Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation

Divider









Issue 33 - Hoax-Slayer Newsletter

Issue 33: 5th August, 2004

This week in Hoax-Slayer:
Read Previous Issues


Hoax-Slayer is a Free Monthly Web-Based Newsletter brought to you by Brett Christensen

The Hoax-Slayer Newsletter keeps you informed about the latest email hoaxes and current Internet scams. Hoax-Slayer also features anti-spam tips, computer security information, pertinent articles and more.

As soon as the newsletter is published each month, subscribers are sent a notification email with a direct link to the latest issue. The Hoax-Slayer Newsletter is absolutely free and you can easily unsubscribe at any time either by following a link in the notification email or visiting the Hoax-Slayer Unsubscribe page.

To get your free subscription, enter your complete email address in the form below and click the "Subscribe" button. Concerned about giving out your email address online? I will never sell or give away your email address, or any other personal information, for any reason what so ever.

Read the Hoax-Slayer Privacy Policy for more information.



Subscribe to the newsletter via RSS feed

Subscription Options in Detail



More US Bank Phisher Scams

A large number of phisher scam emails that target the US Bank have been hitting inboxes. The emails use a variety of ruses that attempt to trick recipients into visiting a fraudulent website and submitting sensitive personal information. These scam emails generally arrive in HTML format and include official looking logos.

Although the fraudulent website may look like an official US bank site, it is in fact created by scammers solely to trick people into providing personal information.

Just some of subject lines of recent US Bank phisher scams are listed below:


US bank has more information and reporting procedures regarding these fraudulent emails on its website

PayPal, eBay, AOL, Citibank and others have also been targeted by phishing scammers over the last few days.

Read more about phisher scams.

An example of one US Bank scam email is included below:

subject ***Renew Your Records***
from: renew@usbank.com

Dear U.S. Bank valued member,

Due to concerns, for the safety and integrity of the Internet Banking community we have issued this warning message.

It has come to our attention that your account information needs to be updated due to inactive accounts, frauds and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to update your records will result in account deletation.

Once you have updated your account records your online banking account will not be interrupted and will continue as normal.

Please follow the link below and renew your accountinformation.
[LINK REMOVED]

U.S. Bank Internet Banking


Discuss This Story

[TOP]



PayPal Class Action Email

Many PayPal account holders have received an email notice that claims recipients may be entitled to a payment due to the settlement of a class action against online payment company, PayPal.

Although the notice could easily be mistaken for some form of phisher scam, the information in the email is in fact true.

A class action lawsuit was filed against PayPal in March 2002 because of an alleged violation of a federal statute. The action has now reached a settlement. According to an FAQ on the official website dedicated to the settlement:

The parties to the action reached a Settlement and the e-mail letter you received is the "Notice" required under the law to be given to each class member that can be identified with reasonable efforts. Under the terms of the proposed Settlement if you opened a PayPal account between October 1, 1999 and January 31, 2004, you may be included in the Settlement Class

If you have received one of these emails, you may indeed be entitled to a payment. For more information, visit the settlement website.

It should be noted that, while this particular email is legitimate, PayPal has been the target of numerous phisher scams in the past. Be cautious of future email purporting to be from PayPal as scammers may try to exploit the class action settlement in order to further their nefarious goals.



References:
http://www.internetnews.com/bus-news/article.php/3390191
http://www.auctionbytes.com/cab/abn/y04/m07/i30/s01
http://msnbc.msn.com/id/5550334/

Due to the length of the email, I have only reproduced a small part of the notice below:

Dear NAME REMOVED,

IF YOU OPENED A PAYPAL ACCOUNT BETWEEN OCTOBER 1999 AND JANUARY 2004, YOU MAY BE ENTITLED TO A PAYMENT FROM A CLASS ACTION SETTLEMENT.

PLEASE READ THIS NOTICE CAREFULLY.

UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA SAN JOSE DIVISION In re PayPal litigation Case No. CV-02-01227-JF (PVT) NOTICE OF PENDENCY OF CLASS ACTION AND PROPOSED SETTLEMENT

1. WHY DID I GET THIS NOTICE?
You have been sent this Notice because the records of PayPal, Inc. indicate you are a current or former PayPal account holder. This means you may be eligible to receive a payment from the proposed class action settlement in the lawsuit In re PayPal Litigation, Case No. 02 1227 JF PVT, pending in the United States District Court for the Northern District of California in San Jose. This Notice provides a summary of the terms of the proposed settlement. It also explains the lawsuit, your legal rights under the settlement, what benefits are available to you under the settlement, and how to get them.




Discuss This Story

[TOP]



Virus Report: Weekly Virus Wrap-Up

The list below represents some of the most significant new virus threats identified by Symantec Security Response over the last few days.

Another variant of MyDoom, W32.Mydoom.N@mm, is circulating. The worm searches for email addresses on the infected system and sends itself using its own SMTP engine. It also drops and executes a backdoor.

W32.Bugbros.C@mm is a worm that sends itself to email addresses it finds in MS Outlook Address Book. The subject of the infected email will be "New Products" and the attachment name will be "Twunk_64.exe".

Yet another variant of the Korgo worm is spreading. W32.Korgo.AD can exploit the Windows LSASS Buffer Overrun Vulnerability on unpatched windows systems. Windows users should ensure that their computers have the latest security patches installed by visiting Windows Update.

W32.Evaman.C@mm is a worm that retrieves email addresses by sending HTTP Get requests to a specified web site. It also procures email addresses from the Windows Address Book and other files on the infected system.

The subject of the infected email will have one of the following:
SN: New secure mail
Secure delivery
failed transaction
Re: hello (Secure-Mail)
Re: Extended Mail
Delivery Status (Secure)
Re: Server Reply
SN: Server Status

Discuss This Story

[TOP]



Death by Mobile Phone Email

A new wave of submissions and enquires indicate that the following email forward is enjoying a comeback. The details outlined in the email are false. Research indicates that no one has died during an operation due to the use of a mobile (cell) phone. According to a Health Physics Society website article on the effects of cell phones on medical devices, "There appear to be no confirmed reports of life-threatening interference".

However, studies have indicated that it is potentially dangerous to use mobile phones around sensitive electronic equipment such as that found in operating theatres. Although the risk is small, there have been well documented incidents in which the use of mobiles has interfered with medical equipment and many hospitals ban the use of mobile phones in critical areas of the facility. A case documented by the FDA notes that:

a patient in the ICU was receiving epinephrine through an infusion pump when a visitor received a call on her cell phone. When the call was answered, the pump increased the rate of the drip. This gave the patient an unintended bolus of medication that led to epinephrine toxicity.

Thus, the underlying message contained in this email is valid. However, disguising this message in some heart wrenching falsehood and spreading it across the Internet is liable to be counter productive. When people discover that the story is a hoax, they may also believe that there is no inherent danger in using mobiles near sensitive equipment.

Reference:
Study: Cell Phones Interfere with Medical Devices

A 4 year old girl was admitted due to leg fracture. As it was an open fracture, she had to undergo an operation to stitch the protruding bone back in place.

Though it was quite a minor operation, still she was hooked on to a life system, as it's somehow part of the process. The doctors had to input some data prior to the operation to suit different conditions.

Thereafter,the operation proceeded. Half way through the process, the life support system suddenly went dead.

The culprit: Some idiot was using his/her hand-phone outside the operation theatre. And the frequency had affected the system. They tried to track the fellow but to no avail.

The little girl, young and innocent as she was, died soon after. Sad to say, she was the only child.

Message : Be compassionate! Do not use your hand phone at any hospital or places where you are told not to use it. You might not be caught in the act, but you might have killed someone without knowing.

Please pass this to as many, since most of us are just not aware of the seriousness.


Discuss This Story

[TOP]



Tip of the Week: Perform an Online Virus Scan

Even the best anti-virus software is not infallible, so it is wise to seek a "second opinion" from time to time.

Once in a while I run a free online scan at Panda Activescan site just to double-check my system. The first time you run the scan you will need to download some ActiveX controls which weigh in at around 1.5mb. It would be best to perform the scan at a time when you don't need to use your computer for an hour or so. Once you start the scan, you can leave it to its own devices while you attend to other duties (or have a nap [grin]).

Discuss This Story

[TOP]

The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments