Yet another phishing attempt

Oh no! I recently received a text message about my debit card from CIBC – The Canadian Imperial Bank of Commerce. Here’s the message:

You have 1 CIBC alert, Your Debit Card that begins with ‘4506′. Unable to process further purchases; <Access Code>: LBCRIY. Promptly reply by responding with Y to this text.

Let’s get the easy stuff out of the way – I don’t deal with CIBC so don’t have a debit card, or access card to use its proper name. Right there I knew it was some sort of exploratory expedition. I already knew from the area code that it was from somewhere in the Toronto area, then used reverse lookup to check the telephone number and found it was an Oakville exchange. If you aren’t familiar with the Toronto area, Oakville is west of Toronto, on the shore of Lake Ontario and is the home of Ford Motor of Canada.

Okay, on to other things: It is possible that people will read this text and instantly respond as requested. The text contains the numbers ‘4506′ and some may see this message, get out their card to check the number and think “OMG! It must be real because they’ve got the first four numbers right!” Logical assumption, but wrong. Those first four digits of your access/debit card are just the identifier – 4506 is the code for CIBC – and other Canadian banks will have four digit codes starting with “4″ as well. Other countries may have a different first digit, but it will be the identifier..

My advice is simple: If you get this text (and I’ve had several from various banks I don’t deal with) just delete it. If by chance they should happen to hit on your bank, do the sensible thing. Don’t panic. Check with your bank. There’s a telephone number on the back of the card you can call. Stay safe and if you’re doubtful – ask your bank.

Cat.

Random and various

1 – Let’s get the big one over with first: Justin Trudeau. How many of us, excluding Andrew Scheer who claims to have never done anything, did some kind of dumb-ass shit in our twenties? For me, that was the sixties and personal video cameras and social media didn’t exist then, so there’s no proof I was anything other than an angel. (And I’m sticking to that story.)

2 – Sticking with the upcoming Canadian election, I won’t try to influence how you vote – there are plenty of fake news sites already doing that. I’m just going to suggest that rather than just accept a single source for information, check other legitimate sites as well and if it is a third party ad google them to see if they have any obvious bias. You may find that ad you saw that said so-and-so is a complete incompetent idiot is a troll site based in some foreign country. CPAC, the channel that provides coverage from inside the House of Commons, is also offering election coverage and I would think their election reporting would be as even-handed as their Commons coverage. But, where you choose to get your information, and what you choose to believe of that information, is up to you. Question claims, no matter the source and vote according to your conscience, but vote.

3 – I’ve seen some ads on television lately for Quickbooks, an online business accounting system. One of the claims of these ads is that you can get paid quicker. I must take exception to that claim. Yes, you can issue an invoice faster, but you have no control over when it gets paid. Unless the terms of the invoice are “2% 10, net 30 days” I’m not paying it until I have to.

4 – I got an interesting text message last night claiming to be from the Simcoe County District School Board, a legitimate school board in Ontario, telling me my phone number has just won me $3,000,000 US funds. Several things wrong with this. First, Simcoe County is north of Toronto, so why would they choose a telephone number with a Toronto area code as a “winner” in a contest I never entered. Second, this is Ontario and Premier Doug Ford is slashing education budgets on a grand scale, so I highly doubt Simcoe County could afford to give away three million. If they had that kind of money lying around, they’d sink it into the system, not award it to some random stranger. I forwarded the message to the School Board. They thanked me and said they were aware of the scam and are investigating.

Okay, rant finished. Since this is the first day of autumn, treasure the few warm days that remain and enjoy the fall colours. Winter will soon be upon us.

Remember to hug an artist – we need love too.

Cat.

The Nigerian prince has moved

I received the following email in a junk file this morning. I’ve removed the email address to keep myself out of trouble with WordPress (again).

From: MrDanielMminele

FROM THE DESK OF MR.DANIEL MMINELE
Direct Phone No: + 27 82 4026 229
Private Email: contact.danielmminel@

Dear Sir/Madam,

Peace Be Upon You,

My name is Mr. Daniel Mminele, I am currently working with a Financial Institution based here in South Africa. We offer short and long terms Loans which are tailored to meet important financing needs in the Agricultural, Industrial and Constructional production circle in the whole of the Southern Africa and beyond.

I am contacting you to partner with me to secure the funds US$ 42 Million United States Dollars deposited in the custody of our Bank here in South Africa by LATE MR. ALEXANDER VEREMEEVSKIY, a Russian Businessman and Investor who was involve in the Fly-Dubai Flight 981, a Boeing 737- 800, an International Passenger Flight that crashed during an aborted Landing due to poor weather at Rostov-on-Don Airport, Russia, on 19th of March 2016, resulting in the deaths of all the 62 Passengers and Crew Members on Board, May their souls rest in Peace. The fund was deposited as an Investment fund in 2015 with an open beneficiary. The fund has been with the Bank without anybody coming up for the claims.

I honestly seek your assistance to move these funds into your custody for safe keeping and investment purposes as the depositor has no known Next of kin. I have all the Legal documents necessary to claim the funds as I am directly involved in the deposits. All I need to do is to make you the beneficiary of the fund by filling your name in the appropriate documents and immediately move the funds out of its present place in your name to your account for safe keeping. The funds will be used for Investment purposes in your country as i have planned on investing my own share in a lucrative business venture and settling with my family.

I decided to this as i know all the circumstances surrounding the deposits and knowing very well that the depositor of the fund will not come back to claim the funds since he is deceased. I will send to you all the documents relating to this deposit and direct you on how to apply for the fund. I will give you further details when I receive a positive response from you on this issue. I will ensure all procedures to see the successful completion of this project.

I assure you that this transaction is 100% Risk Free .Be rest assured that we will not encounter any difficulty as the person directly involved in approving the release of the fund is also participating in this transaction. This transaction is Legal and we propose a 60-30% sharing pattern once the fund is transferred to your Account while the remaining 10% will be for all the expensive we might incur during the cause of the transfer.

Please keep this transaction very confidential and let me know if you will be of any assistance.

Best Regards,
Mr. Daniel Mminele.
Direct Phone No: + 27 82 4026 229
Private Email: contact.danielmminele@

******************************************************************************************************************************************************
The information in the Email and/or attachment(s) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521. It may be confidential and/or privileged and is intended solely for the person or entity to which it is addressed. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you have received it in error. The review, dissemination, copying, or taking of any action based on the contents thereof is strictly prohibited. If you have received this Email in error, please advise the sender by reply Email and then delete it and any attachment(s) from your system immediately. Thank you. *********************************************************************************************************************************************************

Interesting, isn’t it? First, this wasn’t sent to me personally. The “Dear Sir/Madam” is a good indicator this is a shotgun style scam. The generic salutation is designed to rope in anyone gullible enough to fall for it. Another sign this is intended to rope in as many people as possible is the “Peace Be Upon You”, which is a common salutation for those who follow Islam. Again, make the mark feel comfortable.

Notice this person doesn’t name the “bank” which employs him, nor does he use an email address that would appear to be that of a financial institution. The amount of $42 million US is certainly attractive. Based on the offered split, the recipient would be looking at a $12.6 million windfall. If this were real. The specific details of the crash are intended to encourage the mark to check to see if such a crash actually took place. I didn’t check it myself but presume the sender used an actual accident to show the veracity of the balance of his claims. But to my mind, the details are too specific, almost as if they were taken directly from a crash report.

The disclaimer at the bottom of the email is a nice touch but, if this is purportedly being sent from South Africa (no city – just a generic “South Africa”), why is he quoting US law and not the corresponding South African legislation?

Consider this as well: If someone is investing over forty million in any currency, chances are this is not an individual’s own funds, but if from a company. And you can be certain a company would know where $42,000,000 of their money is at any given time.

And now, the kicker in this: The email showed as being sent from: “Mr.DanielMminele” with a return email address at gmail. The actual sender turned out to be someone using the address “m_h_bruce834″ with a Yahoo address.

So, if you were to fall for this and send Mr Bruce the requested information, you wouldn’t find twelve point six million magically appearing in your account. It is much more likely you’d find your own balance diminishing at an astounding rate.

If you get this, or anything like this, don’t fall for it. As I said in the title, the Nigerian prince has moved, but it’s still the same scam.

Cat.

Consider all you like, you’re still wrong

I found this in the inbox of an email address I rarely use:

AMAZON

Dear Ghoward, Congratulations!
Because we consider you as one of our customer, we’d like to informe you that your rank on our clients list qualified you to get a spcecial FREE REWARD.
Click below to start

Start

This offer is limited*

If the English and spelling weren’t enough warning this is a phishing expedition, there are a couple of other things about this that scream “FAKE!” to me. First, I’ve never purchased anything from or through Amazon, so I couldn’t be a customer.

Second, it has been my experience that when (or if) you open an online account anywhere, you provide your full name, not just an initial. Therefore, any offers directly specifically to you would have your name and possibly other identifying details, not just the first part of your email address.

Next, I don’t use this email address much any longer as I changed my name about two years ago and set up an email account under my new name elsewhere. I couldn’t change the name on this one as it was originally set up for me by my son when he worked for the service provider.

Sorry Amazon or whoever is trying to run this scam, you can consider me “one of your customer” all you like, you’re still wrong and I’m not clicking on that “start” link.

If you receive this, even if you use Amazon religiously, check the little things like spelling, sentence construction and where the email is from. As I said, I didn’t click on the link, but I suspect it would have asked for details of my (nonexistent) Amazon account. Once they had that, they could run up my bill easily and probably very quickly.

DO NOT, repeat, DO NOT, ever click on suspicious links like this. Your bank account will thank you.

I wish all my followers and readers a very happy and safe 2019 and remember to hug an artist – we need love too.

Cat.

Netflix phishing expedition

Received the following email in one of my accounts:

From:

NETFLIX

External images are not displayed. Display Images
Always display images sent from

We recently failed to validate your payment information we hold on record for your account,
therefore we need to ask you to complete a brief validation process in order to verify your billing and payment details.

Failure to complete the validation process will result in a suspension of your netflix membership.

We take every step needed to automatically validate our users, unfortunately in this case we were unable to verify your details.

This process will take a couple of minutes
and will allow us to maintain our high standard of account security.

Netflix Support Team

This message was mailed automatically by Netflix during routine security checks. We are not completely satisfied with your account information and required you to update your account to continue using our services uniterrupted.

I removed the email addresses to keep myself out of trouble with WordPress (again).
This is obviously an attempt to get me to provide them with personal and/or banking information. The first indicator of that is that it wasn’t addressed to me personally. If they want to verify my account information, surely they’d have my name at least. The second indicator this is a scam is quite simple really. I don’t have a Netflix account, so there is no information to be verified.

Also, the English is not what you would expect to find from a company such as Netflix. The mixture of tenses and the misspelling of “uninterrupted” are a dead giveaway this is not from their corporate account.

If you have a Netflix account and you get on of these emails, before you do anything, please, please, check it some other way before giving out any information.

Happy viewing and remember to hug an artist, we need love too.

Cat.

Alert – possible system attack

I  received the following email a short while ago.  Actually, I received two – one in my inbox and one in spam.

Dear Corel Customer,

Did you know WordPerfect can import and export to popular Microsoft Office file formats like DOC, DOCX, PPT, PPTX, XLS, XLSX?

Click here to install the Microsoft Office Compatibility pack to extend the power of WordPerfect and share documents in popular Microsoft file formats. Please note that Microsoft is retiring the Office Compatibility Pack in the near future.
Install Now
For additional information on the compatibility pack or if you have any questions please feel free to contact our customer support team.

Sincerely,
The Corel Team

I do very little work involving Word, and knew that WordPerfect is compatible with Word, so I asked the Corel Support Team whether this would be something I might use. Their response was very interesting:

We have receive several inquiry regarding an email from Corel@email5-corel.com
We are currently investigating this.
For now, we recommend not installing it.
We will notify you once we have validated the source and the content of the email.

So at the moment, it would appear this may not be a legitimate offer. I can understand people may be interested in having the ability to use WordPerfect and be able to handle Word documents, but WordPerfect does this without the installation of external programs or add-ons. If you are one of those people who, like myself prefer WordPerfect, and you receive this or a similar message from the email address in boldface, ignore it. You may be putting your computer at risk.

Cat.

Nice try, but no cigar

I found the following in an email account I had set up for a specific purpose. This account is not used for anything other than that purpose and since I wasn’t wearing my glasses when I set it up, I misspelled my name. No matter, Dr James still sent me this message.

Attn E-mail Address Owner,
Spam
Dr Kevin James <k_james90@>

Feb 5

Attn E-mail Address Owner,

Website:
Address: Plot 1261, Adela Hopewell Street CO/B/REP, Republic Of Benin.

Email:

( 0022966850550 )

Attention: E-mail Address Owner,

Sequel to the meeting held today with Federal Bureau of Investigation, The International Monetary Fund (IMF) is compensating all the scam victims and your name and email address was found in the scam victims list.

However, we have concluded to effect your own payment through Western Union® Money Transfer, $5,000 daily until the total sum of your compensation fund is transferred to you.

This is your first payment information:

MTCN#:8412393243

Sender’s First Name: Richard

Sender’s Last Name:Michel

Amount Programmed: $5.000

You are advised to get back to the contact person trough the email below for more direction on how to be receiving your payment

Contact person: . . SIR. INNOCENT JOHNSON
Email address: . .
Tell phone: . . . +22966850550
Thanks,
SIR.INNOCENT JOHNSON
Director Western Union Money Transfer,
Head Office Benin Republic.

Click here to Reply or Forward
0.12 GB (0%) of 15 GB used

I’ve removed any email addresses strictly because I’ve had an account shut down by WordPress in the past when I tried to post a similar message with too many links.
Let’s take a look at it. First, it was addressed to “E-Mail Address Owner”, despite the text saying my name had come up in their investigation. Good clue it is a phishing expedition. The poor spelling and grammar are also good indicators the sender does not have you best interests at heart.

There is no mention of just how much money has been allotted for me (although I can guess it is really zero), nor exactly how I got scammed. Since I either delete this type of message or, as in this case, use it as fodder for a blog, I doubt I’ve been scammed by a Nigerian or Benin prince.

Should you choose to actually try to contact “Sir Innocent Johnson”, I’m quite certain you would find him anything but innocent.

Something else in these always acts as a warning to me and that is the fact that so many of them mention they are working with the FBI on resolving the issues. Well, I’m not an American, and could honestly not care less what the FBI does or doesn’t do. I doubt strongly they would really do anything for the benefit of someone who wasn’t an American citizen. So, as I wrote, Dr James: nice try, but no cigar.

If you receive any message of a similar nature, just delete it. The only enrichment taking place will be to the benefit of the senders of the message, not you. It could be your identity, your information, or the contents of your bank account. In any event, just say “no”.

Cat.