Scam – Account Notification

by on November 11, 2011 | Posted in Scams and Spams, Security

A particularly interesting email came through today.  I know I haven’t really posted on much else but I have been very busy with everything. This email was well written and added  a little twist.  The message came from PNC, from support@pnc.com.  The message had a top header claiming it had been scanned for viruses by mailscanner, with an actual link to mailscanner, and was clean.  Being a PNC customer, I opened the email. The email reads (links are inactive for security reasons):


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Dear PNC Bank customer,

A new security method was developed by our IT engineers, which purpose is to protect online accounts from unauthorized usage and third party access. For this new feature to be added to our online banking system our members are required to update their profile information by clicking on the following link:

Click here to go to the online form

You are required to update your account one-time only and will take 3-5 minutes of your time. After completing the online forms correctly you can continue using your account as usual. Please note that failure in updating your profile will result in suspending your account.

Thank you,
Alice Alperstein,
IT Executive,
PNC Bank.



Now the mailscanner link was legit.  What was there to give this scam away?  The link to go to the form.  It should have went to an https address, and it didn’t.  Also, it should have went to something.pnc.com or pnc.com/somestuff. It didn’t it went to a different site that was something like mouehrnejd.fr/sewef/?login=secure.  If you are ever unsure of any email sent about updating bank information call your bank directly before filling out any forms or go to your banks site separate from the link you are given. 

1 Comment
Read More

Another great scam email came today.  I’m sure this will start a trend, so I will post it here for any others who are suspicious but Google before they question.   It’s so interesting to see scams develop, I enjoyed this, it was a valiant effort leading to another fail.  The email was from a friend of mine, for this example we’ll say his name was John Smith. The email came from Johns account,  johnsmith@comcast.net, the email address was his. The subject line read, “Emangency—John Smith!!!”.   My friend is a very intelligent man, and can certainly spell emergency.  That’s what triggered my initial suspicion before even reading the email.  The email read as follows:

I am writing you in a tensed mood and urgently require your kind aid asap,I came down here to Spain, for a  short vacation unfortunately i was mugged at the park of the hotel where i stayed,all  cash,credit card and cell were stolen off me but luckily for me i still have my passports with me.I’ve been to the embassy and the Police here but they’re not helping issues at all and my flight  leaves today but am having problems settling the hotel bills and the hotel  manager won’t let me leave until i settle the bills,

pls let me know immediately, pls hurry



So one, I knew my friend was in fact not in Spain.  Two, he would not put his name in the subject line.  Three, no one says tense mood.  Though the email came from a legit source, it shows that scams can even come in the form of an email from a friend. And what if I had responded?  Well, the reply-to address was johnsmith@ymail.com.  What is the reply to address? The reply to address is simply the address that the mail will be sent to if I hit reply from my email.   So my response would go straight to the hacker who would then no doubt ask for a wire transfer of money.

Simple resolve, I texted my friend, who had already seen it from a family member. A simple password change to remedy the situation.


The moral of the story?  Email accounts are not secure and can be hacked through things like facebook and apps that collect you data and allow you to log in to accounts through their interface.  Always use “medium strength” passwords.   Medium strength passwords are generally 8 characters and include at least one capitol letter, one small letter, and a number.


No Comment
Read More

Due to the amount  hits and questions we get about some of the spam, virus, and phishing emails people receive I  am going to try to post  more of the emails we have sent to us online. I know there are a million site that do this so we aren’t going to just post it I am also going to help you recognize to help you spot these emails so you are not fooled by them.

This is an email I personally received.  The subject was simply Hello??, the email showed it was from facebook, and the email read like this:

Hello Man,
I don’t know how to say it, but I’ve tryed before a long time to send you some photos, but I’ve thought that you aren’t interested to see me. But now I’m going to send you the Photos in the Attachment. Download the pictures and extract they, I’m sure that you will like they. The password is: 123456
Have a great day.

So could this be legitimate? I guess so, I know that I wondered if someone had pictures of something I attended and given a business card to.  3 things stood out to me right away, the message was from Facebook, it was sent to undisclosed recipients, and the email address was @ hi5.com.

Now let me break down my 3 reasons. Firstly,  I don’t have a facebook account (yes, I know i’m the only one). This is not really a cause for suspicion as many people do actually have a facebook account.

Secondly, as you can see from the screenshot , the message was sent to undisclosed recipients. This means that the sender BCC’d (blind carbon copied) everyone he sent it to. So that is a good indication that the email was sent to multiple people.  This is usuall the first and easiest indicator. if someone was sending you pictures with such a “personalized” and direct email, wouldn’t they just be sent to you directly?

Third, the email says it’s from facebook, however, the email address is info@hi5.com. If it was from facebook it would be info@facebook.com or something @facebook.com.  The email also had an attachment, and exe file. If someone attached pictures they would be in a .jpg  format and are usually just attached to the email itself.  Had i run the exe file I would no doubt have a fake antivirus take over my system. I didn’t run the file, but would like to in a virtual environment. When I do I will update this post.

Read More

There are too many scams and virus email for us to cover them all.  But I like to post the most interesting ones here, I just can’t help myself.  This was an email I have never seem before with the subject of We gift you a ticket for a free dish from contact.us@mcdonalds.com.  It was written in the usual “I can’t really speak english but watch me try” way. Now the email address looks legitimate, but here’s the email:

Good afternoon.

McDonalds invites you to The Free Supper Day which will take place on 29 June, 2011, in every cafe of ours.

Free Day’s menu!
– McChicken
– World Famous Fries
– Premium Caesar Salad
– Apple Dippers
– McCafe Latte

Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants.

Every manager will gladly take your card and issue you a tasty dish of Free Day.
And remember! Free Day is whole five free dishes!

Thank you for your credence.
We really appreciate it


The first thing that made me suspicious was the attached zip file,  But, I do love free so just in case, I thought I would read it.  Firstly, The Free Supper Day. Really? McDonalds is a bit more clever than that, and even if they user something like The Free Supper Day, there would be a “Mc” somewhere.  And who says supper day?  Obviously there are several other english blunders, and in America we don’t call them world famous fries, they’re just McDonalds fries.   So I downloaded the zip attachment (it unzipped to show an exe file) on my netbook and checked it with Panda antivirus. Surprise, virus. 

So a basic overview of the email, if it was McDonalds they would most likely call it the free McDinner.   It would have also linked to their site (though be careful of links, just because it’s a link doesn’t mean it’s safe) in some way and the email would have contained graphics, the plain text above is exactly how the email came.  

As always,be wary of any emails with attachments when you don’t know who they are from. Also watch the links you click in emails, The link can say anything and link to anywhere.  If your unsure you can right click a link and select copy link location or copy URL and paste it in a notepad.  Check the link to make sure it is a legitimate link. A link like mcdonalds.com or even food.mcdonalds.com would be ok but a link like thisbadlink.com, mcdonalds.com.cn, or even mcdonalds.thisbadlink.com would not be good to click. Please leave your comments and feedback below.

1 Comment
Read More

I stumbled upon a neat piece of software the other day called mouse jiggler.  We've all had it happen, your watching a movie on your laptop and all of the sudden the monitor goes out.  You reach for your mouse and swipe the pad to bring your screen back on.  Then (if your me) you change your power settings and tell the computer to stay on.  Movie ends, you have to remember to put it back or the battery will die the first time you walk away and get distracted by a squirrel out the window.  This neat little utility will actually fake a mouse jiggle every few minutes, and your pc doesn't know the difference,  Avoid the embarrassing  AC~DC screen saver poping up in the middle of an important business PowerPoint presentation.   Now for windows media player or VLC, a mouse jiggle means the playback controls pop up on your screen.  To bypass this you simply press the Zen Jiggle checkbox for an invisible mouse jiggle that will keep your computer awake without disturbing your movie.  You can download mouse jiggler here.

No Comment
Read More