24
Oct 14

FedEx Delivery Notification

This fake FedEx email prompts you to click a link in order to “print this label”. A VirusTotal scan of the embedded link did not reveal any malicious content. Please note that this does not mean that it is safe to click the link.

Did you get this email? Let us know in the comments below.

FedEx Delivery Notification Email


12
Apr 13

International Wire Transfer File Not Processed

Beware of fake Wells Fargo emails floating around today. The email is accompanied by an attachment (Report_04122013.zip 97 KB) that contains a trojan as revealed by a Virus Total scan.  See also Wells Fargo’s official website on “Fraudulent Emails, Websites and Phishing Variations“.

Sample:

[alert style=”danger”]We are unable to process your International Wire Transfer request due to insufficient funds in the identified account.

Review the information below and contact your Relationship Manager if you have questions, or make immediate arrangements to fund the account. If funds are not received by 04/12/2013 03:00 pm PT, the file may not be processed.

Please view the attached file for more details on this transaction.

Any email address changes specific to the Wire Transfer Service should be directed to Treasury Management Client Services at 1-800-AT-WELLS (1-800-289-3557).

Event Message ID: S093-3763379

Date/Time Stamp: Fri, 12 Apr 2013 10:18:30 -0500

—————————————————————————————————————————————————-
Please do not reply to this email; this mailbox is only for delivery of Event Messaging notices. To ensure you receive these notices, add ofsrep.ceoemigw[@]wellsfargo.com to your address book.

For issues related to the receipt of this message, call toll free 1-800-AT-WELLS (1-800-289-3557) Monday through Friday between 4:00 am and 7:00 pm and Saturday between 6:00 am and 4:00 pm Pacific Time.

Customers outside the U.S. and Canada may contact their local representative’s office, or place a collect call to Treasury Management Client Services at 1-704-547-0145.

Please have the Event Message ID available when you call.[/alert]


06
Dec 12

Amazon – You just canceled order 120-637764-588298

Forgot to cancel that Amazon order you never placed? No need to worry, the kind gnomes of the internet already did this for you :).

According to this phishing scam, I placed an order and then promptly cancelled it. Do not be fooled by emails purporting to be from highly recognizable companies. If you have a genuine reason to be concerned about a transaction you made always go directly to the merchant’s site to submit your inquiries. If you receive this email flag it as spam and delete it right away.

 Sample:

Your order has been successfully canceled.
For your reference, here’s a summary of your order:

You just canceled order 120-637764-588298 (link removed) placed on December 7, 2012.

Status: CANCELED

_____________________________________________________________________

1 of The Contains / 2nd Edition
By: Peter Wilson

Sold by: Amazon LLC

_____________________________________________________________________

Thank you for visiting Amazon!

———————————————————————
Amazon LLC
Earth’s Biggest Selection


06
Dec 12

Your Paypal.com transaction confirmation

It looks like i’m going to be doing a lot of cooking this holiday season with my brand new “CooksEssentials 12-piece Cookware Set w/ Color Smart Nonstick“.  ….NOT!

This scam uses a common scare tactic in an attempt to get you to panic and click on links in the email. A Virus total scan of the link revealed a “Malicious” content warning. See also Paypal’s warning about suspicious looking emails.

Sample:

Your Paypal.com transaction confirmation

 


05
Dec 12

Your Amazon.com Kindle e-book order confirmation.

Apparently I’ve been doing a lot of reading lately, so much so that I now have a bill for $50.99 from “Amazon”. :)

Always keep in mind that scammers use popular brand names in an attempt to trick you into thinking that the email is legitimate. In the example below the aim is to get you to click a link in the email that will ultimately take you to a “Malicious”/”Suspicious” site as indicated by a Virus total scan.

If you get an email like the one below do not click links associated with the message or download any attachments. You should instead flag the email as spam and delete it right away!

Sample:

 


09
Apr 12

Bank of America: Online Banking Alert

Be on the lookout for this fake Bank of America email. A common scare tactic is used to try to get you to click on a link in the email to “confirm” your data. If  this email manages to slip through your spam filter, report it to abuse[@]bankofamerica.com. More information on how to detect phishing scams like these can be found on Bank of America‘s official website here.

Malicious link included with message: http:// 211. 21.123. 175 /css / (disabled)

A VirusTotal analysis of the above link revealed the following:

  • Malicious site
  • Phishing site 
Sample: