Archive for the ‘Spam emails’ Category


12 July 2012




Phishing emails

11 June 2012

Here is an example of an email I received in the last week from someone I know:



I really did not want to disturb you with this but I had no one else to turn to. I’m in Madrid, Spain to see my cousin (Alex) who is a missionary there, He was diagnosed with (Acute Lymphoblastic Leukemia) – a type of Blood Cancer in 2005 and had been undergoing treatment since. The chemotherapy treatment was going fine until last week when the doctor noticed that the disease has relapsed and the only way he can survive is by undergoing a BMT (Bone Marrow Transplantation). My sister whose marrow matched his has agreed to be the donor and he shall be undergoing the transplant soon at the USP Hospital San José de Madrid. The estimate for the transplant is $6000 and I have already spent approx. $3000 towards his treatment. Since the amount is huge, I request you to lend out a helping hand and support me. Any kind of help whatsoever will be deeply appreciated. Your help and support will give him a chance to live a normal life once again. There is nothing called a small help when the heart giving it is big. Any amount will be accepted with gratitude. If you can help, please let me know to provide you with the details to get the money to me.




Looks a bit ominous doesn’t it?!

If you ever get an email from someone you care about asking for money, my first suggestion to phone the person in question rather than email them! In this case the email was sent by a fraudster who is waiting for a reply to that could eventually lead to a money transfer.

Very simply, the fraudster got access to the email account, changed the password to lock the genuine user out of his email account and then emailed all of the contacts saved in the address book.

You might ask: How did the fraudster get access to the email account? The answer is “through a phishing email”. In this specific case, the person had a hotmail account. A few hours before this email was sent out, he received a fake hotmail email asking him to login to his Hotmail account to verify some details. As soon as he clicked the link and logged in, the fraudster had the details! It is that simple! 

So please be cautious when you are asked to login to your online email account. Rather than click a link in an email, it is always safer to type directly into your web browser.

Keep safe and watch out for Phishing!

Raising money for charity

If you found this blog useful, please help me raise funds for Norwood by sponsoring me. In October 2012 I will be cycling 400KM in Sri Lanka for Norwood. Every day, they provide vital support to thousands of people with learning disabilities, and children and families in need, helping them to improve the quality of their lives and achieve their goals.

Thank you!


Fake PayPal emails

28 May 2012

Unfortunately, as we become more reliant on internet commerce, there are an increasing number of fraudulent attempts being made via fake emails.

Fake emails are also called “spoof emails” or “phishing emails”.

The fraudster is trying to get your PayPal username and password so that they can then transmit any funds you might have to a bank account within their control.

They do this by sending out a mass fake PayPal email containing link to a Fake PayPal website.

The email often claims that something is not right with your account or a specific transaction and they ask you to login to your account to review it.

Once you have logged in to the fake account, they capture the details and then immediately login and change your password so that you can no longer access your own account.

Then they work on taking advantage of your account while you are left struggling to regain control of your account.


If you ever suspect that you have received a fake email from PayPal, do not click any link in the email!

  • PayPal will ALWAYS write to you by using your first name and surname.
  • PayPal will also confirm what your email address at the bottom of the email.
  • If there are any links in the email we do not recommend that you click them – but instead just go to your web browser (Internet Explorer, Firefox, Chrome, Safari) and simply type in the address bar at the top to go directly to their website without relying on any links which might possibly be fake.

Simply forward the email to and they will usually respond promptly to confirm if the email is genuine or not. They will also be able to shut down the site very quickly.

Here is an example of a “Phishing” email:


Dear Customer,

PayPal temporarily check your account.
Reason: Billing failure.
We require you to complete an account update so we can be sure your details is correct.
To start the process Click Here.

Once you have completed the process, you can access your account at
any time.

The information provided will be treated in confidence and stored in
our secure database.
If you fail to provide required information your account will be automatically
blocked from PayPal database.
Copyright (c) PayPal Inc., All Rights Reserved


You can see that they write to “Dear Customer”. Also if you read the email carefully you will notice grammatical errors.

Here is a response from PayPal when the email is forwarded to


Hello First and Surname

Thanks for forwarding that suspicious-looking email. You’re right – it was a phishing attempt, and we’re working on stopping the fraud. By reporting the problem, you’ve made a difference!

Identity thieves try to trick you into revealing your password or other personal information through phishing emails and fake websites. To learn more about online safety, click “Security Center” on any PayPal webpage.

Every email counts. When you forward suspicious-looking emails to, you help keep yourself and others safe from identity theft.

Your account security is very important to us, so we appreciate your extra effort.



This email is sent to you by the contracting entity to your User Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:

5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118349.


To read more about phishing you can see read this.

Raising money for charity

If you found this blog useful, please help me raise funds for Norwood by sponsoring me. Every day, Norwood provides vital support to thousands of people with learning disabilities, and children and families in need, helping them to improve the quality of their lives and achieve their goals.

Thank you!

another email scam

6 November 2011

How’s your day going? I hope things are going well. Please I need you to help me out with something. Can I get a loan from you urgently? I`ll reimburse you under a week, I promise. I need to solve some personal problems at hand which have been giving me worries. I’d also prefer if we discuss this through email as I’m presently in Madrid, Spain for a friend’s funeral. I’m sorry if I didn’t inform you about it, but please try and understand. I had to leave in a hurry on-hearing that the date of her burial was re-scheduled & it seems I can’t access my credit card & bank here in Madrid. I`ll let you know how much I need if you are willing to assist me.



Please watch out for these scams. someone hacks into an email account of a person that you know and then sends this kind of email out to the all contacts in the address book.

The best way to deal with this is to try and call the person directly (or text message) to tell them you think someone has hacked into their email account.

UPS spam Emails

28 February 2010
In January 2010, two of my clients received an email from UPS a few days apart. They were both expecting a delivery and clicked the attachment to the email.
Sure enough, they infected their computer immediately.
Generally, UPS will not email clients unless they have signed up for such a service.  As a general rule, when receiving such emails please be exceptionally cautious about clicking the links or opening attachments.
If in doubt – don’t click on links or open attachments!
Even if the email says it is from UPS and it shows what looks to be like a genuine sender email address, most infected mails are not originating from the given sender address.
(A) Protect yourself from these nasty emails by using a good spam filter in addition to the Outlook standard junk filter. I find that between Outlook 2007 junk mail filter and Cloudmark, I do not receive any junk in my inbox.
(B) Pay attention to links by moving the mouse over the link. Outlook 2007 will then show you the real link underneath it. If the link looks completely unrelated, it is probably a dangerous link.
(C) You can even copy and paste some of the text into google to see what comes up. If it is fake, there should be ample hits to show you this.
(D) Ensure you have adequate antivirus and anti spyware protection and ensure it is regularly updated!
Examples of anti virus programs are:
AVG is free
Antivir is free
Avast is free
Antispyware: Spyware doctor is  £29.95 per year, although it drops to £25.46 with discount code friedman15 and you can purchase registry mechanic for with it for an additional £19.95
(E) Finally, pay attention to detail. If the English does not look right, they do not have your full name spelt correctly, punctuation looks awful, layout of images look unprofessional – the is likely to be fake!
Below are ten examples of phishing / spam / virus emails that I have saw in Jan 2010:
1. HSBC Phishing email – I have not included the full link but when you hover over the link, it is clearly pointing to a completely different domain name.
This e-mail has been sent to you by Hsbc UK to inform you that we were unable to verify your account details. This might be due to either of the following reasons:
1. A recent change in your personal information. (eg: address, phone)
2. Submitting incorrect information during registration process.
Due to this, to ensure that your banking service is not interrupted, we request you to confirm and update your information today by following the link below
If you have already confirmed your information then please disregard this message.
Hsbc Uk member services
2. Amazon fake email – once again, if you hover over the link (not included here) it will show you a completely unrelated domain name.
Your Order s/n:20625309073130 Accepted.
Thank you, Support
3. Amazon – fake email with virus attachment – even the way it is worded it is clearly not genuine as with all these emails – layout, punctuation and use of language generally points to being fake.
Thank you for shopping at
We have successfully received your payment.
Your order has been shipped to your billing address.
You have ordered ” Compaq CQ2009F “
You can find your tracking number in attached to the e-mail  document.
Print the postal label to get your package.
We hope you enjoy your order!
4. UPS email example – with a fake zip attachment containing a Backdoor.Trojan
Dear customer!
Unfortunately we failed to deliver the postal package you have sent on the 28th of December in time because the recipient’s address is inexact.
Please print out the invoice copy attached and collect the package at our office.
United Parcel Service of America.
5. Random spam with a link sending you to a random webpage
Is this photo yours?
Issac Gilmore
6. Another example of a random spam email
Please tell me is this photo yours?!
Ronald Feliciano
7. Inland revenue spam email

Taxpayer ID: debil-00000344068277UK
Issue: Unreported/Underreported Income (Fraud Application)
Please review your tax statement on HM Revenue and Customs (HMRC) website (click on the link below):
review tax statement for taxpayer id: debil-00000344068277UK
HM Revenue and Customs
8. Facebook fake email – It looks pretty genuine and even quotes the email address properly. However a google search of the text leads to many hits explaining that the link takes you to a page which tried to get you to download a virus.
Dear Facebook user,
In an effort to make your online experience safer and more enjoyable, Facebook will be implementing a new login system that will affect all Facebook users. These changes will offer new features and increased account security.
Before you are able to use the new login system, you will be required to update your account.
Click here to update your account online now.
If you have any questions, reference our New User Guide.
The Facebook Team
9. Another Fake Amazon email that looks quite authentic but hovering the mouse over shows a different domain name.
As a customer of we require an update on your account information. Under the UK Data Protection Act 1998, we follow strict security procedures in the storage of information which you have given us. In order to prevent closure of your account, we request you validate your account information with us. This only has to be done once and will be verified within 24 hours. Please note that failure to comply with our request may result in a temporary suspension of your account.
The information you enter will be transferred to our Accounts Department for the purposes of processing by By submitting your information, you consent to this transfer.
10. Fake email regarding National Lottery -If you play the lottery with an online account I think the National Lottery would call you by telephone! The email address below is clearly nothing to do with National lottery and they are just trying to get some valuable details from you before they start a dialogue to get access to your bank accounts!
Congratulations, your email address have won the sum of 600,000.00 GBP in the just concluded United Kingdom
National Lottery Online program.
For detailed information on how to file your claim, kindly contact our Foreign Service Directorate Mr John Mark with the following information:
1. Name in full…2.Phone/Fax… 3.Occupation…4.Address in full…5.Nationality…6.Email Address…
Phone: +44 701-113- 6260

Spam mail – no free prizes!!!

25 October 2009

Getting emails promising you free money or laptops is a regular occurrence these days – but do you ever see the free prize? mostly not.

The only people benefiting from these emails are spammers – eventually after a large number of forwarding, a spammer will receive an email with anything from 100-1000 email addresses – this is worth a lot of money to them!

An thanks to your friend who sent you the email out of consideration that they and you might win a laptop, the only freebie you will receive is more junk mai.

So next time you are sent an email about a free Ericsson R320 laptop or some money from Bill Gates, do not forward this on to eight people or eighty people. First use Google to check if the email is genuine and most times you will see it to be reported as a hoax.

Some site that specialise in hoax emails are:

Dangerous spam mails

25 October 2009

Earlier this week, a client emailed me a copy of an email that seemed to come from Microsoft asking him to install an update for Outlook Express. The client was wondering if he should install the update.

The answer was “NO” – the email was a complete fake and led to a link that would install spyware on the computer.

Microsoft will NEVER email individuals with software updates.

The text of the email in question is pasted below – stay well clear!!!


Update for Microsoft Outlook / Outlook Express (KB910721)

Brief Description

Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides you with the latest version of the Microsoft Outlook / Outlook Express and offers the highest level of security and stability.


•    To install Update for Microsoft Outlook / Outlook Express (KB910721) please visit Microsoft Update Center:
Quick Details
•    File Name: officexp-KB910721-FullFile-ENU.exe
•    Version: 1.5
•    Date Published: Thu, 22 Oct 2009 11:13:39 +0000
•    Language: English
•    File Size: 100 KB

System Requirements

•    Supported Operating Systems: Windows 2000; Windows 98; Windows ME; Windows NT; Windows Server 2003; Windows XP; Windows Vista
•    This update applies to the following product: Microsoft Outlook / Outlook Express