Category: email fraud

Scam to Avoid

I received this scam message – ostensibly from a PBS reporter who I think I had some contact with years ago.  In any event, my name must have been in his email contacts.  I haven’t seen this particular fraud around for awhile.  But ignore any such messages you receive from an email account of someone you know.  It only means that the account has been stolen. 

I’m writing this with tears in my eyes, I came down to London, United Kingdom for a short vacation. Unfortunately,I was mugged at the park of the hotel where i stayed,all cash and credit card were stolen off me but luckily for me i still have my passport with me.

I’ve been to the the Police here but they’re not helping issues at all and my return flight leaves in few hours from now but I’m having problems settling the hotel bills and the hotel manager won’t let me leave until I settle the bills. Well I really need your financial assistance..

Please let me know if you can help me out?   I’m freaked out at the moment

If you have some way of contacting the person whose account was stolen other than simply responding to the compromised email account, you can tell him/her to try and change the account’s password or cancel the account.

Reminder of What Not to Do

When you get emails with messages such as this one:

Your mailbox has exceeded the limit of 20 GB, which is set by your manager You are currently 20.9GB, you will not be able to create new e-mail to send or receive again until you re-validate your mailbox.To validate your mailbox, you can click University of California, Los Angeles/update Thank you, University of California, Los Angeles system administrator 

Don’t click.  Note the odd grammar and sentences that don’t end in periods.  And, if you look closely, the message often does not come from a UCLA email address.  The one above purports to come from:
University of California, Los Angeles system administrator via mx.aol.com 

As for the poster above, I can’t tell you more about it since the movie is in Korean.  But really bad things seem to happen to folks who click on the wrong thing!
[youtube http://www.youtube.com/watch?v=fsXTaBBEZsI?feature=player_detailpage]  

Our Advice: Delete

You may have gotten the email above which suggests the website is somehow linked to UCLA or the UCLA medical enterprise.  It actually comes from a Brazilian who probably wants to sell you something or worse.  See below:

I suggest you leave Luis to his own devices.  And if you need more from Brazil:
[youtube http://www.youtube.com/watch?v=hf94Tt2cO0A?feature=player_detailpage]

More Dangerous Bad Grammar Spam: Don’t Click; Just Delete

Your email account has been reported for numerous spams Activities from a foreign ip recently. As a result of this the University Of California ITS has received advice to suspend your account.

However, you might not be the one promoting this Spam, as your email account might have been compromised.
To protect your account from sending spam mails, You are to confirm your true ownership of this account by Clicking on this link below to Login and confirm in one simple step.On receipt of the requested information,the ucla Web-Mail email support shall block your account from Spam.

[click here]

Failure to do this will violate the University of California Web-Mail terms & conditions.
This will render your account inactive.

NOTE!!: You will be sent a password reset message In next seven (7) working days


===
Apart from the inept phrasing, if you poke around the email (but don’t click!), you will find it does not come from a UCLA account.

More Spam – Supposedly from UCLA – to Which You Don’t Want to Respond

Here is a new wrinkle in the ongoing attempts to get you to click on messages about your UCLA email account from spammers.

In the past, they have sent warnings (sometimes with bad spelling and grammar) that your account would be closed if you didn’t respond. But now they offer you good news, if only you will click. See below but don’t click if you got the email!  Just delete it.  Look closely and you will see that the message comes from Italy (maybe) but not UCLA.  The return address is given as ucla4554 (at) libero.it.
===
In case you have not noticed, the mail storage quota for your UCLA Bruin OnLine Email Account has been doubled to 150 Megabytes. This is the first of many planned service improvements. Kindly log on (phony linkto look for additional increases and other announcements in the near future.

Even the Email Identity Thieves Targeting UCLA Can Improve

The identity thieves that have been sending UCLA email users phishing messages designed to steal your passwords, etc., turn out to be followers of Émile Coué (shown at left). In past messages from them, there have been incorrect spellings and odd grammar, as we have noted in past blog posts.  But they are getting better, day by day. Still, you should not reward their efforts at self improvement by clicking on their messagessuch as today’s edition:

Dear Bruin OnLine E-mail user,

This is to inform all users that our server upgrade/maintenance is scheduled for August 30 2012. You may experience login problems during this period. We are having congestion due to various anonymous account registrations and on this note, we are deactivating some accounts that are no longer active and your account may be deactivated if no action is taken.

To confirm and keep your E-mail account active during and after the upgrade and maintenance, you are advised to login immediately using the account login: [gives you a link which looks like UCLA but actually goes elsewhere]

Your E-mail account will remain active after we have successfully upgraded our server. This is to help us serve you better. We apologize for any inconvenience. Thank you for your swift response to this notification.

Bruin OnLine Technical Support Team


You don’t know who Émile Coué  was?  He came up with the phrase, “Day by day in every way, I am getting better and better.”  See
http://en.wikipedia.org/wiki/%C3%89mile_Cou%C3%A9
So sing it out!
[youtube http://www.youtube.com/watch?v=UfqAM_a2Md0?feature=player_detailpage]

Click me not!

At least their grammar is better than on Wednesday, although not perfect.  Their spelling still needs work.  See our Wednesday post on what not to click on.  Anyway, the spam artists are still targeting UCLA. Don’t respond!
=========

Dear Bruin OnLine (UCLA) Member
Our Client Service System has detected an unusual malware activities on your email account causing poor services.
Rencently your email was confirmed accessible from other ISP as a result of our remote host failure in recongnising valid and invalid accounts.
Please click on the following link [phony link shown] to reconfirm the validity of your email account still in use for us to return all client services back to normacy, hence, we will assume your account no longer function and will be closed down totally for strict security reasons.
Thanks for your anticipated understanding.
Sincerely,
Bruin OnLine Security Team.

It ain’t the King’s English and since it ain’t, don’t respond.

The latest UCLA spam artists may use British spelling but their grammar and punctuation ain’t so good:

This Email is from Ucla.edu admin We are under going maintenance by our engineers we will be shutting down account that is not verified to enable us create more space for our new account users you are to verify your account by filling the outlined Information below or your account will be terminated within 24 hours.
….Username:
….Password:
….City/State:
….Date Of Birth:
We value your business and thank you for using Ucla.edu Service and we hope to serve you more better.
Ucla.edu Admin Centre.

More Email Fraud: Don’t Answer

More email fraud/spam you should not answer that may have appeared in your e-mailbox.  If you did reply, you might have noticed that the reply address is not at UCLA.  Change your password immediately if you did reply:
This Email is from UCLA Communications. We have been monitoring this account through our server’s log file and have noticed that this account is been accessed from different distinct location simultaneously as against webmail policy, for security purpose we will be shutting down this Account unless you verify this account by filling out the outlined Information below or your account will be suspended within 48 hours.
UCLA Logon ID:……….
Password:……….
City/State:………
Date Of Birth…….
Failure to update this account after three days of receiving this warning will be tantamount to losing this account permanently.
We apologize sincerely,
UCLA Communications Technology Services
I wonder why they forgot to ask for your credit card number.  Anyway, no matter how much they plead, don’t answer:
[youtube http://www.youtube.com/watch?v=l2C4p2gk5BA?feature=player_detailpage]

Don’t Click

You may receive an email which starts with:


Dear Bruin OnLine E-mail user,

This is to inform all users that our server upgrade/maintenance is scheduled for August 30 2012. You may experience login problems during this period. We are having congestion due to various anonymous account registrations and on this note, we are deactivating some accounts that are no longer active and your account may be deactivated if no action is taken…


It gives you a link to click.  Don’t do it.  It is spam and may be malicious.
[youtube http://www.youtube.com/watch?v=gLRPJEoQBQQ?feature=player_detailpage]