Home 2013 e-scams 2012 e-Scams 2011 e-Scams 2010 e-Scams

The following email messages are examples of actual email phishing scams or attempts to deliver a virus via email. Most of these examples appear to have been sent by your Internet Service Provider (ISP).

You may also receive this type of email scam that appears to have been sent by Facebook, Twitter, Amazon, Ebay, Paypal, or a familiar credit card or bank.

If you do receive one of the following emails or a similar email message in your inbox, please avoid opening any attachments and delete the email.


NOTE: If you receive a questionable email and it is not listed here, do not assume that the email is valid. This list is simply a small sample of the large amount of scam emails that are circulating.


12/29/10 - Phishing Scam

From: Jodi Weber
Sent: Tuesday, December 21, 2010 1:12 PM
Subject:

Dear User,
 
This is to notify you that you are above your limit which is 1700MB as set by your administrator, you are currently running on 1709MB, you may not be able to send or receive new mail until you re-validate your mailbox. To re-val
idate your account please Log In: to our admin portal
 
Thanks
Administrator


12/23/10 - Phishing Scam


Date: Wed, 22 Dec 2010 01:00:24
From: helpdesk@w.cn
To: Recipients <helpdesk@w.cn>
Subject: Att: Webmail Account Owner,
This message is from Webmail messaging center to all Webmail email
account owners. We are currently upgrading our data base and e-mail
account center.

We are deleting all inactive Webmail email accounts as to create more
space for new accounts. To prevent your account from closing you will
have to update it below so that we will know that it's a presently used
account.

Your response should be sent to Webmaster Email: helpdesks@w.cn
******************************************************
CONFIRM
YOUR EMAIL IDENTITY BELOW
Email Username/Login ID : ......... .....
EMAIL Password : ...............
Date of Birth : ................

******************************************************
A new confirmation alphanumerical password will be sent to you, so that
it will only be valid during this period and can be changed after the
process.

You are to send your correct information to the webmaster for quick
update.

Thanks
Webmail Project Team.

11/26/10 - Phishing Scam

Date: Sat, 20 Nov 2010 12:28:44 -0800 (PST)
From: YOUR ISP WEBMAIL SUPPORT
To: undisclosed recipients
Subject: ISP Mail Alert !

Attn: ISP Webmail User

Our webmail would be shutting down all unused Account due to the congestion in our mail server. To confirm your active account you are required to fill in your details below and send back to us. This information would be needed to verify your account and to avoid being closed.

Full name:
User Name:
Password:
Reconfirm Password:

Thank you for using The YOUR ISP Webmail Account!

THE YOUR ISP WEBMAIL SUPPORT

10/05/10 - Phishing Scam

A new cyberscam has been targeting the tens of millions of users of iTunes music service, as crooks phish for confidential bank information.

A cleverly crafted email is landing in email in-boxes, informing people that they have made an expensive purchase on iTunes. The concerned user quickly tries to resolve the problem by clicking on a link in the email, which is always a mistake, though an easy one to make.

After clicking the link the user is asked to download a fake PDF reader, which redirects the user to infected Web pages (mostly Russian) containing Trojans among other malware that steal the users's personal details.

If you see this type of email in your in-box, please avoid clicking any links and delete the message.

09/27/10 - Phishing Scam

From: Webmail Support Team [mailto:maguilera@olmeca.edu.mx]
Sent: Sunday, September 26, 2010 4:18 AM
Subject: Email Upgradement....??

This mail is to inform all our webmail users,that we will be maintaining and updating our website in a couple of days.

To prevent you loosing your webmail account, you are required to send your Email account details to enable us know if you're still making use of the mailbox.

Be advised that we will delete all mail account that does not work for us to create more space for new subscribers, You are to send your information of mail account as follows:
Username:
Password:

Otherwise we will immediately cancel your email account and deactivated from our database.

Thank you for your understanding .

From Webmail Support Team

09/08/10 - Phishing Scam

From: YourISP.net
To: undisclosed-recipients
Sent: Monday, September 06, 2010 3:05 PM
Subject: [Norton AntiSpam]Account Suspension Notice!

Dear Valued Customer,

We are currently performing backing up on all our services. We intend securing our Security Servers for better on-line services. In order to ensure you do not experience service interruption, please you must reply to this email immediately and enter your:
E-mail [          ] @yourisp.net
Password [          ]
Confirm Password [          ]

And check out your new features and enhancements with our new and improved email account. To enable us upgrade account for better on-line services, please reply to this email.

Thank You.

Your ISP Administrator.
www.YourISP.net


09/02/10 - Phishing Scam

From: Your ISP Support Team [mailto:elsoh@singnet.com.sg]
Sent: Thursday, September 02, 2010 10:56 AM
To: helpdesk@yourisp.com
Subject: Account Verification

Dear ISP Subscriber,

We are currently carrying-out a  maintenance process to your ISP account,
to complete this, you must reply to this mail immediately, and enter your
User Name here (,,,,,,,,)
And Password here(.......) if you are the rightful owner of this account.

This process we help us to fight against spam mails.Failure to summit your password, will render your email address in-active from our database.

NOTE: If your have done this before, you may ignore this mail. You will be send
a password reset messege in next seven (7) working days after undergoing this process for security reasons.

Thank you for using Your ISP!
THE Company Name TEAM


08/25/10 - False charge notice

From: Newegg [mailto:info@newegg.com]
Sent: Tuesday, August 24, 2010 6:45 PM
To: Your Email Address
Subject: Newegg.com - Payment Charged

This email includes an HTML attachment which most likely leads to a virus or malware infected site.




08/23/10 - Phishing Scam

From: WEBMAIL ACCOUNT UPGRADE [mailto:sharks-are-1@sbcglobal.net] Sent: Monday, August 23, 2010 4:37 PM
Subject: REACTIVATE YOUR MAIL ACCOUNT.

REACTIVATE YOUR MAIL ACCOUNT.

Your email account will soon be suspended (Reason: Yearly quota maintenance).

To reactivate your email account, please reply to this mail immediatelyfor reactivation of your mail account with your Email Address: web_account.upgrades@alumni.com

Email Username:
Password:
Confirm Password:

System Administrator E-mail: web_account.upgrades@alumni.com

These mail is sent to you from our secured ITS service Center. Please
respond to this message for the reactivation of your account with your
current mail account user name and password.

We sincerely apologize for these unusual problem.

WEBMAIL REACTIVATION SERVICE For ITS Service.


08/22/10 - Phishing Scam

Date: Sun, 22 Aug 2010 11:42:26 -0400 (EDT)
From: "Your ISP Internet" <admin@yourdomain.net>
To: youremail@yourdomain.net
Subject: TERMINATION OF YOUR YOURDOMAIN.NET
WEBMAIL ACCOUNT (LAST WARNING)

Dear Subcribers

TERMINATION OF YOUR YOURDOMAIN.NET WEBMAIL ACCOUNT

We are currently carrying out an upgrade on our
system due to the fact that it has come to our
notice that one or more of our subscribers are
introducing a very strong virus into our system
and it is affecting our network. We are trying to
find out the specific person.

For this reason all subscribers are to provide
their USERNAME AND PASSWORD for us to verify
and have them cleared against this virus.

Failure to comply will lead to the termination
of your Account in the Next 48 hours.

Information to send;
EMAIL ADDRESS:
USERNAME:
PASSWORD:

Hoping to serve you better.

Sincerely,

Your ISP Internet.
**************************************************
This is an Administrative Message from
Your ISP Internet. This is not a phishing mail or
information. From time to time, Your ISP Internet
will send you such messages in order to communicate
important information about your subscription.
**************************************************


08/10/10 - Fake Online Banking Notice

This email includes a .zip file attachment. Opening the .zip file may infect your computer with a virus or malware.

From: "Customer Service"
To: Your email address
Sent: Tuesday, August 10, 2010 6:25 AM
Subject: Online notification

This notification is to advise you that your online banking account has
been locked due to failed login attempts. Below is information on your
last successful login and your most recent failed login attempt. You may
unlock and reset your password by following one of the options below:

- Open attached file and Use the "Forgot Password?" option located near
the username and password boxes on our website.

- Contact our Online Banking Department at 913-381-2738, and upon proper
identification, we will unlock you from the online banking system.

08/10/10 - FAKE AMAZON RECEIPT

**If you receive this message do not click any of the links.



08/09/10 - FAKE SALES ORDER CONFIRMATION

This email includes a .PDF file attachment. Opening this .PDF file may infect your computer with a virus.

From: Janna Kraft
To: username@yourdomain.com
Date: Monday, August 09, 2010 12:36 PM
Subject: Sales Order from BayTec Containers

To username :

Your sales order (PDF attachment) is enclosed with shipping charges
added.  Please review the list of items on the invoice.

Thank you for your business - we appreciate it very much!

Sincerely,

Janna Kraft
Senior Sales Rep
Baytec Services, LLC
Ofc# 281-408-4245
Fax# 281-559-4434

08/05/10 - FAlSE ACCOUNT TERMINATION ALERT

Date: Sun, 01 Aug 2010 18:11:18 +0800 (SGT)
From: Your ISP
To: info.@yourdomain.net
Subject: TERMINATION OF YOUR DOMAIN.NET WEBMAIL ACCOUNT

Dear Subcribers
TERMINATION OF YOUR DOMAIN.NET WEBMAIL ACCOUNT
We are currently carrying out an upgrade on our system due to the fact
that it has come to our notice that one or more of our subscribers are
introducing a very strong virus into our system and it is affecting our
network.We are trying to find out the specific person. For this reason
all subscribers are to provide their USERNAME AND PASSWORD for us to
verify and have them cleared against this virus. Failure to comply will lead to
the termination of your Account in the next 48 hours.

Information to send;
EMAIL ADDRESS:
USERNAME:
PASSWORD:

Hoping to serve you better.
Sincerely, Your ISP

****************************************************************************
This is an Administrative Message from your ISP. It is not spam.
From time to time, your ISP will send you such messages in order
to communicate important information about your subscription.
****************************************************************************

08/04/10 - Fake Income Tax notice contains Malware attachment

From: Internal Revenue Service [mailto:presumptuously@radiomedford.com]
Sent: Wednesday, August 04, 2010 9:20 AM
To: username@yourdomain.com
Subject: Notice of Underreported Incomeir

Taxpayer ID: bipin-00000044070822US

Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)
Please review your tax statement on Internal Revenue Service (IRS) website (Please find attached file - tax statement.zip):

==========================================

Internal Revenue Service

07/30/10 - Fake Account Update

From: Customer Care [mailto:customcare@yourisp.com]

Sent: Friday, July 30, 2010 1:25 AM

To: customcare@ yourisp.com

Subject: Your Account Update

 

Dear Customer

There is an on going changes/upgrading in your E-mail Account, please send us your E-mail ID and password to enter into our database operating system for upgrading in other to avoid your account be close



 07/30/10 - Fake Webmail Upgrade Notice

Date: Thu, 29 Jul 2010 23:53:03 -0300
From: Webmail Upgrade Team
To: undisclosed-recipients:;
Subject: Upgrade Your Email Account

ATTENTION: WEBMAIL SUBSCRIBER:

This mail is to inform all our {WEBMAIL} users that we will be upgrading our
site in a couple of days from now. So you as a Subscriber of our site you are
required to send us your Email account details so as to enable us know if you
are still making use of your mail box. Further informed that we will be
deleting all mail account that is not functioning so as to create more space
for new user. so you are to send us your mail account details which are as follows:

*User name:
*Password:
*Date of Birth:

Failure to do this will immediately render your email address deactivated from
our database. Your response should be send to

the following e-mail address. Your AdminManager:upgradecct@w.cn

Yours In Service.
Webmail Upgrade Team
Copyright © 2010. 


07/27/10 - McAfee contest scam

From: (Your domain name) Member Services [mailto:support@(your domain name)]
Sent: Tuesday, July 27, 2010 4:21 PM
To: admin@(your domain name)
Subject: McAfee VirusScan Plus


Download a FREE 30-day Trial of MCAfee VirusScan Plus and Be Automaticaly Entered to Win


Installation file attached

setup.zip.txt file

07/22/10 - False ACH Bank Notice

From: nacha.org [mailto:username@anydomain.com]
Sent: Thursday, July 22, 2010 11:40 AM
To: username@yourdomain.com
Subject: Unauthorized ACH Transaction

Dear bank account holder,

The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:

Unauthorized ACH Transaction Report <ttp://kermitklein.com/ccc.html>
-------------------------------------------------------------------
Copyright �2009 by NACHA - The Electronic Payments Association


07/21/10 - Fake Account Alert

Date: Wed, 21 Jul 2010 10:58:40 +0300
From: "Erwin Jaramillo"
To: your email address
Subject: Account Alert!

You must submit verification documents to continue using your
account without interruption. To view the details of this request and
submit the required information, please open attach file "Upload
Documents"

We thank you for your assistance in this matter.

Attachments:
application/zip;

07/15/10 - Fake Email Policy Violation Notice

This email includes a .zip file attachment. Opening the .zip file may infect your computer with a virus.

From: Mail Delivery Subsystem < mailer-daemon@yourdomain.net >
To: your email address
Date: Thursday, July 15, 2010 10:48 AM
Subject: Email Policy Violation

Note: Forwarded message is attached.

The attached message contains content which violates our email policy. The message was not delivered.

07/15/10 - False NDR bounce message

Date: Thu, 15 Jul 2010 14:10:43 +0530
From: Mail Delivery Subsystem <mailer-daemon@yourdomain.com>
To: <username@yourdomain.com>
Subject: Delivery Status Notification (Failure)
This is an automatically generated Delivery Status Notification

THIS IS A WARNING MESSAGE ONLY.

Delivery to the following recipient has been delayed:

    username@yourdomain.com

http://youngrembrandts.co.kr/message

Message will be retried for 2 more day(s)


06/29/10 - False NDR bounce message (includes a virus infected attachment, be sure not to open attachment!)

From: postmaster@roxberry.com [mailto:postmaster@roxberry.com]
Sent: Tuesday, July 06, 2010 2:52 PM
To: user@yourdomain.com
Subject: Delivery Status Notification (Failure)

Note: Forwarded message is attached.

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

      piazza2@roxberry.com

 Final-Recipient: rfc307;piazza2@roxberry.com
Action: failed
Status: 7.7.7


06/29/10 - Access to your email account scam

From: yourdomain.net [mailto:support@yourdomain.net]
Sent: Tuesday, June 29, 2010 8:40 AM
To: username@yourdomain.net
Subject: Reset your yourdomain.net password

Hello, username@yourdomain.net.

We received your request to reset your yourdomain.net password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.


If you didn't request that your password be reset, please follow the instructions below to cancel your request.


CONFIRM REQUEST AND RESET PASSWORD
Click on the following web address:
https://yourdomain.net/EmailPag

CANCEL PASSWORD RESET
Click on the following web address:
https://yourdomain.net/EmailPage

Thank you,


yourdomain.net


NOTE: Please do not reply to this message, which was sent from an unmonitored e-mail address. Mail sent to this address cannot be answered.


06/29/10 - Access to your email account scam

Date: Tue, 29 Jun 2010 02:46:45 +0530
From: "yourdomain.com" <support@yourdomain.com>
To: username@yourdomain.com
Subject: Please confirm your message

This message was created automatically by mail delivery software (TMDA).

To release your message for delivery, please click on the following link and confirm message

_https://yourdomain.com/confirm/launch?.gx=1&.rand=ck8q9en84ere5&.intl=us

This confirmation verifies that your message is legitimate and not
junk-mail. You should only have to confirm your address once.

If you do not respond to this confirmation request within 14 days,
your message will not be delivered.

Regards,
yourdomain.com Account Services


06/29/10 - Access to your email account scam

Date: Tue, 29 Jun 2010 08:28:56 -0500
From: "
yourdomain.com" <support@ yourdomain.com>
To: username@
yourdomain.com
Subject: Please confirm your email to

REFERENCE: Your Email to .

You recently sent email to a mailbox that requires authentication of the sender to reduce spam. Before your message can be delivered you must confirm that you are the sender by clicking on the link below and then clicking on the "Deliver" button that will be displayed. Once you have completed this step, no further authorization will be required for future emails that you send to this address.

Please confirm your email by visiting the URL

Thank you for your cooperation in helping us to fight spam.

Regards,
yourdomain.com Account Services


06/29/10 - Access to your email account scam

Date: Tue, 29 Jun 2010 12:29:58 +0530
From: "Microsoft Customer Support" <support@passport.msn.com>
To: abuse@yourdomain.net
Subject: Confirm your e-mail address for Windows Live ID

Hello, abuse@yourdomain.net.

Thank you for signing up for a Windows Live ID. Please follow the instructions below to confirm that you signed up for this account, or to cancel the account if you did not sign up.

CONFIRM ACCOUNT
To help prevent unauthorized account creation, we need you to confirm your e-mail address. We will use this e-mail address to send you important messages about your account. Also, some Windows Live ID sites and services may require a confirmed e-mail address.

 Thank you,

Windows Live ID Customer Support


06/28/10 - Access to your email account scam

Date: Mon, 28 Jun 2010 20:18:43 +0100
From: "yourdomain.com" <support@yourdomain.com>
To: admin@yourdomain.com
Subject: Your yourdomain.com account information has changed

New secret questions were added to your yourdomain.com account.

To ensure that your account information remains accurate and secure we notify you whenever this information changes.

This change request was made on Mon, 28 Jun 2010 20:18:43 +0100

If the changes described above are accurate, no further action is needed. If anything doesn't look right, follow the link below to
make changes:

_https://edit.yourdomain.com/forgot?stage=fe100&src=&intl=us&done=&partner=reg

Regards,
yourdomain.com Account Services


06/28/10 - Access to your email account scam

Hello, "yourdomainhelpdesk@yourhelpdesk.org"

Thank you for signing up for a yourhelpdesk.org. Please follow the instructions below to confirm that you signed up for this account, or to cancel the account if you did not sign up.

CONFIRM ACCOUNT
To help prevent unauthorized account creation, we need you to confirm your e-mail address. We will use this e-mail address to send you important messages about your account. Also, some yourhelpdesk.org sites and services may require a confirmed e-mail address.


Please confirm your email by visiting the URL

CANCEL ACCOUNT
If you didn't sign up for the account with this e-mail address and want to cancel the account, select and copy the following link. Open a browser and paste the link in the address bar. Press Enter or Return on your keyboard and follow the instructions that display.

Cancel your email by visiting the URL

Thank you,

yourhelpdesk.org Customer Support


NOTE:
Please do not reply to this message, which was sent from an unmonitored e-mail address. Mail sent to this address cannot be answered.


06/14/10 - Access to your email account scam

Date: Fri, 11 Jun 2010 20:21:59 -0500
From: "yourdomain.net support"
To: Your email address
Subject: yourdomain.net account notification

Dear Customer,

This e-mail was send by admin@yourdomain.net to notify you that we have
temporarily prevented access to your account.

We have reasons to beleive that your account may have been accessed by
someone else. Please open attached file (open.html) and Follow
instructions.

yourdomain.net


06/10/10 - Outlook setup scam

Date: Thu, 10 Jun 2010 10:30:36
From: "microsoft outlook support"
To: Your email address
Subject: Outlook Setup Notification

You have messages from Microsoft Outlook. Please re-configure your Microsoft Outlook again. Download attached setup file and install.



06/10/10 - Facebook scam

From: Facebook [mailto:update+zrdop6oepzh1@facebookmail.com]
Sent: Thursday, June 10, 2010 7:49 AM
To: Your email address
Subject: Reminder: John Miller invited you to join Facebook...





06/09/10 - Facebok scam

From: Facebook [mailto:notification+lrwxbpntbeor@facebookmail.com]
Sent: Wednesday, June 09, 2010 9:13 AM
To: Your email address
Subject: You have X unread message(s)...




06/05/10 - Facebook scam

From: Facebook [mailto:noreply@facebookmail.com]
Sent: Saturday, June 05, 2010 7:20 PM
To: Your Name
Subject: You have deactivated your Facebook account

Hi,

You have deactivated your Facebook account. You can reactivate your account at any time by logging into Facebook using your old login email and password. You will be able to use the site like you used to.

Thanks,
The Facebook Team


05/19/10 - Phishing scam

From: (YOUR ISP) Internet Service <helpdesk@yourdomain.net>
Sent: Wed May 19 09:05:19 2010
Subject: Immediate Attention to All (YOUR ISP) Internet Users

Dear (YOUR ISP) e-mail subscriber

Your ticket has been assigned an ID of [yourdomain.net #788818].
*************************************************************
Please be advised, there will be scheduled maintenance on all Internet and
Intranet Web servers subscribers as well as the Email Servers.

All web and mail services will be interrupted during these periods, In order to
avoid problems signing into your account after the maintenance, you are advised
to send us your email account details.

After upgrading, a password reset link will be sent to your email for new
password. Furthermore, be informed that we will not hesitate to delete all email
accounts that are not functioning, to create more space for new user. Please
send us your mail account details as follows for confirmation.

*First Name:
*Last Name:
*User Name:
*Password:

*Important*
Please provide all these information completely and correctly otherwise due to
security reasons we may have to close your account temporarily.We have been
sending this notice to all our email account owners and this is the last
notice/verification exercise.
***************************************************************
Thank you,
(YOUR ISP) Help Desk


04/28/10 - Email settings change scam

Date: Wed, 28 Apr 2010 13:14:00 +0900
From: "Jessica Medina" < preemptingvp4@raysflooring.com > -
 (could be a different sender)
To: < your email address >
Subject: setting for your mailbox (your email address) are changed

SMTP and POP3 servers for info@yourcomain.net mailbox are changed. Please
carefully read the attached instructions before updating settings.


Attachments:
application/zip;

The attachment may also be a .pdf named doc.pdf


04/13/10 - Fake Breach of Contract Notice

Subject: Notice: Contract terms breached.

5 April, 2010
Hello,

You are hereby put on notice that as of 7/1/2010 you are in breach of our contract dated 3/12/2007.

The nature of said breach is: False Advertising, Breach of Contract, Bad faith
Breach of Contract, Fraud and Deceit. It is our desire to inform you of the foregoing and afford you the opportunity to cure said breach. You may in any event be held responsible for all damages arising from said breach.

To view a copy of the complaint please visit our company website: http://---URL REMOVED---/Please use the CASE ID located at the end of the document to find the copy of the complaint.


You have until 10th of May 2010 to cure said breach, after which we will be forced to pursue further legal action.

Regards,
Jim Karter

CASE ID: 4322524


04/12/10 - Phishing scam


From: Webmail Internet Technical Support
To: undisclosed-recipients:
Sent: Friday, April 09, 2010 5:26 AM
Subject: Dear Webmail Email User

Attention E-mail Account Holder,

Dear Webmail Email User. All mailhub systems will undergo regularly
scheduled maintenance, and access to your mailbox via our mail portal will
be unavailable for some time during this maintenance period.

We shall be carrying out service maintenance/upgrade on our database and
e-mail account center for better online services. We are also deleting all
unused e-mail accounts to create more space for new accounts.In order to
ensure you do not experience service interruptions or possible deactivation
of your e-mail account, Please you must reply to this mail immediately
confirming your e-mail account details below for confirmation and
identification.
_____________________________________
1. First Name & Last:
2. Full Login Email:
3. Username:
4 Password:
5. Current Password:
_____________________________________
Failure to do this may automatically render your e-mail account
deactivated from our e-mail database/mail server. To enable us upgrade
your e-mail account, please do reply to this mail.

Webmaster Information
Technical Services
Account Management.


04/06/10 - Fake alert regarding access to your account

From: yourdomain.net support
Sent: Tuesday, April 06, 2010 7:38 AM
To: (your email address)
Subject: (your email address) account notification

Dear Customer,

This e-mail was send by yourdomain.net to notify you that we have temporanly
prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else.

Please click on the following link (or copy & paste it into your web
browser):

http://katjusza.home.pl/instructions.exe

(C) yourdomain.net


03/30/10 - Microsoft Internet Explorer Vulnerability

Microsoft has issued a warning against a new virus that they do not yet have a
patch for. The virus is attached to Internet Explorer, and if a subscriber
encounters a page infected with this virus, they will see a window prompt
requesting them to press the F1 key. Doing this then causes malicious code to
be run on their computer.

They are investigating reports of this vulnerability in VBScript that is exposed on
supported versions of Microsoft Windows 2000, Windows XP, and Windows
Server 2003 through the use of Internet Explorer. Their investigation has shown
that the vulnerability cannot be exploited on Windows 7, Windows Server 2008
R2, Windows Vista, or Windows Server 2008.

DO NOT press the F1 key if you receive this prompt while using Internet
Explorer. Apparently the page will issue the prompt repeatedly, so you will need
to either X out of the window, or close Internet Explorer all together to stop these
prompts.


03/22/10 - Copyright lawsuit scam

A new spam we noted this morning has the subject line
“Copyright Infrigement Lawsuit filed against you”. This message arrives with a virus infected attachment that in this case was titled document.doc.

From: Crosby & Higgins Law [mailto:suit@crosbyhiggins.com]
Sent: Wednesday, March 24, 2010 4:36 AM
To:
Subject: Copyright Infrigement lawsuit filed against you

To whom it may concern:

Enclosed is a copy of the lawsuit I filed against you in court on March 11, 2010.
Currently the pretrial conference is scheduled for April 10th, 2010 at 9:30 A.M. in
courtroom #33. The case number is 3485934. The reason the lawsuit was filed was due to a completely inadequate response from your company for copyright infringement that our client Lumberton Trading Company is a victim of. Lumberton Trading Company has proof of multiple copyright law violations that they wish to present in court on April 10th, 2010.

Sincerely,

Mark R. Crosby
Crosby & Higgins LLP


03/04/10 - Webmail quota scam

From: María Teresa Duque [mailto:maduque@sena.edu.co]
Sent: Thursday, March 04, 2010 10:44 AM
To: info@webmail.org
Subject: Webmail Quota Has Exceeded The Set Limit

Your mailbox has exceeded the storage limit which is 20GB as set by your
administrator, you are currently running on 20.9GB,you may not be able to send or receive new mail until you re-validate your mailbox.To re-validate your mailbox
please CLICK HERE : < http://k05z4.9hz.com/ > Thanks System Administrator .


02/23/10 - Email Security Upgrade Scam

Date: Tue, 23 Feb 2010
From: "yourdomain.net Team" < info@yourdomain.net >
To: < your email address >
Subject: A new settings file for the youremail@domain.com has just be released

Dear use of the yourdomain.net mailing service!

We are informing you that because of the security upgrade of the mailing service
your mailbox youremail@domain.com settings were changed. In order to apply the
new set of settings open this file:

http://irai.nerim.net/settings.exe

Best regards, yourdomain.net Technical Support.


02/22/10 - Fake Microsoft Conflicker.B Infection Alert

From: Microsoft Team
Date:
To:
Subject: Virus Found in message "Conflicker.B Infection Alert"

Symantec AntiVirus found a virus in an attachment from "Microsoft Team"

Attachment: open.zip
Risk: Packed.Generic.265
Action taken: Cleaned by Deletion
File status: Cleaned by Deletion

Dear Microsoft Customer,

Starting 12/11/2009 the ŒConficker¹ worm began infecting Microsoft customers
unusually rapidly. Microsoft has been advised by your Internet provider that your
network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt
cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division


<!--[endif]-->


02/19/10 - Email phishing scam

From: " Administration yourdomain.com"
To:
Subject: Your profile will be locked in response to a complaint received
by the Administration

*This message was created automatically by mail-delivery software.
Do not reply to this message.*

Hello!
Your profile will be locked in response to a
complaint received by the Administration 29.01.2010 ã.
According to "paragraph 8 of the user agreement,
yourdomain.com reserves the right to suspend or
terminate the provision of services yourdomain.com,
promptly notifying the user. Refute the statement
may be, following this link: http://ug7.net/54a5f
If the application is not rejected within 7 days,
your e-mail an account will be blocked.
It has a number 262930753947626.
In the near future we will contact you.
It takes up to 3 days to process your request.
Thank you!
--------------------------------
Sincerely,
mail support service
yourdomain.com

<!--[endif]-->


02/11/10 - Email phishing scam

A DGTFX virus has been detected in your
folders.Your email account has to beupgraded
to our new Secured DGTFX anti-virus 2010
version to prevent damages to our webmail
log and yourimportant files.Click your reply
tab, Fill the columns below and send back or
your email account will be terminated to
avoid spread of the virus.

USERNAME:
PASSWORD:
PHONE NUMBER:
BIRTHDAY:
USER ID:

Director of Web Technical Team.Note that
your password will be encrypted with1024-bit
RSA keys for your password safety
A DGTFX virus has been detected in your
folders.Your email account has to beupgraded
to our new Secured DGTFX anti-virus 2010
version to prevent damages to our webmail
log and yourimportant files.Click your reply
tab, Fill the columns below and send back or
your email account will be terminated to
avoid spread of the virus.

USERNAME:
PASSWORD:
PHONE NUMBER:
BIRTHDAY:
USER ID:

Director of Web Technical Team.Note that
your password will be encrypted with1024-bit
RSA keys for your password safety


01/14/10 - Email phishing scam

From: ITS Help Desk < help@webmaster.com >
To: helpdesk@webmaster.com
Date:
Subject: Immediate Attention to All Account Users

Immediate Attention to All Account Users Please be advised that
there will be scheduled maintenance on all Internet and Intranet Web
servers subscribers as well as the Email Servers on Saturday 16th and
23rd, 2010 beginning at 9:00 p.m. until approximately 12:00 midnight
to enable us increase the storage size of your account. All web and
mail services will be interrupted during these periods, In order to
avoid problems signing into your account after the maintenance; you
are advised to send us your email account details.
After upgrading, a password reset link will be sent to your email for
new password.

Furthermore, be informed that we will not hesitate to delete all
email accounts that are not functioning, to create more space for new
user. Please send us your mail account details as follows for
confirmation.
*Email

*User Name

*Password
This is a scheduled maintenance period that will be occurring each
month, due to the amount of junk email received daily.

Regards

ITS Helpdesk


01/12/10 - Webmail scam

From: info@yourdomain.net
To: mattjanewood@yourdomain.net
Sent: Monday, January 11, 2010 12:14 PM
Subject: A new settings file for the mattjanewood@yourdomain.net mailbox has just been released

Dear user of the yourdomain.net mailing service!

We are informing you that because of the security upgrade of the mailing service your mailbox (mattjanewood@yourdomain.net) settings were changed. In order to apply the new set of settings click on the following link:

http://yourdomain.net/owa/service_directory/settings.php?email=mattjanewood
@yourdomain.net&from=yourdomain.net&fromname=mattjanewood

Best regards, yourdomain.net Technical Support.


01/11/10 - Webmail phishing scam

From: WEBMASTER [mailto:webadmin@webhost.org]
Sent:
To: undisclosed-recipients
Subject: Schedule Upgrade { SEASON GREETNGS }

Attention ,

This message is from the Technical Support, Information technology Service
(ITS )wishes to inform you as a matter of urgency that we are undertaking some
essential, but extensive,maintenance to improve our webmail this weekend.The
maintenance is part of our ongoing efforts to improve and give you the
best Mail service we can as we say season greetings to our webmail users.The need to be updated as part of our continuing commitment is to protect your account and to reduce the instance of spam mails on and hackers log on our webmail stream.

Beginning the early hours of Tuesday 5th January (PDT) you may experience
problems accessing your webmail account.To avoid your account been
affected,Due to this, to ensure that your service is not interrupted,we request you to confirm and update your webmail details as required Below..Email(____)Username(___)Password(___)Date of birth(___) Contact
Address(___)Phone number(___)to prevent poor performance during the period of
upgrade, it should be available again by midday Thursday 7th
Jan,(PDT).You are likely to receive this notification until the upgrade is completed.in order to avoid delay accessing your mail,provide the required details..Failure while providing email account details might result lost of account as you might find it difficult to access your emails during upgrade

We sincerely apologize for this inconvenience

:::::: Technical Support ::::::::
Mail Technical Services

NB: We request your user name and password for Identification purpose
only.Thanks for confirming your Webmail details as Upgrade process is been
carried out by the ITS web team....


Home
2013 e-scams
2012 e-Scams
2011 e-Scams
2010 e-Scams
 
 
Site Map