Notice to Appear – Court Order – malware

Malware detected

Dear NAMEUSER,

You have to appear in the Court on the April 14.  You are kindly asked to prepare and bring the documents relating to the case to Court on the specified date.  Note: The case will be heard by the judge in your absence if you do not come.

You can review complete details of the Court Notice in the attachment.

Regards,
Hugh Buckley,
Clerk of Court.

State Court <hugh.buckley@ns89.websitewelcome.com>

SHA256: 8889fcc7dca37f2cc23d7f664605578583f4fbfe102435c1cb58fbe9ce60e5fe
File name: Court_Notification_00000677743.zip
Detection ratio: 12 / 57
Analysis date: 2015-04-11 18:05:09 UTC ( 0 minutes ago )
Antivirus Result Update
Microsoft TrojanDownloader:JS/Nemucod.P 20150411
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150411
AVware Malware.JS.Generic (JS) 20150411
VIPRE Malware.JS.Generic (JS) 20150411
Avast JS:Decode-CAP [Trj] 20150411
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150411
Fortinet JS/Nemucod.AF!tr 20150411
Sophos JS/DwnLdr-MKJ 20150411
McAfee JS/Downloader.gen.d 20150411
McAfee-GW-Edition JS/Downloader.gen.d 20150411
Kaspersky HEUR:Trojan.Script.Generic 20150411
Comodo Heur.Dual.Extensions 20150411
ALYac 20150411
AVG 20150411
Ad-Aware 20150411
AegisLab 20150411
Agnitum 20150409
AhnLab-V3 20150411
Alibaba 20150411
Antiy-AVL 20150411

Good Day – email scam

YANG FENGYE IMPORT & EXPORT CO,LTD, China – Phishing SCAM

Ms.Titi Tian <tititian@une.net.co>

Our Company YANG FENGYE IMPORT & EXPORT CO,LTD, China is in search of a competent individual or firm that will be responsible in handling funds as our agent and sales representative in the United State/Canada region. If interested kindly indicate your interest by mailing back for further details.phishing-scam

Note: It is a part time offer that won’t interrupt your present work or business.

Provide your details

Full Names:
Address:
Country:
Phone No:
Occupation
Date of Birth

Looking forward to your response.

Sincerely Yours,

Ms.Titi Tian

YANG FENGYE IMPORT & EXPORT CO,LTD.
41 WANGJIANG SOUTH ROAD,BAIYUN STREET,
DONGYANG, ZHEJIANG, CHINA

National Crime Victims' Rights Week

National Crime Victims’ Rights Week

National Crimes Victims’ Rights Week is promoted by the Office of Victims of Crime (OVC) to engage communities and empower victims.  The idea is the stoke the flame within the victims to take back their lives and keep marching forward with courage and resilience.

Victims of crimes are not life long victims.

Recovery can be a long road so on April 19 – 25, 2015, communities get behind the victims of crime to show them they are not alone.

HELP FOR VICTIMS OF CRIME

We at the Postal Inspection Service are dedicated to treating every crime victim with compassion, fairness, and respect while protecting their dignity and privacy. Our Victim Witness Program was established to support crime victims as they begin to reclaim their lives. Our experienced staff can provide victims with services to help them endure the emotional, financial, and physical impact of crime, educate them about the criminal justice system, and provide them with notification about case events.

Our VW Program staff offers a wide array of services:

Contact the U.S. Postal Service for questions about mail service.

Get in touch with a victim-witness staff member:

877-876-2455 (press 2)

IRS

IRS Notification – Tax refund Malware

Every tax year there is a flood of “IRS TAX” Scams/phishing/malware attempts sent to Americans from all over the world.  First of all the IRS does not care enough to tell you anything except to give them money by Snail Mail.

If you receive any scams/phishing or malware report it: http://www.irs.gov/uac/Report-Phishing

From IRS.gov

The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

What is phishing?

Phishing is a scam typically carried out through unsolicited email and/or websites that pose as legitimate sites and lure unsuspecting victims to provide personal and financial information.

Report all unsolicited email claiming to be from the IRS or an IRS-related function tophishing@irs.gov. Recent scams have used the Electronic Federal Tax Payment System (EFTPS) to attract potential victims.  Also, if you’ve experienced any monetary losses due to an IRS-related incident, please report it to the Treasury Inspector General Administration (TIGTA) and file a complaint with the Federal Trade Commission (FTC) through their Complaint Assistant to make the information available to investigators.

NOTE: Please refer to Contact the IRS if you have a tax question not related to phishing or identity theft.

Example of IRS Tax Email Scam/Malware

SUBJECT: IRS Notification

Attachment:  IRS Tax Return (Registration Form).html – malware detected

The IRS is currently reviewing tax payers information in our database.
This review covers all those that have filed for their 2015 tax refunds
and those that are yet to file. Updating our systems becomes necessary
as an added protection against computing errors and misrepresentation.

A document is attached to this message containing the registration form with
all neccessary fields, (*) means field is required.

It is vital you carefully fill out all necessary  fields as it applies to you.
More importantly, it is mandatory to fill all required fields on this form.

You are not required to take any further action after filling and submitting this form via the link provided.

Thank you.

KINDLY OPEN THE ATTACHED FILE FOR MORE DETAILS – phishing

The attachment may hold malware or phishing.  You should NOT open the attachment.  With any luck this email and others like it are going straight to your SPAM/JUNK folder.

http://www.reserve-bk-india@mit.tc

KINDLY OPEN THE ATTACHED FILE FOR MORE DETAILS

Get your own FREE website, FREE domain & FREE mobile app with Company email.

Attachment:  RESERVE_BANK_OF_INDIA_OFFICIAL_PAYMENT.docx

VirusTotal Report

SHA256: b92fe8419718bf0f37f3f29af46aef1aabc61433a68f81f3fbb8482f3bd85460
File name: RESERVE_BANK_OF_INDIA_OFFICIAL_PAYMENT.docx
Detection ratio: 0 / 57
Analysis date: 2015-04-11 17:48:45 UTC ( 4 minutes ago )

E-ZPass Phishing Email

There is a new form of consumer fraud that involves scamming users of highway tolls. It works by telling drivers that they owe money on a toll service.

My question is how in the world do they know who uses the tolls?  More than likely they just blasted it out to everyone.   It looks like many people all over the US are getting these emails.  It comes with an attachment that might contain malware.

You can tell that it is a scam because of the origin:  <phillip.reeves@senseit.com.br>

Dear UserName,

You have a unpaid bill for using toll road.
Please, do not forget to service your debt.

You can find the invoice is in the attachment.

Yours faithfully,
Phillip Reeves,
E-ZPass Manager.

To report a phishing email, forward it to: phishing-report@us-cert.gov.

gagamatch and Interlingvo scam dating translations site

Many “girls” from gagamatch solicit users from other dating sites with elaborate fake profiles feature images of models and artist from all over the world.  You can confirm that the images are from models/actresses by doing a google search on the image.

They try to lure guys to gagamatch where they have a “private” email and profile that you can only access by joining GAGAMatch.  They claim that you must join because they don’t speak English well and Gagamatch has a great translator so you must join.

Most of girls on gaga try to cheat you extort your money..

Gagamatach used to be called Interlingvo.  The organization that runs this actually has many dating sites that do the same scam with a database of fake, pretty pictures and profiles to lure man. Here are more sites in their network:

amasingchina.info
asiancontact.info
asianfriends.info
asiansweetlove.com
BeUtrue.Com
connectasia.info
coolsladies.com
E2space.com
forhonest.com
freespokendating.com
friendmeeting.net
FriendsAllEarth.com
futurewithyou.com
girlsland.info
goldsmartpartners.com
inetcom.info
inetcontact.info
interchinese.info
interdatingzone.com
interlingvo.com
interlovemeeting.com
internationalcontact.info
international-dating.org
interprefectlove.com
langconnect.info
multilingualcupdis.com
multilingualdating.com
newmeetings.info
onestepconnect.info
personaluwant.com
romanticmeetings.com
searchoflove.com
seekingloveclub.com
thebestcontact.info
thebestfriend.info
truefate2u.com
truelove4u.info
u-lover.com
worldinternationaldating.com
worldwideconnect.info
YourFirstDating.com
yournewgirl.com
yournewlover.com
ZoneOfMen.Com

Russian sites
forjobladies.com
theworldofdialogue.com

— from romancescammer.com

The will try to get you to pay for membership and translations of messages for these profiles.. keep in mind some of these are probably NOT women and definitely NOT what you see on the pictures but men want to believe it is true.

 

 

Unable to deliver your item, #00000620676 online fraud

More online fraud.  Here is a fake fedex email that attempts to deliver you an attachment with malware.  If you get the email do NOT open the attachment and do NOT respond.

FedEx International Ground <clifford.barron@cio.posluh.hr>

Dear UserName,

Your parcel has arrived at March 14. Courier was unable to deliver the parcel to you.
You can review complete details of your order in the find attached.

Yours trully,
Clifford Barron,
FedEx Station Agent.

The attachment has the following malware:

Antivirus Result Update
Microsoft TrojanDownloader:JS/Nemucod.P 20150405
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150405
Kaspersky Trojan-Downloader.JS.Agent.hdu 20150405
Sophos Troj/Dloadr-DXL 20150405
AVware Malware.JS.Generic (JS) 20150405
VIPRE Malware.JS.Generic (JS) 20150405
Emsisoft JS:Trojan.Crypt.NI (B) 20150405
ALYac JS:Trojan.Crypt.NI 20150405
Ad-Aware JS:Trojan.Crypt.NI 20150405
BitDefender JS:Trojan.Crypt.NI 20150405
F-Secure JS:Trojan.Crypt.NI 20150405
GData JS:Trojan.Crypt.NI 20150405
MicroWorld-eScan JS:Trojan.Crypt.NI 20150405
nProtect JS:Trojan.Crypt.NI 20150404
Avast JS:Decode-CAC [Trj] 20150405
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150405
Fortinet JS/Nemucod.AF!tr 20150405
McAfee JS/Downloader.gen.d 20150405
McAfee-GW-Edition JS/Downloader.gen.d 20150405
CAT-QuickHeal JS.Downloader.B 20150404
Comodo Heur.Dual.Extensions 20150405
AVG FakeAlert 20150405

1360261088 Congratulations, smishing SCAM

I received a text 1360261088 Congratulations, smishing SCAM

“+1360261088 <Subject: NoSubject>  Congratulations, you are one lucky customer getting a credit applicable to your next month bill, for more details visit //tr.im /ncv2K”

If you receive this message, do NOT click the link.  If your are concerned then you should contact your cell phone provider.

How do I report text message spam?

If you receive spam, follow these steps:

Forward the message to 7726 (which spells “SPAM” on most phone keypads). Please don’t edit the message or add any comments.

  1. We’ll reply to your message with a text message confirming we’ve received it. We’ll also ask you to send us the number of the original sender.
  2. Send us the phone number of the sender.

We’ll use this information to help identify who is sending spam and take appropriate action. There’s no charge to report mobile spam. Messages forwarded to 7726 do not count toward your plan. You can also place your number on the Federal Trade Commission’s Do Not Call list at http://www.donotcall.gov. If you continue to receive spam messages or calls, you may file a complaint with the FTC at the same website.

 

 

smishing_1

bank fraud: BANK OF ENGLAND email scam

This is a common Nigerian 419 Email scam attempt at bank fraud:

Subject:BANK OF ENGLAND

Mrs.Anita More
Threadneedle St,
London EC2R 8AH, United Kingdom

Be inform that we have also received payment notification from the Federal Reserve Bank  of New York that you are the administrator of the FUND in our bank which has to be release via bank to bank processing. Immediately you meet all the payment procedure. Also bear in mind that the bank have no mandate to deduct any sum from the fund as instruction on the payment advised sent to us indicated that the adminisrator fund shall be transfer in full without any deduction.

However, you are advised to send us your information to enable us forward it to the verification department of the bank to carry out their verification process and submit recommendation for the release of your fund.

Awaiting your prompt compliance to enable us serve you better.

Yours Sincerely

Foreign Operations
Bank of England

1 2 3 4 5 65