Don’t reply to spam. Ever.

This should go without saying, but I just thought I’d point out one of many reasons why you should never respond to spam messages.

spam

(We wanted to let you know that we noticed that you still did not claim your $200 Amazon-shopping bonus that was gifted to you as a thank you for your business in past.
Please be sure to claim this before Aug 25
But Hurry! This Ends on Aug 25!
Please Go Here Now to Claim Your $200 Amazon-Shopping Bonus)

Click on the “Claim Your Bonus” link and your email program will generate a message to the following addresses:

  • info@delopment.net
  • sports@southeoffice.com,
  • mailtech@provintimate.net
  • reply@republck.com
  • info@templervices.net

Whatever message you send, such as “Ooh yes I want my bonus” or whatever, you have just given a live email address to five spammers/criminals/scammers or Mogg knows what, with a loud additional shout: “I am a sucker! Please Scam Me!”

Just don’t. Never respond to anything in your Spam box, and if you get email from people you have never done business with, delete it at once.

Be careful out there.

The Old Wolf has spoken.

Advertisements

WordPress users, please use strong passwords

Just got phishing spam from bad guys pretending to the Bank of Ireland. Here’s the email:

Bank of Ireland Phishing

If you are fooled into clicking the link, you are redirected to:

http://personalbanking.bankofireland.obfusticated.com/ie/ie/authentication.html?e1s1

The “obfusticated” prevents anyone from actually going to the bad site, and protects the wordpress user whose website (“obfusticated.com”) has been compromised. For what it’s worth, I’ve done my best to warn the individual involved that there is a problem at their website.

The gateway page is below. It looks very official, but don’t let that fool you. It’s a fake.

Bank of Ireland Phishing 2

Then you get to give the criminals your login PIN:

Bank of Ireland Phishing 3

The malicious code appears to fail the first time and makes you re-enter the data. It doesn’t matter what you put in the second time, you’ll advance to the next page:

Bank of Ireland Phishing 4

Please be aware: BANKS WILL NEVER DO THIS. NEVER GIVE OUT SENSITIVE INFORMATION BY EMAIL OR ON THE WEB.

Next you are asked to hand the criminals your credit card password.

Bank of Ireland Phishing 5

Once they have your data – or in my case, a whole raft of obscenities – you are redirected to the real Bank of Ireland website.

If you have a WordPress blog (or any other website) please make sure you are using strong passwords. If bad guys get in, they can park malicious code in your web space and direct their victims there, not to mention steal whatever valuable data is there.

Never give out sensitive financial information over the web. If you suspect your accounts have truly been compromised or locked, call your bank directly and ask for verification.

Be careful out there.

The Old Wolf has spoken.

Pump and Dump is still a thing.

Here’s an email I got today, one of several on the same subject.

To: info
From: Dominique Thornton <Thornton91403@bphobbies.com>

Subject: FDA approval is about to send this stock up fifty fold

Why is Quest Management (Symbol: QSMG) guaranteed to jump 5,000% this month?

They have a cure for cancer.
This biotech is run by some of the most prolific scientists in America. Together, they have more than 400 years of experience in the field and have more diplomas than we can even imagine.
Cancer kills 1 out of 4 people in our country and we have all been affected by it either directly or indirectly.
Who doesn’t know someone who’s died from it?
The company’s scientists are targeting cancer using stem cells. They are able to identify the bad cells and destroy them without radiating the entire body (like is common with chemo).
Apart from saving millions of lives, their treatment will surely become the No1 selling drug on earth.
The company has already made serious headway thanks to nearly two decades of research.
This cutting edge biotech company has completed animal trials successfully and just wrapped up FDA-approved human trials last week.
The next step is the public announcement of those results, which we hear through the grapevine have beat all expectations and will change the world of medicine forever.
The results will be announced this month, and once they are out the stock will jump to $25 a share overnight and will continue up to $50 or more quickly after.
“Quest”‘s biotech arm could have a cancer cure that can be totally effective in killing tumors in more than 40% of patients worldwide available in hospitals throughout the globe by the end of the year.
Once that happens, we’re talking about a $1000 a share stock.
We’re literally coming in at the last mile, out of no where, and grabbing profits from their last 2 decades of hard work.

Consider buying QSMG right now while it’s still at under 5 dollars and make sure to tell all your friends to do the same before the price explodes.

If you’re not familiar with Pump-and-Dump schemes that have been around for centuries, here’s what Wikipedia has to say:

Pump and dump” (P&D) is a form of microcap stock fraud that involves artificially inflating the price of an owned stock through false and misleading positive statements, in order to sell the cheaply purchased stock at a higher price. Once the operators of the scheme “dump” sell their overvalued shares, the price falls and investors lose their money. Stocks that are the subject of pump and dump schemes are sometimes called “chop stocks”.

While fraudsters in the past relied on cold calls, the Internet now offers a cheaper and easier way of reaching large numbers of potential investors.

Here’s a chart of Quest Management’s stock over the last 5 days:

 

quest

You can see that on April 17th, the stock was at around $2.50 per share. The next day it had plummeted to around 70¢. It’s possible that the pump and dump had already taken place, and these emails of today were a smokescreen – or an attempt to make another hit.

Penny stocks are, by definition, a very poor place to try to make money – and there are a lot of ruthless and unscrupulous people out there willing to take you for every dime you’re foolish enough to give them.

Be careful out there. Unsolicited email (spam) regarding investment opportunities is worth about as much as the electrons they’re printed on.

The Old Wolf has spoken.

A dozen Crypto attempts today

crypto

All of these arrived in my inbox today; many are duplicated versions of the same message with minor changes.

Dear info,
Cathleen Holcomb asked me to send you the attached Word document, which contains the final version of the report.
Please let me know if you have any trouble with the file, and please let Cathleen know if you have any questions about the contents of the report.
Kind regards
Alisa Harper
Managing Director
Notice that all of these emails begin with “Dear Info,” since the relevant address is “info@devnull.com.” This in itself should be a red flag.
Dear info:
Thank you for your email regarding your order of 21 June, and sorry for the delay in replying. I am writing to confirm receipt of your order, and to inform you that the item you requested will be delivered by 25 June at the latest. If you require more information regarding this order, please do not hesitate to contact me.
Also, our records show that we have not yet received payment for the previous order of 11 June, so I would be grateful if you could send payment as soon as possible. Please find attached the corresponding invoice.
If there is anything else you require, our company would be pleased to help. Looking forward to hearing from you soon.
Yours sincerely
Benjamin Martin
Chief Executive Officer
Information. A report. An invoice with request for payment. A spreadsheet. All looking innocuous and legitimate.
Dear info,
The reference you requested is attached.
Let me know if you have any questions.
Best regards
Erma Frederick
CEO
No matter how official emails like this look, you should verify every detail before proceeding.
Dear info,
Our records show that we have not yet received payment for the previous order #A-393685
Could you please send payment as soon as possible?
Please find attached file for details.
Yours sincerely
Jami Garrett
Mexico Key Account Director
Don’t open those attachments! They are almost certainly javascript files which will download an encryption virus or something equally vicious.
Be careful out there.
The Old Wolf has spoken.

Infect your computer from home!

From: <my email address>
To: <my email address>

Subject: Cooperarion with a large firm

Hello!

We are looking for employees working remotely.

My name is [Audra|Joni|Gus|Emily], I am the personnel manager of a large International company. (I got four of these in my mailbox today).
Most of the work you can do from home, that is, at a distance.
Salary is $2500-$5000.

If you are interested in this offer, please visit Our Site

Best regards!

If you’re careless enough to click that link (disabled above), what you’ll be taken to is this:

http://yaseminalkaya.xyz/wp-content/plugins/easy-tables-vc/xxxxxx/lib/jquery-handsontable/test/jasmine/spec/settings/

whereupon your computer will promptly be infected with an encryption virus or some other evil chicanery.

Do not respond to emails like this, and do not click embedded links!

The Old Wolf has spoken.

Would you like to work for the goverment? (Scam)

It’s safe to say that there are as many ways to scam as there are scammers.

From: “Abranco” <demoonth@demo.ontha.com>
To: <abranco@cheshirect.org>
Cc: <undisclosed recipients>

Subject: Government Job Offer

Dear Sir or Madam

Would you like to work for the Government organization and participate in
the development of the United States?
Perhaps it is your talent the country needs at this moment.
Requirements – U.S. citizenship and minimum age 21
We invite you to work closely, anyone who does not care about the life of the state.
If you are a student, military, businessman, retired – we’ll be happy to listen to the opinions of everyone and take help from you.
Please send a brief summary to the human resource assistant on the lyne.holt@gmail.com and you will be assigned to interview

Naturally I never responded to this illicit offer, but you can bet your bottom dollar that the response would have somehow involved wiring funds via Western Union to someone in Africa for “interview fees,” or perhaps lead to a mail forwarding scam.

In the 1st quarter of 2015, spam accounted for almost 60% of all email traffic, according to this excellent article from SecureList. Have a look at the very top of my Spam inbox:

spam

Even if these emails are not directly criminal in nature (that is, loaded with malware or phishing attempts), my rule of thumb is this:

 “If a company spams you, avoid them at all costs.”

It’s a virtual certainty that their “offer” is fraudulent or, at the very least, a bad deal for you and a good deal for them.

Be careful out there.

 The Old Wolf has spoken.

Rachael has now dropped sixteen dress sizes.

I wage war against spam, affiliate marketers, snake oil and general pseudo-scientific bulldust.

In a previous post about worthless nutritional supplements, I posted three identical advertorials from the “Every Day with Rachael” website, which is nothing more than an affiliate marketing portal for hawking useless weight-loss nostrums.

Yesterday I got another one.  I reproduce all four below:

rachael2

caralluma

rachael

Rachael Safflower

Notice: each one of these advertorials is based on a boilerplate – they’re identical.

Here at Everyday Health and Wellness, they’re skeptical of Forskolin, Caralluma, Garcinia Cambogia, and Safflower Oil. As a result, “Rachael” has volunteered to be a guinea pig each time. She would now have lost 100 lbs and 16 dress sizes, meaning that her “before” pictures are all a load of bulldust. While I can’t be positive, odds are that “Rachael” does not even exist.

Are we beginning to smell the foul stench of deception here?

Playing In the World Game rates “Everyday Health and Wellness” as

pants

“PANTS ON FIRE”

All of these products are basically worthless for weight release. They may have, in some way, benefits for some people, but there is no magic bullet, no magic pill that will let you lose weight without altering your caloric intake and exercise regime.

The affiliate marketers responsible for putting this spam into your inboxes, the manufacturers of these products, and everyone involved in trying to separate suckers from their money are soulless, immoral scammers. They will stop at nothing to get your money. Stay away from all products of this nature, or anything advertised in this manner.

The Old Wolf has spoken.