Issue 16 - Hoax-Slayer Newsletter
Issue 16: March 23rd, 2004
This week in Hoax-Slayer:
Phisher Scam targets ABA
The American Bankers Association has joined a long list of
financial entities around the world that have been targeted by
phisher scammers. The ABA has placed a warning
about the new
scam on their website. Internet users have reported receiving
an email purporting to be from the ABA that tries to trick
recipients into providing personal and financial information.
The fraudulent email contains an embedded "Credit Card
Verification Form" that requests users to enter information
directly. It is highly unlikely that the ABA, or any other
legitimate financial institution, would send messages that
requests sensitive personal information via email.
If you have received a suspect email that claims to be from the
ABA, you can forward the message to firstname.lastname@example.org.
Read the alert
from the ABA.
A sample of one of the scam emails, minus the "Credit Card
Verification Form", is reproduced below:
From: American Bankers Association [email@example.com]
Sent: Friday, March 19, 2004
Subject: Please Read! Imporant Information About Your Credit
Card And Its Issuing Bank!
You have been identified as a customer of one of ABA's
( American Bankers Association ) member banks. The American
Bankers Association would like to inform You about the adoption
of a decision of a new Security Policy. The new policy entered
into force on 1st March 2004. Due to the extensive number of
credit card frauds, ABA has decided to take preventice
countermeasures in order to ensure the highest level of security
and safety for the customers of its member banks....
ABA Customer Service Staff
New Worm attacks Security Software
This week saw the emergence of a new Internet worm that explicitly
targets flawed computer security software. The worm, named
W32.Witty.Worm after a reference in the worm's code, exploits a
vulnerability in ICQ parsing in certain products supplied by
Internet Security Systems Inc. The worm can spread itself via
IP addresses using UDP source port 4000 and a random destination
port and has a destructive payload that can overwrite random
sectors of hard drives on the infected computer.
The products affected by this worm are listed below:
- BlackICE Agent for Server 3.6 ebz, ecd, ece, ecf
- BlackICE PC Protection 3.6 cbz, ccd, ccf
- BlackICE Server Protection 3.6 cbz, ccd, ccf
- RealSecure Network 7.0, XPU 22.4 and 22.10
- RealSecure Server Sensor 7.0 XPU 22.4 and 22.10
- RealSecure Desktop 7.0 ebf, ebj, ebk, ebl
- RealSecure Desktop 3.6 ebz, ecd, ece, ecf
- RealSecure Guard 3.6 ebz, ecd, ece, ecf
- RealSecure Sentry 3.6 ebz, ecd, ece, ecf
If you use one of these products on your computer, you are
strongly advised to ensure that the relevant patches
the product have been applied.
More information about the worm is available from the following
Cruel Hoax Upsets Harry Potter Fan
A fourteen-year-old Chilean teenager has become the victim of an
Internet hoaxster. The girl had been corresponding via email with
someone who claimed to be Daniel Radcliffe, the actor who plays
Harry Potter in the hit movies. The teenager was thrilled when
"Daniel Radcliffe" invited her to visit him at home in London.
However, when the girl and her mother flew to London for the
proposed rendezvous, they discovered that it was all just a hoax.
Apparently the real Daniel has a policy of never communicating
with fans via email and the Internet for both his safety and
Although the girl is naturally upset and embarrassed by the
callous prank she is perhaps luckier than some. Paedophiles
have used similar tactics in the past in order to trick
children into meeting them.
Breast Cancer Donations from M&M's
Although the email below sounds like a hoax - it even has a request to pass the email on, which is a classic sign of an email hoax - the information it contains is true. A percentage of proceeds from special pink and white M&M bags have indeed been donated to the Susan G. Komen Breast Cancer Foundation
It is, in fact, quite rare that one of these "pass it on" emails contains truthful information, but this is one of the inevitable exceptions to the rule.
However, the fund rasing effort described is not an ongoing one. Masterfoods ran the fundraiser back in 2003 and, more recently, in late 2004 and early 2005. The recent campaign coincided with National Breast Cancer Awareness Month in October 2004. According to information on
the Susan G. Komen website, the special pink and white M&M packets were available at local retailers during September, October and November 2004. Even if the pink and white M&M's are still available, the company has specified a maximum donation amount of $650,000, so the 50-cent per bag donation will stop when this limit is reached.
Therefore, although the information in the email is basically factual, it will not remain so indefinitely. Unfortunately, the email does not contain any date information, so many people will continue to forward the message in the mistaken belief that the fund rasing campaign is still running. In fact, the message has continued to circulate since the first campaign started in 2003 although for much of that time no such campaign was in operation. Before forwarding such messages it would be wise to verify that the promotion described is still current by seeking information on the M&M's homepage
After the pink and white M&M's are no longer available in retail outlets, the special packets may still be available via the M&M's online store
New M&M colors
Pass this on to all of your friends. There are many women out there
who have breast cancer. Lets do all we can to support this cause.
New Pink White M&M's.
The makers of M&M candies has teamed up with the Susan G. Komen
Breast Cancer Foundation to raise funds through the sale of their
new " pink & white " M&M candies. For each 8-ounce bag of the
special candies sold, the makers of M&M(Masterfoods) will donate
50 cents to the foundation. The next time you want a treat, please
pick up a bag (now sold in stores nationwide) - you will be
donating to a great cause and satisfying your sweet tooth.
Please pass on to all your family and friends. -- Thank you.
W32.Netsky.P@mm Worm Still Spreading
W32.Netsky.P@mm is another variant of Netsky that scans the hard
drives and mapped drives of the infected computer for email
addresses and sends itself to them using its own SMTP engine.
It can also spread through file sharing programs. The worm is
also known as W32.Netsky.Q@mm. Symantec has given this worm a
Catagory of 3 out of 5.
The email carrying the worm has the following characteristics:
Email Subject Line:
Below are some subject lines that might be used by the worm.
Re: Encrypted Mail
Re: Extended Mail
Re: SMTP Server
Re: Mail Server
Re: Delivery Server
Re: Bad Request
Re: Thank you for delivery
Re: Message Error
Re: Extended Mail System
Re: Secure SMTP Message
Re: Protected Mail Request
Re: Protected Mail System
Re: Protected Mail Delivery
Re: Secure delivery
Re: Delivery Protection
Re: Mail Authentification
Below are some of the messages that might be used by the worm.
Please see the attached file for details
Please read the attached file!
Your document is attached.
Please read the document.
Your file is attached.
Your document is attached.
Please confirm the document.
Please read the important document.
See the file.
Your document is attached to this mail.
I have attached your document.
I have received your document. The corrected document is attached.
Access more information.
Bill Gates is NOT sharing his fortune
I've written about this hoax before, but it fascinates me that it
is still circulating in spite of very thorough debunking on sites
across the length and breadth of the Internet. If there was an
Academy Award for "most widespread and enduring email hoax", then
the Money from Microsoft hoax would certainly be one of the
I think people forward this email onward, just on the off chance
that it just might
be true. You know, best hit the "forward"
button,"just in case". It really is about time that this tired
old hoax was laid to rest....preferably in the "Deleted Items"
Here something that you might want to read it was on the news .
Subject: FW: PLEEEEEASE READ!!!! It was on the news!
Something to share with all of u. Would u believe if this is true?
Readon..... For those who need money badly and this is one
opportunity to try it! I'm an attorney, and I know the law. This
thing is for real. Rest assured AOL and Intel will follow through
with their promises for fear of facing a multimillion-dollar class
action suit similar to the one filed by PepsiCo against General
Electric not too long ago.
Please do not take this for a junk letter. Bill Gates is sharing
his fortune. If you ignore this you will repent later.
Microsoft and AOL are now the largest Internet companies and in
an effort to make sure that Internet Explorer remains the most
widely used program, Microsoft and AOL are running an e-mail beta
test. When you forward this e-mail to friends, Microsoft can and
will track it (if you are a Microsoft Windows user) for a two week
time period. For every person that you forward this e-mail to,
Microsoft will pay you $245.00, for every person that you sent it
to that forwards it on, Microsoft will pay you $243.00 and for every
third person that receives it, you will be paid $241.00. Within two
weeks, Microsoft will contact you for your address and then send you
Charles S. Bailey
General Manager Field Operations
[CONTACT INFORMATION REMOVED]
I thought this was a scam myself, but two weeks after receiving this
e-mail and forwarding it on, Microsoft contacted me for my address
and within days, I received a cheque for US$24,800.00. You need to
respond before the beta testing is over. If anyone can afford this
Bill Gates is the man. It's all marketing expense to him. Please
forward this to as many people as possible. You are bound to get at
least US$10,000.00. We're not going to help them out with their
e-mail beta test without getting a little something for our time.
My brother's girlfriend got in on this a few months ago. When I
went to visit him for the Baylor/UT game. She showed me her check.
It was for the sum of $4,324.44 and was stamped "Paid In Full".
Like I said before, I know the law, and this is for real Intel and
AOL are now discussing a merger which would make them the largest
Internet company and in an effort make sure that AOL remains the
most widely used program, Intel and AOL are running an e-mail beta
Humour: Thanks for the Chain Letters
This one was sent to one of my Yahoo groups:
To my friends, thanks for sending me chain letters in 2003:
- I stopped drinking Coca Cola after I found out that it's good
for removing toilet stains.
- I stopped going to the movies for fear of sitting on a needle
infected with AIDS.
- I smell like a dog since I stopped using deodorants because
- I don't leave my car in the parking lot or any other place and
sometimes I even have to walk about 7 blocks for fear that
someone will drug me with a perfume sample and try to rob me.
- I also stopped answering the phone for fear that they ask me
to dial a stupid number and then I get a phone bill from hell
with calls to Uganda, Singapore, Dominican Republic and Tokyo.
- I also stopped eating chicken and hamburgers because they are
nothing other than horrible mutant freaks with no eyes or
feathers that are bred in a lab so that places like McDonalds
can sell their Big Macs.
- I also stopped drinking anything out of a can for fear that I
will get sick from the dried rat feces and urine.
- When I go to parties, I'm always worried that some guy
will take my kidneys and leave me taking a nap in a bathtub full of
- I also donated all my savings to the Amy Bruce account. A sick
girl that was about to die in the hospital about 7,000 times.
Funny that girl, she's been 7 since 1993...
- I went bankrupt from bounced checks that I wrote whilte
expecting the thousands of dollars that Microsoft and AOL were
supposed to send me when I participated in their special e-mail
- My Ericcson phone never arrived and neither did the passes for
a paid vacation to Disneyland.
- But I am positive that all this is the cause of a stinking
chain that I broke or forgot to follow through on and I got a
curse from hell.
IMPORTANT NOTE: If you send this
e-mail to at least 1200 people in the
next 10 seconds, a bird will crap on you today at 5pm.
The Hoax_Slayer Newsletter is published by:
All Rights Reserved
©Brett M. Christensen, 2009
Questions or Comments