Something Smells Phishy To Me…

.

Dear Valued Network Solutions(R) Customer:

We’ve recently become aware of a phishing scam targeting domain name customers of a small number of registrars including Network Solutions(R). We wanted to alert you of this situation. Phishing is the practice of luring unsuspecting Internet users to a fake Web site by using an authentic-looking e-mail in an attempt to steal passwords, account information or other sensitive data.

At this time, we know that fraudulent e-mails are being sent to some domain name customers, regardless who the registrar of record is, which include links to sites that look like networksolutions.com or other domain provider sites; however they are fake Web sites. These e-mails are attempting to capture login information. For more information and tips on identifying phishing scams, please continue to read this blog.

From: garanga1@gmail.com
Reply-to: abrahamgarang1980@gmail.com
Sent: 9/2/2008 11:56:34 A.M. Central Daylight Time
Subj: FROM ABRAHAM GARANG

FROM ABRAHAM GARANG
KUALA LUMPUR
MALAYSIA.
EMAIL: abrahamgarang1980@gmail.com
Tel: +60149218162

Good Day.

I am Abraham Garang the second son of late Mr. John Garang who was until his death the vice president of Sudan in Africa. In brief, my late father was a strong opposition for over 20years until he was appointed the vice president on the 9th July 2005 by the United Nations Peace Team as an avenue to quench 20years civil war in Sudan. He died on the 31st of July 2005 following a helicopter crash along side with 12 others just 22 days after appointment as the vice president. What led to the crash is still unclear but i know my father was the target.

I am Currently residing in Kuala Lumpur, Malaysia as a student. Before the death of my father, he had taken me to Johannesburg to deposit the sum of US$20M (Twenty Million United States Dollars) in a security company undisclosed under my name , as if he foresaw the looming danger in Sudan,I contacted The security company  few days ago and i was told that the box is due for collection ,And they also told me that if i cannot come down to South Africa to collect the box, that they can send down the box to Malaysia through a diplomatic immunity, My father did not disclose the real contents of the box to the company, he only told them that it is family valuables, and the box is locked with Pin numbers which i alone Know.

Reason why i have contacted you is for you to come down to Malaysia meet me and we make arrangment on receiving the box from the diplomatic, My problem is that due to my status here as a student and only 24 years old ,I cannot open an account that can run the volume of this amount or even have any financial obligation talk less of investment here. Therefore, I prefer to have a business partner from overseas who has an idea of lucrative investment to come down here(Malaysia ) and take care of this arrangement with me and have the funds transferred to his account or company’s account for investment purpose .

For your efforts, i am prepared to offer you 30% of the total fund US$20M and 5% will be set aside for local and international expenses that may be incurred in the course of this transaction while 65% will be for me and my Sister for investment package in your country upon our arrival.Because at the end of this transaction i and my sister  will love to move down to your country.

Things you need to do

1 come down here ( MALAYSIA ) meet me in person and assist me to receive the box from the diplomatic agent that will be bringing it down here.
2 Open an account here in Malaysia under your name for onward transfer to your account in your copuntry
3 At the end of this transaction you will get me and my sister a Visa to come and study in your country while you help us invest our 65% in a lucrative business until we finish our studies.

Please, Do not entertain any fear as all documents to back you up will be provided,If we must do this transaction successfully, we must keep it away from ears of the public.Call me for confirmation upon receipt of this mail or better still email me a confirmation. And i must assure you that this transaction is 100% risk free and will be done legally to avoid any breach of law.

Please reply only to my private email which is abrahamgarang1980@gmail.com  and also it is important you call me on my number +60149218162 as soon as you get this mail

Best regards,

Abraham Garang

On a very serious note:  NEVER <EVER> travel to a foreign country to meet someone in a deal like this.  NEVER-EVER.  There are only 3 possible outcomes:  1.  You will be scammed.  2.  You will be robbed.  3.  You will be kidnapped and held for ransom.

Of course, you might also be murdered.

Something Smells Fishy to Me is my personal collection of phishing emails and attempts to scam me via email.  I mean what better way to autogenerate content for a blog than to have dubious scammers, fraudsters and criminals do it for me?

In my work as a private investigator, I work closely with clients who are being assaulted by frauds and scams everyday; there is probably not a variation of a scam or scheme that I haven’t seen at least once.  Maybe I’ll teach someone a thing or two about Phishing and they won’t get fleeced.  If I can prevent just one person from being victimized by a phishing attempt then my work here is important.

What exactly is Phishing?

Phishing is the attempt to acquire sensitive personal information, such as confidential identity information, usernames, passwords and credit card details -usually via email- by pretending to be a trustworthy company with which the intended victim may have a business relationship; PayPal, eBay and large online banks are most commonly used. 

Phishing is typically carried out by e-mail and usually tries to get users to enter their sensitive information into a fake website created to closely mimic the company being imitated. This scam usually begins by warning the intended victim that they need to update an account for security purposes.  The link in the e-mail takes you to what looks like the targeted company’s real Web site, but is actually a counterfeit site designed to steal your login information. Once the scammer obtain this information, they will log into the victim’s account and begin diverting money, taking information and even try to use the same username and password for other accounts, since most people use the same login information to access several sites.

These emails are typically spoofed so that they too appear to have been sent from the company being used in the scam too. 

Spear Phishing is attempting to phish very specific targets; rather than sending out hundreds of thousands or millions of phishing emails, the fraud is directed towards one specific person or company.  Phishing attacks on high profile targets is called whaling.

Vishing (voice phishing) sometimes uses fake caller-ID data, through Caller ID Spoofing, to give the appearance that calls come from a trusted organization.

Remember, you are in control of your own personal information and identity data. Do not give it to anyone unless you are sure that the email is legitimate.  Never follow links provided in a suspect email; instead, go to the company’s website by typing the address directly into your browser.  

We can all work together to fight phishing scams.  If you receive a suspicious email, report it.  You can forward it to the US Federal Trade Commission at spam@uce.gov and you can also report the email as spam or junk if your email service or software provides the option.