Shipping Notification: Delivery Confirmation
Continue Reading

Warning: Beware Fake DHL Email Notice

The Internet Patrol was recently tipped off to a fake DHL notice that is making the rounds. The fake DHL notification is relatively easy to detect IF you do not have the use of ‘friendly name’ enabled, and instead see the actual ‘from’ email address, which is admin@vedadas.tk, or some version thereof. (The .tk domain is Tokelau, a territory of New Zealand.)

microsoft breach hacked
Continue Reading

Microsoft Admits Breach, Hackers Accessed Users’ Outlook, Hotmail, and MSN Email for Months (Full Text of Microsoft Email Statement Included)

Microsoft has disclosed, over the weekend, that hackers have hacked into and accessed Microsoft users’ Outlook email, Hotmail email, and MSN email, over the course of several months, ending just last month (March of 2019).

spoofed email looks real with contacts photos and names-4-2
Continue Reading

How Displaying Sender’s Contact Image and Info in Email Allows Scammers to Steal from You

Every webmail service out there, be it Gmail, Yahoo, Hotmail, or other, encourages you to upload or merge your contacts with their system. And most Mac and PC email programs automatically cross-reference an incoming email sender with their entry in your contacts. The result is often that their contact profile picture, and ‘friendly’ name, is displayed as the sender of that email in your inbox.

netflix text scam
Continue Reading

The Netflix Text Message Scam

If you have received a text message claiming to be from Netflix, and telling you that “We have a new policy in place, please visit and review today”, along with a link and, possibly, a random set of characters in parenthesis such as “(ybpldcjyop)”, it is definitely a scam, do NOT click on it! The text message may also appear to come from phone number 141-010-0001 or just 410100001, but even if it comes from another number, it is definitely a scam.

online computer extortion blackmail
Continue Reading

An Example of an Internet Extortion Email

Online computer extortion and blackmail is nothing new. You may have heard about big companies being extorted for hundreds of thousands of dollars, or even more, in order to keep their companies from being blackmailed over something, and being brought down by a DDOS, or having some scandal (either real or fabricated) made public. Some such activity comes in the form of ransomware (where your files get locked or wiped and then you have to pay to be able to access them and get them back), and some comes in the form of plain old blackmail, such as the example below.

Continue Reading

Anatomy of a Craigslist Rental Scam – How to Detect Rental Scams on Craigslist

By now, in 2018, most people know that rental scams on Craigslist abound. But how to tell a Craigslist rental scam is not as well known. Below is an example of a Craigslist rental scam. The scammer calls himself Bob Osell, claims to be renting the house located at 2237 Kay St. in Longmont, Colorado, and to be reachable at (760)2378225.

scam sms text message from 1410200502
Continue Reading

Warning: Do NOT Click on Text Message “FRM: Account Service”!

WARNING: A mass SMS text message scam went out this afternoon that reads basically: “FRM: Account Service MSG: You are required to accept the new Terms of Service now:” and then it gives you a shortened link such as https://goo.gl/hdDpNE. The sample we received is from the phone number 1410200502, but yours may say something different.

message text-pp.com-servicesupport@lsg.org
Continue Reading

Got a Paypal Message from text-pp.com-servicesupport@lsg.org? DON’T CLICK ON IT!

If you received a text message or email telling you that “Account might be blocked for your security!” DON’T click on any link or respond to it! The spam message comes from text-pp.com-servicesupport@lsg.org, which should be a tip-off, but in case you’re not sure, it’s a scam!

thomaskeller malware scam email
Continue Reading

Do NOT Open Email Links from gcromwell@thomaskeller.com

A new malware scam is hitting email inboxes. The email sample that we have comes from an email address at thomaskeller.com (ours is specifically from gcromwell@thomaskeller.com), and claims to have received an invoice from your company. They even include your company name in the email, making it seem more legit. But it isn’t.

vacation messages identity theft
Continue Reading

Vacation Messages a Great Way for Scammers to Steal Your Identity

Automated vacation messages are often frowned upon for several reasons, including that they can be a spam vector, that if set improperly (such as being triggered with every single email from every single person) they can actually views as spam, and that they can actually cause legitimate email from you to end up in the spam folder. But as if that’s not enough of a reason to not use an automated vacation message, they can also be used with a bit of social engineering to steal your identity. Here’s how that can happen.

amazon prime gift acct scam
Continue Reading

Newest Amazon Order Scam Spam

Confused by a confirmation of a new Amazon “Prime Acct Gift” order that landed in your inbox today, when you know that you haven’t placed any such order? You’re not alone. The order with the subject ‘New-order #20953735 – confirmed’ (although the order number on yours may be different) from aaroncasey@realoffersnow.com (although your ‘from’ address may be different) is 100% a scam.

Continue Reading

USAA Spoof Spam Lures USAA Members with Hacked Credentials

Members of USAA insurance and banking programs have been receiving email that appears to come from USAA (which stands for United Services Automobile Association), but which are actually phishing scams. The scam email comes from the nonexistent domain usaaservice.com (such as from “USAA.ServiceAccount@usaaservice.com”).

mailing list confirmation spam
Continue Reading

Email Confirmation Messages Leaked to and Being Used by Spammers

As we have noted a couple of times in the past few weeks, spammers and scammers are using the email mailing list confirmation process to send spam. Here’s how that works: someone signs up for a mailing list, and then replies to the confirmation request with their spam. In this case, Amy Happy at amy41211@letmailer.com, seems to be replying to a confirmation message that she, in fact, never received in the first place.

zombie reaching
Continue Reading

More Scammer Spam being Sent to Mailing Lists

Add blood_love2@aol.com as the newest scammer spamming mailing lists. As we mentioned last week, scammers have started signing up for mailing lists in order to spam the list members with their scams. (Our samples come from Aweber mailing lists.) Last week it was supposedly David Norris, leasing his house in Troy, Michigan, with a contact number of (509) 255-3270. This week it’s the supposed Rev. Gary Williams, with a house in Warwick, New York, with a contact number of (502) 536-8106.

guy at computer hitting self on forehead spam scam stupid idiot
Continue Reading

Scammers Using Email Confirmations to Send Their Spam

You wouldn’t think that it would be worth a scammer or spammer’s time to sign up for a mailing list, only to be able to reply to the confirmation email with their spam, but sure enough, that is what’s happening.