| It seems that every time I
check my email I find an offer that is too good to be true. You know what
I mean, almost all of us get them. Then there are the
emails that try to steal your information, Pay Pal and EBay are two
places targeted by thieves and let me tell you some of the emails sent
look awful convincing. Remember one thing: neither Pay
Pal nor EBay is going to send you an email requesting information
addressed to "Dear User or Dear Member. They WILL use your signup
name. Each site has a place to report spam and such attempts.
Look under security. I am going to place some of the examples of the cons that are going around, many which you have probably seen. Some are smooth and takes a bit of thinking and research to figure out they are scams, some play on a persons avarice hoping that the bait will blind them to the other parts. Then there are the funny ones, some are so bad they are funny and a person would have to be a total idiot to follow through with that one. The following are some examples of what I have found. (well found me) Note: Unlike many pages found on this web site this is not meant to be humorous. These are real messages I receive in my e-mail and are nothing but scams or attempts at identity theft . |
SAMPLE ONE
| Return-path: <stevetimothy@overseasltd.com> Envelope-to: xxxxxxxxxxxxxxxxxxxxxxxxxxxx Delivery-date: Mon, 15 Aug 2005 19:03:57 -0500 Received: from [65.54.185.20] (helo=hotmail.com) by displays.internetwebcafe.com with esmtp (Exim 4.43) id 1E4ovt-0006bV-0w for xxxxxxxxxxxxxxxxxxxxx Mon, 15 Aug 2005 19:03:57 -0500 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 15 Aug 2005 17:03:55 -0700 Message-ID: <BAY15-F20810FCACF47CA06FEB125C8B00@phx.gbl> Received: from 195.166.237.40 by by15fd.bay15.hotmail.msn.com with HTTP; Tue, 16 Aug 2005 00:03:55 GMT X-Originating-IP: [195.166.237.40] X-Originating-Email: [stevetimothy@overseasltd.com] X-Sender: stevetimothy@overseasltd.com From: "STEVE TIMOTHY" <stevetimothy@overseasltd.com> Bcc: Subject: COMPANY'S REPRESENTATIVE NEEDED Date: Tue, 16 Aug 2005 00:03:55 +0000 X-OriginalArrivalTime: 16 Aug 2005 00:03:55.0541 (UTC) FILETIME=[FE4C7450:01C5A1F5] X-Antivirus: AVG for E-mail 7.0.338 [267.10.10] Mime-Version: 1.0 Content-Type: text/plain; format=flowed TIMOTHY OVERSEAS LIMITED Units 3A & 3B, Olympic Way, Sefton Business Park, Aintree Liverpool, L30 1RD, UNITED KINGDOM. Sir, I am MR STEVE TIMOTHY, PRESIDENT AND FOUNDER, TIMOTHY OVERSEAS LIMITED. Immediate distrust, 2 first names! We are a group of businessmen who deal on raw materials export looks like he has a spelling problem too into America and Canada We are in deep search for TRUSTWORTHY Representatives and Book-keepers in your country who can assist us in establishing a good relationship and process payments from our clients, in America and Canada. Anyone see anything funny yet? Who can also keep our company issues confident as to our company? Policies. Our Clients make payments from our supplies, which are not readily cash able Outside the UNITED STATES, AND CANADA. Sounds to me that even if this was a legit offer it would probably be illegal This process will enable you work from home via the Internet and make Money without affecting your present job. Our company is worth, 1 MILLION POUNDS STERLINGS, in cash and assert, We have clients all over the globe. Again, the spelling used would make a message of this type suspect If a message is wrote that is so filled with mistakes in both spelling and grammar it should be suspect. ALL YOU NEED TO DO IS RECEIVE THIS PAYMENTS FROM OUR CLIENTS IN THE UNITED STATE / CANADA, Again there is the lack of proper syntax State instead of States GET IT CASHED IN A DESIGNATED BANK THEN DEDUCT YOUR 15% COMMISSION AND FORWARD THE BALANCE TO THE COMPANY, VIA WESTERN UNION MONEY TRANSFER OR AS YOU ARE BEEN INSTRUCTED TO DO. While I am not familiar with all federal laws this to me sounds like money laundering if it wasn't a blatant scam. ALL WE NEED IS TO FORWARD ALL YOUR REQUIRED INFORMATIONS TO OUR CLIENTS AND THEY WILL ISSUE ALL PAYMENTS IN YOUR NAME. Send the following information to the procurement officer, MR. EVANS TIMOTHY at; his name was Steve while ago timot_yone@email.com Tel: +447031945936
[1] FULL NAME: [2] FULL ADDRESS: [3] AGE: [4] FAX: [5] TELEPHONE NUMBER: [6] OCCUPATION STATUS: As soon as we receive this informations it will be forwarded to our Clients and they will start making ready payments to you as a Company's Representative. FOR FURTHER INQUIRY, YOU CAN CONTACT THE PROCUREMENT OFFICER; MR. EVANS TIMOTHY Tel: +447031945936 Email; timot_yone@email.com
Best Regards
|
SAMPLE TWO
| Return-path: <nobody@server15.pronicsolutions.com> Envelope-to: xxxxxxxxxxxxxxxxxxxxxxxxxxxx Delivery-date: Sun, 21 Aug 2005 17:31:47 -0500 Received: from [66.103.128.65] (helo=server15.pronicsolutions.com) by displays.internetwebcafe.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.52) id 1E6yLy-0007yH-LD for xxxxxxxxxxxxxxxxx; Sun, 21 Aug 2005 17:31:47 -0500 Received: from nobody by server15.pronicsolutions.com with local (Exim 4.52) id 1E6yLu-0005fI-VT for xxxxxxxxxxxxxxxxxxxxx; Sun, 21 Aug 2005 18:31:43 -0400 To: xxxxxxxxxxxxxxxxxxxxxxxxxxxx Subject: Account Verification From: PayPal<paypalcrew@paypal.com> Message-Id: <E1E6yLu-0005fI-VT@server15.pronicsolutions.com> Date: Sun, 21 Aug 2005 18:31:42 -0400 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server15.pronicsolutions.com X-AntiAbuse: Original Domain - creekdesigns.com X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender Address Domain - server15.pronicsolutions.com X-Source: X-Source-Args: X-Source-Dir: X-Antivirus: AVG for E-mail 7.0.338 [267.10.13] Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=======AVGMAIL-43092BDA0A1B=======" From: PayPal [paypalcrew@paypal.com] Sent: Sunday, August 21, 2005 5:32 PM To: xxxxxxxxxxxxxxxxxxxxxxxxxxxx Subject: Account Verification Attachments: _AVG certification_.txt This is just the virus scanner certification that this email contained no viruses and not part of the message. <http://www.paypal.com/en_US/i/logo/paypal_logo.gif> Dear customer, Please read this message and follow it's instructions First hint this isn't kosher. it wasn't addressed specifically to you. Confirm Your Identity: How? evidently they don't know who you are We are performing maintenance, which may interfere with access to your Online Services. Due to these technical updates your online account has been flagged and we must confirm that you are the rightful owner of the account. They are doing Maintenance and just happened to flag your account. Want to buy a bridge? To Confirm Your Identity click the link below, NEVER NEVER NEVER click on the hyperlink to answer a message such as this open another window in your web browser and go to www.paypal.com. If there is a problem you will find out there. Please make sure you do this in a timely fashion as we look forward of bringing you updates regularly here thy apply a bit of pressure To get started, please click the link below: https://www.paypal.com/cgi-bin/webscr?cmd=_login-run <http://209.50.252.234/.pp/> looks legit don't it? I wonder what spoof@paypal.com will say? (that's where you send fraudulent PayPal messages, (be sure to include the headers!) Important information from PayPal. Thanks for your patience and understanding as we work together to protect your account. Sincerely, PayPal Account Review Department PayPal, an eBay Company |
SAMPLE Three
Site design by Creek Designs
All Content © 1998 - 2007 by Creek Designs
All Rights Reserved
| Return-path: <securitycenter@paypal.com> Envelope-to: xxxxxxxxxxxxxxxx Delivery-date: Sat, 20 Aug 2005 23:04:48 -0500 Received: from [85.35.238.234] (helo=host234-238.pool8535.interbusiness.it) by displays.internetwebcafe.com with smtp (Exim 4.52) id 1E6h4h-0007AZ-7P for xxxxxxxxxxxxx Sat, 20 Aug 2005 23:04:47 -0500 Received: from web71.nix.paypal.com (web18.nix.paypal.com [10.192.2.49]) by smtp-outbound.nix.paypal.com (Postfix) with SMTP id 842NB3CC996 for <xxxxxxxxxxxxxxxx>; Sun, 21 Aug 2005 00:04:40 -0800 Received: (qmail 47068 invoked by uid 88); Sun, 21 Aug 2005 00:04:40 -0800 Message-ID: 4791067730.72816@paypal.com From: "Paypal Security" <securitycenter@paypal.com> Reply-To: "Paypal Security" <securitycenter@paypal.com> Subject: New Security Requirements X-Email-Type-Id: PP%RND_DIGI%RND_DIGI%RND_DIGI Date: Sun, 21 Aug 2005 00:04:40 -0800 X-MaxCode-Template: email-transaction-counterparty X-XPT-XSL-Name: /en_US/transaction/seller/TransactionCounterparty.xsl X-Antivirus: AVG for E-mail 7.0.338 [267.10.13] Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=======AVGMAIL-43092BDA0A1B=======" From: Paypal Security [securitycenter@paypal.com] Sent: Sunday, August 21, 2005 3:05 AM Subject: New Security Requirements <http://www.paypal.com/en_US/i/logo/paypal_logo.gif> Dear valued PayPalŪ member, Again a name isn't used. Since they can't get into the database they just have to use a general salutation. Due to recent fraudulent transactions, we have issued the following security requirements. It has come to our attion Remember what was said earlier about spelling and sentence structure? that 98% of all fraudulent transactions are caused by members using stolen credit cards to purchase or sell non existant spelling items. Thus we require our members to add a Debit/Check card to their billing records as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. I didn't see anything about such a requirement Your Debit/Check card will only be used to identify you. I also have some prime lakeside land for sale! If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the PayPalŪ service. However, failure to confirm your records will result in your account suspension. There is the threat/pressure. We are requesting this information to verify and protect your identity. Federal regulations require all financial institutions to obtain, verify, and record identification from all persons opening new accounts or obtaining ongoing payment services. I am not sure about this but it is big brother in any event. This is in order to prevent the use of the U.S. banking system in terrorist and other illegal activity. play on this nations fears now to get them to comply and to justify the reason . For these reasons, PayPalŪ will utilize services provided by various credit reporting agencies to verify the information you submit to us. Once you have updated your account records your pending PayPalŪ account transactions will not be interrupted and will continue as normal. more threats To update your billing records please login to your account by clicking here. <http://paypal.login084.com/cgi-bin/webscr.html?cmd=_login-run> see the text of the hyperlink? that isn't a legitimate PayPal address methinks. Thank you for your time, PayPalŪ Billing Department. ________________________________ |