Posts Tagged ‘spoofing’
Thursday, January 19th, 2012
Here’s something we really don’t see every day….
We recently received an email claiming to be from the U.S Department of Justice Victim Notification System (VNS)
Subject: US Department of Justice Victim Notification System
From: Courtney Walker <fedemail@vns.usdoj.gov>
To: Business Representative <address>
Our typical “common sense” check for email Phishing Fraud starts with the obvious:
- Overly serious/threatening Subject line…. check!
- Human sender doesn’t match email address…. check!
- Impersonal and generic salutation… check!
The email itself open with:
DO NOT REPLY TO THIS EMAIL.
U.S. Department of Justice
Federal Bureau of Investigation
FBI – New York
26 Federal Plaza, 23rd Floor
New York, NY 10278
Phone: (212) 384-2564
Fax: (212) 384-4104
more »
Tags: botnet, DOJ, FBI, fraud, Government, humor, phishing, Privacy, scam, Security, spam, spoofing
Posted in Above The Law, Email Fraud, Message Control, Phishing Lessons | Comments Off
Monday, August 15th, 2011
Look out for fraudulent emails spoofing “The Electronic Payments Association” that are arriving as:
From: risk_manager@nacha.org
Subject: Rejected ACH payment
In reality these messages are from previously infected personal computers from across the globe:
from [122.168.251.32] (helo=ABTS-mp-dynamic-032.251.168.122.airtelbroadband.in)
These messages include a fictional warning that includes content such as:
The ACH transaction (ID: 32604668345041), recently sent from your checking account (by you or any other person), was rejected by the other financial institution.
more »
Tags: botnet, fraud, malware, phishing, scam, spoofing, zombie
Posted in Email Fraud, Spam Tactics | Comments Off
Wednesday, August 10th, 2011
Spammers are nothing if not persistent, and even more so when it comes to the most sinister ones that are trying to steal your identity and your entire bank account.
They’re also smart enough to Phish in the biggest pools of potential victims, so the endless stream of cons targeting JP Morgan Chase customers makes perfect sense.
The latest comes with a subject:
Please Restore Your Account Access
more »
Tags: fraud, phishing, scam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off
Sunday, August 7th, 2011
A clever Craigslist Phishing fraud is using a highly targeted approach to trick Craigslist advertisers into giving up their username and passwords.
The trick is to provide the headline from an actual Craigslist posting in order to help evade spam filtering and more importantly, to increase the likelihood of fooling the recipient into believing the “Confirmation for Posting” is legitimate.
A typical email will arrive such as:
Subject: Your ad, titled ’1970 short bed ford ‘ has been posted.
From: craigslist <acount@pueblo.craigslist.org>
The Subject line will vary according to match the title of the specific Craigslist posting.
more »
Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off
Saturday, July 16th, 2011
Mailboxes are now receiving fake Skype upgrade spam sent from hijacked Rhapsody.com mail servers.
The current campaign arrives as:
Subject: New Skype Has Been Releases ! Upgrade Now
From: ”Skype” <newsletter@news.skype.com>
In an interesting twist, the spammers involved appear to have hacked and are in control of Rhapsody.com mail servers as the samples we’ve reviewed so far are actually from:
- mta900.e.rhapsody.com ([63.211.90.40]
- mta902.e.rhapsody.com ([63.211.90.42]
- mta903.e.rhapsody.com ([63.211.90.43]
- mta904.e.rhapsody.com ([63.211.90.44]
- mta905.e.rhapsody.com ([63.211.90.45]
- etc., etc.
The spam email itself is as follows:
more »
Tags: botnet, email, fraud, malware, scam, spoofing, virus, zombie
Posted in Email Fraud, Spam Tactics | 2 Comments »
Thursday, July 14th, 2011
As the biggest banks get bigger, they capture even more attention from spammers and online criminals intent on stealing legitimate user’s accounts.
Such is the case with JP Morgan Chase and yet another Phishing fraud email now circulating:
Subject: Chase Online Alert: Debit Card/ATM Deduction from Account
From: Chase Online Alert <Chase@emailnotify.chase.com>
more »
Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Phishing Lessons | Comments Off
Monday, July 11th, 2011
While spam volumes may be down, the Phishing fraud’s continue in high volume with Craigslist.org users being highly favored targets.
Look for these spam emails to trap unsuspecting users:
Subject: Account Update Notice
From: ”craigslist” <help@craigslist.org>
While they spoof “help@craigslist.org” as the sending address, most that we’ve reviewed have come from various hijacked Earthlink accouts:
from elasmtp-banded.atl.sa.earthlink.net ([209.86.89.70])
from elasmtp-scoter.atl.sa.earthlink.net ([209.86.89.67])
Here’s a complete copy of one of these “Account Update Notice” frauds:
more »
Tags: craigslist, fraud, phishing, spam, spoofing
Posted in Email Fraud, Phishing Lessons | 1 Comment »
Thursday, June 30th, 2011
More spam claiming to be from Wells Fargo headed toward mailboxes as:
Subject: Wells Fargo Online Fraud Prevention.
From: “Wells Fargo Online”<wellsfargo@wellsconnect.wellsfargo.com>
When in reality the sending address is spoofed and the email is actually originating from Yahoo’s mail servers:
nm28-vm1.bullet.mail.ac4.yahoo.com ([98.139.52.247])
As is common for such Phishing frauds, the email warns you
more »
Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off
Wednesday, June 22nd, 2011
Phishing fraud involving the various shipping companies continues its upswing, and a newer version of FedEx fraud is looking to steal legitimate user’s account credentials.
Emails typically arrive:
Subject: Important Technical Service Message (CODE:90738-00)
From: “FedEx Technical Support”<update@online-update.com>
The are not sent from any legitimate Federal Express server, but instead are sent through hijacked user accounts, the latest copy reviewed came to us through Verizon’s servers:
more »
Tags: 419 scams, fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Phishing Lessons | Comments Off
Tuesday, June 14th, 2011
There’s a renewed effort from spammers trying to hijack legitimate Craigslist.org accounts.
One version currently in distribution arrives:
Subject: flagged & removed: 36984099
From: “Craigslist” <no-reply@craigsIst.org>
To further add the appearance of legitimacy and to help evade spam filtering systems the number at the end of the subject line is randomized.
more »
Tags: fraud, phishing, scam, spam, spoofing
Posted in Email Fraud, Phishing Lessons | Comments Off
