Issue 17 - Hoax-Slayer Newsletter
Issue 17: April 2nd, 2004
This week in Hoax-Slayer:
Safe Internet Banking
I've been doing my banking on the Internet for quite some time
now, and I've never had any sort of problem so far. I find it
saves me a great deal of time and inconvenience. Unfortunately,
the steadily increasing rate of Internet scams has made a lot
of people understandably wary of running their finances online.
And in fact it is not uncommon for Internet Banking users to
lose money to scammers. However, in the great majority of cases,
the success of these scams is a result of the naivety of the user
and / or poor knowledge and implementation of computer security.
Of course, no one can categorically guarantee Internet Banking
is completely safe, and Internet Banking users must accept that
there is a certain element of risk. Having said that, in my
opinion, those who follow a basic set of security practices can
significantly reduce this element of risk.
I have outlined some basic security practices below:
- First and foremost, check the legitimacy of the financial
institution itself. Before signing up for Internet Banking
security practices and any insurance issues that may apply.
Personally, I'm most comfortable if the bank is a well-known
and well-established entity that offers old-fashioned bricks
and mortar banking as well as the online equivalent. I'd tend
to be wary of completely online banks that trade from overseas.
- You need to be careful to protect your account number and
password. Never use any sort of password manager for sensitive
information such as Internet banking passwords or account
numbers. In other words, always enter the password and account
number manually rather than have a program "remember" it. When
you create a password, make sure that it is one that is hard for
people to guess. For example, don't use your name or the name
of a family member. The best passwords are a combination of
letters and numbers, for example "bluepalm32". When I'm picking
a password, I usually just look out the window and free-associate
a couple of items and then add a random number. Change your
password regularly just in case it has inadvertently fallen into
the wrong hands. As well, don't ever send information such as
passwords via email, because you never know where or with whom
an email will end up. If you need to write down log-in information
to aid memory, don't write the account number and password on the
same document. And try to disguise the password so that it is not
easily recognised. For example, amalgamate your password into a
sentence. Don't store an unsecured copy of your account number
and password combination on your computer. If you do need to
store it on your computer, use software that strongly encrypts
- When you visit your Internet Banking website, always check
that it is a secure site. You will know this because your browser
will indicate that it is a secure site by displaying a small icon
that depicts a padlock in the "locked" position. In Internet
Explorer, this icon will be on the status bar at the bottom right
of your browser. You can click on this lock icon to get more
information about the security of the site.
- One issue to watch out for with regard to Internet Banking is
so called "phisher" scams. These scams are designed to trick
people into visiting a fake site that looks like a real banking
site and providing sensitive information such as passwords.
Follow the link below to find out more about phisher scams:
- Make sure you "log out" when you have finished your
Internet Banking session by clicking the appropriate button or
link. Logging out allows your session to be terminated correctly
so that someone can't sneak in to your unterminated session and
access your accounts.
- Maintaining a virus, Trojan and spyware free system will
significantly increase your Internet security and make
Internet Banking a lot safer. Good quality sites and software
that can protect your computer from virus infection and spyware
is freely available on the Internet. In future issues, I will
discuss the pros and cons of some of this software and explain
where to get it.
- Make sure you stay informed about potential Internet Banking
security issues. The above points are an overview of the issue,
but there are plenty of sites that offer detailed security
information. A couple to start off with:
Phisher Scam hits Loyds TSB
UK financial institution, Loyds TSB is the latest target of
phisher scammers. Customers of the bank have reported receiving
fraudulent emails that request recipients to provide sensitive
banking information. The email falsely claims that a new security
system is being implemented. In an attempt to make the email
seem authentic, the scammers have included the bank's black
A link in the scam email opens a screen that asks for the
customer's banking User ID, Password and other information.
Like other genuine financial entities, Loyds TSB would never
request this sort of information from customers via email.
The fake emails are not being sent specifically to Loyds TSB
customers. Instead they are randomly sent to thousands of
Internet users and count on the probability that some of the
recipients will be Loyds TSB customers. This is the usual
method used by phisher scammers.
Loyds TSB has information
about the scam email on its website.
Perfume Hoax Emails
This old hoax has been in circulation for quite some time.
Someone has been kind enough to create an Australian version
(included below) of the hoax especially for those of us who
reside down under. Very similar hoax emails that use US place
names have been hitting inboxes since at least 2000.
In 1999, a woman claimed to have been assaulted and robbed by
assailants who use a debilitating substance disguised as perfume.
The story soon made its way to the Internet and spread rapidly as
a "warning", even though there were no reported cases of such
attacks happening again. In fact, even the original story may
have been untrue.
Another version of the hoax claims that people have actually
died from sniffing perfume samples that were mailed to them.
In these emails, terrorism rather than robbery is the suggested
motive. An example of this version is also included below. No
such deaths have ever been reported and the claim that
governments are covering up the story is very hard to believe.
Robbery Perfume Hoax:
Subject: Safety message - Ether - This is real and very important!
This may not be happening in Darwin, you might not take it
seriously but I've passed it on, you now all know about it. For
your personal safety - Take this seriously, I (Simon) know someone
who was approached last week after taking $500 out of an ATM by some
guy who asked what perfume she was wearing. They asked her if she
wanted to buy some Cheap imitation and to have a smell (she declined).
These guys hit Sydney and Melbourne 6 weeks ago and now they are
doing it here in Perth. I received this email and thought you may want
to advise your partners, daughters and friends this experience also
happened to one of my son's friends in a Rundle Street Car
Park recently......fortunately, she had heard about it before & didn't
fall for it. I was approached yesterday afternoon around 3.30pm in the
Coles parking lot at Surry Hills by two males, asking what kind of
perfume I was wearing. Then they asked if I'd like to sample some
fabulous scent they were willing to sell me at a very reasonable rate.
I probably would have agreed had I not received an email some weeks
ago, warning of a 'Wanna smell this neat perfume?' scam. The men
continued to stand between parked cars, I guess to wait for someone
else to hit on. I stopped a lady going towards them, I pointed at them,
and told her about how I was sent an email at work about someone walking
up to you at the malls, in parking lots, and asking you to
sniff perfume that they are selling at a cheap price. THIS IS NOT
PERFUME - IT IS ETHER! When you sniff it, you'll pass out and they'll
take your wallet, your valuables, and heaven knows what else. If it
were not for this email, I probably would have sniffed the "perfume",
but thanks to the generosity of an emailing friend, I was spared
whatever might have happened to me, and wanted to do the same for you.
IF YOU ARE A MAN AND RECEIVE THIS PASS IT ON TO ALL THE WOMEN YOU
KNOW!!! Ladies this happened to me yesterday and I didn't smell the
Terrorist Perfume Hoax:
SEVEN WOMEN HAVE DIED AFTER INHALING A FREE PERFUME SAMPLE THAT WAS
MAILED TO THEM. THE PRODUCT WAS POISONOUS. IF YOU RECEIVE FREE SAMPLES
IN THE MAIL SUCH AS LOTIONS, PERFUMES, DIAPERS, ETC. - THROW THEM
THE GOVERNMENT IS AFRAID THAT THIS MIGHT BE ANOTHER TERRORIST ACT. T
HEY WILL NOT ANNOUNCE IT ON THE NEWS BECAUSE THEY DO NOT WANT TO
CREATE PANIC OR GIVE THE TERRORISTS NEW IDEAS.
SEND THIS TO ALL YOUR FAMILY AND FRIENDS.
Watch out for W32.Netsky.Q@mm
Over the last few weeks there have been so many variants of the
Nestky worm and others that the people responsible for naming
viruses are soon going to run out of alphabet!
One to especially watch out for at the present time is
W32.Netsky.Q@mm. Symantec has given this worm a rating of three
out of five. The worm uses its own SMTP engine to send itself to
email addresses it locates by scanning the drives of the infected
computer. A security vulnerability on certain unpatched systems
means that a computer can become infected even if the user simply
reads or previews the message.
The "from" line of the email carrying the worm is spoofed and the
subject, body and attachment names vary. The attachment will
have the extensions exe, .pif, .scr, or .zip.
Read more about this worm.
Google Web email? No Hoax!
Search Engine giant, Google, is perhaps regretting the timing of
a press release regarding a new web mail service. Because of the
slightly flippant tone of the press release, the promise of a
massive 1 gigabyte email account for free and the April 1st
release date, the Internet was soon buzzing with the rumour that
the story was an elaborate April Fools Day hoax.
However, according to subsequent news reports, this is no hoax
and Google really is planning such a service to be called "Gmail".
Google has a lot of information on their website about Gmail,
including a list of frequently asked questions. A web mail
service that offers such a large amount of space coupled with
Google's outstanding professionalism and innovative approach
is sure to be a winner. Gmail will allow users to store up to
the equivalent of 500,000 pages of email, which is pretty
amazing when compared with the paltry size limits of other
webmail services such as Hotmail.
Read the press release
Read a news article
Humour: Light Bulbs and Mailing Lists
Those of you who are members of discussion lists like Yahoo
Groups will know that the following is not that far from the truth
at times (grin).
Mailing list users changing light bulbs
Q: How many internet mail list subscribers does it take to change
a light bulb?
A: Exactly five hundred.
1 to change the light bulb and to post to the mail list that the
light bulb has been changed.
7 to share similar experiences of changing light bulbs and how
the light bulb could have been changed differently or to caution
about the dangers of changing light bulbs.
17 to point out spelling/grammar errors in posts about changing
21 to flame the spell checkers.
49 to write to the list administrator complaining about the
light bulb discussion and its inappropriateness to this mail
20 to correct spelling in the spelling/grammar flames.
32 to post that this list is not about light bulbs and to please
take this email exchange to alt.lite.bulb.
69 to demand that cross posting to alt.grammar, alt.spelling
and alt.punctuation about changing light bulbs be stopped.
41 to defend the posting to this list saying that we all use
light bulbs and therefore the posts are relevant to this mail
106 to debate which method of changing light bulbs is superior,
where to buy the best light bulbs, what brand of light bulbs
work best for this technique, and what brands are faulty.
12 to post URLs where one can see examples of different light
8 to post that the URLs were posted incorrectly, and to post
2 to post about links they found from the URLs that are relevant
to this list which makes light bulbs relevant to this list.
15 to concatenate all posts to date, then quote them including
all headers and footers, and then add pointedly, "Me Too."
6 to post to the list that they are unsubscribing because they
cannot handle the light bulb controversy.
9 to quote the "Me Too's" and happily add, "Me Three!"
3 to suggest that posters request the light bulb FAQ.
1 to propose new alt.change.lite.bulb newsgroup.
24 to say this is just what alt.physic.cold_fusion was meant
for, leave it here.
53 votes for alt.lite.bulb.
The Hoax_Slayer Newsletter is published by:
All Rights Reserved
©Brett M. Christensen, 2009
Questions or Comments