Dangerous fake email scams Page 27

You had me at 'dichtstbijzijnde.'

Hello

Got the email below - £500 just in time for xmas! Lucky, lucky me.

On the 10/11 2017 we informed you that we had a £500 MORRISONS gift card available and that we could send to you.

We have still not received your application to receive the gift card. Please let us know as soon as possible if you are still interested.

Here is the exclusive application link valid for this email address only:
Just click here and answer 3 quick questions to qualify.

Best Regards,

Your customer service team - Gift Card division

No fair - I want one! :(

Beware of emails with this subject: Important Information About your BT Email Address

saying: That means your BT email address will stop working after 15 December 2017,

I think it is a scam , a phishing attempt, when you hover over any links you see they they are not a BT domain name, they are for example: http://serefseven.com/js/new/index%20(2).html

BILL

This arrived in my spam folder today with the subject of "hey". I'm going to pen a reply and hopefully we can meet up. Anyone who thinks I'm cute and at the same time very sexy and smart gets a thumbs up from me.

Dear Jamie, My name is Nastya, and finally I decided to write to you. I'm from Russia, but now I live in the USA :-) I saw you photos on Facebook and cant get you out from my head. You look cute and at the same time very sexy and smart, just like my type. Wanna talk to you, what about you? If you would like to know more about me, please, email me. My email is **************@rambler.ru xXx, Nastya :-)

I notice you're keeping the email address to yourself.

Quote: Chappers @ 29th January 2018, 10:43 PM

I notice you're keeping the email address to yourself.

:D I did post it in full originally but then editied it out a few minutes later. I realised it would be available in search engines and being from a spammer address it might be preferable to not post it in full. Not sure if it even matters though.

Had a fairly standard phishing email re my BT email account. The bit that got my attention though was the address it 'came' from -
msg.sser@rnicrosoftonline.c*m

The use of r n after the @ looks like an m at first glance, crafty buggers.

I had to look twice to see it.

Quote: Stephen Goodlad @ 30th January 2018, 8:59 AM

I had to look twice to see it.

Me too.

Why can't the powers that be stop this tide of phishing emails? They seem to know everything about me easily enough, they must be able to find and stop these people. If they don't then we might all become wary of using the web.

Quote: playfull @ 30th January 2018, 9:24 AM

Me too.

Why can't the powers that be stop this tide of phishing emails? They seem to know everything about me easily enough, they must be able to find and stop these people. If they don't then we might all become wary of using the web.

The target that the phishing email sends you to is normally a valid (respectable) website, but it wasn't secure and the baddies have hacked into it and added the extra phishing pages without disturbing the rest of the website. This makes it very difficult to positively identify a phishing email as malware.

There are quite good add-ons available for many email client programs for identifying likely phishing attempts.

The best test though in my opinion is to hover your mouse over the link and see if the domain name is really that of the apparent sender of the email. Don't be fooled by tricks in the domain name, the real domain name is the last two portions before the first "/" sign . Tie that to your knowledge of whether the apparent sender would ever be likely to send such a request. If in doubt don't click it, instead send a separate email to the apparent sender (type the address in, not by clicking) asking if they really sent this...

GeekGeek

UNITED BANK FOR AFRICA - AFRICA'S GLOBAL BANK
HEAD OFFICE ADDRESS UBA HOUSE
57 MARINA P.O. BOX 2406 LAGOS NIGERIA
PHONE: +234 802 263 0701

On behalf of the board and management of International Monetary Funds (IMF). In conjunction with
Organization of African Unity (O.A.U) has directed us to pay you one
Million five hundred thousand united state dollars ($1.500, 000.00) in
Cash through means of diplomatic courier service hand delivery.

We have been working towards the eradication of fraudsters and scam Artists in Africa with the help of the Organization of African Unity (OAU) United Nations (UN), European Union (EU) and FBI.

We have been able to track down some scam artist in various parts of African countries which includes (Nigeria, Republic of Benin, Ghana and Senegal with cote d'ivoire ) and they are all in Government custody now, they will appear at International Criminal Court (ICC) soon for Justice.

Note: You have to stop communicating with the impostors right now and you have to stop sending money to them and stop responding to their emails, we are acting according to the Directive from UN, FBI, HLS, so any email you send to them will be monitored.

Take note: Three thousand united state dollars (usd$3,000) have been
Mapped out for all expenses in taxes and other documents that matters.

Kindly forward your home address and direct phone number to this email: kennedyuzoka649@yahoo.com/uzokakennedy68@gmail.com

Regards,
Kennedy Uzoka
Director cash processing unit
united bank for Africa. (U.B.A).
PHONE: +234 802 263 0701
FAX: 234 674 478 8273
Email: kennedyuzoka649@yahoo.com/uzokakennedy68@gmail.com

I've gotten tricked by e-mail scams a couple of times, so I did a bit of research about how to identify scam/phishing e-mails. Turns out there's a lot of analyzing you can do on the sentence-level of the e-mails, but it seems like the kind of thing that gets easier/faster the more you do it. Here's an article that had a really helpful list of things to look out for:

https://www.1and1.co.uk/digitalguide/e-mail/e-mail-security/how-to-identify-phishing-e-mails-and-protect-your-data/

Gotten?

That's usually a clue. Crap English.

The wording of these so called scam emails give them away 99.9% of the time because of the poor English but I've seen some people get fooled by the more sophisticated ones. They are quite disturbing because they are emails written in a very accurate way of the person they are pretending to be. This is what fools busy, stressed out people during the day when an email pops up and they just do as it says.

****Always check the headers**** of the email which show you the real sending address so you know without doubt if it's been spoofed. Also, if it has instructions to make a payment then never do it straight away and run it by someone else for a second opinion or your IT department if it's work related. If you start getting more emails chasing payment then it's game over. Tell them to do one.

Checking the headers is the easiest way to know if a sending address is genuine because nothing can fool the headers. They are applied like a rubber stamp during each hop of the emails journey until you end up with a long block of text that tells you different info such as:

Envelope Sender: This is the email address you see in the From field of the email. This can be easily changed (spoofing)

X-Sender: This is the actual email address that was used to send the email. (it might not always be X-Sender but it will be something like that and you can search the page for anything with the @ symbol to find it.

Other useful info like IP addresses and hostnames of the mailservers that sent the email and received it can help identify (more importantly, eliminate) the real sender of that email.

MXtoolbox is a great multi use tool so it's worth a bookmark. This link is for headers parsing which breaks down the hops of the email but it can do much more.

https://mxtoolbox.com/EmailHeaders.aspx