Archive 16



McDonalds Free Meal

An email scam hitting inboxes across the world is promoting a free dinner [or variations including lunch or breakfast] at one of the world’s largest fast-food chains. The catch is that you need to print the attached coupon, which is actually an executable for a well-established family of Malware.

The message appears with the subject, “You don’t need to pay for your helpings this day”, and promises a free dinner or breakfast or lunch. “McDonalds invites you to The Free Dinner Day in every cafe of ours,” the randomly delivered message explains. According to the scam, the day’s free treats include Big N’ Tasty with Cheese, Chicken Selects, Premium Breast Strips, Premium Caesar Salad, Apple Dippers, and McCafe Mocha Frappe.

“Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants. Every manager will gladly take your card and issue you a tasty dish of Free Day. And remember! Free Day is a whole five free dishes!

Thank you for your credence. We really appreciate it,” the message concludes. The wording of the email is mostly European, using promotional terms that would be rare, if not completely out of place for a U.S. promotion. Not to mention, the brand is spelled incorrectly.

However, the attachment itself is the real problem as it contains a variant of the Bredolab family of Malware. Bredolab itself is a gateway, as once it is installed, it will download other Malware to the infected system.

In an attempt to fool you into believing the file is safe, the EXE file has a Word icon. Don't forget - you should always be suspicious of unsolicited attachments sent to you via email!


'You Have Visited Illegal Websites' Email

This email that appears to come from the FBI warns you that you have been logged as visiting more than 40 illegal websites. The message advises you to answer a list of questions that are supposedly contained in an attached zip file.

If you open the file, you will trigger a fake anti-virus program that will then appear to scan your computer and then display a message to say it has found a large number of serious virus infections.

The message will also claim that you must pay an immediate fee using your credit card before the anti-virus program can remove the serious virus infections.

The attachment to the email does not contain any questions for you to answer or virus scanning software. It contains a fake anti-virus program that is designed to gather your credit card details by claiming to find a large number of serious virus infections that can be removed by you paying a fee.

This type of email has been used for years and is almost identical to a virus sent in 2005 that contained the Sober Worm. There were some variations of that email that claimed it came from the CIA instead of the FBI.

The success rate with this email is high with inexperienced computer users as they panic when they think they have received an email from the FBI, and then fall for the message that their computer is plagued with serious virus infections and so quickly hand over their credit card information.

You should always be very cautious of any email that appears to come from a law enforcement or government agency and remember not to open any attachment or click on any links in the email.


Prince William and Princess Catherine Worldwide Galore Promotion

You may receive an email claiming to be from Buckingham Palace stating that you has been randomly selected as the winner of a substantial sum of money in a charitable promotion organized by Prince William and Miss Catherine Middleton.

The message claims to be from Buckingham Palace, and states that you have won one million pounds in this year's "Worldwide Galore Promotion".

The message claims that the money comes from a charitable gift fund created by Prince William and Miss Catherine Middleton to help celebrate their wedding. It explains that your email address was selected as the winner through a "Computerized Email Selection System (C.E.S.S.)" comprised of a "database of over a million email addresses from the worldwide web".

The winner is urged to contact the "affiliated accredited attorney" listed in the message in order to redeem the prize.

This is an example of an advance fee scam, with no prize or sum of money to claim. The scam is designed to trick you into sending money and personal information to scammers. If you fall for the scam and contact the attorney you will soon be asked to pay upfront fees that are supposedly required to allow for the release of the "prize money".

The scammers will claim that such fees are necessary to cover unavoidable expenses such as insurance premiums, tax obligations or banking and legal costs. The scammers will insist that for legal reasons, these fees must be paid in advance and cannot be deducted from the prize money itself.

If you pay the first of these requested fees, the scammers will send further requests for money until you finally realize that you are being conned or run out of money to send.

The scammers are also trying to trick you into disclosing a large amount of personal and financial information to allow them to steal your identity as well as your money.

These type of scams are very common so be wary of any message that claims that you have won a substantial sum of money or a valuable prize in a lottery or promotion that you have never even entered. Advance fee scammers often use the names of famous people or organizations as a means of making their lies seem a little more plausable.

In this case, the scammers have capitalized on the interest and excitement caused by the engagement and recent marriage of Prince William and Catherine Middleton.  


Scams Misrepresenting The Financial Crimes Enforcement Network

Scammers commonly use various government agencies or officials to legitimize their scams. Recently, there have been several complaints which fraudulently represent the Financial Crimes Enforcement Network of the U.S. Department of the Treasury.

Victims reported they received an e-mail claiming to be from the U.S. Department of the Treasury stating their lost funds, which were stolen and diverted to a foreign account registered in their name, have been recovered.

The e-mail advised to cease all money transactions, especially overseas, and to respond to the e-mail so the lost funds could be returned. The e-mail further stated the U.S. government is making adequate arrangements to ensure outstanding beneficiaries receive their funds.

The e-mail is signed by James H. Freis, Deputy Director of the Financial Crimes Enforcement Network, and requires victims to provide personally identifiable information that could potentially result in identity theft.

The U.S. Department of the Treasury posted a scam alert on their website on April 13, 2011, stating they do not send unsolicited requests and do not seek personal or financial information from members of the public by e-mail and recommending that recipients not respond to such messages.

The alert provides links for victims to report solicitations claiming to be from the U.S. Treasury.


Job Scam Used To Reship Merchandise To Russia

In the reshipping scam, scammers hire individuals to receive, re-address, and forward or "reship" packages to addresses generally in the United Kingdom or Nigeria, with recent schemes using addresses in Russia.

Scammers purchase the reshipped merchandise with stolen credit cards. Some reshippers recognize the scam but continue in perpetuating the fraud, while other reshippers appear to be unaware of the scam.

Often, reshippers realize the fraud after receiving calls from the companies that sold the merchandise or from the owners of the stolen credit card numbers.

In a new version of this scam, subjects hire individuals as "Gift Wrapper Associates" to receive and gift-wrap merchandise and ship it to given addresses. Recent complainants reported they had responded to Craigslist ads, while others were contacted by email, possibly as a result of a resume they had posted online.

Additionally, the complainants reportedly participated in phone interviews as part of the hiring process, and were required to provide personally identifiable information.

Scammers provide reshippers the necessary supplies to wrap the merchandise, such as boxes, wrapping paper, tape, ribbons, and bows. The victims' personally identifiable information gathered during the application process could potentially be used to obtain credit for other fraudulent purchases or to conduct other criminal activities.

Such unauthorized use of personally identifiable information often occurs in many types of identity theft-related scams such as other work-at-home, phishing, and various counterfeit check scams.



Return to Scam Alerts