Archive 4



Hotmail and Yahoo Email Scam

You may receive an email that appears to come from Hotmail, Windows Live, or Yahoo and claims that you must reply within 48 hours or your email account will be closed.

The message states that they are having 'congestion' problems due to anonymous registrations and so they need to delete some accounts to deal with this problem.

To prevent your email account being closed, you are instructed to reply to the email and provide your username and password. Some emails ask for additional information.

This email is not from Hotmail, Windows Live or Yahoo. It is a phishing email scam designed to steal your account login details. If you reply, you will be handing over your email account to the scammers for them to do as they wish.

One of the scammers main uses of these email accounts is to gain access to the contact list. Once they have the contact list they can send emails to those contacts on the list,and it will appear to come from the account owner.

A common strategy is for the scammers to send an email to the contact list [which will be in the account holder's name], stating they are stuck in an overseas country, or had an accident in an overseas country, and they need money to be sent to them.

Some of the recipients will likely believe it and send money because it will come from the original account holder's account with their email signature etc.

The real owner of the email account is unlikely to know that this is happening.

Although the scammers can use different reasons to get you to send your login details [such as the email account exceeding its storage limit, or increased security changes or system upgrade] the result is always the same – they want you to send your login details.

Be cautious of any messages asking for login details as they are almost always a scam.


Anti Virus Software Scams

While browsing the Internet, you may receive pop-up security warnings that state that your computer is infected with numerous viruses.

These pop-ups [known as scareware] look authentic and may even display what appears to be real-time anti-virus scanning of your hard drive. The scareware will show a list of reputable software icons; however, you cannot click a link to go to the actual site to review or see the recommendations.

The scareware is intimidating to most users and extremely aggressive in its attempt to lure you into purchasing the rogue software that will allegedly remove the viruses from your computer.

Once the pop-up appears it cannot be easily closed by clicking "close" or the "X" button. If you click on the pop-up to purchase the software, a form is provided that collects payment information and you are charged for the bogus product.

In some instances, whether you click on the pop-up or not, the scareware can install malicious code onto your computer.

Downloading the software can result in viruses, Trojans and/or key loggers being installed on your computer.

The assertive tactics of the scareware has caused significant losses to users and the FBI has an estimated loss to victims in excess of $150 million.

Be cautious — cyber criminals use easy to remember names and associate them with known applications. Beware of pop-ups that are offering a variation of recognized security software. It is recommended that you research the exact name of the software being offered.

Take precautions to ensure your operating system is updated and security software is current.

If you receive these anti-virus pop-ups, it is recommended you close the browser or shut the system down. It is suggested that you run a full, anti-virus scan whenever the computer is turned back on.

Festive Season Scam Alert

With the festive season approaching, the Federal Bureau of Investigation [FBI] is reminding people that cyber criminals continue to aggressively create new ways to steal money and personal information. Scammers use many techniques to fool you including fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, and sale of fraudulent or stolen gift cards through auction sites at a discounted price.

Fraudulent Classified Ads or Auction Sales

Internet criminals post classified ads or auctions for products they do not have. If you receive an auction product from a merchant or retail store, rather than directly from the auction seller, the item may have been purchased with someone else's stolen credit card number. Contact the merchant to verify the account used to pay for the item actually belongs to you.

You should be cautious and not provide financial information directly to the seller, as fraudulent sellers will use this information to purchase items for their scheme from the provided financial account. Always use a legitimate payment service to protect purchases.

With product delivery, unfamiliar Web sites or individuals selling reduced or free shipping to customers through auction sites many times are deemed to be fraudulent. In many instances, these Web sites or sellers provide shipping labels to their customers as a service. However, the delivery service providers are ultimately not being paid to deliver the package; therefore, packages shipped by the victims using these labels are intercepted by delivery service providers because they are identified as fraudulent.

Diligently check each seller's rating and feedback along with their number of sales and the dates on which feedback was posted. Be wary of a seller with 100% positive feedback, if they have a low total number of feedback postings and all feedback was posted around the same date and time.

Gift Card Scam

Be careful about purchasing gift cards from auction sites or through classified ads. If you need a gift card, it is safest to purchase it directly from the merchant or another authorized retail store. If the gift card merchant discovers the card you received from another source or auction was initially obtained fraudulently, the merchant will deactivate the gift card number and it will not be honored for purchases.

Phishing and Smishing Schemes

Be wary of e-mails or text messages you receive indicating a problem or question regarding your financial accounts. In this scam, you are directed to follow a link or call the number provided in the message to update your account or correct the problem. The link actually directs you to a fraudulent Web site or message that appears legitimate where any personal information you provide, such as account number and PIN, will be stolen.

Another scam involves victims receiving an e-mail message directing them to a spoofed Web site. A spoofed Web site is a fake site or copy of a real Web site and misleads the recipient into providing personal information, which is sent to the scammer's computers.


Here are some tips you can use to avoid becoming a victim of cyber fraud:

•Do not respond to unsolicited [spam] e-mail
•Do not click on links contained within an unsolicited e-mail
•Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan the attachments if possible
•Avoid filling out forms contained in e-mail messages that ask for personal information
•Always compare the link in the e-mail to the link you are actually directed to and determine if they actually match and will lead you to a legitimate site
•Log on directly to the official Web site for the business identified in the e-mail, instead of "linking" to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information
•Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine


Email Account Deactivation Warning, and Facebook Password Reset Confirmation 

The Email Account Deactivation Warning email advises you that your email account has been deactivated due to unusual activity being detected.

The email instructs you to extract and run an attached "mailbox utility", supposedly in order to restore your email service.

The email however is not from your ISP or hosting company and the attachment does not contain a mailbox utility. In fact, if you open the attachment, it will install a copy of the Mal/EncPk-LP Trojan on your computer.

The email messages use fake sender addresses to make it look like they originate from your service provider [if your email address was, the malware email will arrive with an address like and will also end with a line such as "best regards, technical support"].

This is done to trick more people into opening the email by trying to look legitimate.

The Facebook Password Reset Confirmation email states that your password has been changed as a security measure, and that your new password is in the attached document.

The goal of the email is to get you to open the document to read your new password, and if you do this, you will in fact be launching a copy of the Bredolab Trojan. Once installed, this Trojan is able to download and install other malware components such as key loggers and password stealers and allow Internet criminals to control your computer from the other side of the world.

If you receive an email like this or the one above, don't open any attachments or click on any links in the message. It is quite easy for criminals to make it appear that an email is legitimate by using fake "from" addresses, disguised links, and logos or other graphics stolen from the genuine company's website.

Remember You will never be sent any new passwords in an attachment.

Be aware that the Bredolab Trojan is also distributed via emails that include fake shipping confirmation messages and messages supposedly confirming the order of goods bought online.


Return to Scam Alerts