Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 40 - Hoax-Slayer Newsletter

Issue 40: 30th September, 2004

This week in Hoax-Slayer:
FDIC Phishing Scam

The FDIC (Federal Deposit Insurance Corporation) is just one of a number of institutions that are currently being targeted by phisher scammers. A recent scam email (see example below) masquerades as a message from the FDIC that gives details about a supposed "ATM/Debit/Check Card Protection Program". A link in the email directed potential victims to a bogus web page designed to resemble a page on the official FDIC site. The web page requested sensitive personal information ostensibly to register for the proposed "protection system". In fact, any information provided would be acquired by the criminals behind the scam and would likely be used to commit fraud and/or steal the victim's identity. The information in the email is false and does not originate from the FDIC.

It is highly unlikely that the FDIC, or any other legitimate institution would request financially sensitive information via email. If you receive such a request, do not reply and do not click on any links provided. Contact the institution directly if you have the slightest doubt regarding the veracity of a message. You should also check the institution's real website, as information about current phisher scams is often provided.

Read more information about phisher scams

Read more information about FDIC phisher scams

ATM/Debit/Check Card Protection Program In cooperation with your bank and other major American banks the FDIC has developed a new anti-fraud screening solution. This is an effort to prevent the recent surge in credit, debit card fraud and identity theft.

The system is an advanced neural network that scrutinizes card transactions and ATM withdrawals to deliver a highly accurate risk score by analyzing the spending behavior of each cardholder along with the profile of each merchant and ATM. It will try to detect and stop any suspicious or fraudulent ATM, debit or check card activity.

Register with our ATM, debit and check card protection program and you can use your card to shop online, in a store, or withdraw money at the ATM, and you'll be fully protected from unauthorized use of your card or account information. With FDIC's Zero Liability policy, your liability for unauthorized transactions is $0-you pay nothing!

All major American banks will implement this system within a near future.

We continuously receive information from your bank such as your e-mail, name, address and other personal information. Therefore the registration process is fast and we probably have most of your information on file already.

Note that this program only applies to your ATM, debit or check card - which is linked directly to your checking account, not credit cards.

Please take a moment and follow the link below to securely register your card totally free of charge.


Security Department

Discuss This Story


Walmart Fire Charity Hoax

Yet another absurd "charity" email is currently circulating. The email presents the sad, and totally fictional, tale of a six-year-old girl who was badly burnt in a Walmart fire. It informs recipients that the child's family needs help to cover medical expenses. Like similar charity hoaxes, this one claims that the email is being tracked and that money will be donated every time the email is sent to others. In this case, the company supposedly doing the donating is AOL. While AOL does indeed direct some funds to charity, it certainly does not base these donations on how many times a specified email is forwarded.

This hoax began hitting inboxes during 2003 but submissions indicate that it is currently enjoying a comeback. The absurd claim that AOL is tracking the email is enough to identify it as a hoax immediately. Another indication of the email's status as a hoax is the telling lack of details. The child is identified only as "Sandy", other family members are not named at all, and there is no indication of when or where the fire took place.

As stated, a charity campaign based solely on the forwarding of an email is exceptionally unlikely. However, if such a campaign did actually take place, verifiable details and reference information would almost certainly be included in the message.

The concept of individual emails being "tracked" is one shared by a number of hoaxes. The only way to "track" a message would be to embed some sort of code in the email and it would have to be continually forwarded in HTML format for the code to continue collecting and submitting data. The logistics of tracking an email that could ultimately be forwarded thousands of times are clearly problematical at best.

In any case, tracking an email in the way described would raise all sorts of privacy issues and it is highly unlikely that any ethical organization would knowingly participate in such a practice.

An example of the hoax email:
A sister and her brother were inside the new Walmart built in town. The sister at six years of age, the brother seventeen years of age. The brother was fixing to buy a present for his little sister on her birthday, but as soon as they were fixing to leave she had to go to the bathroom. Her brother showed her where it was, he started to look at some earrings she would probably like for her next birthday. As he started to buy them he saw people running from the end of the store screaming and yelling with fear. Before he new it he smelled smoke and saw fire, he ran to his little sister as fast as he could but when he got to the bathrooms they were already on fire. He new he had to get out as fast as he could to get help. But when the firetrucks arrived it was already to late. Two days later the family got a call from the hospital saying they have someone there by the name of sandy. They asked "How did you get this number"? The hospital said she was holding a purse in her hand with a card that said her name and number on it. The family drove to the hospital to see thier little angel. While they looked at her, they noticed her arm was almost all the way burnt off, and her face was so burned it needed surgery. But the family didnt have enough to cover the bill.

So now the need you to help out!

Note: Every time you send this to three people aol will take away $2.00 off the hospital bill.


Discuss This Story


Hoax-Slayer FAQ's (Part Three)

Every week I receive a great many enquiries about scams and hoaxes. Since many enquiries, and their answers, cover the same material, I have condensed them into a set of Frequently Asked Questions. This week I will cover several more email hoaxes that are very common subjects of enquiries.

Q. I got a message that says that adding [specified email address] to my MSN Messenger, will infect my computer with a virus. Is this true?

A. No, you can not be infected by a virus simply by adding a person to your contact list. This is a common hoax that keeps reappearing with different contact addresses specified.

Read more about the MSN Contact List Virus Hoax

Q. I received an email that claims that my Hotmail (or Yahoo) account will be terminated if I don't forward the message. Could this be true?

A. No, this is an old hoax that has been circulating for several years. Hotmail, or Yahoo, is not going to terminate an account based on whether or not a specific email is forwarded.

Read more about the Hotmail Account hoax

Q. I received a very disturbing email petition that claims somebody is cramming live cats into glass jars to create "bonsai kittens". Is this true?

A. Don't worry you can safely ignore this petition. Nobody is making bonsai kittens. Although there is actually a website that claims to teach people how to create bonsai kittens, it is intended as a joke.

Read more about the Bonsai Kittens Email Petition

Q. I received an email that claims that a scammer can take control of a person's phone by posing as a technician and asking him or her to key in 90#.

A. No, this is generally considered a hoax, although there are rare exceptions where the information can be partially correct. There have been a number of versions of the hoax set in different parts of the world.

Read more about the Nine Zero Hash Phone Scam Hoax

Discuss This Story


Virus Report: Weekly Virus Wrap-Up

Yet another variant of the Beagle worm, W32.Beagle.AR@mm, has been reported. This worm uses its own SMTP engine to spread and uses spoofing. The attachment that arrives with infected emails is a downloader that retrieves the actual worm from an external source.

The subject of infected emails will be one of the following:
Re: Hello
Re: Hi
Re: Thank you!
Re: Thanks :)

Top virus threats at the moment are variants of the MyDoom and Beagle worms. Symantec has removal tools available for these worms. For more information, follow the links below:

W32.Mydoom@mm Removal Tool
W32.Beagle@mm Removal Tool

Email Worm Spoofing - Spoofing Explained

Internet Worm SMTP Engines Explained

Discuss This Story


A Better way of Answering your Hoax and Scam Enquiries

As each week goes by, I receive an increasing amount of email enquiries about scams and hoaxes. I am committed to answering all reader enquiries, and I'm very pleased that, by answering, I am able to help in some small way to foil scammers and debunk hoaxes.

However, the large amount of email I receive means that I am less and less able to respond to questions in a timely fashion.

Therefore, from now on, I will be moving away from email replies and will begin handling all hoax and scam enquiries via the Hoax-Slayer Forums. Since many enquiries cover the same topics, your questions may have already been answered in the forums. Also, forum members will be able to help each other by answering questions or directing the poster to earlier questions on the subject. Thus, the forums should provide a faster and more efficient mechanism for answering your questions.

I am confident that the forums will prove to be a better vehicle for responding to your enquiries. To make it easier for people to ask questions I have configured the "Hoaxes and Scams" section of the forums so that registration is not required.

Please note that you can still send scam or hoax examples or comments that do not require a reply via email.

Discuss This Story


Tip of the Week: Create a "spam" Account

A simple but effective spam-control measure is to create a secondary, "spam" email account.

A "spam account" (by my definition) is simply a spare email address that is used on web sites that require you to provide your email address. Many of these sites are likely to be above board and will not misuse your email address. Unfortunately however, there are some that will be unscrupulous enough to send spam to the email address that you provide and even sell it to other spammers. Thus, it is advantageous to have a disposable spam account for online use.

If the spam account starts to attract too much junk email, it can simply be discarded and a new account can be created. I've found this to be quite an effective method of spam control. Of course, this tactic is most effective if you start using a spam account at the same time you start using your primary account. Once your email address is on spam lists, it's probably going to stay there.

If your ISP provides extra email addresses as part of your package, you could set up one of those as your spam account. Otherwise, you could use a free account such as Hotmail or Yahoo.

Once you are confident that a particular site is unlikely to stoop to spamming, you can easily update your details so that your primary email account is used instead of your spam account

Discuss Spam Control Issues


Feedback from Readers and Site Visitors

This week, I have received many enquires regarding the Terrorist Prank Email.

The article about the fake Hands of God photograph received a great number of visitors over the last few days.

I have also received a substantial amount of email concerning Nigerian Scams, Lottery Scams and various phisher scams.

If you have emailed an enquiry and not yet received a reply, please be patient. I have received a very large amount of email over the last few weeks and currently have a sizable backlog. Also, please see the article above about using the forums instead of email for enquiries.

Once again, thank you very much for all the examples and comments you have sent.

Discuss This Story


The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments