Internet Defense Technologies

If you get this email and you actually are a Western Union customer, go directly to the website to check it out, but don’t click on the link.  This is a phishing attempt:

Dear Customer,

This is your official notification from Western Union. Your account has been limited due to a login attempt failure. To remove this limitation, you have to confirm your information on file with us. To continue, visit our website by clicking here >>

If you do not confirm your information, your Western Union online account will be permanently suspended and deleted from our system.

We are continually improving our website to better serve you. Be sure to check back with us often as we add exciting new services to meet your financial needs.

If you have questions or need assistance, our customer service team is here to help. Just visit our website.
Be sure to remember and protect your Username and Password. You will need them next time you sign in to our website.

___________________
DO NOT REPLY TO THIS EMAIL. IF YOU HAVE QUESTIONS, PLEASE VISIT OUR WEBSITE.

Blog post by Ron Edison, Founder and CTO of Internet Defense Technology

So, there I was in the middle of my hectic work day when I saw it…. a piece of spam so well put together that I actually did a double take.

And in my day I have dealt with millions of pieces of spam…

This message looked incredibly legit. I knew it was spam from the moment I saw it but it looked so legit that it caught my interest.

It was allegedly from paypal, it had the paypal logo, was written in good English, warned the user never to give out their password, a link to the paypal security policy (which really did link to the real one), etc.

Furthermore I do have a paypal account and this thing was worded just like other emails I’ve gotten from them.

Of course it requested that the user “click here to activate your account” and such things — a dead giveaway to those of us who have acquired that net savvy and a nose for a scam, but pretty convincing to enough Internet users to make sending such things profitable.

Examining the message, it was, interestingly enough from “service@paypal.net” very close to “service@paypal.com” a real paypal address, but again, something many Internet users would miss.

Out of curiosity, I downloaded the message using Mozilla Thunderbird, both the most recent stable version and the new upcoming development version. Thunderbird is generally good at warning users away from scams but here it only warned about blocking remote images, something that is pretty common on legitimate mail as well.

Overall, this was a masterful piece of spam that was an admirable (if I might use the word here) phishing attempt.

The link to “activate one’s account” was obviously not going to paypal but some other domain entirely, but again, not something many would notice and on some clients such as Blackberrys with HTML email enabled, not visible without switching to plain text mode.

Bottom line is that spammers and identity thieves have gotten increasingly sophisticated and today’s Internet demands security measures unheard of a decade ago.

Not often pointed out is how extensive one’s security measures must be to operate computing devices with Internet access safely in this day and age. Many fall short.

With a multitude of vendors crying out their wares, few simple solutions exist.

At Internet Defense Technologies, we keep some of our email accounts intentionally unfiltered so we can keep an eye on the latest, and so here it is.

Really complicated security measures don’t hold up because they inhibit users, are difficult to use, etc. Users themselves will defeat onerous security measures — from the classic sticky tab with a scrawled password commonly found in the corporate environment with a very strict password change and complexity policy to simply not using a work email account because one can’t depend on email to arrive and make it through the gauntlet of the spam filter and antivirus layers erected by the IT department.

Total Mail Defense was created with the idea of simple and effective email security that doesn’t inhibit the use of one’s email. A single false positive sometimes can overshadow the value of an entire email security system, since, if the users can’t get their email, the whole point has been missed.

All too often the simple idea that email, to be useful must be delivered — as fast as possible and the security has to be transparent and simple to use for any user.

There are three prominent email phishing scams going around that everyone should be on the lookout for:

• Google Adwords
• Fed-Ex
• UPS

All of these will try to get you to click through to a website which is in fact not really the company’s website.

There is always a problem and you need to act right away to fix it.

If you think there really might be a problem DON’T CLICK ON THE LINK, instead, independently go to the website and check it out yourself.

Saw a report from the Federal Trade Commissions (FTC) recently released a list of the top email scams:
1. Advance Fee Fraud
2. Phishing
3. Check Overpayment Scams
4. Work-at-Home Scams
5. Weight Loss Claims
6. Foreign Lotteries
7. Cure-all products
8. Investment Schemes
9. Pay-in-Advance Credit Offers
10. Debt Relief

You can forward any emails you get on this to spam@uce.gov

Forbes also did a list of the top scams which all of which can be done via email. There list was:
1. Home Construction
2. Bait and Switch Mortgage
3. Fake Check
4. Internet Coaching Services
5. Layaway Loans/Payday Loans

Hopefully these lists will help you be aware of what can come to your email box and that it should just be deleted. Don’t get trapped in one of these scams.

I am getting back to my email spammer series with Michael Dolan as he was recently (a few days ago) sentenced in Connecticut federal court to seven years in jail plus three years of supervised release. He’s pled guilty to fraud and aggravated identity theft.

His crime (along with others who all pleaded guilty, as did Michael Dolan in 2007) was to hunt through AOL chat rooms for user ids. Those user’s would get a “greeting card” spam seeming to come from places like Hallmark.com or BlueMountain.com.

These email spams would actually installed malware (programs which spied on all the activities you did on your computer and sent the information to someone) on the victim’s computers. So, the next time the victim attempted to log onto AOL, the malware would ask for credit card numbers, bank accounts, and other personal info. If the user refused to cough up, the malware prevented them from logging in.

Allegedly Michael Dolan engaged in various forms of witness tampering, including a death threat, during the trial.

Dolan’s scam brought in over $400,000 from 250 victims.

Previous criminal record (he is only 24 years old) include being sentenced to two years of probation after pleading guilty to a misdemeanor count of accessing a computer without authorization. His probation was revoked in 2006, after the ruling judge discovered that he had taken several trips out of state, including at least one trip overseas. Dolan was then sentenced to nine months of imprisonment, and was charged in the AOL scam on September 28, 2006.

While nothing is perfect, I personally feel and have to say that the USA is still the best country around. The fact that we can say it isn’t perfect and work for change is something we should never take for granted.

While some of our freedoms do result in annoyances (email spam and some strange perverted use of freedom of speech) they are still great to behold.

Be careful what you do and where you click over the holidays, but most important have some fun and celebrate the birth of this great country.

So, if you get an email that falls in one of these categories:

• Seems suspicious or makes you wonder if it is real in some way
• From someplace you don’t have an account as far as you can remember
• From someplace you do have an account but the message doesn’t seem right (and sometimes even if it does seem right)

Don’t click on the link in the email!

One of the ways spammers make money is by stealing your personal information and then using it (definition of phishing).

This doesn’t always have to be your bank account number.

For example, say you are paying someone to advertise for your business (like Google AdWords). Someone pretending to be the advertiser send you an email that says you need to login to your account and check/verify/change/fix something.

You click the link from the email into the site.

You think you are going to adwords.google.com but you are actually going to adwords.google.cn.com or something similar.

When you put in your account username and password, you have just given the spammer your username and password.

Sometime later you login to the account yourself and discover that you have been running ads for another website and you got charged for it.

The morale of the story:

If you get an email, don’t click on the link in the email. Instead open your browser and type the address yourself. Then you can check it yourself and make sure there isn’t really something you need to do and you don’t give your information to a spammer.

Want more survey results for my Email Spam Survey, will only take a few minutes if you don’t mind.

Hope everyone is enjoying some peace and quiet and good old fashion relaxation.

There are amazing sales going on over this weekend (some I need to get myself to right away) so just a very quick word of warning:

Make sure any emails you click on for these sales, actually sends you to the right website.

A lot of time these emails will say that you have to click to get the sale, and some are totally real.

However before you give up any of your personal information, check the website address and make sure it is the actual site. Some tips on how to do this:

* Do a search for the company and see if the site you find is exactly the same as the one you will click through on the email
* Watch for a very small “.cn” in the address. Everything else make look totally correct, like nordstrom.sale.cn.com - this looks good, except that .cn means it is a phishing attempt.
* Watch of any other very small additions in the address name. This is how they trick you and very important to look for.

Still not totally sure: call the store and ask them to give you the correct address and verify the email sale.

Have a great Memorial weekend and enjoy the free time.

Be careful about any emails you might get asking for your information. To be safe, always go to the site directly to check.

For example, a new one going around from PayPal:

Dear PayPal® customer,

We recently reviewed your account, and we suspect an unauthorized transaction on your account.

Protecting your account is our primary concern. As a preventive measure we have temporary limited your access to sensitive information.

Paypal features.

To ensure that your account is not compromised, simply hit ”Resolution Center” to confirm your identity as member of Paypal. Login to your Paypal with your Paypal username and password.

Confirm your identity as a card member of Paypal.

Please confirm account information by clicking here Resolution Center and complete the “Steps to Remove Limitations.”

*Please do not reply to this message. Mail sent to this address cannot be answered.

Copyright (c) 1999-2008 PayPal. All rights reserved.

Been seeing a few articles recently about a new scam going around.

For anyone who runs a Google Adwords campaign, be warned about getting an email saying your payment hasn’t been successful.

If you get one, make sure you don’t click on the link. While the link looks correct when you click on it, it will send you to something like hxxp://www.adwords.google.com.fke21.cn/. As you can see, if you look at the end of the address, is definitely not Google.

Go ahead and check your account, but typing the address into your web browser yourself. Then you won’t get scammed (phished) our of your account information and credit card information.

Hopefully you have a good email spam filtering service (insert our marketing plug here) like ours (smile) and won’t ever see one of these.

Other articles:
Trendlabs
MX Logic
Marketing Pilgrim