The clever ones are quite good, a lot of those pretending to be from banks and big organisation like MSN use original graphics clipped from real sites, and pasted together to make official looking documents/emails.
The giveaway is when they ask for personal data of the type you never ever release, and then a look at the header info and source usually reveals an email origination that looks like it is real, but has odd characters when inspected. They depend on that odd feature of reading that means provided the first and last letters of a word are in the correct place, your brain will 'correct' the ones in between if they are in the wrong order, or only slightly mis-spelt.
Apparently unconnected, judging from their domains, I received three mails which might have delivered something nasty onto my PC this week.
In a new ploy I haven't come across before, I saw the messages which were reasonably well titled, and noted that UPS had tracked two failed deliveries to me, and that those nice people at Customs wanted me to confirm details to release a parcel (oddly, not HM Customs or Customs and Excise).
Inspecting the messages showed they all claimed have forms for me to download and print out, then fax back once I had signed them.
Needless to say, things never went that far, even though I was curious to see what was on the forms.
There were, of course, no forms, and as I probed just a little further I found that these documents - which had had their icons edited to make them look like Word documents - were actually executable program files. Since I'm no longer amused by battling these things, they were deleted and the domains reported to my mail provider, but anyone that simply opened these up normally, even just to read them without printing, could be in for a nasty surprise.
As I always say, if email arrives that you don't expect, ALWAYS don the rubber gloves and get the tools out before touching it - or just delete it without thinking. If it's something that important and not pre-arranged, the sender should be using something a tad more reliable anyway.
Just for good measure, I also got a letter this morning, the content of which suggest someone is having a try at getting a form of credit using some of my details. Unfortunately for them, I happen to deal with the organisation involved, so I can have a little word with them at start of business on Monday. I should win either way, spoiling some piece of thieving scum's day, and giving me some comeback if the company doesn't pay attention and I get a bill that's not mine at some time in the future. While that shouldn't happen given the degree of details involved, I like to play safe.
This was sent to me, not from the sender, but from someone who thought I might like a laff.
Said to have been a serious (if we can use that word here) spam message, with all the usual signs of having been sent from our good friends in Nigera, or somewhere similar...
I pray that this email reaches you in the best of health. This letter may come to you as asurprise due to the fact that we have not yet met. The message could be strange but it’s real and you will realise this if you pay some attention to it. I want to notify you about it at least for the sake of your integrity.
My name is Major Greg Boner Moyo, a direct and only remaining member of the wealthy Moyo family. I am an astronaut with the South African Air Force and on loan to the National Aeronautics and Space Administration (NASA).
In 2003 I left earth aboard the Mars Rover, Spirit. Seven months later I arrived on Mars.Prior to departing earth, I deposited the amount of US$ 11,600,000 (Eleven million, six hundred thousand United States dollars) in four safety galvanized boxes in a European financial institution which will be disclosed to you upon your acceptance of my proposal.
Last year, during the course of my research on Mars, I was ambushed by a group of analdwelling rebel Martians who inflicted great torturous pain upon my body with anal probes.
After a few weeks of enduring the physical pain, they released me. As a direct result of this cruelty, I am now very ill with a ruptured uterus that has defiled all forms of medical treatment and which has been deemed to be inoperable by my Martian surgeons. I am writing this mail to you on a laptop from my hospital bed in the Martian capitol of Zhwrong.
I now have but a few weeks to live and I am far too ill to endure the long and arduous journey back to my South Africa home. Therefore I have decided to donate the bulk of my fortune to a church or charitable organisation that will utilize this money in the manner which I shall impart to you later. In return for your assistance, I shall authorise you to keep 30% of this fund for your trouble and aggravation plus an additional 10% to cover your expenses.
You should contact my attorney in Johannesburg immediately with your address andtelephone number and he will give you his full contact information and guidance so that we can make arrangements as soon as possible.
Contact Barrister Richard Hardon Baloye Barristers & Solicitors, Johannesburg, South Africa Email:rev.georgeharris2@live.com
Sincerely yours, Major Greg Boner Moyo, National Aeronautics and Space Administration Elysium Veterinary Infirmary Zhwrong, Mars Nano nano
I've had some new ones slipping the net over the past few weeks, and these are along the same idea as the UPS theme, but in this case it's "my" airline tickets, which are now ready for collection as per "my" order, and the final security details and payment are now needed so that they can be released for collection - or some such nonsense. I really don't bother reading the detail now, as the very idea that a real ticket agent would ask for such things is just so preposterous as to be an insult.
It is strange how the spam you get varies from time to time. I started getting what purported to be CNN news updates and appeared genuine - I deleted them as usual. After a couple of weeks they changed to a different name of news updates and the titles became more and more farcical.
Now I seem to be getting a stream of porn videos. They all get the delete process too.
This is a bit of a gem, and the original text was carried in an email created using images, graphics, photographs, and colours stolen from the real Lloyds TSB site.
As an aside, if you didn't see the news items, Lloyds TSB made the news last week when they ejected one of their support staff from the building. Breaking the fundamental rules of network management trust, when he spotted a Lloyds' customer (who had a grievance) had changed his online banking password to "Lloyds is pants", the loyal member of staff took it upon themselves to change it to "no it isnt", leading the customer to be barred from his account as he obviously didn't know the password. The problem - and a story too long for this thread - only came to light when he phoned for help to get access.
As a network admin entrusted with the personal detail of hundreds of staff members, I think firing this fool was getting let of light, and there should have been more severe sanctions available, even something criminal for what they did.
Anyway, the following message begins by warning the poor punter that there are false emails floating about out there, and that they will naughtily ask for personal details, and then promptly goes on to use that rationale as justification for getting the recipient to do just that!
I don't know which is the bigger fool: the scammer for trying the very trick their email has just warned of, or any punter that falls for it and clicks the link given
Having inspected the link (but not tried it) it wouldn't appear to go a scam, but to something that's probably rather offensive.
Quoted Text
Dear Sir/Madam,
LloydsTSB Bank always look forward for the high security of our clients. Some customers have been receiving an email claiming to be from LloydsTSB advising them to follow a link to what appear to be a LloydsTSB web site, where they are prompted to enter their personal Online Banking details. LloydsTSB is in no way involved with this email and the web site does not belong to us.
LloydsTSB is proud to announce about their new updated secure system. We updated our new SSL servers to give our customers a better, fast and secure online banking service.
Due to the recent update of the servers, you are requested to please update your account info at the following link.
Home
Calendar
Search
Register
Login
Spam/Scam-busters
Print Thread
Report to Moderator
Logged
Private message
ICQ
Skype
