Email Scam News and Editorial

This is the Scam News Roundup - I combine feeds from all my favorite websites to present a snapshot of what's happening right now.

Apr 15, 2008: Affiliate Scheme Scams - Free Lunch (for the owner)

Here's the deal - you signup with a company that sells products realted to your websites and display their ads on your website. Then you wait for your 'commission' on new sales, clicks, leads etc to roll in..... and wait, and wait. Eventually, the company folds or your account never ever quite reaches the minimum cash out amount or (in my case) the company 'forgets' that you ever signed up in the first place, after thousands of impressions.

Affiiate schemes are more and more being run by consolidators (eg. Commission Junction) Their profits must be staggering considering they get virtually free ads on millions of 100 hits/day websites. DOes anyone ever get a payment out of them??? Make a Tip Off Report.

Feb 8, 2008: IRS Phishing Email 'Refund Notice'.

A new scam has been received pretending to come from the USA Inland Revenue Service (IRS). It attempts to get the victim to enter their Social Security number, name and credit card number. The text of the email received by Scamdex reads:

.... You filed your tax return and you're expecting a refund. You have just one question and you want the answer now - Where's My Refund? Access this secure Web site to find out if the IRS received your return and whether your refund was processed and sent to you....

To get to your refund status, you'll need to provide the following information as shown on your return:

  • Your first and last name Your Social Security Number (or IRS Individual Taxpayer Identification Number)
  • Your Credit Card Information (for the successful complete of the process)

Okay now, Where's My Refund?

The IRS have seen this scam before, back in November a smilar attempt was made to get personal information. Eric Smith of the IRS said that there is a totally legitimate (and free) way to check on your refund; Go to the IRS Web site and click on 'Where's My Refund?' or call toll-free 1-800-829-1954.

Dec 15, 2007: DV (USA Green Card) Lottery Scams on the increase.

We have been receiving more examples of scam emails targetting people, often with limited English skills, who have heard of the genuine Cultural Diversification Lottery held by the Immigration and Naturalization Service (INS)

The Congressionally mandated Diversity Immigrant Visa Program makes available 50,000 permanent resident visas annually, drawn from random selection among all entries to persons who meet strict eligibility requirements from countries with low rates of immigration to the United States.

Online Merchants need to be alert too!

Internet Fraud costs merchants too. In most cases, the charges levied by the payment processing organizations far exceed the actual value of the goods/services supplied.

As an example, an Internet Service Provider (ISP) who sells a web-based service for $20, the ISP may be charged as much as $45 by their own bank and or credit card processing company for the 'Chargeback' of a fraudlent use of a credit card. Add that to the revenue loss and multiply it by the sheer number of times this happens and you have a sizable hit on your profits.

One company -, an Email Services Specialist in Folsom, CA has had this problem and knows how profits can really be hit by multiple chagebacks. Mark Urquhart-Webb, the Billing Manager told us "Despite Card Verification and Address Verification and our rigorous in-house fraud detection layers, we still get many chargebacks, sometimes up to 3 months after the sale."

have issued a whitepaper aimed at Online merchants called ' 10 Measures to Reduce Credit Card Fraud for Internet Merchants'. It's worth a read, even if you don't use their service.  

Dec 8, 2007: Why is it so hard to find out who owns a scam website?

The US General Accountring Office (GAO) today released a report showing that the domain registration details of upwards to 5% of domains are 'patently false or incomplete'. This is a staggering 3.8 MILLION domain names with no verifiable owner.

ICANN licenses domain name registrars (RAAs) to collect information on registrees. They have a duty to make sure the information is correct, and take reasonable steps to get obviously invalid information corrected. Scamdex is concerned that hoax websites always have fake information, that could presumably be easily verified. Phone numbers, email addresses and names are easy to verify - why arent they?

Read the report here (pdf)

Sept 29 2007: Now the Nannies are a target!

Scamdex has seen a recent rash of emails offering employement to nannies - but before they come to take up their position, there's just one little job that needs doing - accepting a payment and sending on the rest, after taking out your commission., "the original online nanny search service" passed these emails on from it's members. Read our Special Report

Sept 29 2007: Boom times for hi-tech fraudsters (BBC Report)

Eastern Europe is becoming the capital of hi-tech crime. Gangs operate in Russia, Romania, Ukraine, Estonia, Latvia and Lithuania. The gangs are well organized.

Lance James, chief technical officer for Secure Science, who spends his time tracking down hi-tech crime groups estimates that each phishing gang is making between $100,000 to $300,000 per month.

His investigative work leads him to believe that there are between 50 and 60 Eastern European groups involved in phishing. Approximately 75% of all the phishing e-mails sent out originate from only 42 of these crime groups.

Read the full article here
Sept 22 2007 : New Employment Scams

Updated October 4 2007: Here are the latest incarnations of this scam:

Barrett Market    (BARRETTMARKET.COM)
German IT Corp.    (NEWGERMAN.COM)
Microlabs Inc,    (MICROLABS.US)

If you receive an email from one of these fraudulent organizations, delete it.

Dec 10 2007 : Gas Mileage Booster Pills

BioPerformance etc. - I only got interested in this because it was sent around by email and the CEO/proponent was a well known Texas preacher. I'd better get back to the spoof job websites, lottos and recently deceased nigerian contractors. More here.

  Sept 14 2007 : Avangar Technologies (AVANGAR.COM, AVANGAR.BIZ, AVANGAR.ORG) - Employment Scam

The scam goes like this: You sign up with a company that promises 300-500/week receiving payments and forwarding them on. The payments arrive (certified check/cheque, natch!) and you forward on the payment (by Western Union, natch!) after deducting your 5% commission.

All looks good until the bank rejects the 'Certified check', perhaps two weeks later. By this time, you've sent a bunch of payments on........ Gotcha!!

Modus Operandi
Copy an entire bona fide website, change the company name to a previously registered, similar name. (In this case, the company was AVNET. Compare and contrast the websites - it's scary!). Then send out spam about 'Job Opportunities' (See example)

This oufit has been doing this for a while: Domain owner of AVANGAR.COM and AVANGAR.ORG is :

	Name      : LeiMomi01 Design
	Email     :
	Address   : P.O. Box 351019, Brooklyn, NY
	Zipcode   : 11235
	Nation    : US
	Tel       : 718-213-4074
	Fax       : +1.302-338-7956

Email address is pretty constant:, only the domain names change. My guess is that they operate out of Singapore.

Update Sept 15/2007
Scamdex contacted AVNET and told them about the blatent copying of their website. To date, the site is still operating.

Update Sept 29/2007
Scamdex has received emails from victims who have received payments directly into their bank accounts. We advised them to hold onto the money pending investigations of money-laundering. Within a few days, the payments were found to be fraudulent. IN one case, the sum that would have been lost was $4000.

Sept 1 2007 : 'Sickening' Scamsters Target Katrina Victims

Computer users are being urged to be on guard for a bogus e-mail that pretends to offer news updates about Hurricane Katrina as a means to infect their PCs.

The malicious e-mail gives a brief news bulletin on the disaster before urging people to click "read more" and be taken to the full story on a website. Yet once directed to the website, a virus is sent to the user's computer.

People are also being told to watch out for fraudulent e-mail scams pretending to raise cash for Katrina victims.

It's sickening to think that hackers are prepared to exploit the horrendous situation in an attempt to break into computers for the purposes of spamming, extortion and theft
Graham Cluley, SophosLabs

The separate virus and fake donations bogus e-mails have been discovered by com+p-uter security firms SophosLabs and Websense Security Labs. They are similar to previous fraudulent e-mails connected to last year's Indian Ocean Tsunami.

Under the virus scam, the hackers send a "Trojan" virus to the victim's computer, which can give them complete access to, and control of, its files.

While the user is not infected if he or she simply read the e-mail without opening the attachment, people are urged to delete such e-mails immediately. It is also recommended that people check that their virus-protection is up to date. To avoid being conned out of money, people are being urged to double-check the validity of any charity which asks via e-mail for a Katrina donation.

"The hurricane is a dreadful natural disaster, and it's sickening to think that hackers are prepared to exploit the horrendous situation in an attempt to break into computers for the purposes of spamming, extortion and theft," said SophosLabs senior technology consultant Graham Cluley.

Are people doing enough?

I've been disturbed by the lack of any real effort by some of the organizations that are being used (fraudulently) to spin scams, particularly Phishing scams. I believe that all organisations should have a 'spoof@<insert_name_here>' email address that is monitored 24/7 to catch these scams the very second they are first seen. In this business, a few hours can mean the difference between a bicycle and a limo for the scammer, and make some people's lives very unpleasant indeed.

I suggest you all send an email to your favorite company (banks especially), using the 'spoof@' email address and see which ones bounce. This would probably be a good indicator of that organization's commitment to on-line fraud.
Here are some recent failures:

National Westminster Bank (UK Bank)
Red Cross (Katrina etc Aid agency)
Bank of the West (US Bank)
Yahoo (Internet Org)

... and some good organizations who HAVE implemented the spoof@ email address::

Washington Mutual (US Bank)
eBay (Auctions)
PayPal (online payments)

July 2007 : A word about Western Union....

Everywhere I look, one name keeps coming up time and tme again... Western Union (Money Transfers). Every scam I have ever seen eventually comes down to this... send me some money via Western Union. Almost every reputable website says something to the effect of 'Do not use Western Union;

Here is Their FAQ Note that they can only cancel or refund money if you- catch ot before they'vve paid out - after that you are very much on your own. They at least have the decency to state:

"Western Union does not recommend sending money to anyone you don't know. Only transfer money to someone you know personally or whose identity you can verify!

If you are purchasing goods or services and paying through the Western Union network, you do so at your own risk. Western Union does not recommend use of its money transfer service when doing business with a stranger and is not responsible for the non-receipt or quality of any goods or services."

Don't just take my word for it - here is what everyone else says about this very profitable company:

eBay Forums MSNBC
FraudAid CraigsList
The Auction Guild

May 2007 : One in 20 'fall for online fraud'

A BBC report says that online frauds are becoming more sophisticated. One in 20 UK internet users say they have lost money through online scams, research into spam emails suggests. Almost half say they have received so-called phishing emails aimed at tricking them into revealing details like online banking passwords. Other frauds include paying for items which never arrive and sending cash following a demand from a bogus email.

Of the 1% who had lost money through phishing, 53% were not compensated by their bank, the AOL survey found. A further 11% say they are still waiting for compensation.

Phishing emails are becoming more sophisticated and often direct users to bogus websites replicating legitimate brands. A quarter of respondents were not aware that they could be held liable even if they unwittingly provide information to an online fraudster. AOL said many UK banks are currently compensating losses incurred as the result of phishing but this might change in future.

Online frauds often totalled less than £100 ($190) which might make it easier for criminals to carry on undetected as such amounts may be overlooked. See the full article here .