Current Bogus Email Traps & Phishing Attempts

[ritchie58]

 

Current email traps

Phishing examples and hints on how to recognize them

Have you ever wondered why you receive emails from well-known companies like DHL, Amazon or various financial institutions from time to time? Well, you should be, especially if you have never done business with them before. Often, these emails are not sent by the aforementioned big companies, but by criminal fraudsters. In this article we would like to show you some current examples and how to recognize and protect yourself from such fake emails.

 

 

How phishing works

Fraudsters like using well-known company names for two reasons; first, these names appear trustworthy and second, the recipient is quite likely to be an actual customer of theirs. The objectives of these fake emails vary: The author may "just" want to spy on data; or he is trying to infect your PC with malware or he may even try to relieve you of your money in various ways.

 

 

Example 1:

This is a classic phishing attempt, but luckily a bad one. Poor grammar and a lack of the company return address stand out in particular. It is thus unclear at which company Mr. Shaw is the Treasury Manager but the dubious email address should also make you suspicious.

 

In addition you will surely have noticed that you are not addressed personally. If you still click on the link of the obviously fake email, you are going to be asked to enter your credit card details on a strange looking website. If you actually do enter your data then you should not be surprised by the strange charges on your next credit card bill. The screen shot shows clearly a cryptic-like URL hidden behind the link. You just need to shortly move the mouse over the link to see the link address.

 

 

Example 2:

This is a slightly better attempt and is aimed primarily at recipients using the online payment service Paypal. They claim that there were failed login attempts and the recipient should therefore open the file attached to the mail. The recipient will then be asked to enter their account details and if he does, the fraudster will have full access to his Paypal account.

 

As customers usually have a positive balance on Paypal or at least they have got their bank or credit card details saved, the goal is obvious: your money will quickly be transferred to different Paypal accounts and thus into the thieves' pockets. Furthermore, opening the attachment is also likely to infect the victims’ PC with malware.

 

Again the fact that the email is not personally addressed to the customer stands out. Official mails sent by Paypal always start by personally addressing you. Besides, neither Paypal nor any other company will ever ask you to enter your login data, and attachments apart from PDF files are rather rare.

 

 

Example 3:

This fraud attempt aims especially at people's curiosity. As far as we can see, it is at least about a bank transfer, and there is also a file attached to the mail. Unfortunately a lot of recipients of such emails overlook the fact that they are not personally addressed and that they probably did not even have a pending transfer. The layout does not really look professional, either.

 

What's interesting here is the fraudster's intention: they would like you to open the attached ZIP file disguised as a PDF file. Once you open the ZIP file, it will contain the executable file report485770.pdf.exe which is also disguised as a PDF file.

 

The fraudster has even made the effort of giving the file an Adobe Acrobat icon. Whoever falls for this trick opens their PC's floodgates to real malware - as the file that looks harmless at first sight is a worm recognized by Emsisoft Anti-Malware as Win32.Garnarue.

 

 

How to protect yourself

All these examples are genuine and were not recognized by spam filters in well-known email clients like Microsoft Outlook or Thunderbird. There is a high risk since it is mostly your wallet or the security of your PC and thus your data that are under threat.

 

Incoming mails should always be analyzed before opening any attachments or links. Please keep the following aspects in mind:

 

• What mail address was used in the "To" field? If the mail is not addressed to your exact address, it is quite likely to be a fraud attempt.
• The mail address used by the sender should also clearly make sense. Most companies use formats such as Name@company.com or at least general addresses such as service@company.com or support@company.com.
• Are you addressed by name? Mail-order companies, friends and family members usually know your name and will therefore send you personalized emails.
• What does the layout look like, is it professional and does it reflect the company's identity? Serious senders pay attention to style and looks whereas fraudsters mostly do not. Mails containing many typing errors are particularly likely to be fraud attempts.
• Do contained links really take you to the company's website? When moving your mouse over a link, you can clearly see where it is going to take you to. If the URL looks cryptic: Hands off!
• What kind of file is attached to the mail? You will usually receive PDF or DOC files, as there is no need to compress them into ZIP files. Never run any exe files! Please always pay attention to file extensions.

The more points in this list are met, the more likely someone is trying to trick you. You can also protect yourself actively by following these three rules:

 

• Display mails as "plain text" rather than HTML. This will make some mails look odd, but will enable you to immediately recognize fake links.
• You are asked to log into your account or contact a certain company? Do not click on any links or open any attached files; instead enter the URL of the concerning company manually into your browser. If in doubt, just get in touch with your contact person or support, as they can tell you whether these emails are genuine or not.
• Use anti-virus software offering real-time protection.

[amulet]

there's another example worth mentioning where the fraudsters state that there is a case pending against you (pretending to be fbi). Once you read this all common sense goes out the window and you open up the attachement which containts "details of your case" it's an old one but very effective.

 

Actually it was so effective that if you were to place a complaint on the real fbi complaint page they would ask specifically if this is an attempt to fake official FBI correspondence.

[ritchie58]

Hi amulet, thanks for the input! I checked out the Youtube video in the link you provided. The video is dated bit still very informative. I do vaguely remember hearing about that FBI scam years ago. Thanks for jogging my memory. It does amaze me the ingenuity that cyber criminals will use to dupe an unsuspecting person into revealing sensitive personal information or infecting their own PC's with malware. I think the best defense against this type of trickery is "awareness of the problem." If you're informed you're less likely to become a victim of such a scam. Thanks again for the excellent contribution to this post! Best wishes, Ritchie...

[ritchie58]

Here is a spam email I received in my inbox tonight. It's worth the read for a good laugh. It's really amazing that people can be so gullible or greedy to fall for such a blatant scam as this but people do! Note how they use the FBI's address to make it look so official! Also note all the spelling & syntax errors and the fact I'm not named personally, just Dear Beneficiary. Federal Bureau of Investigation (FBI)

Anti-Terrorist And Monitory Crime Division.

Federal Bureau Of Investigation.

J.Edgar.Hoover Building Washington Dc

Customers Service Hours / Monday To Saturday

Office Hours Monday to Saturday:

Dear Beneficiary,

 

Series of meetings have been held over the past 7 months with the secretary general of the United Nations Organization. This ended 3 days ago. It is obvious that you have not received your fund which is to the tune of $850,000.00 due to past corrupt Governmental Officials who almost held the fund to themselves for their selfish reason and some individuals who have taken advantage of your fund all in an attempt to swindle your fund which has led to so many losses from your end and unnecessary delay in the receipt of your fund.

 

The National Central Bureau of Interpol enhanced by the United Nations and Federal Bureau of Investigation have successfully passed a mandate to the current president of Nigeria his Excellency President Good luck Jonathan to boost the exercise of clearing all foreign debts owed to you and other individuals and organizations who have been found not to have receive their Contract Sum, Lottery/Gambling, Inheritance and the likes. Now how would you like to receive your payment? Because we have two method of payment which is by Check or by ATM card?

 

ATM Card: We will be issuing you a custom pin based ATM card which you will use to withdraw up to $3,000 per day from any ATM machine that has the Master Card Logo on it and the card have to be renewed in 4 years time which is 2014. Also with the ATM card you will be able to transfer your funds to your local bank account. The ATM card comes with a handbook or manual to enlighten you about how to use it. Even if you do not have a bank account.

 

Check: To be deposited in your bank for it to be cleared within three working days. Your payment would be sent to you via any of your preferred option and would be mailed to you via UPS. Because we have signed a contract with UPS which should expire in next three weeks you will only need to pay $135 instead of $420 saving you $285 So if you pay before the three weeks 2011 you save $285 Take note that anyone asking you for some kind of money above the usual fee is definitely a fraudsters and you will have to stop communication with every other person if you have been in contact with any. Also remember that all you will ever have to spend is $135.00 nothing more! Nothing less! And we guarantee the receipt of your fund to be successfully delivered to you within the next 24hrs after the receipt of payment has been confirmed.

 

 

Note: Everything has been taken care of by the Federal Government of Nigeria, The United Nation and also the FBI and including taxes, custom paper and clearance duty so all you will ever need to pay is $135.

 

DO NOT SEND MONEY TO ANYONE UNTIL YOU READ THIS: The actual fees for shipping your ATM card is $420 but because UPS have temporarily discontinued the C.O.D which gives you the chance to pay when package is delivered for international shipping We had to sign contract with them for bulk shipping which makes the fees reduce from the actual fee of $420 to $135 nothing more and no hidden fees of any sort!

 

To effect the release of your fund valued at $850,000.00 you are advised to contact our correspondent in Africa the delivery officer Scott Mandy Will with the information below,

 

Email: I deleted the email address for obvious reasons but it's an address from China!

You are advised to contact him with the informations as stated below:

 

1) Your full Name:

2) Home/Cell Phone:

3) Occupation:

4) Age:

5) Sex:

Preferred Payment Method (ATM / Cashier Check)

 

Upon receipt of payment the delivery officer will ensure that your package is sent within 24 working hours. Because we are so sure of everything we are giving you a 100% money back guarantee if you do not receive payment/package within the next 24hrs after you have made the payment for shipping.

 

Yours sincerely,

Miss Donna Story

FEDERAL BUREAU OF INVESTIGATION

UNITED STATES DEPARTMENT OF JUSTICE

WASHINGTON, D.C. 20535

 

Note: Do disregard any email you get from any impostors or offices claiming to be in possession of your ATM CARD, you are hereby advice only to be in contact with John Will of the ATM CARD CENTRE who is the rightful person to deal with in regards to your ATM CARD PAYMENT and forward any emails you get from impostors to this office so we could act upon and commence investigation. My last comment: I really don't need this money because I'm already a gazillionaire considering how many times I've already won the Nigerian Lottery, lol! How these scammers got my email address in the first place is a complete mystery to me!