They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!
Here is a recent list of such emails in my junk box:
Tuesday, July 31, 2007
More fake greeting cards, ecards, postcards, Virus warning
Recently, many more of these fake phising ecards, postcards, greeting cards have appears. They always look exactly the same, the only thing that changes is how they are addressed: Friend, family member, mate, class-mate, worshippper, etc., and from which web service the come from, i.e. american greetings, e-cards.com, all-yours.net, 2000greetings.com, freewebcards.com, vintagepostcards.com, 123greetings.com, riversong.com, postcards.com, greet2k.com, netfuncards.com, hallmark.com etc.
They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!
Here is a recent list of such emails in my junk box:
They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!
Here is a recent list of such emails in my junk box:
Thursday, July 5, 2007
Phishing using Greeting cards/ecards, Virus warning
Recently, I got e-greeting cards in my email, one apparently from a neighbor, one from a friend. However, I didn't expect any cards. A careful check of the IP addresses on which one was supposed to click showed that they are not the same as the one from the company from which the e-greeting was supposed to come.
Here are the two examples:
....
Subject: Celebrate Your Nation
....
Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.
SEEING YOUR CARD
If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:
xxx.xx.xx.xxx (IP number removed for security reasons)
Or copy and paste it into your browser's "Location" box (where Internet addresses go).
PRIVACY
2000greetings.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy.
TERMS OF USE
By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement.
We hope you enjoy your awesome card.
Wishing you the best,
Mail Delivery System,
2000greetings.com
...
Subject: You've received a greeting postcard from a neighbour!
Date: Mon, 2 Jul 2007 14:22:06 +0200
...
Good day.
Your neighbour has sent you a greeting postcard from Hallmark.Com.
Send free ecards from Hallmark.Com with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
--------
OPTION 1
--------
Click on the following Internet address or
copy & paste it into your browser's address box.
xxx.xx.xx.xxx (IP number removed for security reasons)
--------
OPTION 2
--------
Copy & paste the ecard number in the "View Your Card" box at xxxxx (removed)
Your ecard number is
xxxxx (removed)
Best wishes,
Mailer-Daemon,
Hallmark.Com
These emails are BOGUS, FAKE, neither of the IPs (deleted above) pointed to 2000greetings or hallmark.
I found further information on this type of fraud also at purportal.com/spam/1852/ and www.scambusters.org/ecards.html.
The sole purpose of these emails is to direct the reader to a fraudulent web site, with the purpose of infecting your computer with spyware or viruses, or otherwise obtaining information from you to exploit.
This threat is very, very insidious (dangerous), because a simple click to this bad web site can already cause problems if
your computer is not protected from the latest viruses or spyware!!
So, beware! Do not click on the links!!
Here are the two examples:
....
Subject: Celebrate Your Nation
....
Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.
SEEING YOUR CARD
If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:
xxx.xx.xx.xxx (IP number removed for security reasons)
Or copy and paste it into your browser's "Location" box (where Internet addresses go).
PRIVACY
2000greetings.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy.
TERMS OF USE
By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement.
We hope you enjoy your awesome card.
Wishing you the best,
Mail Delivery System,
2000greetings.com
...
Subject: You've received a greeting postcard from a neighbour!
Date: Mon, 2 Jul 2007 14:22:06 +0200
...
Good day.
Your neighbour has sent you a greeting postcard from Hallmark.Com.
Send free ecards from Hallmark.Com with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
--------
OPTION 1
--------
Click on the following Internet address or
copy & paste it into your browser's address box.
xxx.xx.xx.xxx (IP number removed for security reasons)
--------
OPTION 2
--------
Copy & paste the ecard number in the "View Your Card" box at xxxxx (removed)
Your ecard number is
xxxxx (removed)
Best wishes,
Mailer-Daemon,
Hallmark.Com
These emails are BOGUS, FAKE, neither of the IPs (deleted above) pointed to 2000greetings or hallmark.
I found further information on this type of fraud also at purportal.com/spam/1852/ and www.scambusters.org/ecards.html.
The sole purpose of these emails is to direct the reader to a fraudulent web site, with the purpose of infecting your computer with spyware or viruses, or otherwise obtaining information from you to exploit.
This threat is very, very insidious (dangerous), because a simple click to this bad web site can already cause problems if
your computer is not protected from the latest viruses or spyware!!
So, beware! Do not click on the links!!
Monday, June 11, 2007
Colonyinvest Fraud, part3
Well, each time you look at that site, you just find more lies. The testimonials are all written in poor English, definitively not by a native English speaker. Further, this testimonial says they used this company for 6 months! What a lie. If you look in my first post, you will see that the Web site is up only since the middle of March 2007.
Forget these fraudsters...
Forget these fraudsters...
Thursday, June 7, 2007
Colonyinvest Fraud, part2
Colonyinvest is even running their own blog here on blogspot (or at least used to). Does it surprise me that they only have one post, advertising their schemes? Of course not.
At least this gives us the opportunity to look at their claims.
So, for 1000$ investment, at 3% interest per day put into a separte account, you get 1000$ in 33 days. You are supposed to gain 3000$ to 4000$ (it's not quite clear how this strange scheme is counting) in the short time of 100 days. Impossible with the investment sources (stock market, commodities) they cite on their Web page.
They clearly want to cheat unsuspecting people from SouthEast Asia. They offer low investment limits (just 100$ gets you started), and they have a strange online keyboard for entering information. This only makes sense if one thinks about possible entry problems caused by keyboards and alphabets in different countries.
They want to lure as many people as possible in a short time, therefore the network and friend-to-friend bonuses. Clearly this is an illegal pyramid scheme.
www.colonyinvest.com could be shut down any moment, and the only one who profits is the Web operator who collected all the money. Perhaps he will pay out some interest to the first investors to generate a positive feedback, and keep the money coming in, but at some point, this Web site and the money will just disappear. Since this seems to have started in April, it could stop any day.
Again, just keep away from such sites.
At least this gives us the opportunity to look at their claims.
So, for 1000$ investment, at 3% interest per day put into a separte account, you get 1000$ in 33 days. You are supposed to gain 3000$ to 4000$ (it's not quite clear how this strange scheme is counting) in the short time of 100 days. Impossible with the investment sources (stock market, commodities) they cite on their Web page.
They clearly want to cheat unsuspecting people from SouthEast Asia. They offer low investment limits (just 100$ gets you started), and they have a strange online keyboard for entering information. This only makes sense if one thinks about possible entry problems caused by keyboards and alphabets in different countries.
They want to lure as many people as possible in a short time, therefore the network and friend-to-friend bonuses. Clearly this is an illegal pyramid scheme.
www.colonyinvest.com could be shut down any moment, and the only one who profits is the Web operator who collected all the money. Perhaps he will pay out some interest to the first investors to generate a positive feedback, and keep the money coming in, but at some point, this Web site and the money will just disappear. Since this seems to have started in April, it could stop any day.
Again, just keep away from such sites.
Fake Universities
Well, well. The Web is an endless source of fraud. BBC just had a news bit on "Corruption that is damaging education" (http://news.bbc.co.uk/2/hi/uk_news/education/6729537.stm). One part of this was Fake Universities on the Web (http://news.bbc.co.uk/2/hi/uk_news/education/3369567.stm). Some universities mentioned in the article are "Shepperton University", University of Dorchester", "GM University", "Greater Manchester University Ltd". A check of the still active Web site of "Shepperton University" reveals a page for International Students that says "All tuition and fees must be paid in U.S. currency and all checks drawn on U.S. banks." All other tuition fees are also in US$. Yeah, sure, for an English university in England, you need to pay in Pounds.
But another key way of detecting the fraud is the Web address: From BBC "The website addresses of the bogus institutions are a quick giveaway, because they cannot obtain the bona fide ".ac.uk" domain - though it has been known for some to use ".ac", the Ascension Islands domain." In other countries, like the US, academic institutions usually end in ".edu". In other countries it may be more difficult to get a list of real universities, as there is no system such as "ac.uk", or ".edu". Still, it should not be too difficult to find real institutions with proper Web sites that list addresses, faculty members, etc.
But another key way of detecting the fraud is the Web address: From BBC "The website addresses of the bogus institutions are a quick giveaway, because they cannot obtain the bona fide ".ac.uk" domain - though it has been known for some to use ".ac", the Ascension Islands domain." In other countries, like the US, academic institutions usually end in ".edu". In other countries it may be more difficult to get a list of real universities, as there is no system such as "ac.uk", or ".edu". Still, it should not be too difficult to find real institutions with proper Web sites that list addresses, faculty members, etc.
Saturday, June 2, 2007
Scam Investment Schemes: ColonyInvest part1
There are plenty of fraudulent investment schemes out there. If a scheme sounds too good to be true, well, indeed, it's probably not true. Artists against 419 (419 is also known as Nigerian fraud) has a database of fake Banks (http://db.aa419.org/). Alas, this list is not complete, new schemes pop up all the time.
Let's have a look at a recent scheme: www.colonyinvest.com.
Can this be real? They apparently advertise their business mainly on Asian webboards (e.g. Malaysia), and seem to rely on word to word propaganda to sign up people, apparently in a pyramid scheme.
So, let's examine the Web site. The "About Us" section:
They claim to be the online investment branch of a major Investment company "Colony Invest Management Inc. ".
Web searches do not reveal any company by that name. Further, they are supposed to be based in Rochester, NY, but a check in the list of supervised institutions at the "State of NY Banking Department" http://www.banking.state.ny.us/supinst.htm" does not reveal any such company.
Most revealing is that nowhere in the Web site is any real adress or phone number listed. Highly suspicious.
Look at the supposed list of directors, many of the places they supposedly worked at cannot be found on the internet:
Estine Development Group, London Tucks Development Agency, Smith Simpson College, Barbra Capital Partners, Clinton, Dubbier & Rice, Inc. There is a "Simpson College" without "Smith", but why should a "reputable" company make such a mistake... Anyway, this whole list is just made up to look impressive.
What about the links to the companies they invest in, the references? You will notice that these are just links to other Web Sites, and none of these other Web Site ever mention or link back to ColonyInvest.
So, where is the Web site registered? A search on http://www.whois.net/ brings us to the registrar godaddy.com (where you can register a web site for 10$ a year). The information there yields:
Wow, a single person in Fremont California (whatever happened to Rochester, NY?) is listed as administrator and technical expert, and he has a yahoo email address in China! How fishy is that?
A reverse lookup of the phone number at http://www.whitepages.com/ gives us the following information for the same phone number:
Ibi synergy (http://www.ibisynergy.com/) is an importer of condoms for NR Synergy in Malaysia. This seems to be a little legitimate business. You can make another lookup for this Web address and find another owner listed for this phone number. But clearly, this is very different from what ColonyInvest is supposed to be.
Finally, let's look at some of the fine print of ColonyInvest. In their FAQ:
To deposit money into an account of theirs, they charge 5%!. To withdraw money, they charge 10%. So, according to the example given, you deposit 1075$, and when you want to withdraw it later, you get 860$ back. So, together with fees, they take 20% of your money, what a rip-off. No reputable bank will do that. And nowhere do they promise you any garanteed profits... For each transaction in the market they charge you 50$. A search for "online banking" will give you many online banks that allow you stock market trading for less than 10$ per transaction.
So, in conclusion, just stay away...
Let's have a look at a recent scheme: www.colonyinvest.com.
Can this be real? They apparently advertise their business mainly on Asian webboards (e.g. Malaysia), and seem to rely on word to word propaganda to sign up people, apparently in a pyramid scheme.
So, let's examine the Web site. The "About Us" section:
They claim to be the online investment branch of a major Investment company "Colony Invest Management Inc. ".
Web searches do not reveal any company by that name. Further, they are supposed to be based in Rochester, NY, but a check in the list of supervised institutions at the "State of NY Banking Department" http://www.banking.state.ny.us/supinst.htm" does not reveal any such company.
Most revealing is that nowhere in the Web site is any real adress or phone number listed. Highly suspicious.
Look at the supposed list of directors, many of the places they supposedly worked at cannot be found on the internet:
Estine Development Group, London Tucks Development Agency, Smith Simpson College, Barbra Capital Partners, Clinton, Dubbier & Rice, Inc. There is a "Simpson College" without "Smith", but why should a "reputable" company make such a mistake... Anyway, this whole list is just made up to look impressive.
What about the links to the companies they invest in, the references? You will notice that these are just links to other Web Sites, and none of these other Web Site ever mention or link back to ColonyInvest.
So, where is the Web site registered? A search on http://www.whois.net/ brings us to the registrar godaddy.com (where you can register a web site for 10$ a year). The information there yields:
Wow, a single person in Fremont California (whatever happened to Rochester, NY?) is listed as administrator and technical expert, and he has a yahoo email address in China! How fishy is that?
A reverse lookup of the phone number at http://www.whitepages.com/ gives us the following information for the same phone number:
Ibi synergy (http://www.ibisynergy.com/) is an importer of condoms for NR Synergy in Malaysia. This seems to be a little legitimate business. You can make another lookup for this Web address and find another owner listed for this phone number. But clearly, this is very different from what ColonyInvest is supposed to be.
Finally, let's look at some of the fine print of ColonyInvest. In their FAQ:
To deposit money into an account of theirs, they charge 5%!. To withdraw money, they charge 10%. So, according to the example given, you deposit 1075$, and when you want to withdraw it later, you get 860$ back. So, together with fees, they take 20% of your money, what a rip-off. No reputable bank will do that. And nowhere do they promise you any garanteed profits... For each transaction in the market they charge you 50$. A search for "online banking" will give you many online banks that allow you stock market trading for less than 10$ per transaction.
So, in conclusion, just stay away...
Subscribe to:
Posts (Atom)
