Issue 44 - Hoax-Slayer Newsletter
Issue 44: 4th November, 2004
This week in Hoax-Slayer:
Hoax-Slayer is a Free Monthly Web-Based Newsletter brought
to you by Brett Christensen
The Hoax-Slayer Newsletter keeps you informed about the latest email hoaxes and current Internet scams. Hoax-Slayer also features
anti-spam tips, computer security information, pertinent articles and more.
As soon as the newsletter is published each month, subscribers are sent a notification email with a direct link to the latest issue. The Hoax-Slayer Newsletter is absolutely free
and you can easily unsubscribe at any time either by following a link in the notification email or visiting the Hoax-Slayer Unsubscribe
To get your free subscription
, enter your complete
email address in the form below and click the "Subscribe" button. Concerned about giving out your email address online? I will never
sell or give away your email address, or any other personal information, for any reason what so ever
for more information.
Subscribe to the newsletter via RSS feed
Subscription Options in Detail
Breast Cancer Site Email (Not a Hoax)
A fairly regular visitor to inboxes around the world is an email
that asks people to visit the Breast Cancer site and click on a
button to help pay for mammograms for underprivileged women.
Although the email has some of the characteristics of a hoax,
the information it contains is true. The Breast Cancer site is
real and money paid by site advertisers does indeed go towards
providing free mammograms. This is a worthy cause and I would
encourage readers to visit the site
and click on the "Fund Free
From the site FAQ:
The Breast Cancer Site (www.thebreastcancersite.com) is an online
activism site that gives Internet users a free and easy way to help
reduce the number of mothers, sisters, daughters and friends lost
to breast cancer. In seconds, visitors to The Breast Cancer Site
can click on the "Fund Free Mammograms" button and, at no cost to
them, help fund a free mammogram for an underprivileged woman.
Mammography is one the best-known methods of early detection of
breast cancer, and early detection is the key to survival and
better treatment options. Provision of free mammograms is carried
out through the National Breast Cancer Foundation and paid for by
The Breast Cancer Site's sponsors. The Breast Cancer Site was
founded on October 23, 2000.
An example of the email message:
Discuss This Story
Subject: Breast Cancer Site
I know you are busy but....
A Favor to Ask
It only takes a minute....
Please tell ten friends to tell ten today! The Breast Cancer site
is having trouble getting enough people to click on it daily to meet
their quota of donating at least one free mammogram a day to an
underprivileged woman .
It takes less than a minute to go to their site and click on
"donating a mammogram" for free (pink window in the middle).
This doesn't cost you a thing.
Their corporate sponsors/advertisers use the number of daily
visits to donate mammogram in exchange for advertising.
Here's the web site! Pass it along to people you know.
PayPal Phisher Scam Email
A number of phisher scam emails have been targeting the online
payment company, PayPal over the last week or so. I have
received several identical scam messages to different Hoax-Slayer
email accounts with the subject line "PayPal Very Important
Warning". An example of the scam email is included below.
The scam email is cleverly formatted to closely resemble an
official PayPal message and includes PayPal logos and links that
lead to real PayPal and eBay web pages. However, the account
log-in link in the bogus email leads to a fraudulent website
that is virtually identical to the real PayPal log-in page.
Links and buttons on the fake website also lead to real PayPal
web pages in an effort to further convince victims that the page
During my investigation of the scam example I have included below,
I logged on to the fake site using a made up user name and
password. I was then presented with a web form that requested
information such as credit card details, address details, social
security number, bank account numbers and more. Information
submitted via this form will be sent directly to the scammers.
Even though I provided an invalid user-name and password, the
fake site still "let me in" and requested sensitive information.
Neither the fake log-in page nor the web form itself were secure.
That is, they did not have "https://" in the web address and
the lock icon was not present in the web browser status bar. If
a user entered invalid log-in details into the real PayPal
sign-in page an error message would result. Also, the real
sign-in page and any form that you were required to fill out
would definitely be secure pages on the legitimate PayPal site
At this point I would like to stress that clicking on the links
in scam emails is an unacceptable security risk that should be
avoided. Sometimes, clicking such links can open a webpage that
allows a malicious program such as a Trojan to be downloaded to
your system. I accessed and examined the bogus website under
controlled conditions so that I could offer a more detailed
analysis of this phisher scam. Normally, the best course of
action if you receive a phisher scam email is to delete the
message or forward it to the company targeted, without
clicking any of the links provided.
I have noticed that phisher scams have become increasingly
sophisticated over the last year or so. Earlier phisher scam
emails could often be easily identified by poor presentation,
spelling and grammar. However, it seems that the scammers have
effectively honed their skills in what has proven to be an
exceptionally lucrative enterprise for them. As this PayPal
example illustrates, newer phisher scam emails are near clones
of the real thing and it is not surprising that they continue
to gain new victims every day.
Any unsolicited email that advises you to click on a link and
provide sensitive information on a web page should be treated
as a possible phisher scam. It is highly unlikely that any
legitimate company would use such a method.
More information about phisher scams
Notification of Limited Account Access
PayPal is committed to maintaining a safe environment for
its community of buyers and sellers. To protect the security
of your account, PayPal employs some of the most advanced
security systems in the world and our anti-fraud teams
regularly screen the PayPal system for unusual activity.
Recently, our Account Review Team identified some unusual
activity in your account. In accordance with PayPal's User
Agreement and to ensure that your account has not been
compromised, access to your account was limited. Your account
access will remain limited until this issue has been
resolved. This is a fraud prevention measure meant to ensure
that your account is not compromised.
In order to secure your account and quickly restore full
access, we may require some specific information from you
for the following reason: A recent review of your account
determined that we require some additional information
from you in order to provide you with secure service.
Case ID Number: PP-051-384-664
We encourage you to log in and restore full access as soon
as possible. Should access to your account remain limited
for an extended period of time, it may result in further
limitations on the use of your account or may result in
eventual account closure.
click the link below and enter your Case ID Number on
the following page to access your account.
Click here to access your account
Thank you for your prompt attention to this matter.
Please understand that this is a security measure
meant to help protect you and your account. We
apologize for any inconvenience.
PayPal Account Review Department
Please do not reply to this e-mail. Mail sent to
this address cannot be answered. For assistance,
log in to your PayPal account and choose the
"Help" link in the footer of any page.
To receive email notifications in plain text
instead of HTML, update your preferences here.
PayPal Email ID PP468
Virus Report: Weekly Virus Wrap-Up
The list below represents some of the most significant new virus
threats identified by Symantec Security Response
over the last
Several variants of the Beagle worm have been spreading.
Symantec has given one of these, W32.Beagle.AV@mm
, a threat
severity assessment level of 3 out of 5. This worm spreads via
email and file sharing networks. The "From" field of infected
emails will be spoofed and the subject will be one of the
* Re: Hello
* Re: Hi
* Re: Thank you!
* Re: Thanks :)
A removal tool
for the Beagle worm is available.
is worm that sends itself to email address
harvested from the Microsoft Outlook address book. Infected
emails will have the following subject line and body.
Fw: I give you again
Spidey has give you some password of xxx site
Another variant, VBS.Yeno.B@mm, has very similar characteristics.
Internet Worm SMTP Engines Explained
Email Worm Spoofing - Spoofing Explained
Discuss This Story
Mobile Phone Virus Hoax
Variants of this hoax have been circulating since 1999. The
information in the email is completely untrue and has certainly
not been "confirmed by both Motorola and Nokia". If a virus had
really destroyed the mobile phones of 3 million US users it would
be a major news story around the world. There is nothing on the
CNN site about this virus nor does a search of Google News reveal
any articles that confirm the story.
However, there are legitimate news articles
about a real mobile
phone virus that was discovered back in June 2004. This worm,
dubbed "Cabir" is basically a "proof of concept" virus and does
little damage. Vnunet.com reports that
the first outbreak of this
virus "in the wild" occurred in Singapore in early October.
Although Cabir is virtually harmless, it does indicate that mobile
phone virus attacks are possible and may become a significant
threat in the future. News of Cabir may also be giving new life
to this old mobile phone virus hoax.
The "warning" should be deleted without forwarding. Any "virus
warnings" received via a forwarded email should not be taken at
face value. Always take the time to confirm the information at
a reputable anti-virus website.
Subject: FW: URGENT message
for mobile phone users!!!
Discuss This Story
URGENT message for mobile phone users!!!Please be careful and mindful!
All mobile users pay attention if you receive a phone call and your
mobile phone displays ( ACE ) on the screen don't answer the call.
END THE CALL IMMEDIATELY if you answer the call, your phone will be
infected by a virus. This virus will erase all IMEI and IMSI
information from both your phone and your SIM card, which will make
your phone unable to connect with the telephone network.
You will have to buy a new phone. This information has been confirmed
by both Motorola and Nokia. There are over 3 Million mobile phones
being infected by this virus in USA now. you can also check this news
in the CNN web site.
PLEASE FORWARD THIS PIECE OF INFORMATION TO ALL YOUR FRIENDS.
Thunderbird Email and News Client
If you are looking for a sleek, efficient and safer alternative
to Outlook Express, then you might like to check out the Mozilla
Thunderbird email and news client. Thunderbird has a user
friendly and elegant interface and Outlook Express users should
have little trouble making the transition.
Thunderbird has an excellent built-in spam filter that makes
handling junk mail very simple. It is also safer and more secure
than some other email clients. Thunderbird will not allow email
worms to execute automatically. Also, it will not allow script
code to be run just by opening a message unless you have
specifically configured it to do so.
It offers support for multiple accounts, an excellent built in
spell-checker, a number of ways to sort your mail and many more
features. Another plus is that Thunderbird is a cross-platform
application that is available for Windows, Linux and Macintosh
I have now been using Thunderbird for several weeks and it has
proven to be quite stable on my Windows XP system. And, by the way, Thunderbird is completely free!
Find out more about Thunderbird
Why You Should Use
the Mozilla Thunderbird E-mail Program
Have you say about Thunderbird
The Hoax_Slayer Newsletter is published by:
All Rights Reserved
©Brett M. Christensen, 2008