A Petty Blog

I only see the rare spam that gets through all the filters on Gmail and my company’s Exchange server. This one gave me a start - I did have a complicated return last year, and this year will be even worse.

From: Internal Revenue Service [mailto:no-reply@irs.gov]
Sent: Tuesday, May 05, 2015 9:59 PM
To: Doe, John
Subject: Notice of Underreported Income

 

Taxpayer ID: john.doe-00000174073547US
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)

Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below):

review tax statement for taxpayer id: john.doe-00111174073547US

Internal Revenue Service

It startled me just for a second.  It has all the clues one needs to avoid being duped.

• It’s an email.  The IRS just doesn’t work that way.
• It’s an email to my company address.  The IRS doesn’t work that way.
• It wants me to click something.  No legitimate business works that way these days.

• As a bonus, check out the Sent date - apparently, I will be evading my taxes six years from now!

The URL is http://www.irs.gov.hyu11hep.eu/fraud_application/directory/statement.php?email=john.doe@company.com&tid=john.doe-00111174073547US

• This URL is clearly bogus.  Remember, addresses read right to left - top level domain (.com, .gov, etc) then domain. Everything else is optional and flexible.  So, this one is “stuff” at  hyu11hep.eu.  Again, not as expected for the IRS.
• Everything after the “?” is instructions to the program that renders the page.  The name, email, and supposed taxpayer id can all be echoed back to you.

As always, Google is your friend.  Search for a couple of key words “hyu11hep.eu fraud_application” and you get a telling scorecard - PhishTank, Malware Domain List, abuse.ch ZeuS Tracker.

Here’s a screenshot courtesy of PhishTank.  As a final insult, the instructions are to download and execute your tax return.

I thought this was an interesting twist on the standard Nigerian scam.  It’s based (loosely) on a real news article.”My husband is a thief.  I need your help to hide the stolen money he gave me.  God bless you.”

Mrs. Ruth Madoff

West, Liverpool,

London.

My Great Compliments,

I’m Mrs. Ruth Madoff, 67, wife to Mr. Bernard L. Madoff, of Bernard L. Madoff Investment Securities LLC, who pleaded guilty to operating a multibillion-dollar Ponzi scheme, is worth up to $826 million, according to a document filed with a federal court on Friday 13th March 2009.

My husband pleading stealing billions from investment from his clients and he was ordered to jail Thursday 12th March 2009, after pleading guilty to all 11 criminal counts in one of Wall Street’s biggest swindles.

Now the Federal investigators in the USA are working around the clock to freeze all my assets, fearing that I’m trying to flee the country which I have done shortly after my husband was sentenced, I have $93 million in my name beyond their reach.

 

The Securities and Exchange Commission is working with federal prosecutors in Manhattan to prepare a filing asking a judge to formally freeze all of my assets as soon as possible.

My husband deposited the sum of (USD$17.000.000.00 Million) in a Finance Firm in Europe some years ago in my name, I need you to collect this funds and distribute it to both of us since the Federal investigators are working around the clock to freeze all my assets. Meanwhile all documents related to transfer of this fund to your account is with my attorney Mr. Peter Chavkin, who is willing to help us process the release order from the UK bank.

Presently, I’m in a hard out here in UK as the Federal investigators as well the Securities and Exchange Commission is looking for me to freeze my entire asset as well prosecute me like my husband.

Please reply back to me on this e-mail as I will like if you contact my attorney directly so that he will direct you on the way forward. Please due send to me all your contact details as I will like to speak with you before we commence on the transaction.

Please keep this confidential. You can read my story on this website: http://www.nypost.com/seven/03152009/news/regionalnews/ruth_in_crosshair_159631.htm

God bless you.

 

Best Regards,

Mrs. Ruth Madoff

I alluded to a scam in an earlier post.  I guess it’s time to elucidate.

On Monday I stopped for Gas on my way home from work.  I don’t like it, but sometimes it just has to be done.  My card was denied, and I had to use another one (I have a whole deck of them, but I don’t let that get me into trouble…)

I needed contact lens solution or something and stopped at Walgreens.  My card was denied again (I just had to try it, of course).

I called Chase to get the scoop.  It seems that someone made about 20 online UPS purchases in the space of 10 minutes or so.  It turns out that someone used my card, my old home address, and my work phone number to mail — overnight — fake cashier’s checks for $2000-$3000.  The checks were from some James Carrick.  I should also point out that my Discover card was misused in the distant past — and they called me.

On Wednesday I started getting phone calls at the office.  “What’s this check for?”.  “The bank says this check is no good - what gives?”, etc.  I got one call from a Private Investigator — “I got this envelope and I’m afraid to open it - what’s in it?”  I replied “I don’t know - probably a bad check”.  He then confessed “Actually, I did open it.  Who is James Carrick and what is this payment for?”.  Suspicious fellow.  I think he disconnected his phone number the next day.  One recipient thought it was supposed to be payment for a “driving job” he got on craigslist.  Another fellow thought it was payment for “modeling work.”  I asked if he got the work on Craigslist.  He said no, it was another website; did I want to know what site?  Um, no thanks, probably.

One recipient refused delivery and the envelope was returned to sender — that’s me!.  I was able to retrieve the envelope from the family living in my old house.  It is a large cardboard mailer.  Inside is a cachier’s check and a tiny slip of paper with instructions - “Kindly check your emails for instructions.”  Apparently the scammer cannot affored full sheets of copy paper.  I think most of the envelope recipients didn’t even see the note.  I called all my victims back, and not one of them was sufficiently email savvy to produce an email for me, so I still don’t know what the instructions would be.  All of these scams involve keeping some of the money and forwarding some of it to someone else.  After your payment is gone, the check bounces and you are out some dough and feeling foolish.  Apparently dog breeders are having a hard time with this one.

I took this opportunity to change all my financial user names and passwords.   I know I should do that regularly, but somehow it just doesn’t seem urgent.  Usually.

Blow the bacterial infections away from you. 

One of the tricks the spammers use is to hide their message in a picture and add hidden text to get past the  spam filters.   I have Outlook configured to hide pictures until I ask for them, so I don’t suppose I’m seeing the message as the spammers intended it.

The bit about frogs caught my attention (I must have been bored).  I Have to wonder where they get the raw material for the text.

This one is selling Viagra, by the way.
————————————————–

You just need to put thoose link on picture to get visit our store

there’s a tiny restaurant

and a delicious coke.
i am not going to worry…about a thing.

she’s cute
when she does these weekends she fills up really fast so don’t wait- if you need color and/or cut and/or face waxing at very reasonable prices email her promptly and she’ll get you booked and give you directions.

may you always have courage to take a chance and never find frogs in your underpants.
my happy little life

haha, that’s my girl. pug
cate was so happy she began yelling “let’s give a hand to springtime!

my homekeeping secrets
and you eat with your sunglasses on

this image of silke stoddard’s knitting is burned into my mind and tatooed on my heart.
i LOVE this picture and am so inspired to keep the needles moving.

2. to keep the bedrooms clear i throw all the dirty laundry in the laundry room and shut the door. out of sight, out of mind!
i am so grateful for quiet time with the scriptures.

where you can get great steak and shrimp
but then again, we looove roadtrips.

in a tiny town in idaho
i found that amazing old shirt (we’re big fans) at the thrift store for $1 and it’s so soft.

when you need to be home, may you find your way.
you sit at the counter

the best part of dinner was the irish soda bread- it was so so good, and it’s really easy to make.
and my wheels are turning with projects to put together for a locals knitting class.

let’s give a hand to the world, for everything it can do!!
and you are happy.

corned beef is cheap meat, a head of cabbage is less than 50 cents, and i bet you have all the ingredients for the bread in your cupboard. you should make this meal tonight!
i am blocking my two latest projects today and will show them tomorrow.

I get spam.  Not a lot, but some always finds a way to squeeze in through the cracks in the system.

I find that the spam that has been making it to my inbox is actually pretty amusing.  I suppose that in itself says something about my sense of humor.

Because I find these attempts to extract something from me amusing, and because I like to find something when I search for my message, I’m going to post some of my favorites here.  And yes, I have been involved in a serious scam.  More of an innocent near-bystander than a participant, but involved nonetheless.  More to follow as events transpire…