Best of eScam Tips - Part One

---

This month's issue has the first part of the best of the eScam Tips articles from previous issues of Ray's Computer Tips. The articles below are the full articles.

---

This message contains...

---

        I get anywhere from 50 to 100 of these emails every day. You probably get far less. They say something like, "The message contains Unicode characters and has been sent as a binary attachment" or "The original message has been included as an attachment", or "See Attachment". Whatever you do, DO NOT OPEN the attachment. The best thing that you can do with these emails is delete them immediately.
        These emails are the result of someone else opening these very same attachments. When you open one, it may not seem like anything happens, but the attached file is a virus (more specifically known as a worm) and starts sending out emails to other people with the same attachment. This virus looks in your mailbox or in other parts of your computer for email addresses and sends emails to and from them. It also usually attaches itself to your computer so that whenever you are online, it will send out emails.
        In most cases the From address on the email that you received is not where the email came from. Instead it is an email address found on the infected computer along with yours. So don't hit Reply on these virus emails and send an email back telling this person that his computer is infected, because that person is probably innocent and does not have any problems with viruses.
        What can you do then? About the only thing that you can do short of getting a new email address is wait. There is no way for you to find out who has the infected computer, but hopefully, the person with the infected computer will realize that he has a virus and will clean his computer with an anti-virus program. When he does, the emails will stop coming.

Phishing, Carding, and Spoofing

---

        Phishing, carding, and spoofing refers to the same thing. There are also other terms that are used for similar deceptions. Phishing is when someone attempts to fraudulently get sensitive information from you, such as passwords and credit card details, by masquerading as a trustworthy person or business in a seemingly official email message.
        This is how it happens. You get an email from eBay saying that your account will be suspended if you do not update your account information or you get an email from SouthTrust Bank saying that they are carrying out a planned software upgrade and they earnestly ask you to visit a link to start the procedure of confirming your data. These are two of the more popular phishing scams.
        The first thing you need to realize is that these emails are not really from eBay, SouthTrust Bank, or whoever they say they are from. They may have official logos and valid email addresses in the From field, but they are still not from these places.
        What these emails want you to do is click on the link in them. The link will take you either to a fake website or to the actual website and then relay the information to a third party. Either way what they are after is your personal information, like login, password, or credit card information.
        This scam changes over time, so it is not possible to explain all of the details of phishing, but there is one simple precaution you can take to keep from being taken by this scam. If you don't get anything else out of this article, get this, DO NOT USE THE LINKS IN THESE EMAILS. If you think that the email is valid and eBay really wants to update your account, go to eBay not using the link in the email and check it out.
        If you want to know more about phishing, go to http://en.wikipedia.org/wiki/Phishing.

Amazing Issue with Target

---

        (Please read all of this articles, especially the conclusions at the end, before you write me and "inform" me of the same things that this article states.)

        I received an email from a friend of mine with the above title. The email explained how a Vietnam vet had asked his local Target store to contribute to a veteran cause and how after they refused, he found out that they had done many things against veterans and that they were a French-owned company. The last paragraph reads: "Now, I'm thinking again. If TARGET cannot support American Veterans, then why should my family and I support their stores by spending our hard earned American dollars and to have their profits sent to France. Without the American Vets, where would France be today?"
        The story had names, details, and sounded authentic, but it seemed a little too perfect to me.
        So I did a quick search on the internet for the veteran organization that the author claimed to represent. The first thing on their website was an article disavowing any connection with what they called the Target Hoax or any knowledge of the author of that email. As I looked further into this, I found out that almost all of the facts of the story were wrong. Target is an American owned and founded company. It has no connection with France. And it does give to veteran causes.
        So the email is false. It is a hoax. It is a lie.
        There are several websites which expose these type of scams. Here are three:

• http://truthorfiction.com
• http://urbanlegends.about.com
• http://snopes.com

        The lesson to be learned here is that before you get all worked up about a story forwarded to you, do some searching on the internet to see if in fact the story is true.

FROM HAJIA MARYAM ABACHA

---

        Through the past ten years I have received different variations on the letter below. These have become known as the Nigerian Scam.
        I first heard of it over ten years ago when a friend of mine told me about receiving a similar email. It offered him a million dollars for transferring millions of dollars to an American bank account. He thought that it was legit but suspected that it was illegal. He felt that he was contacted because he had a successful business and he would be able to get away with it. If he had not had such a successful business, he would have tried it. The prospect of receiving millions of dollars for doing relatively nothing is tempting.
        But this email is a complete scam. One of the distinquishing traits of this scam is the mention of millions of dollars and the offer for you to receive a percentage of it if you help them. If you get sucked into this scam, you will end up paying thousands of dollars and you will receive nothing. In 1996 over 5 billion dollars had already been lost to this scam. The best thing to do when you receive this email is to delete it.
        An example of the email is below.

FROM HAJIA MARYAM ABACHA
FORMER FIRST LADY,
FEDERAL REPUBLIC OF NIGERIA.
2/8 GIDADO ROAD KANO NIGERIA,
WEST AFRICA.


Hello Dear,
I am Hajia Maryam Abacha, widow of the Late Gen. Sani Abacha former Nigerian Military Head of State who died on june 8 1998 as a result of cardiac arrest. I got your contact from a personal directory i found in our study room,after the death of my husband.

I therefore decided to contact you in confidence so that I can be able to move out the sum of Forty Eight million,US dollars ( $48,000,000.00) which was carefully sealed in two trunk boxes for security reasons. I personally therefore seek for a CAPABLE/CREDIBLE PERSON who will urgently assist to move this money into his/her country, through diplomatic means,where I believe it will be safe since I cannot leave the country due to the restriction of movement imposed on me and members of my family by the Nigerian government.

If you know my husband Gen Sani Abacha when he was alive, you will discover that we worth over one billion dollars, but the government of the day has made us to start asking people to come to our aid pending when we will have our freedom or the termination of this government. BE INFORMED THAT YOU WILL NOT SPEND A CENT DURING THE CURSE OF THIS TRANSACTION.

However, arrangement has been put in place to move this money out of the Security company where it is presently now in Europe to any foreign partner who will accomodate this funds in his/her account pending when our suite with the FEDERAL GOVERNMENT will come to and end then we will come over to have our funds back.

Conclusively, I have decided to offer you 20% of the total sum 5% will be for whatever expenses that will be incurred, while 75% is to be used in buying shares in companies in your country subsequent to our free movement by the Nigerian government. Please reply urgently and treat with absolute confidentiality and sincerity.

Thanks for your understanding in this regard, as i look forward to your kind response.

Best regards,
HAJIA Maryam.

Obtain substantial income!

---

        For this month's eScam I picked out one of the hundreds of spam emails that I get everyday. It's subject was "Obtain substantial income. With minimum training!". It started out by saying:

"Hi Lori,
6 months ago I was let go from my employment I held for 25 plus years.
I can't thank you enough for establishing me in this new enterprise. You have given me a new lease on life. Already realizing twice as much as I earned in my old job...."

        I want to point out things in this email which are suspicious and which should cause red flags to pop up in your mind. First of all, it starts out by saying, "Hi Lori". Of course, my name is not Lori. In addition to that the To address on this email is not my email address. The writers of this email are hoping that you think it was meant for someone else but mistakenly sent to you. But it wasn't, it was intentionally sent to you. If an email message does not have your email address in the To slot, that is a good indicator that it is spam. It is best just to delete it.
        But what would happen if you didn't delete it? Let's see. The only thing that the sender of this email wants you to do is click on the link in it. There is only one link. So I click on it. It takes me to a website that describes a training course on "How to Process Money Judgments".
        The website is suspicious in several ways. One is that there are unsubscribe links at the top and bottom of the page, but putting the cursor over the link does not reveal where the link goes to. I suspect that if I asked them to remove me from their list that I would actually be added to more lists. Another suspicious thing is that the company's name is never mentioned on the website. Since I do not know their name, I cannot look them up in Rip-off Report or anywhere else. The only form of contact on the website is a phone number, no email address or website. The website tells of a supposedly simple process for which they provide all of the resources to get money from delinquent accounts. But if it is so easy, why doesn't this company simple hire people at minumum wage to do it and keep the millions of dollars that you will supposedly make using their money making scheme?
        I am not going to call the phone number and join so that I can report to you what happens, but I suspect that if I did that I would have to pay thousands of dollars before they shared their system and only then would I find out that their system makes me no money or very little money at all.
        Don't get suckered into this or similar get rich schemes.

Do Not Open Attachments

---

        There is a virus called Sober.X. It is delivered in many different email messages. Some of its subjects are

• hi,_ive_a_new_mail_address
• Mail delivery failed
• Registration Confirmation
• smtp mail failed
• Spam: Registration Confirmation
• Your Password
• Your IP was logged
• Paris_Hilton_&_Nicole_Richie
• You visit illegal websites

        Some of the emails have FBI and CIA addresses in the From slot and say that they have logged your IP address on illegal websites. This is a lie. As I have said before, don't believe everything that you receive in an email especially if it is from someone that you do not know.
        This virus is similar to many other viruses in the way that it works. It comes attached to an email message. When you open the attachment, it puts the virus on your computer which runs without you knowing that it is there. The only thing that you may notice is that your computer is running slower. It is slower because the virus is looking for email addresses on your computer and sending out the virus with those email addresses in the To and From slots of the emails.
        Viruses like this would be thwarted before they even began if every computer user would heed one bit of advice: do not open attachments unless you know 100% what it is and who it comes from. If you follow this advice you can throw away your antivirus programs and save yourself some money. I know because that is exactly what I do and I have never had a virus on my computer even though I am very active on the internet.
        I now receive thousands of emails a day containing the Sober.X virus because a lot of people who open attachments have my email address on their computer. I guess it is the price of doing business on the internet.
        If you have the Sober.X virus on your computer, please remove it. If you have an antivirus program hopefully it will remove it. If not see the following sites:

Click here for more details about the Sober.X virus.

Click here to download a free tool for removing the Sober.X virus.
        The sooner you remove this and other viruses from your computer the sooner your computer will run faster and the sooner people like me will stop receiving virus emails from you.

Important Account Notice

---

        Every once in a while I get an email with the subject, "Important Account Notice". The email starts out by saying, "Dear Valuable Customer, This is your official notification from Chase Bank that the service(s) listed below will be deactivated and deleted if not renewed immediately."
        There is only one problem, I have never had an account or dealt with Chase Bank. In fact, I have never lived even close to a Chase Bank. This email is sent to millions of people in the hopes that it will find some Chase Bank customers and then trick them into giving these imposters their credit card number. It is NOT sent out by Chase Bank.
        If you were to click on the link in the email, it would take you to a website that is identical to the Chase Bank website. In fact, if you were to put it next to the actual Chase Bank website, you would not be able to tell the difference. But the fake website is actually a credit card thief's website.
        This front page has a login section with User ID and Password textboxes. If you enter the wrong ID and password in the actual Chase Bank website, it will tell you that the login is incorrect, but on the fake website any ID or password will get you in. The next page asks for your credit card information. If you type in your credit card information, these thieves will use it to purchase thousands of dollars worth of things they want and you will have to explain to your bank how much of a fool you were. In case you have not understood yet, IT IS A SCAM.
        How do you protect yourself against these kind of scams? First, you should know that your bank will never ask you for your credit card number (especially over the internet). Secondly, you should never click on a link in an email to go to these type of websites. If you want to go to the Chase Bank website, type www.chase.com in your browser.
        There are similar scams like this for other financial institutions, so consumer beware.

Requesting Photo Approval

---

        This is a scam that almost got me. I let it in past my first line of defense, MailWasher. Then I read it and believed it. But when I started to open the attachment, I saw that the attachment was an executeable file (with an exe ending). Red flags went up all through my brain. I stopped, deleted the email, and let out a sigh of relief. I had almost been duped by the W32/BrepiBot.R!tr virus.
        The email's subject was "Requesting Photo Approval" and its message read as follows:

Hello,

Your photograph has reached editing stage as part of an article we are publishing for our February edition of Traders World Monthly. Can you check over the format and get back to us with your approval or any changes?
If the picture is not to your liking then please send a preferred one. We've attached the photo with the article here.

Kind regards,

Jamie Andrews
Editor
TradersWorld"

        Since it was possible that someone would want to write an article about me and use my photo, this sounded legit.
        Attached to this email was a file called Photo+Article.zip which had a file in it named Photo+Article.exe. If I had run that file, it would have put a file on my computer which Windows would have run everytime that it started. This file would have launched a flood of similar emails with attached viruses from my computer to as many email addresses as it could find.
        I wanted to tell you about this scam because it shows how inventive the writers of virus emails can be. All virus emails do not look alike. They can come in all kinds of forms. You must always be on the lookout for them.
        A good practice to get into is to NOT open attachments. You should only open attachments that: 1) come from someone you know, 2) that person has told you about the attachment, and 3) you are 100% sure what the attachment is. If you do not know what an attachment is, it will not hurt you to NOT open it or at least to ask the sender what the attachment is.
        If you are careful with emails, you can keep your computer virus-free.


Questions on our Discussion Board

---

• Software for mirroring files
  
• XP won't load
  
• Very Different Question
  
• Autorun in Windows XP Home
  
• uninstalling ashampoo
  
• USB Ports
  
• installation
  
• Unable to Locate Boot File
  
• Processor problem
  
• Reimage program
  
• Unwanted Downloads
  
• MP3 PLAYER
  
• Removing Windows 2000
  
• Should I turn off Windows XP System Restore?
  
• can't read Digital Versatile Disc
  
• Notifying new posts
  
• How do I get the key
  
• Setting up home network with file server
  
• WINDOWS VISTA CUSTOMIZATION
  
• problems with mp3 player
  
• Open / Save window
  
• slow windows xp home
  
• persistent cookies
  
• Getting the Most from Dual Processors
  
• SETUP FILES
  
• external harddrive
  
• RegVac in Windows 7
  
• Windows media centre
  

Thanks for reading,
Ray Geide