Phishing Phollies

I have about a dozen email accounts, all filtering into one inbox. Including SPAM, I get about 800 emails a day. That is AFTER passing through the SMTP SPAM filter, and I still get a very high volume of junk.

"Received: from pro-236-177.rediffmailpro.com (pro-236-177.rediffmailpro.com [202.137.236.177] (may be forged))
         by notes.cc.sunysb.edu (8.14.0/8.14.0) with SMTP id m0VEKee9018442
Message-Id: <200801311420.m0VEKee9018442@notes.cc.sunysb.edu>
Received: (qmail 17062 invoked from network); 31 Jan 2008 14:17:14 -0000
Received: from unknown (HELO c9u1q) (122.162.110.153)
  by mailserver with SMTP; 31 Jan 2008 14:17:14 -0000
From: "Vismit Kapoor" <vismit@shoulder.in>
Subject: Free Accurate Share Trading Recommendations

Dear Friends,

In the extremely volatile environment of Financial Markets, it takes lots of patience and professional competence to survive and generate consistent returns. However, as it is not possible owing to the existing professional and personal responsibilities, <EVIL SPAMMY LINK> has been launched by a set of professionally qualified domain experts having more than 8 years of rich experience in trading in various financial instruments.

<EVIL SPAMMY LINK> brings with itself an irresistible FREE offer to all its users to benefit from ABSOLUTELY FREE SHARE TRADING RECOMMENDATIONS. These FREE TRADING RECOMMENDATIONS can prove extremely beneficial in making a sound trading strategy suiting to each individual’s trading risk/reward profile.

FREE STOCK TRADING RECOMMENDATIONS:

These FREE TRADING RECOMMENDATIONS shall provide opportunity to trade in very short term to short term durations through SWING TRADING style :
2 Day Swing Trading : <EVIL SPAMMY LINK>
5 Day Swing Trading : <EVIL SPAMMY LINK>

FREE STOCK INTRADAY & EOD CHARTS:

At <EVIL SPAMMY LINK>, you may also visit all the FREE LIVE STOCK CHARTS and add various FREE TECHNICAL ANALYSIS TOOLS to it & YES all this comes for FREE.

FREE NSE STOCKS CHARTS: <EVIL SPAMMY LINK>
FREE BSE STOCKS CHARTS: <EVIL SPAMMY LINK>

FREE STOCK MARKET DATA:
<EVIL SPAMMY LINK> also offers FREE HISTORICAL NSE EOD DATA & BSE STOCKS AND FUTURES DATA as well as on Daily End of Day Data ( <EVIL SPAMMY LINK>) basis too. The historical data is offered in Metastock Format while the Daily EOD Data shall be in EXCEL format that is easily uploadable in various charting softwares around.
Historical NSE Data in Metastock Format since 1994 : <EVIL SPAMMY LINK>
Daily NSE Futures EOD Data in .xls Format : <EVIL SPAMMY LINK>
Daily NSE Stocks EOD Data in .xls Format : <EVIL SPAMMY LINK>

And YESS !!! All this comes for FREE & ONLY FREE..

<EVIL SPAMMY LINK> intends to cater to becoming a most helpful platform for all persons who are serious about safeguarding & increasing their hard earned monies in Stock Markets. <EVIL SPAMMY LINK> also has numerous other links offering free collated information at one place for investors’ benefit and yes all that comes is for FREEEEEEEEEEEEEE!!

FREE UTILITIES & ANALYSIS TOOLS:
Watchout for new FREE utilities coming up at <EVIL SPAMMY LINK> each day. It is our constant endeavour to provide you FREE utilities & recommendations.

<EVIL SPAMMY LINK> is in the initial stages of its launch and any suggestions for its improvements are most welcome.
You may feel free to reach us at <EVIL SPAMMY LINK>

Looking forward to Happy Signalling !!!

Regards
Team <EVIL SPAMMY LINK>"

""Online scam artists should be on notice that we will continue to work closely with our international partners to ensure that there are no safe geographic boundaries for committing these crimes," Assistant Attorney General Alice Fisher of the DOJ’s Criminal Division said in a statement."

"The settlement requires Member Source Media to disclose the costs and obligations associated with the advertised products and services, and bars the company from sending e-mail that violates the CAN-SPAM Act, which regulates the sending of unsolicited e-mail. The company must also pay $200,000 in civil penalties, according to the settlement approved Wednesday in the U.S. District Court for the Northern District of California."

"Received: from mail.adp-hvac.com (dsl017-030-060.lax1.dsl.speakeasy.net [69.17.30.60])
Received: from User ([202.65.139.14]) by mail.adp-hvac.com with Microsoft SMTPSVC(5.0.2195.6713);
          Tue, 29 Jan 2008 17:36:52 -0800
Reply-To: <service@navyfcu.org>
From: "service@navyfcu.org"<service@navyfcu.org>
Subject: Message from Navy Federal Customer Service
Date: Wed, 30 Jan 2008 07:05:31 +0530
MIME-Version: 1.0
X-Priority: 1 (High)
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <ADP-SERVERPe8vZ3fC8000005ff@mail.adp-hvac.com>
X-OriginalArrivalTime: 30 Jan 2008 01:36:53.0230 (UTC) FILETIME=[976600E0:01C862E0]
X-MIMETrack: Itemize by SMTP Server on notesmta2.cc.sunysb.edu/DoIT(Release 7.0.3|September
 26, 2007) at 01/29/2008 08:37:03 PM,
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
         charset="Windows-1251"

Message from Navy Federal Credit Union accounts Customer Service
Account : Savings
Date: 1/29/2008

All Navy Federal Credit Union accounts were recently update with a new security enhancement.

You need to reactivate your VISA debit card by the end of January 2008.

For your security, we recommends that you activate this feature.

To continue click on the link :

http://www.sigmapens.co.uk/shop/catalog/navyfederalcreditunion/

Thank you for banking with Navy Federal Credit Union accounts"

1. I’m in the United States, NOT the United Kingdom.
2. My alliances with maritime military are with the United States Coast Guard, NOT the "Navy".
3. I don’t have any accounts with a military based credit union.
4. Why would a military credit union have a website for Sigma Pens?

Ye be a friggin idiot. It’s the keelhaul fer all ye scurvy dogs.

Readers should note that this action usually ends badly for moi; the squeaky wheel doesn’t get any grease, and the flogging continues until I back down and return to my corner to sob about the injustices of the world, and how MEAN PEOPLE TOTALLY SUCK.

Waaayulllll, Shiver my timbers and bust my buckle, and toss in a "Holy Crap" to really drive home my enthusiasm!

The intern used a "content scraper" to populate these domains.

*"When pondscum on this web appear,

And break the laws that they should fear,

And scam all who see or hear,

The cry goes up both far and near for

Underdog! Underdog! Underdog! Underdog!

Speed of lightning! Roar of thunder!

Fighting all who rob or plunder!

Underdog! Underdog! Underdog!"

 * Underdog’s famous quote, slightly modified to fit the Web.

"Hi,

HostGator requires DMCA notices to be filed via fax or letter. The complaint must include full contact information in the complaint (including phone number). We will call and verify. Email (unless digitally signed by a verified and trusted third party) is not an acceptable medium for legal complaints.  This ticket system has received what appears to be a possible DMCA complaint, but one or more of the following are missing: (a) the complaint does not contain sufficient information (b) the format of the complaint is inconsistent with the requirements of the DMCA (c) the complaint has been submitted via email without proper authentication (d) full contact information is missing. We will need you to re-submit your claim, using the proper format, including sufficient detai, via postal mail or fax. Instructions on how to do so follow.

It is our policy to respond to clear notices of alleged copyright infringement. This response describes the information that should be present in these notices. It is designed to make  submitting notices of alleged infringement to us as straightforward as possible while reducing the number of notices that we receive that are fraudulent or difficult to understand or verify. The form of notice specified below is consistent with the form suggested by the United States Digital Millennium Copyright Act (the text of which can be found at the U.S. Copyright Office Web Site, http://www.copyright.gov) but we will respond to notices of this form from other jurisdictions as well.

To file a notice of infringement with us, you must provide a written communication that sets forth the items specified below. Please note that you will be liable for damages (including costs and attorneys’ fees) if you materially misrepresent that a product or activity is infringing your copyrights. Accordingly, if you are not sure whether material available online infringes your copyright, we suggest that you first contact an attorney.

To expedite our ability to process your request, please use the following format (including section numbers):

1. Identify in sufficient detail the copyrighted work that you believe has been infringed upon (for example, "The copyrighted work at issue is the text that appears on http://www.hostgator.com/tos.shtml") or other information sufficient to specify the copyrighted work being infringed (for example, "The copyrighted work at issue is “Intellectual Property: Valuation, Exploitation, and Infringement Damages” by Gordon V. Smith, published by Wiley, ISBN #047168323X").

2. Identify the material that you claim is infringing the copyrighted work listed in item #1 above. You must identify each web page that allegedly contains infringing material. This requires you to provide the URL for each allegedly infringing result, document, or item.

An example:

    Infringing Web Pages:           
       http://www.thewebsite.com/directory/
       http://www.thewebsite.com/something/blah.html

3. Provide information reasonably sufficient to permit us to contact you.

4. Provide information, if possible, sufficient to permit us to notify the owner/administrator of the allegedly infringing webpage or other content (email address is preferred).

5. Include the following statement: "I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law."

6. Include the following statement: "I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed."

7. Sign the paper.

8. If via postal mail, send the written communication to the following address:

    HostGator LLC
    Attn: Abuse Department, DMCA Complaint
    11251 Northwest Freeway, Suite 400
    Houston, TX 77092
    United States of America

    OR fax to:

    (281) 476-7801, Attn: Abuse Department, DMCA Complaint

Regardless of whether we may be liable for such infringement under local country law or United States law, we may respond to these notices by removing or disabling access to material claimed to infringe and/or terminating users of our services. If we remove or disable access in response to such a notice, we will make a good-faith attempt to contact the owner or administrator of the affected site or content so that the owner or administrator may make a counter notification.

We may also document notices of alleged infringement on which we act. As with all legal notices, a copy of the notice may be made available to the public and sent to one or more third parties who may make it available to the public.

In order to ensure that copyright owners do not wrongly insist on the removal of materials that actually do not infringe their copyrights, the safe harbor provisions require service providers to notify the subscribers if their materials have been removed and to provide them with an opportunity to send a written notice to the service provider stating that the material has been wrongly removed. [512(g)]

If a subscriber provides a proper "counter-notice" claiming that the material does not infringe copyrights, the service provider must then promptly notify the claiming party of the individual’s objection. [512(g)(2)] If the copyright owner does not bring a lawsuit in district court within 14 days, the service provider is then required to restore the material to its location on its network. [512(g)(2)(C)]

If it is determined that the copyright holder misrepresented its claim regarding the infringing material, the copyright holder then becomes liable to the OSP for any damages that resulted from the improper removal of the material. [512(f)]

Regards,
Adam D.
Network Security Administrator
http://www.hostgator.com/mailpolicy.shtml
http://www.hostgator.com/support.shtml
http://www.hostgator.com/tos.shtml
1-866-96-GATOR (42867)

Ticket Details
===================
Ticket ID: SAD-176580
Department: Security
Status: On Hold"

"Your Ticket has been received and a member of our staff will review it and reply accordingly. Listed below are details of this Ticket. Please make sure the Ticket ID remains in the subject at all times.

         Ticket ID: SAD-176580
         Subject: Theft of content
        Department: Support
         Status: Open

You can check the status or reply to this ticket online at: [link removed]"

"Received: from myway.com (nn3.excitenetwork.com [207.159.120.57])
Received: by mprdmxin.myway.com (Postfix, from userid 110)
         id 2B5617E423; Tue, 29 Jan 2008 08:43:10 -0500 (EST)
To:
Subject: URGENT PLEASE
Received: from [83.37.254.238] by mprdmailfe5.nwk.myway.com via HTTP; Tue, 29 Jan 2008 08:43:10 EST
X-AntiAbuse: ID = a2836e2cd904f97b6b7f8d2469e1f8db
Reply-to: luckymail7@myway.com
From: "luckymail7"<luckymail7@myway.com>
MIME-Version: 1.0
X-Sender: luckymail7@myway.com
X-Mailer: PHP
Message-Id: <20080129134312.2B5617E423@mprdmxin.myway.com>
Date: Tue, 29 Jan 2008 08:43:10 -0500 (EST)
X-MIMETrack: Itemize by SMTP Server on notesmta2.cc.sunysb.edu/DoIT(Release 7.0.3|September
 26, 2007) at 01/29/2008 08:43:22 AM,
         Serialize by Notes Client on Melissa Bishop/DoIT(Release 7.0.3|September 26, 2007) at
 01/29/2008 10:11:34 AM,
         Serialize complete at 01/29/2008 10:11:34 AM
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="MYWAYBOUNDARY_000__c2ad6e93f3e8d52dcbc81a0a5ce50a47";

–MYWAYBOUNDARY_000__c2ad6e93f3e8d52dcbc81a0a5ce50a47
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"

MY NAME IS RAMZI- LOPEZ, I AM THE FINANCIAL AIDS TO MISS BENAZIR BHUTTO THE LEADER OF PAKINSTAIN PEOPLE`S PARTY (PPP ). IT IS VERY CLEAR THAT YOU KNOW WHAT HAPPEND TO HER ON THE 27TH DECEMBER 2007 WHEN SHE WAS ASSINATED  DURING A PARTY CAMPAIGN. I REALLY HAVE TO CONTACT YOU BASE ON A VERY BOLD STEP WHICH I TOOK ON THAT DAY.

ON THAT DAY WE CAME TO THE CITY WHERE SHE IS HOLDING HER CAMPAIGN FOR AN ELECTION, AS A FINANCIAL OFFICER TO HER, I HAVE IN MY POSSESSION THE SUM OF USD $8,560,000.00 (EIGHT MILLION, FIVE HUNDRED AND SIXTY THOUSAND DOLLARS) CASH IN A BOX INSIDE A CAR . THIS MONEY WAS MEANT TO BE USED IN MOBLIZING THE VOTERS AND OTHER UNFORSEEN EXPENSES THAT MAY BE OCCURED WITHIN THE PERIOD OF THIS CAMPAING..

THE MOMENT THE BOMB BLAST HAPPENED AND HER DEATH COMFIRMED, I COULD NOT DO ANYTHING THAN TO SECURE THE BOX BECAUSE I AM THE ONLY PERSON CLOSER TO HER THAT KNOWNS THAT WE HAVE SUCH AMOUNT OF MONEY IN CASH WITHIN THAT CAMPAIGN GROUND. I QUICKLY MOVE THIS BOX AWAY FROM THE ARENA. AFTER TWO DAYS, I WENT TO A SECURITY COMPANY AND DEPOSITED THE BOX AS A FAMILY TREASURE AND INSTRUCT THEM TO MOVE IT OUT TO EUROPE.AS A SAFE KEEPING TREASURE BOX. . YOU CAN READ HERE:
http://www.economist.com/daily/news/displaystory.cfm?story_id=10415540&top_story=1

I HAVE TO CONTACT YOU AT THIS POINT BECAUSE; I WANT YOU TO HELP ME CLAIM THIS BOX FROM THE SECURITY COMPANY. YOU WILL BE REWARDED WITH THE SUM OF USD$1,500,000.00 DOLLARS (ONE MILLION FIVE HUNDRED THOUSAND DOLLARS). PLEASE DO SEND TO ME YOUR INFORMATION:

FULL NAME:
ADDRESS:
STATUS:
TELEPHONE NUMBER (HOME OFFICE MOBILE)
OCCUPATION:
COUNTRY:
PRIVATE EMAIL ADDRESS:

THE MOMENT I RECIVED THE ABOVE INFORMATION, I WILL SEND TO YOU THE CONTACT DETAILS OF TE SECURITY COMPANY IN EUROPE, AND AS WELL FURNISH THEM WITH YOUR INFORMATION AS BENEFICIARY OF THE BOX IN QUESTION. PLEASE DO TREAT THIS ISSUE AS A HIGH SECRECY. I CANNOT DO ANYTHING FROM PAKINSTAIN BECAUSE HER SON HAS COME UP TO TAKE OVER FROM HER. PLEASE TRY AND HELP ME SO THAT WE CAN ACTUALIZED THIS TRANSACTION. MORE ALSO, I WILL LIKE YOU TO GET BACK TO ME WITH THIS EMAIL ADDRESS:ramzilopez@aol.com I HOPE TO SEE YOUR REPLY REGARDS TO THIS, PLEASE.

THANKS
RAMZI - LOPEZ"

 "Phishing kit pits wannabe scammers against pro fraudsters
Big rats, little rats compete in a Net fraud pro-am; you still lose

January 23, 2008 (IDG News Service) — In a twist, security researchers have discovered a group of hackers who are exploiting a new category of victims — aspiring Internet scammers.

A Moroccan group called "Mr. Brain" is offering free phishing kits on a Web site hosted in France, said Paul Mutton, Internet services developer at Netcraft, a security company in Bath, England.

The software packages make it easy to quickly set up a fraudulent Web site mimicking a known brand in order to trick people into divulging credit card details or bank account numbers. Templates for spam e-mail are also included, targeting brands such as Bank of America, eBay, PayPal and HSBC.

Mr. Brain’s Web site lists the kits and what kind of details each one is capable of collecting, such as usernames, passwords or Social Security numbers. Netcraft posted screenshots on its Web site.

But what the aspiring scammer doesn’t know is that the phishing kits are designed to send any sensitive information that’s collected back to e-mail accounts controlled by Mr. Brain, Mutton said.

"Obviously, that’s why they are offering this stuff for free," Mutton said. "I was impressed by it."

Mr. Brain hides the special e-mail function in a blend of PHP scripts, one of which is encrypted, Mutton said. Just in case someone decrypts it, Mr. Brain has written at the top of the file "Don’t need to change anything here. Created by Mr. Brain Morocco Team."

The scheme seems to be targeted at new phishers, Mutton said. Mr. Brain benefits since other wannabe scammers shoulder the cost and risk of finding an ISP (Internet Service Provider) to host the phishing site, Mutton said.

"Essentially, they’re exploiting all these novice phishers — basically getting them to do all the hard work," Mutton said.

It’s difficult to tell without further research how many of the free phishing kits linked with this latest scam are live on the Internet, but Mutton said Netcraft noticed one earlier this month targeting Bank of America.

"Clearly, these are actively being used in phishing attacks," Mutton said."