purportal.com : News

Always use delivery confirmation!

There's a new-ish eBay/PayPal scam out there -- people buy stuff you are selling on eBay, then claim it never arrived. Unless there is a delivery confirmation that is viewable online (regular USPS insurance doesn't count), PayPal sides with the complainant -- aka the scammer -- and you lose out.

More: http://www.kgw.com/business/money/stories/kgw_053008_news_paypal_scammers.457e8cfa.html

June 1st, 2008

Subpoena by email?

Received by an attorney associate:

To All Eastern District of California Attorneys,

In recent weeks, thousands of high-ranking executives across the country received e-mail messages that appear to be official subpoenas from the United States District Court in San Diego, CA. Each message included the executive's correct name, email address, company name, and phone number, and commands the recipient to appear before a grand jury in a civil case. The link embedded in the message purports to offer a copy of an entire subpoena, but when the recipient tries to view the document, they unwittingly download and install software that secretly records keystrokes and sends the data to a remote computer over the Internet. This enables criminals to capture passwords and other personal or financial information and starts software that allows the computer to be controlled remotely so the attackers can obtain digital credentials, passwords, and electronic certificates.

The message directed victims to a Website with a URL that ended with "uscourts.com" instead of the official site ?uscourts.gov.? Misspellings in the fake subpoena lead investigators to believe that the attackers were not familiar with the U.S. court system, and might be based in a place that uses a British variant of English. The AOUSC, FBI, Federal Trade Commission (FTC), S/CA and C/CA have all posted warnings about the fake messages on their Web-sites after hundreds of phone calls from individuals and corporations were received about these messages. Other cases have involved legitimate businesses such as America OnLine, CitiBank, e-Bay and numerous others. The e-mails often contain logos that closely resemble those of the legitimate businesses. In this case the seal of the U.S. Courts was included.

More: http://www.nytimes.com/2008/04/16/technology/16whale.html?_r=1&ex=1366084800&en=6440ba388ff2ce84&ei=5088&partner=rssnyt&emc=rss&oref=login

May 5th, 2008

Top 100 April Fools Day Hoaxes

"As judged by notoriety, absurdity, and number of people duped."

More: http://www.museumofhoaxes.com/hoax/aprilfool/

April 1st, 2008

Spotting fake listings on eBay and Craigslist

A guide on the Wired How-To wiki on not getting ripped off. I think that "use common sense" is not really useful advice -- it's not something people just turn on or off -- but the other advice is good.

More: http://howto.wired.com/wiki/Spot_a_Fake_Listing_on_Craigslist_and_eBay

February 25th, 2008

A phishing scam dissected

Here's a very nice explanation of the details and mechanics of a recent phishing scam which involved simultating a Better Business Bureau complaint. A scary mix of technical and social hacks are at work in the scam.

It's worth noting that a couple third parties end up being complicit in this scam. One is whatever mail server originally accepted the email; it didn't check the SPF records of bbb.org. If it had, it would have found that the scammer's zombie computer wasn't authorized to send email for bbb.org and would have rejected the message.

The second unwitting collaborator is the BBB itself. As the blog post details, their website has a security hole that allowed the bad chaps can craft a URL that not only looked like it goes to the BBB site, it did go to the BBB site -- then quickly redirected to the scammers' server where they do their mischief.

More: http://www.jgc.org/blog/2008/02/clever-targeted-emailweb-scam-with.html

February 8th, 2008

The Recruit Who Wasn’t Recruited

It's a little odd that this story has gotten as big as it has -- no pun related to the 6'4", 305-pound football player intended.

More: http://www.nytimes.com/2008/02/06/sports/ncaafootball/06reno.html?_r=2&ref=sports&oref=slogin&oref=slogin

February 6th, 2008

Help me make a better Purportal

These days, Purportal.com pretty much runs itself, as it has for the past seven years. The scammers and spammers of the world provide me a steady stream of material, so there's daily fresh content in the Spam archive. But the site could be much more. I want to keep waging the fight against sleazy scammers and fishy phishers everywhere, and have fun in the process. What kinds of features or information would you like to see? I'm interested in things that increase user participation and/or leverage good information that's already out there. Please feel free to send email with your comments, criticisms, and big ideas!

— Paul, your host

More: mailto:pb@purportal.com

January 29th, 2008

How to avoid buying a bogus memory card on eBay

Here's a helpful guide, with pictures, on the latest skullduggery on eBay from people trying to pass off cheap, slow, or off-brand CF cards as something else.

More: http://reviews.ebay.com/F?ugid=10000000001456539

January 27th, 2008

Don't believe everything you read on Craigslist

I love Craigslist, and their emphasis on operating locally does a lot to defuse fraud, but it doesn't enjoy any magical protection from less-than-ethical postings.

"Moving out ... House being demolished. Come and take whatever you want, nothing is off limits" .... People, thinking that they could remove whatever they wanted, grabbed the refrigerator, front door and kitchen sink, among other things, according to the documents.

More: http://seattletimes.nwsource.com/html/localnews/2003710460_craigslist17m.html

August 26th, 2007

Avoiding scams on Craigslist and elsewhere

Craigslist, the classifieds site (network of sites, really) has a very useful, concise page of advice on avoiding being scammed when buying or selling online. Their first point: "DEAL LOCALLY WITH FOLKS YOU CAN MEET IN PERSON - follow this one simple rule and you will avoid 99% of the scam attempts on craigslist." Not many internet-based business could give this advice!

More: http://www.craigslist.org/about/scams.html

August 25th, 2007

Need cash? Make big money shipping washers and screws for the US military

A small South Carolina parts supplier collected about $20.5 million over six years from the Pentagon for fraudulent shipping costs, including $998,798 for sending two 19-cent washers to an Army base in Texas, U.S. officials said. ... The company also billed and was paid $455,009 to ship three machine screws costing $1.31 each to Marines in Habbaniyah, Iraq, and $293,451 to ship an 89-cent split washer to Patrick Air Force Base in Cape Canaveral, Florida, Pentagon records show.

More: http://www.bloomberg.com/apps/news?pid=20601070&sid=aY5OQ5xv9HR8

August 16th, 2007

ATM magic

You may hear this story in the coming days and think it can't be true, but it is -- some yet-to-be-apprehended criminals reprogrammed a convenience store cash machine to dispense $20 bills when it thought it was dispensing $1 bills. (That's silly. Who ever heard of an ATM dispensing $1 bills?)

It's interesting to read the article, especially if you're not familiar with how typical security breaches happen. It's not about some crazy mastermind who uses his supergenius powers to crack the system. He just uses the default master password he found in the ATM manual.

More: http://blog.wired.com/27bstroke6/2007/07/atm-reprogrammi.html

July 13th, 2007

UFOs... robots in disguise?

Somehow I went a month without hearing about this. Serves me right for not reading BoingBoing lately. Anyway, many people are quite excited about some Unidentified Fotoshopped Object images that have been circulating. I am a diehard skeptic on these things, so if any aliens are actually on the planet they're going to have to walk right up and buy me a beer before I believe they exist. In this case I feel like some skepticism is fair, though. It was the mysteeeeerious glyphs on the underside that put me over the edge. My favorite theory is that this is a viral marketing campaign for the new Transformers movie, reminiscient of the ill-fated fake BMW mini robot. Though those guys at least made video.

More: http://www.earthfiles.com/news.php?ID=1252&category=Environment

June 29th, 2007

"Elderly opportunity seekers"

This article from the New York Times will make you feel dirty and depressed, but it's a must-read if you're interested in the mechanics of scamming. One obvious target of reform emerges from the picture painted by this article: the provision in US banking laws that allows unsigned checks.

The thieves would call and pose as government workers or pharmacy employees. They would contend that the Social Security Administration's computers had crashed, or prescription records were incomplete. Payments and pills would be delayed, they warned, unless the older Americans provided their banking information. ... Many people hung up. But Mr. Guthrie and hundreds of others gave the callers whatever they asked. ... "I was afraid if I didn't give her my bank information, I wouldn't have money for my heart medicine," Mr. Guthrie said.

More: http://www.nytimes.com/2007/05/20/business/20tele.html?_r=1&oref=slogin

May 27th, 2007

New feature: spam comments

The scammy-spam archive has been growing in popularity, which is great. As of today it's no longer a read-only service: every spam page now features a comment form where you can post your observations, wisecracks, or hard-won experience. Try it out and let me know how you like it.

More: http://purportal.com/spam/

May 26th, 2007

Phishing in-depth

Here's a report with an extremely in-depth analysis and explanation of how phishing scammers actually operate. The authors operate "honeypot" sites which let them closely observe the mechanics of these operations — which can begin and end in a matter of hours.

Very often Internet users become aware of phishing attacks by receiving spoof emails themselves or viewing a recorded copy of a malicious web site below the headlines on a technology news site, long after the server temporarily hosting the phishing content has been taken down. These events tend to be viewed in isolation and purely from the perspective of the victim. One of the major benefits that honeynet technology can offer is the capability to capture all activity from the perspective of the attacker, allowing security analysts to build up a more complete understanding of the entire life span of a phishing attack. Members of the Honeynet Project's Research Alliance are fortunate enough to have captured a number of rich data sets that can help to illustrate the stages of such an attack, from initial compromise and phishing web site set up through to mass emailing and victim data capture. Three different examples of typical real world phishing techniques are presented and reviewed below.

More: http://www.honeynet.org/papers/phishing/

May 6th, 2007

Malicious AdWords

What's the world coming to when you can't even trust advertisements?

Google Inc. yanked paid advertisements linked to about 20 search terms that online criminals had hijacked to steal banking and other personal information from Web surfers looking for the Better Business Bureau and other sites. It was unclear how many people were affected before the breach was discovered this week, but computer security experts said Thursday that the attack appears to be isolated and targeting only Windows XP users who had not properly updated their machines.

More: http://seattlepi.nwsource.com/business/313354_googleads27.html?source=rss

April 27th, 2007

Your cellphone can't make you sick

At least not like this.

Mobile service providers in Pakistan have been inundated by calls from subscribers worried by a prank message that they could die of a deadly virus being transmitted via their phones.

More: http://www.eweek.com/article2/0,1895,2113891,00.asp?kc=EWWMUEMNL041907EOAD

April 20th, 2007

US State Department infiltrated via Microsoft Word

From the article:

The mysterious State Department e-mail appeared to be legitimate and included a Microsoft Word document with material from a congressional speech related to Asian diplomacy, Reid said. By opening the document, the employee activated hidden software commands establishing what Reid described as backdoor communications with the hackers.

The technique exploited a previously unknown design flaw in Microsoft's Office software, Reid said. State Department officials worked with the Homeland Security Department and even the FBI to urge Microsoft to develop quickly a protective software patch, but the company did not offer the patch until Aug. 8 Ã¢â¬â roughly eight weeks after the break-in.

More: http://news.yahoo.com/s/ap/20070419/ap_on_hi_te/hackers_state_department

April 19th, 2007

The Storm Worm for Windows

Apparently a new email worm, a variant of the Storm Worm last seen in January, is running amok. Suspect subject lines include:

Worm Alert!
Worm Detected
Virus Alert
ATTN!
Trojan Detected!
Worm Activity Detected!
Spyware Detected!
Dream of You
Virus Activity Detected!

An important fact omitted from the CERT reports I link to here: This is a Windows-only issue.

More: http://www.us-cert.gov/current/archive/2007/04/18/archive.html#stormworm2

April 19th, 2007

Home of 1,000 phishes

Today the purportal.com Scammy Spam library received its 1,000th specimen. Each scam or phishing message that arrives at one of the collection addresses is rendered into harmless text form and stored in a database. The spam page displays these, newest first, and offers a simple search box too.

In honor of this milestone I wrote a quick script to count word frequencies. Here are the top 200 (the hundred most common English words were omitted from the count):

account email our please ebay me paypal information bank any address through contact security am money funds us million international prize winning because lottery online claim fund also access numbers dear help after good thank name work sum charity program receive lord message reply decided item member mr claims want here sent winners release click total category only agent america 2006 inform due congratulations batch link years next united dollars below assistance five department policy reference family service following update hundred banking note must lucky system thousand protect company cash soon last transaction should know addresses until sincerely award wish process once ticket payment over late business file details using computer husband avoid possible notification remember names log internet customer need won states result transfer relatives winner members cancer provide user notice limited best dont therefore respond never privacy immediately 2 regards order personal choose yours mrs lotto hope donate c world mail rights processing send full agreement lawyer reserved foreign death country fax verification upon keep ask selected promotion believe kin inc cole new credit before take matter being date always mrsstella manager 2007 ref id ensure under well response verify card private registered days confidential services password trademarks

It's a phisher's magnetic poetry kit! Or a party game where you try to compose your own scammy message using only these 200 words. "Dear Mrs. Transaction: Please email me. Our funds here five million US dollars. Must protect cash. Please help receive! Respond! Sincerely Yours, Mr. Foreign"

More: http://purportal.com/spam/

March 10th, 2007

Money and Cocaine

Yes, there's cocaine in your wallet. But:

As to how much cocaine will be on a contaminated bill, the expert witness in that 1995 court case charted results from as small as a nanogram (one-billionth of a gram) to as much as a milligram (one-thousandth of a gram). The Argonne National Laboratory study revealed that the average contamination was 16 micrograms (which is 16 one-millionths of a gram).

More: http://www.snopes.com/business/money/cocaine.asp

March 5th, 2007

How to steal ATM cards

Short summary: 1) Insert card-grabbing sleeve into ATM slot. 2) Wait for a mark to arrive. 3) Record video of the mark entering their PIN with your cellphone. 4) After frustrated mark leaves, extract card (and cash).

The part I don't get — if the card doesn't actually get read by the machine, the mark won't get prompted to enter his PIN, and thus there's nothing to record in step #3. So perhaps there's more to this scam (and the card grabber) than is described here.

More: http://www.techeblog.com/index.php/tech-gadget/the-real-hustle-atm-card-catcher

February 25th, 2007

Give me ants or give you death

I don't know what's weirder in this story, the fact that this is a scam involving giant ants or the fact that the perpetrator has been sentenced to death.

Death penalty over China ant scam

A Chinese company chairman has been sentenced to death for running a scam involving giant ants. Wang Zhendong promised investors returns of up to 60% if they put money into the fictitious ant-breeding project...

More: http://news.bbc.co.uk/2/hi/asia-pacific/6365123.stm

February 16th, 2007

What do you mean by "foreign", or, targeting stupid Americans

I see these almost every day now:

We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address...

Paypal is an international service. Everywhere is "foreign" from somewhere else. So without more context (which these bogus messages never attempt to offer), this is a meaningless warning. The only explanation I can think of for this tactic is that it (successfully) targets Americans who are both naive and xenophobic. "Look out! Foreigners!" Too bad the money can't go into some kind of education fund.

More: http://purportal.com/spam/search/?text=foreign+ip+address

February 15th, 2007

Canadian coins with tiny tracking devices found

An interesting, if odd, story, with one very dumb quote: "Then there's the obvious problem: what if the coin holder plunks the device into a pop machine?" Has this person been out of the house in the past forty years? No vending machine takes pennies. Maybe that's the secret of the scheme -- put a transmitter inside something that's impossible to get rid of!

I'm a bit worried that this means George Bush will want us to invade Canada next though.

More: http://www.cbc.ca/technology/story/2007/01/10/rfid-defence.html

February 3rd, 2007

Massachusetts Attorney General gets her credit card number stolen

Why doesn't this story end with her sending a SWAT team in on those fools?

More: http://www.boston.com/news/local/massachusetts/articles/2007/01/19/just_seated_ag_nearly_gets_burned_by_fraud/

February 3rd, 2007

Bank sends woman account data of 75,000 customers by accident

Just in case you hear about this one and think, no, that couldn't possibly happen.

She received five packages each containing 500 sheets of 30 customers' names, sort codes and account details.

HBOS apologised and said it was carrying out an investigation. The Information Commissioner's Office (ICO) said it would probe the "negligence".

Ms McLaughlan said: "These packages were just dumped on my doorstep one day and I was really shocked because it was obvious the bank did not have a clue they had left them in my house or their contents.

More: http://news.bbc.co.uk/2/hi/uk_news/scotland/north_east/6310633.stm

February 3rd, 2007

Superbowl site hack might just be the tip of the iceberg

All the affected Miami Dolphins sites (see Alexa traffic data) have now been disinfected but there is evidence that hundreds of other sites have been hijacked and rigged with the malicious JavaScript code. I've confirmed that the one-line code has been planted on an internal page of the U.S. government's Centers for Disease Control and Prevention Health Marketing site.

Props to author Ryan Naraine for specifying that these are Windows exploits, right in his first paragraph.

More: http://blogs.zdnet.com/security/?p=15

February 3rd, 2007

There's no such thing as Google TV

Really.

More: http://www.techcrunch.com/2007/01/28/google-tv-an-elaborate-prank/

January 29th, 2007

eBay shilling: how it's done

An inside look at shill bidding on eBay, in case you wanted to know the gory details:

After being told that he had been talking to an undercover reporter, Paraskevaides denied that he had ever shill bidded on eBay and claimed he was talking about clients who sometimes bid on expensive items if they wished to protect the price.

More: http://www.timesonline.co.uk/newspaper/0,,176-2570050,00.html

January 27th, 2007

A malware glossary

Recently ITsecurity.com released "Top 10 Nastiest Malware Trends". The body of the piece is really not so much a trend report as it is a current glossary of things that bad people are trying to do with your computer without your permission. If you're not clear on the difference between a worm, a virus, and a trojan horse, give it a read.

...Malware, or malicious software ... is growing quickly. McAfee Avert Labs expected in 2006 to have recorded their 225,000th unique computer/ network threat, finding 50,000 threats between Jan and Nov of 2006 alone [2]. The motive for creating malware has been profit or spying in most cases, and as profits from creating malware have grown, paid professionals have begun to make new and ever more dangerous forms.

One editorial note: I don't know how you can write a whole piece like that and only use the name "Windows" twice, and almost parenthetically at that. The whole thing is a screaming case for switching to Linux, FreeBSD, Mac OS X, or Underwood.

More: http://www.itsecurity.com/features/nastiest-malware-trends-011207/

January 23rd, 2007

Ignorance turns out not to be bliss

Another public official duped by Nigerian scammers.

The longtime treasurer of Alcona County, Mich., has been accused in an embezzlement scheme in which he may have served as both perpetrator and victim, sending up to $1.25 million in county funds and his own life savings to con artists after falling for one of the notorious online Nigerian banking frauds.

Sigh.

More: http://www.suntimes.com/news/nation/217474,CST-NWS-scam19.article

January 23rd, 2007

OK, so the Grand Canyon really is millions of years old

_Skeptic_ magazine just admitted they were duped by a publicity stunt (or piece of political theater, depending on your point of view) claiming that religious conservatives had pressured the National Park Service into lying about the age of the Grand Canyon. > [W]e published highlights from a press release issued by PEER (Public Employees for Environmental Responsibility), a Washington D.C.-based environmental watchdog group. ... "Washington, DC -- Grand Canyon National Park is not permitted to give an official estimate of the geologic age of its principal feature, due to pressure from Bush administration appointees" ... Unfortunately, in our eagerness to find additional examples of the inappropriate intrusion of religion in American public life (as if we actually needed more), we accepted this claim by PEER without calling the National Park Service (NPS) or the Grand Canyon National Park (GCNP) to check it. Doesn't sound very skeptical to me!

More: http://www.skeptic.com/eskeptic/07-01-17.html

January 17th, 2007

Yahoo boys

Via this-guy-on-a-podcast's-Nigerian-friend I learned a new term for Nigerian scammers, derived from the throwaway email addresses they use: "Yahoo boys". Excellent. (Beware, if you listen to the linked podcast you'll learn about a lot of stuff unrelated to Nigerian scams, like international currency markets, decentralized systems, and the consensual definition of open source software.

More: http://www.itconversations.com/shows/detail1691.html

January 3rd, 2007

Good reading: Fraudwar

Ed Dickson's "Fraudwar" blog is an excellent, frequently-updated resource covering identity theft and other financial crimes.

More: http://fraudwar.blogspot.com/

January 1st, 2007

Scammy spam archive tops 500 messages

As of this moment there are 511 messages in the scammy spam archive, and rising. Thanks to all the sleazy would-be con-artists who made this possible.

Note: the latest scammy spams (as well as the latest news postings like this one) are now listed on the home page for your convenience.

More: http://purportal.com/spam/

December 23rd, 2006

Not like in the movies

A 28-year-old congressional aide tried to hire hackers to change his college grades. Didn't work out so well for him.

: OK here it is: I need an adjustment to my college GPA. Is this an absurd
: request?

Absurd no, difficult yes. Really depends on the college, security in place, the amount of databases required to truly update, log servers to compromise to remove evidence, type of access required to access the systems (internet? LAN? dialup? carrier pigeon?), and a dozen other things that come into play.

More: http://www.attrition.org/postal/z/033/0871.html

December 23rd, 2006

But at least he's $3 million wiser

Congressman completely, utterly duped by multiple Nigerian scammers, to the tune of $3 million — not all of it his:

Prosecutors say Mezvinsky used his connections to the Clintons and his son's social relationship with Chelsea to persuade people to give him money to participate in the scams.

Mezvinsky traveled to Nigeria numerous times and ultimately lost more than $3 million as a victim of the scammers.

Prosecutors say Mezvinsky fell particularly hard for what is known as the "black money" scam. Victims are told millions of dollars have been coated with black ink so the money could be smuggled out of Nigeria.

More: http://blogs.abcnews.com/theblotter/2006/12/father_of_chels.html

December 12th, 2006

Nigerian scam for dummies

The Joy Of Tech web-comic sums up the Nigerian scam in four panels.

More: http://joyoftech.com/joyoftech/joyimages/898.gif

December 1st, 2006

Worst spelling evar

I still think that spellcheck can make a pretty good phish-detection filter. A recent subject line appearing in the Purportal spambox:

The Bnak of America Billing Deptartment

Even a real bank would lose my business over a subject line like that!

More: http://purportal.com/spam/

November 7th, 2006

The Nigerian scam, AARP style

Oops.

"He said he was from Massachusetts, but [that he] was supervising a construction project in Nigeria," says Smalley, a supermarket cashier in Middlefield, Ohio. Weeks into daily instant messaging, she knew she had lost her heart to Richie. By April she had also lost $2,700 to him.

More: http://www.aarp.org/bulletin/consumer/internet_romance.html

October 25th, 2006

SiteKey can't save you, apparently

The SiteKey system, which many banks and other security-conscious websites rely on to minimize problems from fake-site fraud, has some inherent problems. This is mostly of interest to technical folks; the message for the normal end user is, more or less, don't believe anybody when they tell you they've created a perfectly secure solution!

More: http://bbaadd.com/blog/2006/08/why-sitekey-cant-save-you.html

September 4th, 2006

It's not really from the FBI

In case you are one of the three bazillion people who got one of these bogus messages with a subject line like "You_visit_illegal_websites":

The e-mail appears to be sent from the e-mail addresses of mail@fbi.gov, post@fbi.gov and admin@fbi.gov. There may be other similarly styled addresses. [I've seen variants with @cia.gov addresses too -- ed.] The recipient is enticed to open the zip attachment which contains a variant of the w32/sober virus. If the program within the zip attachment is executed then the virus is launched and may affect the user's computer. The text of the email is as follows:
Dear Sir/Madam,

We have logged your IP-address on more than 30 illegal Websites.

Important: Please answer our questions! The list of questions are attached.

Yours faithfully,
Steven Allison
Federal Bureau of Investigation-FBI-

Not that it will stop the next generation of idiots, but I hope the (real) FBI tracks down the brain surgeons who came up with this and show them what an actual FBI investigation looks like.

More: http://www.fbi.gov/pressrel/pressrel05/emailscheme112205.htm

November 23rd, 2005

When Astronomy Goes Bad

I never really thought of this as a category before, but here it is: The Bad Astronomy website will set you straight on any number of celestial frauds, misconceptions, and hoaxes. So the next time you get an e-mail about a killer cloud of space matter, pay the site a visit. In fact, you might not want to wait, because when that killer cloud arrives you'll have a lot of other stuff to worry about.

More: http://www.badastronomy.com/

November 15th, 2005

eBay, fraud, filtering, and Web 2.0

A rant about eBay's lack of modern, real-time, collaborative user input for flagging fraudulent auctions -- and a business idea.

I'm 99% certain that this is fraud in progress, being worked via a hijacked user account. Maybe they even got access to the account via one of the phishing expeditions I was griping about six weeks ago. A fellow Well member reports seeing 20 other auctions in progress in a different area of eBay which also bear these identical red flags. Clearly somebody's got a little cottage industry going here.

More: http://e-scribe.com/news/128

November 4th, 2005

Is eBay doing all it can to fight phishing?

Here's a freshly posted rant -- some technical things eBay could do to protect more users from phishing scams, and some head-scratching as to why they're not doing them.

More: http://e-scribe.com/news/75

September 23rd, 2005

Fake Photos

OEMagazine has published a very well-written and comprehensive guide to understanding faked and altered digital images. It's makes a useful list of gotchas for photo retouchers, too.

More: http://oemagazine.com/fromTheMagazine/jan05/photofakery.html

August 25th, 2005

Beware of the Zotor

"Zotor" sounds like the villain of a bad science-fiction movie, but actually it's the latest Microsoft Windows worm. It's pretty severe, having crippled several national news organizations in its initial run. Reportedly only Windows 2000 machines are vulnerable.

More: http://www.kb.cert.org/vuls/id/998653

August 16th, 2005

The Rise of the Indian Rope Trick

Magician (and, apparently, book reviewer) Teller has a great review of the new book The Rise of the Indian Rope Trick in this past Sunday's NYT Book Review. Not only does the book sound interesting, but the review has some excellent passages on the relation of Victorian England to colonized, mysterious India.

This idea of genuine magic in a far-off place filled a void in the West. Physics, biology, geology and archaeology were challenging traditional beliefs, especially religion. Hungering for the unexplainable, but eager to consider themselves enlightened, Americans and Englishmen were turning to spiritualism, which promises ''scientific'' evidence of immortality, while providing satisfying shivers in a darkened seance room.

More: http://www.nytimes.com/2005/02/13/books/review/13TELLERL.html?ex=1265950800&en=879db53767dd25c6&ei=5090&partner=rssuserland

February 17th, 2005

Gmail fighting phishing

Google's Gmail service is testing out a new system designed to actively warn users when they are viewing a suspected fraudulent message. The warning appears as a yellow box at the top of the message reading, "Warning: Â This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information." A webmail vendor such as Gmail is in a great position to provide this type of service, since they can respond to new types of attacks almost immediately.

More: http://gmail.com/

October 18th, 2004

Free iPods?

FreeiPods.com is a site that trade merchandise for sales leads; you jump through their hoops by signing up five new people, and they send you an iPod. Its mechanics are explained very nicely by one J. Brock at the link below. It's not a scam, but it is a pyramid scheme. Got it?

More: http://people.bu.edu/jbrock/ipod_analysis.htm

September 28th, 2004

Fighting Spyware

If you use Windows and are online, you are statistically very likely to have one or more spyware programs installed on your computer. Spyware is persistent software that does things ranging from annoying to malicious, depending on the source. I recently came across the comprehensive Spyware Warrior Blog, in which "Suzi" tracks spyware news and tools. If you are afflicted (and remember, you probably are), check it out.

More: http://www.netrn.net/spywareblog/

August 17th, 2004

Citibank tops phishing list

The Anti-Phishing Working Group, "committed to wiping out internet scams and fraud" (we like them already), recently released their "Phishing Attack Trends Report." Among other things, the report lists the most-impersonated sites and institutions. The top 3: Citibank, eBay, and US Bank. The report is available as a PDF.

More: http://www.emarketer.com/Article.aspx?1002975

August 4th, 2004

This week's reason not to use Internet Explorer on Windows

According to internetnews.com:

... a large number of popular Web sites were compromised earlier this week to distribute malicious code that targets a known bug in Microsoft Internet Explorer.... If a user visited an infected site, the JavaScript delivered by the site would instruct the user's browser to download an executable from a Russian Web site and install it ... "These Trojan horse programs include keystroke loggers, proxy servers and other back doors providing full access to the infected system." ... [Experts believe] the attack is the work of a sophisticated international spam ring.

Microsoft also has posted a page about the vulnerability. They don't list the best defense for users though -- ditch Internet Explorer! Consider Mozilla or Firefox as replacements.

More: http://www.microsoft.com/security/incident/download_ject.mspx

June 25th, 2004

Pundit beware

Internet privacy pundit Lauren Weinstein tells the tale of how he nearly ended up in the hot seat on Comedy Central's fake debate show, "Crossballs." I wonders who they found to sit in for him?

More: http://neon.vortex.com/debate-fraud.html

June 24th, 2004

The Library of Larceny

According to a review in USA Today, Broadway Books has started a new imprint dealing with memoirs of crime and deception. The first three books in the series:

Where the Money Was: The Memoirs of a Bank Robber
McGoorty: A Pool Room Hustler
Ponzi: The Incredible True Story of the King of Financial Cons

I've read the first one, with much the same reaction as the reviewer; the second sounds too grim; the book on Ponzi, though, that's now on my reading list for sure.

More: http://www.usatoday.com/money/books/reviews/2004-06-20-2004-06-21-larceny_x.htm

June 23rd, 2004

Macintosh web browser security hole: real

For the last three years, Apple's OS X has been a very secure environment in this world of constantly mutating Windows/Outlook worms. But this week there is news of a new vulnerability that is quite serious, though not hard to fix. See the link below for more information and fixit instructions.

More: http://saladwithsteve.com/osx/2004/05/well-this-is-historic-if-bothersome.html

May 18th, 2004

"For you all is lawful"

Somehow I doubt that...

Date: Fri, 14 May 2004 21:30:22 -0700 (PDT)
To: undisclosed-recipients:;
Subject: Offer

I suggest you to become my partner.

2 ways to earn:
1st way is I transfer money into your account, and then you send it back to
me through WU making 15-30%.
2nd way is that I take money from your account and claim it stolen and
bank repays the amount, I send 50%-60% back to you. This can only work once
though.

Or you may to find people for 1st and 2nd ways.

In any case you become a victim of fraud. For you all is lawful.

May 17th, 2004

Phishing list

A handy database of "phishing" scams -- e.g. email that pretends to be Citibank customer service asking for your card number and PIN, or Paypal customer service asking you to change your password -- is available at antiphishing.org. Sometimes it's hard to tell at a glance whether messages like this are real; this centralized resource makes it a bit easier.

More: http://www.antiphishing.org/phishing_archive.htm

April 25th, 2004

Automatically stopping scams

Internet service provider Earthlink has now joined eBay and others in offering a web browser toolbar that can detect some fraudulent websites. Very little has been done with browser security since the adoption of basic secure connections (and the ubiquitous padlock icon) in the mid-'90s, and given the proliferation of scams in recent years this is overdue. It will be interesting to see whether the providers of these identification tools abuse their power; i.e. if PayPal produced such a toolbar, would a user visiting PayPal competitor ikobo.com receive a "everything's OK" message, or would they be encouraged to go to PayPal's site for money transfer "just to be safe"?

More: http://www.computerbusinessreview.com/todaysnews/a3525b218b412b9c80256e770032e055

April 15th, 2004

Area Man Duped

Wired news has an item today about newspaper editors, television reporters, and law enforcement officials who have taken "facts" from satirical stories published by The Onion -- and passed them on as truth.

More: http://www.wired.com/news/print/0,1294,63048,00.html

April 14th, 2004

Fixes for that Mac virus that doesn't quite exist

Recently, Macintosh-oriented news sites were in a tizzy over an announcement by a virus software company saying that they had found a new and dangerous Macintosh virus that resides in MP3 files. It turns out to be more of a, shall we say, theoretical threat. Nonetheless, the web site MacFixIt offered some excellent advice and links to software to help neutralize such an exploit.

More: http://www.macfixit.com/article.php?story=20040412074638849

April 12th, 2004

Free Energy

Today I came across a wonderfully comprehensive history of perpetual motion schemes and free energy machines. Look here before you invest in that offer from Overunity Magic Electric Motor Corporation!

More: http://www.phact.org/e/dennis4.html

April 9th, 2004

Google: Fact vs. Fiction

Somehow, a rumor got started that Google's new GMail service is an April Fool's Day prank. While we're still waiting to hear back from the company with definitive word, we're quite confident that it's not, despite the unfortunate press release date of April 1. The "lunar hosting and research center", on the other hand...

Followup: see this Reuters story for confirmation.

April 1st, 2004

Phishing, Gone

Good news today:

The U.S. government said on Monday it had arrested a Texas man who crafted fake e-mail messages to trick hundreds of Internet users into providing credit card numbers and other sensitive information. Zachary Hill of Houston pleaded guilty to charges related to a "phishing" operation, in which he sent false emails purportedly from online businesses to collect sensitive personal information from consumers, the Federal Trade Commission said. According to the FTC, Hill sent out official-looking e-mail notices warning America Online and Paypal users to update their accounts to avoid cancellation. Those who clicked on a link in the message were directed to a Web site Hill set up that asked for Social Security numbers, mothers' maiden names, bank account numbers and other sensitive information, the FTC said.

More: http://reuters.com/newsArticle.jhtml?type=topNews&storyID=4624987

March 22nd, 2004

eBay's anti-fraud vigilantes

Interesting story in the New York Times today about individual anti-fraud crusaders on eBay. They bid up fraudulent listings until they are out of reach of possible victims, email people who have bid on suspicious items, and track down Romanian swindlers. But eBay apparently doesn't like this trend very much. Their opposition to vigilante action is understandable, but given the magnitude of the problem it is silly of them to reject volulnteer help. Instead, they should channel it -- perhaps by adding a Craig's List style "flagging" mechanism, where individuals could easily report suspicious transactions.

More: http://www.nytimes.com/2004/03/20/technology/20EBAY.html?ex=1395118800&en=c98630a69f2d6655&ei=5007&partner=PURPORTAL

March 20th, 2004

New Russian twist on advance fee fraud

This is a novel twist on the classic advance fee fraud scheme, in that their story is about working (software development), not stealing (dodgy Nigerian government contracts, embezzlement, diamond smuggling). It's also interesting that they are posing as software outsourcers. Since one of the angles of this type of scam is tempting you to try scamming the scammer, perhaps they are counting on getting an angry, out-of-work American programmer (who perhaps just lost his job to Russian outsourcing) to try exacting revenge by saying yes and then keeping all the money? Food for thought. Anyway, the message we received this morning reads, in part:

Our company sells the computer technologies and software developments for it. We work with clients in different countries of the Europe and in the United States of America. Our clients reckons with us through PayPal. However, the administration of PayPal does not co-operate with Russia, so we cannot open account in PayPal. We offer you to cash money from our clients through PayPal, transmit to us their through Western Union system, and take your percent.

March 19th, 2004

BMW/MINI robot hoax

Did you know that if enough people link to a website with a specific term, like, say phony robot or marketing hoax or viral marketing ploy, that the page in question will actually start showing up in Google searches for that term? Not that it matters in this case, since the phony robot page created to market the BMW/MINI brand to technophiles was no doubt designed to have a short shelf life, but one can dream...

More: http://slashdot.org/articles/04/03/09/222227.shtml?tid=159&tid=186

March 16th, 2004

This one's real: New Microsoft Office XP and Outlook 2002 vulnerability

Since real security warnings sometimes quickly mutate into bogus or confusing ones, here's some pre-emptive information: on Tuesday, Microsoft announced a "critical" security update to Office XP and Outlook 2002. If you use either of those products, visit the page below right away. No word as to whether there are any exploits of this hole yet. Microsoft notes: "To exploit this vulnerability, an attacker would have to host a malicious Web site that contained a Web page designed to exploit the vulnerability and then persuade a user to view the Web page..." I suspect we'll see someone trying this sooner than you can say "please update your credit card information."

More: http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx

March 11th, 2004

Market manipulation, Yahoo Groups style

Bruce caught this news story from yesterday about a man fined $25,000 for posting a fake news report intended to cause a stock's price to drop. Naturally, the man had placed a "short" order on the stock, so that the lower it went the richer he would be. Unfortunately, his $350 profit (less commissions and interest) won't make much of a dent in that $25K penalty. The report notes that the stock dropped 3% "on the posting," and that's a lot of influence for one hoaxster to have over a stock with a nearly $2 billion market cap. Whether that drop was directly related to the posting, and not just part of the stock's longer-term brownian motion might be debatable, but nonetheless it's good news that Mr. Safavi got caught.

More: http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8143917.htm

March 10th, 2004

Dear Abby Fooled Again

This is a prank that Bart Simpson himself would envy: getting a fake letter published (nearly) in Dear Abby.

After the letter raised the suspicions of the newspaper editor, Universal Press Syndicate did some research and discovered that Gene seemed a lot like Homer Simpson's thoughtless character in an episode titled "Life on the Fast Lane."

The plot outline of the episode is a plausible middle-American scenario, though, so it's not really surprising that Dear Abby writer Jeanne Phililips wrote a sincere response. Maybe the lesson here is not that "Abby" doesn't know what's real -- it's that the writers of the Simpsons do.

More: http://customwire.ap.org/dynamic/stories/D/DEAR_ABBY_SIMPSONS?SITE=MIDTN&SECTION=ENTERTAINMENT&TEMPLATE=DEFAULT

March 9th, 2004

Another crafty eBay spoof: "RE: Question for seller..."

A couple specimens like this have arrived in the last 24 hours:

From:   uaunwprc-xrqa@usa.net
Subject: RE: Question for seller -- Item #298507618
Date: March 5, 2004 5:49:38 AM EST

Hi, please add another $14 for shipping to Minnesota. 
uaunwprc-xrqa@usa.net wrote: 
Hello, what is the shipping cost to Newfoundland? 

-------------------- 

Question from: gjdicue 
Title of item: 5 Motorola 3 watt Bag PhonesÂ  
Seller: uepredr 
Starts: Jan-29-03 19:51:23 PDT 
Ends: Feb-05-03 19:51:23 PDT 
Price: Starts at $92.15 
To view the item, go to: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=649476997 

Visit eBay, The World's Online Marketplace TM at 
http://www.ebay.com 
Do you Yahoo!? 
Yahoo! SitedBuilder - Free, easy-to-use web site desdign software

There are some obvious tip-offs here:

No reference your account or address in the message body (those addresses are randomly generated)
Odd disconnect between the alleged question and the answer (Newfoundland, that's in Minnesota, right?)
The item number in the subject line doesn't match the item number in the link
Typos in the last line

If we view the source of the message, the link doesn't go to eBay at all of course, but to an address that belongs to a broadband provider in Missouri -- eiither the scammer's computer or, more likely, a hijacked machine. Click on the link and you are treated to a phony "Invalid Item" page as your browser downloads an encoded script file that we are quite sure is up to no good. Ebay has a good page about how to spot spoof mails, but as of today this one is not in their rogue gallery.

More: http://pages.ebay.com/education/spooftutorial/index.html

March 5th, 2004

If my e-mail account is disabled, how did you send me that message?

Another e-mail scam which tries to scare you into clicking on an attachment is making the rounds. It looks like this:

From: management@example.com
To: you@example.com
Subject: E-mail account security warning.

Dear  user of example.com,

Your e-mail account has been temporary disabled because of  unauthorized access.

Please,  read the attach for  further details.

For security  reasons  attached file is password protected. The  password is "28571".

Cheers,
The example.com team                               http://www.example.com

March 2nd, 2004

eBay "Account Guard"

"As part of eBay's ongoing effort to combat spoof (fake) Web sites, we have developed a new feature for the eBay Toolbar that enables members that use the Internet Explorer web browser to protect their account information by warning when they are on a potentially fraudulent Web site. We call this new feature Account Guard."

What this means is that, if you install eBay's toolbar (you need to be using Internet Explorer and Windows), it will alert you if it thinks you are visiting a spoofed eBay or Paypal page. It also gives you a handy way to report the fakery.

More: http://pages.ebay.com/help/announcement/4.html

February 23rd, 2004

New news page version for handheld devices

Purportal news: we're testing out a lightweight version of the news page especially for handheld devices -- Palms, PocketPCs and so on. Check it out and share your thoughts!

More: http://purportal.com/handheld/

February 18th, 2004

Beware of Doomjuice and Deadhat

To judge by the names alone, they sound like pieces of equipment that Harry Potter might pick up on Diagon Alley... Virus experts are reporting the existence of two new viruses, Doomjuice and Deadhat, that are specifically designed to target computers infected by chartbuster MyDoom. The latest variant of MyDoom is reportedly set to propagate itself until March 1st. So if it got you once, update your virus software to make sure it doesn't get you again!

More: http://news.com.com/2102-7349_3-5156105.html?tag=st.util.print

February 10th, 2004

How not to get rich quick

From the oldie-but-goodie file comes this 1999 piece by investigative humorist Harmon Leon, in which he tries out several get-rich-quick opportunites. "Perhaps youâve had similar thoughts. Perhaps youâve even gone so far as to cut out one of those ads or jot down a phone number. Most likely your dignity stopped you from actually going the distance. Thatâs why Iâm here. I have very little dignity."

More: http://www.maximonline.com/grit/articles/article_312.html

February 10th, 2004

Biggest Nigerian scam ever goes to trial

AllAfrica.com reports today that five Nigerians are on trial for defrauding a Brazilian bank of $242 million. The prosecution charges that between 1995 and 1998 the defendants persuaded a bank employee at Banco Noroeste to transfer huge sums of money, purportedly for the construction of a new airport, in exchange for the promise of $13 million commission. The defendants have pled not guilty to eighty-six counts of of fraud. The article notes that this case has "also triggered trials in Britain, Switzerland, Brazil and the United States." One of the defendants apparently used to be an executive at the second largest bank in Nigeria. Prosecutors are saying this is the single largest advance fee fraud scam ever. Or at least the largest one they've discovered...

More: http://allafrica.com/stories/200402060528.html

February 6th, 2004

Best eBay scam ever AAAA+++++

Actually, no, it's just another copycat "phishing" attempt that tries to get you to plug in lots of personal and financial data. The text goes like this:

t has come to our attention that your eBay billing updates are out of order. If you could please take 5-10 minutes out of your online experience and update your billing records you will not run into any future problems with the online service. However, failure to update your records will result in account termination. Once you have updated your account records your eBay session will not be interrupted and will continue as normal. Failure to update will result in cancellation of service, Terms of Service (TOS) violations or future billing problems. To update your eBay records click here...

(You may be wondering why I include text from these things. I post these snippets so that curious people performing text searches on suspicious emails will come across the warnings posted here. The records of search engine referrals in the server logs tell me this is worthwhile.)

More: http://pages.ebay.com/help/confidence/spoof-email.html

February 3rd, 2004

New eBay spoof e-mail

Just received a new eBay spoof mail:

Dear eBay user,
during our regular update and verification of the accounts, your eBay account
appear as inactive. If you want to re-activate your account, you can do it by signing in below :

http://signin.ebay.com/aw-cgi/eBayISAPI.dll?SignIn

***Please Do Not Reply To This E-Mail As You Will Not Receive A Response***

Thank you, 
Stacey Cohen 
eBay Billing Department Team
...

Don't do it! The link is a fake (the actual HTML of the e-mail takes you to a non-ebay server). Somebody's collecting eBay passwords, either for low-grade identity theft or possibly PayPal hacking.

More: http://pages.ebay.com/help/confidence/spoof-email.html

February 1st, 2004

Finger MyDoom authors for $250,000

As foretold by the readers of computer virus entrails, the SCO website was attacked today by the MyDoom worm and taken offline. Microsoft is apparently next on the hit list, due to be targeted on February 6th. Hence the $250K reward Microsoft is offering for information leading to the arrest and conviction of the perps.

More: http://www.pcworld.com/news/article/0,aid,114530,00.asp

February 1st, 2004

Pen pals

Recently, my friend Bruce Umbaugh sent along an interesting variant on the "Nigerian" scam that ran as follows:

...I am a financial consultant based in South Africa. I have a client (a widow) she has USDM250, 000,000 With a private equity investment trust company for Safe keeping only, She wishes to invest in a stable Economy. Her interest is in companies with potentials for Rapid growth in long terms. My client is also interested In placing part of her fund in your company, If your country's bi-laws allows foreign investment...

The message was allegedly from South Africa. I sent the following "reply":

Mr. Mbeki,
Your message was passed on to me by an esteemed colleague.
My country's bi-laws are currently on hold as the gay-laws are debated, and I am not really in the business of investment advising -- my specialty is more like research -- but I am still curious about the details of your proposal.
with interest,
Paul

Many people have wondered what kind of replies one gets from these operators. Here's what I got (three times -- they're persistent!):

Dear Paul, Â Thanks for your quick response to our e-mail. I appreciate your interest and your capacity to invest my clientâs money. We intend to open communication with you so that we can proceed immediately on the business.Â In consultation with my client on your interest in investing her money in your project. After I had explained to her that you are very capable of handling this transaction she agreed to work with you.Â Â Â The procedures are for you to endorse a draft agreement where our intended compensation and conditionality are stated.Â On the receipt of the endorsed draft agreement, we shall commence negotiations with the Security Bank on how the movement is to be effected.Â Â Â We shall pay all local charges over here, and we expect you to handles your side perfectly well to fruition. Â The funds are currently deposited in a security bank in my country. The security bank has an affiliate diplomatic courier service company. This courier company has diplomatic immunity pass in Europe, they will help us to move the consignment containing the fund from our country to their office in Europe. Â Â I shall send to you a draft of our agreement for you to review and sign, once you sign the said agreement the consignment will be registered into your name as the beneficial owner. Upon all modalities being agreed, the consignment will be shipped to Europe. You will be required to proceed to Europe and claim the funds for onward investment as agreed. Â Â You should be aware that our line of business demands absolute confidentiality therefore let that be our key to success. My phone number is: +8821646652052. Also forward your phone number to enable me call you for more discussion. Awaiting your quick response to enable us send Draft Agreement. Regards. Â Dr.Sam Mbeki. Â Note: Do forward your full profile with phone number andÂ Identification. Call me immediately you receive this message for a detailed discussion.

That's as far as it will go, though, because I will never be as brilliant or energetic at stringing these folks along as the scamorama crew. Visit their site for some hilarious examples.

More: http://scamorama.com/

January 31st, 2004

"MyDoom" is revenge-ware

A Windows-based email worm known as "MyDoom," which started propagating aggressively yesterday (details here), turns out to have been crafted specifically to carry out a concentrated attack on the web servers of a certain software company starting February 1. As a news.com article explains, "The SCO Group has incurred the wrath of the Linux community for its claims that important pieces of the open-source operating system are covered by SCO's Unix copyrights." Perhaps the authors of this virus thought it clever that their little creation demonstrates security problems with the Windows operating system at the same time it prepares to put the screws to the evil SCO. But it's likely that the worm will be largely defused by February 1, meaning that its primary effect will have been to inconvenience innocent email users.

More: http://news.com.com/2100-7349_3-5147605.html?tag=nefd_lede

January 27th, 2004

Citibank "phishing" scams

Every week, new variants of this scam are seen, but what they all have in common is that they want you to think you are giving critical financial information to Citibank (or another trusted institution) when in fact you are giving it to a scammer. The messages usually read like this:

This email was sent by the Citibank server to verify your E-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it.

Lies! All lies! Citibank maintains an information page to help customers identify and report these scams.

More: http://citibank.com/domain/spoof/report_abuse.htm?BVE=http://web.da-us.citibank.com&BVP=/cgi-bin/citifi/scripts/&M=S&US&_u=visitor

January 26th, 2004

Sned me al yur mony

Monday we saw a high-volume email scam that attempted to harvest account numbers from Citibank customers. Unfortunately for the scammers, it seems to have been a wretched failure on two counts. Not only was their site shut down by mid-day; the next day they got mocked in the New York Post for their poor English:

They're getting more sophisticated but they still have problems with grammar," said Citigroup spokesman Mark Rodgers.

More: http://www.nypost.com/business/15551.htm

January 15th, 2004

1984 Revisited

Twenty years ago Apple computer ran a superbowl ad (directed by Ridley Scott of Blade Runner fame) called "1984"; this week at the MacWorld conference Apple CEO Steve Jobs replayed the ad, but sharp eyes noticed a difference -- the commercial's heroine was now wearing an iPod music player! There has been some debate over whether it was only the iPod that was added digitally, or whether a new iPod-wearing actress duplicated the original performance. We have investigated this pressing question here at Purportal Labs and determined (to our own satisfaction anyway) that it's the former. A screen shot, linked below, illustrates this nicely (though the aspect ratio of our copy of the original movie is somewhat distorted).

More: http://purportal.com/img/content/1984-before-and-after.jpg

January 7th, 2004

Ripe for mutation

A new Microsoft Windows-based e-mail worm is circulating in Malaysia. With alarmist words about "at least 5 planned acts of terrorism," it tries to trick recipients into clicking on a link which then installs three small malicious programs on the user's hard drive. Given US citizens' sensitivity to rumors of terrorism, it seems likely that an altered version of this worm will show up stateside sometime soon. If not, great. But if it does... don't click!

More: http://www.mycert.mimos.my/advisory/MA-061.122003.html

December 31st, 2003

The next Nigerian scam

A story from Allafrica.com details the millions of dollars in bribes that were passed around to influence the awarding of contracts in a national ID card system. Which means that, if (scam) art continues to imitate life, you should see something like this in your inbox soon: Dear Sir, You will be surprised to be receiving this letter as we have not had contact before. I am personal barrister to Alhaji Hussaini Akwanga, recently deposed Nigerian labour minister. Through bribes and padded contracts my client amassed the sum of $214 million, which he now needs to transfer to a trustworthy foreign partner...

More: http://allafrica.com/stories/200312310417.html

December 31st, 2003

Growth industry: fake escrow services

It works like this: 1) innocent individual (aka 'sucker', 'mark') finds an item online at a great price, perhaps winning it in an eBay auction. 2) Seller instructs buyer to use a particular escrow site for the transfer of payment. 3) The mark logs on to the site, provides their financial information, and transfers their money to the (fake) escrow service. 4) Scammer goes shopping!

These sites are generally quite short-lived, because they get shut down rapidly when the complaints start pouring in, but they are also extremely profitable, so don't expect this trend to disappear soon. Here's one that doesn't seem to have been busted yet, but I expect they will be off the air within 48 hours.

More: http://msnbc.msn.com/id/3078510/

December 22nd, 2003

2003: The Year in Spam

Anti-spam service provider Brightmail has released their year-end wrap-up report. A few years ago, spam was mostly straightforward (if annoying) commercial pitches. But each year there is a greater and greater proportion of outright fraud. "Brand spoofing," Nigerian-style scams, viruses and trojan horses, phony return addresses, obfuscated URLs -- all these are now familiar gambits to most e-mail users.

More: http://brightmail.com/pressreleases/121803_spam_2003.html

December 19th, 2003

Online financial scam dissection

Securityfocus.com has an excellent, detailed article explaining the gory details of a credit-card harvesting scam. Parts of it are quite technical, but even if you just skim it to look at the screenshots it should provide food for thought. These scams are getting more sophisticated all the time. For instance, this one actually loaded a real Citibank web page behind its fraudulent card-harvesting pop-up window. Brazen.

More: http://www.securityfocus.com/infocus/1745

December 16th, 2003

Old-fashioned ALL CAPS Nigerian scamming

In the inbox today: old-school all-caps stylings applied to a a new (to us) twist: our "payment" is available, it needs only to be "released."

DEAR SIR, AUTOMATIC STOP ORDER ON THE RELEASE OF YOUR OUTSTANDING CONTRACT PAYMENT THIS IS TO FORMERLY INFORM YOU THAT I JUSTICE MUSTAPHA AKANBI, CHIARMAN INDEPENDENT CORRUPT PRACTICES COMMISSION IS THE PERSON WHO IS MAKING IT PRACTICALLY IMPOSSIBLE FOR YOU TO RECEIVE YOUR PAYMENT FROM THE NIGERIAN GOVERNMENT AFTER CONCLUDING YOUR CONTRACT SATISFACTORILY. THE REAL CAUSE OF IT, IS BECAUSE SOME TIME IN THE PAST YOUR SO CALLED LOCAL REPRESENTATIVES CAME TO MY OFFICE TO SOLICITE FOR MY HELP IN ORDER TO FINALIZE YOUR CONTRACT PAYMENT, WHICH I DID WITH THE AGREEMENT THAT THEY WILL PAY ME MY SERVICE CHARGE AFTER HELPING THEM, BUT DO YOU KNOW WHAT HAPPEN AT LAST,THIS YOUR AGENTS REFUSED VEHEMENTLY TO PAY ME MY SERVICE CHARGE WHICH NECESISTATE ME TO PLACED AN AUTOMATIC STOP ORDER PENDING WHEN YOU WILL CONTACT ME FOR YOUR PAYMENT BE YOU ADVISE THAT BASE ON MY POSITION IN GOVERNMENT OF NIGERIA TODAY I HAVE THE WHEREWITHAL AND PRESIDENTIAL FIAT/POWER TO RELEASE OR NOT TO RELEASE EVERY PAYMENT

At this point you are supposed to think, "Hm, well, we know it's not really our payment, but they don't seem to know that..." It's a fishing expedition for people who think they can scam the scammer -- a dangerous game.

December 10th, 2003

Pump and Dump

Have you ever wondered why you get spam urging you to buy a stock you never heard of, RIGHT NOW? No, they're not just trying to be helpful. Here's what your friends at the US Securities and Exchange Commission have to say about it:

Often the promoters will claim to have "inside" information about an impending development or to use an "infallible" combination of economic and stock market data to pick stocks. In reality, they may be company insiders or paid promoters who stand to gain by selling their shares after the stock price is "pumped" up by the buying frenzy they create. Once these fraudsters "dump" their shares and stop hyping the stock, the price typically falls, and investors lose their money.

More: http://www.sec.gov/answers/pumpdump.htm

December 3rd, 2003

Not-So-Free Agent

Teresa Nielsen Hayden relates the bizarre story of a phony literary agent who:

has promoted a nonexistent writersâ conference in South Carolina, which she then cancelled without sending anyone their promised refunds on memberships theyâd bought; faked her own death, masquerading as her own assistant and possibly as her own daughter as well; shut down her operation in North Myrtle Beach SC, and decamped to Canada; while operating under the name âElizabeth von Hullessemâ, fraudulently promoted and sold memberships in anonexistent literary conference in Banff (trading on the reputation of the prestigiousBanff-Calgary Wordfest), plus an equally nonexistent charity concert in Banff to benefit autism; and vanished from Banff with tens of thousands of dollars in convention fees.... The happy ending to this story is that she has now been tracked down and arrested by the Royal Canadian Mounted Police.

More: http://nielsenhayden.com/makinglight/archives/004041.html

November 19th, 2003

Yet another reason to fear mailworms

A recent news.com.com.com story offers a real-world example of distributed denial-of-service (DDoS) attacks. They describe how mail-worms (e.g. SoBig, etc.) can be used to install "zombie" software on affected computers; later, that software can be remotely coordinated in a DDoS attack against any site that the party controlling the zombie software wishes to target. In classic gangster fashion they seem to be targeting online casinos. (Wait, aren't the gangsters supposed to own the casinos?)

Online casinos appear to be a favorite target as they do brisk business and many are located in the Caribbean where investigators are poorly equipped to tackle such investigations. In 2001, cyberforensics expert Neil Barrett told Reuters that his firm Information Risk Management was working with Internet casinos to shore up their defenses against a spate of DDoS attacks. At the time, he said the denial-of-service barrages were followed by demands to pay up or the attacks would continue. He said the attacks appear to have come from organized criminal groups in Eastern Europe and Russia. Police said because of a lack of information from victimized companies, they are unsure whether these are isolated incidents or the start of a new crime wave.

More: http://news.com.com/2100-7348_3-5106171.html?tag=st_lh

November 12th, 2003

More Phony Lotto

A version of the "international lotto" scam with no specific country of origin named just arrived in my inbox.

Trustline International lottery Agency Ref. Number: 132/756/4534 Batch number: 638901527-AMB/02 Sir/ Madam, We are pleased to inform you of the lottery result winners International programmes held on 12th October 2003. Your e-mail address was attached to ticket number 278511465896-6452 with your serial number 3772-554 drew you a lucky number 3-14-18-23-31-45 which consequently won in the first category, you are therefore been approved for lump sum pay out of US$ 1,000,000 (One million United states Dollars)...

Don't these people have any imagination? They don't even change the ticket numbers...

More: http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=278511465896-6452&btnG=Google+Search

November 10th, 2003

New Windows Worm: "don't be late!"

Just a couple days old, this one is circulating itself fairly aggressively. So just hit delete if you get any messages like this:

Will meet tonight as we agreed, because on Wednesday I don't think I'll make it, so don't be late. And yes, by the way here is the file you asked for. It's all written there. See you.

More: http://www.symantec.com/avcenter/venc/data/w32.mimail.e@mm.html

November 4th, 2003

That's a Lotto Errors In One Sentence

Received another phony "Netherlands Lotto" notice today. The scam industry is desperate for good copy-editors -- apply now! Consider this sentence:

Please be informed that NON RESIDENCE [that would be "non-residents"] of THE NETHERLANDS [terribly awkward construction; by the way,do you hear someone yelling?] will be required to make a NON DEDUCTABLE [that's "non-deductible," and I think they mean "non-refundable" anyway, not to mention the continued yelling] advance payment of [that is, "for"] processment ["processing" perhaps?] and legal documentation charges of 700.00 Euros to enable our legal department [to] acquire Naturalization [quaint Germanic capitalization] papers from the Court prior to award payment policy [Prior to policy? What? Speak sense, man!] as required by the paying Financial Securiry [known as "security" outside the Netherlands] Company.

As soon as those corrections get made I'll be sending my 700-euro check straightaway!

More: http://www.bartleby.com/141/

November 3rd, 2003

Advance-free fraud sampler

This gambit, sometimes referred to as "the Nigerian scam," or "419 scam" (after the relevant section of Nigerian criminal code) is properly known as "advance free fraud." And it's not just for Nigerians anymore. A sample from our slush pile:

Dear Friend. As you read this, I don't want you to feel sorry for me, because, I believe everyone will die someday. My name is Adams Abu a merchant in Dubai, in the U.A.E.I have been diagnosed with Esophageal cancer . It has defiled all forms of medical treatment, and right now I have only about a few months to live, according to medical experts. I have not particularly lived my life so well, as I never really cared for anyone(not even myself)but my business. Though I am very rich...

You can see where that one is going. Quite a long-winded fellow. This one is more traditional:

I am Hope Daniels Esq., a Senior Advocate of Nigeria. I am the personal attorney to Mr. Harold , a national of your country, who used to work with Shell Development Company in Nigeria. ... I have contacted you to assist in repartrating the fund valued at US$16 million left behind by my client.

This next one involves less money, a paltry $10 million, but does allege to give you the opportunity to rip off the farmers of Swaziland -- a strategy designed to screen out people with morals, perhaps:

... I am Michael Stevens Junior, the son of Mr Williams Anderson. Who was murdered few months ago in Zimbabwe, as a result of land dispute? Before the death of my father (Mr Anderson), he had taken me to Amsterdam and deposit the sum of Ten Million United States dollars (US$10,000,000) in a security company, as he foresaw the looming danger in Zimbabwe. The money in question was deposited in a box as Gemstones to avoid much demurrage from the security company. The proposed amount was meant for the purchase of new machines and chemicals for the farms and establishment of new farms on Swaziland.

But wait, it looks like the farmers are in on it as well!

I am the first son of a late rich black farmer from Zimbabwe. My late father, Mr. Marcus Tekere was murdered as a result of his opposition to the much heralded politically motivated land dispute between white farmers and the Zimbabwean government headed by the much dreaded President Robert Mugabe. As led by my instinct, I decided to contact you through the usefulness of the internet via e-mail as it is the only means I can contact somebody since I am cutting off ties with Zimbabwe for security and safety reasons. However, I apologize if this is not acceptable to you. The purpose of this letter like I did mention above is to seek your most needed assistance in a business venture as a partner in receiving the deposited consignment containing US$18.5 million made by my late father...

This next one is great for Americans who are embittered at not having been able to get in on the ground floor of a great scam like Enron. Here's your chance!

1. The expansion of the pipelines network within for a crude down stream products distribution and subsequent evacuation which cost Eight Hundred Million United States Dollars. 2. Contract for the Turn Around Maintenance (TAM) of the various refineries in the country One Hundred and Fifteen Million United States Dollars. 3. The construction of storage tanks for Petroleum Products (Depots) One Hundred and Sixty Million United States Dollars. The original value of these contracts were deliberately over invoiced in the sum Sixteen Million, Four Hundred Thousand United States Dollars which has now been approved and is now ready to be transferred, being that the companies that actually executed these contracts had been fully paid when the projects were officially commissioned. It does not matter whether your company did the contract or not, the assumption is that your company won the major contract and sub-contracted it out to other companies...

Now one from the Cote D'Ivoire! Lovely!

The source of this fund is as follows: During the last regime here of General Robert Guei in Cote D Ivoire some government official's set up companies and awarded themselves contracts which were grossly over Invoiced in various ministries. The government set up a contract review panel and we have Identified a lot of inflated contracts funds which are presently Deposited in a BANK here in Abidjan,Cote D Ivoire .

And finally, an entry in the Gullible American Sweepstakes from the Philippines. It also involves unnamed locations in Europe and Asia as well... a veritable James Bond movie of a scam!

Dear Friend, How are you and your family? I hope fine, I got your e-mail address during my search for reliable and trust worthy persons or companies to transact business whit. I write in request for your assistance with the clearance of my husband's consignments (fund) in a Finance company in Europe. My name is Louica Estrada, the wife of Joseph Ejercito Estrada, the former president of Philippines. My husband had problem with some members of his cabinet while he was still in the office. This problem made him to be impeached from the office and later put in detention, while myself was restricted and monitored. Since my husband was in detention, all the money that he saved in the banks here and Asian countries have all been confiscated by the Philippines government. My children right now are suffering that one cannot believe that they were once the children of a president. Before my husband was impeached from the office, he deposited some money in a Finance company ($35 million united states dollars) he enclosed this fund in two trunk boxes and declared the content of those boxes as exotic jewelries to the Finance company for security reasons.

October 29th, 2003

Dork Profits

A couple of these have rolled in this week:

Dear customer,
Recently we have received an order made by using your personal credit card information.
This order was made online at our official http://DarkProfits.com or http://DarkProfitsnet website. Our Fraud Department has some suspicions regarding this order and we need you to visit a special Fraud Department page at our web store where you can confirm or decline this transaction by providing us with the correct information.
But, if you have never visited our site or made a purchase, you can decline any charges from you credit card, by entering your personal info below. Or, if you feel this method of verification insecure - please visit our highly secure site http://darkprofits.com or http://darkprofits.net

This is a twisted little combination job apparently serving two totally different purposes. First, it appears (see link below) that the darkprofits.com/net site has nothing to do with the spam, but are instead being targeted by a third party who is disgruntled with them. We have seen evidence of this in earlier spam campaigns and find it plausible. But then, the spammer also includes a handy form for submitting credit card information right from the e-mail! Defaming enemies and flimflamming the innocent in one step!

More: http://darkprofits.com/spam.html

October 23rd, 2003

Statement from Authorize.net

Authorize.net (a large credit-card transaction processing company) has shared with us this official statement about recent scams that claim to be affiliated with them:

Authorize.Net is aware of an email campaign scam requesting that the recipient provide confidential personal and financial account information. The email is being sent from asnofraud@authorize.net and claims that there was a global technical failure and that the recipient should provide full credit card information in order to avoid having their card "frozen in 10 days". This is an Internet scam designed to steal personal and financial account information. SUCH EMAIL AND ASSOCIATED WEBSITE (WWW.IDPROCESS.COM) IS IN NO WAY ASSOCIATED WITH AUTHORIZE.NET AND AUTHORIZE.NET DID NOT SEND OUT THIS EMAIL OR REQUEST SUCH INFORMATION. Authorize.Net recommends that personal and confidential account information should not be provided to any business, organization or person you do not know or did not contact first. If you have any questions, please contact abuse@authorize.net.

More: http://www.authorize.net/

October 21st, 2003

God wants you to send me your banking information

A new twist on the "Nigerian" scam -- afflicted yet extremely wealthy Christians from Kuwait:

I am the above named person from Kuwait. I am married to Dr. Harry Jones who worked with Kuwait embassy in Ivory Coast for nine years before he died in the year 2000. We were married for eleven years without a child. He died after a brief illness that lasted for only four days. Before his death we were both born again Christians.Since his death I decided not to re-marry or get a child outside my matrimonial home which the Bible is against.When my late husband was alive he deposited the sum of$8.6Million (Eight Million six hundred thousand U.S. Dollars) with one finance/security company in Amsterderm Holland. Presently, this money is still with the Security Company. Recently, my Doctor told me that I would not last for the next three months due to cancer problem. Though what disturbs me most is my stroke sickness.

Wow, that's rough! I feel so bad taking all that money now!

October 21st, 2003

Canadian ATM Scam

Some enterprising, and brazen, criminals in Ontario, according to the Toronto Globe and Mail, have been running an elaborate ATM scam in which they install a false front over existing ATMs to capture card numbers, and install a video camera to capture victims' PINs as they enter them (presumably in frustration). It's not clear why the fake ATM can't just record the numbers, but anyway, this was quite a job. Often this type of scam is done with third-party ATMs in already marginal locations like corner convenience stores; but in this case, some of the locations were actually banks! Remarkable.

More: http://www.globetechnology.com/servlet/story/RTGAM.20030812.gtatmm0812/BNStory/Technology

October 21st, 2003

Another credit-card harvesting scam/spam

Got another credit-card harvesting gambit today, with the charming subject line of "Authorization of the data!" I'm not sure whether these are being machine translated for their various target audiences, or if they are just written by people with a poor command of English. Needless to say, if you get one of these messages, don't fill in the blanks! The lead-in goes like this:

Attention! In our global system of monitorinrg there was a technical failure. In avoidance of fauds with your credit card enter the full data for authorization, otherwise your credit card will be frozen during 10 day.

October 15th, 2003

Medical Misinformation

On a more serious note, a Science Daily story today reports on an apparently widespread -- and false -- belief among lung cancer patients that surgery is likely to make their cancer spread because it exposes the cancer cells to air. Nearly twenty percent of respondents were prepared to reject surgery primarily on the basis of this idea -- yet most of them "could not identify the original source for their belief that exposure to air during surgery causes tumor spread."

More: http://www.sciencedaily.com/releases/2003/10/031007062521.htm

October 7th, 2003

I won again!

Amazing -- Spain has a lottery program just like Holland!

EL GORDO SPANISH SWEEPSTAKE LOTTERY COMPANY CALLE AROYO NO 13, PISO 4G 28030 MADRID ESPAÃA TEL: 0034-659-002-957. DATE: 31th JULY 2003 FROM: THE DESK OF THE VICE PRESIDENT. INTERNATIONAL PROMOTIONS/PRIZE AWARD.. BATCH: EGS/ 22504002/03: REFERENCE: 15/0018/IPD ATTENTION: RE: AWARD NOTIFICATION. This is to inform you of the release of the EL-GORDO DE LA PRIMITIVA LOTTERY held on the 5th of September 2003. The results were released on the 20th of July 2003. Your name was attached to ticket number 185-01523370-100 with serial number 99375-0 that drew the lucky numbers of 06 20 25 26 37 49, which consequently won the lottery in the 5th category. You have therefore been approved for alump sum pay of Euros 625,000.39c(SIX HUNDRED AND TWENTY FIVE THOUSAND,THIRTY NINE CENTIMOS ONLY)in cash credited to file withREF:NÂº.EGS/3662367114/13. This is from US $75,000,000.00 (SEVENTY FIVE MILLION US DOLLARS) in cash among the 26 participating finalist playing 6,000 full tickets. CONGRATULATIONS!!!

October 2nd, 2003

Lotto scams

Maybe it's just because my spam filter broke, but I'm seeing a record number of scammy e-mails this week. The latest (not a new scam, but clearly not dead yet):

ATTN: EL GORDO SWEEPSTAKES N.L BURDENSTRAAT 22 1053 DS AMSTERDAM. AMSTERDAM (THE NETHERLANDS ) FROM THE DESK OF THE DIRECTOR INTERNATIONAL PROMOTION/PRIZE AWARD DEPT. REF:WR/2311786008/01 BATCH:14/011/IPD RE:WINNING NOTIFICATION/FINAL NOTICE. We are pleased to inform you of the release today the 2nd of october 2003,of the El Gordo Netherlands Sweepstakes International program held on the 24th of August 2003. Your personal or company email address attached to ticket number 205-11465886-629 with serial number 3772-99 drew lucky numbers 7-14-17-23-31-44 which consequently won the lottery in the 2nd category. You have therefore been approved for a lump sum payout of $1,000,000.00(one million dollars) in cash credited to file Ref.No ELG/2311786008/02.This is from a total cash prize of U.S.$11million shared among several international lucky winners in this category. CONGRATULATIONS.

Gosh, with all those confusing numbers, it must be real!

More: http://hoaxinfo.com/lotto.htm

October 2nd, 2003

Worm authors with a sick sense of irony

Yet another worm showed up in the inbox today:

Microsoft User this is the latest version of security update, the "September 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer.

This must have given the authors quite a chuckle. Run our malicious code on your computer, motivated by your fear of running malicious code on your computer! A quick search of the code suggest that it is programmed to "phone home" to a computer at the Brno University of Technology in the Czech Republic. This doesn't mean we are being attacked by evil Czechs, of course -- increasingly, the rule with exploits like this is that they use everybody's computers but their own.

September 30th, 2003

Another PayPal scam

September sure is the month for reviving tried-and-true online scams of the "please update your password" variety. Only now most of them seem to go right for the jugular -- namely, your credit or debit card. Two of these have arrived in the purportal.com inbox so far today:

Please verify your information today! Dear Paypal Member. Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your paypal account and to ensure a safe Paypal experience. We require all flagged accounts to verify their information on file with us. To verify your information, click here and enter the details requested. After you verify your information, your account shall be returned to good standing and you will continue to have full use of your account. Thank you for using PayPal! Please do not reply to this e-mail. Mail sent to this address cannot be answered.

Keep your eyes open and your wallet closed!

More: http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/fraud-prevention-outside

September 29th, 2003

RSS feed is back up!

The long-lost Purportal.com RSS feed is back up, carrying these very news entries. The URL is http://purportal.com/rss

More: http://purportal.com/news

September 26th, 2003

You have not won a free XBox

Like me, you may have recently received an e-mail message from giftstakes.com informing you that "you are now the lucky winner of a brand new Microsoft X-Box Gaming Console!" Boy, was I excited! I went to their website. Let's see, I enter my special "pass code number," then they want my shipping information, then they want my... DEBIT CARD? Unbelievable. They happen to mention the payment-processing service Authorize.net in their pitch. Here's what Authorize.net had to say in response to an inquiry by a friend:

The website www.giftstakes.com is in no way associated with Authorize.Net. The organization or person operating this website is not an Authorize.Net merchant and Authorize.Net is not processing any types of transactions that are submitted via this website. The purported drawing for a free X Box is an Internet scam designed to steal debit card numbers with their associated PIN. This has been reported to the appropriate law enforcement agency. Authorize.Net strongly recommends NOT providing any confidential account information on this website. If you have already provided your account information, Authorize.Net recommends that you contact your bank, inform them of the incident and cancel your account...

More: http://www.fatwallet.com/forums/messageview.cfm?catid=24&threadid=219495&lastpage=1

September 26th, 2003

Another eBay scam

Just noticed this while skimming my junk-mail box. The main text of the message is actualy a giant image -- a tactic used to bypass keyword-matching spam filters. The link in the image looks like a real eBay link, but if you click on the image (thinking you're clicking on that fake URL, perhaps) you're taken via an obfuscated URL to the scammer's server in Korea.

More: http://e-scribe.com/tools/whois/?domain=211.47.194.125

September 24th, 2003

Not really Hurricane Isabel

Some photos were circulating via e-mail last week that purported to be shots of the incoming Hurricane Isabel. But no.

More: http://www.snopes.com/photos/isabel.asp

September 24th, 2003

Yet Another Microsoft-based worm

On the heels of the "SoBig" e-mail worm, which is dwindling, we have this gambit (screenshot). According to CERT, "The subject, body, and From: address vary, but often claim to be a Microsoft Internet Explorer Update or a delivery failure notice from qmail. Upon opening the attachment, the worm attempts to mail itself to all e-mail addresses it finds on the system. Additionally, this worm attempts to terminate numerous security product processes on the system."

More: http://www.cert.org/current/current_activity.html#swena

September 18th, 2003

Always use delivery confirmation!

Subpoena by email?

Top 100 April Fools Day Hoaxes

Spotting fake listings on eBay and Craigslist

A phishing scam dissected

The Recruit Who Wasn’t Recruited

Help me make a better Purportal

How to avoid buying a bogus memory card on eBay

Don't believe everything you read on Craigslist

Avoiding scams on Craigslist and elsewhere

Need cash? Make big money shipping washers and screws for the US military

ATM magic

UFOs... robots in disguise?

"Elderly opportunity seekers"

New feature: spam comments

Phishing in-depth

Malicious AdWords

Your cellphone can't make you sick

US State Department infiltrated via Microsoft Word

The Storm Worm for Windows

Home of 1,000 phishes

Money and Cocaine

How to steal ATM cards

Give me ants or give you death

Death penalty over China ant scam

What do you mean by "foreign", or, targeting stupid Americans

Canadian coins with tiny tracking devices found

Massachusetts Attorney General gets her credit card number stolen

Bank sends woman account data of 75,000 customers by accident

Superbowl site hack might just be the tip of the iceberg

There's no such thing as Google TV

eBay shilling: how it's done

A malware glossary

Ignorance turns out not to be bliss

OK, so the Grand Canyon really *is* millions of years old

Yahoo boys

Good reading: Fraudwar

Scammy spam archive tops 500 messages

Not like in the movies

But at least he's $3 million wiser

Nigerian scam for dummies

Worst spelling evar

The Bnak of America Billing Deptartment

The Nigerian scam, AARP style

SiteKey can't save you, apparently

It's not really from the FBI

When Astronomy Goes Bad

eBay, fraud, filtering, and Web 2.0

Is eBay doing all it can to fight phishing?

Fake Photos

Beware of the Zotor

The Rise of the Indian Rope Trick

Gmail fighting phishing

Free iPods?

Fighting Spyware

Citibank tops phishing list

This week's reason not to use Internet Explorer on Windows

Pundit beware

The Library of Larceny

Macintosh web browser security hole: real

"For you all is lawful"

Phishing list

Automatically stopping scams

Area Man Duped

Fixes for that Mac virus that doesn't quite exist

Free Energy

Google: Fact vs. Fiction

Phishing, Gone

eBay's anti-fraud vigilantes

New Russian twist on advance fee fraud

BMW/MINI robot hoax

This one's real: New Microsoft Office XP and Outlook 2002 vulnerability

Market manipulation, Yahoo Groups style

Dear Abby Fooled Again

Another crafty eBay spoof: "RE: Question for seller..."

If my e-mail account is disabled, how did you send me that message?

eBay "Account Guard"

New news page version for handheld devices

Beware of Doomjuice and Deadhat

How not to get rich quick

OK, so the Grand Canyon really is millions of years old