Oct 14

FedEx Delivery Notification

This fake FedEx email prompts you to click a link in order to “print this label”. A VirusTotal scan of the embedded link did not reveal any malicious content. Please note that this does not mean that it is safe to click the link.

Did you get this email? Let us know in the comments below.

FedEx Delivery Notification Email

Apr 13

Your transaction is completed

Here’s another in the series of fake Bank of America emails. A VirusTotal scan of the attachment revealed that the zip file (PAYMENT RECEIPT 24-04-2013-GBK-75.zip) contains a trojan. Make no attempt to open or download the attachment.

See also Bank of America’s security warning about these types of emails.



Transaction is completed. $79260385 has been successfully transferred.
If the transaction was made by mistake please contact our customer service..zop
Receipt of payment is attached.

*** This is an automatically generated email, please do not reply ***
Bank of America, N.A. Member FDIC. Equal Housing Lender Opens in new window
© 2013 Bank of America Corporation. All rights reserved



Apr 13

ATTENTION : Your background information was checked online o the morning of 4/10

This is not your regular SPAM .

A VirusTotal scan of the link in the message revealed that the target site is “Malicious”.  Avoid clicking on links in the message at all costs.

Did you get this email? Let us know in the comments below.


[alert style=”danger”]

Records Department

Dear **YourEmailAddress**,
Recently it has been brought to our attention that someone has been viewing or trying to view your background records online.

You can easily find out who this person is by visiting below. We also offer background checks on other people in your life as well if that is something that you require.

View Records:
**Link Removed**

Thanks much,
Linda Vivie



Apr 13

Fake CareerBuilder.com Email

Be on the lookout for fake CareerBuilder.com emails with the subject line “Job Offer“. These emails are not from CareerBuilder.com. Do not respond to the email address listed in the email message.

Twitter conversation with CareerBuilder:



Learn how to identify other fake CareerBuilder emails.

Apr 13

International Wire Transfer File Not Processed

Beware of fake Wells Fargo emails floating around today. The email is accompanied by an attachment (Report_04122013.zip 97 KB) that contains a trojan as revealed by a Virus Total scan.  See also Wells Fargo’s official website on “Fraudulent Emails, Websites and Phishing Variations“.


[alert style=”danger”]We are unable to process your International Wire Transfer request due to insufficient funds in the identified account.

Review the information below and contact your Relationship Manager if you have questions, or make immediate arrangements to fund the account. If funds are not received by 04/12/2013 03:00 pm PT, the file may not be processed.

Please view the attached file for more details on this transaction.

Any email address changes specific to the Wire Transfer Service should be directed to Treasury Management Client Services at 1-800-AT-WELLS (1-800-289-3557).

Event Message ID: S093-3763379

Date/Time Stamp: Fri, 12 Apr 2013 10:18:30 -0500

Please do not reply to this email; this mailbox is only for delivery of Event Messaging notices. To ensure you receive these notices, add ofsrep.ceoemigw[@]wellsfargo.com to your address book.

For issues related to the receipt of this message, call toll free 1-800-AT-WELLS (1-800-289-3557) Monday through Friday between 4:00 am and 7:00 pm and Saturday between 6:00 am and 4:00 pm Pacific Time.

Customers outside the U.S. and Canada may contact their local representative’s office, or place a collect call to Treasury Management Client Services at 1-704-547-0145.

Please have the Event Message ID available when you call.[/alert]

Apr 13

Thank you for scheduling a payment to Bill Me Later

Be on the lookout for this fake Bill Me Later email accompanied by an attachment labeled “PP_BillMeLater_Receipe04032013_6535954.zip“. A Virus Total scan of the file revealed that the zip file contains a trojan.

Do not attempt to open or download the file or click on any links in the email. See also Bill Me Later‘s security alert about fake emails like these.



Apr 13

Last Month Remit

A Virus Total scan of the attachment revealed that the file contains a trojan. Do not attempt to open or download the file. Flag the message as SPAM!

File name: “Remit_*site name removed*.zip (91 KB)


[alert style=”danger”]File Validity: 04/05/2013
Company : **Link Removed**
File Format: Office – Excel
Internal Name: Remit File
Legal Copyright: ╘ Microsoft Corporation. All rights reserved.
Original Filename: Last month remit file.xls

********** Confidentiality Notice **********.
This e-mail and any file(s) transmitted with it, is intended for the exclusive use by the person(s) mentioned above as recipient(s).
This e-mail may contain confidential information and/or information protected by intellectual property rights or other rights. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender and delete the original and any copies of this e-mail and any printouts immediately from your system and destroy all copies of it.