Do NOT Open Link in Unexpected Email with Google Docs Link Button!

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of “(Someone) has shared a document on Google Docs with you” – in many of the samples it is ‘Brett Schager has shared a document on Google Docs with you.” Many of the samples are also sent “to” hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

Two Massive Spam Runs Hit Internet Today

Two massive spam runs were unleashed on the Internet today, and odds are very good that you will receive at least one of the two. Either you will be offered the opportunity to “Buy Cheap Watches (Rado,Rolex) and other products!”, or you will be told that you have received an “Electronic Federal Tax Payment System Notification number” (with some number appended at the end). Or, perhaps you’ll be extra-popular and receive both spams.

Don’t Be Taken in by this Fake Amazon Order Phishing Scam!

Did you get an email from Amazon telling you about an order that you don’t remember ordering? That’s probably because you didn’t – it’s a phishing scam! Don’t fall for it! The “Your Amazon.com Order” email, which purportedly comes from “digital-no-reply@amazon.com” actually is an effort to get you to point your web browser to BookSalon.kr (the actual phishing URL is http://booksalon.kr/index2.html).

Fake Amazon Cancellation Email Hides Canadian Pharmacy Spam Links

Not content with sending fake Amazon confirmation emails, the outfit sending out the Canadian pharmacy spam is now sending out fake Amazon.com order cancellation emails, too, claiming that your Amazon order has been cancelled. “Amazon.com – Your Cancellation (0046-68878-96071)” says the email’s subject (although the “order number” may change) – but of course the link to check “ORDER INFORMATION” really takes you to a Canadian pharmacy spam site, hawking Viagra, Cialis and the like. In the example below, the fake cancellation contains links to http://www.dinnerinperu.com/quadratical, which redirects to http://weightbreezy.com, which is a Canadian pharmacy spam site.

Fake Amazon “Your Confirmation” Phishing Emails Hide Canadian Pharmacy Spam

A spate of fake “Amazon.com – Your Confirmation” emails is making the rounds – they are phishing emails, with the supposed ‘Amazon’ links actually being hidden links going to such interesting places as http://drevmash.alfaspace.net/admiral.html, http://gofiberzone.com/upper.html, and meeknew.com. The subject (which so far appears to use the same “confirmation” number for everyone), is “Amazon.com – Your Confirmation (0113-567494-3518071)” and supposedly comes from the email address order-update@amazon.com. In reality, they are coming from IP address 124.217.216.112, and the emails are sent from (almost certainly spoofed) email addresses such as claude.simpson@ameritrade.com and lwjtvbwrqksz@young-world.com.

Facebook Apps Gone Wild – Rampaging Phishing Facebook Applications Stealing Usernames and Passwords

A plague of rogue Facebook applications that are stealing user credentials – such as usernames and passwords – has been sweeping Facebook in the past week. The phishing Facebook apps work the same way that many other applications do – including sending an email to your Facebook friends, with links to click on, and when you type in your username and password, BAM! Your login credentials have been stolen.

Tiny Free Browser Add-On Authenticates Email for You!

How many times have you received email that purports to be from a friend, or from someone with whom you do business, only to find out that you nearly got taken in by a fake? We here at the Internet Patrol, and our parent company, the Institute for Social Internet Public Policy, are offering readers of the Internet Patrol an exciting opportunity to take part in the testing of a new browser add-on that will help to protect you against such spoofing.

Paypal to Block Apple Safari Browser, Other Browsers

Paypal has announced that they are going to block the Apple Safari web browser, along with a few other browsers. The online payment service, purchased by eBay for $1.5B back in 2002, in the good old days of rampant Internet mergers and acquisitions, has become a frequent target of phishers and hackers. Anxious to recapture their good name and to offer to sellers and buyers alike a more secure environment, PayPal plans to discontinue support for web browsers that do not include anti-phishing capabilities. If this plan goes through, PayPal will block Safari and older versions of Internet Explorer, Firefox, Opera, and Netscape.

The Newest Paypal Phish Exhorts “Account Activity – Action Required”

Paypal phish are as common as the cold. Here, the newest one claims that there have been foreign attempts to log into your Paypal account, and explains that if it wasn’t you (which, of course, it wasn’t) you should click on the link to verifiy your identity. Where does the link really go? Not to Paypal, that’s for sure. In fact, it really goes to http://i-195-137-106-138.freedom2surf.net/login, which is a very convincing Paypal phishing site.