Tag Archive: RECEIVING

Message from the Chief Protocol of Independent Corrupt Practises Commission (ICPC)

I got a phishing spam this morning from Nigeria!

Typical 419 that I usually see: Office of the Seante House Nigeria

Nothing unusual in that, you say – the Nigerian 419 scam has been going on for years!  It even has it’s own scambusters (see references later) and the actual advanced fee fraud is usually just called a 419 scam because that’s it’s number in the Nigerian criminal code, apparently.

Anyway, I’ve not seen this particular version, and so I provide a full copy of all the spelling, syntax and language mistakes for your information and enjoyment.

From: Mrs. Marisa Smith <[email protected]>

Subject: Pls Reply

Attention: Sir,

I am Mrs. Marisa Smith the Chief Protocol of Independent Corrupt Practises Commission (ICPC) in alliance with economic community of West African states (ECOWAS) with head Office here in Nigeria. We have been working towards the eradication of fraudsters and scam Artists in Western part of Africa With the help of United States Government and the United Nations.

We have been able to track down so many of this scam artist in various parts of west African countries which includes (NIGERIA, REPUBLIC OF BENIN, TOGO, GHANA CAMEROUN AND SENEGAL) and they are all in our custody here in Lagos Nigeria. We have been able to recover so much money from these scam artists. The United Nation Anti-crime commission and the United State Government have ordered the money recovered from the Scammers to be shared among 100 Lucky people around the globe.

This email is been directed to you because your email address was found in one of the scam Artists file and computer hard disk in our custody here in Nigeria. You are therefore being compensated with $2.5 Million Dollars. We have also arrested all those who claim that they are barristers, bank officials, Lottery Agents who has money for transfer or want you to be the next of kin of such funds which do not exist.

Since your name appeared among the lucky beneficiaries who will receive a compensation of $2.5 Million, we have arranged your payment through our swift card payment centre. The swift card ATM has been specially prepared to enable you withdraw your money in any ATM machine in any part of the world, but the maximum is Five Thousand Dollars Only per day.

For proper execution of this project i decide to handle payment myself. Provide the information bellow to enable him prepare your ATM Master Debit Card including your Pin to access it.

1)YOUR FULL NAME.

2)YOUR RECEIVING ADDRESS.

3)YOUR TELEPHONE NUMBER.

4)YOUR PROFESSION.

5)YOUR ID/AGE

Best Regard,

Mrs. Marisa Smith

Further Reading

Related Posts:

Comments are closed

From Slimeballs to Horoscopes

A Possible Start to Personal Details Theft?

Here’s how it works…

Some time ago I made a posting on the odiously chubby internet bankrupteer and millionaire self-publicist Robert Allen (see link here).  As part of this investigation I used the name “Morton” coupled to my spam magnet email address in order to see what would happen.

Sure enough, ‘Morton’ appeared in heaps of spam I started receiving.  Another example is in this comment to another investigation, here

Of course, the beauty of this system, is that you get all manner of spams to check out!!!  Their prevalence allows you to spot trends in the spam and the latest “marketing opportunities” in the get-rich-quick world of the internet.  You are privy to all the darkest goings-on in the seamy side of business…ha ha!

Horoscope Oddness

One spam today was this:

Return-Path: [email protected]
Received: from external.boatprepare.com ([64.86.36.97]:1102)
Message-Id: [email protected]
Reply-To: [email protected]
From: Bethea ([email protected])
Subject: =?ISO-8859-1?Q?Morton, Complimentary Horoscope for 2009=A0 =A0=A0=A0=A0 =A0 ?=

This e-mail broadcast is for a complimentary Tarot, Biorhythm, and Astrological reading!

  • “A Grand Total of $8,934.00” –J. F.
  • “Tarot Reading Predicted… My Soul Mate.” –K. S.
  • “The Magic of Biorhythms.” –B. J.


I’ve met many people who don’t believe in astrology and the Tarot, even though they have never experienced their own personal forecast or had their own Tarot reading.

But I’ve helped so many people who have used the predictions of the Tarot,astrology, and biorhythms, to earn more money, become healthier, and improve their lives in ways they never dared dream possible. I know these things could help you.

So, I’ve decided to create a complimentary Weekly Forecast, a complimentary Tarot reading and a complimentary biorhythm for you. See how these predictions can improve your life.

To receive your three life-changing gifts, please accept my invitation and contact me now. My mission is to help people discover a better life. And it will cost you absolutely nothing, ever.

Visit here to receive your complimentary Forecasts:

Sincerely,
Bethea Jenner
[email protected]
Astrologer + Psychic + Tarot Expert + Numerologist + Teacher + Author +
Columnist + Lecturer

There then followed another list of testimonial phrases.

Horoscope Badness

This is all very laughable or laudable, depending on your view of horoscopes and free speech in a spam-laden commercial world.  The bad bit is the questionnaire…

The email link ends up after the usual whirring and clunking of redirecting gears at….

joypeaceandhappiness in IE

joypeaceandhappiness in IE

this website if you use Internet Explorer and come from California:

http://www.joypeaceandhappiness.com/forecast/tbirthinfo.asp

joypeaceandhappiness in Firefox

joypeaceandhappiness in Firefox

…and this site if you use Firefox, and just paste the web address into the browser:

http://www.joypeaceandhappiness.com/forecast/tbirthinfo.asp

Notice any similarity? !!

Dodgy Questionaire

The problem is with the questions…

In these days of phishing and social engineering, the questionsespecially, (as many people do), if you use an email address based on your real name, are a fraudster’s paradise!

‘She’ asks for:

  • Two email addresses
  • Your sex (from your title)
  • Your first name (can guess the last from your email addresses)
  • Your date of birth
  • Your time of birth
  • Your place of birth

In the UK, there’s almost enough information there to get a false passport, duplicate birth certificate or driving licence!!!  With a bit of studious Googling you could get addresses and then bank accounts…..

Conclusion

Be very, very careful if you get any of this horoscope rubbish in your mailbox.  It may be genuine carelessness or a deliberate phishing policy – who can tell?  The results are the same.

Or look at it this way – I’ve never, ever, bought anything by unsolicited mail.  It’s the desperation and lack of trust, see?

Furthermore, I know that the code word I set up, “Morton“, was planted by myself into a big vipers nest of spamophilia.  I’m hardly likely to trust anyone who sleeps with those bedfellows, am I?


Extra Information on the Websites

schoolcalculate.com & boatprepare.com

Run by FlintMediaEnterprises.com of California.  The contact is Barney Rockle!  (you haff to laff).  It’s in the ubiquitous mall, and handily has a UPS store nearby along with mailboxes and a bail bond service…

joypeaceandhappiness.com

Owned by Carol Brown (or [email protected] or P P E-commerce) from a PO Box in New York

transmonde.com

This simple emailing address comes from Fibertech Networks, a big cable company.

Related Posts:

Comments are closed

Google Revolution, Different Name, Same Scam!

Introduction

Beat the Scammer and the SwindlerMy email spambuster Mailwasher Pro is doing overtime since I posted my investigation into Google Treasure Chest and the Robert G Allen Grants swindle. In this second investigation, I showed how the email spam system links the various scam systems together. That is:

By signing up for one sytem, I started receiving email spam from all the various scams around even though they all have the mantra “we hate spammers as much as you do” and they all include privacy policies which expressly state that no email address is shared with anyone else….except third parties!

Bollocks! Of course, my interest was started with Google Treasure Chest, and then I issued a sequence of posts detailing my ever deepening investigations into these scum bastards and their rotten activities.

EMail Spam Reduction – temporarily!

Last week, a malware server was taken offline that had a small impact on the amount of spam I received. (see Methinks the ISP doth Protest Too Much). I reckon the rubbish went down to about 75% of the previous week’s level. In fact, because my Robert G Allen Grants swindle post focussed so much on resourcehurtcentral.com I actually noticed it in my spam by it’s absence!

resourcehurtcentral.com back in the Spam Game

Well I can tell you, it’s back now!

So I decided to see where one of the new spam points…

[email protected] is where the spam notionally comes from. This is despite the fact that I’ve ‘unsubscribed’ from their mailings -twice! So where do they want me to go?

http://ressourcehurtcentral.com…|Ug==.html

And of course, that’s not the destination – I immediately got redirected to:

https://www.6ftoverhead.com/ODU5N3w3MHwzMjM2MTd8djI=/r7w5n4b9/g

GoogleMoneyMaster

Google Money Master / Google Revolution

This page is worth ignoring, if you are feeling at all suicidal and want to give all your hard-earned money away to twats, that is!!! Otherwise, pay careful attention. NOW!

  • Firstly, it’s called Google Money Master at the top of the page.
  • The design is awfully like that of the original Google Treasure Chest signup page at securecartcenter.com
  • It says “As seen and trusted on Google, CNBC, USA Today, ABC, CNN & Yahoo!” – believe that if you will!
  • Now compare this with the statement at the bottom of the page which states “The trademarks in this image are owned by their respective owners who do not endorse this product. Google Revolution, LLC is not affiliated with, endorsed by or in any way associated with Google.”
  • From this, we can safely take it that they are only afraid of Google and don’t care a toss for the rest!

Now, please continue, and while carefully noting the 100% Trusted banner, check out the Terms & Conditions link at the bottom. You’ll have noticed the Matrix-like title “Revolution”. It’s about the same – what goes around comes around.

The T&Cs are now a bit more technical and a bit more frightening since the Google Treasure Chest days. e.g. take a look….

O. Chargebacks.

Initiation of a complaint or chargeback against Google Revolution for products or services rendered constitutes a severe breach of this Agreement. A “complaint or chargeback” shall be defined as initiating any form of complaint or chargeback with your credit card issuer or bank. Upon receipt of a complaint or chargeback, or threat thereof, Google Revolution will immediately deactivate all Services provided to the Customer, and immediately begin chargeback reversal (anti-fraud) procedures. In the event we lose the chargeback reversal procedures, we will immediately send to collections the full disputed amount in addition to an administrative fee of five hundred dollars ($500.00 USD). Please note that threats of a complaint or chargeback will be treated the same as an actual complaint or chargeback. In all cases, violation of this clause will result in cancellation of all Services provided to the Customer, regardless of services disputed.

This is their way to counter the recommendation by all of the anti-scammer websites to immediately initiate a chargeback against the company to recover your scammed money!

My personal recommendation is to carry on doing this, as recommended by Chris Malta’s scam tips. Cancel your card, get a chargeback and show your card company the scammy “Terms and Conditions” that this supposed company imposes.

Remember – just because someone writes something down as a Term & Condition for a service, doesn’t actually make it legal. You did realise, of course, that by reading this far you now owe me £1 million??? – I thought not! Well that’s my terms & condition for reading this post. Do you think it’s legal? Obviously not. It’s complete bollox isn’t it? Same goes for the Google bollox too!

Ownership

You will also note that Google Revolution is owned by:

Honshu Systems, LLC
Attn: Google Revolution General Counsel
2850 Horizon Ridge Pkwy
Suite 625
Henderson, NV 89052

Plot Thickens Again!

This would be it, you’d think. But no, the plot thickens again, so check out the actual Google Revolution website…. at http://web.archive.org/web/20140101002331/http://googlerevolution.com/, specifically their privacy policy (formerly at ). Like Roger Whitaker, we are back in County Durham in the UK!

You’ll see that all postal letters must go to:

15 Park Terrace Leadgate, Consett, County Durham, DH8 7QD United Kingdom.

But if you want to telephone, you have to call the USA here:

1-877-300-5671

Now, Using Google, I Checked the County Durham Address and Did a Search for Bad Scam Comments

The UK ‘Durham’ connection is interesting. There is at least one business registered at this address – called Spring Systems Limited. It’s details are here, https://www.ukdata.com/numbers/06919609.html

I checked Google for bad stuff on Google Money Master and Google Revolution. All the bad comments started about two weeks ago e.g.

There are many more.

Q.Now when do you think Spring Systems Limited was registered?

A. On 29/5/2009 – about two weeks ago!

Conclusion

It’s pretty clear that this really is a scam, and if not directly a continuation of Google Treasure Chest, Money Tree, Acai Berries, Grants or Green tea scams – it’s using exactly the same methods.

In searching for a reason for the profusion of contacts in County Durham, UK, I’m reminded of a sweet-faced Geordie bint I recently saw promoting Carbon Copy Pro, a similar MLM/pyramid type thing. My personal knowledge tells me that this part of England is like the Wild West at times. I’m from that area!

….Nevada still is, by the look of it! The sheer quantity of new scam business operating with apparent impunity and disregard for the law shows that the Nevada & Utah law enforcers can’t keep a lid on this.

That’s my definition of the Wild West – when laws are not enforced.

The County Durham UK connection is interesting and there are further co-incidences with the smoking gun of lawlessness and criminality that is Nevada, Utah and County Durham…

Spooky connections, eh?

Related Posts:

How to Quickly Block an IP Address from your Website

Use .htaccess!!!

*Ebook Admin/Secure Apache

I’ve mentioned it before – and the technique I used to use a lot with a huge list of blocked IP addresses.  I then decided that the list was too time consuming to maintain and stopped using it except in extreme cases about the end of last year.  Such a thing was last night when I got 3 spam comment hits in rapid succession.  (is that all, I can hear the cries!).  The thing is, I hardly get to see spam because of the measures I’ve used.

But seeing spam is not the same as receiving spam!

So what I did was to quickly add a single block until this little episode is passed, probably a day or so.  It relates to this this comment here: http://strange…google-treasure-chest-phone-and-address-list/#comment-1399

This is what I added to my site’s .htaccess file:

#who has access who doesn't
order allow,deny
deny from 78.32.230.59
allow from all
#end access blocking list

Simple innit!  WordPress and it’s plugins doesn’t even get to see the ping.  Any pings from 78.32.230.59 are effortlessly palmed away.    The order of the ‘allow,deny’ is important…

Extra Investigation

I did a Google Search on a part of the text that looks really weird here:

http://www.google.com/search?q=%22Wall+clock.+I+found+only+this%22

The text in the message I used is : “Wall clock. I found only this”

There are HUNDREDS of comment spams on websites that should really be protecting themselves better.  Websites devoted to Alzheimers Disease and even Amnesty International!

Related Posts:

The State is in Danger, says a Return Spam Message from Eurosoftware

Following on from my post a few days ago about EuroSoftware, I had an interesting spam today.

I used “The Complainerator” to automate some abuse mails to see what happened.    Well… fortunately I used my old email spam sucker-inner trap as the “from” address, because that’s where today’s spam came to.

Addressed from myself – to me!

This is the message, as seen in plain text via Mailwasher Pro:

Click Here! <http://enqyb.uvkefqw.cn> 

About this mailing:

You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

 

?2008 Microsoft | Unsubscribe <http://www.uvkefqw.cn/>  | More Newsletters <http://vvd.uvkefqw.cn>  | Privacy <http://ykj.uvkefqw.cn>

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

The doomain uvkefqw.cn is our old friends in China.  It redirects to a doomain racegrow.com  This is at XIN NET TECHNOLOGY CORPORATION again!  The nameserveers are at moleculemind.com and the whole caboodle is at Xin Net.

They’ve obviously stripped my email address out, in China, at Xin Net, and then addressed a spam back to myself using my own address to get through the filters.  It has to be them as they are the only ones who got some mail from me, using this address, for several months.

In Buddhism, there are no co-incidences.

Same Site appearance as My SpammerFunnily enough, the technology news this week has been full of a story about a spam sink set up by computer scientists from University of California, Berkeley and UC, San Diego (UCSD).  Interestingly, the false site they set up, or at least the commonly circulated picture of the site is the same as the site that today’s spam points to!!!  This is at racegrow.com and has the title of “Canadian Pharmacy”…..This changes depending on how many pages are clicked through.

The privacy policy made me laugh as did the contact page with the Captcha and spam tick box!

Because of my typo above, I’m going to call spam domains “doomains” in future.

Related Posts:

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me