Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 9 - Hoax-Slayer Newsletter

Issue 9: January 30th, 2004

This week in Hoax-Slayer:
FDIC Email Scam

Unlike phishing scams that target specific banks or financial institutions, this one endeavours to target as wide an audience as possible by pretending to be from the Federal Deposit Insurance Corporation (FDIC). The FDIC is a US government agency that insures bank accounts, so most people who have a bank account would be indirect clients of the agency via their bank.

This phishing scam attempts to trick recipients into visiting a bogus website to "verify" their identity. If people follow the link in the fraudulent email, they are taken to a site designed to look like the official FDIC site.

The email tries to scare people into supplying personal information on the bogus site by telling them that they are under investigation by the FBI and the Department of Homeland Security "due to suspected violations of the Patriot Act." This frightening claim may be enough to entice na´ve individuals into supplying information at the fraudulent website in order to clear their name and stop any further investigation.

A press release from the FBI and FDIC states in part:

This email was not sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the email and should NOT under any circumstances provide any personal information through this media.

Example of this scam email:
To whom it may concern;
In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act.

As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information.

Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted.


Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials.

Thank you for your time and consideration in this matter.
Donald E. Powell
Chairman Emeritus FDIC
John D. Hawke, Jr.
Comptroller of the Currency
Michael E. Bartell
Chief Information Officer


Mobile Phone Cameras and Credit Cards

The following email is going the rounds at the moment. The information *may* be true, but I'm not sure how big a security risk this would actually pose. I would have thought that the person using the phone would have to stand pretty close to you in order to take a legible picture of you credit card. As an experiment, I tried taking a photo of my own card in a mock shopping situation with my digital camera. There is no way that I could read the numbers on the card from a photo snapped while the card was sitting on the "counter" waiting to be scanned nor over the shoulder of a person holding the card, even when using the zoom function. My camera is by no means top of the range, but it certainly has better resolution than your average cell phone camera.

Of course, I *could* take a clear picture of the card, but I'm not sure how I could do this without the owner of the card being aware of it. I would have to get the camera pretty close to the card, to get a clear picture.

I'm not dismissing this out of hand, as I guess it might be possible to distract the card owner enough to snap a quick close up shot. Also,mobile phone technology is changing rapidly. Tomorrow's phones *might* have the necessary resolution to easily take card shots that could be deciphered later.

Right now however, I would not consider phone cameras a significant threat when it comes to stealing credit card information. Mind you, "be aware of your surroundings" is actually quite good advice when it comes to your personal security.

Keep a watch out for people standing near you at retail stores, restaurants, grocery stores, etc., that have a cell phone in hand. With the new camera cell phones, they can take a picture of your credit card, which gives them your name, number, and expiration date. Identification theft is one of the fastest growing scams today, and this is just another example of the means that are being used. So... be aware of your surroundings.


Teddy Bear Hoax Revisited

Apparently the Teddy Bear Hoax is still going strong. The updated version of the hoax reproduced below turned up on an online forum.

This hoax is a little more harmful than your average email hoax in that it can trick unwary computer users into deleting "jdbgmgr.exe", a legitimate Windows file.

Luckily, deleting this file will not cause problems for the average end user. The file is the Microsoft Debugger Registrar for Java, which is used only by Microsoft Visual J++ 1.1 developers. However, email hoaxes like this and the sulfnbk.exe email hoax set up a dangerous precedent. Given the amount of computer users that have a already deleted "jdbgmgr.exe", an email hoax that advised people to delete a crucial Windows file could cause as much damage as a real virus.

Read more about the original version.

Example of current version:
I received this message below and DID have the jdbgm virus file in my C drive, I followed the instructions below and deleted it. I suggest you also check by following the instructions below. Kindest regards, ****

To all parties in our address book:

We received this message from someone else today...

On January 15th or there about we received a virus that automatically is past through e-mail address books. We found it in our c-drive. Since you are in our address book, you will probably find it in your computer too. The virus called jdbe.exe is not detected by Norton or McAfee anti-virus systems. The virus sits quietly for 14 days before damaging the system. It is sent automatically by "messenger" and by address book whether or not you sent e-mail to your contacts. Here is how to check

for the virus and how to get rid of it.


1 Go to the Start, then click your "find" or "search" option.
2. In the folder option, type the name jdbgm
3. Be sure to search your C drive (this is where I found it) and all the sub folders and other drives you may have 4. Click "find now"
5. the virus has a teddy bear icon! with the name jdbgmgr.exe. DO NOT OPEN IT!
6. Go to Edit (on the menu bar) and choose "select all" to highlight the file without opening it.
7. Now go to the File (on your menu bar) and select delete. The virus will then go to the recycle bin.

*** If you find the virus, you must contact all the people in your address book so that they may eradicate the virus from their own address books

To do this:

1. Open a new e-mail message
2. Click the icon address book (contacts) next to "To"
3. Highlight every name and add to "BCC"
4. Copy the message and paste to e-mail



More Nigerian Scam Emails

Every week, several Nigerian scam emails cross my spam account inbox. They just keep coming and coming and they are still claiming victims. I saw on the news recently that a person in a neighbouring town lost his life savings to a Nigerian scam like the one below.

I can't say I have all that much sympathy really. Even if the stories in these scam emails were actually true, it would still be a pretty shady undertaking. After all, the scammers are basically asking you to help them steal sums of money that is not rightfully theirs to begin with. Those who fall for this scam obviously believe the circumstances and sums of money outlined in the emails to be real and therefore are quite willing to enter into a deal that is pretty clearly illegal in any case.

A typical example of the Nigerian scam emails that I regularly receive:




First I must solicit your confidence in this transaction, this is by virtue of its nature as being utterly confidential and top secret. Though I know that a transaction of this magnitude will make any one apprehensive and worried, but I am assuring you that all will be well at the end of the day. We have decided to contact you due to the urgency of this transaction, as we have been reliably informed of your discreetness and ability in transaction of this nature.

Let me start by introducing myself properly to you. I am CHARLES OKOYE the manager with the Zenith Bank Plc, Lagos. I came to know you in my Private Search for a Reliable and Reputable Person to handle this Confidential Transaction, which involves the transfer of Huge sum of Money to a Foreign Account requiring Maximum Confidence.


A Foreigner an Australia, Late Engr. Steve Moore (Snr.) an Oil Merchant with the Federal Government of Nigeria, until his death months ago in Kenya Air Bus (A310-300) Flight KQ431, Banked with us at Zenith Bank Plc, Lagos and had a closing balance as at the end of September, 2000 worth US$15,000,000(fifteen million United State Dollars), The bank now expects a next of kin as beneficiary. Valuable efforts are being made by the Zenith Bank Plc to get in touch with any of the Moore's family or relatives but to no success.

It is because of the perceived possibility of not being able to locate any of Late Engr. Steve Moore (Snr.)' s next kin (He had no wife or children that is know to us). The Management under the influence of our Chairman and Members of the Board of Directors, that arrange has been made for the fund to be declared "Unclaimed" and subsequently be donated to the trust fund for arms and ammunition to further enhance the course of War in Africa and the World in General.

In order to avert this negative development some of my trusted colleagues and I now seek your permission to have you stand as next of kin to Late Engr. Steve Moore (Snr.) so that the fund US$15 million will be released and paid into your account as the beneficiary's next of kin. All documents and proves to enable you get his fund will be carefully worked out. We have secure from the probate, an order of madamus to locate any of the deceased beneficiaries, and more so we are assuring you that this business is 100% Risk Free involvement. Your share stays while the rest be for myself and my colleagues for investment purpose. According to agreement within both parties.

As soon as we receive an acknowledgement of receipt of this message in acceptance of our mutual busines proposal, we would furnish you with the necessry modalities and disbursement ratio to suite both parties with out any conflict. While replying furnish me with your private fax and phone numbers for easy communication.

If this proposal is acceptable by you, do not make undue advantage of the trust we have bestowed in you.

Best regards,
please reply me through this email box:[EMAIL ADDRESS REMOVED]


Security Software: Spybot Search and Destroy

Spybot Search and Destroy is an excellent freeware program that will detect and deal with spyware and diallers that may be present on your computer. In my opinion, Spybot SandD is a crucial addition to your computer security arsenal. The program has a built in update function that allows you to download the latest include files and program updates quickly and easily. Although I also use Lavasoft's Ad-Aware to double-check my systems for spyware, I believe Spybot to be the superior product. Scanning is comparatively fast, and the user interface is well-presented and simple to use. Spybot has proven itself to be quite a stable product on both my Windows XP and Windows 98 systems.

Quoted from the developer's site:
Spybot - Search and Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected, because more and more spyware is emerging that is silently tracking your surfing behaviour to create a marketing profile of you that will be sold to advertisement companies.

Find out more about Spybot Search and Destroy.


Trivia: MS Word Trick

This is an interesting little trick if you have Microsoft Word 2000. I can't be sure if this works in the new versions of Word, but I know it works in Word 2000. Perhaps someone using a later version of Word could let me know?

1. Open a blank MS Word document.

2. Enter "=rand(10,9)" without the quotes, and press the "enter" key.

You can alter the numbers in the round brackets to vary the results.

This information often circulates via email with the added disclaimer that "not even Microsoft can explain the result". Some of the emails also falsly claim that Microsoft is offering a large cash prize for anyone who can shed light on this trick.

In fact, it is a documented feature of Word 2000 that simply allows sample text to be quickly added to a document for testing purposes. Microsoft can in fact "explain the result" and do so in this article.

The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
©Brett M. Christensen, 2008
Questions or Comments