Log In | Subscribe | | |

spam

The email below has come to our attention today. using a landing page at mybluemix[dot]com and a (perhaps spoofed) address at the domain masew.ml, the scam has characteristics that instantly give it away to the alert but will trap the unwary.

Spoofing email addresses (that is making it look like an e-mail comes from somewhere other than its actual sender) is a remarkably easy trick and it's heavily relied on by spammers. However, this particular spam goes further, aping the tactics used by those who send e-mails that appear to come from banks. Be warned....

Spammers and fraudsters love .com addresses but so does the rest of the world. For some time, there have been domain levels that spammers like because they can create names that look legitimate but are using the name of a legitimate, reputable, business and recipients often do not notice what's after the dot or have faith that registrars are checking and only allocating obviously well known names to their usual users. Recent additions to the "top level domain" system have opened up a new world of opportunity. Here are five TLDs that spammers are making use of and which businesses should consider banning from their incoming mail and, even, blocking server traffic to.

The old ways are the best, not the least of which is because there are always new users whose filters aren't ready for spam that hasn't been seen for a while.

This one's so old-fashioned, it's funny. Oh, and Google's failed to identify a landing page for spam and potentially illegal product sales. Artificial intelligence? Hah.

CoNet Section: 

The return, with increasing frequency, of internet domain name fraud, is usually at least accompanied by a form of what the fraudster hopes is a sufficient disclaimer to prevent prosecution. The latest iteration omits even that and resorts to blatant threats. Also, it seems that the criminals have obtained access to the domain sevenresortsnet.com to send mail and to present a landing page for those who click to respond to the demand.

CoNet Section: 

It's been a while since spammers hawked "meds" in spam. But recently, we got one. The amazing thing is that it's the same as they ever were.

Every dog has his day and, sometimes, every idiot gets his hands on a computer. Here's an example received at our registered office. Maybe it's not a a scam, but for sure it's not accurately targeted commercial mail, either.

BIScom Subsection: 

In the past day or so, a company called emailmovers limited using the domain xmr3.com have sent out a number of spam e-mails addressed to personal e-mail addresses at companies. They claim "Emailmovers is one of the UK's only B2B email data owners who provide Full Email Marketing services in house" which is, in itself a nonsensical statement.

But it's their claim for how many people they feel it's OK to send unwanted commercial email to that is interesting. Just how did they get it and how do they think it's legal to use it? And is it a predicate crime for money laundering purposes if they have breached GDPR?

You should neither know nor care exactly what criminal activity lies behind the link in this e-mail. The fact that it's fraud from beginning to end should be enough.

CoNet Section: 

Fraud is cyclical. Historically, frauds would lie dormant for, perhaps, five years then come back. But the cycle has become much shorter, often only two or three months. Some frauds have become perpetual, aided by e-mail that hits so many prospective targets at such a low marginal cost. Others have a few days in the light before disappearing into relative darkness for a matter of weeks, perhaps because the targets are sorted by e.g. alphabetical order, into batches. One such is fraud relating to domain names. They take several forms but the same basic structure. The fraudster hints that, if you don't pay up, your domain name will stop working. Here's the anatomy of one such fraudulent mail that has reached us multiple times in the past several days.

CoNet Section: 

Artificial Intelligence is the buzzword of the year, beating out even "blockchain" and "add oil." A company that claims to be at the front of the pack when it comes to AI is Google. But, as this case shows, it doesn't matter what your algorithms do if what they do isn't properly targeted and the correct action results. It also demonstrates why financial institutions should be very wary of relying on technology which is, at best immature and at worst experimental.

In the meantime, Google and Microsoft, let's bypass the intermediary and you can just send us the "($1,000,000.00) One Million United States Dollars" today. Thank you.

BIScom Subsection: 

It has come to our notice that one or more persons are fraudulently delivering e-mail purporting to come from BankingInsuranceSecurities.com. It is impossible for that mail to originate at that domain and you may safely blacklist it at server level. For more information, see below.

The fraud has interesting timing and holders of internet domains should be aware of a possible new threat to reputation. The threat does not, on the face of it, have any immediate cyber-security implications but there may be hidden dangers.

BIScom Subsection: 

We all get the scams telling us that a criminal has our data. Many of us get scams saying that the criminals have details of access to pornographic websites and, even, footage taken from cameras on our desktop or laptop machines. Usually, we are told that we are being blackmailed and ordered to pay a sum, via bitcoin, to a specified wallet, 1Lughwk11SAsz54wZJ3bpGbNqGfVanMWzk. This wallet should, obviously, be disabled with immediate effect.

CoNet Section: 

When Australia took action against an internet scammer for sending out notices relating to domains (see here) the effect on those committing similar frauds was... zero.

CoNet Section: 

Who remembers the dark web, that place where, if you could work out how to access it, you could buy false identification, illicit drugs (or licit drugs on an illicit basis) and even rent a hit man? Welcome, charlselwatson@gmail.com, not only don't you use the dark web, you even promote your services via a public bulletin board.

Pages

 


 

hahagotcha