Threat Management, Malware, Phishing

Linking alms

It seems to be my week for 419s and other entertaining junk.
  1. The FBI wants to send me an ATM card. I'm not sure why I'd believe that people claiming to represent various banks and the FIFA World Cup would be acting on behalf of the FBI, but thank you for the warning. Glad to see that you guys are able to take time off from crime-fighting to send me an ATM card to give me access to my $11 million. What was that for again? Well, I guess the U.S. financial crisis isn't as extreme as they've been telling us on the news. (Happily, my mail filters caught that one even though the bulk of the message was presented as a Word document.)
  2. Mrs. Ann from Minsk not only has a Funds Investment Proposal for me, but wants to buy an apartment from me. If only I'd known before I accepted an offer on the place I live in. But I'm afraid real estate isn't a very attractive or lucrative area in the UK right now, so I won't be switching jobs right now, and am not in a position to reward your persistence. (I had three of those, all to the same email address.)
  3. The BBC, which has been charging me most of my life for TV licences, has apparently decided to offer me something more substantial than CSI reruns and reality shows: “ё800,000 has been awarded to you in the BBC Online,send Name/Tel/Country”. Yep. That was the whole message. I'm not sure what a ё is, but apparently I have 800,000 of them.
  4. Oh, that's cheeky. A special offer on an ESET product from a non-ESET site. One for the lawyers, I think.
  5. $250,000 waiting for me with Western Union in Ecuador. Another terse message: “RESPOND FOR DETAILS OF TRANSFER.”
  6. Another terse message from Gerald J. Williams, urging me to VIEW THIS ATTACHMENT TO SEE MY LETTER. (Yes, it's another Word document.) Alas, the scam turns out to be pretty dull: “I have a substantial capital I honorably intend to invest in your country into business which you are to advise and execute over there for the mutual benefits of both of us.” Standard 419 stuff.
  7. Another mail using Google spreadsheets. That one is in Thai, but seems to be some sort of job scam.
  8. Even if I was naive enough to believe that a random email message was really going to enable me to start my own business (oh, wait a minute, I already did that...), I still don't think I'd want to engage in any transactions with someone who uses the term home-trepreneur. Ah, the power of language.
  9. And then there's the dream job my wife has just been offered. Sadly, it isn't going to enable me to retire just yet. But that particular scam message turns out to be worth an article to itself: watch this space.

If you have an interest in and knowledge of cybercrime and a sense of humor like mine, scam emails can offer a rich stream of entertainment to rival that offered by comment spam. However, it's quite common to see this kind of email scam using Word or other Microsoft Office document attachments in the hope of avoiding mail filters (or, worse, linking to documents on a website).

If you're receiving suspicious messages and you're curious about their content, you might want to bear in mind that while the heyday of the macro virus is long past, spear phishers often deliver documents booby-trapped with some kind of zero-day exploit.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.