The name says it all

I found the following in my spam folder this morning (gmail is doing its job):

Gareth & Catherine Bull <yamaguchi-zb@m5.gyao.ne.jp>
   
22:34 (12 hours ago)
My wife and I won the Euro Millions Lottery of £41 Million British
Pounds and we have decided to donate £1.5 million British Pounds each to
4 individuals worldwide as part of our own charity project.

To verify,please see our interview by visiting the web page below:
http://www.dailymail.co.uk/news/article-2091124/EuroMillions-winners-Gareth-Catherine-Bull-scoop-41MILLION-lotto-jackpot.html

Your email address was among the emails which were submitted to us by
the Google, Inc as a web user; if you have received our email please,
kindly send us the below details so that we can transfer your £1,500,000.00
pounds in your name or direct our bank to effect the transfer of the funds to your operational bank account in your country, congratulations.

Full Name:
Mobile No:
Age:
Country:
Send your response to (garethbul2012@hotmail.co.uk)

Best Regards,
Gareth & Catherine Bull

Notice this one didn’t contain the usual “undisclosed recipients”, just nothing for a recipient. And I didn’t think “the Google Inc” would disclose their customer lists.  Well, “the Google Inc” might, but I doubt Google would.

Also notice that even though you are asked to reply to an email address in the UK the origin was actually Japan.  Another sign it’s a scam.

And since this is a scam and I wouldn’t see a penny anyway, I’m going to bitch a bit.  They won 41 million pounds (somewhere north of $60 million Canadian) and all they’re willing to do is give me a measly 1.5 million, or about $2,250,000 Cdn.  Cheapskates.

Do not – repeat “do not” – give them any information.  Doing so will only allow them enough access they can copy your identity. Just delete the message.

Enjoy your weekend and remember to hug an artist – we need love too.

Cat.

Don’t take the bait

As you are aware, smart phones are, or can be, as susceptible to phishing attempts as are computers although it is called “smishing” when used on or against phones.  And the aim is the same as it is with your computer – to plant something in your operating system to either screw it up for you or to enable them to download all your data.

What prompts this posting is this: a little while ago I received the following text message:

 Hey, it’s Sarah!  I just made a profile on “justhookupcanada.com” I added some pics too 

This came from a telephone number with a 226 area code, which according to what I can find covers southwestern Ontario – London and Windsor being the two major cities in that code.  Well, I haven’t lived in London since 1957 and don’t recall any classmates named Sarah. And in the intervening years, not only have I moved many times, I’ve also changed my name, so I doubt this is anyone from my past in London.  As for Windsor, last time I was there was the mid-80’s and that was a business trip.  The other area code in that area is 519, so the possibility “Sarah” made a transposition error in entering the number is extremely remote, since my area code contains a zero.

That leaves the only logical reason for this text as being smishing.  There is a link to follow and to increase the chances of someone following it, the bait is that “Sarah” has posted photos of herself there.  Sorry “Sarah” I have no idea who the hell you are, so I’m not biting.

To my readers, remember that your smart phone has more computing power than early computers.  Protect it the same as you would your computer – laptop, desktop, whatever.  And as with spam email, don’t follow links from unknown senders.

Enjoy your week or if, like me, you have a long weekend, enjoy that as well and remember to hug an artist – we need love too.

Cat.

It isn’t enough

Found the following message in my personal email this morning:

Personal Assistant position available in your area and earn $500 weekly as a Personal Assistant,kindly email for more details.
Robert Garman

Rather mysterious isn’t it?  Well, according to what I can find out “Robert Garman” is with something called “recipesandbeautytips” . com.   Let’s take a look at this message.

First of all, there is no indication of whom this was sent to – not my name, not “undisclosed recipients”, just nothing at all.  That’s a good indicator it’s a phishing expedition.  “In your area”.  That is a real red flag in my case.  My personal email is with Shaw.  Now, that wouldn’t be unusual if I lived in western Canada, but I live in Ontario, where the only presence Shaw has east of Manitoba is television and cable stations.  So, how can “Robert” be sure there is a position available in my area?  Looking at that $500 a week, that isn’t really a hell of a lot more than I’m currently getting on my pension, so sorry Robert, it isn’t enough.

“Kindly email for more details.”  Okay, and what sort of information are you going to be asked to give up before you get more details on this job “in your area”?  Whatever it is, I wager it won’t be worth it.

I realize the unemployment rate is high right now, but if you get an email out  of the blue  offering you a job “in your area” chances are very good it’s a fake.  I’d suggest you do what I did and delete it.

Enjoy your week and remember to hug an artist – we need love too.

Cat.

And who are you when you’re home?

Found the following in my gmail spam this morning:

Enchance Your Regions Online Access
    x
Regions Bank <Aerts_security@regionsbank.com>
    
10/12/2012
        
to undisclosed recipients

Dear Regions Member,

Your Regions Account was recently logged into from a computer, mobile device or other location you’ve never used before.
For your protection, we’ve temporarily locked your account until you can review this activity and make sure no one is using your account without your permission.

Did you log into your Regions Account from a new device or an unusual location?

– If this was not you, there’s no need to worry. Simply Download the attached member profile attacment and complete Regions verification form.Otherwise your account will be suspended soon.

For more information, visit our Help Center:by downloading the attachment form and click Submit .

Thanks,
Regions Security Team
Regions_Bank_Private_Login_Page_Verification_form.html    Regions_Bank_Private_Login_Page_Verification_form.html
99K   View   Download  

First telltale: undisclosed recipients.  This is a sure sign the message is either spam or phishing.  If it was a message intended for you, it would have your name on it, not a generic “hey you”.

“Regions Bank”.  As I said in the title, who are they when they’re at home?  Well, according to Google, Regions Bank is a legitimate enterprise with headquarters in Birmingham Alabama and branches in 16 states.  Well, that answers that.

Even with this information, I have trouble believing this is anything other than an attempt to get me to give up personal information.  For example, notice the date on this message  – 10/12/2012.  So has this been wandering aimlessly through cyberspace?  I ask because I got it on February 7, 2013, which is at least two months after it was sent or longer depending on whether they used mm/dd/yyyy or dd/mm/yyyy as the format.

The main question I have about this is “Can these people honestly expect that we would have forgotten whether or not we have an account with Regions Bank?  Do they think we will just automatically send them the requested information because the message is from a “bank” and therefore must be legitimate?  Then again, perhaps some people don’t have any idea where they bank, although I find that hard to believe.  But then again, with things such as direct deposit and the fact there seems to be an ATM on every street corner, some people haven’t seen the inside of their bank for years.

If you get this message, just delete it.  If you do in fact deal with Regions Bank, phone your branch to ask about this, don’t just blindly assume it’s a real message and respond.

Enjoy your day and remember to hug an artist – we need love too.

Cat.

I don’t think so

I found the following in my gmail spam today.  It was a repeat of a message from two days ago that I ignored.

Microsoft Notification <info@microsoft.co.uk>
    
20 Jan (3 days ago)
        
to undisclosed recipients
Dear Lucky winner,

Compliment of the season to you our dear lucky winner This is to
inform you that your email address has won a consolation prize worth
(?1,000,000.00 GBP), From the Microsoft New Year Bonaza EMAIL DRAW
held in UK 2013.Your email address was among the selected random play
held today in our headquarter in UNITED KINGDOM.

=====================================================
CERTIFICATE OF PRIZE CLAIM(Receipt Official Notification Letter)
=====================================================
1.  Full Name:
2.  Address:
3.  Marital Status:
4.  Occupation :
5.  Age:
6.  Sex:
7.  Nationality:
8.  Telephone Number:
==============================================
Mrs.Rita Hall
Microsoft Award Department
Email:@kimo.com

Once again, the ‘undisclosed recipients” is a clear sign this is a scam.  Another indication is the amount of information they are asking you to provide.  Just what they’d need for identity theft.

Nobody on this planet, no corporation, is going to offer a lottery for (approximately) one and a half million dollars without any publicity of any kind.  This would be especially true of a company the size of Microsoft, not the way they publicize everything.  Notice also that while the email purports to be sent from Microsoft.co.uk, while you are to respond to a different address.

Once again, if you haven’t entered a contest of any description, you ain’t gonna win.

Enjoy your day.  If you live in the northern part of North America, try to stay warm and remember to hug an artist – we need love too.

Cat.

They need better writers

I found the following in my gmail spam about fifteen minutes ago:
PAYMENT ACCOUNT ALERT
    x
IRS OFFICE <irsoffice1@globomail.com>
    
20:34 (0 minutes ago)
        
to undisclosed recipients

Internal Revenue and Deputy Commissioner for Services and Enforcement
 
 
Sir/Madam
 
This is an official advice from the Acting Commissioner of Internal Revenue and Deputy Commissioner for Services and Enforcement (Mr. Steven T. Miller). It has come to our notice that the Central Bank of Nigeria (CBN) has approved and released the sum of $1.5, 000,000.00 U.S dollars into a Bank in USA and in your name as the beneficiary by Inheritance means and as reward for default in the release of funds you are expecting from The Nigerian Government ,And the bank of Nigeria knowing full well that they do not have enough facilities to effect this payment from their Bank to your account used what we know as a Secret Diplomatic Transit Payment (S.T.D.P) to pay this fund through wire transfer.
 
But after the investigation on this fund, the attention Reaching Our Department from the Presidential Office in Abuja Nigeria Revealed that Such Transfer was made into The United States Bank as The officials handling this transfer has been Plotting on How to Divert The Funds into a Secret Account . But The UNITED STATES FINANCIAL CRIMES DIVISION (USFD) and THE FEDERAL BUREAU ON INVESTIGATION (F B I) has arrested Most of them and they are under the custody of Nigerian Authorities. The Reports Reaching Our Intelligence Department has declared that you are the original beneficiary to this amount then we have to carry out our investigation to know if they are telling us the fact because we believe that Nigerians are full of scams cheaters.
 
Now your fund is no longer in Nigeria rather its in a Bank accordingly to the Custody of the Internal Revenue and Deputy Commissioner for Services and Enforcement. You have to contact us immediately so that we Can direct you on how to receive your fund from the Bank. Now that you have been in communication with Our Office, you dont have any more problems hence the imposters in Nigeria are behind the bar but You are required to present a classified FUND ONWERSHIP PERMIT to be issued in your favor by The UNITED STATES FINANCIAL CRIMES DIVISION (USFD) so that of the Internal Revenue and Deputy Commissioner for Services and Enforcement can execute the payment order of $1.5, 000,000.00 U.S dollars to your favor.
 
You are also expected to Re-confirm This Office with the below Information Immediately; Your Full name…………..Address……………… Email address…… Country……..Telephone number………………
 
Thank you
 
Mr. Steven T. Miller 59.50.102.171
Acting Commissioner of Internal Revenue and Deputy Commissioner for Services and Enforcement

Where do I begin?  Well, beyond the obvious sign “to undisclosed recipients”, there are many telltales that this is not a legitimate message.  Another good clue is that although this purports to be from the IRS, it wasn’t sent from a US government email.

The English is quite frankly atrocious.  There is no possible way any government agency anywhere in the English speaking world would hire someone with such poor language skills.   The most honest statement, which you wouldn’t find in any legitimate correspondence, is “we believe that Nigerians are full of scams cheaters”.

If you get an email like this, laugh at it, then delete it.  If you do let your greed get the better of you and actually give them the information they seek, you’ve only yourself to blame.

Cat.

My point exactly

On December 30 last, I wrote “Spam, spam beautiful spam” about the proliferation of spam in my WordPress filter.

This morning I found the following in that folder:

Gordon Tannehill
    
Submitted on 2013/01/10 at 12:59 am

I just want to say I am beginner to blogging and really savored you’re page. Likely I’m going to bookmark your website . You definitely come with really good articles and reviews. Thanks a bunch for sharing your webpage.

I deleted the email information because it was for some weird site I wouldn’t visit on  a bet. Doesn’t this just prove my point?  “Good articles and reviews” – come on now.  I’m talking about the ways to tell a message is spam or phishing.  Okay, I’ll accept that could be called a “good article”, but a good review?  The way I frequently rip into the sender’s abuse of the English language could hardly be called a good review.

“Likely I’m going to bookmark you’re website”.  Only “likely”, not “definitely”?  Do me a favour and don’t bother.  And learn to understand the difference between homophones: “you’re” is an abbreviation for “you are”.  The possessive form is “your”.

I suspect this message was from a spambot because I can’t believe any human would be so stupid as to send spam as a comment on a blog ripping into spam.  Oh well, it gave me something to write about.

Enjoy your day and remember to hug an artist – we need love too.

Cat.

Spam, spam, beautiful spam

As I’ve written previously, spam can be such a gold mine. Found the following two items in my WordPress spam:

how to make extra money for the holidays
waystomakemoneyfast7100.com x
arnold-bermudez@
91.236.74.125    
Submitted on 2012/12/30 at 1:48 am

Hello mates, pleasant article and fastidious arguments commented here,
I am actually enjoying by these.
    

Fast ways to make money
Makemoneyfast6341.com/ x
stefanie.milner@
91.236.74.125    
Submitted on 2012/12/29 at 8:53 am

Just desire to say your article is as amazing. The clarity for
your post is just nice and that i could think you’re knowledgeable on this subject. Well with your permission let me to snatch your feed to stay up to date with drawing close post. Thanks one million and please keep up the enjoyable work.

Both messages were meant as comments on “An embarrassment of riches” which dealt with, coincidentally, spam.  If you can work your way around the fractured English, especially in the second message, they appear to be complimentary.  Both are spam because they offer easy money.   Another giveaway is that although they came in hours apart and purport to be from different people, they are from the same IP address.

I suppose they hoped people would just see the compliments and post the comments on the appropriate blog.  I would also suspect they weren’t aware that on WordPress, the sender’s IP address is included in the information available to the blogger.  I could have stripped the website address from the compliments then posted them as comments, but I get enough legitimate comments that I don’t need to do that and, it would be misleading.  And I’m not that vain.

This will be my last posting of 2012, so I’ll take this opportunity to thank all my followers and readers (whether you leave comments or not).   Have a safe and Happy New Year and remember to hug an artist – we need love too.   See you in 2013.

Cat.

One quick question:  I noticed my calendar ends tomorrow night.  Does that mean December 31, 2012 is Doomsday?   🙂

not their jurisdiction

I’m still in the process of proofreading my friend’s manuscript, so haven’t checked my email and spam much the past two days.  Found this from yesterday sometime:

FBI OFFICE <postmaster@deneme.com>
    
10 Dec (6 days ago)
        
to undisclosed recipients

Attn please,

This message is coming to you from FBI office here, We are writing this mail to inform you that your (Inheritance winning awarded funds of $1.5million) has been totally converted into a ATM Master card and it’s to be delivered to your address via courier service, Be inform that the courier delivery company will deliver the card with all the manual and instruction both with PIN code to access the Card upon receipt. It’s the best option to receive this amount since every attempt failed, therefore you will need to contact the Barrister that helped in re-claiming the check back and converted it into an ATM visa card with his address below:

Barrister Necter Polimars
Email: barristernecter-@superposta.com
Phone: +229 98651731

Send him your current address where the check should be delivered to and remember to indicate the Reg:code of ATM-0034 to him when making contact with him. Please also choose the courier service you would like to deliver the Card Post office is also working but could take the card much time to get to you.

Please endeavor to inform us once you have received the ATM Card.

Sincere regards
Robert S. Mueller

FBI Monitoring Team Service

Once again, sign number 1 is “undisclosed recipients”.  If it was intended for me, why not just send it to me?   Where do I go next?

Well, the email address of the sender “deneme” is the same address used in the earlier phishing expedition for gmail information – see my posting “This is a fake”.

The telephone number for the “barrister” has a Benin country code, which also seems a little suspicious.  And (and perhaps one of my English readers could advise me) I thought barristers did courtroom work and this should have been from a solicitor.

Now, I know I wrote about an ATM scam a little while ago, although I’m too lazy to look it up, but that originated from some other African nation.  Since the origin and the “barrister” are located somewhere in Africa, Benin apparently, and I’m in Canada, the FBI wouldn’t have any involvement in this anyway unless they were investigating it.  Also note the message merely states “FBI office here”, without specifying where “here” is.  Hell, we have FBI agents at the US Consulate in Toronto (special assignment dealing with gun smuggling).

If you receive this email just delete it.  If the FBI really wants you, they’ll come and get you – same as the RCMP would in Canada – so don’t worry.  It’s just someone trying to steal your identity.

Cat.

Flattery may get you deleted – reprint

If you’ve read “WordsupPressed”, you are aware that I no longer have admin access to my previous site, “Catsworld1″.  The site is still available for people to read however.  Over the past three months, I’ve noticed one of the more popular postings from Catsworld1 has been “Flattery may get you deleted” from September 17, 2012, so I’ve decided to reprint it here for my current readers and followers.

Flattery may get you deleted
Posted on September 17, 2012    

I found the following in my spam folder on WordPress this morning:

Amedar Consulting Group
amedar.pl x
Rady396@vp.pl
78.41.201.148    
Submitted on 2012/09/16 at 9:59 pm

I wanted to jot down a brief remark to be able to say thanks to you for all of the amazing pointers you are sharing at this website. My incredibly long internet look up has at the end of the day been recognized with sensible knowledge to talk about with my partners. I would express that many of us website visitors are definitely lucky to be in a fine site with very many special professionals with good hints. I feel very much lucky to have used the webpages and look forward to plenty of more excellent minutes reading here. Thank you again for everything.

On the surface, this sounds good.  But let’s take a look at it.  First of all, this was intended for my posting “From my television”, in which I take a swipe first at a Lumosity commercial – the one with the line “exercising my brain is hard” (no it isn’t – try thinking) – then rip into YouTube for their refusal to remove that anti-Islam film at the request of the White House.

So right there, they’ve missed the mark.  As for “all the amazing pointers” about the only time I write anything remotely resembling advice is when I’m warning about the possible dangers of clicking on links in spam, or responding to requests to help move “x” millions out of some African nation, usually Nigeria or Burkina Faso.  “Sensible knowledge to talk about with my partners”.  Right.  The tagline on the profile reads “the world as I see it”, so I somehow have doubts my personal opinion would qualify as “sensible knowledge” unless the reader agrees with my views.

The “.pl” extension in the address indicates it comes from Poland, so I’m going to be generous (it’s early in the day and that may change) and say the awkward phrasing is the result of some online programme, such as Google Translate, turning the Polish into English.

I have written of other messages from Amedar Consulting Group.  I’ve also mentioned before that, according to an article I read, more and more scams and phishing expeditions are coming from that part of Europe.  According to what I can find on Google, they appear to be a legitimate company, but I somehow question whether a legitimate company would resort to spambots on blogging sites.  And that is what this appears to be – major league spamming.  I’m also suspicious when I get glowing comments like this from a company, especially a consulting firm.  If it’s that good, offer me a job 🙂

Like all of us, we’ll gladly accept genuine compliments, but we are also quick to delete obvious flattery and scams.

To my followers and readers, thank you.  Enjoy your week and remember to hug an artist – we need love too.

Cat.

Since it’s now Friday night, I’ll change that ending to “enjoy your weekend and remember to hug an artist – we need love too.

And, considering what happened in Connecticut today, please pray for the people of Newtown.

Cat.