Tuesday, September 23, 2008

M0re of West African Scam / Nigerian Advance Fee Fraud in Internet Web Mail Frauds and Email Letter Scams

I don't know how these guys are finding me, but is just received this email:

-----Original Message-----From: Bernie Immanuel [mailto:ankringan_tugu@hotmail.com]

Sent: Tue 9/23/2008 6:11 PM
To: xxxxx xxxxxxx
Subject: Inquiry


Dear Sir/Madam,

Good day,
I have visited your website. I'm quite interested on your products.If it is possible, I would like to order from you.
Do you have stock cisco product, - Type product : Cisco 7206VXR /NPE G2 - Qty Order : 1 Unit Can you ship this order to singapore via DHL or UPS Express?And term of payment for the item mentioned above, Will you accept to a credit card for payment in this transaction? I should be pleased if you could send me your new complete price list and other information. We would be grateful if you could send this information as soon as possible. We look forward to your replay and thank you for your coorporation in this matter.

Your Sincerely,

Bernie Immanuel _________________________________________________________________

It doesn’t take a genius to figure out that's another poorly executed African email scam.

Please, at least they should have come up with some Anglo-Saxon name, like: Adam Smith or John Brown that used email me wanting to pay lots of dough for our services…lol

I thought I warn those that never seen one before.

Friday, September 19, 2008

Unable to load google home page: 403 forbidden…


Google happens to be set to my home page in internet browsers I use. This afternoon, as soon as I launched IE and Firefox I was presented with this message: 403 forbidden…

We're sorry...


... but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now.
We'll restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected, you might want to run a virus checker or spyware remover to make sure that your systems are free of viruses and other spurious software.
If you're continually receiving this error, you may be able to resolve the problem by deleting your Google cookie and revisiting Google. For browser-specific instructions, please consult your browser's online support center.
If your entire network is affected, more information is available in the Google Web Search Help Center.
We apologize for the inconvenience, and hope we'll see you again on Google.

To continue searching, please type the characters you see below:
(Here goes captcha window)













Well, since I’ve never experienced this before first thing I did was to scan that very PC for virus, spyware, malware infections. Of course Symantec Antivirus says that it’s up-to-date and everything is cool.

Using alternate virus detection programs rendered the following results:

Registry Keys Infected:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.


Restarted PC and after that things seems to be back to normal. I'm not convinced that the malware infection found was the cause here though. Anyone has any thoughts on this?








Thursday, September 18, 2008

SK Holdings Company Ltd. Domain Registration Center scam / spam email

Last night, we received a message from Lily Chen - someone who says they’re going to try to use our domain name in China, etc. or poses as a registrar just trying to get us to contact them to have those domain names secured through their company, etc. It sounds pretty vague and shady.

After spending a few min on research it turns out that it’s poorly designed and SPAM email Made in China :) and it can be safely ignored and deleted.


Here’s the body of message:


Dear CEO,

We are a domain name registrar centre in HongKong.and in charge of the registeration in Asia.We have something important need to confirm with your company.

On Sep 17, 2008,we received a formal application form from M-Super Corp who applies to register

internet trademark:kontech

And the domain names:
kontech.asia
kontech.cn
kontech.com.cn
kontech.com.hk
kontech.com.tw
kontech.hk
kontech.in
kontech.tw

During our auditing procedure we find out that the M-Super Corp has no trade mark, Intellectual property, nor patent even similar to that word.we have the duty to inform you this matter. If you do not know this company, we doubt that they have other aims to buy these domain names. Now we have not finished the registration of M-Super Corp yet, in order to deal with this issue better, please let someone who is responsible for trademark or domain name contact me as soon as possible.

Best Regards,
Lily Chen.
Auditing Director
________________________________________



Fax: + 852 8226 1055
Email: lily.chen@sk-network.org
Web: http://www.sk-holdings.net
________________________________________
Confidentiality Notice:This is a letter for confirmation. If the mentioned third party is your business partner or distributor in Asia please DO NOT reply. We will automatically confirm application from your business partner after this audit procedure.we have to notify you,and our registration organization are not responsible for any dispute questions about trade mark,intellectual property nor patent after they succeed in registration.hope you can understand.thank you.



09/23/2008

Thre goes a follow-up email from Lily flagged with high importance:


From: Lily Chen [mailto:lily.chen@sk-network.org]
Sent: Tuesday, September 23, 2008 9:13 AM
To: Kxxxxx Mxxxxxx
Subject: Re: Read: (To the CEO) Regarding Domain Name "kontech "Importance: High

Dear Sir/Ms,

We did not receive your reply until now. I have been helping you in the whole course, but we need your cooperation, We don't hope the domains be registered under your unknown.So we sent email to inform your company to protect your interest.Do you mean that you want to give up the registration? If so, we will sign the registration agreement with the third party . So please confirm whether you need to reserve your rights. Waiting for your further reply as soon as possible. If any question, do not hesitate to contact me.

Best Regards
Lily
Auditing Director



Safe to ignore/delete

Thursday, September 4, 2008

Email: UPS VIRUS - not ahoax this time

Email: UPS VIRUS - not a hoax this time



I received this email and was about to ignore it, but after a few min of research it turns out to be a real thing.

There's even a warning on UPS site about this virus threat.

If you get similar email I'd suggest that you delete immediately and permanently!


Subject: UPS VIRUS


The newest virus circulating is the UPS Delivery Failure. You will receive an email from UPS Packet Service along with a packet number. NOTE: The word packet is mis-spelled on this line. It will say that they were un-able to deliver a package sent to you on such and such a date. It then asks you to print out the invoice copy attached. DON'T TRY TO PRINT THIS. IT LAUNCHES THE VIRUS! Pass this warning on to all your PC operators at work and home. This virus has caused Millions of dollars in damage in the past few days.

Snopes confirms that it is real:


http://www.snopes.com/computer/virus/ups.asp