Please try the new McDonalds menu entirely free SCAM

SCAM Please try the new McDonalds menu entirely free!

If you receive an email offering “New McDonalds Meunu entirely free”.  This email may have phishing/malware links.  The message in the email states:

We want you to try the new menu! And to show our appreciation we are willing to give away this $100 gift card!

Just take this breif survey and get a free $100 gift card to try the new menu!

The link within the email leads to a browser extension called Piggy.  Which is very intrusive.  

 

50 Amazon Gift Card SCAM

scam Your $100 AmazonPrime Credit-Will Expire on

This is a possible scam “Your $100 AmazonPrime Credit-Will Expire on 02/15/201x”

AMAZ0N .com Prime.
IMPORTANT NEW NOTIFICATION REGARDING YOUR CURRENT REWARDS POINTS

AMAZ0N-PRIME SHOPPER #331862 – – DATE: 02/11/2016

ONE (-1-) DAY ONLY!

To show you how much we truly value your years of repeat business, & to celebrate the success of AMAZ0N Prime we’ve just awarded you with $100 worth of bonus points that can be applied towards any product currently for sale on AMAZ0N’s website!

To claim your new awarded bonus, just follow the link that we’ve provided below & use your coupon-card during checkout on AMAZ0N’s website……That’s it!

*malware/phishing site
********The Link Provided Above Expires on 02/15/16 So Don’t Wait!

This offer leads to possible malware:

URL Scanner Result
Sucuri SiteCheck Malicious site
ParetoLogic Malware site
ADMINUSLabs Clean site

 

DEPT. OF HOMELAND SECURITY SEEKING TO WIRE-TAP THE INTERNET (scam email)

This email is a request for money and tries to scare you into giving money.

OFFICE OF HOMELAND SECURITY
Immigration and Customs Enforcement
U.S. Department of Homeland Security,
Street S.W. Suite 322.Atlanta Georgia 30303
2160 Park-lake Drive Northeast, Atlanta – 1694 Phoenix Parkway, Atlanta
UNITED STATES OF AMERICA Atlanta Area. Metropolitan Atlanta Rapid Transit
Authority ( MARTA) The MOTTO of ICE is “INTEGRITY, COURAGE, and EXCELLENCE”
Email: ( homelandsecdpt01@mail.ru )

UNITED STATES DEPT. OF HOMELAND SECURITY SEEKING TO WIRE-TAP THE INTERNET.
GOOD DAY,

DIPLOMATIC IMMUNITY SEAL OF TRANSFER FOR FINAL FUND RELEASE.

We received your email and you must take note that this is for real because we are ready
to take you to any length if you failed to proof the legitimate of the fund you are
about to receive, As a Federal Commission we are here to protect your interest and the
interest of all the United State citizens as well as this great Nation, You have been
investigated as the beneficiary of the said funds that is why you are in touch with the
FBI for a solid proof before the funds will be release to you.

The said funds is now in U.S Bank in your name which has been placed on hold under the
custody of the FBI for further verification and proof before releasing the fund to you,
we further held a meeting with the United nation in person of the President Muhammadu
Buhari, where they finally concluded that
every of our American citizen should stop every upfront payment because your so called
partner will keep asking more money after money, and fund will not be released to you.

They finally concluded that every American citizen must posses a Vital Classified
Document called Diplomatic Immunity Seal of Transfer that overrule every upfront payment
fee and certificates,You do not have this document in your files, if you did the fund
would not have been put on-hold, We did not believe this at first, but when we saw the
transfer we had no option than to contact you.
We have gone through your Identification record and also the information received from
you, we have verified a lot of things about you.

It has come to the attention of our Money Trafficking investigation department, that you
have some funds valued at U.S in USA dollars to your name, The said payment is awaiting
adjudication and crediting to you, this funds are from Inheritance ‘willed ‘ from C.B.N
Bank Nigeria precisely.

With full concern of The F.B.I and the Internal Revenue Service (IRS) wish to remind you
of the consequences of remitting such huge sums of money without complying fully with
the provisions of the Financial and Allied Matters Decree 5 as amended in sub-section C
(6) of 2010, which stipulates
that any monitory transaction been done in the United States Of America, must have
proper records, which duly guarantees and covers the transaction as legitimate and
legally acquired and not criminally or terrorist associated funds. This is due to
ongoing terrorist activities/economic crimes on and against the United States of America
citizens.

Note that with the information’s we have here, the fund in your name here was release
from Federal Republic Of Nigeria, To this regard you are to contact the EFCC Nigeria
where the fund was release from so that they will issue you the required document
because they are the only people that can issue you the document. Nobody else have the
right or privilege to issue you this document unless the EFCC Nigeria.

You are under an observational /Investigation in connection with money laundering. If
your funds comes from a legitimate and legal source, the proper guidelines for you to
recover the right of transaction is for you to provide the official monitory transaction
release document so that your funds will be legally processed and recorded and accounted
for and then finally released to you.

FEDERAL BUREAU OF INVESTIGATION (ANTI-TERRORIST AND MONEY LAUNDERING DEPARTMENT) IS HERE
to wipe out terrorism, and will stop at no length in doing our duty for the American people.

You have 92 hours to produce legal proof of the below frozen wired transaction number
code: AZQV9007 owned by you. Note that you do not have any rights to receive these funds
if the documented legal wire information is not completed.

For your own good and benefit, you are advice not to send your money to anybody except
the below person that will get the document for you, It has come to our notice that you
have been dealing with some set of Impostors regarding the present transaction in your
name, with the power imposed on us as a high Federal Commission, you are hereby warn and
instruction to terminate your involvement with any people or individual contacting you
regarding this present transaction.

The said funds is now in our custody in your name as the beneficiary, your dealings
should be channel to this office alone, if we find out you are still communicating with
Impostor’s you will be charge for advance fraud communication by the Federal Law.

The very heart of FBI operations lies in our investigations which serve as our mission
states, to protect and defend the United States against terrorist and foreign
intelligence threats and to enforce the criminal laws of the United States,So follow our
instructions properly to avoid any action before you. pay any fee to them, they will ask
for more We currently have jurisdiction over violations of more than 200 categories of
federal law.

So you can see that we can track you down through Investigative programs, We have your
address and the evidence and status of your wired funds, so we can arrest you any time
anywhere, so contact them with required fee and the mtcn in receipt of this message,
because the document is very mandatory.
You don’t have the required document on your possession, these document are only to be
issue to you from the paying country NIGERIA, to this regards you are advice to contact
the EFCC NIGERIA to obtain the document from them to enable the immediate release of the
funds in your name without entertaining any interrogation and avoid any further delay.

We have done our verification on your FBI Identification Record with your Social
Security Number, the only document left is the required Diplomatic Immunity Seal of
Transfer (DIST) Which should be issue to you from the paying country of the said funds,
you are to contact the ECONOMIC AND FINANCIAL CRIME COMMISSION (EFCC) Nigeria to obtain
the above required document, find below their contact information’s:

Contact Person: Mr IBRAHIM LAMORDE
Email: ( efccfile01@list.ru )
Tel: +234-80-8459-1264

Furthermore, be advice that according to the United State Law together with the FBI
rules and regulations, you are to obtain the document from the EFCC NIGERIA where the
fund was transfer from, Also Note that you are to take care of the Document to be issued
to you right away, because due to the content of the document and how important the
secured document is, You are advised to take care of the document by requesting for the
payment information and sending the fee to the EFCC NIGERIA the sum of $150 Dollars only
for the issuing of the document right away and your fund will be release to you, That is
the only way the EFCC NIGERIA will issue you the document, because they are going to
issue you the Authentic and Original copy of the document for the release of your fund.

You are here by advice to Contact them through the email address above to acquire from
them on how you are going to send the fee to them. Note that you are to do this
immediately if you really want your fund to be credited to your personal account and
also if you don’t want any action to be fall before you, We have already informed the
EFCC NIGERIA about the present situation, so go ahead and contact them immediately.

Your fund is now on our custody and will not be release to you unless the required
document is confirmed, After that the fund will be release to you immediately without
any delay.
NOTE: We have asked for the above documents to make available the most complete and
up-to date records possible for no criminal justice purposes.

WARNING: Failure to produce the above requirement in the next 96 hours, legal action
will be taken immediately by proper authority and may be disastrous to anyone who fail
to have the said document,while
transfer,justification and if found guilty, you will be jailed As terrorism, drug
trafficking and money laundering is a serious problem in our community today.

The F.B.I will not stop at any length in tracking down and prosecuting any criminal who
indulges in this criminal act.

CC: Canadian Police Association
CC: GENERAL INTELLIGENCE DEPARTMENT (GID)
CC: Asia Pacific Group on Money Laundering (APG)
CC: Egmont Group
CC: FEDERAL BURUEA OF INVESTIGATION(FBI USA)
CC: European Bank for Reconstruction and Development (EBRD)
CC: Financial Action Task Force (FATF)
CC: International Monetary Fund (IMF)
CC: International Organization of Securities Commissions (IOSCO)
CC: International Banking Security Association (IBSA)
CC: International Air Transport Association (IATA)
CC: Institute de Formation Interbancaire (INSIG)
CC: World Customs Organization (WCO)
CC: Inter-American Development Bank (IADB)
CC: Offshore Group of Banking Supervisors (OGBS)
CC: WORLD CENTRAL BANK (SW)
CC: NIGERIA POLICE FORCE (NPF)
CC: NORTH YORKSHIRE POLICE (UK)
CC: ECONOMIC FINANCIAL CRIME COMMISSION (EFCC)

FORWARD THE DOCUMENT TO US VIA EMAIL ATTACHMENT AS SOON AS YOU OBTAIN IT AFTER WHICH YOU
MUST HAVE EFFECTED THE PAYMENT SUM OF $150 TO THE BELOW INFORMATION WHILE YOU PROVIDE
THE MTCN TO MR IBRAHIM LAMORDE WITH THE ABOVE EFCC EMAIL OFFICE ADDRESS FOR YOUR
IMMEDIATE (DIST) DOCUMENT TO BE AVAILABLE.

Receiver’s Name: BEN KOJO
Sender’s Name and Address.
TextQuestion: IN GOD
Text Answer: WE TRUST
Amount:$150 USD.
Destination:Abuja-Nigeria.

N:B:YOU NEED NOT TO CONTACT HER AT ALL IF YOU CANNOT AFFORD THE FEE, THEN YOU WILL FALL
TO THE CATEGORIES OF THOSE THAT THERE FUND WILL BE RETURN BACK TO THE CBN TREASURY
OFFICE IN NIGERIA WHERE THE CONTRACT IS BEEN EXECUTED.

Only re-confirm to her the following information below when you are effecting the
payment of $150 while you follow instructions by using the above payment information
given to you and Get back to this office as soon as you have done that for
clarification, failure to adhere strictly with this instruction will definitely lead to
lost because as a result of payment cancellation.

1.BENEFICIARY NAME AND ADDRESS.
2.BENEFICIARY TELEPHONE NUMBER.
3.BENEFICIARY AGE/OCCUPATION.
4.BENEFICIARY MARITAL STATUS

The above information will be acknowledge by the serious ones effecting the payment
above mentioned fee being payment for the issuance of the said documents keeping your
fund on-hold here in the United State,then We will not hesitate to do the needful as
soon as we confirm your payment for the issuance of the (DIST) document and Your on-hold
fund will be released immediately here in the United State.

Best Regards.
Keith B. Bolcar
Email: ( homelandsecdpt01@mail.ru )
Deputy Secretary. (Homeland Security.)
United States Department of Homeland Security.
HARTS FIELD-JACKSON ATLANTA CBP DEPT. HOMELAND SECURITY
Tel#:(213)537-2170
Home
Counter-terrorism
Aviation Security
Cyber security
Chemical
Security
Law Enforcement
Protecting, Analyzing & Sharing Information Protecting Infrastructure
Protect Against Fraud & Counterfeiting Secure Identification Laws &
Regulations Publications Committees & Working Groups Grants Report
Incidents Border Security Protecting America Facilitating Travel & Trade
Laws & Regulations Grants Publications Preparedness, Response, Recovery
Preparing Your Family Preparedness Disaster Response Disaster Recovery
Communications Committees & Working Groups Laws & Regulations Grants
Training & Technical Assistance Publications Local Resources Immigration
Moving to the United States Immigration Enforcement Visiting the U.S.A.
Committees & Working Groups Laws & Regulations Benefits

Notice to Appear – Court Order – malware

Malware detected

Dear NAMEUSER,

You have to appear in the Court on the April 14.  You are kindly asked to prepare and bring the documents relating to the case to Court on the specified date.  Note: The case will be heard by the judge in your absence if you do not come.

You can review complete details of the Court Notice in the attachment.

Regards,
Hugh Buckley,
Clerk of Court.

State Court <hugh.buckley@ns89.websitewelcome.com>

SHA256: 8889fcc7dca37f2cc23d7f664605578583f4fbfe102435c1cb58fbe9ce60e5fe
File name: Court_Notification_00000677743.zip
Detection ratio: 12 / 57
Analysis date: 2015-04-11 18:05:09 UTC ( 0 minutes ago )
Antivirus Result Update
Microsoft TrojanDownloader:JS/Nemucod.P 20150411
NANO-Antivirus Trojan.Script.Heuristic-js.iacgm 20150411
AVware Malware.JS.Generic (JS) 20150411
VIPRE Malware.JS.Generic (JS) 20150411
Avast JS:Decode-CAP [Trj] 20150411
ESET-NOD32 JS/TrojanDownloader.Nemucod.AF 20150411
Fortinet JS/Nemucod.AF!tr 20150411
Sophos JS/DwnLdr-MKJ 20150411
McAfee JS/Downloader.gen.d 20150411
McAfee-GW-Edition JS/Downloader.gen.d 20150411
Kaspersky HEUR:Trojan.Script.Generic 20150411
Comodo Heur.Dual.Extensions 20150411
ALYac 20150411
AVG 20150411
Ad-Aware 20150411
AegisLab 20150411
Agnitum 20150409
AhnLab-V3 20150411
Alibaba 20150411
Antiy-AVL 20150411

Good Day – email scam

YANG FENGYE IMPORT & EXPORT CO,LTD, China – Phishing SCAM

Ms.Titi Tian <tititian@une.net.co>

Our Company YANG FENGYE IMPORT & EXPORT CO,LTD, China is in search of a competent individual or firm that will be responsible in handling funds as our agent and sales representative in the United State/Canada region. If interested kindly indicate your interest by mailing back for further details.phishing-scam

Note: It is a part time offer that won’t interrupt your present work or business.

Provide your details

Full Names:
Address:
Country:
Phone No:
Occupation
Date of Birth

Looking forward to your response.

Sincerely Yours,

Ms.Titi Tian

YANG FENGYE IMPORT & EXPORT CO,LTD.
41 WANGJIANG SOUTH ROAD,BAIYUN STREET,
DONGYANG, ZHEJIANG, CHINA

KINDLY OPEN THE ATTACHED FILE FOR MORE DETAILS – phishing

The attachment may hold malware or phishing.  You should NOT open the attachment.  With any luck this email and others like it are going straight to your SPAM/JUNK folder.

http://www.reserve-bk-india@mit.tc

KINDLY OPEN THE ATTACHED FILE FOR MORE DETAILS

Get your own FREE website, FREE domain & FREE mobile app with Company email.

Attachment:  RESERVE_BANK_OF_INDIA_OFFICIAL_PAYMENT.docx

VirusTotal Report

SHA256: b92fe8419718bf0f37f3f29af46aef1aabc61433a68f81f3fbb8482f3bd85460
File name: RESERVE_BANK_OF_INDIA_OFFICIAL_PAYMENT.docx
Detection ratio: 0 / 57
Analysis date: 2015-04-11 17:48:45 UTC ( 4 minutes ago )

SCAM * Your Asset Funds Code jp morgan chase bank (LN2932K12CP)

Here is a scam I received today:

FROM THE JP MORGAN CHASE BANK (JP Morgan Chase Bank <info@fbi.gov>)
Winchester Virginia United States
 
Attn:
 
We have been informed this day by the concern authority to have your (FUNDS) release process completed otherwise, the funds will be declared unserviceable by the bank and consequently, it’s confiscation.
 
The time frame is very short and technically, bank transfer is the fastest means of getting this done, so we have reverted to status qua.
 
Mandate has been issued to a commission namely UNCLAIMED ASSET/ASSETS RE-UNITED, USA here in the UNITED STATES to effect this payment to you using it’s traditional banking procedure, VIA WIRE TRANSFER and you are to contact the Executive director of JP MORGAN CHASE BANK  for the release of the funds to be transferred into your nominated bank account, and here is the contact information below.
 
Executive Director JP MORGAN CHASE BANK
Timothy P. Flynn
Contact Address: 270 North Avenue New Rochelle
NY  10801 United States.
contact Email:( flynn-dept@usa.com )
private Email: ( timothypflynn204@gmail.com )
 
If you are receiving this notification for the first (Ten Million Five Hundred Thousand Dollars) which is on your name, can only be paid upon our receipt of your beneficiary identification security transfer CODE which is (LN2932K12CP) for clearance of the funds. Send it immediately to us for instant accreditation of your proceeds into your account as listed below.
 
1) Your full name:
2) Phone, fax and mobile:
3) Address :
4) Profession:
5) Age:
6) Marital status:
7) Copy of your any valid ID card:
 
Ensure you contact Timothy P. Flynn with all your Full contact details regarding of your Funds and get back to us for more information.
 
NB. THIS TRANSACTION IS BEING MONITORED BY THE UNITED STATES GOVERNMENT IN ORDER TO GUARDS US FOR INTERNET IMPOSTOR AND AWARE OF SCAM..
 
Thanks.
 
Garry Fisher
Re-United Asset Manager
JP MORGAN CHASE BANK
 

 

e-mail spoofing

Someone is sending an email to people on your contacts list claiming to be you.  They are trying to get your contacts to click a link or send personal information.  You are sure that you did not send the message.  This is called e-mail spoofing.  

What attackers do is to use some email spam software to anonymously send out emails to all the contacts on exploited email accounts.  This is sometimes done with an “anonymous remailer” reference: http://en.wikipedia.org/wiki/Anonymous_remailer

Why e-mail Spoof?

The motivation behind it is to conceal the emails original point of creation while at the same time using a list of your contacts (some of whom trust you) to get them to go to a site.  That site can have a variety of intentions.  Its not always about malware, the site can also be used as an aggressive blackhat marketing campaign to get people to go to a site or sell products and/or service.

But its also used for phishing attacks, network infiltrations, gathering insider information, and getting malware on systems.  Whether its advertising or malicious, e-mail spoofing is counting on the user to be unaware of the true nature of the email.

Taking Action

See if you account is just spoofed or hacked AND spoofed.  There is a difference.  If they are spoofing and somehow got all your contacts.. Honestly, SMTP (email) is not very secure by itself.  So there is not much you can do if your email gets spoofed except notify your contacts.  Imagine trying to stop someone from sending snail mail to your contacts with a return address that says its from you.. how do you stop that?  How would you even find out where they sent it from?

If you account is being actively infiltrated and THEN spoofed there is something you can do.

The first thing you should do is change your password.

If you changed the password and they still got in, then it may be that they changed your alternate email address.
A spammer may have altered your account information, allowing them to access your account again even after you change your password.
Visit your Account Information page. — yahoo
Go to Yahoo Account Page:
Click Choose how Yahoo contacts you under “Contact Information.”
Change the email address on file if you don’t recognize it.
– For help, see adding an alternate email address to your account.
Ref: https://help.yahoo.com/kb/yahoo-account/sending-spam-sln3417.html
How to check to see who recently accessed your account:
https://help.yahoo.com/kb/yahoo-account/login-activity-page-sln2073.html

 

 

lloyds message service

lloyds message service – debit posted.zip (malware)

If you got lloyds message service – debit posted in an email then its a virus.  This .zip is malware verified by VirusTotal.com

lloyds message service

courtesy of tranquilnet

Subject: You have received a new debit

This is an automatically generated email by the Lloyds TSB PLC

LloydsLink online payments Service to inform you that you have

receive a NEW Payment.

The details of the payment are attached.

This e-mail (including any attachments) is private and confidential

and may contain privileged material. If you have received this

 

Scan From VirusTotal:

Antivirus

Result

Update

Ad-Aware

20131211

Agnitum

20131217

AhnLab-V3

Trojan/Win32.Dapato

20131218

AntiVir

20131218

Antiy-AVL

20131218

Avast

Win32:Malware-gen

20131218

AVG

20131218

Baidu-International

20131213

BitDefender

20131211

Bkav

20131218

ByteHero

20130613

CAT-QuickHeal

20131218

ClamAV

20131218

CMC

20131217

Commtouch

W32/Trojan.CIRP-9141

20131218

Comodo

20131218

DrWeb

20131218

Emsisoft

20131218

ESET-NOD32

Win32/TrojanDownloader.Waski.A

20131218

F-Prot

W32/Trojan3.GVD

20131218

F-Secure

Trojan.Agent.BBBY

20131218

Fortinet

20131218

GData

Trojan.Agent.BBBY

20131218

Ikarus

Trojan-Spy.Agent

20131218

Jiangmin

20131218

K7AntiVirus

20131218

K7GW

20131218

Kaspersky

Trojan.Win32.Bublik.boha

20131218

Kingsoft

20130829

Malwarebytes

Trojan.Agent.RV

20131218

McAfee

20131218

McAfee-GW-Edition

20131218

Microsoft

20131218

MicroWorld-eScan

20131218

NANO-Antivirus

20131218

Norman

20131218

nProtect

20131218

Panda

20131218

Rising

PE:Malware.FakePDF@CV!1.9E18

20131218

Sophos

Troj/Zbot-HEQ

20131218

SUPERAntiSpyware

20131218

Symantec

20131218

TheHacker

20131217

TotalDefense

20131217

TrendMicro

20131218

TrendMicro-HouseCall

TROJ_GEN.F47V1218

20131218

VBA32

20131218

VIPRE

20131218

ViRobot

20131218

gmail security

gmail security

gmail security

Gmail is one of my favorite email products.  Its free, its extremely good at collecting and organizing data (in-line with google’s vision of world information organization domination) and its so intuitive.

The gmail security features are kind of tucked away to bring the organization and search functions to the foreground.  But once you know where they are, its easy.

1. First, browse into your email and sign in.

 

2. Inside your email under your name, click privacy.

3. Under Account Privacy, hit Security and add alternate recovery email and mobile number.   This will allow gmail security to alert you of any suspicious activity such as someone attempting to access your account.

gmail security

gmail security

1 2