Netflix phishing expedition

Received the following email in one of my accounts:

From:

NETFLIX

External images are not displayed. Display Images
Always display images sent from

We recently failed to validate your payment information we hold on record for your account,
therefore we need to ask you to complete a brief validation process in order to verify your billing and payment details.

Failure to complete the validation process will result in a suspension of your netflix membership.

We take every step needed to automatically validate our users, unfortunately in this case we were unable to verify your details.

This process will take a couple of minutes
and will allow us to maintain our high standard of account security.

Netflix Support Team

This message was mailed automatically by Netflix during routine security checks. We are not completely satisfied with your account information and required you to update your account to continue using our services uniterrupted.

I removed the email addresses to keep myself out of trouble with WordPress (again).
This is obviously an attempt to get me to provide them with personal and/or banking information. The first indicator of that is that it wasn’t addressed to me personally. If they want to verify my account information, surely they’d have my name at least. The second indicator this is a scam is quite simple really. I don’t have a Netflix account, so there is no information to be verified.

Also, the English is not what you would expect to find from a company such as Netflix. The mixture of tenses and the misspelling of “uninterrupted” are a dead giveaway this is not from their corporate account.

If you have a Netflix account and you get on of these emails, before you do anything, please, please, check it some other way before giving out any information.

Happy viewing and remember to hug an artist, we need love too.

Cat.

Advertisements

Nice try but not even close update

About a week ago I posted a blog about a threat I received that said they had hacked my computer and unless I sent $810 in bitcoin to a certain purse within 48 hours, my computer would be frozen. If I didn’t, the person issuing the threat would release screen grabs of some of the more questionable sites I’d visited to my contacts list. And to “prove” their claim, they told me what password I’d used. Wrong. They further stated that they had installed a trojan horse that would advise them if I changed my password and would also automatically delete itself once I had made the payment. Well, I laughed at it, wrote a blog about it and deleted it. Of course, nothing happened because they had their facts wrong, mainly the screen grab claim since I don’t have a webcam. Here’s the actual claim: I made screenshot with using my program from your camera of yours device.

If people were taken in and actually paid the $810 and then nothing happened to their computer, they would assume they had satisfied the demand and the malware had indeed been removed. What really has happened though is that they paid over eight hundred dollars to a scam artist and nothing was going to happen anyway.

I’ve said it before and I’ll say it again. Do not be taken in by these scams and threats. Keep everything backed up on regular basis and remember that in the event such a demand for money is real, it will be cheaper just to take the computer to a technician and have the hard drive replaced than pay the ransom. That, and change your passwords.

Stay safe online and remember to hug an artist – we need love too.

Cat.

Nice try, but not even close

I received the following email in an address I rarely use:

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from ghoward@shaw.ca on moment of hack: watson

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $810 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Where do I start? Let’s pick the obvious and that is the atrocious English. Now, the only sites I visit that require passwords are Facebook and WordPress, and neither of them have “watson” as my password.

As for my “sites of intimate content”, well, depending upon your point of view, I suppose you could consider videos of Street Outlaws worth telling others about. Oops! I just did, so there goes that threat.

I use very good antivirus programmes, so I’m not concerned about any trojan horses on my system. Another threat dealt with.

If this person did in fact have access to my contacts on this email, they’d note I have only one – and that’s a Toronto Police detective. I’m sure the sergeant would be fascinated by my interest in street racing, considering I don’t have a vehicle.

As for the claim this person used the camera on my computer to capture screen shots of what I was looking at, well, I don’t have a webcam. As I said, nice try, but so wrong.

If you get this, or something similar, I think it can safely be ignored. DO NOT send anything through Bitcoin. There is no way of retrieving it if this is a fraud.

Cat.

Alert – possible system attack

I  received the following email a short while ago.  Actually, I received two – one in my inbox and one in spam.

Dear Corel Customer,

Did you know WordPerfect can import and export to popular Microsoft Office file formats like DOC, DOCX, PPT, PPTX, XLS, XLSX?

Click here to install the Microsoft Office Compatibility pack to extend the power of WordPerfect and share documents in popular Microsoft file formats. Please note that Microsoft is retiring the Office Compatibility Pack in the near future.
Install Now
For additional information on the compatibility pack or if you have any questions please feel free to contact our customer support team.

Sincerely,
The Corel Team

I do very little work involving Word, and knew that WordPerfect is compatible with Word, so I asked the Corel Support Team whether this would be something I might use. Their response was very interesting:

We have receive several inquiry regarding an email from Corel@email5-corel.com
We are currently investigating this.
For now, we recommend not installing it.
We will notify you once we have validated the source and the content of the email.

So at the moment, it would appear this may not be a legitimate offer. I can understand people may be interested in having the ability to use WordPerfect and be able to handle Word documents, but WordPerfect does this without the installation of external programs or add-ons. If you are one of those people who, like myself prefer WordPerfect, and you receive this or a similar message from the email address in boldface, ignore it. You may be putting your computer at risk.

Cat.

Nice try, but no cigar

I found the following in an email account I had set up for a specific purpose. This account is not used for anything other than that purpose and since I wasn’t wearing my glasses when I set it up, I misspelled my name. No matter, Dr James still sent me this message.

Attn E-mail Address Owner,
Spam
Dr Kevin James <k_james90@>

Feb 5

Attn E-mail Address Owner,

Website:
Address: Plot 1261, Adela Hopewell Street CO/B/REP, Republic Of Benin.

Email:

( 0022966850550 )

Attention: E-mail Address Owner,

Sequel to the meeting held today with Federal Bureau of Investigation, The International Monetary Fund (IMF) is compensating all the scam victims and your name and email address was found in the scam victims list.

However, we have concluded to effect your own payment through Western Union® Money Transfer, $5,000 daily until the total sum of your compensation fund is transferred to you.

This is your first payment information:

MTCN#:8412393243

Sender’s First Name: Richard

Sender’s Last Name:Michel

Amount Programmed: $5.000

You are advised to get back to the contact person trough the email below for more direction on how to be receiving your payment

Contact person: . . SIR. INNOCENT JOHNSON
Email address: . .
Tell phone: . . . +22966850550
Thanks,
SIR.INNOCENT JOHNSON
Director Western Union Money Transfer,
Head Office Benin Republic.

Click here to Reply or Forward
0.12 GB (0%) of 15 GB used

I’ve removed any email addresses strictly because I’ve had an account shut down by WordPress in the past when I tried to post a similar message with too many links.
Let’s take a look at it. First, it was addressed to “E-Mail Address Owner”, despite the text saying my name had come up in their investigation. Good clue it is a phishing expedition. The poor spelling and grammar are also good indicators the sender does not have you best interests at heart.

There is no mention of just how much money has been allotted for me (although I can guess it is really zero), nor exactly how I got scammed. Since I either delete this type of message or, as in this case, use it as fodder for a blog, I doubt I’ve been scammed by a Nigerian or Benin prince.

Should you choose to actually try to contact “Sir Innocent Johnson”, I’m quite certain you would find him anything but innocent.

Something else in these always acts as a warning to me and that is the fact that so many of them mention they are working with the FBI on resolving the issues. Well, I’m not an American, and could honestly not care less what the FBI does or doesn’t do. I doubt strongly they would really do anything for the benefit of someone who wasn’t an American citizen. So, as I wrote, Dr James: nice try, but no cigar.

If you receive any message of a similar nature, just delete it. The only enrichment taking place will be to the benefit of the senders of the message, not you. It could be your identity, your information, or the contents of your bank account. In any event, just say “no”.

Cat.

Alert! Text message scam

About fifteen minutes ago, I received the following text message:
INTERAC E-Transfer: You’ve been refunded 175.00 due to an overcharge on your last payment. Click here to claim your funds:

Someone obviously has no idea how payments work. It’s been my experience that if you overpay on a bill, rather than issue a refund, the company will simply apply the overpayment as a credit on your next bill. Also, if you did overpay, any message would refer to it as an overpayment, not an overcharge.

The telephone number this was from had a Los Angeles area code. Were it not for the fact I’m in Canada and have no dealing with American firms who might be expecting payments from me, I might have been suckered in, Any payments I make all go to companies located in or near Toronto, which is not in area code 310.

When are these scammers going to realize that people aren’t as gullible as they once may have been. Many of these scams are well-known or, if egregious enough, are reported in various news media? For example, the so-called “grandparent” scam. You know the one – an older person gets a telephone call from someone purporting to be their grandson and he’s in trouble and needs a sum of money (usually in excess of $1,000) for bail or whatever. The grandparent, out of concern, sends the funds through Western Union and never hears from the supposed grandchild again. That one has been publicized quite a bit recently.

In this case, something the scammer wouldn’t have had knowledge of is that I’m on a pension and am very careful about my payments, so it is impossible I would have overpaid by $175 unless of course I didn’t want to eat for the month.

If you get a text message like this do not, under any circumstances, click on the link. You will find yourself opening a whole lot of trouble you don’t need.

Cat.

The answer is still “no”

I received the following email in my Gmail spam today:
GOOD NEWS FROM THE WHITE HOUSE

GOD BLESS AMERICA <WW.@oregano.ocn.ne.jp>

17:18 (21 hours ago)

to

GOOD NEWS FROM THE WHITE HOUSE

I am Mrs. Michelle Obama, and I am writing to inform you about your Bank Check Draft brought back by the United Embassy from the government of Benin Republic in the white house Washington DC been mandated to be deliver to your home address once you reconfirm it with the one we have here with us to avoid wrong delivery

Sixty million united states dollars 60,000,000,00usd that was assigned to be delivered to your humble home address by my husband Honorable president Barrack Obama the president of this great country this week by a delivery agent Mr JAMES BOOMBERG

I will like you to reconfirm to me the following details
Your phone number…………..?
Your current home address……?
Your full name…………………?
Occupation……………….?
Next of kin…………….?
Your email address…………..?
Password………………?

The reason I ask you to reconfirm to me this following details is to avoid wrong delivery.
FOR MORE INFORMATION ABOUT THE ORIGIN OF YOUR FUND YOU CAN CALL OR TEXT MY HUSBAND THE PRESIDENT OF THIS GREAT NATION +1 (202) 792-0696

Yours Sincerely,
MRS MICHELLE HUSSEIN OBAMA
FIRST_LADY USA

Wow! The First Lady is sending me an email telling me she has my sixty mill US from Benin.

There are problems with this message. First, although it purports to be from the White House, the extension on the sender’s email is “.jp”, which last time I checked was Japan. Second, the addressee is blank. And finally, I’m Canadian, so why the hell would Michelle Obama be sending me anything?

Couple more things are wrong. President Obama’s first name is spelled “barrack”, which as I recall from my army days is similar in nature to a dormitory. And when she “signed” the letter, she would have used her middle name, not her husband’s.

Being the cynic I am, I guess by writing this blog and telling others I’m doing myself out of sixty million dollars US, which at current exchange rates would be about seventy mill Canadian. Ah well, easy come, easy go.

Enjoy your day, don’t take any wooden nickels and remember to hug an artist – we need love too.

Cat.