Author: Olly

  • Nokia & Microsoft WINNER – Nokia X2 Dual SIM Windows phone and cash $$ SCAM

    This scam is a hybrid version of some old free mobile phone scams that used to circulate, and the regular 419 nigerian lottery scams. The email itself was pretty much empty;

    From User90911271 - user90911270@centurylink.net

    It was from user90911270@centurylink.net and the senders name is set to User90911271. If i hit reply it tries to email the centurylink.net email.

    The attachment itself is called “Confirmation Letter zxaa665.pdf” and contains this;

    Dear Email User This email is to inform you that your email address has just won you $500,000.00 and a Nokia X2 Dual SIM Windows phone for the month of April 2015 lottery promotion, which is organized by MICROSOFT OUTLOOK WINDOWS & NOKIA. MICROSOFT WINDOWS collects all the email addresses of the people who are active online; among the people who subscribed also to Aol, Gmail and yahoo, we only select five people every year as our winners through an electronic balloting system without the winner applying. We congratulate you for being one of the selected winners. CONTACT THE EMAIL BELOW WITH YOUR INFORMATION. Contact Email: GGML11@OUTLOOK.COM 1. FULL NAME: 2. ADDRESS: 3. OCCUPATION: 4. SEX: 5. AGE: 6. DIRECT PHONE NO: 7. STATE: 8. COUNTRY: Thank you and accept my hearty congratulation once again!

    Ha.

    Ok, so firstly its obviously a scam – I mean, come on??

    Secondly, there is no way on earth Microsoft Outlook, Windows (another MS product, not sure why they would endorse something separately?) and Nokia would club together and run a raffle!

    It later mentions Aol, Gmail and Yahoo! – just in case you didn’t use one of the products mentioned earlier, they’ve surely snagged your interest now, right?

    Then just in case you thought it might be a scam as you never signed up for no damn lottery – they drop a link in saying how its all electronic and automated and the winner is picked without anyone applying.

    Then, of course, comes the usual “please send your details” part at the bottom, however there is  no mention of anything financial in this email or attachment. Many of the recent scams have been like a “double opt in” style, where the first one is to gain interest and then in their reply to you they will drop the clanger.

    I’ve emailed back asking for my prize, so hopefully they get back to me soon and I can add in part 2 of this humorous email scam 🙂

    Baiting the scammers!

    PS this wasnt caught in Gmail spam filters, so watch out as who knows what else will slip through!

  • Indebted for driving on toll road #000729155 – SCAM – HOAX

    My friend Chris sends me scams every now and then, I think like myself he has had his email address a long time so gets things on a daily basis. He sent the Outstanding Invoice Scam a few weeks ago, and sent this the other day as he felt it was a pretty clever approach that could trick a fair few people if they were new to the web and email.

    From: "E-ZPass Manager" <joel.crabtree@vir010101.sh.it.net> Date: 13 Apr 2015 04:58 Subject: Indebted for driving on toll road #000729155 To: <XXX@btinternet.com> Cc: Dear X, You have not paid for driving on a toll road. Please, do not forget to service your debt. The invoice is attached to this email. Sincerely, Joel Crabtree, E-ZPass Support.

    So their approach this time is to claim the user has unpaid fines from driving on a toll road. Straight away this is a more believable approach than random unpaid invoices etc.

    The email itself is fairly poorly written, which would make me personally question its legitimacy, but then its written a lot better than some scams I see so it could fool someone!

    It was sent from a very obscure email address: joel.crabtree@vir010101.sh.it.net and although this email address corresponds to the name of the person that has apparently sent this, the domain name part is random, and should raise alarm bells straight away. My friend also confirmed the reply address was the same as the sender – sometimes they differ you see.

    And the attachment of the email is a zip file – word of warning, if you are not expecting the email and it has a ZIP file or DOC file attachment, it will 9.9 times out of 10 be a scam/virus/hoax and you should forward it to scams@0lly.uk and then delete it immediately.

    Stay safe peeps!

    Thanks for the submission, Chris!

    You can send in scams via our online form, or by forwarding them to scams@0lly.uk and i’ll rip them apart and publish info so anyone reading can learn and hopefully stay virus-free!

  • Thaddeus Mcconnell – My resume | SCAM – VIRUS | Clever!

    Another Word document attachment virus, but this one with a different approach from the recent invoice/financially orientated ones.

    It looks very much like a fairly normal email, the email address even matches the persons name;

    ThaddeusMcconnell@businessemail.co.uk

    Although its obviously from a free email provider so that wouldn’t be too hard to set up. The content of the email is fairly normal too.

    Hi, My name is Thaddeus Mcconnell Please find my resume in the attachment. Thank you, Thaddeus

    Gmail’s spam filters kicked in straight away with this one, I think because the file attachment is a zip file that it must have triggered the spam filters to scan it earlier than if it was just a Word document or something.

    Thaddeus Mcconnell - my resume.zip

    I did wonder if this was actually a genuine request and the chap just happened to have a virus himself and sent it unwittingly, but there is something about it that just makes me think its an intentional scam. I think its the “Business” email – it just sets alarm bells off for me.

    Anyway, real or not, Gmail did the work and marked this as a Virus.

    Delete and move on people.

  • Debit Note [40822] information attached to this email | SCAM – VIRUS – DODGY EMAIL

    These seem to be flooding in recently, not sure how or why i’ve started to get so many – maybe some of my scam-baiting has got me on some “To scam” lists 🙂 It’s also worrying that many of them are not being blocked by Google and they are actually ending up in my Gmail inbox.

    Anyway, the format of this recent batch has been similar, some kind of financial related email that will almost always entice you to open the attachment. Please don’t, especially in Microsoft Word as Word documents can contain macros, and macros are basically mini executable scripts that can do or get other things to do nasty stuff to your computer.

    This one was from Terri Tyler <Sean.33@sec-pc.skbroadband>

    Attachment filename: 39533803.doc

    terri_tyler

    Gmail creates a thumb of the document if it can, and you can actually see this one is full of crap – looks like code but i’ve not opened it as the macros are usually behind passwords and I haven’t got time to decrypt them so it would be pointless.

    Dont open any attachment from any person that you don’t know or that you cannot confirm is a genuine person/organisation.

    No genuine company would send an invoice or “Debit note” in a blank email from a mismatched name & email.

    Mark the email as Spam so your email provider’s spam filters can learn and block the email from reaching other people.