Off-Topic Got a scam in my junk mail box.

Malware1

New Member
Joined
Sep 28, 2011
Messages
6,480
#61
Title: HMRC - Error in the calculation of your tax‏
Link: "My Refvund" - VirusTotal
Payload (site down): p.exe - VirusTotal

The "My Refvund" shows this before getting redirected to the payload, but the site is no longer up.
View attachment 11122
Code:
Dear Customer :

HM Revenue & Customs has identified an error in the calculation of your tax from the last payment, amounting to GBP 1.400. To return the excess payment, please click the " My Refund" below:

My Refvund

How to return itself, have not changed. Only the format of what you claim and how you get paid back from HMRC has changed digitally. HMRC Department has trouble to return it through the data you give on the Tax application form.

We are here to Ensure the correct tax is paid at the right time, whether this relates to payment of taxes received by the department or entitlement to benefits paid.

Best Regards,
HM Revenue & Customs Department
View email with graphics:

View attachment 11121
This one was available in one of my packs.
 

Spawn

Administrator
MalwareTips Staff
Joined
Jan 8, 2011
Messages
17,108
OS
Windows 10
Antivirus
Microsoft
#65
Phishing Email: Your Online Access has been temporarily disabled

Suspicious URL: ( some url ) . com/err_log/sub/activate.html

upload_2014-6-19_16-33-9.png
[/COLOR]
 

Spawn

Administrator
MalwareTips Staff
Joined
Jan 8, 2011
Messages
17,108
OS
Windows 10
Antivirus
Microsoft
#66
Title: You have 4 messages that must be viewed
Scam: View 4 messages
Sender: (see image)

upload_2014-12-23_17-52-10.png

 
Likes: _CyberGhosT_

Rishi

Level 19
Trusted
Joined
Dec 3, 2015
Messages
908
OS
Windows 10
Antivirus
Webroot
#72
Got this phising attempt in one of my junk mailboxes twice, involving PayPal asking me to "continue replacing my security information".It is interesting to note they have used PayPal banner in the email but the link is not only suspicious but redirects to a hosted webpage which looks like a spoofed copy of PayPal without the secure padlock of course!(.php).The scammer does not know I don't use PayPal anyways.:D See below :

Phising Attempt : To continue replacing your security information, click the button

URL redirects to : some url.com..../modules/navigator/auth/

upload_2016-1-18_5-43-39.png


Virustotal scan results: Seems like a new site
upload_2016-1-18_5-38-32.png

Remedial measures taken : Duly reported to paypal ,US-Cert and APWG. :cool:

too bad they don't know I am a MT user.
 

Attachments

Tornado

New Member
Joined
Nov 22, 2015
Messages
1,078
#73
I got something similar on Skype, somebody put in a very long paragraph - somebody with the same second name as me has died and the person who said it claimed he worked for a bank in India trying to find the heir to his millions. It looked very professional (with a VPN obviously) I replied saying can you show me some ID? and then he (in slang and using 'u' instead of 'you') give me your e-mail. I used a masked one and still recieved nothing. I again said give me some ID and he just said give our bank £900 via a P.O Box and then we will tell you where to go and give you the millions you deserve :p

What I did:
  1. Found his IP and sent it to all the authorities I could.
  2. Reported him to Skype.
  3. Blocked him.
Please don't ignore these scammers! People are losing hard earned money because of these false claims, report them!
 

Rishi

Level 19
Trusted
Joined
Dec 3, 2015
Messages
908
OS
Windows 10
Antivirus
Webroot
#74
FastStoneEditor1.png

Got this scam mail in one of my junk email inbox. As you can see the sender's email is a big hint, secondly I am not subscribed to secret shopper(never heard of it).

Upon checking the email header online at several sites to confirm,we find the source :rolleyes: :

upload_2016-4-2_1-58-23.png


Obviously it is a scam email and has been flagged as phising. The company involved has also been notified.
 

Morvotron

New Member
Joined
Mar 24, 2015
Messages
278
#75
Ugh, I receive like three or four on my secondary account each week.. It's so pathetic. I mean why would they give you 80 millions dollars? Everybody knows a decent person won't accept less than 100mil.
 
Likes: Rishi

Spawn

Administrator
MalwareTips Staff
Joined
Jan 8, 2011
Messages
17,108
OS
Windows 10
Antivirus
Microsoft
#76
Flagged by Spam Filters in Gmail. :)

Dear Sir,

My name is Mr. Fekete Sandor Istvan, I hope my mail meets you in good faith. I work as a sailor executive/ Chief Engineer with JPY Worldwide Shipping Company here in the UK, and i'm usually in the ship almost all the time, JPY Worldwide is a very big company with large services Nationwide.

However, my main aim of contacting you is because my company is about to embark into buying of a Maintenance Oil which is mainly distributed from South East Asia market (Malaysia) for our ship services and maintenance.

I need a reliable individual or friend from any part of the world that can handle this project which will be a one year contract of interval supplies. I have made the necessary researches and arrangement on this transaction. I wish to intimate you into making this supply if you will accept my conditions. I will give you the full information's if i find you interested by replying to me. I have included my email address (<removed>@hotmail.com) so that we can be in contact immediately after you read and understood this summary of supply proposal

I Hope to hear from you soon.

Best Regards,
Mr. Fekete Sandor Istvan
 
Likes: _CyberGhosT_
Joined
Apr 13, 2016
Messages
42
#77
I, too, once or twice I got this e-mail, report it,block and delete.Simple rule of never click on attachments ..:cool:
 
Last edited:

_CyberGhosT_

Level 52
Trusted
Joined
Aug 2, 2015
Messages
4,180
OS
Linux Mint
Antivirus
Default-Deny
#78
@Huracan
I would have got pissed about the crappy grammar halfway through and deleted this anyway :)
Have you noticed that nearly all spam now appears written by individuals with very poor grammar ?
 
Likes: frogboy

Spawn

Administrator
MalwareTips Staff
Joined
Jan 8, 2011
Messages
17,108
OS
Windows 10
Antivirus
Microsoft
#79
Not exactly junk mail, but I stumbled across this a couple months ago. It's quite convincing to destroy the reputation of Qihoo, oh wait, they do that to themselves. :p

upload_2016-4-16_13-54-16.png