Month: May 2012

This afternoon I get a semi-legitimate-looking email

Dear Amazon Member, It has come to our attention that your Amazon Billing Information records are out of date. That requires you to update the Billing Information. Failure to update your records will result in account termination. Please update your records within 24 hours. Once you have updated your account records, your Amazon session will not be interrupted and will continue as normal. Failure to update will result in cancellation of service, Terms of Service (TOS) violations or future billing problems. You must click the link below and enter your login information on the following page to confirm your Billing Information records. Click here to update your account You can also confirm your Billing Information by logging into your Amazon account at https://www.amazon.com/ Thank you for using amazon.com The Amazon Team

Log on to your Amazon account and choose the “Help” link in the footer of any page. To receive email notifications in plain text instead of HTML, update your preferences here.

Amazon Email ID PP468

Well.. first off they address me “Amazon Member”.  Amazon knows my name.  They would use it.

2ndly in the world of phishing scams.. NEVER click links in emails.  Even if they are from someone you know. Instead visit the website directly. 

3rd.  This message was sent to an email address I created to use in Craiglist exclusively.  It’s not the address I use exclusively for amazon. 

Upon visiting the website..

It looks like they are just trying harvest username’s and passwords.  But still that’s usually enough to cause havoc. 

It’s a decent screen scrape of the real amazon website.. but the link pointing to http://kayako.mt.net/amazon is a good give away.

Just when i thought my luck couldn’t get any better today:

Hello,

I am Mr.Ian Ranking Bill and Exchange Manager,Head of the World Bank Finance Group and Interpol London
Branch, set up to fight against Scam,Financial Crimes and Fraudulent activities worldwide.

This Group is responsible for investigating the legitimacy of unpaid contract, inheritance and lotto winning claims
by companies and individuals and directs the paying authorities (Fiduciary Agents) worldwide to make immediate
payment of verified claims to the beneficiaries without further delay.

You are being legally contacted regarding the release of your long awaited fund. After a detailed review of
your file, the World Bank Group has mandated that your fund should be release immediately.

This is to officially inform you that an ATM CARD worth ($6.3M USD) has been accredited in your favour.
Your Personal Identification Number is 2911.

Please immediately contact our appointed Fiduciary Agent below for the release of your ATM CARD.

Name:Dr.Paul Blair
Company:Global Financier Ltd
Email: infodesk1@financier.com

Please re-confirm to us the following:

FULL NAME:
COUNTRY:
DELIVERY ADDRESS:
AGE:
TELEPHONE:
OCCUPATION:
SEX/GENDER:
PASSPORT COPY:

Thanks for Your Cooperation.

Mr.Ian Ranking
(Bill and Exchange Manager)
World Bank Group. London U.K

VPLQLPTCGCJVFCFSWKHPOBMJPPICRUVNRININO

Mr Kanani sent me this rtf document to my word email the other day.  RTFs are typicaly not host for malicious files so I didn’t mind opening it up.  Who uses aol anyway?  Here was the original message;

—–Original Message—–
From: John Kanani [mailto:mrjohnkanani3@aol.com]
Sent: Monday, May 14, 2012 4:18 AM
Subject: Dear Munoz

Dear Munoz

I would like to seek your help in a business proposal , which although is sensitive by nature and not what I should discuss with someone I don’t know and have not met using a medium such as this but I do not have a choice.

View My Attach Message

Best regards,

John Kanani

and the RTF included: (DEAR MUNOZ.RTF)

Dear Munoz

I would like to seek your help in a business proposal , which although is sensitive by nature which is not what I should discuss with someone I don’t know and not met using a medium such as this but I do not have a choice .

I am Mr. John Kanani, I was the client service manager of the bank where late Dr. Edward Munoz. left behind a large sum of money, he died of a cardiac arrest a few years ago leaving behind a large sum of money with a commercial bank in the Island of Seychelles which is a tax free zone, a place where plenty of rich people tend to hide away funds not ready to be used or invested. I will not mention the amount of money which runs into several millions in United States Dollars and the name of bank presently until we have agreed to deal. I trust you will understand the need for such precautions.

So far, valuable efforts has been made to get to his people but to no avail, as he had no known relatives he left his next of kin column in his account opening forms blank. Due to this development the bank has been expecting someone to come forward as a close relative to claim the funds otherwise as the Seychelles national laws would have it, any dormant account for five years will be declared unclaimed and then paid into the government purse.

To avert this negative development I and my colleagues have decided to look for a reputable person to act as the next of kin to late Dr. Edward Munoz. So that the funds could be processed and released into any account provided by the person, which is where you come in. We shall make arrangements with a qualified and a reliable attorney to represent you locally to avoid any inconvenience of you coming down to claim the funds.

All legal documents to aid your claim for this fund and to prove your relationship with the deceased will be provided by us. Your help will be appreciated with 30% of the total sum which I would disclose in my next email Please accept my apologies and keep my confidence and disregard this letter if you do not appreciate this proposition i have offered you.

I wait anxiously for your response.

Yours Faithfully,

John Kanani