These guys are pretty clever. This scam involves a fake order from Amazon. I was notified just moments ago that the Samsung 40″ HD TV I ordered was shipped and will arrive on the 21st. Of course I didn’t order a TV from Amazon. Of course the email provides MANY links to click to get information. All of them lead to the same web site that is not Amazon. The email is pretty convincing looking exactly like an email one would get from Amazon. The email address it came from is not Amazon however. They made no attempt to fake the email address this came from so it’s pretty obvious it’s not from Amazon.
It’s been a couple of weeks since the last scam alert I posted. Got a new one today. A fake email from Intuit that states you need to get a security update or you won’t be able to access your Quickbooks data anymore. The link provided takes you to a web site not remotely connected to Intuit where you will undoubtedly be infected with something nasty.
Once again people, don’t ever click on links in emails.
This week’s scam. You receive an email saying <someone’s email address> has just sent you an ecard from 123greetings.com (or some other ecard place). There is a link to click that looks like it will take you to said ecard but if you hover over the link and look at where it will actually take you you will see it goes to someplace completely different and most likely will infect you with malware. Once again, don’t click on links in emails people, no matter what they say or who they appear to be from. Ever.
So, today’s scam is a bogus FBI warning that, of course, asks for money. From the FBI:
THE UNITED STATES Federal Bureau of Investigation (FBI) has alerted the public about a virus named Reveton that issues fake FBI warnings demanding infected victims pay to unlock their computers.
Reveton is described as “drive-by” malware due to its ability to activate and install itself when users visit a compromised web site. Unlike most viruses, it doesn’t need to install a file or attachment.
Once it has infected a victim’s PC, Reveton then locks their computer, saying the user is in violation of US federal law.
More information can be found here: http://www.fbi.gov/news/stories/2012/august/new-internet-scam/new-internet-scam
I have also been receiving emails this week thanking me for my order from some company I have never heard of with a link to check said order. Obviously when you click said link you are infected with some malware or virus. These emails all say the same thing but come from different people and companies.
I suppose we won’t see the end of these scams until people stop blindly clicking links. Yeah, that will happen.
Another Facebook related scam. If you receive an email claiming you have been tagged in a photo on Facebook don’t click any links. The link could take you to a site that infects you with malware. Some of the emails have “Faceboook” spelled with 3 o’s.
I personally received one of these emails last week. When I hovered over the link it was to some site not remotely connected to Facebook so I deleted the email.
So it appears THE way to spread malware now is by email attachments like the ones I have been posting about. I received another one today about the Delta Airlines tickets I supposedly purchased. The attachment was a zip file and the email said there was a document attached. The zip file had an executable in it that would most likely take you to a site that would infect you. It might infect you directly but I wasn’t going to try it. 😛
We almost made it through April without discovering a new email scam but I did get one today. It’s a fake email from American Airlines confirming my ticket purchase. They provide a link to download the ticket of course. The link goes to a web site that has nothing to do with American Airlines and runs a script that undoubtedly infects your computer with something. The destination for this “ticket” was Boston. Anything to get someone to click a link I guess. The departure point was of course missing.
It’s tax season so of course we will now be getting tax related email scams. I received an email from eTrader about my tax documents being available on line. This is a very legitimate looking email.
All the links in the email go to etrade.com like they should. The English in the email is perfect. It even includes legitimate links to anti-phishing and anti-scam sections on etrades’ web site. The only clues that this is a scam email is the return address which goes to “investordelivery.com” and the attachment.
The attachment is a zip file. Inside the zip file is an executable file instead of a document. Obviously the payload.
These are things most people would miss so anyone receiving this email that was an eTrade customer would most likely be fooled in to opening it and becoming infected.
This is a clever email scam, especially for this time of year. I received an email supposedly from UPS. It says my address is wrong and provides a link to “Track your shipment now!”.
The email looks pretty legit and even uses my real name. The link does not go to UPS.com though. The links at the bottom of the email do seem to go to UPS which would add false legitimacy to the email.
In cases like this where you might actually have a shipment coming you should go directly to the UPS.com website and track your package that way.
Don’t click on links in emails no matter who they are from or how real they seem.