Posts Tagged ‘spoofing’
Wednesday, April 13th, 2011
After seeing countless bogus email campaigns claiming to be from UPS, DHL, Fed Ex and the United States Postal Service all used for spreading viruses, it was inevitable that we would also start seeing similar messages claiming to come from Canada Post arriving as:
Subject: Your package has arrived!
From: “Canada Post”<tracking@canadapost.ca>
While the From address says it’s from Canadapost.ca the latest batch actually came from Germany, via:
web08.konfigserver.de ([83.141.3.208])
Here’s the complete email:
more »
Tags: spam, spoofing, virus
Posted in Email Fraud, Spam Tactics | Comments Off
Monday, April 11th, 2011
Email Phishing frauds for Bank Of Montreal are in high gear, with most arriving as:
Subject: Important Notice From Online Banking
From: BMO Bank of Montreal <helpdesk@bmo.com>
Though the sending address is of course spoofed, with these actually coming from bogus and hijacked mail servers such as:
‘from beta.dnshree.com ([208.87.243.22])
<nobody@beta.dnshree.com>
Here’s a full copy of of the email fraud:
more »
Tags: fraud, phishing, spam, spoofing
Posted in Email Fraud, Phishing Lessons | Comments Off
Thursday, April 7th, 2011
More Paypal fraud on the way. This time spoofing a domain that only sounds like Paypal:
Subject: account limited ! update your account information
From: Paypal Service Inc <Service@nopaypal.com>
Of course many recipients are not going to notice the minor variation and will simply ignore that this mail claims to come from “nopaypal.com” rather than “paypal.com” while it actually comes via spam friendly servers like:
caracalla.lunariffic.com ([216.227.214.143])
The actual emails look like this:
more »
Tags: fraud, phishing, spam, spoofing
Posted in Email Fraud, Spam Tactics | Comments Off
Wednesday, March 30th, 2011
The newest JP Morgan Chase email Phishing fraud is now being sent as:
Subject: New Message from Online Banking
From: “Chase Card Services”<SMChaseNotification@emailonline.chase.com>
The spoofed email itself looks convincing enough:
more »
Tags: phishing, spam, spoofing
Posted in Email Fraud, Phishing Lessons | 1 Comment »
Tuesday, March 29th, 2011
A clever variation on the growing UPS deliver alert virus campaign is hitting harder each day. Emails arrive:
Subject: Your package has arrived!
From: UPS Shipments <tracking@ups.com>
The sending address is spoofed and not really from UPS.
The short but very efficient email notice continues: more »
Tags: spoofing, virus
Posted in Spam Tactics | Comments Off
Tuesday, March 22nd, 2011
We’re seeing more an more spoofed Twitter spam being sent to trick twitter users into visiting online pharmacology websites.
Most arrive with a simple subject line:
Subject: You have notifications pending
Sending addresses will look like otherwise legitimate notification addresses such as:
- From: “Twitter” <twitter-notify-login=munged.com@postmaster.twitter.com>
- From: “Twitter” <twitter-notify-login=munged.com@postmaster.twitter.com>
more »
Tags: spam, spoofing
Posted in Spam Tactics | Comments Off
Monday, March 21st, 2011
We’re seeing a strong increase in Phishing Fraud emails targeting Craigslist.org accounts.
The emails generally arrive such as:
Subject: flagged & removed : 1977204121
From: “no-reply@craigslist.net” <no-reply@craigsliist.net>
The ID/Case number in the subject line will vary in an attempt to evade spam filtering.
The sending address is spoofed as the emails are not actually sent from Craigslist.org servers.
An example email:
more »
Tags: fraud, phishing, spoofing
Posted in Email Fraud, Phishing Lessons | Comments Off
Monday, February 28th, 2011
Stealing Craigslist usernames and passwords is becoming increasingly popular amount Internet spammers and hackers.
The latest campaign warns of account suspension in order to get the recipient’s attention:
Subject: craigslist.org: Account Temporarily suspended
From: ”craigslist.org” <noreply@craigslist.org>
Though the message actually comes from hijacked Yahoo email accounts (from nm11-vm0.bullet.mail.ac4.yahoo.com) the email itself is a pretty good approximation of a legitimate Craigslist notification:
Click for Larger Image
more »
Tags: fraud, phishing, spam, spoofing
Posted in Email Fraud, Phishing Lessons | 3 Comments »
Wednesday, February 9th, 2011
More Phishing frauds are being received for TD Canada Trust Bank customers:
TD ALERT : You have received a new payment.
TD Canada Trust Bank. <e-payment@easywebsoc.td.com>
This campaign appears to originate from accounts on SimpleHELIX web servers:
‘from defend3.simplehelix.com ([206.126.97.8]‘
more »
Tags: fraud, phishing, spoofing
Posted in Phishing Lessons | Comments Off
Monday, February 7th, 2011
Here’s a well designed Phishing fraud targeting USAA.com users:
Subject: Notification at usaa.com
From: USAA <USAA.Web.Services@customermail.usaa.com>
The somewhat standard warnings are used:
Dear Customer,
As part of our security measures, we regularly screen activity in the usaa.com system. We recently contacted you after noticing an issue on your account. We requested information from you for the following reason: more »
Tags: fraud, phishing, spoofing
Posted in Phishing Lessons | Comments Off
