Tired of SPAM? We can help you stop it.
CLICK HERE NOW!
We can set up a filter for your business e-mail domain to stop garbage like this from ever reaching your inbox.

Friday, December 27, 2013

FBI Attention! FBI. ATTENTION! Your browser has been blocked up for safety reasons listed below. All activities of this computer have been

Just a warning; watch out for this website. It was ranking highly on Alexa earlier today. Don't visit it.
It claims that the visitor has been doing everything from surfing porn to terrorism. Yet another attempt to extort money from passersby.

If you happen across it just reboot. 

I knocked a couple letters out of the URL to keep people from visiting it but, it looks something like this.

 http://stop.police-guardian.com/?id=8691967b0c57551fbb345d5c42ddfc4

Thursday, December 5, 2013

Phishing Verizon Text Message - We lock your account for reasons of security

Beware - This is phony! It will show up as a text message on a Verizon phone.

(From:VERIZON) We lock your account for reasons of security. To unlock please go to our support site http://techmysupport.url.ph

The domain .ph is in the Philippines. Do not visit it. Don't respond. It is a scam!

Monday, November 18, 2013

Phishing Scam Calling Verizon Users MyVerizon45.com

This Phishing Scam calls direct to cellular users, claiming to offer a $45 credit on your Verizon statement. Don't visit the site they refer to. MyVerizon45.com is not a real Verizon site. Don't fall for it and move on with your day!

http://800notes.com/Phone.aspx/1-800-922-8888/2

Monday, November 4, 2013

Yahoo! Email Recycling



Update: Yahoo! Email Recycling

Yahoo! recently announced that they would be recycling old user email addresses and providing current users with a chance to take over these addresses. While they assured consumers that this wouldn't pose a risk to customer privacy, this is turning out not to be entirely true. Some consumers are reporting that they are receiving emails with personal information (such as usernames and account log-ins) meant for the previous owner of the email address. Yahoo! rolled out a "Not My Email" button that users can press if they receive information meant for someone else, but this relies on user honesty to protect personal information. For more information, and tips on how to protect yourself if you are a Yahoo! email subscriber, visit our blog: https://www.allclearid.com/blog/update-yahoo-email-recycling.

Fake Netflix Emails



Scam Alert: Fake Netflix Emails

The Better Business Bureau is warning consumers of a new scam involving fake emails that appear to be from Netflix. The emails warn customers that there is a problem with their account, and urges them to click a link to update their payment information. This link will take customers to a site created by the scammer to steal your information. To avoid the scam, don't click on links in unsolicited emails from Netflix. In addition, only make updates to your account on the official Netflix site, not via email. To read more about the scam, visit this blog: https://www.allclearid.com/blog/fake-netflix-email.

Sunday, October 6, 2013

MORE ON THE CRYPTOLOCKER VIRUS

Crypto Locker Trojan/Virus will cripple your computers! The usual delivery of the attack is via an e-mail disguised as UPS/USPS/FedEx. Keep in mind that these parcel services DO NOT send out attachments! Just delete the e-mail if it comes from ups.com, usps.gov, or, fedex.com and has an attachment. Also, the hackers are getting this virus around most anti-virus solutions and spam filters; probably by changing up the code and pushing the e-mail through legitimate mail servers on the web. One I investigated came through a citibank.com server in London.

They are also known to use ADP as a front.

Thursday, October 3, 2013

Your UPS Invoice is Ready

It claims to come from UPS, the represented address is UPSBillingCenter@ups.com, it has an attached zip file named UPS_Invoice_8890001251.zip, which contains a file called Report_03102013.exe. It is also possible that the .zip file and .exe files will have slightly different numbers in their names to help defeat spam and virus filters. It is either spoofed or hacked. DON'T OPEN IT; IT IS A VIRUS!

Delete and move on with your day!

The message hails from Greenford, London, England. It looks like it was somehow routed or spoofed through Citibank; 524DC67B.901010@citibank.com. Citibank.com does not designate 46.37.50.131 as permitted sender.

Infected Virus Spam Mail Text;

This is an automatically generated email. Please do not reply to this email address.

Dear UPS Customer,
New invoice(s) are available for the consolidated payment plan(s) / account(s) enrolled in the UPS Billing Center

Please open attached file to view and pay your invoice.
________________________________________
(c) 2013 United Parcel Service of America, Inc. UPS, the UPS brandmark, and the color brown are trademarks of United Parcel Service of America, Inc. All rights reserved.
For more information on UPS's privacy practices, refer to the UPS Privacy Policy.
Please do not reply directly to this e-mail. UPS will not receive any reply message.
For questions or comments, visit Contact UPS.

Thursday, September 12, 2013

Today's Hottest deal

Another example of weight loss spam trying to sell Green Coffee Beans.  What is is with Russia? Are they all involved in Green Coffee scams?

Yea, so, this really didn't come from Dr. Oz (btw, he doesn't spell his name with a zero). Aside from the fact that this e-mail misspells his name what else is there to prove that it is spam?

1) It comes from leach5b6b5@jazeegroup.com , a fairly obvious random name at a plastics company (www.jazeegroup.com). They have either been spoofed or hacked.

2) The email sender server, 181.64.209.252 , is located in or around Lima, Peru. One source says Tacna, Peru.

3) The message body contains "flak"; random text meant to fool spam filters (it doesn't fool ours).

4) All links in the e-mail point to the same Russian website including the "unsubscribe" link.

5) The English in the message is horrible. Would good old Dr. Oz really send a grammatical nightmare like this?

Delete this garbage....

Junk Mail Text;

Can't see this email? View it in your browser. http://204.1p9.ru/?73B88C59E3BA9AE125

Today's Hottest Deal from Dr.0Z

Eat at pleasure, drink with measure and enjoy life as it is even if you are obese! But you will need our product to follow the piece of the advice give above successfully. Our revolutionary formula burns fat, boosts energy,purifies your body and makes you slimmer every single minute even if you eat much. Lose about 3 kilograms weekly effortlessly and notice that your silhouette and appetite gets back to normal. Do not forget to take the product regularly and order it timely to avoid intake gaps!

Order today http://204.1p9.ru/?73B88C59E3BA9AE125

In 1952 the Center moved to downtown Portland and occupied the vacated buildings of Lincoln High School.But also they partly live in both land and water.Knowing that Yao fails to follow the order, the 800 Dragons are now trying to kill both of them. This was the cause celebre Musolini chose to trumpet around the world to justify the move he was soon to make.Lifting the pivot foot, taking multiple steps, or shuffling the feet before starting a dribble. Diamond centralized its operations to Stockton, California. Devlin and his wife Eliza live in Tualatin.The boys thereupon get out of the water, chase Jenny and drag her back to the edge of the creek. One day, the two move the bodies out of the cellar and bury them by the side of the house.Since a concussion was what blinded him, a concussion was what cured him too.One of its main tasks. The law become a model for national legislation a few decades later. The Battle of Weymouth. Currys is the UK's largest electrical retailer.Louis, from whom she took the surname she used. This was based on a similar system that was introduced in Sweden one year earlier.However, the program was not complete. Limbaugh in the overnight hours.Even so, the IRS confiscated their red Volkswagen for back taxes.

You are receiving this email because you have subscribed to newsletter updates. If you would like to stop receiving these emails, you can unsubscribe http://204.1p9.ru/?73B88C59E3BA9AE125

Wednesday, September 11, 2013

Re


Gareth and Catherine Bull giving away their fortune!

I don't think I'll bother....

This message claims to originate from info@unicaen.fr, a University in the Normandy region of France; www.unicaen.fr . It is a spoofed or hacked account.  The sending server, 130.132.50.170, is located in New Haven, Connecticut, USA. I stripped all the links from the message.

Delete it, move on with your day!

SPAM content;

We are donating the sum of £800,000.00 globally to two lucky recipient,send your Name,Country,Occupation - for review,check http://www.dailymail.co.uk/news/article-2091124 for source of Funds

Green Coffee Spam Comment

Anonymous spam comments abound! I stripped the link to their Russian based Green Coffee site.

If someone on the Internet is trying to sell you Green Coffee, just back away...

Right here is the right webpage for anyone who would like to find out about this topic. You realize a whole lot its almost tough to argue with you (not that I really would want to…HaHa). You certainly put a new spin on a topic that has been written about for many years. Great stuff, just great! Feel free to surf to my blog post :: Fat Loss on How to Lose Weight Fast

Look What I Found

Another weight loss scam. Is there no end?

This one claims to come from sotoc07011@sparbonde.net, a domain registered in Denmark. There is no site set up at www.sparbonde.net . The sending IP address, 212.230.85.198 , is hailing from either Madrid or Alarcon, Spain. The message contains a bunch of email flak (unrelated, nonsense wording that hopes to fool SPAM filters). It doesn't fool ours though...

Just delete this garbage!

Spam E-mail Content;

Dear pete deichmann, i found new slimming product :-)
It's working 100%. Dont miss it:
Check now!

Seton Lake First Nation, aka the Seton Lake Indian Band.
Arthur Ellis award in the category of best novel.
The posthumous Empresses are listed separately by the year they were given the title.
Despite, or perhaps because of, the multiplicity of texts in circulation, many were in a poor state.
Floods, earthquakes, volcanoes, lightning, forest fires.

Tuesday, September 3, 2013

Newegg.com - Payment Charged

Here's a really sneaky attempt to hi-jack computers that our SPAM filter caught the other day. Watch out for this one; it is very well engineered! Remember if you want to avoid this type of message all together CONTACT US!

This claims to be from Newegg.com (a vendor I use), but came to the incorrect e-mail address and does not have the correct account number included. All links in the message lead to mainepontoondealer.com/toothed/index.html.; a malware infected website. The sender's IP address, 208.125.23.26, hails from New York City. I went ahead and released this message to my mail client because it was just too good to let slide. It's one of the nicest looking malware attempts I've seen in quite some time.

I want to let everyone know what to look for if something like this shows up in your inbox.

Whenever a suspicious message shows up, hover your mouse over the links in the message (DO NOT CLICK THEM). In this case  Customer Services , and all the other links in the e-mail shows the address http://mainepontoondealer.com/toothed/index.html. Now that the true destination of the link is known, we can tell that this is a bogus message and that it should be deleted. NewEgg.com isn't in the business of directing their customers to Pontoon Boat Dealers.

SPAM mail content;



Spam email text;


Customer ID: me@sidsolve.net
Account Number: 23387357
Dear Customer,

Thank you for shopping at Newegg.com.

We are happy to inform you that your order (Sales Order Number: 170804662) has been successfully charged to your Mastercard and order verification is now complete.

If you have any questions, please use our LiveChat function or visit our Contact Us Page.

Once You Know, You Newegg.

Your Newegg.com Customer Service Team


On a side note; Google is also listing this website as infected; http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://mainepontoondealer.com/


Tuesday, August 27, 2013

Don't spend the summer dateless. Search pics now on Facebook Dating App

 Dating spam... How original!

The sending server for this message is in Los Angeles, California. The e-mail comes from fbdatingapp@cayhub.net. The links in the message refer to cayhub.net. Maybe this is legitimate? The domain listed in the message is the same as the sender's domain, right?

It doesn't matter. This is an unsolicited e-mail with no unsubscribe option listed. The owner of the domain cayhub.net is in Ohio. Things are not adding up.

Delete, don't click the links!

Spam Message Text;

Meeting singles - made simple
http://www.cayhub.net/99e74f/?chab5ah3f032fc6fh2h9432a5

Ready to step up your dating game?

http://www.cayhub.net/99e74f/?chab5ah3f032fc6fh2h9432a5

Lose weight and never feel starved again

Here we go with another weight loss scam/spam from another fake Dr. Oz. This one is claiming to come from http://www.arioliafro.it , an industrial products company in Italy. They've been hacked or spoofed. The sending server is located in Phnom Penh, Cambodia.

All the links in the message (I attached the stripped message to reveal them) point to a Russian website selling, you guessed it, Green Coffee Bean Extract. Shocking, I know...

Don't click the links, just delete the message.

Spam e-mail text;

From :    pete.d@arioliafro.it
To :    me@mydomain.com
Subject :    Lose weight and never feel starved again
Date :    08/23/2013 03:53 MDT
Status :    Quarantined by Spam policy (score 99.9%)
Sender IP :    175.100.33.157


Sign Up http://mirise.ru/?4cc1ddf3b5=51c1e3e99c1eed4a7c8976677560 for eNewsletters   •   Trouble reading? Read it online http://mirise.ru/?f5ced783ff407b211=c1ad014b33c3554b1dce17f00b7b .

August 23, 2013

Lose weight and never feel starved again http://mirise.ru/?53fe11f1021a9df824ef=17d649e8a544ba3f326cac7442e07f

By Dr. Oz

Another hot season is almost over and you have wasted it again! We know that obesity is a frustrating thing and we do realize that you have made numerous attempts to lose excessive weight but failed to. Finally we have wonderful news for you: there is a brand new natural product that burns at least 12-16lbs. a month. You do not have to do anything. Live your normal life, eat the things you usually consume and get slimmer every single day.

Read more http://mirise.ru/?f842c95da1ccc19823e=92b2eac4e1dd6ab3ad65

� 2013 iHealthPro, Summit Business Media http://mirise.ru/?55cd090f76=88e3a803ddaf94f3616f335 . All rights reserved. Privacy Policy http://mirise.ru/?9d95aea5aee4d=0a65cd88773063f46d5bd23377559

You have recieved this email at me@mydomain.com.
Did your friend send you this link? Click here http://mirise.ru/?ed97d9c52971f56=11eba34eaaf0792151b2e6e to get your own free subscription.

Click here http://mirise.ru/?58a27f2f3f3256=62f5c18676f61a572f2a7d4 to unsubscribe.

Friday, August 23, 2013

Oxitamin Spam Comment

In an effort to keep me entertained, anonymous users are leaving me spam comments. Excellent! I'll post them whenever I get them. I'm sooooo extremely magnificent!

This is more health/vitamin/weight loss spam. Don't give these guys your time or money. It's a rip-off.

Spam Comment Text;

Excellent goods from you, man. I've bear in mind your stuff previous to and you're just extremely magnificent. I actually like what you've acquired here, really like what you are saying and the best way during which you say it. You make it entertaining and you still care for to keep it sensible. I can not wait to learn far more from you. That is really a wonderful website. Visit my web-site; http://oxitaminsite.org

URGENT NOTICE

The U.S. Department of Justice is e-mailing me!

Not really... It's just a spammer.

It comes from dept_ofjustice.gov@outlook.com. The USDOJ doesn't use Outlook.com as their e-mail provider; clue number one that this is a bogus message. A quick query of the sender's IP address (77.238.189.201) shows that it is coming from either London, England or Dublin Ireland. The warning lights are flashing.

Special thanks to Outlook.com for vetting their users so well...

This message was blocked because it had an infected file attached. If you receive one of these don't open anything. Just delete it!

Spam mail text;

View the attached file for email details

Best Regards

Tuesday, August 20, 2013

This stock is at forefront of boom!

Here's stock spam. This one is coming from IP address 124.171.63.233 in Sydney, Australia. All the message includes is the link to a binary options trading site. I performed a quick search on "traderush scam" and found page upon page of reviews that seem pretty fabricated. Sometimes the one shouting loudly is the one to ignore. Add that to the fact that the sender's e-mail address claims to be from a user at quintiles.com (a company that is based in the U.S. and that doesn't appear to have an Australian office) and the warning lights should be going off all over the place.

It's not an accident that a spam message contains a link...

Stay away, don't visit, delete.  

SPAM TEXT:

The Forever Flashlight
http://traderush.com/

Thursday, August 15, 2013

New Product to Lose up to 15 lbs.





Who wouldn't like to lose a few extra pounds, right? Well, if you respond to this e-mail you'll probably get a virus and maybe lose a few extra bucks as well. 

Yet another Green Coffe Bean scam, this message claims to be from Dr. Oz and shows a stolen physical address of 10051 Carver Road, Suite 210, Blue Ash, OH, 45242 USA. The address belongs to a legitimate media company called FW Media Inc. and and doesn't appear to be affiliated with Dr. Oz in any way. The sender's address shows my first name coming from anka.cc; a domain that resolves to mail2.netfront.net. This is most likely an account set up by a hacker on someone else's mail server to send out spam.

See how nothing is lining up here? Bad Physical address, domain doesn't match, someone with a similar e-mail address as the recipient, anka.cc doesn't resolve to a website. Just that much wrong should warrant an automatic delete. 

Digging deeper, I stripped the message below to show the source code, note that all the links lead to a .ru website; including the link to "unsubscribe". That's Russia for those who don't already know. The e-mail's source IP address is 190.195.165.149 is located in Lanus, Buenos Aires, Argentina and is owned by Cablevision. Every way it is sliced, this e-mail stinks.

Delete it, don't click the links, don't visit their site, move on with your day!

Tired of getting e-mail like this? CONTACT US, we'll set your business up with the SPAM FILTER we use and you won't have to deal with these scammers anymore.


Spam Mail text;

View this email with images » <http://hilingsof.ru/?5770c3c25e4d6cbb=d7b8da448c4185245ffa7>        
Dr. OZ Online Shop <http://hilingsof.ru/?f810f385ec93d6b9615b=c4eaaa148d06be22ac8720>      
       
     
2014 New Product from Dr. OZ <http://hilingsof.ru?07ef1d2b638789683f12=e1bb714bbec45fd91f5b>


What would you do to get rid of excessive weight? Are you ready to spend hours working out in gyms and suffering from hunger cramps round the clock? Well, you do not have to do all that! We are ready to introduce you to a revolutionary slimming product comprising 100% natural ingredients. The product is 99.9% efficient. You can eat whatever you like and stick to your regular activities and lose at least 10-14 lbs. a month.

Want to know more? <http://hilingsof.ru/?8430fa65cb00bd4c4053=69cc6e92bb5aff00c880>

More articles:

*     These Foods Are Good for Your Heart But Are They Making You Fat? <http://hilingsof.ru/?294d27df6f928e44=6c23223bd4c3ec66c07986e2d786>
     
*     Water Diet: Is it Really a Good Plan for Weight Loss? <http://hilingsof.ru/?7c5e74aaf2492d89a2=b9b2a63aa783e2ae9dc7>
     
*     Is Summer Fun Sabotaging Your Weight Loss? <http://hilingsof.ru/?25e84c7eeb2e70d9d19e=19c052852cc883809a4ee8c1>
     
*     8 Ways to Bust Through a Weight-Loss Plateau <http://hilingsof.ru/?5a0ac4597682dd7=8296a6dae59f8a3b171d5a29de6e>



This email was sent to: user@sidsolve.com by OZ Media
10051 Carver Road, Suite 210, Blue Ash, OH, 45242 USA

One-Click Unsubscribe <http://hilingsof.ru/?2b0d6cf6193b0eb=7eb9ef025d6bee3b177f>  | Manage Subscriptions <http://hilingsof.ru/?7d92a94e4191=991c08d8107472287da7e9952f5b5>  | Update Profile <http://hilingsof.ru/?e5435bbcea78d4e=39a8aa76751a9a2d1e99955e932591>  | Forward to a Friend <http://hilingsof.ru/?fdc60ff52b709520=c797b512793000f8954184b8afee2>       

Tuesday, August 13, 2013

Im online now




This funny little piece of Junk Mail hails from Lima, Peru. The sender claims to be from the domain aragontello.com; a domain that shows a 403 Forbidden if you bother to visit it. The sending IP address, 190.236.183.183, belongs to Telefonica del Peru



Don't feel too special, it's a scam. Delete and move on with your day!

Spam mail text;

I am Queen. Guys say I am hot and I tend to believe them :)
What I need is a hot guy like you! Saying "hot" I do not really mean cute face or crazy muscles :)
I like having fun. I simply adore sex. I am full of fascinating ideas, so you will never be bored with me, I promise!
Maybe we can
chat online?
See you online!

Good Day !!

Good Day Indeed! A good day for another silly scam. I find it difficult to believe that anyone falls for these but, it happens everyday. Beware of all e-mail; Google for anything even slightly suspicious.
 
Coincidentally this piece of SPAM comes from the giant Google mail servers in Mountain View, California; IP address 209.85.192.195 to be specific. Yet the message poses as being from dbinibrahim@yahoo.com. It just goes to prove that anyone's mail servers can be put to misuse.
 
In a sad attempt to appear legitimate the scammer has placed a link to an old Defense.gov news article from 2005. So very clever...
 
Don't fall for it; delete.
 
SPAM scam text;
 
Dear Friend,

I must say sorry for interfering into your privacy without seeking for
permission. It's because of urgency of this matter, I'm Datuk Ramli Bin
Ibrahim, Director in charge of audit and account unit department, of HSBC
Bank here in Kuala Lumpur-Malaysia, I have decided to contact you for a
mutual beneficial transaction with 100% Risk Free.

In Jenuary 2005, a lady working for the Cambridge, Massachusetts-based NGO
Management Sciences for Health (MSH) moved some cash from Europe to our
bank. As her account officer she instructed that I should put a hold on the
fund that was supposed to go to Afghanistan pending on her return or
further instructions.

In the following month being February 2005, she got involved in a plane
crash in Afghanistan and the fund remained unclaimed till date. As her
account officer, I was aware that nobody knows about the movement of the
funds except her team who was also involve in the plane crash.

Please, you can view the news on this website:
http://www.defense.gov/news/newsarticle.aspx?id=25895

I want to utilize this opportunity and make use of this fund by
transferring the money to you. I want to work with you on it. The amount
involved is Twenty-Two Million Five Hundred Thousand United States Dollars
Only. {US$22,500,000.00} .

Please send your reply to this email address: dbinibrahim@yahoo.com and
lets benefit from this golden opportunity. You are my first contact. I
shall wait for days and if I do not hear from you, I shall look for another
person.

Kindly furnish me with the following information:

A: Your Full names
B: Your Residential Address
C: Your direct telephone number
D: Age
E: Occupation.
F: Gender

Waiting for your reply soon. Have a nice day!

Yours Faithfully
Datuk Ramli Bin Ibrahim,