I recently received this email from the "IRS".


We are pleased to inform you that upon review of your
fiscal activity we have determined that you are eligible to
receive a tax refund under section 501 (c) (3) of the Internal Revenue Code.

For more information of your tax refund, please go here http://61.8.210.77:9777/mortii-matii/0,,id=96596,00.html


Sincerely,
Natasha Morgan
Tax Refunds Department


Copyright 2007, Internal Revenue Service U.S.A. All rights reserved.


The link which is embeded in the email so as not to look quite as faked as it is takes you to a very good replica of the actual IRS site (except all of the links keep you locked in on the scam pages - you can actually go thru the steps without filling any of the info in).

I seem to be getting a lot more of these... usually its designed to look like it came from my bank (well I get them for many banks... sometimes its my bank). This is my first from the "IRS".

The IRS - actual IRS - has this to say on their web site

http://www.irs.gov/newsroom/article/0,,id=170894,00.html

Are others seeing a lot more of this?

Do these scams seem to be getting more "professional" - less spelling and grammar errors - more complete web links?

Does anyone know about the Anti-Phishing Working group - they seem legit, are they http://www.antiphishing.org/ ?

Who combats this crap?

If you get e-mails from anybody either
1. It contains personal information, eg your name
2. It is a scam and you are not to click on any link. Use your own links to go to the website.

The best ones are e-mails asking you to click on this link to go to your bank. Then put in your account name and password. One hour later your account is empty.

NB The e-mail will give you urgent reasons for clicking on the link. Like your account has been suspended due to hacker activity.

Hey they didn't even do basic alpha-numeric checks of data entered on that site. I inserted some nasty little messages in place of credit card numbers and bank info. I can't even say what email I input due to [rule 8].

Yes, antiphishing.org is a legitimate site working against this. In general, the companies that make SPAM filtering products for email also try to combat these types of emails.

You should NEVER visit the websites in these emails, not even to "check them out". Often they will incorporate malicious scripts or applets onto their web pages, whose goal is to install software surreptitiously on your system. If you get one that is from a bank or other organization with which you actually have a relationship, type the legitimate URL (not the one in the message) yourself into your browser and log in.

--Tim Farley

The San Jose Mercury Newspaper just did a 3 day article on this topic. They say that by clicking on the email you may insert a trojan virus into your computer.

The jist of the articles were that the U.S. is having billions sucked out of its economy, the government is only using millions to combat it. Most people who are doing this are coming from Europe and it only costs about $1,000 to start up, they can quickly make a million from that investment. They are almost impossible to catch as they can work anywhere they can get an internet connection.

Businesses and Banks are taking the biggest hit, people are still sending them their account info and/or sending money. Also every 3 seconds another new person joins the Internet community. That is a lot of uninformed people.

They also said that America has had another Pearl Harbor but no one is aware of it.

Susan

<snip> Most people who are doing this are coming from Europe and it only costs about $1,000 to start up, <snip>

$1,000 to startup! I can do it for $15!! The scammer in the OP probably spent $0!!!

That $15 I quoted is domain and hosting cost. Take note of the URL the OP posted. It used an IP directly (61.8.210.77:9777). The 9777 is the port number meaning this scammer has FULL admin rights on that machine (no hosting service used). I'd give 1000 to 1 odds this website is sitting on this scammers personal computer in their home. It was even a quick butcher job done on the submit forms.

Oh, by the way BrooklynAndy, by posting the full url of that scammer here anybody that followed it reported your email address as a live address to that scammer. Also by linking from here the scammer has probably seen the randi.org referer in the logs and read this thread. It looks like it scared them and they pulled the website even though the actual computer is still online.

I started querying the scammers computer. All I got was that it was a IIS web server before the whole computer went offline. They are probably really scared now.

I got a telephone call from my cell phone provider. The call was actually legitimate, but since the caller was asking me to update my online account login information (=password), I politely declined.

He got rather indignant. I don't know why. Odd, too, I thought telephone provider people were trained to NEVER hang up first. He did.

Since psychics can be wrong I can't say too much but I'm getting female. Is that Beverly? That's a big corporation. Seems that it helps get you around, or is that over. Ohh, school. Is that your friend Reina? She's cute. I don't do recipes. I'm not 100% but 2 years of synchronism kinda lends credence.

P.S. They asked for your comment here;
http://www.siteadvisor.com/sites/61.8.210.77/postid?p=557950

I got a telephone call from my cell phone provider. The call was actually legitimate, but since the caller was asking me to update my online account login information (=password), I politely declined.

He got rather indignant. I don't know why. Odd, too, I thought telephone provider people were trained to NEVER hang up first. He did.

I doubt it was legitimate. It's called a social engineering hack. It's how most hacks really work.

ETA: Facking caller ID is easy.

$1,000 to startup! I can do it for $15!! The scammer in the OP probably spent $0!!!

That $15 I quoted is domain and hosting cost. Take note of the URL the OP posted. It used an IP directly (61.8.210.77:9777).

This IP address is listed as belonging to SCI Manufacturing S'pore Pte Ltd in Singapore.


It is most likely that the criminals in this matter hacked the machine and that the actual owners are not involved in this crime.

One of the articles the San Jose Mercury News did was on how safe are our government orgs. Somebody in the govt has tried to test them, an entire IRS group was called one by one saying they were the "help desk" and they needed the IRS worker to change their log-in and password right then. Over 85% did it. They have been doing this test for years and the numbers are still scary but improving. The article referred to a whole bunch of government agencies that they test.

Susan

This IP address is listed as belonging to SCI Manufacturing S'pore Pte Ltd in Singapore.


It is most likely that the criminals in this matter hacked the machine and that the actual owners are not involved in this crime.

This company is in over 20 nations. I meant what I said about synchronism. Same user, same IP, 2 years. Proof? NO. Worthy of a psychic? What's not worthier than a psychic?

To open a non-standard port for a IIS server and shut it down when queried requires a high level of access and monitoring. Then when the computer itself is queried it gets shut down to? Accident? Not likely. Bot computer? Not likely with that rate of response and complete power off of the computer itself. Proof? Of course not!!! It's plenty lead to start an investigation with.

I doubt it was legitimate. It's called a social engineering hack. It's how most hacks really work.

ETA: Facking caller ID is easy.
Yeah, facking caller ID is easy. You just look and are able to see who the fack is calling. Or did you mean faking? ( I know you did):rolleyes:

I used to work in a company that managed a customer loyalty scheme, based on a smart card similar to those banks would issue. (In fact, our cards *were* issued by a bank but had a unique layout.)

When we went out of business we asked a few tenth of thousands customers to mail in their cards so we could reimburse them for the points they had collected.

We received quite a number of actual banking cards. (And it would probably have been relatively easy to use them for some basic shopping at least, too. Even today there are plenty stores where all it takes is a signature.)

I still wonder how "successful" it would have been to mail all these same people and ask them directly to send in their banking card and (!) PIN for one reason or another...

Yeah, facking caller ID is easy. You just look and are able to see who the fack is calling. Or did you mean faking? ( I know you did):rolleyes:

I seen that as soon as I posted. I figured what the heck, nobody cares or got confused. ;)

Bottom line, if you get an email or call asking for ANY PERSONAL INFO, ESP ACCOUNT NUMBERS, ODDS ARE ABOUT 99% + IT IS FAKE; DO NOT RESPOND!

Speaking of hackers/frauds, this is small potatos but I still tip my hat to this guy - some funny stuff if you have time to read thru it:

http://www.ebolamonkeyman.com/

As has been stated above, the best approach is to never, ever double click on any link in an email message. (I would normally add here "unless you know the sender", but be aware that frauds, like cold readers, can be exceedingly clever.) If you think the message may be relevant to you (after all, you *do* have an account with Wells Fargo or 5th/3rd or whoever) then close the email, open your browser and go to the firm's website by Google search or by the URL (as in your favorites), and log in there - after all, if they know you, then you, at some point in the past, registered to use the "My Account" part of their website - if you didn't, you know immediately something's wrong. If they don't immediately bring up the problem the email was harping about when you log in, then you can trust the email to be bogus. Simply delete it.

The key - never double click on an email link. If you do, you may, without any further action on your part, be immediately directed to a website that will attempt to use some Windows or browser fault (and there are myriads of them) to load "trap door" software that can be controlled remotely. You'll not notice anything wrong; it will just happen, and your computer will join the ranks of other zombie computers in the world, ready to forward spam to others of engage in Denial of Service attacks on websites on cue from some scumbag in China, or report out everything you type.

The same principle goes for phone calls. Don't ever give out personal data on a phone call that you did not initiate. If asked to supply such, regard the call as faked - legitamate callers would never do such. Hang up, and call the firm back, and then discuss the matter, on a call that you initiated.

Being in business for myself with the same email address for the last eight years, I receive about 2500 emails a day, all but maybe a dozen on the average being phishing requests, spam, "Nigerian" money makers and other trash. I'm even getting spam in Russian and German, though I speak and read neither.

Another site that may be of help is www.phishfighting.com

I got a call some time ago from someone saying there was a $4 or so erroneous charge to my phone and wanted to know if I would like it reversed. I said “Sure, fine, whatever”. The person then asked if Verizion was still my carrier. I said “I don’t know, is it?”. I then heard a mumbled exchange in the background and the caller hung up. It’s pretty bad when the scammers don’t even know what company they are pretending to be from.


It has been stated before but can never be over stressed, never click on any link in an E-mail you have not requested. Never give any personal information in a phone conversation you have not initiated. Even if the person seems to have information only a true company representative should know. If someone calls or E-mails claiming to be from a company you do business with then always use your own bookmark or enter the correct URL yourself and for phone conversations hang up on the original caller and use the phone number in your records to contact the company. No legitimate representative will have a problem with you taking such actions.

Being in business for myself with the same email address for the last eight years, I receive about 2500 emails a day, all but maybe a dozen on the average being phishing requests, spam, "Nigerian" money makers and other trash. I'm even getting spam in Russian and German, though I speak and read neither.I've suddenly started getting a lot of Russian-language spam as well. I used to get quite a lot of German-language spam, all from the same company trying to sell me nice German woollen socks.
They've stopped now; I quite miss them. Now the most interesting spam I get is from some crazed Michael Jackson fan (is there any other kind?) which is always good for a laugh.

The best (funniest) E-mail spam I’ve ever gotten had a Russian twist but it was in English. It was some years ago and basically a play on the Nigerian 419 scams. It went something like this (but a lot longer).

The Russian ambassador (or minister) is trapped on the MIR space station due to lack of funding to launch a Soyuz craft to bring him home. If you can help in funding the rescue launch you will share in the minister’s “space pay”.

I wish I had saved a copy of this because it was just so absolutely ridiculous.

Hang up, and call the firm back, and then discuss the matter, on a call that you initiated.

Once I said "can you hold on one sec, I'm having this call traced in case it's a fraud, and...."

*click*

:)

The best (funniest) E-mail spam I’ve ever gotten had a Russian twist but it was in English. It was some years ago and basically a play on the Nigerian 419 scams. It went something like this (but a lot longer).

The Russian ambassador (or minister) is trapped on the MIR space station due to lack of funding to launch a Soyuz craft to bring him home. If you can help in funding the rescue launch you will share in the minister’s “space pay”.

I wish I had saved a copy of this because it was just so absolutely ridiculous.
...and yet as stupid as crooks are, there are always more victims out there that are even stupider. Mind-boggling isn't it

The best (funniest) E-mail spam I’ve ever gotten had a Russian twist but it was in English. It was some years ago and basically a play on the Nigerian 419 scams. It went something like this (but a lot longer).

The Russian ambassador (or minister) is trapped on the MIR space station due to lack of funding to launch a Soyuz craft to bring him home. If you can help in funding the rescue launch you will share in the minister’s “space pay”.

I wish I had saved a copy of this because it was just so absolutely ridiculous.

Wait. Wait! That was a scam? I contributed 10 Rubles and got a nice message thanking me. :bugger:

Rather then start a new thread........


I haven't received a scam mail in over 5 years that I can recall, possibly longer. Today this was in my inbox.

This is to inform you that you have won a prize money of One
MillionUnited States Dollars, ($1,000,000.00) for this year 2008 Lottery
promotion which is organized by ECOWAS/SHELL DONATIONS 2008(CONTACT FINANCE DEPARTMENT)Name:Mrs.Jane Okeke Tel:+234-8060-056-926E-mail:remittance_officer04@yahoo.com,ecowasremittan ce@hotmail.com, To claim your prize.


Does this mean I'm somebody now?:rolleyes:



Boo

Inquiring minds want to know how you stopped spam for 5 years!

Susan

I still get spam but for the most part I keep a very low internet profile. I did make the mistake in researching ways to work from home of going a few places I shouldn't have but since I generally use my throw-away e-mail addy for those places it's not too bothersome.

What surprised me was this was sent to my preferred site for correspondence and was not in my spam box.



Boo

Did you find any good ways to work from home (via the Internet?) or are they all scams?

Did you find any good ways to work from home (via the Internet?) or are they all scams?

After years of research I think I can definitively say that the only way to make money on the Internet is to advertise that you have a way to make money on the Internet and then sell them the secret that the only way to make money on the Internet is to sell the secret of how to make money on the Internet.

Rinse and repeat. :D

I have been getting a LOT in Arabic for some reason. Strangely enough I also get a lot in English that assume that I am Muslim.

I actually wrote an Internet Explorer add-in which will perform a lookup against the domain you are accessing and warn you if it is a spamvertized or phishing site. It only works with XP, and I haven't done any more work on it for quite a while, but if everyone using Windows and IE had it installed then it would be a massive hit to scammers and spammers the world over, as a scary looking warning message when you visit a site does tend to put people off putting their personal details into it :-)

My MS show and tell post pointing to it is here if anyone's interested:
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=2310683&SiteID=1

I actually wrote an Internet Explorer add-in which will perform a lookup against the domain you are accessing and warn you if it is a spamvertized or phishing site. It only works with XP, and I haven't done any more work on it for quite a while, but if everyone using Windows and IE had it installed then it would be a massive hit to scammers and spammers the world over, as a scary looking warning message when you visit a site does tend to put people off putting their personal details into it :-)


I think there is something on my machine that does that. I have gotten warnings before. I use Opera as my default browser and I have some google stuff installed as well. I also have AVG, Avast, avira, Webroot Spy Sweeper, Norton, and Spyware Doctor running.

Yeah. I'm new to windows. I'm not used to having to be careful about virii. My first week I got this crazy spyware and I had to reinstall everything to get rid of it. I am crazy careful about virii.

IE7 and Firefox both come with a phishing filter, but my add-in uses the real-time SURBL spam blocklists. The aim is to reduce the amount of money spammers make from spamming in the hope they will give it up due to the efford involved outweighing the benefits. It just so happens that one of the SURBL blocklists contains phishing sites as well, which is an added bonus.

If they don't immediately bring up the problem the email was harping about when you log in, then you can trust the email to be bogus. Simply delete it.

Rather than deleting it immediately search on your bank\phone carrier website for "Phishing". Most of them have an address that you can forward suspicious e-mails to, the sooner they know the quicker they can cut off that particular site. Then you can delete it ;)

Rather than deleting it immediately search on your bank\phone carrier website for "Phishing". Most of them have an address that you can forward suspicious e-mails to, the sooner they know the quicker they can cut off that particular site. Then you can delete it ;)

Gmail has a 'report phishing' link. You have to have the message open, and then it's on the pull down menu to the right where it says Reply. This is different from the 'report spam' link.

Gmail has a 'report phishing' link. You have to have the message open, and then it's on the pull down menu to the right where it says Reply. This is different from the 'report spam' link.


Thanks. I found it.

The pull down menu refered to looks like part of the reply button, but it is not.

Gmail has a 'report phishing' link. You have to have the message open, and then it's on the pull down menu to the right where it says Reply. This is different from the 'report spam' link.

Hotmail has much the same thing. It's a "report phishing scam" link at the top of the page when you have a message from the "junk mail" folder open.

Thanks. I found it.

The pull down menu refered to looks like part of the reply button, but it is not.

I'm guessing that they make it slightly harder to get to then the spam button because gmail actually has people looking at the phishing messages, an they want to reduce the load (particularly of regular spam marked as phishing).