Author: admin

The Email Delivery Failure Scam

If you address an email to a non-existent address then you will get a genuine email delivery failure message in return.

That will make sense as you had previously sent out the message that failed.

Usually it just means a spelling mistake but can mean the recipient has deleted that email address or simply that their email mailbox is full.

However, you may also get such delivery failure messages about messages that you didn’t send.

These are usually phishing scam messages and there will be an attachment to download (filled with malware) or a link to click to get you to input your login and password.

These failure message usually have large chunks of technical gobbledegook such as

host mta5.am0.yahoodns.net [67.195.228.109]

Delay reason: SMTP error from remote mail server after pipelined MAIL FROM:<you@gmail.com> SIZE=6745:

421 4.7.0 [TSS04] Messages from 216.120.234.35 temporarily deferred due to user complaints – 4.18.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html

The messages sometimes do not say the message has been rejected, but that it has been delayed or is held in a queue. Makes no difference – it’s just a scam.

Do not click anything or download anything from such email messages.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

– Stupidest Spam of the Week Dracula’s Secret

There are endless scam messages selling herbal remedies that don’t really exist, magic elixirs that cure all common ailments and long forgotten remedies that cure cancer, diabetes and other long term potentially fatal health problems.

This latest one seems to have been written by an idiot.

“If you want to prevent or stop dementia and memory problems, then try this delicious breakfast drink”.

It will reduce your risk of dementia by 86%”.

So far so far common to many of these scams, then comes the kicker.

This secret and many more were in a secret manuscript locked up in the Vatican and it is Dracula’s Royal Secret”. “It must be God sent”. “Solves your memory problems in days”.

Hhmm.

No. I don’t think so.

Just rubbish for really really stupid people.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

US Catches Scammers on Instagram

Olalekan Jacob Ponle, known as “mrwoodbery” to his Instagram followers, flaunted his wealth, including a new Lamborghini he had in Dubai.

He was arrested by Dubai Police for alleged money laundering and cyber fraud.

A number of African criminals were caught in the dramatic operation, including 37-year-old Ramon Olorunwa Abbas, “hushpuppi” or just “hush” as he was known by his 2.4 million Instagram followers.

Police in the emirate say they recovered $40m in cash, 13 luxury cars worth $6.8m, 21 computers, 47 smartphones and the addresses of nearly two million alleged victims.

Mr Abbas and Mr Ponle were both extradited to the US and charged in a Chicago court with conspiracy to commit wire fraud and laundering hundreds of millions of dollars obtained from cybercrimes.

It is a spectacular crash for the two Nigerian men who extensively documented their high-flying lifestyle on social media, raising questions about the sources of their wealth.

They unwittingly provided crucial information about their identities and activities for American detectives with their Instagram and Snapchat posts.

Business Email Compromise Scam

The criminals used various scams including the 419 Advance Fee scam but the most lucrative was Business Email Compormise.

They are accused of impersonating legitimate employees of various US and tricking the recipients into transferring millions of dollars into their own accounts.

In one case, a foreign financial institution allegedly lost $14.7m in a cyber-heist where the money ended up in hushpuppi’s bank accounts in multiple countries.

The FBI affidavit alleges that he was involved in a scheme to steal $124m from an unnamed English Premier League team.

“The scammer would gather contextual details, as they watched the legitimate email flow,” explains Crane Hassold, Agari’s senior director of threat research.

“The bad actor would redirect emails to the bad actor’s email account, craft emails to the customer that looked like they are coming from the vendor, indicate that the ‘vendor’ had a new bank account, provide ‘updated’ bank account information and the money would be gone, at that point.”

They try to convince a recipient to wire money to the other side of the world or they go “phishing”, stealing a user’s identity and personal information for fraud.

Over Confidence

On Instagram, hushpuppi said he was a real estate developer, but the “houses” he talked about were actually codewords for bank accounts used to receive proceeds of a fraudulent scheme.

In April, hushpuppi renewed his lease for another year at the exclusive Palazzo Versace apartments in Dubai under his real name and phone number.

The FBI obtained records from his Google, Apple iCloud, Instagram and Snapchat accounts which allegedly contained banking information, passports, communication with conspirators and records of wire transfers.

I expect their many victims would be pleased for the criminals to rot in jail for a very long time.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Google Play Store Hidden Adverts

Researchers from Avast issued a warning about 47 apps they had found on Google Play Store that are disguised as games but contain adware.

Adware is a type of malicious software that inundates you with incessant pop-ups and messages, such as

“CONGRATULATIONS! YOU’VE BEEN SELECTED FOR A FREE SAMSUNG GALAXY S20! CLICK HERE!”.

These APPS are not malicious, but include adware technology that the user does not know about and is used by spammers and scammers to target people. This can result in your smartphone being overloaded with intrusive and sometimes unpleasant adverts.

Besides being annoying, adware can track the websites you visit and access your personal information,.

These apps had already been downloaded more than 15 million times when found by AVAST.

Avast has provided some tips to help you spot malicious apps:

  1. Carefully check the permissions the app requests before installing it. See what the app is asking to access. If it’s asking for data it should not need, consider this a red flag
  2. Read the privacy policy and the terms and conditions. Most people never do, but you can miss key points on what the APP does if you do not read these.
  3. Read the user reviews and if there’s anything worrying or too many bad reviews then consider dumping the APP.
  4. Install strong anti-malware on your device so that adware and other malicious apps are automatically blocked.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

How Hackers Take Email Addresses From Websites

To build up lists of email addresses that can be sold to spammers and scammers, hackers run software that scans websites and looks for email addresses.

This is called email harvesting and is done on a huge scale.

The hackers typically scan websites, mailing lists, internet forums, social media platforms and anywhere else they can find email addresses online.

The characteristic format for an email address is name@domain.com so it is simple for email harvesters to read web pages and look for the @ symbol as it seldom occurs anywhere on web pages except in an email address.

The harvesters can also check for unusual variations on that theme e.g. User[at]domain.com or User[AT]domain[DOT]com

In web pages, an email link is generally of the format ‘mailto:user@domain.com’ so these can easily be spotted and added to their list by the harvesters.

Many web developers try to stop this happening by disguising any email links such as by displaying the email address as a picture that the user must then type in the address to their email system or by encoding some or all of the letters in the email address.

e.g. “&#65;” is letter A, “&#64;” is letter B and so on.

The simplest approach is to use a contact form instead of an email address link. His works for one email address but not so applicable if you have lots of email address links on the same page.

There are many more ways to hide email address links from harvesters, but whatever you try – make sure not to have such addresses showing in clear text.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature