Category Archives: Scam

Delivery spam scam

There seems to be a new way to propagate a virus using the UPS system for tracking your parcel. I received both of these email  messages within a couple of hours of each other.

This is a poor attempt at a scam. The originators yahoo email address is exposed, the spelling is poor, and the To:line shows multiple addresses.The Zip file is the same size in each, there is no corporate branding on either email and the spelling leaves a lot to be desired.

image

image..

With success rates for spammers increasing all the time it is worth being vigilant. Two easy ways to make sure that you don’t get anything destructive on your machine:

  • Take your user account out of the Administrators group.The default account when you first get your machine is in the Administrators group. Create a separate account called admin, and protect it with a password. You will be prompted every time something needs to have administrative access to your machine, whether an update or a fix – or a worm. Stopping and checking – before you allow access will minimise your chances of introducing malware.
  • Check dodgy emails such as these carefully. Poor spelling, multiple recipients, attachments should all make you suspicious. If in doubt, don’t open the email…

Eileen is a social media strategist and consultant at Amastra, a columnist at ZDNet and author of Working The Crowd: Social Media Marketing for Business. Contact Eileen to find out how she can elevate your brand and help your business become more social.

Advertisements

LinkedIn cloned accounts show our desire to connect to scammers

I regularly get requests to connect with people on LinkedIn. Sometimes they want to hire me, sometimes they want to follow my updates or try to access my other connections to connect on through.

But today I got a request from Omar Lavoie,  a commander in the Canadian Army. His credentials were very impressive indeed.

image

Intrigued, I looked at his profile. I replied to his connection request and asked where we had met. I also connected with him out of pure curiosity and waited for his response to my initial message.

I then became suspicious that the ‘real’ Omer Lavoie’s account had been cloned and I was getting messages from someone quite different to the person I expected to hear from.

I received two emails in quick succession:

image

This is not the sort of English I would expect from someone at this level in the Army. the grammar is poor and the terminology could be a lot better. I then received a response to my connection request email:

image

Why on earth would a Commander in the Army change jobs to become a ‘self-employed non-governmental business personnel’?

I checked out Omer Lavoie on LinkedIn and i was not surprised at all to find two  Omer Lavoie accounts. the name was the same names and so were the profile images. One was the account I’d just connected to and another at my 3rd degree level connection.

image

My 3rd level connection Omer had actually been working at 1 Canadian Mechanized Brigade but he stopped that role in June 2012. My first level connection is doing that job now.

Brigadier General Lavoie has had his LinkedIn profile cloned by someone who is using his account profile to connect with a variety of people around the world. The cloned account has some strange connections – non of them connected to the army.

But I’m puzzled. Why should someone want to clone an existing account and use this account to reach out to my connections?  Why use someone well know, easily contactable and high profile?

Why use the naive language exhorting me to chat by Skype? The army has proper conferencing facilities. What is this person’s agenda for connecting with me? 

Perhaps it is someone bored and wanting to chat. Perhaps it is a crude attempt to mine contact information from LinkedIn. But whatever the motives. This Mr Lavoie has been blocked, reported to LinkedIn and blogged about.

Perhaps I should have taken them along a little further – just for the ride….

Eileen is a social media strategist and consultant at Amastra, a columnist at ZDNet and author of Working The Crowd: Social Media Marketing for Business. Contact Eileen to find out how she can elevate your brand and help your business become more social.

Poor quality phishing attempt on Windows Live accounts

Here’s another poor quality example of an attempt to extract information from my Windows Live account.  This time my account has been blocked.

image

What’s wrong with the email?

It is in the wrong font. Microsoft usually sends email in san serif fonts.

Windows Live is two words, not one

‘exceeded it’s sending’ – poor grammar

‘our customer’s account’ – the grocers apostrophe strikes again

Suspension has been misspelled

Link mismatch – phrealtyfunding.com.  Ha!

Its such a shame that so many people still click the link and are duped by these scammers…

Eileen is a social business and social media strategist and consultant at Amastra, a columnist at ZDNet and author of Working The Crowd: Social Media Marketing for Business. Contact Eileen to find out how she can help your business extend its reach.

SQL Injection attempt hidden in email

Clever attempt. 

I found this email in my junk mail box this morning and moved it to the Inbox to see different formatting in the email.  The first example is a screen shot of the email in my Inbox:

royalmail 1

This show below is the same message in my junk email box

image

Hidden in the ‘story’ text is SQL injection code.  If a website, or webmail system accepts scripts or codes, then the code hidden in this text can potentially execute if the Admin password is blank or ‘Admin’. The script can then take possession of the root of the machine, compromising security of the machine, removing data, accessing databases or turning the server into something that could be remotely compromised.

Fortunately my hosted exchange server, recognised the attack and dumped the email into my junk email folder, displaying the text – which had been hidden in the top message.

If your website has been compromised, you should report it – and be aware how Injection attacks work – to make sure you keep your web site safe

Something to watch out for Smile

Eileen is a social business and social media strategist and consultant at Amastra, a columnist at ZDNet and author of Working The Crowd: Social Media Marketing for Business. Contact Eileen to find out how she can help your business extend its reach.

HMRC scam from the Grenadines makes basic mistakes

I’m convinced that some spammers and scammers are getting lazy. I’m not sure that this is a sophisticated attempt to extract cash from me.  This is the latest piece of spam I received. Unlike the last email scam which got my attention I was curious to see how different this email was.  This email included an .rtf attachment with the following text. There are some glaring errors here… 

image

Date: The letter isn’t dated

Phone number: HMRC publish contact numbers on the web site.  The code for London does not start with 070

$15,000,000.00 USD:  We deal in GBP here – sorry.

W-8BEN:  This is a US tax form – and not used over here.

email address ending in .vc. This is the email address for Saint Vincent and the Grenadines. Obviously not HMRC in the UK. 

Ms Lin Homer. You can keep the 15 million dollars you owe me – It looks like you need it to furnish your country home on the Islands.  I’ll deal with my local HMRC thank you and get any payments due to me in British pounds.

Eileen is a social business strategist, ZDNet columnist and author of Working The Crowd: Social Media Marketing for Business. Contact her to find out how she can help your business extend its reach.

Gold Dust and Bats for sale: Scammer fail or not?

image

This mis-spelled email was guaranteed to get my attention.  Scammers and spammers often use this trick to lull the unwary into a false sense of security.  We think that we would never fall for that sort of trick – but so many of us do. We believe that we are smarter than the scammer, we think they are stupid for their poor spelling and grammar. 

This is exactly what they want us to think.  Beware…

Beware of the bats and other spelling mistakes.  you might just be falling directly into the trap that the scammers want us to fall into.

Eileen is a social business strategist, ZDNet columnist and author of Working The Crowd: Social Media Marketing for Business. Contact her to find out how she can help your business extend its reach.

Spam 101 lesson 1…

Spammers, take note.

I’m hardly  going to click the link if when I hover over the hyperlink, I get a completely different URL to the one I was expecting.

It might also be useful if you used a more recent date for the email message too…

imageu

Better luck next time… Smile

Eileen is a social business strategist, ZDNet columnist and author of Working The Crowd: Social Media Marketing for Business. Contact her to find out how she can help your business extend its reach.

 

Technorati Tags: ,,