Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 18 - Hoax-Slayer Newsletter

Issue 18: April 9th, 2004

This week in Hoax-Slayer:
Trojan Phisher Scam Targets Major Banks

Customers of major Australian banks have reported receiving emails that claim a substantial amount of money has been withdrawn from their accounts. In order to make the message seem legitimate, the emails arrive in HTML format and generally include a logo stolen from the targeted bank's website. A link included in the email supposedly leads recipients to the bank website to seek "technical assistance". The intention here is to panic gullible recipients into clicking on the link provided in order to gain details regarding the apparent withdrawal. ANZ, National, Commonwealth and Westpac have all been targeted.

At face value, this sounds like a typical phisher scam. However, those who click on the link in the bogus email may inadvertently download a trojan that will automatically be executed on their computer. This trojan is configured to log keystrokes that are entered into specific websites and email the information to the scammers. When a window that contains certain specified title phrases is opened, the key logger begins recording any information that is entered. This information could be passwords, account numbers, and other personal information. The specified title phrases are associated with a number of major financial institutions both in Australia and elsewhere in the world. Thus, even recipients of the scam emails who are not customers of the targeted bank can have sensitive information stolen if the trojan infects their system.

The scammers have manipulated the link in the bogus email so that it resembles a normal text link. However, those who click on the link are first taken to a webpage where the trojan is downloaded before being redirected to the real bank website. This happens quite quickly and users may not even be aware that a download and redirection has taken place.

The example below is directed at ANZ customers, but virtually identical emails target National, Commonwealth and Westpac banks. The amount specified varies.

Subject: Notification on transfer from your ANZ bank account

We are informing you that today, the amount of $719.00 AUD has been drawn out of your account.

Technical assistance of ANZ Bank


More detailed information.


Virus Infection "Warning" Points to Trojan

Another fraudulent email has been hitting inboxes this week. The email points to the same trojan discussed in the bank scam story above but uses a different tactic. The message claims to be a warning that the recipient's computer has been infected by a worm and advises that an update be downloaded via the link provided. As with the bank withdrawal notification emails (see above) the link is cleverly disguised so that those who click on it may have a trojan downloaded to their system before being directed to a legitimate website. The actions taken by the trojan are also identical to those discussed in the story above.

To add a veneer of legitimacy, the scam emails use the name of a real virus, Netsky.b and the links provided point to legitimate anti-virus companies, including McAfee and Panda AntiVirus.

An example of one of the emails is included below:

Subject: Attention! Your computer has been infected!


Your computer has been infected with a virus Netsky.b. In order to avoid losing valuable information we suggest you to urgently download an update from this link:

Technical assistance of Antivirus Company.


The Jamie Bulger Email Petition

In spite of the fact that this petition is hopelessly out of date, it is still circulating. It still regularly crosses my inbox and has been submitted by site visitors several times in the last month or so.

Although the case in question is true, this petition is now way outdated and has degenerated to little more than junk email. The boys who committed this horrendous crime were released in 2001, so the continuation of this petition in 2004 and beyond is simply a waste of time and bandwidth.

In any case, these sort of email petitions are almost completely pointless, as these lists of names rarely get to where they are supposed to nor are they taken in any way seriously by politicians or any one else in authority. Regardless of any intrinsic value that email petitions might possess, in this case, one fact is paramount. Rightly or wrongly, these boys have already been released, and no amount of email signitures is going to change this.

Unfortunately, in spite of the best intentions of the individuals who put their names on this petition, the most useful thing to do with it is to highlight it and press DELETE.

Do you remember February 1993 when a young 3 yr old was taken from a shopping mall in Liverpool by two 10-year-old boys. Jamie Bulger walked away from his mother for only a second and Jon Venables took his hand and led him out of the mall with his friend Robert Thompson. They took Jamie on a walk for over 2 and a half miles, along the way stopping every now and again to torture the poor little boy who was crying constantly for his mommy. Finally they stopped at a railway track where they brutally kicked him, threw stones at him, rubbed paint in his eyes and pushed batteries up his anus. It was actually worse than this... What these two boys did was so horrendous that Jamie's mother was forbidden to identify his body. They then left his beaten small body on the tracks so a train could run him over to hide the mess they had created. These two boys, even being boys, understood what they did was wrong, hence trying to make it look like an accident.

This week Lady Justice Butler-Sloss has awarded the two boys anonymity for the rest of their lives when they leave custody with new identities. We cannot let this happen. They will also leave early this year only serving just over half of their sentence. One paper even stated that Robert may go on to University. They are getting away with their crime. They disgustingly and violently took Jamie's life away - in return they get a new life. Please read it carefully.... then add your name at the end... and send it to everyone you can! Please add your name and location to the list and send it to friends and family. Please copy this e-mail (highlight text, right click, copy and paste into a new email) instead of forwarding so we do not get arrows at the beginning of the sentences. If you are the 220th person to sign, please forward this e-mail to [*email address removed*] and attention it to Lady Justice Butler-Sloss. Then start the list over again and send to your friends and family. The Love-Bug virus took less that 72 hours to reach the world. I hope this one does as well. We need to protect our family and friends from creatures like Robert and Jon. One day they may be living next to you and your small children, without your knowledge. If Robert and Jon could be so evil at 10 years old, imagine what they could do as adults!

[Many names and area addresses removed]


Virus Report

It seems that viruses are becoming more and more complex as time goes by. The emails that carry a typical modern virus tend to have characteristics that vary considerably and use complex combinations of subject lines, messages and attachment names. This can make the provision of a clear and concise write-up on such a virus somewhat problematical in a newsletter format. In view of this, I'm trying a new format for passing on virus information. This format will simply provide a brief overview of the latest and most significant viruses and include a link where readers can access detailed information.

I would be pleased to hear from readers with regard to this. Is this format the way to go? Comments or ideas on this or any other aspect of the newsletter are most welcome.

The list below represents some of the most significant new virus threats identified by Symantec Security Response over the last few days.


Happy Easter - Easter Egg Hunting

Happy Easter to all those who celebrate this holiday!

If you have some spare time over the Easter break, you might like to explore some of the Easter eggs that are hidden within your computer software. An Easter egg, apart from the chocolate variety, is hidden code or functionality within a computer program that can do unexpected and amusing things.

A good site for Easter eggs.

I hope everybody has an enjoyable break.


Top 4 Hoax and Scam Submissions this Week

As the Hoax-Slayer site becomes more well known, more and more site visitors have been good enough to submit examples of hoax or scam emails they have received. If you receive any such emails, I would appreciate it if you would send me a copy.
  1. In number one spot for submissions this week are lottery scams. A number of people have received and submitted examples of these scams. I've been communicating with a site visitor who is pretending to be taken in by one of these lottery emails. So far the scammers have requested a fee of $2600 supposedly to cover delivery costs for the money and have sent photographs of the "winnings" to back up their spurious claims

    I will be updating the Lottery Scam page in the near future in order to provide more in-depth information as well as more examples.

  2. As usual, site visitors have submitted a number of Nigerian scam emails and I have received several to my spam account as well.

  3. The Teddy Bear virus hoax comes in at number 3 this week.

  4. Coming in at number four is the long-lived and widespread Money from Microsoft hoax


Humour: Microsoft Janitor

A new take on an old joke:

An unemployed man goes to apply for a job with Microsoft as a janitor.

The manager there arranges for him to take an aptitude test (Section: floors, sweeping and cleaning). After the test, the manager says, "You will be employed at minimum wage, $5.15 an hour. Let me have your e-mail address, so that I can send you a form to complete and tell you where to report for work on your first day."

Taken aback, the man protests that he has neither a computer nor an e-mail address.

To this the MS manager replies, "Well, then, that means that you virtually don't exist and can therefore hardly expect to be employed."

Stunned, the man leaves. Not knowing where to turn and having only $10 in his wallet, he decides to buy a 25-pound flat of tomatoes at the supermarket. Within less than two hours, he sells all the tomatoes individually at 100 percent profit. Repeating the process several times more that day, he ends up with almost $100 before going to sleep that night.

And thus it dawns on him that he could quite easily make a living selling tomatoes. Getting up early every day and going to bed late, he multiplies his profits quickly. After a short time he acquires a cart to transport several dozen boxes of tomatoes, only to have to trade it in again so that he can buy a pickup truck to support his expanding business. By the end of the second year, he is the owner of a fleet of pickup trucks and manages a staff of 100 formerly unemployed people, all selling tomatoes.

Planning for the future of his wife and children, he decides to buy some life insurance. Consulting with an insurance adviser, he picks an insurance plan to fit his new circumstances. At the end of the telephone conversation, the adviser asks him for his e-mail address in order to send the final documents electronically.

When the man replies that he has no e-mail, the adviser is stunned, "What, you don't have e-mail? How on earth have you managed to amass such wealth without the Internet, e-mail and e-commerce? Just imagine where you would be now, if you had been connected to the Internet from the very start!"

After a moment of thought, the tomato millionaire replied, "Why, of course! I would be a floor cleaner at Microsoft!"

Moral of this story:

1. The Internet, e-mail and e-commerce do not need to rule your life.

2. If you don't have e-mail, but work hard, you can still become a millionaire.

3. Seeing that you got this story via e-mail, you're probably closer to becoming a janitor than you are to becoming a millionaire.

4. If you do have a computer and e-mail, you have already been taken to the cleaners by Microsoft.


The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2009
Questions or Comments