Apr 13

Your transaction is completed

Here’s another in the series of fake Bank of America emails. A VirusTotal scan of the attachment revealed that the zip file (PAYMENT RECEIPT 24-04-2013-GBK-75.zip) contains a trojan. Make no attempt to open or download the attachment.

See also Bank of America’s security warning about these types of emails.



Transaction is completed. $79260385 has been successfully transferred.
If the transaction was made by mistake please contact our customer service..zop
Receipt of payment is attached.

*** This is an automatically generated email, please do not reply ***
Bank of America, N.A. Member FDIC. Equal Housing Lender Opens in new window
© 2013 Bank of America Corporation. All rights reserved



Apr 13

ATTENTION : Your background information was checked online o the morning of 4/10

This is not your regular SPAM .

A VirusTotal scan of the link in the message revealed that the target site is “Malicious”.  Avoid clicking on links in the message at all costs.

Did you get this email? Let us know in the comments below.


[alert style=”danger”]

Records Department

Dear **YourEmailAddress**,
Recently it has been brought to our attention that someone has been viewing or trying to view your background records online.

You can easily find out who this person is by visiting below. We also offer background checks on other people in your life as well if that is something that you require.

View Records:
**Link Removed**

Thanks much,
Linda Vivie



Apr 13

International Wire Transfer File Not Processed

Beware of fake Wells Fargo emails floating around today. The email is accompanied by an attachment (Report_04122013.zip 97 KB) that contains a trojan as revealed by a Virus Total scan.  See also Wells Fargo’s official website on “Fraudulent Emails, Websites and Phishing Variations“.


[alert style=”danger”]We are unable to process your International Wire Transfer request due to insufficient funds in the identified account.

Review the information below and contact your Relationship Manager if you have questions, or make immediate arrangements to fund the account. If funds are not received by 04/12/2013 03:00 pm PT, the file may not be processed.

Please view the attached file for more details on this transaction.

Any email address changes specific to the Wire Transfer Service should be directed to Treasury Management Client Services at 1-800-AT-WELLS (1-800-289-3557).

Event Message ID: S093-3763379

Date/Time Stamp: Fri, 12 Apr 2013 10:18:30 -0500

Please do not reply to this email; this mailbox is only for delivery of Event Messaging notices. To ensure you receive these notices, add ofsrep.ceoemigw[@]wellsfargo.com to your address book.

For issues related to the receipt of this message, call toll free 1-800-AT-WELLS (1-800-289-3557) Monday through Friday between 4:00 am and 7:00 pm and Saturday between 6:00 am and 4:00 pm Pacific Time.

Customers outside the U.S. and Canada may contact their local representative’s office, or place a collect call to Treasury Management Client Services at 1-704-547-0145.

Please have the Event Message ID available when you call.[/alert]

Apr 13

Thank you for scheduling a payment to Bill Me Later

Be on the lookout for this fake Bill Me Later email accompanied by an attachment labeled “PP_BillMeLater_Receipe04032013_6535954.zip“. A Virus Total scan of the file revealed that the zip file contains a trojan.

Do not attempt to open or download the file or click on any links in the email. See also Bill Me Later‘s security alert about fake emails like these.



Apr 13

Last Month Remit

A Virus Total scan of the attachment revealed that the file contains a trojan. Do not attempt to open or download the file. Flag the message as SPAM!

File name: “Remit_*site name removed*.zip (91 KB)


[alert style=”danger”]File Validity: 04/05/2013
Company : **Link Removed**
File Format: Office – Excel
Internal Name: Remit File
Legal Copyright: ╘ Microsoft Corporation. All rights reserved.
Original Filename: Last month remit file.xls

********** Confidentiality Notice **********.
This e-mail and any file(s) transmitted with it, is intended for the exclusive use by the person(s) mentioned above as recipient(s).
This e-mail may contain confidential information and/or information protected by intellectual property rights or other rights. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender and delete the original and any copies of this e-mail and any printouts immediately from your system and destroy all copies of it.

Mar 13

Please respond – overdue payment

No I will not respond and I don’t care how “overdue” my payment is.

Be careful guys this one is trending heavily today. A virus total scan revealed that the attachment “INVOICE_28781731.zip (88KB)” contains a trojan. Do not download the attachment our attempt to open it.


[alert]Please find attached your invoices for the past months. Remit the payment by 02/04/2013 as outlines under our “Payment Terms” agreement.

Thank you for your business,

Jarrod Yoder

This e-mail has been sent from an automated system. PLEASE DO NOT REPLY.

The information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer. Thank you.[/alert]

Apr 12

NY Traffic Ticket

This is a slightly modified version of the very popular “Uniform Traffic Ticket” scam we reported on back in July, 2011. In this new version you are prompted to click a link instead of opening an attachment to “PLEAD” innocent or guilty. Do not click the link, flag as spam!

Nina Golgowski did an awesome job of exposing this scam in her CNN article “NY troopers warn of e-mail hoax ticket and computer virus“.