Showing posts with label spam. Show all posts
Showing posts with label spam. Show all posts

Tuesday, March 31, 2020

Covid19 spam and worse

Thanks to online statistics, there is a measure of online traffic for which information fluency is a protective filter:

"Since the start of the year there have been over 300 thousand unique online threats detected which attempt to take advantage of the coronavirus crisis and our desire for information on, and an end to, the pandemic." Source
You are encouraged to visit Statista.com to see the numbers for yourself:
https://www.statista.com/chart/21286/known-coronavirus-related-malicious-online-threats/

The most targeted countries are, in this order: United Kingdom, France, United States and Italy. The UK is targeted almost twice as much as France.

If you live in one of the affected areas, think twice about what arrives in your email and other online media.

Check the author/publisher. Fact check claims. Don't be a victim.

Monday, August 3, 2015

Spam email: Red Flags

Other than a SPAM: alert that may be provided by your email software, how can you tell this message isn't real?

Good Day,

My name is Mrs Linda Walker and I work with the International Monetary Fund (IMF), I am writing you to let you know that finally your ATM Card worth $650,000.00 USD has been delivered through UPS to Mr Hart Leroy, who works with the IMF where it is going to be activated before final delivery to your home address. You can use the tracking number with the tracking site below to track the ATM Card to be sure it has been delivered to Mr Hart for activation.

UPS Tracking number: 1z2876490390947593
UPS tracking site: http://wwwapps.ups.com/WebTracking/track

Below is the contact information to Mr Hart Leroy

Contact Name: Mr Hart Leroy
Contact E-mail: hart.leroy.office@gmail.com
Contact Number: +1 347 298 9752

You are to contact Mr Hart with his email address above then he will guide you on how your Card will be activated and delivered to your home address.

Note: The only fee you are to send for the activation fee is just $280 USD so make sure you don’t send him more than $280 USD. Your card is already with him and you can track it with the tracking details given to you above for confirmation.

Congratulations once more.

Best Regards,
Mrs Linda Walker
International Monetary Fund (IMF)

Before sending in $280 to activate this card, how can you check its validity? Here are some Red Flags:

On the surface,
Too good to be true: Experience teaches that few things in life are free.
It costs something: Be wary when a stranger asks for money.
It sounds complicated: Why would the IMF send a card to someone else at IMF that you have to contact? Why not just send you the card?

Below the surface,
Sender: If you look closely at the sender's email address you'll find this: "International Monetary Fund (IMF)" info@sender.org.   IMF actually uses this email: @imf.org, which can be found on their Website.  
No Data Found: If you look up whois.net registration information for sender.org, you won't find any. It appears to be a smoke screen.
Third Party Review: Copy the first phrase of the email: "My name is Mrs Linda Walker and I work with the International Monetary Fund (IMF)" and google it. There is an exact match from antifraudintl.org › Scam Mail Depot › Government scams.

There may be more Red Flags, but it's clear that this is not going to result in your receipt of an ATM card.

Have students identify Red Flags -- what others can they find?

Friday, October 17, 2014

Email Spam

source: photobucket
Information Fluency applies to more than academic research.

Here's an example of a spam email that could trip up an unsuspecting friend, especially if the circumstances were right.

I happen to know that my friend Fred is not currently in the Philippines. But if I didn't know that or, worse yet, knew that he was visiting there, I might be less skeptical and more willing to help.

Here's the email, which I assume has been going around the Internet for some time:

Good Morning,


I really hope you get this fast. I could not inform anyone about our trip, because it was impromptu. we had to be in Philippines for Tour. The program was successful, but our journey has turned sour. we misplaced our wallet and cell phone on our way back to the hotel we lodge in after we went for sight seeing. The wallet contained all the valuables we had. Now, our Luggage is in custody of the hotel management pending when we make payment. all we have left are just our Passports. I am sorry if i am inconveniencing you, but i have only very few people to run to now. i will be indeed very grateful if i can get a short term loan from you ($2,600). this will enable me sort our hotel bills and get my sorry self back home. I will really appreciate whatever you can afford in assisting me with. I promise to refund it in full as soon as I return. let me know if you can be of any assistance. Please, let me know soonest.


All hopes on you


Peace
Fred

Interestingly, Fred is the type of person who would sign Peace. This could be a coincidence, but the day is coming when spammers who know something about us, including if we're on a trip, will certainly take advantage of that information.

The conclusive investigative technique I used to verify that this was not the Fred I know (who uses better grammar than this) was to compare the email addresses.  The From email was in fact Fred's. The Reply to was not, but eerily close: an additional letter had been added to the name, as in this example:

original:  ftxyx@yahoo.com   close copy:  ftxyyz@yahoo.com

It pays to check email addresses.

If you have examples to share (even with other solutions), post them here.

Thursday, April 19, 2012

Fact Checking Spam

Mayotte Islands
Well, spam is good for at least one thing.  Fact checking practice.

Most spam is easily spotted. There are a few types of letters that seem to get replicated. Two of the more popular are: you've been selected to receive some money, or I need some money...  Usually I delete them without much thought, except to wonder why my spam filter lets them through.

In the the "you've been selected" category, I got this today:


From: Mr. Ban Ki-moon
Subject: ONLINE NOTICE!!!!

United Nations has deposited the sum of $10,500,000.00 USD to western union, which is to be shared among you and other 7 Email users.You are entitled to $1,500,000.00 USD in the on-going united nations poverty alleviation program. Please send your Name,Address & Phone Number, email ID:

to union payment center via email (unionpayment768@sify.com) to apply for your payment.Or call Mr. David Young @ +60166561422 for more inquiries on the above message.

Regards,
Mr. Ban Ki-moon
Secretary-General (UNITED NATIONS) ©.http://www.un.org/sg/biography.shtml

Cool. I could use 1.5 M. This email screams "hit delete." Yet it's a real goldmine for fact checking and believability:
  • Ban Ki-moon - yes, he is Secretary-General of the United Nations (but why is he writing to me?)
  • info@diaockhanglinh.com.vn - (a Vietnamese real estate website?);
  • ONLINE NOTICE!!!! (not the message you'd expect if you actually won the money);
  • $10,500,000 USD - too much to be believable?
  • "you and other 7" - Mr. Ban Ki-moon needs some help with English (or maybe he types as well as Illinois' former governor);
  • $1,500,000 - a nice sum and it is one-seventh of 10.5 M, but remember, there are supposedly 8 winners (seven others plus me) so this doesn't add up;
  • Please send your Name, Address & Phone Number, email ID - (stranger danger!)
  • union payment768@sify.com - check it out: sify.com has no believable connection to a payment (payout) center;
  • +60166561422 - what are the chances this is a real phone number? International code 6-Argentina? 60-Germany? 601-Mayotte Isl? (off the east coast of Africa); for no particular reason, I vote for Mayotte;
  • ©.http://www.un.org/sg/biography.shtml - not sure about the copyright symbol, but this is Ban Ki-moon's biographical page. Nice try.
So many inaccuracies; so many things don't add up. It makes for good fact checking practice.

I've left two juicy fact checking "facts" untouched. Can you find them?

Tuesday, May 24, 2011

Spam Stupidity

Some spam is way too obvious--except for my spam filters.

Here's an example that made it past my email filters a few days ago:


From: Paypal Customer Service serviices@paypall.com
Subject: Your Paypal Account Will Be Limited
Date: May 22, 2011 9:43:41 PM CDT


Hello Paypal Customer,
Your Account Will Be Limited Until You Submitted Some Information.
If you didn't submit them, your account will be limited after 2 days.


This was followed by a link to click.

Right.

Just reading the header is enough to raise an eyebrow.  The Caps in the body and the grammatical mistakes provides a nice finish.

I've documented this to emphasize that reading is unparalleled as an investigative skill. If your language skills are weak, your vulnerability increases.

I'd use an example like this with students--along with some legitimate messages--to have them identify potential red flags.

Do you have examples of similar messages to share?

Monday, December 6, 2010

Learning the Hard Way

The email sounded promising:

Save & Record Calls
screen shot from the scam
Record all of your text messages, audio, video and conference conversations, quickly and easily. Cherish all of your important moments, and relive them over and over again.

I'd been thinking about a way to record my Skype audio, video and chat, so when this ad came along, I opened it. It turned out to be spam AND a scam, but I learned that--and I'm embarrassed to admit it--after I paid for the 'product.'

The 'product' was not what was promised. Instead of a way to record Skype audio, video and more, what I got was a collection of freeware. About the only advantage to my purchase is that I got the freeware links in one place without having to collect them myself.

I was going to write about this sooner, while the scam was live, but I waited too long and now it's been taken down after just a couple weeks. The web site is now nothing but a parking lot.

I initially acted too quickly--I should have investigated the offer and the owners more carefully before charging $50 for a three-year license to my credit card.

Ouch. Another lesson learned the hard way.

First potential Red Flag: they found me--I wasn't looking for them.

When it started to dawn on me that there was a problem with the offer (I couldn't seem to locate the download for the audio/video recording software--Red Flag only after I had already paid), I became aware of clues I had overlooked. The small print at the bottom of the page stated pretty clearly all the software was freeware. Why would anyone pay for freeware? Red Flag

There were links to more information but nothing got me closer to the tools I wanted. There were plenty of other things to distract me: software I could download that works as a Skype answering machine (but again, that's free).

I decided to see who the site owner is. That information was blocked in a whois search. (Another Red Flag).

At this point I was pretty confident that someone had built a nice looking site that promised way more than it delivered and they were not taking calls. An online help line was provided, but there were so many information fields to fill (and a warning to fill them in exactly) in that I was pretty certain this was going to be a dead end. (Red Flag).

There were more than a few Red Flags but my guard was down.  At the time I couldn't find any warnings about this site. There could be some now. For the record, here are the names from the bottom of the spam:


Media Internet Consultants - Edif. Neptuno, Planta Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a, Panama  


(try that in a Google search!)


And while I'm at it, here's the description of the 'merchant': MB-SALE.COM (a processing house for Internet vendors).

The Lesson: Does it matter if you don't investigate before you buy? You can bet you'll lose money if you don't.