Fake Costco Promo

Fake Costco Promo

If you get an email like this one from Costco or some other company, just permanently delete it. It’s fake. One easy way of telling it’s fake is if you get an email from a company that you do not have an account with.

SAMPLE No. 1

This spam email is designed to update their database to know that your email address is a live one. If you click on it, expect a lot more spam emails after that.

Do not trust this website: American-Choices.com

 

Here are the words, names and other fake content you will see:

Costco giftcard

Congratulations, Walter!

✉ REMINDER: Offer expires after 12 May

It’s your turn to get this Costco card today!

Walter Tuero

ra***@wy***********.com

Cards left: 15

ra***@wy***********.com&agent=itnetdata" data-id="3605280305">GET YOUR REWARD

#Last weeks winners
Mary Beal
Jade Wenthworth
Claire Galway
Sebastian Reynell
Ryder Bradley
Anthony Denison
Xandra Mulcan
Vennessa Westdoor

You received this email because you are registered in the database of Top-S. This is an ad. If you no longer wish to receive any emails from us please unregister by our unsubscribe link. • Top-Selections Limited 132 Nathan Road 10/F, Miramar Tower Tsim Sha Tsui, Kowloon 9 1010 Hong Kong • You subscribed  on 2019-05-06 (69.13.38.198) with YOUR EMAIL ADDRESS.

SAMPLE No. 2

This one is a graphic file. No real text. The whole picture links to a fake website:

Do not trust this website: Rigsnoisily.fun

This is where the link goes: http://rigsnoisily.fun/etc.

Just delete!

Fake Email Messages About Potentially Lucrative Emails That Have been Quarantined

Here’s another one of those fake emails. This one is relatively new in its approach. The Subject line says “WARNING!!! (4) Messages Quarantined” and it comes from “MAIL SERVER ad***@to*****.com.”

WHAT TO DO

Delete! Delete! Delete! And delete it from your trash folder so it is completely out of your computer system. Do not click on any of the links! It goes to some obscure address like “https://cdn-s.de/cgi-bin/index.php?xxxxxxx”  (I do not post the  whole link because someone might click on it from this post). It looks like this is a code that goes to your domain server’s coding folder where it will propagate serious damage.

If you have time, please report the fake email (and all other suspicious email) to the Federal Trade Commission. Help protect the rest of the world.

This email was sent to my technical support address. So I assume it was meant to go to someone who had access to the inner workings of a website.

Notice how the top line of the messages (supposedly quarantined) looks like it has something to do with a payment? Notice also how there are several links to “Release”? These are catchy words/phrases to tempt you into seeing what you might be missing.

 

*********************

Here is the rest of the actual message:

Dear Mail User [su*****@wy***********.com]

The links go here:

Important: Some incoming messages have been placed in your Personal Quarantine.

This pending messages will be deleted automatically after 7 days.

Few of your quarantined messages are listed below along with the actions that can be taken.
To see all quarantined messages view   su*****@wy***********.com" target="_blank" rel="noopener noreferrer">your email quarantine and release to inbox
Quarantined email
Recipient: Subject: date:
Release (su*****@wy***********.com) Remittance Payment Advice For MT103 30/04/2020
Release (su*****@wy***********.com) Re: Re: Contract 30/04/2020
Release (su*****@wy***********.com) Re: SALES ORDER CONFIRMATION 30/04/2020
Release (su*****@wy***********.com) Payment Invoice N96A4456 30/04/2020
Deliver all Messages


Note : This message was sent by the system for notification only.  
 Please do not reply

If this message lands in your spam folder, please move it to your inbox folder for proper interrogation:

This mail is protected to [YOUR REAL ADDRESS]
Ⓒ 2020 Cyber Security Alert . All Rights Reserved.

 

***************

 

Here’s a variation of the same evil scheme:

The links go to this Denmark server:
https://cdn-s.de

Subject: ITsupport Mail Quarantine Notification

Email Notification:

ImportantSome incoming messages have been placed in your Personal Quarantine.
This pending messages will be deleted automatically after 7 days.

Deliver all mails to your Inbox: Visit your Webmail Quarantine CenterCLICK HERE

Few of your quarantined messages are listed below along with the actions that can be taken.

Envelope From: sa***@mi**************.com
Subject: Inquiry
Time: Mon, 04 May 2020 08:49:14 -0700
Envelope From: ko**************@ou*****.com
Subject: RE: Order Confirmation
Time: Mon, 04 May 2020 08:53:51 -0700
Envelope From: an**************@sm*.com
Subject: L90GZ SN/679577
Time: Mon, 04 May 2020 08:55:24 -0700

****************
Another Variation:

An email stating you purchased something and this was debited from your bank. The link goes to a fake website that appears to have no homepage but actually has a mischievous .ASPX file.

Subject:  Credit card purchase confirmation

Hello
Find attached an ACH confirmation which was processed from your bank account.
Regards

Fake Emails from Domain Service

I’ve recently been getting so many emails from this company: Domain Service (or whatever company they decide they want to be).

HOW THEY OPERATE

They send out emails to unsuspecting domain name owners. They get the victim’s email addresses from the listed registered owners of different domain names. Then they send out these bogus warnings that their domains will be lost if they do not renew their subscription. They pose as the authorized company of said domain when actually, they have nothing to do with the domain and actually want to steal it from the victim.

They say they can do it for a huge sum — many times more than the actual cost of the domain name. The victim pays and that’s the last they hear of them.

If you ever receive an email like this, simply trash it and then delete your Trash content. Better still, report it to the Department of Justice. If you want to be sure about the email, contact your website manager or domain register and they can confirm the email’s authenticity.

vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv

SAMPLE

Here’s a sample of one of the emails I received:

 

Important notice

Notice#: 393989

Date: 04/27/2020

Domain Expiration

Domain: [NameOfDomain.com] (whatever your domain is)

Expiration date: 05/05/2020

To: [The Victim, Victim’s Company]

[Victim’s Address]

Domain Name: Registration Period: Amount: Term:
[NameOfDomain.com] 05/19/2020 to 05/19/2021 $86.00 1 Year

Secure Online Payment

Domain Name: [NameOfDomain.com]

Attn: [Victim’s Name]

 

This important notification notifies you about the notice of your domain frtsgv.org optimization submission. The information in this email may contain legally privileged information from the notification processing department of the Registration Office for our traffic generator. We do not register or renew domain names. We are selling traffic generator tools. This information is intended for the use of the individual(s) named above.
If you fail to complete your domain name registration frtsgv.org search engine optimization service by the expiration date, may the dismissal of this search engine optimization domain name notification notice.

Process

Secure Online Payment

to complete your payment

Failure to complete your domain name registration [NameOfDomain.com] search engine optimization service process may make it difficult for customers to find you on the web.

Act immediately

This domain registration for [ search engine service optimization notification will expire 05/05/2020.

Instructions and Unlike Instructions from this Newsletter:
You have received this message because you elected to receive notification. If you no longer wish to receive our notifications, please unlike here. If you have multiple accounts with us, you must opt out for each one individually to unlike receiving notifications. We are a search engine optimization company. We do not directly register or renew domain names. This is not a bill. You don’t need to pay the amount unless you accept this notification. This message, which contains promotional material strictly along the guidelines of the Can-Spam act of 2003. We have clearly mentioned the source mail-id of this email, also clearly mentioned our subject lines and they are in no way misleading. Please do not reply to this email, as we are not able to respond to messages sent to this address.

iDNS (Internet Domain Name Services) – Fake! Scam!

I reported iDNS to the post office a few months ago warning them that this company was doing improper … yes, even fraudulent activities. Technically they are still within the legal bounds but in actuality, they are deceptive in their approach. They are scam artists! And I can prove it. Read on.

If you own a domain and you get a letter from iDNS watch out! The letter comes with a warning  — “Domain Name Expiration Notice” which will scare the non-techies to send their credit card information to them.

The letter looks like this:

iDNS-Fake

If you get this in your mailbox (not email box) relax. These guys just got your information through easily accessible data. That’s all the “authenticity” they can boast of. This is why they are able to fool a lot of people.

If you read the small print it says in Bold letters ” This notice is not a bill.” Then it reveals what they want you to do. They want you to TRANSFER your web hosting to them for 4 times the price you would normally pay.

They also include a return envelope (not even with a stamp — ie. you have to pay for your response letter to them so that they can screw you!) that is addressed to:

iDnsFake

Internet Domain Services Inc
925 Bergen Ave., Suite #289
Jersey City, NJ 07306-3018

Obviously, you will want to burn that letter. Please warn all your friends.

Gone in a Flash

There is a sad trend in websites. Thanks to some security flaws, Flash Animation is slowly disappearing. Well … that and a few more reasons.

Article on Flash Attacks
If you are in still in the woods and don’t know what I’m talking about, here’s a sample Flash animation from the Traveling Boy Website which was developed by WYNK.

Other reasons for the dying flash animation would include:

  • longer download time (because of the size) – although this is getting less of an issue since the bandwidth speeds are getting better and better.
  • Some people just want the data and prefer not to have to go through a video to get it.
  • Some don’t have the patience for anything.

You will notice that major websites like Nike or Mercedes Benz that used to be heavy with Flash animation have now opted for Javascript slide presentations (so far Javascript slides are still safe). They’re not as dramatic and flexible as flash but until the problem is fixed, this seems to be the animation of choice.

Here’s a sample of a slide presentation WYNK made for TravelingBoy.com using Javascript.

And since I am in the topic about security on the web, if you are still using Microsoft Explorer, please save yourself some headache — switch to Firefox or Chrome (there are other browsers but these are my 2 favorites). Microsoft has already said they will no longer be in the web browser business. And if you are one of the dinosaurs still using Windows XP, go ahead and use it but just realize that if your browser crashes … worse — if your computer crashes, no one (except maybe Bubba, your friendly neighborhood tech guy)  will be available to help you.  And if you are taking the risk, just be sure to backup your data.

I don’t know if I’ll miss Flash when it comes to advertisements. But I will miss it in some websites. I hope they come up with a remedy soon. I always like to have options available.

It’s a changing world out there but there will always be good guys and bad buys.