Pat Gaudette

‘Scams & Spam’

So far today I’ve received three emails that are allegedly from American Express. Their subject line is “American Express Online Form” or “official update” or “important notification.” The message itself is the same:

Dear American Express customer,

A newly revised American Express Online Form has been issued by the American Express Customer Care Team. Please complete this form as soon as possible You can access the form at: American Express Online Form.

Thank you for choosing American Express.

Sincerely,
American Express

  To learn more about e-mail security or report a suspicious e-mail, visit us at americanexpress.com/phishing. We are unable to answer replies to this e-mail.

Copyright 2010 American Express Company. All rights reserved.

When I got the first email, with the subject of “American Express Online Form,” I thought it sounded legitimate. But, I didn’t click through the link figuring that the next time I logged into my online account I’d search for the form. Then I got the next two emails.

Viewing the raw source code for the emails shows they have been sent from various domains: saufen.de, rha-fire.com, and roviramunoz.com. Obviously not American Express. And the links within the emails also link into variations of these domains.

I haven’t seen this particular attack before but I’m sure that many people will blindly accept that they’ve received a legitimate request from AmEx and provide these thieves with all the information they need to rob their accounts.

I just received this email from DHL:

From: “DHL Support Marguerite Champagne” <xxx @dhl-usa.com>
To: xxx
Subject: DHL Tracking NR 44916176.

Dear customer!

Unfortunately we were not able to deliver the postal package you have sent on the 13th of March in time because the recipient’s address is wrong.
Please print out the invoice copy attached and collect the package at our department.

DHL Customer Services.

Attachment: DHL_invoice_copy_5327.zip

I did not rush to open the attachment although I’m sure there have been more than a few people not so fortunate. First, the email was sent to one of my email accounts that I don’t use for business purposes. Second, if I was their customer, wouldn’t they know my name and use it in the email? And, third, why send an invoice as a zip file instead of a pdf?

More information about the malicious trojan contained in the zip file is here.

A few days ago I wrote about the email I received from “Amazon.com” regarding an order placed with them. Of course the email wasn’t really from Amazon although I’ve ordered from them in the past month. Today this email came in, cancelling my order: Read more »

Like millions of other online shoppers, I buy from Amazon.com. So, receiving an email confirming an order doesn’t set off any red flags… except when the email is sent to an email address that I don’t use for online shopping. Read more »

Who thinks these scams up?! Really! Do I even need to say that the attachment that came with this email was deleted by my anti-virus program? Read more »

First of all, who in the U.S. has ever heard of a “Tax Commissar”? And, secondly, who in the U.S., in the past couple of years, has actually made enough money to move to a higher tax bracket?

So far today, I’ve received three of these emails. The link (which I’ve left out of the email), goes to the domain “rep073or.kr” or a variation thereof. Read more »

I just got this email from “VISA” regarding my VISA card: Read more »

Every year I get  Directory Listing Order Form “invoices” in the mail that, if I was working in a large corporation’s accounting office, might get paid if I didn’t take the time to read the fine print. The mailings appear to be billings for my current yellow pages listing. They are frauds or what I term “spam scams”. Read more »