Posts Tagged ‘fraud’

The Better Business Bureau Trojan Horse

Thursday, February 21st, 2013

With the fake Better Business Bureau Trojan Horse campaign, we find yet another infectious email that is socially engineered so well, that users often release such messages from quarantine; even after spam filtering has clearly identified the emails as a Virus carrying Trojan Horse.

The emails typically arrive with spoofed headers such as:

Subject:     FW: Complaint Case 091921
From:     “Better Business Bureau” <Kerri_Rucker@newyork.bbb.org>

In order to appear legitimate and to try and evade simple spam filtering systems, the Complaint Case number will be randomized, and the spoofed sending email address will vary as well.

The content will include vague yet serious sounding allegations, such as:

The Better Business Bureau has received the above-referenced complaint from one of your customers regarding their dealings with you. The details of the consumer’s concern are included on the reverse. Please review this matter and advise us of your position.

A full copy of such the bogus email:

more »

Another VBSpam Competition First Place Finish

Sunday, January 20th, 2013

For the thirteenth consecutive evaluation, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge and secured yet another first place finish.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, again missing just 1 single spam email out of 92,166 total. This represents a spam capture rate of 99.9989%.

By comparison, the next best capture rate was Libra Esva which missed 44 emails in total. The third best blocking rate went to Zerospam which missed 61 spam emails from the same corpus. The worst performers, missing well over 500 spam emails included:  IBM, Sophos, SPAMfighter, Vamsoft, Spamhaus ZEN+DBL and SURBL.

more »

Your order is awaiting verification! – Staples Virus

Monday, January 14th, 2013

Sometimes spam, viruses and Trojan Horse emails are so convincing that they manage to trick users even after spam filtering has clearly identified the emails for their true nature.

The recent spate in bogus “Your order is awaiting verification!” emails claiming to be from Staples office supplies is a pretty good example.

Despite being clearly marked as viruses, we’ve seen many users attempt to resend these blocked messages to themselves, apparently believing that our blocking these messages represents a false-positive result on the part of our filtering, whereas the opposite is the case.

The emails typically arrive with spoofed headers such as:

Subject:     Your order is awaiting verification!
From:     “Staples Advantage Orders” <Order@staplesadvantage.com>

more »

REMAX “Hot Properties” Email Phishing Fraud

Sunday, November 18th, 2012

One of the most effective tactics in use by spammers today is the hijacking/theft of legitimate user’s email accounts for use in furthering spam campaigns.

There are actually four distinct reasons why it is so powerful for spammers to be able to send spam from a previously legitimate user’s email account:

  1. Once the account is stolen, the spammer’s software can read through the address book, inbox, sent mail and all other folders scraping the email addresses of people the legitimate user has corresponded with  in the past. These emails then make excellent targets for sending spam.
  2. Email from actual AOL, Gmail, Hotmail, Yahoo and other ubiquitous email services are much less likely to be blocked by spam filtering systems.
  3. Even when a spam filter correctly recognizes that an email is spam, end users often have added such senders to their Allow or White lists, thus forcing delivery from the now compromised account.
  4. Further, recipients commonly retrieve spam from their filtering system when they recognize the sending address, but don’t realize the sender’s account has been compromised.

When you add it all up, there really is no better method of getting your spam delivered, and then actually opened by the target recipient.

more »

OnlyMyEmail Sweeps A Dozen Spam Competitions

Tuesday, November 13th, 2012

For the twelfth consecutive time, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 1 single spam email out of 134,418 total. This represents a spam capture rate of 99.9993%.

By comparison, the next best capture rate was Libra Esva which missed 56 emails in total. The third best blocking rate went to Kaspersky LMS which missed 94 spam emails from the same corpus. The worst performers, missing well over 1,000 spam emails included:  Bitdefender, IBM, CronLab, Vamsoft ORF and SPAMfighter, Spamhaus ZEN+DBL and SURBL.

more »

OnlyMyEmail Stops More Spam in The VBSpam Competition

Sunday, October 7th, 2012

For the eleventh consecutive time, OnlyMyEmail has again blocked more spam than any other filtering system in the Virus Bulletin VBSpam Challenge.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 242,703 total. This represents a spam capture rate of 99.993%.

By comparison, the next best capture rate was Libra Esva which missed 400% more spam, 50 emails in total. The third best blocking rate went to ZeroSpam which missed 112 spam emails from the same spam corpus. The worst performers, missing well over 1,000 spam emails included: M+Guardian, Halon Security, Vamsoft ORF, IBM, Spamhaus ZEN+DBL and SURBL. more »

OnlyMyEmail Takes First Place in VBSpam Competition

Tuesday, August 7th, 2012

Competing in the Virus Bulletin VBSpam Challenge, OnlyMyEmail has again blocked more spam than any other filtering system, and for the tenth consecutive time.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 242,703 total. This represents a spam capture rate of 99.996%.

By comparison, the next best capture rate was Libra Esva which missed nearly 500% more spam, 77 emails in total. The third best blocking rate went to Spam Titan which missed 183 spam emails from the same spam corpus. The worst performers, missing well over 1,500 spam emails included: Halon Security, CronLab, SPAMfighter, Vamsoft ORF, Spamhaus ZEN+DBL and SURBL.

more »

OnlyMyEmail Stops More Spam 9 Trials In A Row

Sunday, June 17th, 2012

Competing in the Virus Bulletin VBSpam Challenge, OnlyMyEmail has again blocked more spam than any other filtering system, and for the ninth consecutive time.

The latest competition ran for 16 consecutive days, during which, OnlyMyEmail’s MX-Defender accurately filtered out more spam than all other competitors tested, missing just 12 spam emails out of 191,893 total. This represents a spam capture rate of 99.994%.

By comparison, the next best capture rate was Libra Esva which missed nearly 500% more spam, 59 emails in total. The third best blocking rate went to M+Guardian which missed 115 spam emails from the same spam corpus.

more »

Mailbox Closure Warning!!! – Google Docs Email Theft

Tuesday, May 29th, 2012

The latest abuse of Google Docs for email theft appears in your inbox as:

Subject:     Mailbox Closure Warning!!!

or

Subject:     WEBMAIL ADMIN.ntc

If that manages to grab your attention, the content of the message goes further:

Helpdesk requires you to upgrade webmail by Clicking

https://docs.google.com/spreadsheet/viewform?formkey=dGkzVVg4WGlMaWFpaGdYcG1wVlV4cVE6MQ

This Message is From Helpdesk. Due to our latest IP Security upgrades we have reason to believe that your webmail account was accessed by a third party. Protecting the security of your webmail account is our primary concern, we have limited access to sensitive webmail account features. Failure to revalidate, your e-mail will be blocked in 24 hours.

Thank you for your cooperation.

more »

HSBC ACCOUNT VALIDATION REQUIRED – Fraud Emails

Sunday, May 13th, 2012

The latest bank Phishing Fraud emails to make the rounds via email are targeting HSBC Bank customers and clients.

The emails typically arrive shouting out warnings in all capital letters:

Subject:     ACCOUNT VALIDATION REQUIRED!

And greet you as their “Dear Esteemed HSBC customer,”

Strong wording explains that you need to take immediate action to protect your account. An example of such a message:

Your Account Validation did not work properly. We are experiencing difficulties in updating your account from our maintainance servers as some information are either out of date or missing from our systems.

To this end, we are contacting you to please validate your account information with us.

To begin log on to internet banking on https://www.hsbc.ae/1/2/InternetBanking/?SecureLogin with your internet Banking credentials and validate your account with us as soon as possible.

This Email is subject to mandatory action. Failure to comply will lead to suspension of account activities with HSBC. HSBC will bear no responsibility of any mishaps caused if no action is taken.

more »