Scam Emails Archive : Generic

Subject: Scamdex, Internet Scambusters Newsletter #297, 8-20-08

From: "Scambusters Editors" <>

This email with the subject "Scamdex, Internet Scambusters Newsletter #297, 8-20-08" was received in one of Scamdex's honeypot email accounts on Wed, 20 Aug 2008 01:02:58 -0700 and has been classified as a Generic Scam.

The sender was "Scambusters Editors" <>, although it may have been spoofed.


Internet Scambusters (tm)
The #1 Publication on Internet Fraud

By Scambusters Audri, Jim and Keith
Issue #297  August 20, 2008


Note 1: Easily change your subscription information by
clicking the link at the very bottom of this newsletter.

Note 2: Please share this newsletter with 3 or 4 of your
friends or colleagues who you think will benefit from it.

Hi Scamdex,

Today we explain two threats: whaling (which is new and
currently only affects top business execs), and a scary hack
which can affect everyone who visits these compromised large

Whaling: After phishing comes "whaling," a sneaky attempt by
scammers to hijack the personal computers of top-ranking
business execs. We explore this latest form of Internet crime
that, for a while, even had the security software companies

We also discover that hackers are attacking corporate websites
and embedding them with invisible program code that takes
users to malicious sites. So, watch out!

Before we begin, we recommend you check out this week's issue
of Scamlines -- What's New in Scams? -- here. You'll find two
huge scams you definitely want to know about.

Next, you may want to spend a moment looking at this week's
most popular articles from our other sites:

Answers to 7 of the Biggest Questions About Landscape
Photography: An Interview With Jennifer L. Wu

What You Need to Know About Credit Card Debt Settlement

Back To School Shopping: The Parent vs. Child Shopping Spree

Three Photography Myths About Nighttime Photography

Now, here we go...

Whaling? These Scammers Target Big Phish

Whaling. Bet you thought it was just something that marine
conservationists get hot under the collar about. Recently,
it's been the NBT (Next Big Thing) in Internet security.

First we had phishing, where scammers try to grab personal
financial details from Internet surfers.

Then there was vishing, in which scammers try the same thing
using cell phone text messaging.

And there's pharming, which hijacks external servers and home
network routers to control PCs.

Now, there's whaling.

As the name suggests if you think about it, whaling is a
variation of phishing. But the targets are a whole lot
"bigger" -- like CEOs and other boardroom execs.

Apart from the status of its targets, whaling differs from
phishing in a couple of very important ways.

First, it is not spaham (misspelled intentionally) -- the same
message sent to thousands or millions of potential victims.
Whaling emails are carefully researched and crafted messages
sent to specifically named senior business people.

The scammers have discovered not only the individual's
personal email address but also other information, like their
correct title, direct line telephone numbers and names of
other key people in the business. Experts think they bought
the information from other criminals online.

This kind of individually-targeted mail is known as "spear
phishing," though maybe in the case of whaling we should call
it "harpoon phishing"!

Second, the scammers are not just after their victims'
identities. They try to take control of their PCs to get hold
of passwords and all sorts of confidential company information.

The tricks they use are clever too. In a fairly recent attack,
victims at major financial institutions and other Fortune 500
companies got emails that looked like genuine subpoenas from
the US Federal District Court in San Diego ordering them to
appear in court, in a civil action.

The emails provided a link supposedly to download the full
subpoena. What it actually did was download
keystroke-capturing, data-mining software onto the execs' PCs,
while displaying a realistic looking legal document on screen.

Here is part of what the bogus email says:

--- Begin bogus email ---

Issued to: (Individual's name and title inserted here)

Case number: 94-621-PGM
United States District Court

YOU ARE HEREBY COMMANDED to appear and testify before the
Grand Jury of the United States District Court at the place,
date, and time specified below ...

Please download the entire document on this matter (follow
this link) and print it for your record.

This subpoena shall remain in effect until you are granted
leave to depart by the court or by an officer on behalf of the
court ...

Failure to appear at the time and place indicated may result
in a contempt of court citation ...

--- End bogus email ---

The US District Court alerted the FBI and issued a warning on
its website.

The bad news is that nearly half of all antivirus software
failed to detect the Trojan malware the link downloaded and
thousands of the business computers were compromised.

"The success rate was incredibly high," says Stephan Chenette
of Websense Security Labs, the company that first raised the

There were some giveaways in other parts of the email,
however. The scammers didn't always use American English; it
was more like British or even Asian variations of the
language. And the phony Internet address they used had a .com,
whereas US official and court addresses use .gov.

Patrick Evans of security software company Symantec says:
"Companies and high net worth individuals therefore have to be
more vigilant than ever, ensure they are taking all of the
necessary measures to safeguard against this threat, and
generally, stop and think before clicking on an attachment or
volunteering information."

In fact, by following the same rules that apply to avoiding
conventional phishing, the executives could have stayed safe.
In particular, never click on an email link; instead, contact
the genuine organization to confirm the document is authentic.

Invisible hack attacks

Meanwhile, a report published by the UK security firm IronPort
warns not only of a big increase in whaling but also of a wave
of invisible hack attacks on company websites that could
affect any of us who use them.

The scammers hack their way onto legitimate websites and embed
a small amount of computer code (JavaScript) on certain pages.
This cannot be seen by the naked eye and redirects users to a
malicious site that downloads harmful programs onto users'
computers without them knowing.

The big security software companies are updating their
programs to detect when this happens. But according to
IronPort, some of the blame rests with the firms whose sites
are hacked.

Product manager Jason Steer says: "Some organizations forget
to secure their web servers because the website is not seen as
a revenue-generating system but a media avenue, public sector
sites especially."

Attached Message
Also, check any corporate websites you visit for poor language
usage. It's amazing that criminals who are so smart fall down
on such a basic issue as getting their words right!

That's it for today -- we hope you enjoy your week!

- Please Check Out These Offers - They Keep Scambusters Free -
- - - - - We Highly Recommend All of These Products - - - - -

Looking for a REAL Way to Protect Against Identity Theft?

An identity is stolen every 2 seconds -- which is very scary.

We've been searching for years for something (free or fee
based) we could wholeheartedly recommend to our subscribers.

And we've finally found it: LifeLock.

LifeLock takes the worry out of identity theft:

   "We looked at a number of companies and found LifeLock had
   the best product for protecting people from ID theft plus
   much more. I wish we had found them before my wife and I
   recently became victims."
   - Bobby Joe Harris, Retired Chandler (AZ) Police Chief

   "I took all the precautions to fight ID Theft but never
   once thought about my son becoming a victim until he
   became one. Criminals don't care if you're 2 or 102, as
   long as they get what they want.

   "I have now turned to LifeLock to protect my children and
   only wish I would've known about LifeLock before this
   happened to my son."
   - Lisa Terwillegar, Hickory, North Carolina

   "I have dealt with the results of ID theft for more than
   three years and read about all the so-called solutions.
   Until LifeLock came along, I never thought I would see an
   answer to the problem. LifeLock can stop this crime!"
   - Paul Fairchild, Edmond, Oklahoma

Find out how you can proactively protect your identity and
make even your Social Security number useless to thieves.

LifeLock is recommended by Get a 10% discount
and 30 Day Free Trial when you use SCAMBUSTERS code. And be
sure to find out about LifeLock's $1,000,000 guarantee. Visit:


Are You Sabotaging Your Own Success?

Most people do. No matter how close they come, something
always seems to hold them back. Truly successful people know
what it is, and how to defeat it without struggle. Do you?

The good news is there is a simple approach almost anyone can
use to make their life a smashing success.

   "Absolute magic! 'How to Control Your Destiny Through Your
   Attitude' provides the tools to help you create the life
   you want for yourself. It's almost hard to believe that
   it's so simple -- yet it works like a charm!"
   -- Michele Paccione, DanceGlam .com, Harrington Park, NJ

   "If you could read only one book to help you transform your
   life into a smashing success -- this should be it!"
   -- Bill Heinrich, Founder and CEO, Symmetry Springs

If you'd like a real way to improve any area of your life in
the next 30 days and achieve what has seemed impossible to you
until now -- visit:


"10 Simple Steps To Succeed As An Affiliate For Under $100"

If you're looking for a PROVEN way to make money with an
online business you can do from home -- instead of wasting
your time with pie-in-the-sky, disappointing opportunities
that are just hype -- this message is for you.

There IS a real way to make money online as an affiliate. It's
fast, easy, and you do NOT need a lot of money to get started.
This short report will show you everything you need to know to
get started now. Visit now for details:



About Internet Scambusters - Administrivia

Copyright (c) Audri and Jim Lanford.
All rights reserved.

To subscribe, visit:

To remove yourself or change address options visit:

(you might have to copy and paste it into your browser)
This will take you off the Scambusters list.

To send us feedback, do NOT click 'Reply.' Instead, please use
our Feedback Form located at:

The information we have on file is:
Your name: Scamdex
Your email:

Please do not send vacation notices or other autoresponders
to us. This may take you off the Scambusters list.

Scambusters is a public service from Jim and Audri Lanford.
Since Scambusters is a public service and we receive thousands
of emails, we cannot answer individual emails.

For more about our privacy and legal policy, see

Lanford Inc.
197 New Market Center, #115
Boone, NC 28607

To unsubscribe or change subscriber options visit: