Menu:

Feed

RSS feed icon

Archives

Tags

Showing posts with tag spam. Show all posts.

Best scam message

June 16, 2011

This is by far one of the most entertaining spam messages I have received in a long time. It reads as the script of an old Hollywood action movies: soldier in Iraq recovers a large sum of money (10+M USD), opportunely concealed near one of Saddam's palaces; he hides it with the help of a sympathetic UN officer; needs us to exfiltrate the money.

Here is the original text:

First,let me introduce myself. I am Capt. Michael Scholl, assigned
to 2nd Battalion, 3rd Marine Regiment, 3rd Marine Division, western
Anbar Province in Iraq. I am desperately in need of your assistance and
I have summoned up courage to contact you. I am presently in Iraq and I
am seeking your assistance to evacuate the sum of $10,570,000 (Ten
million Five Hundred and Seventy Thousand USD) as far as I can be
assured that it will be safe in your care until I complete my service
here.

SOURCE OF MONEY: During a rescue operation, some amounts in various
currencies which was concealed in barrels with piles of weapons and
ammunition at a location near one of Saddam Hussein's old Presidential
Palaces was discovered and it was agreed by all party present that the
money Be shared amongst us. This might appear as an illegal thing to do
but I tell you what, no compensation can make up for the risks we have
taken with our lives in this hellhole. The above figure was given to me
as my share and to conceal this kind of money became a problem for me,
so with the help of a German contact working with the UN here (his
office enjoys some immunity) I was able to get the package out to a safe
location entirely out of trouble spot. He does not know the real
contents of the package as he believes that it belongs to an American
who died in an air raid and asked that the package be handed over
family. Your confidentiality about this will be highly appreciated.

For more details please contact me via my private box:
schollmc@9.cn

The follow up email is not nearly as interesting: in a long and winding way, it promises to split the money 70%-30% and asks urgently for information about us.

A search on Google reveals that the scam is quite long-lived (and, we should conclude, successful?): in fact, there are reports dating back to November 2009 and 2010.

Needless to say, stay away from schollmc@9.cn.

Posted by marco in spam
0 comments

More Skype spam

September 15, 2010

I have been hit by what appears to be yet another round of Skype spam. As it happened before, also this attack seems to be related to fake AV scams.

Here is a screenshot of a contact request I've received today from some notific.alrm.us.13.

Screenshot of the Skype spam message

The full text of the contact request leaves few doubts to the intents of the request:

This is an urgent Security Center Message ! Please click on "Add to Contacts" and follow instructions to update your system ! After adding contact, go to "Conversations" tab, read and follow instructions !

WINDOWS REQUIRES IMMEDIATE ATTENTION URGENT SYSTEM SCAN NOTIFICATION ! PLEASE READ CAREFULLY !!

http://www.updatedp.com/

For the link to become active, type it in manually into your web browser !

FULL DETAILS OF SCAN RESULT BELOW

WINDOWS REQUIRES IMMEDIATE ATTENTION

ATTENTION ! Security Center has detected malware on your computer !

Affected Software:

Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection / Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair utility immediately

Your system IS affected, download the patch from the address below ! Failure to do so may result in severe computer malfunction.

http://www.updatedp.com/

For the link to become active, type it in manually into your web browser!

The advertised domain, www.updatedp.com, currently serves me the default It works! page of Apache. Interestingly, that domain has quite a long history of maliciousness (at least all the way back to 2003!)

The following usernames are also likely to be involved in this scam:

Posted by marco in spam
0 comments

"Presidential" spam

October 26, 2009

A technique often used by spammers to attempt to get their messages past spam filters consists of mixing the questionable content they advertise with legitimate text. This type of attack is sometimes called Bayesian poisoning since it is believed to specifically target spam filters that rely on Bayesian classifiers.

An example where this technique is applied is a message I received today:

I stand here today humbled by the task before 
<a href=http://www.bawwgt.com>dofus kamas</a>, grateful for the trust you
have bestowed, mindful of the sacrifices borne by our 
<a href=http://www.bawwgt.com>cheap dofus kamas</a>. I thank President 
<a href=http://www.bawwgt.com>dofus power leveling</a> for his service to
<a href=http://www.bawwgt.com>buy dofus kamas</a>, as well as the
generosity and cooperation he has shown throughout this transition.

This message consists of the first few sentences from Barack Obama's inaugural address, where a few words have been substituted with links to the www.bawwgt.com web site. This web site appears to be in the business of selling Kamas, the currency used in the MMORPG game Dofus, and, judging by its graphics, items from other online worlds.

Screenshot of the website bawwgt.com

Note that spam messages themed after Obama's inauguration ceremony were used by the Waledac gang to spread its malware back in January this year. If this is a trend, should we expect spam and malware to become one more reason for heated political debates?

Posted by marco in spam
0 comments

Skype spam

January 26, 2009

Apparently years after everybody else, today I've got my first spam message on Skype. Nothing too surprising: a funny named, scanty clothed "spicy naked Dive-Teacher" abruptly but insistently invited me to visit a dubious web site. My attempts to strike a conversation with her failed miserably, as a consequence, I suppose, of my slow reaction to her invitation. Oh, well.

Screenshot of the Skype spam message

Posted by marco in spam
2 comments