Something Smells Phishy To Me…

Too bad, by the time I received this scam email the IRS had already shut it down.

From: Department of the Treasury [mailto:service@irs-usa.com]
Sent: Monday, January 05, 2009 5:25 AM
Subject: Notice from Department of the Treasury

After the last annual calculations of your fiscal activity
we have determined that you are eligible to receive
a tax refund under section 501(c) (3) of the
Internal Revenue Code. Tax refund value is $189.60.
Please submit the tax refund request and allow us 6-9 days
in order to IWP the data received.
If u don’t receive your refund within 9 business
days from the original IRS mailing date shown,
you can start a refund trace online.

If you distribute funds to other organization, your records must show wether
they are exempt under section 497 (c) (15). In cases where the recipient org.
is not exempt under section 497 (c) (15), you must have evidence the funds will
be used for section 497 (c) (15) purposes.

If you distribute fund to individuals, you should keep case histories showing
the recipient’s name and address; the purpose of the award; the maner of
section; and the realtionship of the recipient to any of your officers, directors,
trustees, members, or major contributors.

To access the form for your tax refund, please click here

This notification has been sent by the Internal Revenue Service,
a bureau of the Department of the Treasury.

Sincerely Yours,

John Stewart
Director, Exempt. Organization
Rulings and Agreements Letter
Internal Revenue ServiceNo

I received the following vishing attempt today.  The scam email asks its intended victims to call a number, (800) 927-1839 and tries to fool them into believing that they are calling their bank, U.S. Bank.  It then asks for secret US Bank account information, which of course will be used by the thieves to steal the victim’s identity and money.

Do not fall for these fake phone numbers.  If you have a question about a bank account or your credit card account always call the number printed on the card or call your local bank branch directly.

From: U.S. Bank Alerts [mailto:alerts@cs.usbank-email.com]
Sent: Saturday, December 06, 2008 2:15 PM
To: [redacted]
Subject: U.S. Bank (Message from Customer Service)

.

My wife received today this fake email in a attempt to scam Capital One credit card information.  Since the email tried to get her to call a fake phone number for Capital One, (800) 523-8103, this is technically a vishing attempt.  If you call the provided number you will hear that it is a poor quality recording trying to elicit account information.  Remember, ALWAYS call the number on the back of your credit card and NEVER the number provided in the email.

From: “Capital One” [service@capitaone.com> <216.57.96.8 (HELO mailout04.westnotificationsgroup.com)]
Sent: 11/27/2008 11:50 PM MST
Subject: Capital One Alert: Irregular Credit Card Activity

A pathetic attempt at fraud really…

From: Chase [mailto:survey@chase.net]
Sent: Sunday, November 23, 2008 2:43 PM
Subject: Customer Center: Claim Your $50 Reward

CONGRATULATIONS !

You’ve been chosen by Chase Customer Center to take part in our quick and easy 5 question survey. In return we will credit $50 to your account within the next three business days.

Helping us better understand how our customers feel benefits everyone. With the information collected we can decide to direct a number of changes to improve and expand our online service.
The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party groups.
It will be stored in our secure database for three days while we process the results of this nationwide survey.

We kindly ask you to spare two minutes of your time and take part to this unique offer!

To take the survey now, please visit our affiliate website:
http:/static-71-119-20-180.lsanca.dsl-w.verizon.net/ssl/CustomerCenter/onlinesurvey.chase.net/

Best regards,
Chase Customer Center

My Favorite part of this email:  “Deliberate wrong imputs are criminally pursued and indicted” [sic]  I did it anyway; I’m crazy like that.

From: Internal Revenue Service [mailto:online.survey@IRS.gov]

Sent: Wednesday, October 22, 2008 1:21 PM
Subject: IRS Survey: $90.00 to your account - Just for your time
Importance: High

Congratulations!

You’ve been selected to take part in our quick and easy 9 questions survey In return we will credit $90.00 to your account - Just for your time!

Please spare two minutes of your time and take part in our online survey so we can improve our services.
Don’t miss this chance to change something.

To participate in this survey Click Here

This notification has been sent by the Internal Revenue Service,a bureau of the Department of the Treasury.

© Copyright 2008, Internal Revenue Service U.S.A.
________________________________________

Note:
▪ If you received this message in your SPAM/BULK folder, that is because of the restrictions implemented by your ISP
▪ For security reasons, we will record your ip address, the date and time.
▪ Deliberate wrong imputs are criminally pursued and indicted.

Survey ID :
JNEFJQCPNPQKBVIDFNRUQVZBZGTCLRCORQLORS

Investigator’s Notes

IRS Phishing Email.  It should be noted that the fraudulent IRS website looks pretty convincing except for the fact that it asks for complete debit card account information and none of the rest of the navigation links work.

The link directs the visitor to http://cyber.skuniv.ac.kr:8080/complete.IRS.online/survey.php?Where_is_my_survey&Get_Survey

From: customerservice@susquehanna.net [mailto:customerservice@susquehanna.netroot@root]
Sent: Friday, October 10, 2008 6:06 PM
To: [redacted]
Subject: Your Susquehanna Statement is ready

Your Susquehanna statement is now available at http://www.susquehanna.net www.susquehanna.net.  This notification is part of the All-Electronic Program you enrolled in to receive your statements online only instead of in the mail.

To ensure that you receive monthly statement notifications via e-mail, please keep your contact information current.  If you’re planning to change your e-mail address, sign-on to www.susquehanna.net, go to the Manage My Account menu, and choose Update Personal Profile to edit your Email Profile.  To change your postal address, just use the same menu and choose Address & Phone Change.

If you use your work e-mail address, keep in mind some employers may block receipt of employees’ personal e-mail. Please update your e-mail address at www.susquehanna.net -see instructions above.

We hope you continue to enjoy the many benefits of the All-Electronic Program.

Sincerely,
S. Larson
Customer Service

FEDERAL REGULATIONS REQUIRE THE STATEMENT PRINTED BELOW

Your account is issued by Susquehanna Bancshares, Inc.,
26 N. Cedar Street, Lititz, PA 17543.

NOTICE: The federal Equal Credit Opportunity Act prohibits creditors from discriminating against credit applicants on the basis of race, color, religion, national origin, sex, marital status, age (provided the applicant has the capacity to enter into a binding contract); because all or part of the applicant’s income derives from any public assistance program; or because the applicant has in good faith exercised any right under the Consumer Credit Protection Act.  The federal agency that administers
compliance with this law concerning Susquehanna, N.A. is the Office of the Comptroller of the Currency, Customer Assistance Group, 26 N. Cedar Street, Lititz, PA 17543.

0/L0/050004/001/ZZ/SY/ZP/8000/SYSTEMB /I2008082870169241/66604

Investigator Notes:

The spoofed email link led to http://mail.savantresources.com/images/clientsetup.gif

Dear Member, The primary email address you have registered for your Navy Federal Credit Union was changed on Sep/28/2008. This e-mail has been send to you based on the Member Notification preferences you previously established.If you would like to change you Member Notification preferences, please sign on to Navy Federal Online Account Access and click on the Other Services link, go to the Member Notifications by E-Mail option, and then click on the Manage My Notification tab. If you did not change you email address, please sign on and review your email addresses. Please Note: This Member Notification e-mail address is only used to generate Member Notifications.We will not read or respond to e-mail send to this e-mail address.If you would like to contact Navy Federal Online Account Access and click the Check Messages link send us and e-message.

Investigator Notes:

Links pointed to a fake website at http://www.cormupa.cl/cormupa/sistema/myaccounts.navyfcu.org/index.html?https://myaccounts.navyfcu.org/cgi-bin/ifsewwwc?Logon

Investigator’s Notes:

This another vishing attempt using a phony phone number to try and scam people- albeit not a very good one.  The first thing that caught my eye was that the phone number; the scammers are trying to get their intended victims to call a Utah number, when in fact, GTE Federal Credit Union is headquartered in Tampa, FL.  When I called the provided number, 801-807-0323, it forwarded to another phone number, 515-414-6098 (an Ogden, Iowa number), and I received a standard generic voicemail prompt to leave a message.

From: GTE Federal Credit Union, [mailto:notice@gtefcu.org]
Sent: Tuesday, September 23, 2008 11:36 AM
Subject: Security Notice!

Good Day,

My name is Dr (Mrs.) Faith Zenwakolo, a dying woman who has decided to donate what I have to charity through any thoughtful and selfless someone, I got your information while browsing through the internet, although I am not comfortable using this medium owing to the unsolicited emails everywhere but someone has to be used to save this transaction. So, I honestly crave your indulgence to digest and do what I have to say, please.

I am a 59 years old woman and was diagnosed for cancer about 2 years ago, after the death of my cheating spouse who had left me everything he worked for. I have decided to donate from what I have inherited from my late husband for charity through you since I cannot do it all by myself considering my circumstances.

I have WILLED/donated the sum of $3,500,000 (Three million five hundred thousand dollars) to you/Organization for the less privileged rather than allow my greedy relatives to use my husband’s hard earned funds inappropriately.

I will be going for an operation tomorrow morning and at the moment I cannot take any telephone calls, however, I have adjusted my WILL and my Executor is aware. Please, you and him should arrange the transfer of the funds from my Finance company to your humble self, wherever you are. Please contact my Executor with his private E-mail:

————————————————–
BARRISTER DAVID IMEGWU
barr_davidimegwu@post.ro
————————————————–

With your full names, phone/fax numbers and or your contact address and tell him you are the one that I have WILLED the sum of $3,500,000 to, for specific and good work.

I will appreciate your utmost confidentiality in this matter until the task is accomplished as I do not want anything that will jeopardize my last wish. I will try and be in contact with you at any given opportunity.

I wish you all the best and, please use the funds well and always extend the good work to others.

Regards,
Dr (Mrs.) Faith Zenwakolo

Note:
Dr Lang Spencer is my personal doctor and I am sending you this mail through his email.

She would have seen it coming if only she had read my Guide to Identifying Cheating Spouses