| | | Effective PR

spam

It's a spam, it uses Standard Chartered as a hook to entice victims to be defrauded, and it's hilariously awful. Note phone number +447452282904 and email address lrbernal@easynet.es and that the reply is to privacy e-mail service ProtonMail at taxmattersjon@protonmail.ch . But the most interesting thing is this: the e-mail provider easynet.es correctly identified this as spam, even as " advance fee fraud (Nigerian 419)" - then allowed it to pass. Is the provider complicit if anyone becomes a victim?

FCRO Subsection: 

The fraud is old hat. The bitcoin address is, presumably, valid and enforcement agencies may wish to track and attack it. And, of course, any financial institution which has records of it should identify it as a suspicious account.

1HQ7wGdA5G9qUtM8jyDt5obDv1x3vEvjCy

FCRO Subsection: 

It has come to our notice that one or more persons are fraudulently delivering e-mail purporting to come from BankingInsuranceSecurities.com. It is impossible for that mail to originate at that domain and you may safely blacklist it at server level. For more information, see below.

The fraud has interesting timing and holders of internet domains should be aware of a possible new threat to reputation. The threat does not, on the face of it, have any immediate cyber-security implications but there may be hidden dangers.

BIScom Subsection: 

It's that time again: PayPal spam-scam time. But even by the standards of badly constructed spam-scams, this one is bad. So bad it's funny and so bad that anyone who falls victim to it may just be too stupid to live. But the bigger danger is that it's not a phishing scam but a way of placing malware on victims' computers and if that happens they are being human not stupid.

FCRO Subsection: 

We all get the scams telling us that a criminal has our data. Many of us get scams saying that the criminals have details of access to pornographic websites and, even, footage taken from cameras on our desktop or laptop machines. Usually, we are told that we are being blackmailed and ordered to pay a sum, via bitcoin, to a specified wallet, 1Lughwk11SAsz54wZJ3bpGbNqGfVanMWzk. This wallet should, obviously, be disabled with immediate effect.

CoNet Section: 

Most spam-scams are just too stupid for words. This one is even worse. Have fun with it.... and see why companies such as yahoo and google should be required to monitor anonymous e-mail accounts, if not for content but for obviously fake identities.

**Free Content**

FCRO Subsection: 

When Australia took action against an internet scammer for sending out notices relating to domains (see here) the effect on those committing similar frauds was... zero.

CoNet Section: 

Who remembers the dark web, that place where, if you could work out how to access it, you could buy false identification, illicit drugs (or licit drugs on an illicit basis) and even rent a hit man? Welcome, charlselwatson@gmail.com, not only don't you use the dark web, you even promote your services via a public bulletin board.

Sending server: webmail.123-reg.co.uk
Request for External Wire transfer

CoNet Section: 

"Attention: Nigel Morris-Cotterill

This is an exclusive notification from the District Court of Basel-Stadt (Strafgericht des Kantons Basel-Stadt).
We regret to inform you that your identity has been compromised in an identity theft scheme recently uncovered here in Switzerland."

I am soooooooooooo convinced.

FCRO Subsection: 

It's incredible how many spammers (not, scammers) don't think that their standard of English reflects on the quality of work they might offer.

Below is an example of the many spam e-mails that find their way into our electronic shredder because we don't want to read them but, sometimes, it's worth looking to see how advertising is presented. This example is never, ever, going to get business from any business that requires professional standards of itself and its suppliers.

CoNet Section: 

It's a stupid name: TSB is an acronym for Trustees Savings Bank and then some idiot, years ago, decided to add "Bank" to the acronym, in a move that rivals the equally stupid "ATM machine." But that's not the reason this heavy-duty spam-scam mailout is an obvious fraud. Warning: the content is highly plausible and the mail constructed to avoid even aggressive anti-spam filters.

BIScom Subsection: 

You'd have to be an idiot not to recognise this mail as spam. But that's not the dangerous bit. The spam is identified as containing malware Sanesecurity.Scam4.874.UNOFFICIAL (DO NOT search for it: read on for why). We wouldn't bother reporting another, simple, spam-scam but this one isn't simple and there's a whole ecosystem behind it that only multiple layers of security, working together at server level and at desktop level, were able to protect us from. That was where this writer did something stupid, thinking he was doing something interesting. This attack arrived with us within the past hour and is therefore currently active. **Free Content**

FCRO Subsection: 

We can do no more than post the content of three spams that arrived in five minutes and urge readers to block the domain trixologyvapors.com to prevent this hyperactive spammer's material reaching staff.

CoNet Section: 

As if the crisis in retail isn't a sign that the global financial crisis, and the UK's part in it, isn't over, the news from manufacturing and other sectors of large-scale redundancies, non-renewal of contracts for term-staff and closures or restructuring of businesses in non-high street retail isn't enough, mailboxes are being spammed with one of the earliest signs of a financial crisis, threatening to ensure that recovery is a long way off. At the forefront is a spam promoting SAGA, the company that is supposedly the elderly's best friend.

BIScom Subsection: 

Pages

hahagotcha