A new crop of scam spam is going around, with subjects like “Copies of Policies” and “Changelog as Promised” and talking about things like the “Ocean, Warehouse or EPLI policy”. They are short – to the point – and spam scams. They contain links that go to malicious sites such as flexjobb[dot]se/wp-content/plugins/mail.htm, and http://www.39moto[dot]ru/wp-content/plugins/flv-player/mail.htm, and come from sender names including Brock Buchanan, Darien Forbes, A. Simmons, and A. Blanton.
Here’s what they look like to the naked eyes:
Subject: RE: Brock – Copies of Policies.
Date: October 15, 2012 12:16:59 AM MDTUnfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
Here is the Package and Umbrella,
and a copy of the most recent schedule.Brock Buchanan,
This one also appears to com from “Darien Forbes”
Another version looks like this:
Subject: Fwd: Re: Changelog as promised(updated)
Date: October 15, 2012 6:39:52 AM MDTGood day,
as promised chnglog updated – ViewA. BLANTON
..which also comes from “A. Simmons”
But of course, when you click on the links, it takes you to those malicious sites, and when you inspect the links, they look like this:
Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.abstract.nassassin[dot]com:80/wp-content/plugins/counterize/mail.htm/ is the Package and Umbrella,
and a abstract.nassassin[dot]com:80/wp-content/plugins/counterize/mail.htm/ of the most recent schedule.Brock Buchanan,
Interestingly, the text of these emails is so specific – we mean who would actually get hooked by concerns about an “Ocean, Warehouse or EPLI policy”? (EPLI stands for “Employment Practices Liability Insurance”.)
And yet, as is so often the case, these spammer scammers send out milliions of these, and so they only need a tiny fraction of a percent of people to click on the links to make it worth it for them.
Don’t make it worth it for them! If you are reading email through a webmail service such as Gmail, Hotmail, Yahoo, AOL, etc., click “this is spam” without opening the email! And if you are reading it through your own mail program, be sure not to open it.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.