Category: Phishing

June 15, 2019

Time-Wasters Update

An email from a very sleepy scammer about the forthcoming IPO by UBER, Duh – most of the world knows that IPO took place in mid May so you’re a bit late now moron.

Free guns would be about the most stupid irresponsible offer ever but free outdoor knives is a close second in stupidity. An email from fr-eetacticalknife does offer a free survival knife to anyone. The whole thing is likely to be a scam, but even suggesting free dangerous knives is dreadful.

A free Aldi gift card worth £200 if you click the link in the email message. Guaranteed to be a scam – Aldi does not do this kind of thing and if anyone wanted to spend £200 on buying a gift card to use as a promotion they would pick Marks and Spencer or anybody other than a budget supermarket.

The message says you can invest from £10,000 for a guaranteed 18% return in 18 months. The investment is supposedly unnamed luxury homes and hotels in London and Dubai. Obviously lies as no-one can guarantee investment returns and 18% is far too high a return to be legal.

A strange email from NeckZen saying that big Pharma is terrified that this revolutionary “Tiny Hammock” can replace your pain medication. Very American and very much spammer language. I cannot imagine what a tiny hammock is supposed to be that magically relieves pain – and I don’t want to know what was in the scammers mind when she wrote this rubbish.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

June 13, 2019

Email Addresses That Mismatch Content

The email is an advert for a revolutionary new drone I.e. flying device with rotors.

“Easily capture mind blowing selfies and videos with this revolutionary drone…”

But the email address the message is from diabetesfix.net.

That makes no sense – obviously the email address is about a diabetes cure and it’s a “.net” address which means it is supposed to be an Internet services supplier. When people use inappropriate email addresses it usually means they are scammers or spammers reusing wrong email addresses.

Some recent email messages from inappropriate addresses:-

A new invention review from takingstatins.bid
A revolutionary new skin cream from nationsabout.stream which should be an Internet streaming company
A new business credit card from glutenfreelife.bid
Superfast Internet in your home from ancienthearingloss.bid
A security message about my Gmail address but it’s from lollipop.jp
Teeth whitening kits from earhealth.bid
A warning that my identity has been compromised, from metallurgicalprocessing.com
A delivery update message from UPS but it’s from kesslercpa.com
An offer to buy my house sight unseen from herpesproblems.us
A warning from APPLE about my account but it’s from spareclaim.website

Most scammers make no effort to hide their email address and don’t care that it shows their message to be fake.

Don’t be caught out.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

June 1, 2019

Time-Wasters Update

“New arrivals for your pets, visit our shop today and get -10% for all products”. The message is from healthxfrank @aol.jp so there are no pet supplies, just a scam.

A message that starts with “Keeps your house clean automatically” then goes on about this wonderful new product called Clean Bot which is meant to be a robot vacuum cleaner. There are various such robots on the market ranging from cheap and useless to expensive but superb. This one claims to be cheap and super powerful but runs on just 2 AAA batteries. Any vacuum cleaner running on just 2 AAA batteries would have all the suction power of an exhausted asthmatic mouse. However, the robot cleaner doesn’t exist – it’s a scam.

A nameless idiot from mynlabority.top states that “Doctors can scream this is medically impossible all they want but they can’t deny the lab test results”. That’s because there are no lab test results, just a scammer offering a magic remedy for diabetes that supposedly makes all diabetes drugs useless. The only useless thing is the scammer.

A message screams the headline “See The Truth About Blood Pressure Meds” but the content is actually an advert for GPS tracker for trucks. A sad moron sending out spam messages. I hope no-one ever buys their product even if it actually exists.

Some people love a good conspiracy and many scammers like to try to promulgate conspiracy as a way to get people interested in whatever lies they are peddling. This email is full of attempts to impress such as “Secret NASA funding Revealed” and “The Second Biggest Source of Energy After the Sun” and “A device built by NASA engineers”. It’s all pointless targeted at anyone dumb enough to click the links to supposedly find out this massive secret but the only thing hidden is the scammers greed.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

May 25, 2019

Time-Wasters Update

“High Blood Pressure Cured in 9 Minutes”. Nope – just a stupid scammer trying to con people. The bottom of the message has pages of text from a book as it tries to get past the spam filters at Internet service providers.

“Hello Gun Enthusiast” is a good beginning to annoy most recipients of the message. The sender is trying to convince us to take a free t-shirt advertising guns. Difficult to think of many things worse than that.

Dumb email of the day starts with “Why you should put garlic in your ear before going to sleep”. I don’t think ‘ll be trying that one.

Next email is about high blood pressure cures. Starts off claiming hypertension drugs cause cancer but you can cure the disease with a few simple remedies and that it will identify the number one worst food for anyone with high blood pressure. No thanks – I wouldn’t trust anyone with an email address of amherstercri1h5n0pn10m.top

Molly Johnson appears to be advertising her guest house in Bulgaria for holidaymakers. Can this be a real person – an idiot sending out messages to a spam list? Or more likely a scammer trying to get into holiday scams? Unknown.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

May 22, 2019

What is Cat Phishing

Note: No cats were hurt in the creation of this article!

Phishing is where scammers send out mass emails or texts or use automated phone call systems to contact very large numbers of people, claiming to be from a well-known organisation. Their intention is to con people into giving up confidential information such as login and password, credit card details, bank accounts etc.

Spear Phishing is a form of phishing where the scammers try to steal confidential information from specific targets. These may be at one company or other organisation or otherwise form a group that can be targeted in this way.

The scammers collect information on their targets e.g. personal details such as their address, list of friends and contacts, employer, locations they frequent, shops they visit, utility providers of electricity, gas etc.

The attackers then pretend to be from an organisation the target has dealings with and uses the information they have to convince the target of their validity to then acquire further information.

Cat Phishing is a more specialised form of Spear Phishing where an individual is targeted and the scammer creates a whole network of apparent contacts as part of a fake characters life. This kind of scam can take months to setup and operate and is only viable if the target possesses very valuable information that can be sold by the scammers e.g. for industrial espionage purposes.

Cat phishing is also used in romance scams on dating websites, where the information they gather before contacting the victim lets them set themselves up as the perfect partner.

Cat phishing is usually through online dating websites and social media and is becoming more of a problem as more of our lives are online – it’s easier for someone to be able to get a person’s details and fake an identity.

Once the attacker brings the victim into their confidence, she typically has a reason for needing money – for travel to meet in person, or has just been robbed or to pay medical bills or to cover an emergency.

Cat phishing can be emotionally damaging in romance scams when the victim finds out that the person they’ve fallen in love with doesn’t exist and the whole thing including their feelings are fake.

How to Spot Cat Phishing Attempts

A too good to be true situation. The contact is highly attractive and available
The person appears suddenly as if from nowhere.
He or she has excuses why they cannot phone or use Skype or Facetime (nothing that reveals their true face)
He or she gets serious too quickly
That request for money and a story to justify it is the clincher

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

May 20, 2019

HMRC Arrest Warrant Scam

Lots of scammers impersonate HMRC to call or text or email with messages about your needing to make instant payment against the amount you owe HMRC in unpaid taxes.

This new version of the scam involves automated calling systems, cloning of phone numbers and a call centre of criminals.

E.g. You receive an automated call (or maybe its recorded on your answer phone)

The message states that an arrest warrant had been issued under your name and you should press “1” to speak to the case officer or maybe the message directs you to call a specific number.

If you press or call the number you are put through to a call centre of scammers and you will be pressurised to make immediate payment to avoid being arrested.

The payment is likely to be iTunes vouchers. This may seem an odd choice, but once purchased – you just need to tell them the ID number for the vouchers and they can make use of them.

Obviously HMRC do not really accept payment in vouchers so this should warn any potential victims, but some people do pay up without thinking or checking.

The number is usually displayed on a person’s phone as 0300 2003300 – the official number of HMRC. On some phones, when the call comes through “HMRC” appears on their screen as if that is the genuine caller.

However, while the number appears to be a genuine it is in fact from fraudsters looking to trick unsuspecting victims out of their money.

Don’t assume anyone who has contacted you is who they say they are. If an email, phone call or text message asks you to make a payment, log in to an online account or offers you a deal, verify whether it’s real or just a clever scam.

How to Stay Safe Against These Scams

Recognise the signs – Genuine organisations, such as banks and HMRC, will never contact you out of the blue to ask for your PIN, password or bank details
Do not give out private information, reply to text messages, download attachments or click on links in emails you weren’t expecting
Forward suspicious emails claiming to be from HMRC to [email protected] and texts to 60599, or contact Action Fraud on 0300 123 2040 to report any suspicious calls or use its online fraud reporting tool

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.