Issue 33 - Hoax-Slayer Newsletter
Issue 33: 5th August, 2004
This week in Hoax-Slayer:
Hoax-Slayer is a Free Monthly Web-Based Newsletter brought
to you by Brett Christensen The Hoax-Slayer Newsletter keeps you informed about the latest email hoaxes and current Internet scams. Hoax-Slayer also features
anti-spam tips, computer security information, pertinent articles and more.
As soon as the newsletter is published each month, subscribers are sent a notification email with a direct link to the latest issue. The Hoax-Slayer Newsletter is
absolutely free and you can easily unsubscribe at any time either by following a link in the notification email or visiting the Hoax-Slayer
Unsubscribe page.
To get your
free subscription, enter your
complete email address in the form below and click the "Subscribe" button. Concerned about giving out your email address online? I will
never sell or give away your email address, or any other personal information, for
any reason what so ever.
Read the
Hoax-Slayer Privacy Policy for more information.
Subscribe to the newsletter via RSS feed
Subscription Options in Detail
More US Bank Phisher Scams
A large number of phisher scam emails that target the US Bank
have been hitting inboxes. The emails use a variety of ruses
that attempt to trick recipients into visiting a fraudulent
website and submitting sensitive personal information. These
scam emails generally arrive in HTML format and include official
looking logos.
Although the fraudulent website may look like an official US bank
site, it is in fact created by scammers solely to trick people
into providing personal information.
Just some of subject lines of recent US Bank phisher scams are
listed below:
- ***Renew Your Records***
- U.S. Bank Fraud Verification Process
- U.S. Bank Online Banking Issue
- In attention of U.S.Bank Members ! Restore Your Accounts Now!
- U.S. Bank Notification - Unauthorized Account Access
- New U.S. Bank Security Standards
US bank has more
information and reporting procedures regarding
these fraudulent emails on its website
PayPal, eBay, AOL, Citibank and others have also been targeted by
phishing scammers over the last few days.
Read more about phisher scams.
An example of one US Bank scam email is included below:
subject ***Renew Your Records***
from: renew@usbank.com
Dear U.S. Bank valued member,
Due to concerns, for the safety and integrity of the
Internet Banking community we have
issued this warning message.
It has come to our attention that your account information
needs to be updated due to inactive accounts, frauds and
spoof reports. If you could please take 5-10 minutes out of
your online experience and renew your records you will not run
into any future problems with the online service. However,
failure to update your records will result in account deletation.
Once you have updated your account records your online banking
account will not be interrupted and will continue as normal.
Please follow the link below and renew your accountinformation.
[LINK REMOVED]
U.S. Bank Internet Banking
Discuss This Story
PayPal Class Action Email
Many PayPal account holders have received an email notice that
claims recipients may be entitled to a payment due to the
settlement of a class action against online payment company,
PayPal.
Although the notice could easily be mistaken for some form of
phisher scam, the information in the email is in fact true.
A class action lawsuit was filed against PayPal in March 2002
because of an alleged violation of a federal statute. The action
has now reached a settlement. According to an
FAQ on the official
website dedicated to the settlement:
The parties to the action reached a Settlement and the e-mail
letter you received is the "Notice" required under the law to be
given to each class member that can be identified with reasonable
efforts. Under the terms of the proposed Settlement if you opened
a PayPal account between October 1, 1999 and January 31, 2004,
you may be included in the Settlement Class
If you have received one of these emails, you may indeed be
entitled to a payment. For more information, visit the
settlement website.
It should be noted that, while this particular email is
legitimate, PayPal has been the target of numerous phisher
scams in the past. Be cautious of future email purporting to
be from PayPal as scammers may try to exploit the class action
settlement in order to further their nefarious goals.
References:
http://www.internetnews.com/bus-news/article.php/3390191
http://www.auctionbytes.com/cab/abn/y04/m07/i30/s01
http://msnbc.msn.com/id/5550334/
Due to the length of the email, I have only reproduced a small
part of the notice below:
Dear NAME REMOVED,
IF YOU OPENED A PAYPAL ACCOUNT BETWEEN OCTOBER 1999 AND JANUARY
2004, YOU MAY BE ENTITLED TO A PAYMENT FROM A CLASS ACTION
SETTLEMENT.
PLEASE READ THIS NOTICE CAREFULLY.
UNITED STATES DISTRICT COURT
NORTHERN DISTRICT OF CALIFORNIA
SAN JOSE DIVISION
In re PayPal litigation
Case No. CV-02-01227-JF (PVT)
NOTICE OF PENDENCY OF CLASS ACTION AND PROPOSED SETTLEMENT
1. WHY DID I GET THIS NOTICE?
You have been sent this Notice because the records of PayPal,
Inc. indicate you are a current or former PayPal account holder.
This means you may be eligible to receive a payment from the
proposed class action settlement in the lawsuit In re PayPal
Litigation, Case No. 02 1227 JF PVT, pending in the United States
District Court for the Northern District of California in San
Jose. This Notice provides a summary of the terms of the proposed
settlement. It also explains the lawsuit, your legal rights under
the settlement, what benefits are available to you under the
settlement, and how to get them.
Discuss This Story
Virus Report: Weekly Virus Wrap-Up
The list below represents some of the most significant new virus
threats identified by
Symantec Security Response over the last
few days.
Another variant of MyDoom,
W32.Mydoom.N@mm, is circulating. The
worm searches for email addresses on the infected system and sends
itself using its own SMTP engine. It also drops and executes a
backdoor.
W32.Bugbros.C@mm is a worm that sends itself to email addresses it
finds in MS Outlook Address Book. The subject of the infected
email will be "New Products" and the attachment name will be
"Twunk_64.exe".
Yet another variant of the Korgo worm is spreading.
W32.Korgo.AD
can exploit the Windows LSASS Buffer Overrun Vulnerability on
unpatched windows systems. Windows users should ensure that their
computers have the latest security patches installed by visiting
Windows Update.
W32.Evaman.C@mm is a worm that retrieves email addresses by
sending HTTP Get requests to a specified web site. It also
procures email addresses from the Windows Address Book and
other files on the infected system.
The subject of the infected email will have one of the following:
SN: New secure mail
Secure delivery
failed transaction
Re: hello (Secure-Mail)
Re: Extended Mail
Delivery Status (Secure)
Re: Server Reply
SN: Server Status
Discuss This Story
Death by Mobile Phone Email
A new wave of submissions and enquires indicate that the
following email forward is enjoying a comeback. The details
outlined in the email are false. Research indicates that no one
has died during an operation due to the use of a mobile (cell)
phone. According to a Health Physics Society website
article on
the effects of cell phones on medical devices, "There appear to
be no confirmed reports of life-threatening interference".
However, studies have indicated that it
is potentially
dangerous to use mobile phones around sensitive electronic
equipment such as that found in operating theatres. Although the
risk is small, there have been well documented incidents in which
the use of mobiles has interfered with medical equipment and many
hospitals ban the use of mobile phones in critical areas of the
facility. A
case documented by the FDA notes that:
a patient in the ICU was receiving epinephrine through an
infusion pump when a visitor received a call on her cell phone.
When the call was answered, the pump increased the rate of the
drip. This gave the patient an unintended bolus of medication that
led to epinephrine toxicity.
Thus, the underlying message contained in this email is valid.
However, disguising this message in some heart wrenching
falsehood and spreading it across the Internet is liable to be
counter productive. When people discover that the story is a hoax,
they may also believe that there is no inherent danger in using
mobiles near sensitive equipment.
Reference:
Study: Cell Phones Interfere with Medical Devices
A 4 year old girl was admitted due to leg fracture. As it was an
open fracture, she had to undergo an operation to stitch the
protruding bone back in place.
Though it was quite a minor operation, still she was hooked on to
a life system, as it's somehow part of the process. The doctors
had to input some data prior to the operation to suit different
conditions.
Thereafter,the operation proceeded. Half way through the process,
the life support system suddenly went dead.
The culprit: Some idiot was using his/her hand-phone outside the
operation theatre. And the frequency had affected the system.
They tried to track the fellow but to no avail.
The little girl, young and innocent as she was, died soon after.
Sad to say, she was the only child.
Message : Be compassionate! Do not use your hand phone at any
hospital or places where you are told not to use it. You might
not be caught in the act, but you might have killed someone
without knowing.
Please pass this to as many, since most of us are just not aware
of the seriousness.
Discuss This Story
Tip of the Week: Perform an Online Virus Scan
Even the best anti-virus software is not infallible, so it is
wise to seek a "second opinion" from time to time.
Once in a while I run a free online scan at
Panda Activescan site
just to double-check my system. The first time you run the scan
you will need to download some ActiveX controls which weigh in at
around 1.5mb. It would be best to perform the scan at a time when
you don't need to use your computer for an hour or so. Once you
start the scan, you can leave it to its own devices while you
attend to other duties (or have a nap [grin]).
Discuss This Story
The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments
