In November there were some interesting spam emails popping up in our inboxes ranging from housing deals to mysteriously free cash. Perhaps one may have popped into your email inbox. If you’re not sure, we’ll help you discover what’s loitering around in your email inbox.
A full house of spam
You may have seen spam that’s landed in your inbox that reminds you of many unrelated scams. This can happen by accident or by design. That is to say, you’re just not sure of what you’re looking at really. Is it ransom/blackmail related, or dating, or stolen passwords/data? Maybe it’s all three?
At first glance the title of the email is itself somewhat unsettling:
“I am watching you every day let’s talk here [URL] I live next to you, you recognize me from the photo) after entering, I look forward to meeting you”
Immediately, we feel a bit creeped out with all the stalker talk. I mean is the neighbour planning to invite themselves in? How did they get your details? Have they been watching you? Certainly, this type of email often begins with “I have your password and stole your files” or “I’m watching you” That’s to say, we’ve been weirded out by those claiming to be watching us through a webcam rather than in our bedroom. But still very weird and creepy.
Do you like houses? Our spammer does
After that the mode changes from weird and creepy to “rich grandiose fantasies.” At a local random property, so no longer neighbours we can meet a total stranger from the internet. And the place is a dreamy looking luxury bungalow which belongs to neither you or the message sender.
Meanwhile we’re asking ourselves what is this? And why you have a bunch of property tips next to what sounds like murderous dating spam? The answer is easy, the spammers are trying to breakthrough your filter security. Afterall they want someone to see their spam, otherwise how can you fall victim? So, they make use of valid services and piggyback into your mailbox. Pretending to come from a legitimate source, mail services might not stop the message even if the contents are a bit weird and creepy.
Skipping the security fence
Subsequently, there are many ways to hackers attempt to bypass security.
For example
– Splitting Bitcoin addresses and writing in languages other than English
– using images
– avoiding certain words or hiding the text
– piggybacking on other services
As we’ve touched on briefly, piggybacking is where hackers take advantage of a legitimate site’s service to breakthrough through detection. In other words, utilising in this case a property website that requires no sign up to send property recommendations. Or sometimes they imitate it, to make it look like the real thing,
Then they send spam links, leading to a number of explicit sites. You’ll be taken to graphic pornography games or adult dating websites, regardless of if you say you’re over/under 18 or not.
But even if we consider their innovative tactics to get around spam traps, are they successful? Especially since their message goes from “potentially threatening”, to “houses for sale”, with a splash of “randomly taken to explicit pornography games.” Surely it wouldn’t command a large target audience.
Meanwhile, it’s good to know that Malwarebytes users are protected from the sites linked from the initial mails, and also further click throughs and redirects:
adultgames(dot)fun
mojzz(dot)playtillcum(dot)com
mojzz(dot)dateworlds(dot)net
milffinder(dot)com
h90348it(dot)beget(dot)tech
liksss(dot)beget(dot)tech
The case of the unfriendly 419 spam
The 419 style takes on the approach of someone, telling you off. Well, this spam tells you off a lot. Not sure if people enjoy being told off. But, apparently you’re halfway through some shady deal and getting into trouble.
Lazy phishers and bad phishing pages
This spam starts off reasonably enough for a scam. Their claim is that you have a stockpile of money just sitting in the bank. Possibly the laziest or worst phish page I’ve ever!
And all you need to do is fill in the form to get all that cash. But warning bells start ringing when they ask you to “Create your own Google form”.
When a phish goes off the rails
Afterall when potential victims see “create your own Google form” followed by the direction to fill in an “Untitled form”, with an “Untitled question” and the option called “Option 1” and no other text, it’s laughable. Certainly, no potential victim is ever going to part with any of their hard-earned cash. So, that’s a loss for the scammers and a point for us.
And finally…
PayPal fake mails are still doing the rounds as per their old- tricks. Firstly the mail claims to be from a intl-paypal(dot)com address and it isn’t. Secondly, it wants you to restore the access to your account. This is how the email reads:
Dear Customer,
Your account has just closed temporarily, because there is suspicious activity on your account. To avoid unwanted things, we took action to close your account temporarily. Immediate update and re-activate your account.
As part of this process, your old security info will be deleted and your contact email
Click the button below to finish update and active your info.
So, when you get this sort of spam email
- Block
- Report
- Delete
Subsequently, there’s never more than a day without an attempted spam or phishing email coming into your inbox. Hopefully, you’ve received a few pointers on which ones to avoid.
Make sure to defend yourself with block, report and delete.
