Beware of LinkedIn Phishing Emails

Posted by Denise Griffitts on Aug 15, 2010 in Internet Mastery | 3 comments

You are very likely getting a lot of “Join my network on LinkedIn” whether you are a LinkedIn member or not. With a little due diligence you can determine whether this is a true message from LinkedIn or a phishing email designed to separate you from your account credentials and thereby hijack your account.

It used to be fairly easy (and often entertaining!) to spot SPAM or Phishing attempts. In many cases English was clearly not the criminals’ first language. The sentence structures were terrible and there were spelling errors throughout the e-mail. Unfortunately, that’s not the case any more. The e-mails are written well enough to pass as legitimate correspondence from reputable companies such as LinkedIn. In the case of the email below, it is formatted exactly like a legitimate message but the URL is formatted to go to imperialcraftsman.com/x.html

Despite improving their spelling and grammar, there are still dead giveaways if you pay attention. Here are some things to look for to help spot a fraudulent e-mail. By hovering your mouse over any links in the email you will be able to determine which is authentic and what is not. Notice that all hyperlinks lead to a page that is clearly not on the LinkedIn domain.

I encourage you to get in the habit of deleteing messages from MySpace, LinkedIn, FaceBook, Paypal or other sites that you may be active on and just make it a point to login from the URL of the site in question when you need to check on your account activity, approve friend requests or respond to invitations.

If you think you have clicked on any of these emails be sure to go in and change your password immediately. In fact, this would be a good time to update your passwords on all of your networking sites just to be safe.

Beware of Phishing Emails Telling You That Your Mailbox Settings Have Changed

Posted by Denise Griffitts on Oct 19, 2009 in Internet Mastery | 0 comments

This morning I opened my email client to view a flurry of phishing emails similar to this one:

From: customersupport @ yourofficeontheweb.com [mailto:customersupport @ yourofficeontheweb.com]

Sent: Monday, October 19, 2009 12:02 PM

To: mail @ yourofficeontheweb.com

Subject: The settings for the mail @ yourofficeontheweb.com were changed

Dear user of the yourofficeontheweb.com mailing service! We are informing you that because of the security upgrade of the mailing service your mailbox (mail @ yourofficeontheweb.com) settings were changed. In order to apply the new set of settings click on the following link:

I have removed the link so it doesn’t get clicked on accidentally but can tell you that there is a very long URL that they are asking me to click on.

Best regards, yourofficeontheweb.com Technical Support.

A different email for another address looked like it was a newsletter type of thing and informed me that my default setting for my mailbox had changed and I needed to download and execute a new settings file for my mailbox.

DO NOT click on anything in these emails. If you are in any kind of doubt about your email settings contact your web developer or hosting company but exercise extreme caution with these types of emails.

You can also report phishing to US-CERT who is collecting phishing email messages and web site locations so that they can help people avoid becoming victims of phishing scams.

Methods of Reporting Phishing Email to US-CERT

In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to phishing-report@us-cert.gov and send it.

In Outlook Express you can also open the email message and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message to phishing-report@us-cert.gov.

If you cannot forward the email message, at a minimum, please send the URL of the phishing web site. If the suspicious mail in question includes a file attachment, it is safer to simply highlight the message and forward it. Some configurations, especially in Windows environments, may allow the execution of arbitrary code upon opening and viewing a malicious email message.

This information courtesy of US-Cert.com

**You have permission to reprint in your publication or to your website/blog any articles by Denise Griffitts found on this Website as long as Denise Griffitt’s name and contact information is included. Denise Griffitts, Virtual Assistance Industry Expert, http://denisegriffitts.com, info @ virtualassistantindustry.com, 888-719-6711.

VP Dick Cheney Sent Me An Email – I’m Rich!

Posted by Denise Griffitts on Dec 21, 2008 in Internet Mastery | 0 comments

OFFICE OF SENATE COMITEE
UNITED STATES SENATE
WASHINGTON, D.C. 20510

RE: NOTIFICATION ON YOUR FORIGN DEBT PAYMENT

ATTN: HONORABLE BENEFICIARY

We the United States Senate Committee Washington, DC in conjunction with some other relevant Investigation Agencies here in the United States of America have recently been informed through our Global intelligence monitoring network that you presently have an overdue payment transaction going on with some Local Banks in Nigeria (CBN) and West African Banks as regards to your over-due contract payment which was fully endorsed in your favor accordingly.

It might interest you to know that we have taken out time in screening through this project as stipulated on our protocol of operation with the Nigerian Government and have finally confirmed that your Contract/Inheritance payment is 100% genuine and hitch free from all fact and of which you have the lawful right to claim your fund without any further delay.

Having said all this, We understand that the only problem you are facing right now is that you are dealing with the wrong peoples some unscrupulous element are using this project as an avenue to scam innocent people off their hard earned money by impersonating the names of top officials in West Africa. Due to fraudulent activities going through west african region, all payments regards to your over-due Contract/Inheritance payment we will further advise that you go ahead in dealing with the Alliance Leicester Bank of London office accordingly, as we will be monitoring all their services with you as well as your correspondence at all level.

Also be informed that we recently had a meeting with the board of Directors of Alliance Leicester Bank of London, with some of the top officials of the British Ministry regarding your case and they made us to understand that your file has been held in abase depending on when you personally come for the claim.

And should incase you are already dealing with anybody or office claiming to be from the local Banks in Nigeria regarding ATM payment or Wire Transfer, you are advised to STOP further contact with them in your best interest and then contact immediately the real office of Alliance Leicester Bank of London to continue with your payment option only with the below information’s accordingly with reference number IHPT/ALLCT/2000/2008:

BANK NAME: Alliance Leicester Bank Of London
CONTACT PERSON: Mrs. Susan Campbell
CONTACT TEL: +44 702 406 5789
EMAIL: susancampbell1956@googlemail.com

ENDEAVOUR TO FOLLOW UP THIS MAIL WITH A CALL THROUGH THE ABOVE TELEPHONE NUMBER

Meanwhile, we will advise that you contact the Alliance Leicester Bank office immediately with the above email address and request that they attend to your payment file as directed so as to enable you receive your contract/inheritance fund accordingly and Ensure you follow all their procedure as may be required by them as that will further help hasten up the whole procedures as regards to the transfer of your fund to you as designated.

Also have in mind that the Alliance Leicester Bank of London equally has their own protocol of operation as stipulated on their banking terms, so delay could be very dangerous.

Act as advised and do not reply as this massage is an automated notification.

Best Regards,

President of the Senate
Richard Cheney
U.S. Vice President

N/B

PLEASE QUOTE THE ABOVE REFERENCE NUMBER WHEN CONTACTING THE BANK MENTIONED ABOVE

- – - – - – - – - – - – - – - – - – - -

Honestly? Do people really fall for this garbage?? I do admit to seeing a lot more of this type of thing slip past my spam filters, particularly after the economic news turned downward.  It appears to be coming so fast and furious that my filters can’t keep up.  I am even getting phishing emails from Paypal in French.  While some of these (like this one) are mildly entertaining, I find that we are spending more time on a day-day-basis getting rid of this trash.

How do you deal with this onslaught of spam?