Introducing Your US Department of Justice and FBI Victim Notification System

January 19th, 2012

Here’s something we really don’t see every day….

We recently received an email claiming to be from the U.S Department of Justice Victim Notification System (VNS)

Subject:     US Department of Justice Victim Notification System
From:     Courtney Walker <fedemail@vns.usdoj.gov>
To:     Business Representative <address>

Our typical “common sense” check for email Phishing Fraud starts with the obvious:

  1. Overly serious/threatening Subject line…. check!
  2. Human sender doesn’t match email address…. check!
  3. Impersonal and generic salutation… check!

The email itself open with:

DO NOT REPLY TO THIS EMAIL.

U.S. Department of Justice
Federal Bureau of Investigation
FBI – New York
26 Federal Plaza, 23rd Floor
New York, NY 10278
Phone:  (212) 384-2564
Fax:  (212) 384-4104

more »

Tags: , , , , , , , , , , ,
Posted in Above The Law, Email Fraud, Message Control, Phishing Lessons | No Comments »

OnlyMyEmail Beats 22 Competitors in the Virus Bulletin Spam Challenge

January 13th, 2012

The results from OnlyMyEmail’s sixth Virus Bulletin VBSpam Challenge competition have been released.

For the sixth time in a row, OnlyMyEmail’s MX-Defender stopped more spam than any of the 23 competing spam solutions. OnlyMyEmail missed just one single spam message out of 171,963 total, for a new record spam filtering capture rate of 99.9994% besting the previous record of 99.9993% -  also set by OnlyMyEmail in a previous competition.
By comparison, the next best capture rate was McAfee SaaS which missed 41 spam messages. The third best capture rate was AnubisNetworks which missed 97 spam emails.

The average “false-negative” rate among the other 18 filtering systems was a whopping 3,471 missed spam messages and the median was 272.

The results from Virus Bulletin’s VBSpam Challenge have proven, time and again, that for the last year OnlyMyEmail’s MX-Defender is decisively superior to any other spam defense available today, including hardware appliances, software programs and other Software as a Service (SaaS) solutions solutions as well.

The full list of competitors beaten by OnlyMyEmail includes: AnubisNetworks, BitDefender, FortiMail, GFI MailEssentials, Halon Security, IBM Lotus Protector, Kaspersky Anti-Spam, Libra Esva, Mailshell, McAfee Email Gateway, McAfee EWS, McAfee SaaS, Sophos Email Appliance, SPAM fighter, SpamTitan, Spider Antispam, Symantec Messaging Gateway, The Email Laundry, Vade Retro, Vamsoft ORF, Spamhaus ZEN+DBL and SURBL.

Tags: , ,
Posted in Message Control, Spam Tactics, Spam-Stats | Comments Off

Goldline International Joins the Legions of Spammers

August 19th, 2011

With the price of gold sky-high, the profits to be made must be equally impressive, turning side-show companies like “Goldline International” into first rate spammers.

Either that, or the high price has brought competitor’s out of the woodwork, making them so desperate for business they’ve now turned to spam.

Either way, whether it’s gouging customers, desperate for business or just ethically bankrupt the “Goldline” spam has hit the main vain.

The emails from their advertisements, SEO campaigns or third-party affiliates arrive with a subject line that currently announces:

Subject:     Now Is The Time To Buy Gold!

These are blasted out from a wide variety of disposable sending domains using addresses that are “From:” more »

Tags:
Posted in Spam Tactics | Comments Off

Rejected ACH payment – Virus/Fraud

August 15th, 2011

Look out for fraudulent emails spoofing “The Electronic Payments Association” that are arriving as:

From:     risk_manager@nacha.org
Subject:     Rejected ACH payment

In reality these messages are from previously infected personal computers from across the globe:

from [122.168.251.32] (helo=ABTS-mp-dynamic-032.251.168.122.airtelbroadband.in)

These messages include a fictional warning that includes content such as:

The ACH transaction (ID: 32604668345041), recently sent from your checking account (by you or any other person), was rejected by the other financial institution.

more »

Tags: , , , , , ,
Posted in Email Fraud, Spam Tactics | Comments Off

What if someone says they sent me a message but I didn’t get it?

August 11th, 2011

We commonly receive questions from users who tell us an expected email has not arrived, and they don’t know how to go about finding it.

Fortunately, with proper information and the right approach, it’s not really that hard to track down missing email messages.

Like snail mail, email follows a path from the sender to the recipient and problems can arise along the way.  When a package or letter hasn’t arrived, it doesn’t make much sense to start yelling at the mail carrier; instead you have to start at the beginning and follow the message from point to point.

Following the chain of possession, the most common causes of missing email are as follows: more »

Tags: ,
Posted in All About Email, Message Control | Comments Off

Please Restore Your Account Access – Chase Fraud

August 10th, 2011

Spammers are nothing if not persistent, and even more so when it comes to the most sinister ones that are trying to steal your identity and your entire bank account.

They’re also smart enough to Phish in the biggest pools of potential victims, so the endless stream of cons targeting JP Morgan Chase customers makes perfect sense.

The latest comes with a subject:

Please Restore Your Account Access

more »

Tags: , , ,
Posted in Email Fraud, Spam Tactics | Comments Off

Craigslist – Confirmation for Posting Fraud

August 7th, 2011

A clever Craigslist Phishing fraud is using a highly targeted approach to trick Craigslist advertisers into giving up their username and passwords.

The trick is to provide the headline from an actual Craigslist posting in order to help evade spam filtering and more importantly, to increase the likelihood of fooling the recipient into believing the “Confirmation for Posting” is legitimate.

A typical email will arrive such as:

Subject:     Your ad, titled ’1970 short bed ford ‘ has been posted.
From:     craigslist <acount@pueblo.craigslist.org>

The Subject line will vary according to match the title of the specific Craigslist posting.

more »

Tags: , , , ,
Posted in Email Fraud, Spam Tactics | Comments Off

The Executive Registry, Who’s Who Among Spammers

August 6th, 2011

Bogus “Who’s Who” listings and other similar publications have been around long before the Internet, so there’s nothing new about selling fake credentials and memberships in non-existent “executive” publications.

But, as with many things, Email and the Internet combine to make the scammer’s job easier with a wider and deeper reach, and all for lower cost.

The latest fake credential listing touts your invitation to join “The Executive Registry” and is signed by someone claiming to be “Ethan Andrews” of the “Candidate Review Committee” – for what that’s worth.

Here’s a copy of the latest email:

more »

Tags: , ,
Posted in Email Fraud, Spam Tactics | Comments Off

Salesgenius List Selling Spam

July 31st, 2011

Here’s an interesting business question:

Would you trust the integrity of a business list marketed to you by a spammer?

SalesGenius along with “DataBase 101″ and “InfoFree.com” (among other aliases) must think so as they’re ripping out plenty of spam trying to sell marketing lists to other small businesses.

This leaves us with Spammers selling spamming lists to potential spam wannabees. Just perfect.

Emails arrive mostly from various SalesGenius servers such as:

more »

Tags: , ,
Posted in Spam Tactics | Comments Off

Endless Spam from Earthlink

July 26th, 2011

It’s hard to estimate how many Earthlink user accounts have been compromised at any given time, but the endless drip-drip-drip of spam from Earthlink’s servers speaks volumes.

Either the infiltration is significant, or it’s just that Earthlink’s email security, monitoring and controls are either completely ineffectual or non-existent.

The endless drone of Earthlink spam continues with terse “familiar” sounding subjects such as:

more »

Tags: ,
Posted in All About Email, Spam Tactics | 1 Comment »

« Older Entries