Scam Emails

Moltuae

Moltuae

Rest In Peace
Reaction score
3,669
Location
Lancs, UK
Don't ya just love 'em.

My main (O365 hosted) email accounts receive practically none but I have a few disposable Gmail accounts, which I check from time to time, that receive scam emails on a regular basis. I almost look forward to receiving these now; with their broken English and elaborate claims, some of them can be quite entertaining to read and dissect. I'm often tempted to reply and play along.

Some scam emails can look quite convincing and genuine at first glance but some are just so ridiculous you have to wonder who would ever fall for them. I found this one quite humorous, from Mr. Charles Greg ("Bill and Exchange Manager/ Secretary General, Head of the World Bank Finance Group, London Branch" no less!):

From Desk of the Secretary-General
World Bank Group, LONDON, UNITED KINGDOM

Attn: Sir,

I am Mr. Charles Greg, Bill and Exchange Manager/ Secretary General, Head of the World Bank Finance Group, London Branch, set up to fight against scam and fraudulent activities worldwide. This Group is responsible for investigating the legitimacy of unpaid contract, inheritance and lotto winning claims by companies and individuals and directs the paying authorities (banks) worldwide.


You are being legally contacted regarding the release of your long awaited fund. After a detailed review of your file, the World Bank Group has mandated that your fund should be release immediately the sum of US$10,625,000.00 (Ten Million Six Hundred and Twenty Five Thousand United States Dollars) has been approved in your favor. I therefore wish to inform you that your payment is being processed and will be released to you as soon as you respond to this letter.


Please re-confirm to us the following: also send your response to this email: officemail101@qq.com OR officemail044@qq.com


(1) Your Full Name:
(2) Phone, Fax an
Mobile Number:
(3) Company Name, Home Address:
(4) Profession, Age and Marital status:
Thanks for Your Cooperation.


Mr. Charles Greg
Click to expand...

Oh, and it's worth noting that this was sent from charlesgreg89@yahoo.com. I mean, c'mon, the "Head of the World Bank Finance Group" conducts his business using a Yahoo email account!? o_O

But hey, the reply email addresses are legit enough .... right? ;)
officemail101@qq.com
officemail044@qq.com
Seems perfectly reasonable to me that the World Bank Finance Group would use a free Chinese messaging service to host their email accounts.

And I love that Mr Greg was "set up to fight against scam[sic] and fraudulent activities worldwide".

Well, considering his important, trustworthy role and the fact that I'm "being legally contacted" (what does that even mean!?), I guess this email must be genuine. I'll send him my details right away! :D





Seriously, who falls for this sh1t!? :eek:
 
MichaelBits said:
James Veitch
Click to expand...
His Siri vs Alexa video is pretty funny :D

(I must find time to watch some more of his videos)


I'm very tempted to reply (James Veitch style) to this new scam email I received earlier today ...
Good Day,

It's a pleasure writing you on this platform. I have a great Business proposal and investments opportunities. I'd like to ask if you are interested because it is highly beneficial to both parties. Kindly indicate your interest for more details.

Carrigan E.
Click to expand...

"It's a pleasure writing you on this platform." - I like that. Makes it sound like Carrigan has only just discovered email. I'm going start all of my emails and texts with that phrase in future.
 
Moltuae said:
Don't ya just love 'em.

My main (O365 hosted) email accounts receive practically none but I have a few disposable Gmail accounts, which I check from time to time, that receive scam emails on a regular basis. I almost look forward to receiving these now; with their broken English and elaborate claims, some of them can be quite entertaining to read and dissect. I'm often tempted to reply and play along.

Some scam emails can look quite convincing and genuine at first glance but some are just so ridiculous you have to wonder who would ever fall for them. I found this one quite humorous, from Mr. Charles Greg ("Bill and Exchange Manager/ Secretary General, Head of the World Bank Finance Group, London Branch" no less!):



Oh, and it's worth noting that this was sent from charlesgreg89@yahoo.com. I mean, c'mon, the "Head of the World Bank Finance Group" conducts his business using a Yahoo email account!? o_O

But hey, the reply email addresses are legit enough .... right? ;)
officemail101@qq.com
officemail044@qq.com
Seems perfectly reasonable to me that the World Bank Finance Group would use a free Chinese messaging service to host their email accounts.

And I love that Mr Greg was "set up to fight against scam[sic] and fraudulent activities worldwide".

Well, considering his important, trustworthy role and the fact that I'm "being legally contacted" (what does that even mean!?), I guess this email must be genuine. I'll send him my details right away! :D





Seriously, who falls for this sh1t!? :eek:
Click to expand...

How did you modify your spam settings for O365 to filter emails like this? I have clients that are constantly forwarding me garbage using me as a human spam filter who are on O365 and I'm not sure how to beef up the filters to block crap like this.
 
thecomputerguy said:
How did you modify your spam settings for O365 to filter emails like this? I have clients that are constantly forwarding me garbage using me as a human spam filter who are on O365 and I'm not sure how to beef up the filters to block crap like this.
Click to expand...
I'm not doing anything special with the spam filters, except for lowering the threshold a little (usually 5 instead of the default 7).
 
gustav544 said:
you could turn off spam mails by unsubscribing them, so the user will be unable to send you new mails.
Click to expand...
That's a terrible suggestion.

Unsubscribing to legitimate junk emails is ok, especially those that you know you inadvertently subscribed to. But following unsubscribe links in unsolicited spam emails will, at best, not work. At worst you'll be inviting more spam and/or be following a link to a malicious web page.
 
thecomputerguy said:
How did you modify your spam settings for O365 to filter emails like this? I have clients that are constantly forwarding me garbage using me as a human spam filter who are on O365 and I'm not sure how to beef up the filters to block crap like this.
Click to expand...

Are you changing the default settings for O365's spam filters? There are quite a few to tweak, even more on the E plans and with ATP added.
 
I have actually had a few really pretty good fake mails recently, mostly purporting to come from various banks. They look the part, are properly written by what appear to be native English speakers, punctuated correctly, use all the right graphics etc. I can quite see how some unworldly end users would be taken in.

PS: @gustav544 - Moltuae is absolutely right. If you attempt to unsubscribe, all you're doing is proving to them that they've got a live address that's regularly checked - and providing an indication that you believe the sender represents a legit organisation.
 
Moltuae said:
That's a terrible suggestion.

Unsubscribing to legitimate junk emails is ok, especially those that you know you inadvertently subscribed to. But following unsubscribe links in unsolicited spam emails will, at best, not work. At worst you'll be inviting more spam and/or be following a link to a malicious web page.
Click to expand...

The big question is unsolicited vs solicited. I'll hit unsubscribe for emails I'm receiving from sites I know I have signed up for. So many others I've seen have some generic blurb in very small font nearly the same color as the back ground at the very bottom of the email claiming this came from something you signed up for. Pillules? Office cleaning? Really? Many come from other sources, including lists culled by black hats. After all they are in the public domain. Personally I believe that even if you unsubscribe, even if they really do take you off, they turn around and sell your email address as known live to another spammer. So I haven't hit unsubscribe in ages.

So it's gotten to the point where I manage my email a little bass ackwards. I have a ton of filters setup so that emails from known sources go to their respective folders. So the inboxes are 99.9% filled with spam stuff. It's easy to do a short scan for legits, move those, and then just select all and trash. I tried creating certain emails that never get used for anything but certain purposes/users. But I've found that they end up leaking anyways.
 
I keep a sub folder within my inbox, where I keep examples of phish and common scams.
I use these for my "security classes" I give to our clients. Many of them are soooooo realistic looking. Common big targets like O365 or Google...they send lots of phish disguised to look like something from Microsoft or Google. All they do is look at your companies MX records and they can usually find your mail host. Sure lots of it quite obviously fake..poorly done, but some of it is VERY well done.

And these guys do their homework. I myself about once a month get something looking like it came from RackSpace...to check something in our account there. (my email is not hosted at rackspace..we just have a wholesale account there for various stuff mostly DNS).
 
The real issue is spear-phishing attacks, where you have been deliberately targeted. In some cases, you got successfully randomly phished, gave away your login info to your email and the hackers then dumpster dives your mailbox for info and then crafts messages that look like your normal email. But just as often they can do this just from other social engineering tricks or just Google searching your company and figuring out who you are doing business with.
 
It's amazing how patient some of them will be. They'll study a business, find out who is who there..and go after them pretty hard.

One of my favorite stories to tell is the "paralegal at law firms that specialize in real estate closings"...they're one of the more heavily phished people out there. Once they bust into her (or his) mailbox....they sit back and watch. They'll wait for a closing that is scheduled later that day, and then an hour or three before closing, send out an email from her mailbox to all parties involved...notably the buyers side, and the email will be urgent, right before closing, to change the bank where the deposit goes. The recipients of the email hardly question it, the names/date/time/etc are all correct, and it came from her mailbox. (well, now most Realtors are aware of it). So...closing time comes, parties come to the table, the buyers side acknowledges "oh, by the way, yup I got your email, I changed the deposit just in time!" And the sellers side says "What?!?!!?! I never ....!!!"

...and the $45,000.00 deposit or whatever has been whisked off the never never land.

Had a client (the law firm never let me put them on MSP) that had their paralegal have her account breached soooo many times. And yes the above issue happened to them more than once!
 
YeOldeStonecat said:
It's amazing how patient some of them will be. They'll study a business, find out who is who there..and go after them pretty hard.

One of my favorite stories to tell is the "paralegal at law firms that specialize in real estate closings"...they're one of the more heavily phished people out there. Once they bust into her (or his) mailbox....they sit back and watch. They'll wait for a closing that is scheduled later that day, and then an hour or three before closing, send out an email from her mailbox to all parties involved...notably the buyers side, and the email will be urgent, right before closing, to change the bank where the deposit goes. The recipients of the email hardly question it, the names/date/time/etc are all correct, and it came from her mailbox. (well, now most Realtors are aware of it). So...closing time comes, parties come to the table, the buyers side acknowledges "oh, by the way, yup I got your email, I changed the deposit just in time!" And the sellers side says "What?!?!!?! I never ....!!!"

...and the $45,000.00 deposit or whatever has been whisked off the never never land.

Had a client (the law firm never let me put them on MSP) that had their paralegal have her account breached soooo many times. And yes the above issue happened to them more than once!
Click to expand...

This almost happened to one of my customers, small commercial real estate business. They were due a commission on a lease transaction and someone sent their customer a modified invoice with new banking information for payment. Fortunately they contacted my customer because of the bank change.
 
I just had a trucking company whose customer got breached and they sent fake invoices in the name of my client. My client was ****** and took some explaining that there is nothing I can do about that as THEY were not breached, none of their equipment was used just the good name. I had to literally fake an invoice up in Publisher and show them how it would work with snail mail before they truly understood the issue. Fake address 123 anywhere rd Las Vegas NV to return the check to. Then they finally understood how it didn't come from their office yet still can be fake.
 
Got this one today, which I found quite humorous ...

Looks like the "HON. MR. BUKOLA SARAKI" needs a new caps lock button.

HOW ARE YOU AND YOUR BELOVED FAMILY? I AM HON. MR. BUKOLA SARAKI, THE SENATE PRESIDENT, FEDERAL REPUBLIC OF NIGERIA AND I HAVE DEEMED IT VERY IMPORTANT, NECESSARY AND FIT TO NOTIFY YOU, THAT ONE MR. JOHN MARQUES OF FRANCE, THROUGH AN ACCREDITED ATTORNEY CHAMBER HERE IN NIGERIA, HAS SUBMITTED AN OFFICIAL APPLICATION LETTER FOR YOUR FUNDS CLAIMS ON YOUR BEHALF, STRESSING THAT YOU ARE DEAD AND HAS BEEN BURIED SINCE LAST YEAR OCTOBER 2019.

THIS IS BECAUSE PAYMENT VALUED TO BE THE SUM OF ONE HUNDRED AND FOURTY EIGHT MILLION UNITED STATES DOLLARS ($148,000,000.00) ONLY IS ABOUT TO BE PAID OUT URGENTLY TO MR. JOHN MARQUES OF FRANCE VIA AN ATTORNEY LAW FIRM IN THIS COUNTRY. PLEASE CONTACT EMAIL:hon.bukola.saraki@hotmail.com

YOURS FAITHFULLY,
HON. MR. BUKOLA SARAKI.
DIRECT TEL NO: +234-8177-933.
Click to expand...

Interesting angle. I mean, it's the first time I've had an email asking if I'm "dead and has been buried"[sic], which purportedly took place at a future date (October 2019).

FEDERAL REPUBLIC OF NIGERIA
Click to expand...
And you'd think that this time-travelling scammer would at least have the sense to lie about his country of origin, given the reputation his country has for harbouring scammers. Ironically his location is probably the only truthful part of the email, yet it's probably the biggest giveaway that it's a scam.

Perhaps I should reply and send him a few quid for a new keyboard .... before October of course.
 
You must log in or register to reply here.

Similar threads

GTP
iinet closing email services.
2
Replies
21
Views
2K
frecklesnoot
frecklesnoot
Metanis
[TIP] Microsoft Account got hacked. PW change didn't help!
Replies
8
Views
1K
Sky-Knight
Sky-Knight
J
Outlook continually sends emails from one address to Junk Email
Replies
4
Views
551
callthatgirl
callthatgirl
thecomputerguy
It's the clients, they just kill me.
Replies
16
Views
1K
frase
frase
thecomputerguy
Any way to stop these basic phishing emails?
Replies
12
Views
771
SAFCasper
SAFCasper
Back
Top