| |

spam

It's been modified from the advance fee fraud e-mails that we are used to and someone has been to writing lessons.

It starts with an unusual approach, then moves into the same technique as we've seen from this name dozens of times over many years.

Oh, and he uses UN.ORG as the "from" address. Cheeky.

FCRO Subsection: 

This spam-scam is fascinating: it looks like an old telex message. Very clever.

But it's still an obvious fraud when you read it.

BIScom Subsection: 

This morning, a spam-scam arrived claiming that a subscription had been renewed.

Then a few minutes later, we came across a news article that had something in common.

Is it pure coincidence?

FCRO Subsection: 

It's clever. It's simple. It's even got a personal identifier in it (not that that's clever - and it demonstrates that it's scam - for reasons we aren't going to explain in public)

Many people will click on this. They shouldn't.

FCRO Subsection: 

The Journal of Clinical Investigation is a genuine scientific journal.

However, fraudsters have used its name to attract attention to a rogue website.

Repwarn.Rocks.

info@repwarn.rocks

The form says don't complete it for your own marketing. You didn't read it or you decided to ignore it anyway.

CoNet Section: 

If you want to be ripped off, e-mail the following:

*NAME: MR MARTIN COOK
EMAIL: **martincoookuk@gmail.com*
or martincoookuk@sim.it

FCRO Subsection: 

"Brits Are Listening To Ant McPartlin And They’re Raking In Millions From Home" screams the headline - then the e-mail launches into a pitch that is a near replica of what we've seen before. It's using Ant McPartlin as a hook but also Phillip Schofield who is currently riding a wave of publicity.

Good grief. This arrived today. It's a straight copy, errors included but with the links redacted. And if there really is someone called "Blythe Masters," if I were you I'd sue your parents for giving you such a stupid name.

CoNet Section: 

That's it. We've had enough. Until internet domain name registrars start to adopt responsible practices over who they sell domains to, especially the plethora of top level domains that criminals habitually use for the nefarious activities, it's time to block them entirely.

CoNet Section: 

Even by the standards of spammers, we have to be impressed with the targeting of this outfit. antimoneylaundering.net has, this spammer claims, sent an e-mail to antimoneylaundering.net. That's our sister domain. That's not clever - lots of criminals do that. It's not even clever to put the name in the "from " - criminals and sales people do that. But to tie it to something that might actually be of genuine interest? That is clever or, at least, devious.

CoNet Section: 

A spam appearing using the name of Santander links to a fake website.

BIScom Subsection: 

This morning's crop of overnight spam that made it through the preliminary filters arrived via a contact form relating to this very site. Ordinarily, form spams are either destroyed or reported on, partly because, even using bots, the scams that get through the anti-spam systems on the forms are a cut above the junk that comes in by mail and, often, present new - or at least new to us - threats. This one is carefully crafted, almost as if it's been revised several times to get it right. And, if it were to hit its intended target - investment businesses - it would at least cause a costly waste of time. But only time because, good as it is, it suffers from a significant flaw.

BIScom Subsection: 

Pages