Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share












Issue 30 - Hoax-Slayer Newsletter

Issue 30: 6th July, 2004

This week in Hoax-Slayer:
Nine-Zero-Hash Phone Scam Hoax

An increased rate of submissions suggests that the Nine-Zero-Hash Phone Scam hoax is currently out for another run.

There have been a number of versions of this hoax.

These emails warn recipients that they may receive a call from a fraudster posing as a phone technician who will advise them to key in "Nine-Zero-Hash" or a similar sequence of numbers. According to the email, once you key in these numbers or similar, the fraudster has immediate access to your phone and can use it for making calls that will be billed to your account.

In late 2003, an Australian version of the hoax claimed to be a "police warning" and used the name and contact number of a real Victorian Police Officer. Although the officer did not send the email, he was inundated with calls and emails about the hoax. This version is again circulating in Australia. Australian telecommunications giant, Telstra, denounced the email as a hoax. An earlier US version claimed the supposed scam calls were coming from prisons. Yet another version of the hoax targets mobile phone users.

In rare cases, the information in the email can be true. Some business telephone switching equipment that has been configured in a certain way may be vulnerable to the scam. If a particular type of PABX phone system requires users to dial "9" to get an outside line then it is theoretically possible for a scammer to take control of the line. However, since the information is false for the vast majority of home phone users, and certainly for mobile phone users, the email can be dismissed as a pointless hoax and should not be forwarded.



References:
http://homepages.tesco.net/~J.deBoynePollard/FGA/please-do-not-perpetuate-the-9-0-hash-hoax.html
http://www.di-ve.com/dive/portal/portal.jhtml?id=120627
http://www.theage.com.au/articles/2003/06/30/1056825335277.html

Australian Version:
FYI - Phone Scamm

This has been confirmed by Telstra: DO NOT push 90# on your home phone. Got a call last night from an individual identifying himself as an AT&T Service technician who was conducting a test on our telephone lines. He stated that to complete the test I should touch nine (9), zero(0), hash (#) and then hang up. Luckily, I was suspicious and refused. Upon contacting the telephone company, I was informed that by pushing 90#, you give the requesting individual full access to your telephone line, which allows them to place long distance telephone calls billed to your home phone number. I was further informed that this scam has been originating from many of the local ails/prisons. DO NOT press 90# for ANYONE. PLEASE pass this on to your friends. If you have mailing lists and/or newsletters from organisations you are connected with, I encourage you to pass this on.

[DETECTIVE'S NAME REMOVED]
Detective Sergeant
Major Fraud Investigation Division
[NUMBER REMOVED]


Mobile phone version:
If you receive a phone call on your mobile from any person, saying that, he or she is a company engineer, or telling that they're checking your mobile line, and you have to press # 90 or #09 or any other number. End this call immediately without pressing any numbers. There is a fraud company using a device that once you press #90 or #09 they can access your "SIM" card and make calls at your expense


One US Version:
I received a telephone call last evening from an individual identifying himself as an ATandT Service technician who was conducting a test on telephone lines. He stated that to complete the test I should touch nine(9), zero(0), the pound sign (#), and then hang up. Luckily, I was suspicious and refused.

Upon contacting the telephone company, I was informed that by pushing 90#, you give the requesting individual full access to your telephone line, which enables them to place long distance calls billed to your home phone number.

I was further informed that this scam has been originating from many local jails/prisons. I have also verified this information with UCB Telecom,Pacific Bell, MCI, Bell Atlantic and GTE. Please beware.

DO NOT press 90# for ANYONE.

The GTE Security Department requested that I share this information with EVERYONE I KNOW.

PLEASE pass this on to everyone YOU know.

If you have mailing lists and/or newsletters from organizations you are connected with, I encourage you to pass on this information to them.

After checking with Verizon they said it was true, so do not dial (9),zero(0), the pound sign # and hang up for anyone.



Discuss This Story

[TOP]



Internet Explorer Security Update

Some vulnerabilities that have been identified in Internet Explorer could allow rogue websites or HTML email messages to install Trojan software on your computer without your knowledge. Once installed, this malicious software could carry out clandestine procedures on the infected computer such as collecting sensitive personal information and sending it to the author of the trojan.

Threats that have used these vulnerabilities recently include, JS.Scob.Trojan, JS.Toofeer, Download.Ject and others.

Microsoft has released a security update that significantly reduces the risk imposed by these vulnerabilities. Microsoft Windows users should visit Windows Update to retrieve and install this security patch as soon as possible.

For more information and links see:
http://www.us-cert.gov/cas/alerts/SA04-184A.html

For more information about using Windows Update see:
http://www.hoax-slayer.com/windows-update.html

Discuss This Story

[TOP]



Update on Glade PlugIns Hoax

As you may recall, a couple of issues ago I discussed a current email forward that warns that Glade PlugIns air fresheners are a fire hazard.

A representative of SC Johnson, the company that produces Glade PlugIns, contacted me this week with regard to this hoax email. The company is attempting to debunk the claims made in the email and has released the following statement. In my opinion, the statement clearly refutes the claims made in the email and should alleviate any concerns held by users of the product.

Company Response to Internet Rumor on Glade PlugIns®

SC Johnson recently learned that there have been postings on the Internet that have claimed that our products were involved in fires. It is important that you know that all of our PlugIns® products are safe and will not cause fires. We know this because PlugIns® products have been sold for more than 15 years and hundreds of millions of the products are being used safely. Because we are committed to selling safe products, SC Johnson thoroughly investigated these rumors. First, we confirmed that no one had contacted SC Johnson to tell us about these fires or to ask us to investigate them. Additionally, we had a leading fire investigation expert call the fire department representative who is identified in one of the Internet postings. That fireman indicated that he has no evidence that our products had caused any fire.

We suspect this rumor may be associated with a past SC Johnson voluntary recall of one of its air freshener products, a Glade® Extra Outlet Scented Oil product that was sold for a short period before June 1, 2002. After discovering an assembly error in a small number of that product, SC Johnson implemented a voluntary recall and provided extensive information about the product to the U.S. Consumer Safety Commission (CPSC). After revising the manufacturing process and thorough testing for proper assembly, the Glade® PlugIns® Scented Oil Extra Outlet product returned to store shelves on June 3, 2002. SC Johnson has no knowledge of any credible reports of fire related to this product. We also know that our products do not cause fires because all of our PlugIns® products have been thoroughly tested by Underwriters Laboratories and other independent laboratories and our products meet or exceed safety requirements. SC Johnson continues to work closely with the Consumer Product Safety Commission to investigate allegations involving PlugIns® products.

As a more than 100-year-old, family-owned company, SC Johnson is committed to providing top quality products that can be used safely in homes and we want to reassure you that PlugIns® products can be used with complete confidence.


Discuss This Story

[TOP]



Virus Report: Weekly Virus Wrap-Up

The list below represents some of the most significant new virus threats identified by Symantec Security Response over the last few days.

Another variant of the Beagle worm, W32.Beagle.Y@mm is currently circulating. This worm searches files on the infected computer for email addresses and sends itself using its own SMTP engine. The worm uses email spoofing.

W32.Lovgate.X@mm is a Lovgate variant that searches the infected computer for email addresses and sends itself to them. This worm uses spoofing, which means that an infected email may not have come from the address identified as the sender.

Another variant, W32.Lovgate.Y@mm can spread via network shares as well as the method noted above. It can allow an intruder to access the infected computer.

Yet another variant of the Korgo worm is spreading. W32.Korgo.W can exploit the Windows LSASS Buffer Overrun Vulnerability on unpatched windows systems. This version can also try to download a file from a website. Windows users should ensure that their computers have the latest security patches installed by visiting Windows Update.

Discuss This Story

[TOP]



First Name Chain Letter

Below is yet another pointless, bandwidth wasting chain letter. It simply asks you to add your first name to the email before passing it on. It claims to be a "survey" started by a teacher, but this is doubtful. The message does not specify a central email address where lists of names can be sent, so how would the alleged teacher receive and compile the results? The message contains no information that allows a recipient to check the legitimacy of the project, not even the name and location of the school where the teacher works. Also, the claim that the alleged instigator of the survey is a teacher is rather meaningless given that it appears to be a private project just for the teacher's daughter.

From time to time, a new version of this chain letter pops up and gets forwarded by thousands upon thousands of well meaning recipients around the planet. It should be noted that some of these have been legitimate, if misguided, class projects initiated by real schools. However, these projects can very quickly get out of control as the account listed in the message gets swamped by hundreds or even thousands of return emails per day. Also, the emails often mutate and continue to circulate long after the project has been terminated.

Emails like this one are prime candidates for a one-way trip to binary oblivion. It would be better if the instruction in the opening paragraph read "DON'T ASK - JUST DELETE!".

One of our teachers is doing this survey for her daughter. DON'T ASK - JUST PLAY!

Copy and paste this letter into a new email (PLEASE do NOT hit Forward). Then read the list of names. If your name is on the list, put a star * next to it. If not, then add your name (in alphabetical order, put no star). Send it to ten people and send it back to the person who sent it to you. Put your name in the subject box! You'll see what happens to you...... its kind of cool! Please keep this going.

Don't mess it up!

Aaron*
Abigail
Adam****
Adria
Adrienne
Alanna*
Ann
Andrew***
Alex ***
Alexis*
(many more removed.)


Discuss This Story

[TOP]



Tip of the Week: Distributed Computing Projects

For quite some time now I've been running distributed computing projects on my computer. Distributed computing allows you to use the processing power of your computer to analyse data in a variety of areas, such as medical, scientific or biological research. To participate in a distributed computing project you simply download a small program that acts as the screensaver on your computer. Because it runs as a screen saver, the program won't interfere with your normal computing tasks. That is, the software will only analyse data when you are not using your computer.

These screensavers may not be as pretty as some, but I get a kick out of knowing that my computer is busily crunching numbers in the interests of Science when I'm not using it.

When the computer has finished analysing a data unit, the software will tell you that it needs to upload the data. After the upload is completed, it will automatically download another data unit.

Currently, I'm participating in the Lifemapper project, which is assembling "a powerful, predictive electronic atlas of Earth's biological diversity". Another favourite is SETI@home, which examines data from radio telescopes in the ongoing search for extraterrestrial life.

To find out more about distributed computing and choose from other active projects see:
http://www.aspenleaf.com/distributed/index.html

Discuss This Story

[TOP]

Feedback from Readers and Site Visitors

If you receive a hoax or scam email, I would appreciate it if you would send me a copy.

A number of submissions this week involved the nine-zero-hash hoax discussed above.

I've also received a variety of phisher scam emails both direct from the scammers and as submitted examples. The scam emails mostly target Citibank. One example is included below:

This email was sent by the Citibank server to verify your E-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank Debit Cardnumber and PIN that you use on ATM.

This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it.

To verify your E-mail address and access your bank account, click on the link below:

[LINK REMOVED]

---------------------------------------
Thank you for being our customer
---------------------------------------


Another hoax that has been the subject of several enquiries this week is the Spider Under Florida Toilet Seat Hoax. This hoax is such a juicy little tale, that I guess it keeps getting trundled out for another run.

Popular pages on the Hoax-Slayer site this week include:

Email Lottery Scams - International Lottery Scam Information
Share Your Experiences.com Scam
Glade PlugIns Fire Hazard Hoax
Camel Spiders in Iraq Hoax Email

Thank you very much for all your submissions!

Discuss This Story

[TOP]


The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments