scam

Spam & Phishing March 24, 2020

Nigerian Scam ? No, COVID-19 scam, from China

I sometimes can’t stop to ask myself if the scammers are actually human beings with feelings of loss and tragedy and if they have the same concerns as the normal citizens. I guess they are not, because otherwise you can’t explain this:   Hello friend, I intend to give out some portion of my wealth as a free-will Financial donation to you for the ongoing COVID-19 that was cause by China because am a good citizen of china. Respond to partake. Regards Wang Jianlin CEO: Wanda Group And they even write the name of the virus wrong in the subject : CONVID instead of COVID The email contains also some tracking pixel in the HTML content, pointing to tracking.net.

Spam & Phishing March 1, 2017

I received the first “nigerian scam” on XING

As a premiere, I received the first Nigerian Scam on XING. It is quite common to receive such requests on LinkedIn, but for me it is the first time on XING. This is the text: Hello Sorin Mustaca, I have partners who I front for to assist source for a foreign partner who could be of help to receive fund for the purpose of various viable investment abroad on their behalf, they are all still in service and want anonymity to protect their reputation in service.I will furnish you with their mode of operations after receiving your readiness. Regards, Dr. John Zaffar   And the profile of the spammer, pretty fresh (24h), with only 3 contacts. One of these was me: I erased him as a contact and reported the profile to XING.     For reference,

security, security breach, Spam & Phishing June 13, 2016

How clever social engineering can overcome two-factor authentication… or not?

If you have a Google account you must have two-factor authentication enabled in order to prevent anyone to use your account by just having your username and password. If you don’t know how to do that, check my free eBook here. 2FA requires something that you know (username and password) and something that you have (smartphone) in order to allow access to your account.Unless somebody gets all of them, they simply can’t steal your account. Until now… Alex MacCaw has published screenshots from a new scam appeared that is targeting Google users who have two-factor authentication enabled (2FA). It works like this: You receive an SMS pretending to come from Google requesting you to reply via SMS immediately with the code you receive from the real Google. Or, if you were not convinced, there is even a better version available:   I will try to hack my own GMAIL account, just to see how hard it is.   This is how Google tries to help to get your password reset: Select option 1 2. Select a recovery email address to receive a code: 3. Click on “Verify your identity” above Whoa… I don’t remember the second one …  But the first one is definitely…

General June 6, 2016

What is this Google Trader?

Short story: It is a waste of time and money, possibly even a scam!   Long story: There are lots of ways to lose your money in this world, but here’s one I never thought before: binary option Web sites. But, what the hack is “binary option trading”? Don’t need to read all. I marked with Red and Bold what are the most critical parts. 🙂 From Wikipedia: A binary option is a financial option in which the payoff is either some fixed monetary amount or nothing at all. While binary options are used in a theoretical framework as the building block for asset pricing and financial derivatives (a binary option maps to the cumulative distribution function of the risk-neutral distribution [1][2]), they have been exploited by fraudulent operations as many binary option outlets (outside regulated markets) have been shown to be scams. The two main types of binary options are the cash-or-nothing binary option and the asset-or-nothing binary option. The cash-or-nothing binary option pays some fixed amount of cash if the option expires in-the-money while the asset-or-nothing pays the value of the underlying security. They are also called all-or-nothing options, digital options (more common in forex/interest rate markets), and fixed…

General, security, Spam & Phishing July 28, 2015

Phishing on a different level: IRS Scam

IRS(Internal Revenue Service) is the official authority in the USA to collect taxes. “Why would someone phish them?”, you may ask.   That’s why:(see red area below).   In the form they ask you to have access to your bank account. They have all needed proves to substitute you: address, tax payer ID and many others. This way they can pay with your bank account when they pretend to be you. Solution: Never answer such requests per email. Erase the email immediately.    

No Image

antivirus, Spam & Phishing October 30, 2014

How do you react if you receive an email with subject “Your file has been uploaded”?

A spam campaign sending emails from an “Auto ImageService” with the subject “Your file has been uploaded” is making its round on the Internet. The content of the email (see below) is very simple and advertises a link to a photo taken with a digital camera (DCIM stands for Digital Camera IMages) which was allegedly uploaded to some online image service. And now to my question: How do you react if you see such an email in your Inbox ?     I guess, most people would think: “What file? Oh, a photo? Hmm…” And here it goes: – You know that JPG is a photo. Do you have compromising photos on your computer ? Is it maybe one of those photos? Better quickly check it…Click. Btw, if you are in this situation, you may want to check this article: Tips to secure your photos (including those with you naked) – You don’t know that JPG is a photo. You react to “file uploaded” and you click.   Fortunately, at the moment when I checked this URL it was redirecting to a Russian website with online pharmacy. However, the target website at the first level of redirect was an obfuscated Javascript file that…

No Image

General October 17, 2008

Nigerian scam with MS Word Document attached

There is a new type of Nigerian scam (aka 419 scam) where the body of the email looks like the one in the screen shot below and the real content is in the attached MS Word document. Here is the content of the Word document: Why this ? Because it is very hard to detect it using known words used by the classic nigerian scams.

%d bloggers like this: