Protect yourself from Phishing attacks

nophishing

Great advice from a local business:

  • Be suspicious of any email that requires “immediate action” or creates a sense of urgency. This is a common technique used by criminals to rush people into making a mistake.
  • Be suspicious of emails addressed to “Dear Customer” or some other generic salutation. If it is your bank, they will know your name.
  • Be suspicious of grammar or spelling mistakes; most businesses proofread their messages carefully before sending them.
  • Do not click on links. Instead, copy the URL from the email and paste it into your browser. Even better is to simply type the destination name into your browser.
  • Hover your mouse over the link. This will show you the true destination where you would go if you actually clicked on it. If the true destination of the link is different than what is shown in the email, this may be an indication of fraud.
  • Be suspicious of attachments, and only open those that you are expecting.
  • Just because you got an email from your friend does not mean they sent it. Your friend’s computer may have been infected or their account may have been compromised, and malware is sending the email to all of your friend’s contacts.
  • If you get a suspicious email from a trusted friend or colleague, call them to confirm that they sent it. Always use a telephone number that you already know or can independently verify, not one that was included in the message.

I’ve mentioned most of these in various other posts, but this was an excellent summary that deserved to be shared. Be careful out there.

The Old Wolf has spoken.

A Letter from the “Assistant Secretary of State.”

Please us with this email again! Right, folks – the Bureau of Consular Affairs is going to use a foxmail address. For the love of all that’s holy, never respond to an email like this. If you do, you’re handing your hard-earned money to fleabitten African scammers. YES, THIS IS A SCAM. Yes, I’m SHOUTING!


From: Assistant Secretary of State Roberta Jacobson <Anderson@gamma.ocn.ne.jp>
Subject: Assistant Secretary of State Roberta Jacobson,

To: undisclosed-recipients:;

Bureau of Consular Affairs

Washington, DC 20520
Greeting from USA Embassy,

Attn Dear Citizens! Please us with this email again ( homelandsecurity20@foxmail.com )

This is to notify you that your consignment has been in our custody we are waiting for you to comply with our instructions before your package delivery will be effected to your delivery address. We have been waiting for you to contact us regarding your consignment box which Courier Company suppose to deliver to you which is on hold by USA Home Land Security Department Bureau and requesting for clearance certificate which will be obtain from the origination of the consignment box before it will be released. As a result of you not comply within duration given by Benin Government that is the reason the consignment box was diverted to treasury but the government of American have decide to make the world happy by been willing to release the package consisting of a Bank Draft Total sum of $ 3.5millions usd written with your name as the beneficiary within 4 hours immediately you secure the clearance certificate today.

After the Meeting Held by Our board of Director Which WAS Concluded That the Delivery of your Consignment to your address MUST BE Complete within 4hrs upon your Comply to Our requirement Which IS by sending the sum of  $ 155.00Usd  to enable the origin Obtain the needed certificate and your consignment for onward delivery to your house immediately without any further delay we decide to contact you because we confirm some offices are trying to deceive you.

Note that your consignment box has been arrived in US embassy and waiting to receive clearance certificate before the gate pass is given. Mean while you are advice to reconfirm the below information upon contacting us to avoid delivery to wrong person.

1, Full name:
2, Address:
3, Occupation:
4, Cell-Phone:
5, Nearest Airport:

Once you notify us with the Above Information include with the $ 55 payment we Will release your Consignment to you. Note That you Are expected to pay only  $ 155.00Usd  for Clearance certificate and you Are to pay it to Benin Republic as the origination of the Consignment box in favor of: Ofor Eze as Our accountant officer in Benin Republic Send the  $ 155.00Usd through Western Union or Money gram once you receive this mail with the Information Below for IMMEDIATE release of your Consignment box,

Receiver name: Ofor Eze
Country .. Benin Republic
city .. Cotonou
question: Yes
Answer: Yes.
Amount necessary. $ 155.00usd

Once you send the money, try to notify us with the MTCN for easy pick up and for immediate action on the release of your consignment.

Please treat this as matter of urgency .Note that any uncliam consignment will be return to the Courier Company after 3 days for final divertion as a result of failure to comply with our instruction and claim your consignment which arrived from Africa to our local airport here in USA.

So you are urgently advise to comply with our demand so that we will release your consignment we are working for the best of America citizen.

Treat with dispatch,
Yours Faithfully,
Assistant Secretary of State Roberta Jacobson,
FROM UNITED STATE OF AMERICA
Call +19189363447
Email: homelandsecurity20@foxmail.com

The Lads from Benin are still busy. They may be from Lagos, too – one can never tell where these drones are operating from.

Here’s my response to this one:

Nigerian Camels

All I can hope is that emails like this raise their blood pressure enough to precipitate a massive stroke…

The Old Wolf has spoken.

An .EXE file is not an invoice

Chapa NO MALWARE

Today’s scam email:

From: “Agnessa Arina” <agnessaarina@yahoo.es>
To: redacted
Subject: FW::deposit invoice copy

Hi,

we are updating our company email address so i’m sending you the outstanding balance and new lodging.

Confirm receipt.

Amy chan

Tridium, Inc.
3951 Westerre Parkway, Suite 350
Richmond, VA 23233
USA.

View Download

That “Download” is a file called “deposit copy.exe” – something you NEVER want to click on. EXE files are PROGRAMS, and they are BAD NEWS. From code that will log your keystrokes, steal your information, turn your machine into a zombie spamming device, to encrypting all your files for ransom, these malware programs will make your life a living hell. Just don’t do it.

The Old Wolf has spoken.

Don’t Click That Ad

rule

As I’ve mentioned elsewhere, clickbait ads are everywhere. They are the spam of the World Wide Web, unwanted intrusions into your browsing experience, and like spam, the vast majority of these ads are deceptive and lead to spurious or borderline criminal offers.

What’s that “New Rule?”

If  you click that ad, you are taken to http://www.easy-autoquotes.com/, which looks like a respectable financial advice website:

insider

And what’s that “one rule?”

“Don’t even think about getting insurance without first comparing discounted quotes from an unbiased source.”

The “unbiased source” they want you to visit is the Easy Auto Quotes™ official site, which deceptively redirects you to

"http://provide-savings.com,"

which turns out to be a scummy outfit which, like LowerMyBills will gather your information including sensitive personal data and sell it to anyone who waves money in their faces. You won’t get a quote from them, but you will be inundated by calls and emails not only from competing auto insurance agencies, and countless other disreputable marketers hawking everything under the sun. The only way you’ll be able to stem the tide is move, cancel your credit cards, change your email address, get a new phone number, and walk widdershins around a rotting stump at midnight while looking at the new moon over your left shoulder.

Have a look at the disclaimer at the very bottom of their page, which most people will never see, and which is hard to read even if you get there:

disclaimer

Here it is in plain text:

Disclaimer and Consumer Information.

THIS IS AN ADVERTISEMENT AND NOT AN ACTUAL NEWS ARTICLE, BLOG, OR CONSUMER PROTECTION UPDATE
THIS SITE GETS PAID FOR CLICKS OR SALES PRODUCED FROM CONTENT FOUND ON THIS SITE
*We are dedicated to bringing readers valuable information which can help them accomplish their financial and lifestyle goals. Our disclaimer is that this site does receive compensation for product reviews and referrals or purchases made through our links. This page is an advertisement/advertorial. The story depicted here is for demonstration purposes only and everyone’s results may vary. We hope you find our online resource informative and helpful.

This site is in no way affiliated with any news source.

Important information regarding the truthfulness of this article (For our site visitors and the FTC): There have been issues in the online marketing industry with fake advertorials to pitch certain products within the affiliate marketing industry. This site and the owners of this site have never participated in these false advertising practices. Here are a few clarifications points regarding this article: First, as stated at the top of this site, [NOTE: No, it only says “Advertisement’] this is an Advertisment/Advertorial. This site receives compensation for purchases made through our links.

*Clarification of the advertising headline “New Policy in your State”: Some of our website visitors may have visited our site after seeing an ad regarding “New Policy in your State.” This ad then clarifies that certain individuals may receive discounts of up to 50% off car insurance. The newest United States information and insurance tips for lowering your car insurance cost can be found at usa.gov (recently updated October of 2011). The United States federal governments and state governments are constantly looking out for consumers and have published new information on helping consumers lower their car insurance bills. Here’s a specific link regarding the newest usa.gov advice, tips in order to receive lower car insurance rates: http://www.usa.gov/topics/travel/cars/insurance.shtml. In addition to this information, each state and their respective state insurance commissions may have additional recent policy changes which may affect the insurance rates in your area. The specific new discount car insurance policies in your state which are currently helping individuals save up to 50% on car insurance is information that can be found through the insurance comparison site Provide InsuranceTM mentioned in this article. Upon visiting this site you will see the claim that individuals can save up to 50% in their respective states. This is information that we have found to be true. From the article mentioned from usa.gov, we see that the federal government has also given the advice and made the claims that “To get the best coverage at the best price, get several quotes from insurance companies. It may save you hundreds of dollars a year… You may be eligible for a discount based on the number of miles you drive; your age (turning 25 or 50); your good grades if you are a student, your driving record (no moving vehicle violations or accidents in three years); or if you’ve taken a safe-driving course. You might also be able to get discounts if you insure more than one vehicle, insure your vehicle and your home with the same company, have anti-theft devices or have safety features such as air bags or anti-lock brake system.”

*Clarification of the advertising headline “New Rule in (Your State)”. – Merriam-Webster’s Dictionary defines the word “rule” as “a piece of advice about the best way to do something” (http://www.merriam-webster.com/dictionary/rule). This article aims to advise the public that comparing rates is one of the best ways that you can save money on car insurance. No matter what city, state or zip code you live in you can compare rates and get free quotes. If you truly want to find the best rate and save on car insurance then follow our advice or “rule” to compare rates. Here are links to two surveys which demonstrate the importance of comparing rates and how applying this “rule” in any state, city or zip code may help drivers save 32%. A new survey found that the #1 reason people switch is because they found a cheaper rate. Click Here for Survey. A second survey which analyzed car insurance quotes for 1,000 zip codes across the U.S. found that within a given zip code, rates vary by 154% on average, allowing drivers to find an average of 32% in savings. Click Here For Survey.

This site is committed to protecting the privacy of our online visitors. If you join our mailing list, your information will not be shared with others. Anyone who wishes can choose to be removed from our mailing list at any time.

This site is in no way affiliated with any news source. As mentioned at the top of this web page, it is an advertisement.

This site contains affiliate and partner links, and as mentioned previously, this site is only an advertisement. The owners of this site receive compensation when sales are made.

This website and the company that owns it is not responsible for any typographical or photographic errors. If you do not agree to our terms and warnings, then leave this site immediately.

Product is not affiliated in any way with ABC, MSNBC, CNN, Fox News, Consumer Reports, CBS, Wink News or USA Today. All trademarks, logos, and service marks (collectively the “Trademarks”) displayed are registered and/or unregistered Trademarks of their respective owners. Contents of this website are copyrighted property of the reviewer and/or this website.

Note that this disclaimer consists largely of weasel words which attempt to justify the deceptive nature of the advertisement; the worst example of this kind of humbuggery I have already shared over at the “Hall of Shame.”

It gets worse. When you visit Provide-Savings, they begin a process which will gather all sorts of PII (Personally-identifying information) which they claim they need to provide you with your requested quote. Take a gander at a selected portion of their “privacy policy.”

In order to provide you with insurance quotes, we collect your personal contact information including name, telephone number, mailing address, email address, gender, birthday and marital status. For home insurance quotes, we also collect details about your home and personal property. For auto insurance quotes, we collect information about your vehicles and drivers and may also collect information about your credit and your existing insurance coverage.

By submitting your e-mail address and/or phone number (as the case may be) via this Site, you authorize us to use that e-mail address and phone number to contact you periodically, via e-mail and manually-dialed and/or auto-dialed telephone calls, concerning (i) your quote requests, (ii) any administrative issue regarding the Site or our services and/or (iii) information or offers that we feel may be of interest to you. We may also send e-mails to you periodically regarding updated quotes. You may opt out of receiving e-mails from us at any time by unsubscribing as set forth in the applicable e-mail.

Additionally, by filling out information on this Site as part of your request for information about insurance policies and quotations, you authorize us to provide that information to various insurance companies, insurance agents and other related third parties that participate in our insurance quote network (collectively “Insurance Providers”). The Insurance Providers may provide your personal information to their insurance carriers, suppliers and other related vendors in order to generate price quotations and information relevant to insurance policies that you have requested

We may share your information with third parties with whom we have promotional or advertising relationships (provided that we are not otherwise restricted from this sharing of information). If you do not want us to share your personal information with these companies, contact us at compliance@adharmonics.com.
We may provide your PII to, or permit access to it by, our subsidiaries, affiliated companies, vendors and/or service providers, such as our ISP or infrastructure hosting companies, for the purpose of processing such information and/or contacting you on our behalf, or where such access is incidental to their providing assistance to us. In such cases, we expect these parties to process such information based on our instructions and in compliance with this privacy policy.

At some point, we may establish subsidiaries or other related companies, or merge with or be acquired by another company. Should that happen, then we may disclose your information to them, in which case we will request that they abide by this Policy. We may also disclose some information to a potential acquirer, although such disclosure would be subject to normal and customary requirements.
We reserve the right to disclose your PII as required by law or when we believe that disclosure is necessary to protect our rights and/or comply with a court order, legal process or judicial proceeding served on us.
We may work with third party data providers to obtain additional information about you, other drivers on your policy or in your household, and information about your car. By using these data providers, we are able to prefill your questionnaire and save you time. You will still be able to review and edit this information before you submit it.

The TL;DR¹ here is that they have essentially reserved the right to sell your personal information with anyone under the sun.

Ultimately, to be perfectly honest , the advert on the original referring page should look like this:

ad2

It goes without saying that you should not even be seeing ads like this. The easiest way to cut down on such things is to install a simple extension, Ad-Block Plus, which quietly and unobtrusively blocks ads like this from ever appearing on your page. It works with Chrome, Mozilla, IE, Opera, and many other browsers.

Be careful out there, and don’t give your information to scumbags.

The Old Wolf has spoken.


¹ Too long; didn’t read

Acc

Never “Verify Your Email.”

No email service will send you a message asking you to provide your address and password, or other financial data. They just won’t.

yahoo

This email is bogus. Note the red circle next to the “click to validate” link – that’s a warning from WOT (Web of Trust) that indicates the website is not to be trusted.

If you’re foolish enough to click the link, which goes to http://bookinghh.myfreesitehost.com/smluptt/wadohjom.htm (NOT a Yahoo website), you’ll get this:

Yahoo2

If you fill out this information, scammers now have access to your email account, and they will use it to steal information or send out criminal spam.

Never do this. Be careful out there.

The Old Wolf has spoken.

PayPal Scam: Your account has been limited.

I’ve mentioned phishing scams before, in a number of places. This email arrived yesterday,

phishing

Note the red flags on this one:

  1. A sender’s address that is not “Paypal.com”
  2. Poor formatting
  3. Incomplete text

The attachment they mention gives you this:

Phishing2

If you are foolish enough to provide this information, it will be sent not to PayPal but to http://162.213.154.42/~oilreol/service.php:

NetRange 162.213.152.0 – 162.213.155.255
CIDR 162.213.152.0/22
NetName FUC-US-2001
NetHandle NET-162-213-152-0-1
Parent NET162 (NET-162-0-0-0-0)
NetType Direct Allocation
OriginAS AS26272
Organization FortaTrust USA Corporation (FUC-9)
RegDate 2013-06-10
Updated 2013-12-17
Ref http://whois.arin.net/rest/net/NET-162-213-152-0-1
OrgName FortaTrust USA Corporation
OrgId FUC-9
Address 3701 NW 82 Ave.
City Doral
StateProv FL
PostalCode 33166
Country US
RegDate 2012-03-08
Updated 2014-07-02
Ref http://whois.arin.net/rest/org/FUC-9
OrgAbuseHandle IPADM602-ARIN
OrgAbuseName IP Admin
OrgAbusePhone +1-305-898-0033
OrgAbuseEmail ipadmin@fortatrust.com
OrgAbuseRef http://whois.arin.net/rest/poc/IPADM602-ARIN
OrgNOCHandle IPADM602-ARIN
OrgNOCName IP Admin
OrgNOCPhone +1-305-898-0033
OrgNOCEmail ipadmin@fortatrust.com
OrgNOCRef http://whois.arin.net/rest/poc/IPADM602-ARIN
OrgTechHandle IPADM602-ARIN
OrgTechName IP Admin
OrgTechPhone +1-305-898-0033
OrgTechEmail ipadmin@fortatrust.com
OrgTechRef http://whois.arin.net/rest/poc/IPADM602-ARIN

This information does not mean that FortaTrust itself is necessarily behind the phishing attempt, but someone could be using their servers in spurious ways.

Whatever the case, be careful out there. PayPal and other legitimate financial institutions will never ask you for sensitive financial data by email.

The Old Wolf has spoken.