More Virtual Promote ... Search Engine Forums · Webmasters Toolkit · Free Website Templates · Scumware.com
.
Virtual Promote Gazette Home Subscribe/Unsubscribe Archives  
.

gazette



Issue # 210 (03-17-2004)

Get Over it ?

Scumbag of the Week
When it comes to issues regarding Unsolicited Email (SPAM), I've always been the leader of the "Get over it" crowd. Some people (our own government included) just go completely haywire when it comes to dealing with SPAM. Each month, when we send out The Gazette, even though it's the best newsletter on the Internet, and even though everyone that gets it had to basically beg to get it (we're now triple-opt-in), I still get about 100 screaming phone calls in the wee hours on the day it's sent, about a half a ream of "Black Faxes", and loads of expletive-laden email responses to it. As someone that probably gets more SPAM than our entire readership combined (over 9,000 emails last Friday alone), I say to you, simply "Get over it" ... it's not rocket science, nor is it overly strenuous to simply hit the delete button and move on with your day. That said, there is an annoying new trend in SPAM that just irritates me to no end, so much so, that I'm actually giving it time in this publication.

Most spam, I can handle. Porn, Viagra Ads, MLM schemes, etc. Pain in the butt, yes, but not the end of the world. Even viruses don't aggravate me all that much. With the proliferation of good anti-virus software out there, 99% of the viruses are trampled before I ever see them, and I'm not dumb enough to open up an attachment in an email that I wasn't expecting to get. Since most viruses that you get aren't really spam (ie: someone's not paying to send them out to make a buck), I can't lump them into the SPAM category anyway. No, this new thing is a much more severe threat, one that's not really gotten much coverage, other than scrambling press releases by the affected companies trying to put their customers minds at ease. This new breed of SPAM is the second generation of the "Nigerian Millionaire" scam, one that prey on the trusting, perhaps innocent nature of the casual internet user. What I'm referring to is the Company Impersonation Scam.

This scam comes in a variety of formats, and is basically impossible to detect, unless you employ a bit of common sense into your daily routine. Although differing in appearance, the scammers are all after the same thing: authorized access to your credit card information as well as your social security number. The most common form of this scam is an email that is sent to you "From" someone at paypal.com. It looks quite official ... using paypal.com's actual logo, actual email HTML format, and paypal.com's actual .css style sheet definitions. It's such a good forgery, that the scammer even uses some of the same HTML mistakes that paypal.com itself uses in the construction of their emails. If you trace the headers of the message it appears to actually route through paypal.com's servers. The message itself is an ominous warning. "Your paypal account is due to expire. Please login to your paypal account and update your records immediately" or something to that effect. At first, the scammers were putting a form in the email that, for your convenience, you could fill out and submit directly. What information was on the form? Your paypal login information, your bank routing number, your social security number and your credit card information. Yikes. It looked very, very official, and I almost gave it a second look ... until I hit "Send and Receive" again, and got 6 more copies of it, all from different "@paypal.com" From addresses. (Whew). Paypal learned of it quickly, put an announcement on their website, and sent out a massive email stating quite clearly that they would never ask for such information directly over email. Problem solved, right? Nope. The scammers got wise pretty quick, and the next round of emails that they sent actually re-iterated paypal.com's announcement, and provided a link for you to click to login and take care of your expiring account. Clicking the link brings you the scammers website which appears to be, in every single way, paypal.com. All of the links appear to resolve to paypal.com, the layout is identical .... an entire mirror of paypal.com, and they used an apache trick to actually make your browser think you were AT paypal.com. They provide a login form that works, and immediately present you with that same form asking for all of your information. The scam would work quite well, had they not made 2 blunders .... first, the login form will take any email address and any password, so when I fat-fingered my own password, and it still let me in, that was "clue 1". Secondly, your navigation path dies at the information form. The real paypal has all sorts of links on every page, but the scammers made sure that once you see the form, you can't get anywhere else. I'll give them an "e" for effort, it's a pretty convincing ruse. I wonder how many people fell for this?

I've seen the same thing replicated for other services: American Express, Citi Bank, US Bank, Bank of America, eBay, etc. The latest one is one that appears to be from ICANN (the guys that are in charge of all the worlds domains), that warns of your domain expiring if you don't pay right now. Since (I hope) most of you know that ICANN isn't actually a registrar, this was easy to sniff out, but I wonder how many people that don't even have domains responded to that one?

Many of you use a service like "Spamarrest", where people that email you are required to click a link in the email (or respond to it) and then enter some sort of challenge phrase to prove that they're real people, so that their email is forwarded to you. Kudos to the guys that thought of this idea. However, as this has grown in acceptance, and as people get used to doing this, I'm starting to get emails from "services" that I've heard of asking me to confirm before a recipient can read my mail. Fine, I'm used to it ... and given that I send out about 400 emails on a given day, I go through this all the time. But recently, I've started getting these emails at 2am and 3am, to confirm emails that I'd just sent. Hmmmm. Seems that the masqueraders are into this business too, now. Posing as an anti-spam confirmation service, they're preying on our trustworthiness to build giant email lists of actual live people.

This is all just sickening beyond belief. Throw all the naked ladies and pecker pill ads that you want into my inbox, I don't care. But once SPAM becomes pure evil like this, a line has been crossed. Quite frankly, folks, I don't have the answer for you on it. There's no way to legislate this stuff out of existence, and there's no way for you or I to prosecute it, unless you can afford to find out who stole your identity. The best that you can do is forward the emails to the appropriate people (usually "abuse@" the domain that was being impersonated), as well as your local FBI office, and let the experts hunt them down. In the meantime, I leave you with this one simple piece of advice: Surf The Internet, and read your email with your eyes open .... and don't ever click anything in any email that someone you know didn't send to you. If you get a warning mail like that from paypal, or some other company that you actually do business with, and didn't request an email from them, don't click anything in the email. Instead, go right to the domain in your browser, typing in the address manually, and login yourself. If the announcement is for real, you'll see it there in your account once you log in. If not, consider the email to be a scam, forward to the right people, and then "move on"


Read the Scumbag of the Week section from the Last Issue or in the Following Issue

JimWorld Member comments and feedback ...

Posted On: 03/17/2004 07:28
Posted By: Rivux
Great issue guys, loved the In The Crosshairs and Scumbag of the Week sections, keep up the good work. Can't wait for the next issue to read the second part of the PHP 5 article as well.

Posted On: 03/17/2004 07:32
Posted By: crash
Besides what you wrote about I've recently started getting emails from the admin of my domain (kinda funny seeing as I'm the admin) telling me that there is a problem with my email and I need to confirm my information. Nice and convienent link and all (which I haven't clicked) looks real official.. except the fact that I'm it so I know they are bogus. But what if I had employees? I could SO see them following the instructions and compromising not only their own email account but my server as well.

Bottom line is that you cannot trust email these days - period. It's gotten to be such a major problem that the local news did a whole 10 or so minutes on it showing in detal the paypal and ebay scams and pointing out that it's happening for Yahoo! and others as well.

If it isn't a scam it's a spoofed virus.. so email viewer beware. Educate yourself as knowledge is your best armor. Know how to view email in text only - know how to view the headers and raw email (lots of info in there) and even then don't trust it.

Posted On: 03/17/2004 08:08
Posted By: energy8763
The following arrived in my inbox about a month ago. The links have not been altered so go there AT YOUR OWN RISK. Better yet DON'T GO THERE.


How would you feel about getting this e-mail?

----------------------------------------------------------

Your credit card will be billed at $22.95 weekly and free 3 pack of child porn CD is shipping to your billing address. To cancel your membership and CD pack please email full credit card details to billing@darkprofit.net


Ready to find all types of underage porn? We have the best selection for every
taste! Click the secret link below and have fun!

http://www.thegrifters.net/phpBB2/index.php

Username: renshaw

----------------------------------------------------------

After realizing, from my own fear, that it was a setup I decided to contact Scambusters.org and let them have it to play with.


Posted On: 03/17/2004 08:12
Posted By: jcokos
yikes !

I forgot about the ones that say they're from the "Postmaster" and your account has a problem.

Like I said, spam I can handle, it's the scams that really drive me up a wall. I think we should put our Iraqi troops out on patrol, and send these nimrods over there to guard the hotels :)

Posted On: 03/18/2004 08:09
Posted By: sfinley
I definitely agree Jim, I have also noticed if you mouse over the links you can usually see where they are sending you. It looks real (such as the Paypal scam) but there off by one little character or just totally forget to mask it at all.

It has been amusing seeing how many scammers can't spell...
have you had to "veerify" anything lately? ( I think the majority of the misspelled one's are for Citibank)

Jcokos - I agree. Let these idiots deal with the suicide bombers.

Add your own comment ....

We accept comments to Gazette Articles only by registered JimWorld.com members. If you are not yet a member, please join now. Membership is free, and entitles you to not only post comments here, but also to participate in our discussion forums, as well as other areas of the JimWorld.com network.

If you are currently a JimWorld member, your userid and password will allow you to login with the form below.

Login
Forget your password?
Password

 

 

Sponsored Links

Search for a Free Domain
The Virtual Promote Toolkit is hosted by the experts at SimpleNet. You should be, too! Whether building a new site or transferring one, there is no other hosting platform comparable to SimpleNet’s; hosting for less than $5/month.
Search for the following tlds: .com, .net, .org, .info, .biz, & .us
Already have a domain or site? Move it to SimpleNet


Hyperseek Search Engine
Member Spotlight
New ppcThink Blog
Cutting edge marketing strategies to increase your profits (flyingrose)
spacer

 

 
   

© 1995 - 2004  ·  iWeb, Inc DBA JimWorld Productions