR CONSIGNMENT BOX TO YOU BEFORE I RETURN BACK TO WASHINGTON DC.
I HAVE TAKEN THIS ASSIGNMENT UPON MYSELF BECAUSE I UNDERSTAND THAT YOU HAVE REALLY PAID SO MUCH ON THE COST OF DELIVERY, BUT NOTHING WAS RECEIVED BY YOU. SO BE ADVICE TO CONTACT ME IMMEDIATELY YOU GET THIS EMAIL NOW BECAUSE EVERY THING HAS BEEN DONE OK. THIS IS DIRECTLY FROM OUR PRESIDENT BARACK OBAMA. ONCE YOU SEND THE MONEY, TRY TO NOTIFY ME WITH THE MTCN FOR EASY PICK UP AND FOR IMMEDIATE ACTION ON THE DELIVERY OF YOUR CONSIGNMENT BOX,FOR YOU TO RECEIVE YOUR INHERITED FUNDS WITHOUT ANY FURTHER DELAY AGAIN . SINCE YOU WAS UNABLE TO RECEIVE IT SINCE .
SEND THE FEE VIA MONEY money gram TRANSFER.

RECEIVER’ PETER ONUORAH
COUNTRY:. . . . . . . . . .BENIN
CITY:. . . . . . . . . . . . COTONOU
AMOUNT:. . . . . . . . . . . . . . . .$75.00
QUESTION:. . . . . . . . URGENT
ANSWER:. . . . . . .TODAY
MTCN:. . . . . . . . . .
Sender’s NAME . . . .
SENDER’S ADDRESS. . .

AS SOON AS YOU SEND THE FEE MAKE SURE YOU SEND ME THE PAYMENT INFORMATION.ONCE YOU SEND THE MONEY, TRY TO NOTIFY ME WITH THE MTCN FOR CONFIRMATION AND FOR IMMEDIATE ACTION ON THE HANDLING OVER OF YOUR FUND TO YOU.ALSO YOU ARE TO FORWARD TO US ANY MAIL THAT YOU HAVE BEEN RECEIVING FROM PEOPLE FOR PROPER VERIFICATION AND INVESTIGATION BEFORE YOU DEAL WITH THEM OKAY.

I HAVE A VERY LIMITED TIME TO STAY HERE SO I WOULD LIKE YOU TO URGENTLY RESPOND TO THIS MESSAGE WITH THE PAYMENT , MY DEAR, THIS IS THE OPPORTUNITY FOR YOU AND HAVE TO COMPLY AND YOUR BOX SHALL BE DELIVER TO YOUR DESIGNATED ADDRESS.BUT REMEMBER THAT AFTER (3 DAYS) YOU DID NOT MAKE THE PAYMENT THEN I WILL DIVERT YOUR FUNDS TO US GOVERNMENT FUND OR BENIN GOVERNMENT TREASURY. PLEASE TREAT THIS AS MATTER OF URGENCY.
SINCERELY YOURS,

BARR. JOHN KURTY
SECRETARY OF THE DEPARTMENT OF HOMELAND SECURIT

This is wrong on all possible levels:

  • Horrible grammar and spelling
  • American government officials don’t use the title “Barrister”
  • It’s written in all caps
  • The scammer invokes the name of God to try to make himself look virtuous.
  • Is his name John Kurty, Johnson William, or Richard Peter, or Peter Onuorah? The ignorant jimakplon can’t even keep his scam facts straight. Add to that the use of non-existent names which use common English surnames as given names or vice versa.
  • This guy is an idiot OKAY

I have a hard time not using language to describe these people that would not exceed the family-friendly nature of this blog. They are the hqiz of hqiz-eaters.

In case you got a similar email and were wondering, this is a scam.

the_money_picture

This does not exist.

Never send money to a stranger via Western Union, MoneyGram, or MoneyPak, or any other untraceable and unrecoverable means.

Stay safe out there.

The Old Wolf has spoken.

Congratulation from Samsung. Uh, No.

Posted on by The Old Wolf

In yesterday’s email:

SAMSUNG UK HQ

SAMSUNG Office (Paddington), London,

United Kingdom.
London, W6 9PE.
Company No: 4620511
FROM THE DESK OF SAMSUNG 2014 PROMOTIONAL AWARD.
Dear Email Owner,
This is to officially inform you that your E-mail have been verified and pronounced as the lucky winner of 500,000.00 GBP, in the 2014 Award By (SAMSUNG Draw Promotion UK) wishes to congratulate you over your Email Address success in this financial bailout plan. Your Email Address emerged as one of the ten final recipients of a Cash

Please Contact Us.  {samsung.claimoff_uk@outlook.com}

1. Full Name’s:
2. Sex:
3. Country:
4. State/City:
5. Contact Address:
6. Mobile/Tel Number:
7. Marital Status:
8. Occupation:
9. Date/Age:

The grammar and spelling is enough to make this a dead giveaway as a Nigerian scam. If you get this email, or one like it, throw it directly in the trash. If you respond, you’ll be hit up for as much money in fees and taxes and transfer agents and bribes as you are willing to shell out. As for what you’ll get?

n827576771_677258_6298

And that’s the sum total of the transaction. Be careful out there.

The Old Wolf has Spoken.

A New Kind of Scam – This email is NOT from General Motors

Posted on by The Old Wolf

294545

Here’s a new one. I fear it will catch some people in its snare, but I’m putting it up here in case anyone is searching to ascertain its validity.

This email is not from General Motors. It is a scam.

The English is riddled with errors. The message promises a payout. There will be “fees” to pay. Do not call the number, or respond in any way.

————————————-

Microsoft Word – GM Mass Zoho Email

To: Undisclosed recipients
Subject: you might want to look at this plan

From: “GM” <jason@mta1.axp4h.com>
GM ANNOUNCES PAYOUT PLAN!

Hello,

I hope this message finds you well. We are writing to inform you of a very important recall. General Motors (GM) as of Monday June 30th, 2014 has put out a recall on over 29 million cars. These cars are being recalled due to many different problems one being a faulty ignition switch. These faulty cars, are causing major accidents and injuries, all the way up to multiple death related accidents. If you or a loved one owns one of these recalled cars and have experienced some type of complication , accident or even death as a result of the accident, we would like for you to call us and let us help you or your loved one be financially compensated , due to GM’s recall. Below are a list of the recalls from GM. If you see your car, or family members’ car listed below. Please call us as soon as possible at 877-210-5546.

Microsoft Word – GM Mass Zoho Email

EMAIL: CONTACTVIN@SINA.COM

Recalled Vehicles for Ignition Switch Failure

Chevrolet                               Pontiac

Cobalt (2005-2010)           G5 (2007-2010)
HHR (2006-2011)             Solstice (2006-2010)

Saturn

ION (2003-2007)
Sky (2007-2010)

GM Recalled Vehicles

Chevrolet                                     GMC

Aveo (2004-2008)                   Arcadia (2008-2014)

Camaro (2010-2014)             Envoy and Envoy-XL (2005-2007)
Caprice (2013-2014)              Sierra (2014-2015)
Corvette (2005-2007)(2014) Sierra-2500/3500HD (2015)
Cruze (2011-2014)                   Sierra-HD (2007-2011) (2015)
Express (2009-2014)               Sierra-LD (2014)
Equinox (2010-2012)               Sierra light-duty (2014)
Impala (2000-2014)                  Sierra full size pick up (2014)

Malibu (1997-2014)                    Sierra full size pick up-HD (2015) Malibu Maxx (2004-2007) Savana (2009-2014)

Monte Carlo (2000-2007)            Terrain (2010-2012)
Optra (2004-2008)                     Yukon and Yukon-XL (2015)
Silverado (2014-2015)
Silverado-1500 (2014)                         Cadillac

Silverado-2500/3500HD (2015)          ATS (2013-2014)

Silverado-HD (2007-2011)(2015)        CTS (2003-2014)
Silverado-LD (2014)                           CTS-AWD (2010-2012)
Spark (2013-2015)                             Devile (2000-2005)
SS (2014)                                          DTS (2007-2011)
Sonic (2012-2014)                               ELR (2014)
Suburban (2015)                                Escalade/ESV (2015)
Tahoe (2015)                                     XTS (2003-2014)
Trailblazer (2005-2007)

Trailblazer-EXT (2006)

Traverse (2008-2014)                        Pontiac
Trax (2013-2014)                             G6 (2004-2010)

G3 (2005-2008)

Saturn                                   Grand AM (1999-2005)

Aura (2007-2010)                      Grand Prix (2004-2008)
Opel-GT (2008-2010)                 Pursuit (2005-2007)
Opel/Vauxhall (2007)                 Vibe (2009-2010)
Outlook (2008-2013)                    Wave (2005-2008)

Buick                                              Saab

Allure (2005-2009)                    9-3 Convertible (200-2011)
Enclave (2008-2014)                 9-7x (2005-2007)
Encore (2013-2014)
Lacrosse (2005-2009)(2011-2012)(2014)
Lucerne (2006-2011)               Oldsmobile
Rainier (2005-2007)                  Alero (1999-2004)
Regal (2011-2014)                    Intrigue (1998-2002)
Verano (2013-2014)

                                                                      Daewo

Izusu                                                      G2X (2007-2009)

Ascender (2005-2007)

It should go without saying that this message is a bald-face lie. General Motors would be ashamed to send out such a poorly-formatted, poorly-worded, error-riddled email.

Please protect yourself and your loved ones – teach them never to respond to mails of this nature. Be careful out there.

The Old Wolf has spoken.