Issue 30 - Hoax-Slayer Newsletter
Issue 30: 6th July, 2004
This week in Hoax-Slayer:
Nine-Zero-Hash Phone Scam Hoax
An increased rate of submissions suggests that the Nine-Zero-Hash
Phone Scam hoax is currently out for another run.
There have been a number of versions of this hoax.
These emails warn recipients that they may receive a call from a
fraudster posing as a phone technician who will advise them to key
in "Nine-Zero-Hash" or a similar sequence of numbers. According to
the email, once you key in these numbers or similar, the fraudster
has immediate access to your phone and can use it for making calls
that will be billed to your account.
In late 2003, an Australian version of the hoax claimed to be a
"police warning" and used the name and contact number of a real
Victorian Police Officer. Although the officer did not send the
email, he was inundated with calls and emails about the hoax.
This version is again circulating in Australia. Australian
telecommunications giant, Telstra, denounced the email as a hoax.
An earlier US version claimed the supposed scam calls were coming
from prisons. Yet another version of the hoax targets mobile
In rare cases, the information in the email can be true. Some
business telephone switching equipment that has been configured in
a certain way may be vulnerable to the scam. If a particular type
of PABX phone system requires users to dial "9" to get an outside
line then it is theoretically possible for a scammer to take
control of the line. However, since the information is false for
the vast majority of home phone users, and certainly for mobile
phone users, the email can be dismissed as a pointless hoax and
should not be forwarded.
FYI - Phone Scamm
This has been confirmed by Telstra: DO NOT push 90# on your home phone.
Got a call last night from an individual identifying himself as an AT&T
Service technician who was conducting a test on our telephone lines. He
stated that to complete the test I should touch nine (9), zero(0), hash
(#) and then hang up. Luckily, I was suspicious and refused. Upon
contacting the telephone company, I was informed that by pushing 90#, you
give the requesting individual full access to your telephone line, which
allows them to place long distance telephone calls billed to your home
phone number. I was further informed that this scam has been originating
from many of the local ails/prisons. DO NOT press 90# for ANYONE. PLEASE
pass this on to your friends. If you have mailing lists and/or newsletters
from organisations you are connected with, I encourage you to pass this
[DETECTIVE'S NAME REMOVED]
Major Fraud Investigation Division
Mobile phone version:
If you receive a phone call on your mobile from any person, saying that, he or she is a company engineer, or telling that they're checking your mobile line, and you have to press # 90 or #09 or any other number. End this call immediately without pressing any numbers. There is a fraud company using a device that once you press #90 or #09 they can access your "SIM" card and make calls at your expense
One US Version:
I received a telephone call last evening from an individual identifying himself as an ATandT Service technician who was conducting a test on telephone lines. He stated that to complete the test I should touch nine(9), zero(0), the pound sign (#), and then hang up. Luckily, I was suspicious and refused.
Discuss This Story
Upon contacting the telephone company, I was informed that by pushing 90#, you give the requesting individual full access to your telephone line, which enables them to place long distance calls billed to your home phone number.
I was further informed that this scam has been originating from many local jails/prisons. I have also verified this information with UCB Telecom,Pacific Bell, MCI, Bell Atlantic and GTE. Please beware.
DO NOT press 90# for ANYONE.
The GTE Security Department requested that I share this information
with EVERYONE I KNOW.
PLEASE pass this on to everyone YOU know.
If you have mailing lists and/or newsletters from organizations you
are connected with, I encourage you to pass on this information to
After checking with Verizon they said it was true, so do not dial
(9),zero(0), the pound sign # and hang up for anyone.
Internet Explorer Security Update
Some vulnerabilities that have been identified in Internet
Explorer could allow rogue websites or HTML email messages to
install Trojan software on your computer without your knowledge.
Once installed, this malicious software could carry out
clandestine procedures on the infected computer such as
collecting sensitive personal information and sending it to the
author of the trojan.
Threats that have used these vulnerabilities recently include,
JS.Scob.Trojan, JS.Toofeer, Download.Ject and others.
Microsoft has released a security update that significantly
reduces the risk imposed by these vulnerabilities. Microsoft
Windows users should visit Windows Update to retrieve and install
this security patch as soon as possible.
For more information and links see:
For more information about using Windows Update see:
Discuss This Story
Update on Glade PlugIns Hoax
As you may recall, a couple of issues ago I discussed a current email forward
that warns that Glade PlugIns air fresheners are a
A representative of SC Johnson, the company that produces Glade
PlugIns, contacted me this week with regard to this hoax email.
The company is attempting to debunk the claims made in the email
and has released the following statement. In my opinion, the
statement clearly refutes the claims made in the email and
should alleviate any concerns held by users of the product.
Company Response to Internet Rumor on Glade PlugIns®
SC Johnson recently learned that there have been postings on the Internet that have claimed that our products were involved in fires. It is important that you know that all of our PlugIns® products are safe and will not cause fires. We know this because PlugIns® products have been sold for more than 15 years and hundreds of millions of the products are being used safely. Because we are committed to selling safe products, SC Johnson thoroughly investigated these rumors. First, we confirmed that no one had contacted SC Johnson to tell us about these fires or to ask us to investigate them. Additionally, we had a leading fire investigation expert call the fire department representative who is identified in one of the Internet postings. That fireman indicated that he has no evidence that our products had caused any fire.
Discuss This Story
We suspect this rumor may be associated with a past SC Johnson voluntary recall of one of its air freshener products, a Glade® Extra Outlet Scented Oil product that was sold for a short period before June 1, 2002. After discovering an assembly error in a small number of that product, SC Johnson implemented a voluntary recall and provided extensive information about the product to the U.S. Consumer Safety Commission (CPSC). After revising the manufacturing process and thorough testing for proper assembly, the Glade® PlugIns® Scented Oil Extra Outlet product returned to store shelves on June 3, 2002. SC Johnson has no knowledge of any credible reports of fire related to this product. We also know that our products do not cause fires because all of our PlugIns® products have been thoroughly tested by Underwriters Laboratories and other independent laboratories and our products meet or exceed safety requirements. SC Johnson continues to work closely with the Consumer Product Safety Commission to investigate allegations involving PlugIns® products.
As a more than 100-year-old, family-owned company, SC Johnson is committed to providing top quality products that can be used safely in homes and we want to reassure you that PlugIns® products can be used with complete confidence.
Virus Report: Weekly Virus Wrap-Up
The list below represents some of the most significant new virus
threats identified by Symantec Security Response
over the last
Another variant of the Beagle worm, W32.Beagle.Y@mm
circulating. This worm searches files on the infected computer
for email addresses and sends itself using its own SMTP engine.
The worm uses email spoofing.
is a Lovgate variant that searches the infected
computer for email addresses and sends itself to them. This worm
, which means that an infected email may not have come from the address identified as the sender.
Another variant, W32.Lovgate.Y@mm
can spread via network shares
as well as the method noted above. It can allow an intruder to
access the infected computer.
Yet another variant of the Korgo worm is spreading. W32.Korgo.W
can exploit the Windows LSASS Buffer Overrun Vulnerability on
unpatched windows systems. This version can also try to download
a file from a website. Windows users should ensure that their
computers have the latest security patches installed by visiting
Discuss This Story
First Name Chain Letter
Below is yet another pointless, bandwidth wasting chain letter.
It simply asks you to add your first name to the email before
passing it on. It claims to be a "survey" started by a teacher,
but this is doubtful. The message does not specify a central
email address where lists of names can be sent, so how would the
alleged teacher receive and compile the results? The message
contains no information that allows a recipient to check the
legitimacy of the project, not even the name and location of the
school where the teacher works. Also, the claim that the alleged
instigator of the survey is a teacher is rather meaningless given
that it appears to be a private project just for the teacher's
From time to time, a new version of this chain letter pops up
and gets forwarded by thousands upon thousands of well meaning
recipients around the planet. It should be noted that some of
these have been legitimate, if misguided, class projects
initiated by real schools. However, these projects can very
quickly get out of control as the account listed in the message
gets swamped by hundreds or even thousands of return emails per
day. Also, the emails often mutate and continue to circulate
long after the project has been terminated.
Emails like this one are prime candidates for a one-way trip to
binary oblivion. It would be better if the instruction in the
opening paragraph read "DON'T ASK - JUST DELETE!".
One of our teachers is doing this survey for her daughter.
DON'T ASK - JUST PLAY!
Discuss This Story
Copy and paste this letter into a new email (PLEASE do NOT
hit Forward). Then read the list of names. If your name is on
the list, put a star * next to it. If not, then add your name
(in alphabetical order, put no star). Send it to ten people and
send it back to the person who sent it to you. Put your name in
the subject box! You'll see what happens to you...... its kind
of cool! Please keep this going.
Don't mess it up!
(many more removed.)
Tip of the Week: Distributed Computing Projects
For quite some time now I've been running distributed computing
projects on my computer. Distributed computing allows you to use
the processing power of your computer to analyse data in a
variety of areas, such as medical, scientific or biological
research. To participate in a distributed computing project you
simply download a small program that acts as the screensaver on
your computer. Because it runs as a screen saver, the program
won't interfere with your normal computing tasks. That is, the
software will only analyse data when you are not using your
These screensavers may not be as pretty as some, but I get a
kick out of knowing that my computer is busily crunching numbers
in the interests of Science when I'm not using it.
When the computer has finished analysing a data unit, the
software will tell you that it needs to upload the data. After
the upload is completed, it will automatically download another
Currently, I'm participating in the Lifemapper project
is assembling "a powerful, predictive electronic atlas of
Earth's biological diversity". Another favourite is SETI@home
, which examines data from radio telescopes in the ongoing search
for extraterrestrial life.
To find out more about distributed computing and choose from
other active projects see:
Discuss This Story
Feedback from Readers and Site Visitors
If you receive a hoax or scam email, I would appreciate it if you
would send me a copy
A number of submissions this week involved the nine-zero-hash
hoax discussed above.
I've also received a variety of phisher scam emails both direct
from the scammers and as submitted examples. The scam emails
mostly target Citibank. One example is included below:
This email was sent by the Citibank server to verify your
E-mail address. You must complete this process by clicking on the
link below and entering in the small window your Citibank Debit
Cardnumber and PIN that you use on ATM.
This is done for your protection - because some of our members no
longer have access to their email addresses and we must verify it.
To verify your E-mail address and access your bank account, click
on the link below:
Thank you for being our customer
Another hoax that has been the subject of several enquiries this
week is the Spider Under Florida Toilet Seat Hoax
. This hoax is such a juicy little tale, that I guess it keeps getting
trundled out for another run.
Popular pages on the Hoax-Slayer site this week include:
Email Lottery Scams - International Lottery Scam Information
Share Your Experiences.com Scam
Glade PlugIns Fire Hazard Hoax
Camel Spiders in Iraq Hoax Email
Thank you very much for all your submissions!
Discuss This Story
The Hoax_Slayer Newsletter is published by:
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments