Valentine’s Day – Malware Love Is Coming Your Way

From the – here we go again files. Love in your inbox – malware on your computer.

Like clockwork, spammers and cybercrooks ramp up the volume of Valentine’s spam emails aimed at unsuspecting users – every year – starting just about now.

You know the ones –  “Falling in love with you”, “Sending you my love”, “Memories of you”, “I Love You Soo Much” …………. (saccharin sells I guess    ). Since cyber crooks are opportunity driven, you can expect much more of this type of cybercriminal activity again this year.

Maybe you’re a very cool person who’s significant other is always sending you neat little packages in your email. MP3 files, screensavers, cartoons, YouTube videos, and the like. You get them so often, that you just automatically click on the email attachment without thinking. If you are this type of person, here’s a word of advice – start thinking.

The hook, as it always is in this type of socially engineered email scam, is based on exploiting emotions. The fact is, we’re all pretty curious creatures and let’s face it, who doesn’t like surprises. I think it’s safe to say, many of us find it difficult, if not irresistible, to not peek at love notes received via *email.

The reality.

The truth is, these emails often contain links that deliver advertisements – or worse, redirect the victim to an unsafe site where malware can be installed on the soon to be victim’s computer.

Would you be fooled?

A couple of years back, a friend, who is an astute and aware computer user, fell for one of these carefully crafted teasing emails. Clicking on the link led him to a site which had a graphic of hearts and puppies – and of course,  the teaser.

Luckily, common sense prevailed and he backed out of this site. If he had clicked on the teaser, he would have begun the process of infecting his machine with a Trojan. A Trojan designed to connect to a remote command and control center.

Unfortunately, being smart is often NOT enough to protect yourself. At a minimum – make sure you have an effective security solution installed; capable of detecting both known and new malware strains.

You know what to do, right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar.

If they come from an untrusted source, simply ignore them – they could take you to a web site designed to download malware onto your computer.

* Cyber crooks have moved on from using just emails as a malware delivery vehicle. So, be on the lookout for fraudulent Valentine’s Day greetings in:

Instant Messenger applications.

Twitter

Facebook

Chat forums, etc..

The Right Way To Respond To A Fake “Confirm PayPal Account” Phishing Email

Regular readers here are smart people – very smart people. Over the last few years I’ve come to know many of them. And, none better than John Bent – my good buddy from the UK. In fact, John is the third leading commenter on this site.

I don’t mind saying, that I look forward with some anticipation to John’s comments – he is, in a sense, a writer in disguise. And, a good one at that. But, best of all, John’s comments invariable hold more than a nugget of cyber wisdom.

The following comment (from earlier today), sets out how John – a super user – responded to a PayPal account phishing email. There’s a strong lesson to be learned here – for all of us.

Hi Bill,

Re:https: Fake “confirm PayPal Account” email leads to phishing.

The version I received told me that my account had been changed to “limited” status, because of “suspected invalid use by a third party”. The cheek of these people!

I have to say it was a very good imitation, so I took it seriously enough to open a new browser window to check my account directly, NOT via the link in the email. Surprise, surprise – no mention of my account being limited.

While I was on their site, I found the address to forward suspected phishing emails to; I know, I ended a sentence with a preposition, so sue me. I always make a point of forwarding these emails to the appropriate address; a link to this can usually be found on the home page, not always easily.

I guess they do not want to highlight this problem too clearly, probably regarding it as the customer’s problem rather than theirs; how’s that for customer service?

If I still had any doubts, the sender’s email address was a complete giveaway; no mention of PayPal anywhere. One final thing, if this kind of email is genuine, it usually addresses the account holder by name and will NEVER ask you to click on a link and input sensitive information.

Kind regards
John

The sidebar on this site sets out the following – “Comments are an important feature of this Blog.” John’s comment is a perfect example of how one reader’s comment can be a teaching moment for others.

Thank you John for taking time to fill in the blanks.

Updated – July 30, 2012.

Heads up on another attempted PayPal scam. This one was confirmation of a supposed payment to Skype of £46.49 gbp. Thoughtfully a link was provided so that I can raise a dispute if I have “issues” with the payment. This is, of course, a devious way to harvest your login details so that the scamscum can actually take money from your account

Of course I know I’ve never paid anything for Skype and a quick check on my account confirmed this.

 

 

 

Am I Dead? Investigation.org Wants to Know

I woke up this morning to find that I wasn’t dead. That’s kind of a bonus, since there have been mornings when I wasn’t entirely convinced –  if you know what I mean. But, I’m getting ahead of myself.

Assuming, one is still alive – I suspect that there might be a certain sense of urgency in refuting a rumor that one has passed on to bigger and better things (hopefully, bigger and better things, but……).

In the latest craziness on the spamming scene – Investigation.org (now there’s a catchy name), has crafted a phishing email – loaded with power words – in an effort to provoke the need to act.

First, to prove you’re not DEAD – and subconsciously, who doesn’t have a need to do that? Second, in the happy event you’re not DEAD – the good news is – you’re in line to “receive and confirm your funds without any more stress”. Good news – no?

In an attempt to show the proper degree of sincerity (just in case you’re DEAD, as you read the email), Investigation.org goes that extra mile – “MAY YOUR SOUL REST IN PERFECT PEACE – YOUR JOY AND SUCCESS REMAINS OUR GOAL.”

Text of this unintentionally hilarious email –

URGENT CONFIRMATION NEEDED TODAY/CALL FOR DETAILS

Investigation Bureau office@investigation.org

8:48 AM (5 hours ago)

Attn: Sir/Madame (don’t know if I’m a man or a woman – what gives?)

We are writhing to know if it’s true that you are DEAD? Because we received a notification from one MR. GERSHON SHAPIRO of USA stating that you are DEAD and that you have giving him the right to claim your funds.

He stated you died in a CAR accident. He has been calling us regarding this issue, but we cannot proceed with him until we confirm this within after 7 days of no respond.

Be advised that we have made all arrangements for you to receive and confirm your funds without any more stress, and without any further delay.

All we need to confirm now is you been DEAD Or still Alive. Because this MAN’S message brought shock to our minds. And we just can’t proceed with him until we confirm if this is a reality OR not.

But if it happened we did not hear from you after 7 days, then we say: “MAY YOUR SOUL REST IN PERFECT PEACE” YOUR JOY AND SUCCESS REMAINS OUR GOAL. May the peace of the Lord be with you wherever you may be now.

Your Faithfully,
Mrs. Vivian Martins
Tel: +123-806-731-6969

Email: investigation_departtt1@hotmail.com

OK, I will admit, that to be taken in by a scam email like this, or any scam email for that matter, one would have to be the type of person whose antenna doesn’t pick up all the channels.

Still, when you consider that 90% of all emails are spam – and scams are a big part of that percentage – it’s fair to say – more than a few unlucky souls who’ve lost contact with the mother ship, will fall for this type of scam email.

What a sad reflection on the state of the Internet.

Online Paperless Billing – The New Attack Vector For Cyber Crime

I’m very much in favor of online paperless billing and, virtually all of my reoccurring monthly bills are delivered this way – directly to my inbox. For example (shown below), is a snapshot of the regular monthly email notice from my natural gas supplier.

A simple click on the embedded link, and …..

there’s the bill – which is identical, I might add, to the bill delivered by regular mail.

A couple of extra clicks to reach my online banking and, the bill is paid.

No stacking up bills to be dealt with (along with all the other bills), at a later date. Done – fini – terminado!

I like it and, I’m sure my utilities suppliers love it – since, in most cases, they get paid far in advance of the required payment date. A perfect system it seems – except, this is the Internet.

Ah, the Internet – the playground of every scumbag cyber criminal from Moscow to Montreal – and, beyond. So, it’s hardly surprising to see online paperless billing come under attack.

Yesterday, Commtouch let me know of an ongoing attack – directed at AT&T  customers – which automatically embeds malware onto the targeted machine, once the user clicks on the embedded link in the  billing notice.

Since the billing email shows an outrageous balance (in the following screen capture, $943.01), theoretically, the response ratio should be significantly higher than it might otherwise be.

Several months back, I received a billing notice from my cable supplier totaling $650 – versus the normal $150 – and, I can assure you, I clicked on the embedded link, immediately.

It was, of course, a massive screw up at their end. Never the less, I instinctively (and, without thinking) clicked on the link . Being frustratingly annoyed is often a powerful call to action. Cyber criminals know exactly how to wind us up –increasing the odds that we’ll respond inappropriately.

Graphic courtesy of Commtouch.

According to Commtouch, who generously shared their research –

The pattern to be aware of in this case is: <legitimate domain>/<recurring set of random letters>/<index.html>

The index.html file tries to exploit at least the following known vulnerabilities:

·Libtiff integer overflow in Adobe Reader and Acrobat       CVE-2010-0188

·Help Center URL Validation Vulnerability       CVE-2010-1885

Every link in the email (there are 9 links), leads to a different compromised site with malware hidden inside. Recipients who are unsure whether the email they have received is genuine or not (the malicious version is a very accurate copy), should mouse-over the links.

Genuine emails from AT&T will include AT&T website links.  For example the “att.com link will be the same in both places that it appears in the email – unlike the malicious version which uses two very different URLs.

I might add, that I use the WOT Browser add-on and, you’ll notice in the first graphic (at the top of this page), the green circle indicated the embedded link is safe. I strongly suggest that if you currently do not have WOT installed, that you consider doing so. As well, I use the Redirect Remover add-on which removes any redirect links in Firefox. An appropriate way to become aware of redirected links.

Four years ago, when I stated writing this Blog, I was hopeful that the cyber criminal threat to Internet users would be actively addressed. That at some point, governments and law enforcement would step up and actively seek out, and punish, the criminals who have turned the Internet into a minefield.

Governments, (the U.K, the U.S., Canada, Australia, India …) it seems, don’t give a fiddler’s f*ck – they appear to be much more interested in passing regressive Internet legislation directed at you – not cyber criminals. Legislation designed to massively infringe on individual personal privacy, and individual human rights. In the meantime, cyber criminals continue to roam freely.

As for law enforcement agencies – just try reporting a cyber crime to your local police department and, you’ll find that they couldn’t care less. Their focus is on low level behavioral crimes, like busting teenage Pot smokers. Just how much safer does that make you feel on the Internet?

Unless, there is a concerted effort on the part of all of us – and yes, that means you need to get involved – demanding a responsible approach to this outrageous criminality on the Internet – we will all, at some point, become a victim of cyber crime.

Do I sound angry? You bet I am.

OMG! Mark Zuckerberg Sent ME An Email!

What a rush! Mark Zuckerberg knows I exist and, even better than that – he just gave me $200. Yes! $200! Thanks Mark; I’ll get right on that.  

You don’t believe me I hear you saying – then, take a peek at this email from my Gmail spam box. Oops, I’ve just given myself away – haven’t I? The email is in my SPAM box. With good reason, of course.

While it’s true, that in this particular case, spam filters have isolated this email as both spam and a probable fraud – do not rely on filters as the ultimate safeguard. That’s your job – you are your own best protection.

Click to expand.

As an experience and educated surfer, you’re quite use to navigating over the rough trails of the “Wild West” Internet. You know, that this email is just too preposterous to be taken seriously. Although, as difficult as it is to believe, there are those who are gullible enough to  respond.

If you’re a regular reader here, please forgive me for repeating the following same old – same old – advice.

Be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of this type of scam on the Internet. In doing so, you help raise the level of protection for all of us.

A technical approach to protecting yourself against fraudsters:

Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.

Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site.

Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.

Check the message headers. The ‘From:’ field is easily manipulated to show a false sender name. Learn how to view headers.

If you’re still uncertain, contact the organization from which the message appears to be sent. Don’t use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.

How gullible can people be? When Michael Jackson passed, I wrote a piece entitled “Hey Sucker – Read This! Michael Jackson’s Not Dead!”, simply as a test of “curiosity exploitation”.

The results that followed were astonishing – within days, this article was getting thousands of daily hits. Even today, this article continues to get hits. Talk about gullible people!

3..2..1 – UPS Malware Blasts Off!

My friends over at Commtouch, got me on the horn to advise me that the UPS email scam (with malware attached), has bounced up significantly. From what I can see, the malware is a Fake Alert Tojan which installs a rogue security application. So, be on your guard.

I’m on vacation this week, so I’ll post the Commtouch Café blog article verbatim.

A wild malware rollercoaster – over 500% increase

The UPS name is once again being used to spread vast amounts of email-attached malware.   The last week has seen an extraordinary increase – over 5.5 times the average level before the outbreak.  The attack closely resembles the large outbreak reported on at the end of March.  The graph below illustrates the increase:

There are numerous versions of the email text – some examples:

Good afternoon!

Dear Client , Recipient’s address is wrong

Please fill in attached file with right address and resend to your personal manager

With best regards , Your USPS .com Customer Services

Good afternoon!

Dear User , Delivery Confirmation: FAILED

Please print out the invoice copy attached and collect the package at our department

With respect to you , Your UPS Services

GOOD AFTERNOON!

Dear Client , We were not able to delivery the postal package

Please fill in attached file with right address and resend to your personal manager

With Respect , Your UPS .COM

ATTENTION!

DEAR CLIENT , RECIPIENT’S ADDRESS IS WRONG

PLEASE PRINT OUT THE INVOICE COPY ATTACHED AND COLLECT THE PACKAGE AT OUR DEPARTMENT

With best wishes , Your USPS .us Customer Services

These emails also come with a range of subjects such as:

• USPS Attention 060532
• USPS: DELIVER CONFIRMATION – FAILED 17592718
• USPS id. 182407
• USPS DELIVERY CONFIRMATION 7264145
• From USPS 4009717
• Your USPS id. 44531036
• USPS ATTENTION 44123265

In the previous attack the filenames were quite limited – unlike this attack – some examples:

• “ups_NR9Yl2673.zip”
• “Ups_NR5pY500268590.zip”
• “UPS_NR5Da3052.zip”
• “MyUps_NR9hN8574.zip”
• “MYUPS_NR5gX736615890.zip”

Reminder: In the last series of attacks the subjects were changed to use the DHL brand a few days after the initial attack.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Don Gunshot – The Hitman With A Heart e-Blackmail

I sometimes wonder if it isn’t a prerequisite that Nigerian scammer wannabes are required to graduate “comedy school”, before they get their scammers license and are set free to practice their newfound skills on the marginally intelligent.

In a new twist on an old theme (the infamous 419 scam), Nigerian scammers have upped the ante in a variant of their usual email scam nonsense – the hitman, “I’m gonna kill you” email. These fear-provoking emails (at least they’re intended to be scary), contain a threat that the recipient will be murdered by – are you ready for this – “Don Gunshot”.

But, Don is not your ordinary run-of-the-mill “I’m gonna blast ya out of your shoes” hitman. No, Don it seems, has a big heart. For a measly $5000, Don will take you off the list of his current projects. Just in case you might think that Don is no gentleman, he’s gone the extra mile and politely signed off on the email, with a kindly – Regard(s). Too funny!

Hitman emails are not a new threat – they’ve  been circulating on the Internet since at least early in 2007. They come; they go, and come and go again.

So it’s hardly surprising to see that Symantec has just identified a new wave of hitman emails currently making the rounds. Although there are many variations of this email, here’s one example:

Click graphic to expand to original size.

Graphic courtesy of Symantec.

On a more serious note:

Don’t act fast as Don suggests. Don’t send $5000. Do contact the Police – this an attempt at extortion.

This scam illustrates the lengths to which these crooks will go to entrap the unwary and gullible. Unfortunately, the description “unwary and gullible”, is easily applied to substantial numbers of Internet users.

As an experienced and cautious Internet user, it’s safe to say that you will not be deceived by this type of clumsy attempt to defraud but, you might be surprised how often reasonably intelligent people are.

So, be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of 419 scams on the Internet. In doing so, you help raise the level of protection for all of us.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Bounced Email Malware On The Loose

I suspect that we’ve all sent emails that have been bounced back to us as “undeliverable” – for any one of hundreds of possible mail server errors (you might be surprised to learn that there are 850+ possible error messages). The most common error? We’ve used an incorrect email address.

In most circumstances (if you’re aware that you did send the bounced email), it’s safe to open the undeliverable notice. But, and this is a big BUT – if you didn’t sent it – DON”T click on it –DON”T open it! Especially if you’re required to open an attachment to view the details. An attachment virtually guaranteed to contain malware designed to hijack your email account.

You might think that this sort of thing couldn’t happen to you. But, don’t be so sure – a moments inattention can be all it takes.

Here’s an example forwarded to me, just a few days ago, by a regular reader who is a very astute user. A reader who’s extremely conscious of system security, and Internet safety. He and I correspond frequently on security related issues, and I can easily say – he knows his stuff.

Hi Bill:

I just had an email account hijacked because I sent an email to a legitimate web site and immediately received one of those undeliverable messages (Damein something?).  Anyway, I clicked on it to see if I sent the email to the correct address.  Shortly thereafter, someone took control of my contact list and sent emails out with a link on them.

Of course, I changed my password and deleted my contact’s list.  I am no longer keeping a contact list on my email programs, as the first thing they do is take control of one’s contact list.

I’ll point out, that the most common reason (but, not the only one), you’re likely to receive an infected bounce back is – your email address has been scooped from an infected machine’s contact list. In other words, someone you know and have exchanged emails with, is infected. The example above, is a perfect illustration of this.

Malware delivery methods are cyclical (everything old is new again), and we’ve seen this threat before. From what I can see, following some investigation – it appears to be making a resurgence. So, when dealing with bounce backs, it’s important that you have a heightened sense of awareness.

You may think that this is an overreaction but, if the bounced email is a personal email – pick up the phone and confirm the address. Having once been a victim of a cyber criminal who hijacked one of my email accounts, I can assure you – it’s a most unpleasant experience.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Fake URL Shortening Services –Spammers Latest Weapon

According to Symantec’s May 2011 MessageLabs Intelligence Report, released several days ago, spammers are now employing their own fake URL shortening services to redirect users to the spammer’s Web site. It’s hardly surprising that this new technique has directly contributed to rising spam rates.

MessageLabs Intelligence reports that “shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.”

Key findings from the May 2011 report include:

Spam: In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).

In the US 76.4 percent of email was spam, 75.3 percent in Canada, 75.4 percent in the UK, and 73.9 percent in Australia.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April.

Endpoint Threats: The most frequently blocked malware targeting endpoint devices for the last month was the W32.Ramnit!html, a worm that spreads through removable drives and by infecting executable files.

Phishing: In May, phishing activity was 1 in 286.7 emails (0.349 percent), a decrease of 0.06 percentage points since April.

Web security: Analysis of Web security activity shows that approximately 3,142 Web sites each day were harboring malware and other potentially unwanted programs including spyware and adware, an increase of 30.4 percent since April 2011. 36.8 percent of malicious domains blocked were new in May, an increase of 3.8 percentage points since April. Additionally, 24.6 percent of all web-based malware blocked was new in May, an increase of 2.1 percentage points since last month.

The May 2011 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available here.

Reading this type of report (or at least the highlights), can be a major step in expanding the sense of threat awareness that active Internet users’ require.

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Government of Nigeria “tortures” 419 Scammers – If Only!

I’m not advocating the torture of cyber criminals and spam scam artists, although ….

This morning, when I received an email (ostensibly), from The Federal Government of Nigeria (The Advance Fee Fraud section), in which it was made clear that – “some scam Syndicates were apprehended in Lagos, Nigeria few days ago and after several interrogations and tortures, (my) details were among those mentioned by some of the scam Syndicates as one of the victims of their operations” , it momentarily entered my mind that torture might be an appropriate penalty. Especially for those involved in this latest “wolf in sheep’s clothing” scam.

I’ve covered the wolf in sheep’s clothing scam here a number of times, including

1051 Site Dr. Brea, CA – Not An Address You Want To Go To!

A Helpful Spam Scammer – A Wolf in Sheep’s Clothing

This particular spam scam is highly instructive, and it illustrates the lengths to which these crooks will go to entrap the unwary and gullible. Unfortunately, the description “unwary and gullible”, is easily applied to substantial numbers of Internet users.

As an experienced and cautious Internet user, it’s safe to say that you will not be deceived by this type of clumsy attempt to defraud but, you might be surprised how often reasonably intelligent people are. So, be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of this types of scam on the Internet. In doing so, you help raise the level of protection for all of us.

For reference, I’ve included the full text of this “torturous” email, which contains the usual spelling, grammar, punctuation, and layout errors.

EFCC FRAUD UNIT

Attention,
The Federal Government of Nigeria through provisions in Section 419 of the
Criminal Code came up with punitive measures to deter and punish
offenders.The Advance Fee Fraud section deal mainly with cases of advance
fee fraud(commonly called 419) such as obtaining by false pretence through
different fraudulent schemes e.g. contract scam, credit card scam,
inheritance scam, job scam, loan scam, lottery scam, “wash wash” scam (money
washing scam), marriage scam. Immigration scam, counterfeiting and religious
scam. It also investigates cyber crime cases.
This is to officially announce to you that some scam Syndicates were
apprehended in Lagos, Nigeria few days ago and after several interrogations
and tortures your details were among those mentioned by some of the scam
Syndicates as one of the victims of their operations.
After proper investigations and research at Western Union Money Transfer and
Money Gram office to know if you have truly sent money to the scam
Syndicates through Western Union Money Transfer or Money Gram, your name was
found in Western Union Money Transfer database amongst those that have sent
money through Western Union Money Transfer to Nigeria and this proves that
you have truly been swindled by those unscrupulous persons by sending money
to them in the course of getting one fund or the other that is not real,
right now we are working hand in hand with Western Union and Interpol to
track every fraudsters down, do not respond to their e-mails, letters and
phone calls any longer they are scammers and you should be very careful to
avoid being a victim to fraudsters any longer because they have nothing to
offer you but to rip-off what you have worked hard to earn.
In this regard a meeting was held between the Board of Directors of The
Economic and Financial Crimes Commission (EFCC) and as a consequence of our
investigations it was agreed that the sum of Two hundred thousand US Dollars
(US$200,000) should be transferred to you out of the funds that Federal
Government of Nigeria has set aside as a compensation to everyone who have
by one way or the other sent money to fraudsters in Nigeria.
We have deposited your fund at Western Union Money Transfer agent location
EMS Post office Lagos, Nigeria. We have submitted your details to them so
that your fund can be transferred to you.
Contact the Western Union agent office through the email address stated
below inform them about this notification letter and the transfer of your
fund;
Email:wu_payingdept@qatar.io
Yours sincerely,
Sarah White (Miss)
Assistant Investigation Officer.
The Economic and Financial Crimes Commission (EFCC)
15A Awolowo Road, Ikoyi, Lagos.
Nigeria
http://www.efccnigeria.org
******************************************************************

Please note that some fraudsters are claiming to be Directors or staff of
The Ecomomic and Financial Crimes Commission have recently been sending
phony e-mails/letters and also calling unsuspecting persons, with intent to
defraud them. It is important to note that these fraudsters are criminals
engaged in Advanced Fee Fraud known in Nigeria as 419. Every day, people
throughout the world are falling victim to scams of one kind or another. But
remember – if it sounds too good to be true, it is probably a scam. In the
circumstance, we unreservedly advice you to dissociate yourselve from all
correspondence and transactions entered into based on evidently fraudulent
and fictitious claims.
********************************************************************

“This e-Mail may contain proprietary and confidential information and is sent for the
intended recipient(s) only. If, by an addressing or transmission error, this mail has been
misdirected to you, you are requested to delete this mail immediately. You are also
hereby notified that any use, any form of reproduction, dissemination, copying,
disclosure, modification, distribution and/or publication of this e-mail message, contents
or its attachment(s), other than by its intended recipient(s), is strictly prohibited. Any
opinions expressed in this email are those of the individual and not necessarily of the
organization. Before opening attachment(s), please scan for viruses.”
All business handled under Standard Trading Conditions. Copy available on request.
********************************************************************

Just to be clear, as a strong supporter of Amnesty International, any references I made to torture were for effect, only.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.