Scammers: They really need to try something new

Happy Tuesday !!!   Unless you are not reading this on a Tuesday. In  which case I would say,   “ Happy   ________day!!”   So, this morning  I opened up my e-mail and was treated to another …  (*dum dum duuummm*) E-mail, scam attempt!!!  (I feel like there should be lightning strikes and thunder when I say that)

Not that I want anyone to get “taken in” by these foul creatures, I just think they need to have a little more ingenuity…  A little more creativity…  COME UP WITH SOMETHING NEW! You’re boring us already!!

But, in case that there are others out there who receive the e-mail I got and are “unsure” of its validity…  Then let me assure you that what you read below is A SCAM!   Delete this and go about your day.  Go to your local Panera Bread and have a cup of coffee and rejoice that you were not suckered today.  Hey, you could even treat yourself to one of their tasty pastries!

UNITED NATION (UN)
DEBT RECONCILIATION DEPARTMENT.
GENEVA-SWITZERLAND.
Our Ref: UN-0XX2/987/2010
Dear Sir/Madam,

EUROPEEAN UNION, WORLD BANK, UNITED NATION ORGANIZATION OFFICIAL APPROVAL PAYMENT VALUED $8.3M

The British Prime Minister in conjunction with EUROPEEAN UNION, WORLD BANK, UNITED NATIONS ORGANIZATION do hereby give this irrevocable approval order with Release Code: GNC/3480/02/00 in your favour for your Inheritance/contract entitlement/award winning payment with the UNITED NATIONS to your nominated bank account.

Now your new Payment, United Nations Approval No; UN5685P, White House Approved No: WH44CV, Reference No.-35460021, Allocation No: 674632 Password No: 339331, Pin Code No: 55674 and your Certificate of Merit Payment No: 103, Released Code No: Be
appeared the next on the list of our outstanding beneficiaries to received payment at the Beginning of this banking season. SO contact: MR. PETER JEFFERSON on his contact Direct email: mrpeterjefferson@aol.com or by Phone +44 7024060524 for the immediate release of your contract/inheritance/Award Winning claim Be informed that you are not allowed to correspond with any person or office anymore, You are required to send bellow Information for your transfer.

1) YOUR FULL NAME:
2) ADDRESS, CITY, STATE AND COUNTRY.
3) PHONE, FAX AND MOBILE
4) COMPANY NAME (IF ANY) POSITION AND ADDRESS
5) BANK DETAILS
6) PROFESSION, AGE AND MARITAL STATUS
7) COPY OF YOUR INT’L PASSPORT/DRIVERS LICENSE.

NOTE: YOUR PERSONAL CONTACT/COMMUNICATION CODE WITH CITI BANK IS (511), YOU ARE ADVICE TO SEND YOUR FULL BANKING INFORMATION TO THE CITI BANK OF LONDON THROUGH THE OFFICE OF INTERNATIONAL REMMITTANCE DIRECTOR HEADED BY MR. PETER JEFFERSON AND MAKE SURE YOU SPEAK WITH HIM, WITH YOUR NEW PAYMENT CODE FOR THE RELEASE OF YOUR PAYMENT AND SEND HIM ALL YOUR BANKING INFORMATION NOW. Regard. Senate CONTACT CODE (511) OFFICER: MR. PETER JEFFERSON.

Best regards

SIR GEORGE GRAHAM.
DEBT RECONCILIATION DEPARTMENT.
UNITED NATIONS AND EUROPEEAN UNION.

As un-creative as they are being, they should just go ahead and sign this “Best regards,  Dirty Scammer“  It would only make it slightly more obvious.

Possibly Related Posts:

• Scam attempts: Aren’t they cute?
• Another Scam Attempt
• Email Scam: Taking the Military Tact
• Spam: It is inventive.
• Email Scam – Trying another route

Scam attempts: Aren’t they cute?

Howdy all! I hope all is well for everyone this fine day!

Today, I got a fresh scan attempt in my e-mail.  This one is interesting in that fact that  it abandons the old  “Hey, I’m in another country and my pop died and I need to funnel his money out…” route.  This is attempting to lure you in by embracing the whole “random internet user” thing… In fact it addressees  it’s opening remarks to “Internet User“…

Is this supposed to give you a sense of security?  I don’t know but, from our other received “Scam Attempts” we’ve learned that these vial excuses for human beings are quite inventive in their methods to defraud you.

So, as always, if you get the following in an e-mail – delete it.  Then, get in your car, drive down to your local Pilot and by a Powerball ticket… You’ll have as much chance winning at that as you would have the chance that such an e-mail would be legitimate.

CATEGORY “A” WINNER
Ref No: PJN/6109-101
Batch Number: NL 80 OS 94144448
Amount Won: $2,500,000.00

Dear Internet User

We are pleased to inform you of the result of our Internet Promotional Draws. This is a reward program for the patronage of internet services and all email addresses entered for this promotional draws were randomly selected from an internet resource database of of registered software and domain users.

Your email address was selected in the Category “A” with Reference Number PJN/6109-101, and this qualifies you to be the recipient of the grand prize award sum of $2,500,000 (Two million, five hundred thousand dollars). The payout of this cash prize to you will be subject to the final validations and satisfactory report that you are the bonafide owner of the winning email address.

In line with the governing rules of claim, you are required to establish contact with your designated claims agent via email or telephone with the particulars below:

Contact: Mr. Damien Lewis
Phone: +31 626 006 051
Email: lewis.d@live.nl

You are advised to call the Claims agent for confirmation or provide the following information for processing the payment of your cash award.

DATA PROFILE
Names:
Telephone/Fax number:
Nationality:
Age:
Occupation:
Winning Reference Number:

Failure to contact the claims agent after 14 days of this notice will result in the revision of award. Hence, you should commence your claims process immediately, by contacting the claims agent (Damien Lewis) who would be guiding you through the Claims process.

Congratulations on your Winning Prize and we look forward to completing your payout soon.

Yours Faithfully,
Emily Floyd
Promotions Co-ordinator

Possibly Related Posts:

• Scammers: They really need to try something new
• Another Scam Attempt
• Email Scam: Taking the Military Tact
• Spam: It is inventive.
• Email Scam – Trying another route

Another Scam Attempt

Hi all!  Got another scam attempt in “Ye Ole” e-mail today.  Now this one is pretty obvious but,  I thought I would go ahead and post it in one more attempt to thwart the evil doings of these stinking Scammers.  As always,  if you get this e-mail (or anything that resembles this e-mail)  delete it!!  Do not respond, do not pass go,  send it straight to your “deleted items folder” .

49, Featherstone Street,
LONDON, EC 1Y 8SY
UNITED KINGDOM
Telephone: + 44 703 194 6790
Fax: 44 207 901 6603

Attn: Beneficiary,

We the entire members of the Royal House of Treasury, on behalf of the Government of Great Britain, under the auspices of the Her RoyalMajesty Queen Elizabeth of England II held a meeting this week concerning payment, both foreign and local contractors and some inheritance funds which were not released to the right benefactors Her Royal Majesty, has just informed this office (Royal House of
Treasury) that All the listed contractors and Inheritance funds benefactors which their CONTRACT PAYMENT SUM AND INHERITANCEFUNDS were not paid to should be released to them with effect.

We discovered that your payment listed to us Seven million five hundred thousand dollars US$7.5M) approximately Four million Great BritainPounds (GBP 4M), you are advised to respond with effect so that we will process your payment to be made in any form you wish to receive your funds.

Kindly respond to this office so that your payment will be process and transferred under 72hours of receiving this email, you can contact us on this telephone number + 44 793 609 6539 for a voice confirmation.

On going through files yesterday, we discovered that your file was dumped untreated, so at this juncture, we apologize for the delay of your payment and please stop communicating with any office now and attention to the appointed office below for you to receive your payment accordingly.

Now your new Payment Reference No.-35460021, Allocation No: 674632 Password No : 339331 , Pin Code No: 55674 and your Certificate of Merit Payment No : 103 , Released Code No: 0763; Immediate Telex confirmation No: 1114433 ;Secret Code No: XXTN013, Having received these vital payment number, therefore You are qualified now to received and confirm Your payment with the United Kingdom of Great Britain and Northern Ireland immediately within 72hours You are directed to reconfirm your full detailed information, as stated:

FULL NAME, HOME ADDRESS, PROFESSION and MARITAL STATUS, AGE, HOME PHONE NUMBER and CELL PHONE NUMBER as well as time to call you on the phone.

And please kindly respond back to this email: paulbryant03@sify.com

Best Regards,
Paul Bryant
For Royal House of Treasury

Possibly Related Posts:

• Create a Shortcut to open in your Alternate Browser
• My Latest Upgrade
• Scammers: They really need to try something new
• Warranty Schmarranty
• Windows 7 Telnet Client

Email Scam: Taking the Military Tact

Oh You… Spammers!

It’s amazing the tactics that these Spammers go through to try and steal money from you.  This one is attempting to target our Patriotic feelings by claiming to be coming from an America Soldier.

Hello friend,

My name is Scott Whittington, I am an American soldier, I am serving in the military with the 1st Armored Division in Iraq , as you know we are being attacked by insurgents everyday and car bombs.We managed to move part of funds belonging to Saddam Hussein’s family in 2003.

The total amount is US$12 Million dollars in cash, mostly 100 dollar bills,this money has been kept somewhere outside Baghdad for some time but with the proposed troop in increase by president Barrack Obama, to end the suicide bombing and make peace with Iraq militant and terrorist ,we are afraid that the money may be discovered hence we want to move this money to you for safekeeping pending the completion of our assignment here.

READ THIS WEBSITE VERY WELL AND GET BACK TO ME.

http://news.bbc.co.uk/2/hi/middle_east/2988455.stm We are ready to compensate you with good percentage of the funds, No strings attached, Iraq is a war zone, we plan on using diplomatic means to ship the money out as military cargo to your home, under diplomatic immunity cover.

I am contacting you in confidence, all arrangement for the successful delivery has been put in place, all we need from you is to receive the cargo from the diplomat, If you are interested I will send you the full details, my job is to find a good partner that we can trust and that will assist us. Can I trust you? When you receive this letter, kindly send me an e-mail signifying your interest.

Alternative Email Address: swhittington101@aol.com Regards ,

Sgt. Scott Whittington

Another shameful Spammer attempt…  If you get one of these, please just delete it.  These Spammers are just evil souls!    Ignore their efforts!

Possibly Related Posts:

• Scammers: They really need to try something new
• Scam attempts: Aren’t they cute?
• Another Scam Attempt
• Spam: It is inventive.
• Email Scam – Trying another route

Uninstall Trend Micro Officescan without a Password

Ran into a slight problem today.  I had to add a couple of older computers to a  new Domain.  Pretty easy to do normally but these workstations had a version of Trend Micro’s Officescan from their previous domain that needed to be removed so that the new version could be installed.

I couldn’t just uninstall the client (which would be the best solution) as that requires a password and no one in the office could remember the old password.  (As a side note, when you install network versions of antivirus programs, make notes of the install details and file them away.  It will help you out in the future.)  Doing a bit of “Bing-ing“  ( , yes I used Bing ) I found this information on how to change the password from Computing.Net:

To remove / reset the uninstall password for Trend Micro OfficeScan

Edit Ofcscan.ini file. (Do a search.)

On Windows.95/98/XP machines it is usually in C:\Windows\Ofcscan.ini

On Windows.NT/2K machines it is usually in C:\WINNT\Ofcscan.ini

Open the Ofcscan.ini file using notepad search for the [INI_CLIENT_SECTION]

Find the line reading Uninstall_Pwd= and type a # at the beginning of the line to comment it out.

Insert a new line saying Uninstall_Pwd=70

Save the Ofcscan.ini file and retry the uninstall. When it prompts you for a password, enter a ’1′.

Sadly though, this method did not work for me as there was no Ofcscan.ini file to be found anywhere on these workstations.  Therefore I was forced to do some manual removal of the client.  This took a little digging into the Registry.  Here are the steps I went through that worked for me:

First, you need to stop all the Officescan Services. To do that

1. Go to Control Panel —> Administrative Tools —-> Services — and stop these services:
   • OfficeScanNT Listener
   • OfficeScanNT RealTimeScan
   • OfficeScanNT Personal Firewall (this one may not be enabled – don’t worry if you don’t see it)
2. Run Registry Editor. Click Start —> Run —> then type ‘regedit.exe’
3. Find this registry key:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
4. Delete these keys:
   • Ntrtscan
   • Tmlisten
   • TmFilter
   • VSApiNt
   • TMPreFilter
   • TM_CFW
   • OfcPfwSvc
5. Now find this Registry key:
   HKEY_LOCAL_MACHINE \SOFTWARE\TrendMicro
6. Delete the following keys:
   • OfcWatchDog
   • Pc-cillinNTCorp
   • RemoteAgent
   • PC-cillin
7. Next Find this registry key:
   HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft\Windows\CurrentVersion\Run
8. Delete the OfficeScanNT Monitor key.
9. Now find the following registry key:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
10. Delete the OfficeScanNT key.
11. Delete the OfficeScan program group (Trend Micro OfficeScan Client) from the Windows Start menu.
12. Restart your computer.
13. Delete the directories that contain the OfficeScan Client program files, normally located inside Program Files folder.

The above steps worked for me on a version 6 client of the Trend Micro Officescan client. If you are trying to remove an early version of the client, these Registry keys and services may not be the same.  Please use the above instructions carefully and at your own risk.  Also, remember anytime you intend to edit the Registry make a backup BEFORE you started editing and/or deleting keys.

Possibly Related Posts:

• Create a Shortcut to open in your Alternate Browser
• My Latest Upgrade
• Scammers: They really need to try something new
• Warranty Schmarranty
• Windows 7 Telnet Client

Got an iPhone? Better turn it off!

I just followed a tweet over to Mashable and read another article about the latest Apple security flaw. This time affecting the iPhone.

Cybersecurity researchers, Charlie Miller and Collin Mulliner, have identified a vulnerability in the iPhone OS that will allow an attacker to take control of the Phone via a SMS message.  They have, supposedly, notified Apple more than a month ago about this vulnerability, but  the company still hasn’t released a patch.

The two plan to publicize the security flaw today at the Black Hat cybersecurity conference in Las Vegas.  If you are a victim of this attack, currently the only fix is to turn off your phone.

Hopefully Apple will get a move on and update the OS before this become a wide spread problem. Can’t blame this one on AT&T, that’s for sure. If you are an iPhone user, you might consider pulling out that Blackberry again!

You can read more about this security flaw from these websites:

http://mashable.com/2009/07/30/iphone-virus/
http://mashable.com/2009/07/30/iphoneocalypse/
http://mashable.com/2009/07/29/iphone-sms/
http://www.forbes.com/2009/07/28/hackers-iphone-apple-technology-security-hackers.html

***7/31/2009 – UPDATE:   Apple has issued an update to fix the SMS Vulnerability… iPhone OS update 3.0.1 has been released to iTunes.  You’d better synch that phone now!!!  Update is about  280 -ish megs so you’d better get started.

Possibly Related Posts:

• Scammers: They really need to try something new
• Warranty Schmarranty
• Scam attempts: Aren’t they cute?
• Another Scam Attempt
• Email Scam: Taking the Military Tact

Spam: It is inventive.

Here is the latest Scam e-mail I’ve gotten.  Don’t be fooled! This is a scam! This e-mail came to one of my e-mail accounts today from different senders and IP addresses but the machine sending names were the same. AND, the content was identical. It looks as though some has a mass-mailer sitting on their machine. Just a reminder to make sure your updates are current!!

Here are the mail headers:

1st:
Received: from xxxxxxxx; Sat, 20 Jun 2009 19:05:55 -0400
Received: from host9.oneononeinternet.com [209.239.38.96]
by xxxxxxxxx.com with XWall v3.44. ;
Sat, 20 Jun 2009 19:02:41 -0400
Received: from mmsrep.com (localhost [127.0.0.1])
by host9.oneononeinternet.com (8.12.11.20060614/8.12.10) with ESMTP id n5KJonLJ010686;
Sat, 20 Jun 2009 15:50:49 -0400
From: “Nina Powell s” <npowell@info.org>
Reply-To: jjppalmer001@gmail.com
Date: Sat, 20 Jun 2009 15:50:49 -0400
Message-Id: <20090620195049.M76707@info.org>
X-Mailer: OpenWebMail 2.52 20060502
X-OriginatingIP: 41.219.227.176 (cris)
MIME-Version: 1.0
Content-Type: text/plain;
charset=iso-8859-1
Received-SPF: fail (domain of npowell@info.org does not designate 209.239.38.96 as permitted sender)
X-XWall-Bayes: 42
X-XWall-Heuristic: 50
Subject: Nina Powell’s Philanthropic Gesture [spf]
Precedence: bulk
X-ME-Bayesian: 0.000000
Return-Path: <>
X-Antivirus: AVG for E-mail 8.5.339 [270.12.82/2190]

Then it came again with this header:

2nd:
Received: from xxxxxxxxxxx; Mon, 22 Jun 2009 04:54:12 -0400
Received: from host9.oneononeinternet.com [209.239.38.96]
by xxxxxxxxx.com with XWall v3.44. ; Mon, 22 Jun 2009 04:50:57 -0400
Received: from mmsrep.com (localhost [127.0.0.1])
by host9.oneononeinternet.com (8.12.11.20060614/8.12.10) with ESMTP id n5M8qv7q021658;
Mon, 22 Jun 2009 04:52:57 -0400
From: “Jeff Palmer” <palmerjefferson@info.org>
Reply-To: jjppalmer001@gmail.com
Date: Mon, 22 Jun 2009 04:52:57 -0400
Message-Id: <20090622085257.M2115@info.org>
X-Mailer: OpenWebMail 2.52 20060502
X-OriginatingIP: 41.191.108.130 (cris)
MIME-Version: 1.0
Content-Type: text/plain;
charset=iso-8859-1
Received-SPF: fail (domain of palmerjefferson@info.org does not designate 209.239.38.96 as permitted sender) X-XWall-Bayes: 59 X-XWall-Heuristic: 50
Subject: Nina Powell’s Philanthropic Gesture [spf]
Precedence: bulk
X-ME-Bayesian: 0.000000
Return-Path: <>
X-Antivirus: AVG for E-mail 8.5.339 [270.12.87/2195]

Hello,

I am Jeff Palmer, a U.K international attorney. This email is reaching you because you have been selected to be the beneficiary to the late Nina Powell’s $5m funds deposited with Waltham Savings and Credit Union here in the United Kingdom. I was the personal attorney to Nina Powell before she died of cancer.
Days before her death, she wrote a will indicating what she wanted her money to be used for. Her will states that it is the duty of my chambers to select a trustworthy beneficiary to receive her funds. Her will also reads that her beneficiary is under compulsion to donate 50% of her money to the cancer society. We conducted an email random draw here in my chambers where a little girl of 6yrs old was asked to pick an email address, of the wholesome of the gathered email addresses, yours was picked and that qualified you to be the beneficiary of the late Nina Powell’s money.

Waltham Savings and Credit Union will release the money to you as the beneficiary. After the money has been transferred to you, you MUST donate 50% to the cancer society, keep 40% to yourself while the balance of 10% comes to me as attorney in this project. Waltham has issued a 14 working days ultimatum for the money to be claimed, so you are to respond so that we can begin the process to get the money transferred to you within that time frame.

Jeff Palmer
+44 702 306 6778

As always, watch out for scam artists they are everywhere on the internet! If you get something that sounds “Too good to be true”. Then, it probably is. Delete it and go on about your day!

Possibly Related Posts:

• Scammers: They really need to try something new
• Scam attempts: Aren’t they cute?
• Another Scam Attempt
• Email Scam: Taking the Military Tact
• Email Scam – Trying another route

Next Page »