[spam]FROM U.S. DEPARTMENT OF STATE BUREAU OF CONSULAR AFFAIRS US AMBASSADOR TO NIGERIA

This is not real!

U.S. DEPARTMENT OF STATE
BUREAU OF CONSULAR AFFAIRS
US AMBASSADOR TO NIGERIA
11 GARKI ROAD ABUJA
ABUJA-NIGERIA
TEL: (+ 234-8051952444)
E-mail: ssyton1@yandex.com

ATTENTION  BENEFICIARY

I AM  AMBASSADOR  W. STUART SYMINGTON THE NEW APPOINTED USA AMBASSADOR TO NIGERIA,I WANT TO INFORM YOU THAT YOUR UNSETTLE PAYMENT OF $6.4MILLION UNITED STATE DOLLAR HAS BROUGHT TO MY OFFICE TABLE AND WILL BE COMING TO USA FOR A MEETING BY NEXT  THREE DAYS,I WILL COME ALONG  WITH YOUR CONSIGNMENT PACKAGE, SO ALL YOU ARE ADVISE TO DO IS TO FURNISH ME WITH YOUR FULL INFORMATION SO THAT IMMEDIATELY I ARRIVE, I WILL CALL YOU TO COME AND MEET ME OR I WILL MAIL THE PACKAGE TO YOUR ADDRESS! SO FILL THIS INFORMATION BELOW,
YOUR FULL NAME………………
YOUR CITY/STATE……………….
COUNTRY………………….
YOUR SEX……………….
OCCUPACTION……………….
MOBILE………………………
A PASSPORT PHOTOGRAPH /ID
YOUR NEAREST AIRPORT WERE I WILL ARRIVED.

NOTE THAT AS SOON AS I CONFIRM THIS INFORMATION I WILL BOOK MY FLIGHT TICKET BECAUSE I HAVE FIND OUT THAT YOU HAVE PAID A LOT OF MONEY AND AFTER PAYING YOU RECEIVE NOTHING THAT IS WHY I AM USING MY POSITION TO MAKE SURE THAT ALL AMERICAN BENEFICIARY AND CANADA AND EUROPE BENEFICIARY INCLUDING ASIA RECOVER ALL THEIR LOST FUND WHICH NIGERIA AND UK OFFICIALS COLLECTED FROM YOU IN RESPECT OF YOUR CONTRACT AND YOU LOTTERY WINNING.

FINALLY NOTE THAT IT WILL ONLY COST YOU $150 (ONE HUNDRED AND FIFTY FIVE  DOLLAR ONLY) AS I WILL USED IT TO REGISTER YOUR CONSIGNMENT AS AMBASSADORIA PACKAGE SO THAT ON MY ARRIVAL TO YOUR AIRPORT, YOUR CONSIGNMENT WILL NOT BE  CONFISCATED REPLY TO THIS MAIL: ssyton1@yandex.com

THANKS
AMBASSADOR W. STUART SYMINGTON
USA AMBASSADOR  TO NIGERIA

SPAM? I WILL REPORT YOU. YOU PIECE OF SHIT…… Emma Johnson

Someone keeps sending me this. Did you get this?

From: Emma Johnson mails@dkuafnu.csu.qc.ca

SPAM? I WILL REPORT YOU. YOU PIECE OF SHIT……

Hey,

Stop stalking me and my friend or I will report you. You piece of shit, cock-sucker douche.
I do not know why you are doing this! We slept together once, only once.
It does not mean anything.

Have not you heard of hook up?So, f*** off and leave us alone

F*** You.

Blocking Facebook scammers and spammers

If you run a facebook group, you will notice that a lot of spammers and scammers start to infiltrate but posing as legit members.  How do you identify these people?

Here is an example.  This member “Joan Mayer” joins US Visa groups on facebook posing as a woman.  “She” this message in the most popular comments to get views:

Joan Mayer Employment opportunity 2015/2016 in hotels, FACtory , Oil company , and airport 

The management of Marriott hotels, currently need new workers which careers suite into this work categories, Stewards, nurses, Technicians, Fashion designers , comedians and Entertainers, models, actors, dancers, medical doctor, Artisans, Mechanics, engineer, cleaners, washers, security, Club Bouncers, Catering supervisor, Cooks, Receptionist, Food & Beverage Management, Store Keeper, Landscape & graphic designer, Computer Engineering, professional massage, Professional Chauffeurs, professional beauticians, professional Gardener and florist, Gym and exercise instructors, etc.
Our hotel will be responsible for the payment for his/her air ticket and accommodation, so if you are interested you can contact us direct at this below e-mail address link. With your C.V.
cynthiamenz007@gmail.com +237676981356

We look forward for your prompt reply via this email address for more information’s needed.

Good Luck.

A quick search on “her” number reveals that the number is associated with some sort of scam:

indian scammer number

indian scammer number

 

 

 

 

 

 

 

 

 

 

 

 

A search of “cynthiamenz007@gmail.com” reveals more about the source of this message:

cynthiamenz007 at gmail

 

It looks like some kind of agency.  Maybe not a scam but definitely spam.

Japan Earthquake Scams 8.9 – March 2011

11 Mar 2011, Japan just had a series of huge earthquakes (including one that was 8.9). The result was a huge tsunami and loss of life still being calculated. The tsunami of fraud and scams have already started on Facebook and have surely hit the shores of email spam inboxes everywhere.

Example:

Submission date: March 2011

To:

The quake triggers a tsunami that threatens much of the Pacific. Up to 300 bodies are found in the city of Sendai in northeastern Japan, an area believed to have been hit hardest by the massive waves.

Hundreds are dead after the worst earthquake in generations struck off the northeast coast of Japan on Friday, setting off a devastating tsunami that swallowed swaths of coastal territory and fanned out across the Pacific Ocean, threatening everything in its path.

block text messages

block-text-spam-1
Its called SMS spam, SpaSMS, mobile spamming, and m-spamming.

I was in Amsterdam in Sept. 2010 and I kept getting spam texts:
Leonewd (AIM):-1/2-
Investor Stock Alert! Our pick is up 60% so far today, DO NOT MISS OUT! Get in Fast and Early. For

maryleedwxq (AIM):-1/2-
Hot Penny Stock Alert! AHuge PR Campaign has begun for Fleet Managment, starting

I don’t normally get these messages in the US. I am not sure if this has to do with the carrier I have here or what.

256-019
AIM: You have received a txt from an AIM user. To stop AIM TXTs, reply ‘out’ to this msg.

What really sucks about this sort of spam is that you have to open the text message up to stop it. Once you open up the message, you will see something like this at the bottom of the text (Reply 'block' to stop this user). But the way the spam “user” gets around this is to send the same text message from multiple fake user names. The other thing that really sucks is that, depending on your text message service plan, you maybe charged for each message you receive! OUCH!

How do you block spam text messages?
The way the sms text spammers are finding your phones text address is by guessing. They know that the typical address follows this format:
AT&T
[10-digit wireless number]@txt.att.net

Verizon
[10-digit wireless number]@vtext.com

T-mobile
[10-digit wireless number]@tmomail.net
(comprehensive list 1,2)

So they just put all the numbers possible for a given area. This is easy with good software. Its abuse of the text message marketing using bulk text messaging software and/or services. They will typically forward from multiple fake usernames to the same text address. Its like war-texting or brute force marketing.

The good news is that your cell phone service should offer some sort of text-blocking services.

(from pogue nytimes blog)
* AT&T: Log in at mymessages.wireless.att.com. Under Preferences, you’ll see the text-blocking and alias options. Here’s also where you can block messages from specific e-mail addresses or Web sites.

* Verizon Wireless: Log in at vtext.com. Under Text Messaging, click Preferences. Click Text Blocking. You’re offered choices to block text messages from e-mail or from the Web. Here again, you can block specific addresses or Web sites. (Here’s where you set up your aliases, too.)

* Sprint: No auto-blocking is available at all, but you can block specific phone numbers and addresses. To get started, log in at http://www.sprint.com. On the top navigation bar, click My Online Tools. Under Communication Tools, click Text Messaging. On the Compose a Text Message page, under Text Messaging Options, click Settings & Preferences. In the text box, you can enter a phone number, email address or domain (such as Comcast.net) that you want to block.

* T-Mobile: T-Mobile doesn’t yet offer a “block text messages from the Internet” option. You can block all messages sent by e-mail, though, or permit only messages sent to your phone’s e-mail address or alias, or create filters that block text messages containing certain phrases. It’s all waiting when you log into http://www.t-mobile.com and click Communication Tools.

SPAM & SCAM Display

Fri 05/30 10:45 Take the Chitika|Premium Challenge – We 4.74
adameeze36@biz.by Sat 05/31 18:48 THANKS FOR YOUR PAST EFFORT. 5.022
devyn-kitayosh@OZLUER.COM Sat 06/07 13:57 Be the longest, be admired 5.504
dom_john016@ig.com.br Thu 05/29 19:15 CONTACT MY SECRETARY FOR YOUR COMPENSAT 5.552
ventoler1965@ETCNY.COM Sun 06/08 5:15 Receipt number for your purchase with u 5.584
tennisqueen5@oxford-analytica.com Thu 06/05 21:30 Luxury 6.969
Don-nocotavo@CENTERDATA.DK Sun 06/08 20:12 Enlarge your organ easily with us today 7.28
RichcellarOsborn@lifefone.com Sun 06/08 4:42 Timepieces Online. Shop us 7.319
wwwrun@servidorweb.gobernaciondecaldas.gov.co Tue 05/27 20:09 CONTANT EFEX EXPRESS COMPANY WORLD 7.459
orouksal1953@HUNTINVESTMENT.COM Thu 06/05 16:42 Super savings off all herba1 products 7.738
nobody@host.vs1host.com Sat 05/31 0:54 CONTACT UNITED STATE PARCEL SERVICE FOR 8.042
MaeepitaxialPiper@merriam-webster.com Tue 06/10 10:21 Penis Enlargment Reviews 8.086
hffverthnad@bordertown.com Wed 06/04 16:36 Update your Penis 8.477
me@localhost.com Tue 06/03 5:45 Congratulation!Congratulation!!Congratu 8.504
me@localhost.com Tue 06/03 5:42 Congratulation!Congratulation!!Congratu 8.504
mary_tuttle_lg@elambers.demon.nl Mon 06/09 22:30 RE: SALE 80% OFF 9.188
password7@elambers.demon.nl Fri 05/30 2:21 RE: SALE 86% OFF 9.188
rob@elcmechanical.com Wed 05/28 10:06 RE: SALE 89% OFF 9.188
rob@eklhq.com Sat 05/31 12:15 RE: SALE 84% OFF 9.188
mrslarisa2002@yahoo.com.hk Sun 06/01 7:06 FOU YOUR KIND ATTENTION 9.308
database0014@switched.com Fri 05/30 3:30 Congratulation!Congratulation!!Congratu 9.625
fsdxtxi@bos.mcd.mot.com Mon 06/09 12:15 Luxury 10.249
PATRICKCHAN@CHAN.NET Fri 05/30 16:54 BUSINESS PROPOSAL!!! 10.46
youngben222@voila.fr Tue 06/03 19:45 PAYMENT NOTIFICATION 10.68
info@oceanicbank.org Fri 05/30 19:30 YOUR PAYMENT NOTIFICATION 12.685
justinkokuvi@gazeta.pl Thu 06/05 2:48 MR JUSTIN KOKUVI 13.444
apache@ftp.trakt.ru Wed 06/04 2:48 Please Respond. 14.125
apache@ftp.trakt.ru Wed 06/04 2:42 Please Respond. 14.125
williams_don01@gazeta.pl Tue 06/03 4:54 FINAL DELIVERY NOTICE 14.939
croupyco08@mobile.mycingular.net Fri 06/06 12:18 Re:to rob! 15.345
swiftpromotions2@silverstarnetworking.co.za Mon 06/02 11:33 ONLINE SWIFT HUMANITARIAN WINNING NOTIF 18.788
watsllp@gmail.com Wed 05/28 12:33 Compliment 19.183
sa_thabo_za39@hotmail.com Fri 05/30 4:57 SEEKING FOR YOUR HELP 19.321
john.j@switched.com Tue 06/03 2:15 CONFIDENTIAL BUSINESS PROPOSAL 19.565
ahmedasiyah@yahoo.com Sat 06/07 16:57 Please read very carefully 19.997
peteraronu03@ig.com.br Wed 06/04 8:09 YOUR UGRENT REPLY NEEDED 20.289
edsolicitors@gmail.com Tue 06/03 2:54 Regarding Your Inheritance 21.064
monica_shadinovo01@yahoo.com Tue 06/03 1:27 FROM:MRS.MONICA SHADINOVO. 21.901
raymond_briggs5@mailbox.hu Tue 06/03 16:00 From Senior Account Officer, Barclays B 22.573
admin@national-onlinelottery.co.uk Sat 05/31 22:00 FINAL WINNING NOTIFICATION! 24.42
lawson@yahoo.com Thu 06/05 11:57 BUSINESS AND INVESTMENT PROPOSAL. 36.008

remove a name from mailing lists

Remove from Credit Card and Insurance Mailing Lists

The Fair Credit Reporting act of 1997 allows for consumers to stop unsolicted credit card & insurance offers. It puts more responsibility of customer privacy on the business that collected the sensitive data in the first place.

In order to use the strength of the law you must take action. Write or call the credit bureaus and request removal of your name and address from those lists. Here are the credit bureaus’ contact information:

Trans Union
P.O. Box 736
Springfield, PA 19064-0736
Telephone: (800) 680-7293

Experian (used to be TRW)
P.O. Box 949
Allen, TX 75013
Telephone: (800) 353-0809

Equifax
P.O. Box 105139
Atlanta, GA 30374-5139
Telephone: (800) 556-4711

Once you make the request they have 5 days to notify all national credit agencies. Your name will then be dropped from their mailing list for two years.

Remove your name from mailing lists permanently

To remove your name from mailing lists permanently ask the credit bureau to send you an “election form.”

To receive a credit report contact the following:

Experian (formerly TRW)
(800) 682-7654

Equifax
(800) 685-1111

Trans Union
(800) 916-8800

To Stop “Junk Mail”

Contact the Direct Marketing Association (DMA).

Mail Preference Service
PO Box 9008
Farmingdale NY 11735-9008

Telephone Preference Service (telemarketing)
PO Box 9014
Farmingdale NY 11735-9014

With a request (written) your name will by removed from their mailing lists.

I’m not sure there is a way to remove your name from all email mailing lists at once. But one thing you want to NOT do is put your email address on a website. If you want customers to get to your via email but don’t want the spam and scams that come with, use a contact form or something like this elamb.security(at)gmail(dot)com – this makes it so spam emails can’t automatically grab your email from the Internet, a common spammer tactic.

BRITISH INTERNATIONAL LOTTERY INC

******************SCAM ALERT*********************************
************************************************************
***********************************************************

I just want to make this perfectly clear. This is a SCAM! I get these emails about British International Lottery, British National Lottery about every three weeks or so. DO NOT.. I repeat DO NOT send these people money or your personal information. If you are new to the Internet, this kind of thing is rampant.

THIS JUST IN.. I Just won the British International Lottery… AGAIN! How about you?!

BRITISH INTERNATIONAL LOTTERY INC. <sondrag@peoplepc.com>
reply-to “BRITISH INTERNATIONAL LOTTERY INC.” <dr.garrylee3_clearinghouse2008@yahoo.co.uk>,
to
date Jan 22, 2008 5:30 AM
subject ATTN: WINNER! YOUR EMAIL ID JUST WON YOU £1,000,000.00

hide details 5:30 am (1 day ago)

Reply

BRITISH INTERNATIONAL LOTTERY INC.
5th Floor East
Commonwealth Centre
55 Currie Street London
United Kingdom.
DATE: January 22th 2008.
CONGRATULATION! NEW YEAR BONUS WINNING NOTIFICATION

ATTENTION:

We happily announce to you the draw (#1068) of the BRITISH
INTERNATIONAL LOTTERY, online Sweepstakes International program held on, January
21th 2008. Your e-mail address attached to ticket number: 56475600545188
with Serial number 5368/02 drew the lucky numbers:
02-06-10-17-29-30(Bonus no,30), which subsequently won you 1st category in the match 5 plus
bonus category.

You have therefore been approved to claim a total sum of £1,000,000.00
(One Million Pound Sterling Only) in cash credited to file
KTU/9023118308/03. This is from a total cash prize of £51,002,068 shared amongst
the (6) lucky winners in the match 6 category.

All participants for the online version were selected randomly from
World Wide Web sites through computer draw system and extracted from over
100,000 unions,associations and corporate bodies that are listed
online.

This promotion takes place weekly. Please note that your lucky winning
number falls within our European booklet representative office in
Europe as indicated in your play coupon.

In view of this, you have therefore been approved to claim a total sum
of £1,000,000.00 (One Million Pound Sterling Only). This sum will be
released to you by any of our payment offices in Europe. Our European
agents will immediately commence the process to facilitate the release of
your funds as soon as you contact them.

As part of our precautionary measure to avoid double claiming and
eradicate the unwarranted abuse of this program, you are advised to keep
your winning information confidential until your claims is remmited to you.

PLEASE MAKE SURE THAT YOU QUOTE YOUR BELOW WINNING PARTICULARS WHEN
CONTACTING YOUR CLAIMS AGENT:

Ref No:4758961725
Batch No: 70564943902/188
Winning No: FGNGB2701/LPRC
****************************************
Claims Processing Agent
Dr.Garry Lee
Email: dr.garrylee3_clearinghouse2008@yahoo.co.uk
+447024091279
+447024091403
( Mon – Fri 8:00am – 6:00pm London Time )
Verifications/Logistic Department.
**************************************
For further clarification/verification of your claims, Please call on
any of our official numbers as stated in notification email:
dr.garrylee3_clearinghouse2008@yahoo.co.uk
Congratulations from me and the entire members of THE BRITISH LOTTERY.

Yours faithfully,
Mrs. Tricia Moore
Online co-ordinator for THE BRITISH INTERNATIONAL LOTTERY
Sweepstakes International Program.

Symantec acquired IMlogic the anti-spim

  

Symantec has acquired IMlogic to get into IM and email security:

LAS VEGAS, NV–(Marketwire – June 13, 2007) – Symantec Vision 2007 — Symantec Corp. (NASDAQ: SYMC) today announced the newest version of Symantec Information Foundation, an integrated Information Risk Management (IRM) product suite that builds on the company’s Security 2.0 strategy. Symantec Information Foundation delivers advanced controls to safeguard companies against data loss with unified protection for e-mail, Web and instant messaging (IM). The new solution, expected to be available this summer, enables information entering or exiting the organization to be archived, audited and discovered through a validated process that ensures proper chains of custody.

With IMlogic’s technology they will also be able to battle “SPIM” Spam on Instant Messanger which can get pretty bad. 

Black Hat Spammers (NIST Hacked)

NIST.gov, heidelberg university and others have been hacked by black hat spammers.

Lately I’ve been getting some spam that I consider a special treat.  These are websites that have been exploited and used to promote spammy pharmacy products such as viagra and cialis. 

I am not happy that victims are being used, I’m intriqued on how the spammers managed to get away with it.

This one comes from NIST.gov: 

SPAM Hack of NIST.gov
viagra
http://www.nist.gov/HyperNews/atp/get/collaboration/285/1.html
viagra
[URL=”http://www.nist.gov/HyperNews/atp/get/collaboration/285/1.html”]viagra[/URL]
tramadol
http://www.nist.gov/HyperNews/atp/get/collaboration/288.html
tramadol

I’ve been working with the U.S. Govt for a long time so I am familiar with the NIST.  It is the National Institue of Standards and Technology: “Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Commerce Department’s Technology Administration.” 

When I thought that they might have been hacked, I immediately sent and email to the webmaster.  But unfortunately they rejected my email.
Here is another hack attempt (this one unsuccessful):

UTA.edu
viagra
http://www.uta.edu/HyperNews/get/delgua/158.html
viagra
[URL=”http://www.uta.edu/HyperNews/get/delgua/158.html”]viagra[/URL]
phentermine
http://www.uta.edu/HyperNews/get/delgua/160.html
phentermine

Here is one is what looks like a division of Heidelberg University:

physi.uni-Heidelberg.de
cheap xanax
http://www.physi.uni-heidelberg.de/HyperNewsFachschaft/get/discussion/862.html
cheap xanax
[URL=”http://www.physi.uni-heidelberg.de/HyperNewsFachschaft/get/discussion/862.html”]cheap xanax[/URL]
generic viagra
http://www.physi.uni-heidelberg.de/HyperNewsFachschaft/get/discussion/860.html
generic viagra

email I sent to Heidelberg Universtiy (translated with babelfish):

Hallo,
Ihr Aufstellungsort kann ausgenutzt worden sein:
http://www.physi.uni-heidelberg.de/HyperNewsFachschaft/get/discussion/862.html
Die Person, die dies getan hat, benutzt Ihren Aufstellungsort zu Spam andere Internet-Aufstellungsorte. Traurig über meinen Deutschen. Ich verwende babelfish.altavista.com, um zu übersetzen. Auf Wiedersehen

Here is another attempt on Kryten.murdoch.edu.au 

pacific poker
http://kryten.murdoch.edu.au/HyperNews/get/forums/thal/300.html
pacific poker
[URL=”http://kryten.murdoch.edu.au/HyperNews/get/forums/thal/300.html”]pacific poker[/URL]
cialis
http://kryten.murdoch.edu.au/HyperNews/get/forums/thal/297.html
cialis

As with any exploit, the spammers used a flaw in the webpage to post the data on victims webpages.  The sad thing is that it can happen to anyone.  Security Awareness is really the only defense one can have.
 

I have been getting a lot.  I’ll update this when I get some good one.

1 2