 sj |
||
|
||
419 Scam targets musicians website
|
|
|
||||||
|
419 Scam targets musicians website |
|
|||||
|
Subject: 419 Scam targets musicians website From: Nemesis Date: 29 Nov 04 - 08:15 PM I've just had an email from General Abacha inviting me get involved in a transaction .. and the bastard is using a genuine musician's email addy as a "return email" This seems to be the genuine address (from this singer-songwriter's website) BTW - Darren sounds an interesting musician ... (www.poyzer.com) anyone heard him? And if anyone knows Darren Poyzer in Manchester .. can they inform him please that his name is being taken in vain? Cheers Nem Subject: Hello Date: 11/27/04 9:46:08 AM GMT Standard Time From: mohammed_abacha@strompost.com Reply To: darren@poyzer.com Hello I am Mohammed Abacha, the eldest son of the late President of Nigeria General Sani Abacha, i was falsely acussed of murder and as a result of that,i was imprisoned, but thanks to Allah,i have been released for my innocence. Well dear friend i need your assistance in transfering some of my money into your account, because the government is making plans to seize them, as they did to my fathers own.Please view these site and read it's content carefully, http://news.bbc.co.uk/hi/english/world/africa/newsid_741000/741506.stm The ammount is $12 million in a Security Company Abroad. All that is needed is for me to instruct the company to transfer the funds to your account, i will renumerate you with 20% at the end, but most of all is that i solicit your trust in this transaction. I have been confined only to Kano and all my calls are monitored,So i will get my private attorney to get you the needed informations. Thanks,as i await your urgent response lf you are interested reply to this email address:moha_abacha21@yahoo.com Best Regards Mohammed Abacha |
|
Subject: RE: 419 Scam targets musicians website From: Amos Date: 29 Nov 04 - 08:25 PM This is fairly common banditry these days -- any valid email address found gets used as the apparent source of spam by spoofing the headers. Unfortunately ti sometimes reuslts in innocent domains getting added to black lists. A |
|
Subject: RE: 419 Scam targets musicians website From: Nemesis Date: 29 Nov 04 - 08:35 PM I've reported it to the originating ISP - hopefully they can block the senders account .. but, that doesn't stop them for long apparently! |
|
Subject: RE: 419 Scam targets musicians website From: GUEST,Sarah Date: 30 Nov 04 - 02:06 AM I've had one of those as well! Cheers Sarah |
|
Subject: RE: 419 Scam targets musicians website From: Nemesis Date: 30 Nov 04 - 03:59 AM Sarah .. did you mean you've had an email using Darren's email address? |
|
Subject: RE: 419 Scam targets musicians website From: treewind Date: 30 Nov 04 - 06:57 AM That's more than a bit dumb from the scammer's point of view. The idea is that the gullible victim REPLIES to the email. If the reply goes to a musician in Manchester, the necessary dialogue supposedly to organise the transfer of money will never happen. Duh! Anahata |
|
Subject: RE: 419 Scam targets musicians website From: JohnInKansas Date: 30 Nov 04 - 07:54 AM A reply to the email could be much more damaging than just getting your name on another spam list. Tricks used by spammers and by those who propogate "viral disease" are far too numerous, and too rapidly changing, to make many positive statements, but one "trick" used by the viral crowd is encryption of the virus in an email. A virus in an encrypted attachment cannot be scanned by most AV programs. It can thus get "on your machine" past your scan of incoming email. In order to "release" the virus, so that it can infect your machine, the sender must convince you that you should "enter the password." The password, contained in the email, is of course not itself viral. The requirement that you type (or paste) ANYTHING while a suspect email is "open" should suggest one of these "passworded/encrypted" worms. The email address, or any part of it, could be the required "password" to release an infection on your machine. Some but not all AV programs will likely intercept such malware as soon as it is "decrypted," but nothing is 100% here. Even "saving" the email on your machine - which you've done by leaving it in your In-Box, may be enough, since at least one prevalent "class" of worms (the W32. bunch) relies on external probing of open ports, looking to see if the "worm" is present, and then sends the password via the port it finds that gets past your firewall. A second "mechanism" that might be in use here is the result of recent improvements in spam filtering. My own filtering would likely put anything like the reported message in bulk mail, but if I reply, it would expect that a subsequent "reply" message from an address I've sent to is probably not spam. The "reputable musician's" machine may be infected, with or without the musicians knowledge, and if so the "worm" on his/her machine can send itself to anyone who responds, in a subsequent message which is much more likely to get past spam filtering and be kept on the machine. If you don't know the sender - DELETE IMMEDIATELY. Even if you "know" the sender, anything with "typos" in the address, and/or subject line, is suspect. - - DELETE IMMEDIATELY. Anything claiming to be a "reply" is especially suspect - - - DELETE IMMEDIATELY. Don't let garbage lay around on your machine. Some of it will STINK, now or later. John |
|
Subject: RE: 419 Scam targets musicians website From: treewind Date: 30 Nov 04 - 08:18 AM John - while everything you say is generally true, including the "delete immediately" rule, most of it doesn't generally apply to "nigerian scam" type emails, which are usually plain text with no virus attachments, but in order to fulfil their purpose requre you to reply to the originator (usually using a disposeble untraceable email address) My comment about this one was that it is broken in that it won't ever fulfil the originators intentions. Anyone clueless enough to respond to a 419 scam would not think of bypassing "Reply-to" in favour of "From:" in order to make sure that reply went back to Nigeria (or wherever) "The "reputable musician's" machine may be infected" Even if this was a virus it usually doesn't mean the "musician's" machine is infected - it just means some machine is infected and happens to have the musician's email address lying around in the HD somewhere. Anahata |
|
Subject: RE: 419 Scam targets musicians website From: Pauline L Date: 30 Nov 04 - 12:12 PM Thank you to all you techies who have contributed to this thread. I get lots of similar emails. |
|
Subject: RE: 419 Scam targets musicians website From: Nemesis Date: 30 Nov 04 - 06:34 PM BTW I got hold of Darren today .. and he's aware now that this has happened .. however, there's not a lot any of us can do to stop someone 'pinching' a genuine email ... But, I do get numerous gig/dates round-robins from musicians who haven't BCC'd their mailing list, so, it may be 'bleedin' obvious', but for the un-tech minded (that includes me :0) always BCC your mailing lists! |
|
Subject: RE: 419 Scam targets musicians website From: GUEST,leeneia Date: 30 Nov 04 - 09:25 PM Recently I received an e-mail purporting to be from SunTrust Bank and asking for personal information. I'd never heard of that bank, so I deleted the e-mail. Today I searched for SunTrust, and it seems to be a legitimate bank. They have an interesting page on Internet fraud. If you are not familiar with fraud, it's a good thing to read. SunTrust has invented a new word, no doubt accidentally. It's "fradulent." I like it - a cross between flatulent and fraudulent. Applies to a lot of spam. |
|
Subject: RE: 419 Scam targets musicians website From: Nigel Parsons Date: 06 Dec 04 - 02:00 PM Just had this one: Dear Washington Mutual customer, We recently reviewed your profile, and suspect that your bank account may have been accessed by an unauthorized third party. Protecting the security of your account and the Washington Mutual network is our primary concern.We appreciate your assistance in helping us to maintain the integrity of the entire Washington Mutual system. As a security measure, we have temporarily limited access to sensitive Washington Mutual account features. Please take 5 minutes out of your online experience and renew your records and you will not run into any future problems with the online service. However, failure to update your profile will result in account deletation. For more information about how to protect your account, please visit Washington Mutual Security Page - Notification expires on December 10, 2004. Once you have updated your account records your internet banking service will not be interrupted and will continue as normal. Please follow the link below and renew your personal information. https://login.personal.wamu.com/logon/logon.asp?dd=1 CHEERS Nigel |
| Translate Thread |