For Gold, Peace, and Freedom


Spammers Distribute Fake Microsoft Lottery Emails

March 21st, 2009

spam-scam.jpg It has been a few months since I reported on a spam incident, but this week has seen a slight increase in the volume of these types of emails, so I might as well share with you the latest version just in case someone is searching to verify its legitimacy. This particular message is a variation of the bogus lottery winnings scam that I reported on back in June 2007 when there were lots of “Irish lottery winnings” being received from unsolicited emails.

At first glance, it appears to originate from the UK but a savvy observer will note that this is likely a variation of the Nigerian 419 advance fee fraud scam. In this particular scam, people who actually respond to the message will receive a reply from the spammers stating that they need to send in some type of deposit (usually a fairly small amount at first) in order to verify their identity and claim the prize.

Read the rest of this entry »

Adventures in Spam: False Account Blocking

December 6th, 2008

spam-scam.jpgAlthough it has been a long time since I have continued my Adventures in Spam series, this morning I received an email that qualifies for a new post because it reminds me of a scam mail category that I have not yet covered. This is the tactic of false account block messages, where the spammer tries to appeal to your fear that something has gone wrong with one of your accounts at a bank, payment processor, or other type of financial institution. Here is an example from this morning’s serving of spam that was targeted to users of the relatively new payment processor Liberty Reserve:

** Liberty Reserve Account Blocked **

Your account has been blocked due to numerous invalid login attempts. You will be unable to send and receive funds until your account has been activated.

Failing to unblock your account will result temporary account suspension. Please read attached account block notice for details.

Liberty Reserve Customer Service

Below the message there was also an attachment in HTML format. Although I was not foolish enough to click on it, I suspect that it leads to a fake Liberty Reserve login page or some other type of web page that is designed to fool you into entering your login details in an attempt to fix the “block” on your account. If scammers manage to collect these, they can come back later and drain money from your account.

Read the rest of this entry »

Possible Scam Warning: MegaLido.com

November 12th, 2008

megalido-logo.jpgThis afternoon I received a warning about an autosurf site called MegaLido.com indicating that the program may close down soon and move into the scam category if late-arriving “investors” are not paid. John Stankiewicz, a frequent reviewer of cyclers, autosurfs, HYIPs, MLM programs, and other decidedly non-mainstream investment vehicles, sent out a brief email to subscribers informing them that it might be a good time for people who have a significant amount of money in the program to cash out their profits. Here is the text of the message:

Read the rest of this entry »

Latest Scam Warning: DonkeyMails Investment Program

September 19th, 2008

spam-scam.jpgEarlier today I received a spam email regarding an investment program supposedly being run by DonkeyMails.com. The mail uses a false header to make it appear that the message originated from the administrator of the DonkeyMails program. Interestingly, my Gmail application detected this and posted a bright red message stating “Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information.” The actual text of the message reads as follows:

Dear DonkeyMails members,

We are happy to tell you that first payouts (45%) has been sent to the members of DonkeyMails Investment Program! The rest of investors will receive their payment on Monday.

Today, we invite new investors to sign up for the DonkeyMails Investment Program! We pay you 45% weekly.

Please read attached investors invitation for details.

Read the rest of this entry »

Latest Trend in Spam: Zodiac Rings

August 21st, 2008

spam.jpgEarly this morning I found an annoying but interesting email in my Spam folder under the subject of “Zodiac Rings”. The text was displayed in a purple color and according to the header details was sent to “sales(at)karlonia.com”. In reality, I have no such email address, yet somehow this mail found its way to my actual address anyway.

As for the content, it appears that some dodgy marketer from India is trying to sell us on the idea that we can gain special powers and be more successful by wearing a certain kind of ring that is produced according to our astrological signs. It seems that our intrepid spammer has not learned how to target his advertising very well, for I do not even believe in religion, much less this pseudoscientific astrology garbage. Nevertheless, if you’re desperate enough and have a lot more faith than I do, these magical powers can be yours for only 1500 rupees! Just make sure that you do not put the ring on your “tall middle finger”…

Read the rest of this entry »

Globalized Spam Claims Fake Lottery Winnings

August 7th, 2008

spam.jpgAfter surviving for almost a year with a relatively clean email address after I finally left Excite, the first instances of clearly recognizable spam have begun to creep into my inbox. Earlier today I received two copies of this message about a bogus prize award from a company called “Google Lottery International”.

Although most of us are familiar with the Google search engine, as far as I know this particular variant of the name does not exist as an actual organization. The two copies of the email contained exactly the same body text but the subject lines were different; one was titled “Congratulations You Have Won” while the other was simply labeled as “Google Lottery International”. In both cases, the sender was listed as “teresalummp”.

The overall content of the message is similar to the Irish Lottery spam that I received and reported on last year. In both cases, the purpose of the message is to harvest live email addresses by eliciting responses from the small percentage of people who naively believe that the mail is legitimate and attempt to claim the bogus lottery winnings.

If the spammer is actually contacted, the usual trick is to send a second message stating that some type of processing fee is required to release the prize money. If the recipient continues to follow through on the instructions, he or she eventually gets scammed after being tricked into initiating a wire transfer of money to the spammer. At this point the spammer will either ignore future contact or may continue to string the victim along with garbage information as a way of setting up additional scams.

As you have probably figured out by now, unless you are a professional scambaiter and really know what you are doing, it is never a good idea to actually reply to a spam email such as this. Even if you manage to avoid being scammed, any reply will indicate to the spammer that your email address is a “live” target, which will likely lead to additional spam messages in the future. Meanwhile, here is the content of the message for those who have not yet seen it and need to know what to avoid.

Read the rest of this entry »

Antivirus Scam Warning: VirusIsolator

July 8th, 2008

virusisolator.jpgMy brother, who runs a computer repair business, reported earlier today that one of his customer’s computers had been infected by a fake antivirus program called VirusIsolator (also spelled as Virus Isolator). After doing some research on this rogue program, I found out that some users are having it installed on their systems through Trojans such as Zlob or Vundo, although many others are simply being fooled into downloading the free “online security scaner” from the website VirusIsolator.com.

After someone runs a scan, the program will display several pre-written fake virus alerts regardless of the actual condition of the user’s system. Here is a screenshot of what these false reports look like:


The program will then use various advertising methods and fake alert messages to trick users into purchasing the full version of VirusIsolator. However, even after someone purchases the full version, the program does not actually remove any viruses or malware from computer systems; it is simply a scam designed to separate fools from their money and show them a little adware as a side benefit.

Fortunately the website reveals several clues indicating to savvy users that the program is likely not legitimate. The first paragraph of text content on the home page reads:


SpyWare is part of an overall public concern about privacy on the Internet2. Spyware collects your private information, and reports it to advertising providers, who will show you tremendous amount of advertising beyond your control. How Virus Isolator can help you?

So let’s see…we have an obvious typo (Internet2), an unnecessary comma, and an awkwardly worded last sentence (the word can should be placed before “Virus Isolator” not after it). These kinds of errors are a clue that something is amiss because a professional, legitimate company would at least take the time to proofread their own home page and clean up these kinds of obvious mistakes before releasing their product to the public. As if this wasn’t enough, the last question of the FAQ section provides another comical display of their questionable English skills:

Read the rest of this entry »

John Stankiewicz Warns Against WorldPassive and DollarMonster

June 23rd, 2008

dollar-monster.jpgJohn Stankiewicz of 9PlanetReviews.com is warning his subscribers and any potential members of the WorldPassive program (formerly DollarMonster) that it may be turning into a scam. DollarMonster was a popular doubler-cycler program that had its heyday back in 2004 when such programs were in vogue among certain populations of the alternative investment community. After the original program ran out of funds, it has since been resurrected twice, the most recent reincarnation being published under the WorldPassive moniker. Below is the letter I received from the admin of 9PlanetReviews earlier today. Fortunately, I did not “invest” any funds here.

Below is what I posted in my blog yesterday.

I will never again recommend that outfit. It used to be that one could make a few bucks there, so I recommended them each time they came back out.

I now hear that Blondie (Judy) just got booted today as well, and she had over 50 folks signed up in that one. Am not sure how many I had. So Admin at WorldPassive are biting the hands that have fed them.

UPDATE: WorldPassive Cycler (DollarMonster)

Looks like a reader of mine ratted me out. I simply made a one line statement, and here it is: “Actually, new developments. Avoid DollarMonster, am about to publish that in my blog. So if your fifty cycles? Get it out and stay out.” And looks like my “friend” sent that in to support. So they canceled my account and my payout of two cycles. Here are the details:

I originally bought a $50 position, that cycled, and then I put all of that back in and that cycled too. Then I made w/d request.

Guess what?

I just received an email saying they had shut down my account and are giving me my original $50 back. Why? I was in violation of their agreement. It says basically I would not do anything to harm their programme. Well, I did not. Check my blog. (I merely made one comment to a reader of mine that sent that in to support! Not as if I posted this all over the Internet! But now I have. And so should you!)

But, I did mention to one reader, in a private e-mail that I would not put any more money in that one as I thought it was about to fold (as most cyclers do, and this one did twice or thrice before). I guess that reader sent that one in to support.

So I replied to support and basically said they had better pay my cycled positions or I will make this into a story. And here the story is!

They have done the wrong thing. I have not said anything negative in my blog about their latest scheme. And now I am. They gave me the opportunity. It’s not about the fifty bucks. I could care less. But that kind of treatment? Say anything negative about them and your account will be shut down? Sounds like desperation and totalitarianism. Sounds like a scam. Sounds like a poor decision by some flunky support person.

And scam it is! Spread the word. Spread this word far and wide so you cannot get cheated ever again by these three time failure goons! I sure am!

PS: WorldPassive Admin/Support have renegged on even refunding me my $50 that I put in at the start. Well, I hope they have some fun with it, maybe buy some candy or chips. But I hope they do avoid the Aspartame laden pop and gum.


By the way: there was no real harm done by my post up above. Why? Because they were pretty nearly dead already. Too few members, not enough money, and they failed three times before. Plus it is summer. The absolute WRONG time to launch an opp such as this! Stupid or what? Stupid mostly. At this point I will not even likely get my fifty bucks back! But am laughing all the way! Not at you. But with them! We’re all just having fun here, right? Until the next memory-wipe!


How to Avoid Spam

March 27th, 2008

spam.jpgSpam, not to be confused with the shoulder pork and ham product made by Hormel, denotes junk mail, an important aspect of life on the Internet. It has become highly notorious word that is regarded as synonymous with annoying advertisements and unwanted bulk email marketing messages. This article by Sarath Kumar provides some tips for preventing and avoiding the dreaded inedible forms of Spam.

Companies and individuals, perhaps including some of our friends bombard our mailboxes with junk mail on a regular basis. There are veterans of spamming – the ‘art’ of sending junk mails - like Sanford Wallace who earned the nickname ‘Spamford Wallace.’

The spammers use several intrusive methods to send junk mail. The Internet allows them to store our email addresses in databases that cross reference each other, so that they can build our profiles that tell them details including what sites we visit, how often we visit those sites, how often we click banner ads, and what kind of products we purchase. Companies and individuals will happily sell this information they collect to other companies and individuals, so that once our email address is on one list, they’ll eventually be on ALL the lists.

Here are some proven steps to avoid junk mail:

1. Don’t click on suspicious links or banner ads

Email harvesting companies can track our habits on the Web extensively by using banner ads or links designed to trick you into downloading adware, Trojan viruses, or other privacy-invading critters.

2. Don’t give out your email address

This may seem obvious, but don’t give out the email address to marketing companies. For example, any surveys we may fill out, or any form to fill out when purchasing something over the Internet. Some companies require our email address before we can download software. In these cases, always enter a bogus address.

Also, don’t include the email address in the Web browser settings. Use a fake one, or leave the field blank. Web sites we visit can grab this information without us ever knowing about it.

In cases where we absolutely need to enter a valid email in a form (for example when we need the company to send us a receipt or a product key), we should have a second email address, preferably at a free email service on the Web. We shouldn’t bother if we get Spam at that account, as it is meant to be a ‘garbage bin’ account. However, clean it periodically, and block unsolicited mails as required. The blocking and Spam reporting facilities are part of many free email services including Hotmail and Yahoo.

3. Don’t list the email address on a web site or newsgroups

Instead of listing the private email address on a personal Web site, use the second ‘garbage bin’ account, or a separate ‘Web feedback’ account. Do the same with posts made on newsgroups. There are automated programs that scour the Web and news groups to harvest emails. Another trick that usually works is to write the email address in a slightly different format that harvesting bots will not detect as a spam target but is still readable to human visitors. For example, you can use (at) or (dot) in place of the appropriate punctuation.

4. Don’t reply to Spam

Never reply to junk mail asking them to stop. A lot of junk emails provide a bogus ‘unsubscribe’ link, or ask to reply with ‘remove’ in the subject. This is a trick. The spammers don’t actually know if our email addresses are active. They purchase thousands of emails from other companies and sometimes even guess at email names. As soon as we reply to junk mail, they will know that our email is active. And we continue to get the junk emails on a ‘priority basis’.

5. Filter out the Spam

Filtering the junk emails that we receive prevents them from reaching our inbox or places them in a separate Spam folder where they can be easily scanned (just in case any legitimate mails slip through) and deleted. Most email programs have built-in filters to do this.

Additional Resources:

http://www.howtofightspam.com/ - more information and resource links on how to deal with Spam
http://www.templetons.com/brad/spamterm.html - article on the history of how the word “Spam” came to be associated with junk emails

Mysterious Spammer Advertises Auto-Click Software

March 17th, 2008

spam.jpgYesterday I received an email from a mysterious spammer named “PTC News”. This person is not only spamming for referrals in a hitherto unknown paid-to-click program named BuxIT.info, but is also throwing in a special bonus: an “AutoSurfer” that will automatically detect and click the paid links so that you can simply sit back and earn your pennies without having to actually do anything other than logging into your account.

Of course I should point out that the use of such auto-clicking software is considered cheating by virtually all paid-to-click programs and will result in being banned from any programs that detect it. However, this is the first time that I have ever seen anyone so brazenly advertising “cheatware” like this and even having the audacity to use it as a bait for referral collecting. Apparently the spammer has also included a video demonstration and was even nice enough to provide both Spanish and mangled English versions of the message.

Hi… // Hola… Hi, I saw your mail on a list of people who are interested in PTC, which is why you inform this magnificent PTC, and you can download a AutoSurfer makes the clicks automatically for you, and a video demonstration that teaches you how it works. ———- Hola, he visto tu mail en una lista de gente que le interesan los PTC, por eso te informo de este magnífico PTC, y puedes descargar un AutoSurfer que hace los clicks automáticamente por ti, y un video de demostración que te enseña cómo funciona. Link: http://buxit.info/register.php AutoSurfer: http://rapidshare.com/files/98261256/BuxIt.v01.zip VideoDemostration: http://rapidshare.com/files/98262412/Buxit.avi Let enjoy // Que lo disfrutes

Note that in order to avoid unwittingly rewarding the spammer or endorsing such tactics, I have removed the referral code from the text. I have not clicked through to the RapidShare URLs to examine the software or video, but I did confirm that the BuxIT.info program actually exists (as of this writing). If any of you have additional information on this Spam & Scam operation, please let us know in the comment section.

Spam Takes Over More Than 90 Percent of Emails

December 26th, 2007

spam-wars.jpgIn spite of a recent bout of blog comment spam, it seems that I have survived the “spam wars” relatively unscathed so far. According to an article at nvunet.com that cites a recent report by Barracuda Networks, the global proportion of spam has now risen to 90 and 95 percent of all email communications. By contrast, I was receiving a spam ratio of around 55 percent at my old Excite email address that I am now in the process of abandoning. Meanwhile, my Gmail address has remained almost completely spam free, and my recent installation of the WP-SpamFree plugin has practically eliminated automated comment spam here at Karlonia.

The reference to the nvunet.com article was one of the interesting tidbits of information that I picked up from the latest edition of John Graham-Cumming’s anti-spam newsletter, which I have reprinted below for your reading pleasure.

Read the rest of this entry »

« Previous Entries Next Entries »