Scams, Junk, and Phish

I run across a lot of spam, junk and phishing emails.  Sometimes I do a google search and try to see if any other organization gets the same type of phishing messages, because I like to know if it’s a broad campaign or targeted.  Well, here are a few that I’ve seen recently, hopefully I can return the favor.  There is also a great service called ‘phishtank.com’ that allows you to submit questionable phishing messages and members vote on them.   It’s a great way to see what is out there to prepare yourself or your employees for future phishing attacks.

From the domain “takemynumber.com”.   I’m not sure what the scam is, but they definitely want a response: 

Hello) My name is Olga. I live in Moscow.

I found out your page on the Internet and I was curious about you.
Tell me, please, what are you doing now and how do you spend your life in general?

In fact, you’re interesting to me as a personality, and I want to communicate with you in the future.

Please answer me, i’m waiting.

 


From a gmail account…..I’ll bet I know where this one is going: 

Dear Friend,

Complement of the day to you and your love ones

I hope my email will arrive to you at good time.
My name is Dr.Abdirizak Suwaidi-Ali. From Damascus Syria.
I am now 64 years old and retired. I was former personal investor & financial consultant advisers to
a Top Politician here in SYRIA.

Why I’m contacting you is to know if we can have a personal conversation.
Whatever truth you may brief me will be highly recommended.
Tell me more about your country, how good it will be to invest in your country.
Such as buying of properties, or real estate and some tourist places or any profitable investment venture that will yield good profit.

I will appreciate whatever result you may brief me.
Do let me know your idea and knowledge regarding this or any other profitable investment venture you may suggest.I have the total of US$22,300,000.00 that I deposited in South east Asia and I am willing to order the transfer of the money to you for investment if you’re interested with my proposal.

In my next mail I will explain the full details of the project and interest, and then we reach an agreement on what will be your share from the money or investment.I shall tell you more about myself when I read from you.
You may as well tell me little more about yourself when replying.

Looking forward to your early reply
Thanks and best regards
Dr.Abdirizak Suwaidi-Ali
Damascus,Syria: 6:15 AM.

 


From a yahoo.co.uk email address.  Too bad I’m not reliable or trustworthy or I would have responded:

Attn:  Sir

Apologies for the manner at which i am approaching you.I am a reputable Fund Manager with one of the worlds largest investment companies. I handle all our Investors Capital Project Funds which enabled me to divert 1.2% of Investors Excess Return Capital Funds to our Magellan Trust Funds Account where any one can be presented to claim the funds.Total sum of, forty five Million, Seven Hundred and Forty Five Thousand British Pounds (45,745,000.00)BP has been diverted, representing 1.2% of Excess Return Capital Funds from the Investor Capital Project Funds for 2010/2011 fiscal year.

I need a reliable and trustworthy person with whom I can work this deal out so that we can claim the funds as mentioned above. There is no risk attached and the funds in question can never be dictated or traced. Be informed that i will handle the expenses that may be required in this business deal.

Sincerely,

Anthony


More fun stuff:

Dear email@yourdomainhere.com,

Recently we received some notifications regarding your account:, which might be due to recent changes made in your email or irregular login attempts on your account.

We will ensure that we block your account if we do not hear from you. Please kindly click the link below to stop this attempts and reclaim your account.

 

Continue verification <http://www.agriculturabiologicodinamica.com/tmp/godaddy/index.php?login=email@yourdomainhere>               

Thanks,

The Email Team

This email has been sent from an unmonitored email address. Please do not reply to this message. We are unable to respond to replies.

2015 Email Administrator Inc. All Rights Reserved. | Privacy policy <http://www.agriculturabiologicodinamica.com/tmp/godaddy/index.php?login=email@yourdomainhere.com>


from instant@chase.com (obviously spoofed since domain is legit).  Grammar not-so good…

Dear Customer,

This is to inform you that on 22th June, 2015, We will discontinue support on your account and security.

If you choose not to update your account on or before 30th June, 2015, you will no longer have access to your account

Take a minute to update your account for a faster, safer and full-featured. 
 

Click Here To Update Your Account Now   (points to chasepluse.com when you hover over the link)
Thank you for being a valued customer.

 

Sincerely
Online Banking Team

 

I’ve seen a lot of these lately, all have zipped attachments with an .SCR file in them that, according to virustotal.com, are infected with Zusy malware.   This one had the subject:  Perfect Work!

Congratulations ! You will gain a 35% rake-off for the last sale. Please view the these materials to get to know the total sum you’ve taken.

Every day you show that you are the major force of our team in the world of trade. I am sublime and grateful to get such a capable and able dependent. Keep up the great work.

With best wishes.

Michelle Pearson Director


 

This one was very similar to the last, again had the same attachment with a renamed scr file zipped up.

We talk few days ago. We have thought about your concepts how to refine company’s production and financial revenue. Your offers sound very inspiring and we definitely need such a genius like you. We believe your programs are workable and need to implement them. Applied are our increase graphs and processes guide. Please look through them and if you will have any questions ask about it. In addition write a brief program thereby we will confer about the details of every paraghaph./r/n We are looking forward to your reply ASAP !

From Mark Zirolli <MZirolli@controlmod.com>  

Has a zip file called donation.zip attached to the email

We are dedicated to fostering new talents and we believe that your abilities and initiatives are really noteworthy.
To help you we would like to offer a donation of $1000. See the attached to find out the check.

 


 

From: darren <darren@qepvno.com>

Subject: Agnes Bogan direct infrastructure representative

This spam message contained a zip file with an exe file called “implemented client-driven software.exe” that contained some sort of virus according to virustotal.com

The aim of this e-mail letter is to let you know that, according to nonpayment, your bank account has been placed on credit hold status, and will stay on so until your balance will be completely settled up.

Your attention to this question is extremely encouraged. Kindly check out the attached and write to us as soon as you can.

Sincerely Yours,

Collection service

Leave a Reply

Your email address will not be published. Required fields are marked *