Email spammers/scammers are masters of the well worn “carrot or stick” school of motivation. They seem to bounce from “this is what you’ll get” versus, “this is what you’ll lose” – with some regularity.
Some samples of each motivational technique taken from my spam honeypot Gmail account in the last few days.
It`s Kerri again. Will you ever contact me?
I made those nude pictures especially for you and I won’t write to you again!
If you wanna see them just drop me a line at – – – – – – –
and the following heavily edited example.
Check: To be deposited in your bank for it to be cleared within three working days. Your payment would be sent to you via any of your preferred option and would be mailed to you via UPS. Because we have signed a contract with UPS which should expire by August 20th you will only need to pay $150 instead of $420 saving you $270 So if you pay before August 20th, 2011 you save $270.
Oh yeah, don’t forget to send us your name/address; sex/age; cell number; and – a scanned copy of your driver’s license.
Yes, I’ll get right on that
Both of the above are just too preposterous to be taken seriously. Although, as difficult as it is to believe, there are those who are laughably loony enough to respond.
The stick is a little different, and a good example of this is the various forms of the “Your Gmail account needs verification to avoid being shut down ” phishing attack.
Unaware webmail users are much more likely to respond to the threat of losing their email privileges than you might imagine. If the notice looks convincing enough (and, they often do), some Gmail users are bound to be taken in.
If you expand this graphic to its original size, you’ll notice the sender is googleemail.com – close, but no cigar. As well, if you’re a WOT (Web of Trust) user, you’ll see that WOT has cleared the “Sign in” link as being safe.
A rather confusing mixed message. Googlee is not Google, but WOT marks the link as safe.
Unfortunately, this “green light” is a shortcoming in WOT’s reputation assessment since the rating reflects the reputation of the the principal domain, and not a subdomain – which, in this case, the link resolves to.
Sadly, average users are generally unaware that Gmail provides a simple tool to view message headers which contain tracking information for an individual email.
In this case, checking the headers (as shown in the following screen capture) reveals this email actually came from prajim.siaminterhost.com – obviously, not Google.
Of course, I didn’t response to this password phishing attempt and click on the enclosed link. But, those users who fall for this type of crafty scam, are often redirected to a forged version of Gmail’s login page where they can happily provided the requested information.
Advice worth repeating:
If you have any doubts about the legitimacy of any email message, or its attachment, delete it.
Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address.
It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.
If you have a webmail account other than Gmail, check out this page for instructions on finding headers for your specific provider.
Google provides excellent advice on their page – Messages asking for personal information, from which the following has been taken.
Here’s what you can do to protect yourself and stop fraudsters:
Check the email address of the sender of the message by hovering your mouse cursor over the sender name and verifying that it matches the sender name.
Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.
Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site. Although some links may appear to contain ‘gmail.com,’ you may be redirected to another site after entering such addresses into your browser.
Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.
Check the message headers. The ‘From:’ field is easily manipulated to show a false sender name. Learn how to view headers.
If you’re still uncertain, contact the organization from which the message appears to be sent. Don’t use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.
If you enter your Google account or personal information as the result of a spoof or phishing message, take action quickly. Send a copy of the message header and the entire text of the message to the Federal Trade Commission at firstname.lastname@example.org. If you entered credit card or bank account numbers, contact your financial institution. If you think you may be the victim of identity theft, contact your local police.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Midget Lesbian Porn, Trannies With Knives, and Other Assorted Spam Comments
There’s not much that’s funny about comment spam. Comment spam has the potential to be dangerous – if it’s allowed to be blindly posted. I’ve written a number of articles dealing with the hows/whys of comment spam in the past, so I won’t belabor the point. If you wish you can checkout – Comment Spam Is Dangerous BS!
Over and above the danger it may pose to Internet travellers, by its very nature, comment spam is a pain in the patootie for bloggers who have to deal with it. Here on this site – every morning I’m forced to deal with upwards of 300+ pieces of comment spam. This morning for example – 358. These numbers do not include the 200 or more spam comments, that will arrive throughout the day.
Not a big problem you might think – just hit “delete all spam.” Done – over with – on to the next thing. Except, the downside to the quick erase method is; some genuine comments that may have a link/attachment (which will trigger the spam filter), get lost in the flush.
Recently, for example, a reader made the point that I had not posted his previous comment and questioned, if I intended to handle his current comment in the same way. Since I do not filter genuine comments, I could only assume that this reader’s prior comment had fallen victim to the “flush it down the toilet” method. An apology, of course, was in order. So, a pain in the patootie? You bet.
Even so, hard as it is to imagine – there is a bit of a silver lining to comment spam. Sure, I had to dig deep to find it – but, I have to admit – there are those rare moments when I get my morning coffee up my nose, when the unintentional humor of a spam comment catches me unaware.
Now, I don’t mean any disrespect to those who consider Midget Lesbian Porn to be the height of eroticism …………………….. (no, I better not write what I really want to say). But, the following brought tears to my eyes – tears of laughter, that is.
Midget lesbian porn – dominican-republic-travelxxxxxx/ x
Lolita midget porn videos – dominican-republic-travelxxxxxx
Midget asian porn http://dominican-republic-travel-dealsxxx
Hard core midget porn pics, QzpMldJ.
All of the links actually resolve to – http:midgetporntube4u.com/?act=public_html/dominican-republic-travel-deals.net/&
Travelling to the site – if you’re running WOT – would pop up the following warning. Just a quick question for WOT though – why would “Child safety” be unrated?
But lets move on to the following. Both of these put a cramp in my sense of how to comment, in this post, gracefully. So, I’ll just say – WHAT?
Ticked off trannies with knives (referral link removed).
Penis enlargement bible free download (referral link removed).
But the best, the spam comments that leave me in stitches, are the Google Translate fails. One would think, that if a spammer went to all the trouble of writing a complex spam comment, he’d a least get it right. Here’s a few recent examples.
So you see – even comment spam has an upside. Sort of.
A quick note: In the 20 minutes it took to write this short piece, I’ve become the ungrateful recipient of another 118 spam comments. These guys just never give up.
Filed under Comment Spam, Porn, WOT (Web of Trust)
Tagged as Bill Mullins, comment spam, fails, Google Translate, Tech Thoughts