Log In | Subscribe | | |

spam

Sorry, idiot. If you are going to try to scam us, at least don't make it clear right from the outset that it's a fraud.

BIScom Subsection: 

What top level domains are at the heart of most of the spam that comes into your servers? Here's our current top three ....

This might just be the e-mail that launches a million problems, or more. It is incredibly simple and extremely sneaky. And it passes some anti-spam filters.

FCRO Subsection: 

The email below has come to our attention today. using a landing page at mybluemix[dot]com and a (perhaps spoofed) address at the domain masew.ml, the scam has characteristics that instantly give it away to the alert but will trap the unwary.

Spoofing email addresses (that is making it look like an e-mail comes from somewhere other than its actual sender) is a remarkably easy trick and it's heavily relied on by spammers. However, this particular spam goes further, aping the tactics used by those who send e-mails that appear to come from banks. Be warned....

Spammers and fraudsters love .com addresses but so does the rest of the world. For some time, there have been domain levels that spammers like because they can create names that look legitimate but are using the name of a legitimate, reputable, business and recipients often do not notice what's after the dot or have faith that registrars are checking and only allocating obviously well known names to their usual users. Recent additions to the "top level domain" system have opened up a new world of opportunity. Here are five TLDs that spammers are making use of and which businesses should consider banning from their incoming mail and, even, blocking server traffic to.

The old ways are the best, not the least of which is because there are always new users whose filters aren't ready for spam that hasn't been seen for a while.

This one's so old-fashioned, it's funny. Oh, and Google's failed to identify a landing page for spam and potentially illegal product sales. Artificial intelligence? Hah.

CoNet Section: 

The return, with increasing frequency, of internet domain name fraud, is usually at least accompanied by a form of what the fraudster hopes is a sufficient disclaimer to prevent prosecution. The latest iteration omits even that and resorts to blatant threats. Also, it seems that the criminals have obtained access to the domain sevenresortsnet.com to send mail and to present a landing page for those who click to respond to the demand.

CoNet Section: 

It's been a while since spammers hawked "meds" in spam. But recently, we got one. The amazing thing is that it's the same as they ever were.

Every dog has his day and, sometimes, every idiot gets his hands on a computer. Here's an example received at our registered office. Maybe it's not a a scam, but for sure it's not accurately targeted commercial mail, either.

BIScom Subsection: 

In the past day or so, a company called emailmovers limited using the domain xmr3.com have sent out a number of spam e-mails addressed to personal e-mail addresses at companies. They claim "Emailmovers is one of the UK's only B2B email data owners who provide Full Email Marketing services in house" which is, in itself a nonsensical statement.

But it's their claim for how many people they feel it's OK to send unwanted commercial email to that is interesting. Just how did they get it and how do they think it's legal to use it? And is it a predicate crime for money laundering purposes if they have breached GDPR?

You should neither know nor care exactly what criminal activity lies behind the link in this e-mail. The fact that it's fraud from beginning to end should be enough.

CoNet Section: 

Spammers have long been involved in directory fraud of one sort or another. Just as in the days of paper, letters are carefully phrased to make victims think they must make a payment. Then, hidden away at the bottom of the page is a note saying "this is not an invoice" and something along the lines of "you only have to pay if you want the service." These days, the spam-scammers also include something to tell you that they are complying with the USA's spam facilitation Act, mysteriously known as the Can Spam Act. And this one doesn't even tell victims what service they are supposedly subscribed to.

FCRO Subsection: 

Fraud is cyclical. Historically, frauds would lie dormant for, perhaps, five years then come back. But the cycle has become much shorter, often only two or three months. Some frauds have become perpetual, aided by e-mail that hits so many prospective targets at such a low marginal cost. Others have a few days in the light before disappearing into relative darkness for a matter of weeks, perhaps because the targets are sorted by e.g. alphabetical order, into batches. One such is fraud relating to domain names. They take several forms but the same basic structure. The fraudster hints that, if you don't pay up, your domain name will stop working. Here's the anatomy of one such fraudulent mail that has reached us multiple times in the past several days.

CoNet Section: 

This morning's collection of spam raises several issues that should interest an extremely broad range of people across organisations.

FCRO Subsection: 

Pages

 


 

Amazon ads

| |

 

hahagotcha