Fake E-Mails Sent from 'Government'

I suspect Nigerian spammers behind this one...

Government Warns Public on Fake E-Mails
Jul 26, 2007 - Online Scam Artists Increasingly Using Fake Government E-Mails to Commit Fraud

Quote:

The federal agency charged with protecting consumers from Internet scams now finds itself wrapped up in one. Identity thieves have sent thousands of bogus e-mails purporting to be from the Federal Trade Commission as well as the Internal Revenue Service and Justice Department in an attempt to trick consumers into divulging personal financial information.

The agencies are the latest institutions to be exploited in "phishing" scams, long the bane of large banks and credit card issuers. Analysts who track online crime say that while financial institutions are still the most commonly hijacked brands, the use of federal agencies in the hoaxes is increasing and reflects criminals' desire to take advantage of the familiarity and authority of various government departments.

Phishing typically involves sending fraudulent e-mails that include links that direct recipients to fake Web sites where they are asked to input sensitive data. Phishers may also include attachments that, when clicked, secretly install "spyware" that can capture personal information and send it to third parties over the Internet. Criminal gangs in the United States and overseas use the information to steal thousands of dollars from consumers or to sell their identities in what experts describe as a sophisticated underground economy surrounding identity theft.

More ABC News: Fake E-Mails Sent from 'Government'

[waltky]

Something to look out for. Scammers comin' back for more...

Scamming You Twice: New E-mail Scam Targets Past Victims
July 30, 2007 Hoping their victims will fall for their false claims twice, e-mail scammers are targeting past victims of similar frauds claiming their lost money will be refunded.

Quote:

Posing as delegates of the "Nigerian Government Reimbursement Committee," online scammers are seeking out victims of Nigerian e-mail scams and promising them a $150,000 reimbursement award. An e-mail circulating around the Internet claims the Reimbursement Committee is "under the strict supervision of the United Nations" and is working with the Economic and Financial Crimes Commission (EFCC) to repay scam victims.

In order to claim their $150,000 award, individuals are ordered to provide an upfront processing fee of $850. This tactic, called "advance-fee fraud," has been the signature mark of these scams. Once an individual provides the scammers with his or her personal information, he or she is sent a "Certificate of Victimization." One ABC News intern e-mailed the scammers and specifically stated he was not a victim. They still sent him the certificate.

ABC News investigated Nigerian e-mail scams, called "419 scams," last year. The scammers target wealthy Americans, or "mugus," asking them to pay thousands of dollars in "processing fees" before they can collect on the big payout. The victims eventually discover the promised riches are a fraud. Ed Mezvinsky, a former Democratic congressman from Iowa, is serving a seven-year sentence for fraud after getting caught up in a series of Nigerian e-mail scams. Mezvinsky traveled to Nigeria numerous times and ultimately lost more than $3 million as a victim of the scammers.

The Blotter: Scamming You Twice: New E-mail Scam Targets Past Victims

[waltky]

Hackers took information from about 146,000 users of site run by Monster...

Personal info stolen from federal jobs Web site
Aug 30, 2007 - Personal data stolen on gov. jobs Web site

Quote:

About 146,000 people using a jobs Web site sponsored by the U.S. government have had their personal information stolen by hackers who broke into computers at Monster Worldwide Inc, a government spokesman said on Thursday. The theft on the USAjobs.gov site, which has about 2 million total users, was part of the hacking operation that Monster disclosed last week, according to Peter Graves, a spokesman for the U.S. Office of Personnel Management.

Monster runs the site on behalf of the government. On Wednesday, the government temporarily restricted recruiters from accessing the database until Monster completes efforts to ensure its computer system is secure, Graves said. “We disabled it yesterday as an extra precaution on our part to best protect our users,” he told Reuters in an interview late on Thursday. He said the government expected to restore that access by Friday.

The information stolen was names, mailing addresses, phone numbers and e-mail addresses. Social security numbers, which are encrypted in the database, were not compromised, Graves said. Officials with Monster couldn’t be reached for comment. The government got its first clue that the site had been compromised on July 20, when a subscriber submitted what appeared to be a fraudulent e-mail, Graves said. Officials with the U.S. agency immediately passed the information on to Monster, Graves said. The agency also posted a notice on the USAJobs site, warning users to be careful of fraudulent email scams.

More Personal data stolen on gov. jobs Web site - Security - MSNBC.com

[waltky]

Heads up...

Cybersquatting: The New Gateway Scam to Identity Theft?
September 17, 2007 - Americans are falling victim to a growing Internet crime wave known as cybersquatting, according to legal and trademark experts.

Quote:

Cybersquatters are individuals or companies that create Web addresses that are remarkably similar -- perhaps only one or two letters off -- from addresses for well-known companies or products. For example, known cybersquatting Web sites include dellcomputersystem.com instead of dell.com and samslcub.com instead of the correctly spelled samsclub.com.

Cybersquatters' goal is to hijack Web traffic from legitimate Web sites to their counterfeit sites and turn a profit. While some cybersquatters make money by filling their sites with typical pay-per-click (PPC) ads, others take a more devious approach.

"Cybersquatters are getting more sophisticated as they are trying to take advantage of consumers," Alan Drewsen, executive director of the International Trademark Association (INTA), told ABCNews.com. "As the number of domains increase, it just increases the possibility of this fraudulent behavior."

MORE

[waltky]

New spam scam...

Nigerian Scammers Now Posing as U.S. Postal Inspectors
November 05, 2007 - Beware of e-mails that look like they are from the United States Postal Inspection Service (USPIS).

Quote:

Nigerian scam artists are sending a new wave of fraudulent e-mails in the name of the Postal Inspection Service, the very agency that has been tracking them down. The scam e-mails inform people that their packages have been seized by the USPIS, and that the only way to release them is to wire-transfer a special "IRS waiver fee" in the thousands of dollars.

The e-mails cleverly use actual language and images from the USPIS Web site and are sent in the name of Chief Postal Inspector Alexander Lazaroff. The scammers, however, misspell his name as "Lazarof." The e-mails are the latest salvo in an ongoing battle between the scammers and the USPIS. The postal service recently launched a nationwide TV campaign warning of a Nigerian scam involving counterfeit checks used to pay for merchandise sold online.

In the last two years, postal inspectors have seized billions of dollars worth of counterfeit checks destined for U.S. fraud victims. The new e-mails use a Yahoo! address, and authorities say they have asked the company to help them monitor e-mail traffic to the account.

The Blotter: Nigerian Scammers Now Posing as U.S. Postal Inspectors

[waltky]

Hoax e-mail to watch out for...

Spammers Hit 20,000 With Fake DOJ E-Mail
Feb. 1, 2008 - Justice Dept. Warns Users of Hoax E-Mail Using DOJ Logo and Web Graphics

Quote:

Spammers have incorporated the Justice Department's logo and Web site banner into an ongoing e-mail hoax that has reached approximately 20,000 Internet users. According to a sample e-mail provided by the department, the messages claim that the recipients have been mentioned in a complaint filed by an individual named Carl Williams. "A complaint has been filed against the company you are affiliated to [Company Name] in regards to the domain of business activity," it says. "The complaint was filed by Mr. Carl Williams on 01/20/2008 and has been forwarded to us and the IRS."

The message refers to users listed in an attachment to the e-mail that purports to be a copy of the complaint and contain contact information for Carl Williams. The hoax e-mail using the Justice Department's logo from its Internet page asks recipients to open the attached files and print them. This triggers the virus or worm, which then perpetuates the spread of the hoax e-mails. On its web site, the Department has published a warning about the hoax, warning users not to respond and not to open any of its attachments. "The Department of Justice did not send these unsolicited e-mail messages -- and would not send such messages to the public via e-mail," the warning states.

Noting that similar fraud e-mails have been sent using the cover of other federal entities such as the FBI, Federal Trade Commission and IRS, the warning adds, "The e-mail messages contain a malicious attachment as well as random text used to defeat spam filters." "E-mail users should be especially wary of unsolicited warning messages that purport to come from U.S. governmental agencies directing them to click on file attachments or to provide sensitive personal information." This type of hoax has been seen previously on Justice Department servers. In October 2006, Internet users received hoax e-mails claiming to come from FBI Director Robert Mueller.

Source ABC News: Spammers Hit 20,000 With Fake DOJ E-Mail

[waltky]

Head's up for board viewers...

Scammers Send Bogus FBI E-Mails
June 6, 2008 - FBI Warns of Fake Bureau E-Mails That Demand Response to Receive $35,000 Settlement

Quote:

In the latest of what seem to be an increasing number of Internet scams using official government logos, the FBI is warning computer users about fake e-mails purporting to be from the FBI's Internet Fraud Complaint Center and the British government. The new scam claims to involve a reimbursement of funds lost from Internet fraud.

The fake notice informs recipients, "The approved committees have approved the sum of $35,000.00 (Thirty five thousand dollars) for your scam compensations the bank of England [sic] will be contacting you soon to remit the approved amount to your account." The scam notice indicates that failure to comply will place the funds on hold and a penalty will be applied to the recipient's bank account.

The purported notice from the FBI's Internet Fraud Complaint Center follows scam e-mails last month as the Internal Revenue Service began sending out economic stimulus checks to eligible recipients. In that hoax, fraudsters sent out fake e-mails notifying individuals that direct deposit is the fastest and easiest way to receive their tax rebate check from the IRS.

The FBI urges Internet users to delete suspicious e-mails and spam and to contact the FBI's Internet Crime Complaint Center at Internet Crime Complaint Center (IC3) | Home. "These criminals are increasingly attempting to do this by falsely claiming to be various government officials," said FBI Special Agent Richard Kolko in Washington. "Don't respond, don't open the attachments, and don't send your money or personal information. We are asking people to be aware of this tactic and to report incidents to IC3."

More ABC News: Scammers Send Bogus FBI E-Mails