Foo - Check out this spammer!

Below is a message I received in my inbox some time during the last 24 hours. The body of the message is copied exactly as it appears. The thing is, if the writer was even semi-literate, it might have been half-convincing.



Date: Tue, 20 Jan 2004 15:41:16 -0500
From: "Online-Citibank" <jimmer@u2club.com>
To: Chris L
Subject: Citibank-Online _E-MAIL_ Veerification -


_Dear_ OnlineCitibank Members,

_This letteer was sentt by_the citibank_ _server_ to
veerify your email adrress_.
You muust ctmpoele this pcsroes by clicking on_the_link
beloow and enteering in the smal _window your Citibank
_Debit_ full card-nummber and pin that you use in the local Atm
machine.
That_is donne for Your pecrtotion -f- becouse some of_our
memebrs no lngeor have acescs to their email addrseses
and we must verify it.

http://citibankonline.net:%523%7a%49%6e%59%71%77%41%4d2%77@%69%6120%78%64%6b%66%64%2e%44%61%2e%52%75/%3f%63%749%74%44%6c

To veerify your_ E_MAIL _address_ and acccess your Citibank_
account, click on_the_link beloow.

FKeQiG2


I might reply and send this guy a link to an on-line dictionary or something. Evidently he had similar trouble reading the Citibank database -- I don't have a Citibank on-line account. :rolleyes:


DISCLAIMER: Neither Chris L nor Mr Spanky accept any responsibility for anyone who is silly enough to click on the link above. Having not clicked on it myself, I cannot guarantee the content contained therin

I have been getting some very good fakes for banking and Earthlink lately. The pages look legit, but I am pretty sure Earthlink security is not at bigtrixie42@hotmail.com.

Sadly, people fall for these email scams daily. I read that an estimated 15,000 paypal accounts were compromised last year alone; 99% were due to these fakes going around.

Scma atrists shuuold be set on fier and hnaded a bukcet of urnie! :mad:

Scma atrists shuuold be set on fier and hnaded a bukcet of urnie! :mad:

That is hilarious! :roflmao: :roflmao:

Joe -- I know a lot of people fall for these scams, but surely no scammer could get away with that many spelling mistakes. It has to put even the biggest idiot in the world on ntocie.

sometimes, though, I think it is almost natural selection...if you fall for a scam like that, maybe you shouldn't be using a computer.

I'm not saying its right, but c'mon...

I've received those email scams for MSN, Ebay, Paypal, and Citibank (1 or 2 with good spelling, one as bad as the thread-starter's) - pretty amazing that people would think these were legit, no matter the grammar used.

I received a very convincing e-mail asking me to verify my PayPal account info by "clicking the link below". I even went to see the "account info verification form", quite good actually. They had copied PayPal web site design, colors, fonts, you name it. All the PayPal standard navigation buttons were there and took you to the respective page in PayPal's site. Someone had put effort in this scam. I reported the e-mail to PayPal.

I tell my friends and relatives over and over again, normal e-mail is just like sending & receiving postcards. No responsible organisation handles official correspondence that way, nor will they ask you to do that. But I could still see someone falling for these. The fact that I am not a PayPal customer helped in this case :D.

--J

One place to report spammers is http://spamcop.com . They refer cases to internet service providers the spammers operate on. The ISP's usually then contact the user or disconnect their service.

Chris, it's possible yours may have have been generated by a virus. The words with underscores look like phrases that it can change based on certain parameters. I don't know how they generate the huge lists of e-mail addresses they hit, but they're annoying as heck. These viruses infect computers, try to get you to enter information that is sent to a server that cannot point back to the programmer, then generate a ton of spam e-mail to spread and/or fool new people. Our school network crashed a couple times early in the year due to new students arriving with infected computers that sent out so much spam the equipment couldn't handle it. Other virus were to blame too, but the spamming ones were a significant percentage.

I recommend not replying directly. That may make your e-mail address a marked target depending on how it works (assuming it is a virus), or it would confirm that you have an active email address to the people who send out these spams.

As far as grammar, there are always mistakes. Most of the people who write these speak English as a 2nd language at best.

I received a very convincing e-mail asking me to verify my PayPal account info by "clicking the link below". I even went to see the "account info verification form", quite good actually. They had copied PayPal web site design, colors, fonts, you name it. All the PayPal standard navigation buttons were there and took you to the respective page in PayPal's site. Someone had put effort in this scam. I reported the e-mail to PayPal.
--J

Juha, this sounds very similar to the mimail virus, which downloads after a person clicks on the link. Since you went to see the form, you may want to scan your computer. You can do a search for the mimail fix tool from http://symantec.com or you can download the "Stinger" tool from http://vil.nai.com/vil/stinger (http://vil.nai.com/vil/stinger/). This will scan for that or about 40 of the other most common threats on you computer. It's not a full-antivirus program like Norton, but it can clear existing infections if you don't have Norton, McAffee or something similar.

The threat to a reasonably sensible person by mimail is almost zero, but if infected, especially if you use Outlook, it can spread to others through you. Hopefully you're clear, but I like to be safe.

Thanks iamlucky13. I thought mimail always comes as an attachment? Anyways, I am running NAV with current updates installed and our business mail server has F-Secure mail scanner. No versions of mimail found (keeping my fingers crossed). I still think the PayPal e-mail was "just" a fairly good hoax.

--J

I recommend not replying directly. That may make your e-mail address a marked target depending on how it works (assuming it is a virus), or it would confirm that you have an active email address to the people who send out these spams.


Oh, I've learned that lesson a long time ago with that old hotmail account I had. Now I just report them to Yahoo! and let them deal with it. I'm not sure what they do, but I don't seem to get too many repeat spammers these days.

Pretty clever... the link brings up the legit citibank page, but the spelling whiz uses a pop-up (without a URL) to prompt for data.

Scma atrists shuuold be set on fier and hnaded a bukcet of urnie! :mad:

I fell out of my chair I laughed so hard!! :roflmao: :roflmao:

Thanks iamlucky13. I thought mimail always comes as an attachment? Anyways, I am running NAV with current updates installed and our business mail server has F-Secure mail scanner. No versions of mimail found (keeping my fingers crossed). I still think the PayPal e-mail was "just" a fairly good hoax.

--J

I think so you're right, but I found one person who had it who said he only clicked on the link, so I figured I'd better make the suggestion. Working with computers on a college campus, you see alot of people who can take care of themselves, and then there are those unique users who despite being helped with setting up AV programs, security patches, turning off network shares, and maybe even setting up a firewall are still able to pick up loads of viruses as fast as they are written.

I wanted to install a folder marked " Important personal info and credit no# "-into windows and put all the flagged files and virus remnants from my antivirus in it.
Kind of a pandoras box for a hacker to download.