Jim Plumb

This is fake and probably some kind of scam. I hope the FBI or Army gets ahold of this scammer.

Subject: Message from American Soldier

    –

     Greetings,

            I know you would be surprised to read from someone relatively unknown to you.My name is Captain Prieve Sullivan, I am an American soldier serving in the military with the U.S. ARMY USARPAC Medical Team,which was deployed to Iraq at the beginning of the war in Iraq.

            I would like to share some highly personal classified information about my personal experience and role which I played in the pursuit of my career serving under the U.S 1st Armored which was at the fore-front of the war in Iraq.

            Though, I would like to hold back certain information which i intend sharing with you for security reasons for now until i hear from you.I will be vivid and coherent in my next message in this regards,meanwhile, could you send me an email confirming that you have visited the site and that you have understood my intentions? I will like you to get back to me

            I will await your thoughts via my email.

           Thanks,

      Yours

    Capt. Prieve Sullivan USARPAC

This lovely fake email from “Microsoft Windows Computer Safety Division” wants to help me with my Conficker.B virus with a free virus scanner they’ve so thoughtfully attached to the email. Of course, what they’ve attached is a program to infect my computer with aforesaid Conficker.B or something worse like a rootkit. Unfortunately, some people will go, “Ooooh, something free from Microsoft!” and run the program and get infected.

==========================

Subject:  Conflicker.B Infection Alert

Dear Microsoft Customer,

Starting 12/11/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division

Attachments: open.zip

Have you received an email from the so-called Internet Service Provider Consorcium threatening to suspend you for illegal activities? Well, you can rest assured it’s a fake email. First of all, if they were who they said they were it would be Consortium not Consorcium. Any group that can’t spell its own name right has got to be bogus. This email has an attachment (report.zip/report.exe) that Malwarebytes says contains a Trojan. Here’s the text of the email:

===================

Subject: Your internet access is going to get suspended

Your internet access is going to get suspended

The Internet Service Provider Consorcium was made to protect the rights of software authors, artists.
We conduct regular wiretapping on our networks, to monitor criminal acts.

We are aware of your illegal activities on the internet wich were originating from

You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.

Sincerely
ICS Monitoring Team

Received this bogus email today from someone claiming to be from the Center for Disease Control.

===============

Subject: Instructions on creation of your personal Vaccination Profile

You have received this e-mail because of the launching of State Vaccination H1N1 Program.

You need to create your personal H1N1 (swine flu) Vaccination Profile on the cdc.gov website. The Vaccination is not obligatory, but every person that has reached the age of 18 has to have his personal Vaccination Profile on the cdc.gov site. This profile has to be created both for the vaccinated people and the not-vaccinated ones. This profile is used for the registering system of vaccinated and not-vaccinated people.
Create your Personal H1N1 Vaccination Profile using the link:

Create Personal Profile

This is a fake email from the Social Security administration. Don’t open this email, IT’S FAKE! They wouldn’t know your email address anyway.

——————

Subject: Watch for errors on Social Security statement

Due to possible calculation errors, your annual Social Security statement may contain errors.

Use the link below to review your annual Social Security statement:

Review your annual Social Security statement

————————————————-
This e-mail has been sent from an auto-notification system that cannot accept incoming e-mail.

When looking at your “View Available Wireless Networks” button in Windows, have you ever noticed listings for either of the above? I noticed these today and had no idea where they came from since I live in the boonies, I know what wireless networks I have in my house and I know I can pick up my neighbors unsecured linksys network as well.  I googled the Internet Oasis (FREE) term and found something puzzling: both of these are part of some kind of viral wireless network. I found an article that explains what’s going on: http://blogs.techrepublic.com.com/hiner/?p=602%3E.

It also shows in this article how to delete these wireless traps. One way is to right-click on My Network Places and select properties. You should see an entry for “Wireless Network Connection”. Right-click on that and click on the “Wireless Networks” tab. You’ll see in the middle of that window a list of “Preferred networks”. Find Internet Oasis and Free Public WiFi and remove them from the list. That will prevent you from automatically joining them if you’re in their area. I would also delete any others that you aren’t familiar with.

Never heard of these guys. Obviously a fake email. Also, it has one of those big hairy URLs that probably goes to a server run by the Russian mob. Please delete this email if you receive it.

Subject: Your ACH transaction was rejected by The Electronic Payments Association

Dear bank account holder,

The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:

Unauthorized ACH Transaction Report
——————————————————————

Copyright ©2009 by NACHA - The Electronic Payments Association

We’ve been receiving fake phishing emails with instructions on the “new” facebook login system. If you receive this email, don’t click on the links!

Here’s another variation I’ve been receiving:

Subject: Facebook Password Reset Confirmation

Hey jim ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team

Attached to this email is a zip file, which is bound to be carrying something pretty nasty. I scanned it with Microsoft Security Essentials and received this report:

Detected Items: TrojanDownloader:Win32/Bredolab.X

Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommendation: Remove this software immediately.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the ‘Allow’ action and click ‘Apply actions’. If this option is not available, log on as administrator or ask the local administrator for help.

Items:
containerfile:C:\tmp\Facebook_Password_c89a7.zip
file:C:\tmp\Facebook_Password_c89a7.zip->Facebook_Password_c89a7.exe->(UPX)
file:C:\tmp\Facebook_Password_c89a7.zip->Facebook_Password_c89a7.exe->[DynDrop]->(UPX)

Imagine opening up an encyclopedia and finding this in the first two paragraphs:

A cannon is any tubular piece of [a man’s shaft] that uses pineapple or other usually explosive-based sperm to launch projectiles. Cannon vary in length, range, mobility, rate of fire, angle of fire, and thrust power; different forms of cannon combine and balance these attributes in varying degrees, depending on their intended use on the “battlefield of love”. The word cannon is derived from sexual languages, in which the original definition can usually be translated as tube, cane, or reed. In modern times, cannon has fallen out of common usage, usually replaced by “cock” or “dick”, if not a more specific term, such as “Strife” or “baby maker”.

First used in China, cannon were among the earliest forms of love making, and over time replaced Monkey spanking engines—among other forms of aging “weaponry”—on the battlefield of love. The first hand cannon appeared during the 1260 Battle of Arm vs. Cannon between the MamluksMongols in the Middle East. The first cannon in Europe were probably used in Iberia, during the Reconquista, in the 13th century, and English cannon were first implied in the Hundred Years’ War, at the Battle of Crécy and John, in 1346. It was during this period, the Middle Ages, that cannon became standardized, and more effective in both the anti-women and siege roles. After the Middle Ages most large cannon were abandoned in favor of greater numbers of lighter, more maneuverable pieces. In addition, new technologies and tactics were developed, making most defenses obsolete; this led to the construction of condoms, specifically designed to withstand sperm bombardment and the associated siege tactics.

That’s what I just read when I went to look up “cannon” on Wikipedia. These are the first two paragraphs of the entry. The rest of the article seems to be fine. They’ll let anybody write an article and it just goes to show you that you must take these articles with a grain of salt.

If you receive an email similar to the one below, you aren’t alone. Not sure what the purpose is, if only to try can steal your domain name. If you notice, in her signature, she cannot even spell her own domain correctly. And to top it off, when deleting this email, she wanted a “receipt upon deletion”. What nerve! Good luck to “Keanu Reed” in trying to register my domain name.

Subject: Checking the [domain name] company’s domain name

Dear Manager,

We are a professional Internet consultant organization in Asia,which mainly deal with the global companies’domain name registration and internet intellectual property right protection.Currently,we have a pretty important issue needing to confirm with your company.On 2009-8-17,we received an application formally,one person named “Keanu Reed” wanted to applied for the Internet brand “[domain name]” and some domain names through our body.

During our preliminary investigation,we found that these domain names’ keyword and internet brand is related with your trademark.I wonder whether you consigned “Keanu Reed” to register these domain names through us or not?Or is “Keanu Reed” your business partner or distributor in Asia?Currently,we have postponed this application of this company temporarily already.In order to deal with this issue better,please let the principal make a confirmation with me by telephone or email ASAP.

In addition,I must state that we have time limited for one person or one company’s registration.It is just 15 days.If your company files doesn’t resent within the time limited.We will unconditionally authorized the application of ” Keanu Reed”.

Thank you for your cooperation.

Best Regards,

Linda Jan

Mail:linda@worldwidenic.org

Web:www.workdwidenic.org