Archive for the ‘Money Making Scams’ Category

Tricky China Domain Registrar Spam E-mail

Sunday, June 8th, 2014 by

Usually it’s pretty easy to tell which e-mails are simply a scam where I would instantly hit the delete button.  Something about this one actually gave me a thought that it could be legitimate funny enough.  Of course, after reading the message it was too obvious.  In this case the mail tries to imply that there is a company trying to register a domain in their country with a name that conflicts with something you currently use.

I guess the dead giveaway for me was that there is no way a company would use the name of this domain considering I just randomly made it up as like a fictional term years ago.  But, in case anyone does think it is real here is what the e-mail looks like:

From – Sun Jun 08 14:02:41 2014
Return-Path: <jim.zhang@yg-registry.net>
Received: from ex01.ufhost.com (ex01.ufhost.com [61.152.239.75])
Received: from mail.euchost.com (unknown [10.5.5.26])
(using TLSv1 with cipher RC4-SHA (128/128 bits))
(Client did not present a certificate)
by ex01.ufhost.com (Postfix) with ESMTP id 716C224DEE1
Received: from hyng (101.228.211.168) by SHE15MB02.euchost.com (10.2.22.62)
with Microsoft SMTP Server (TLS) id 15.0.775.38; Mon, 9 Jun 2014 00:14:31
From: Jim Zhang <jim.zhang@yg-registry.net>
Subject: “al6400″
Date: Mon, 9 Jun 2014 00:20:26 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”—-=_NextPart_000_0D6D_01147DA3.11DC09B0″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-ClientProxiedBy: SHE15CA02.euchost.com (10.2.22.22) To
SHE15MB02.euchost.com (10.2.22.62)
X-Yovole13RuleAgent: yovoleflag

Dear Manager,
(If you are not the person who is in charge of this, please forward this to your CEO,Thanks)
This email is from China domain name registration center, which mainly deal with the domain name registration and dispute internationally in China.
We received an application from Huahong Ltd on June 3, 2014. They want to register ” al6400 ” as their Internet Keyword and ” al6400 .cn “、” al6400 .com.cn ” 、” al6400 .net.cn “、” al6400 .org.cn ” domain names etc.., they are in China domain names. But after checking it, we find “al6400 ” conflicts with your company. In order to deal with this matter better, so we send you email and confirm whether this company is your distributor or business partner in China or not?
Best Regards,
Jim
General Manager
Shanghai Office (Head Office)
3002, Nanhai Building, No. 854 Nandan Road,
Xuhui District, Shanghai 200070, China
Tel: +86 216191 8696
Mobile: +86 1870199 4951
Fax: +86 216191 8697
Web: www.yg-registry.net

Coca Cola 2014 Promotion

Tuesday, March 4th, 2014 by

This e-mail kind of caught my attention at first since it used a well-known brand name. Of course, after reading it the mil seems clearly to be an attempt to get information out of people. I like how all the places they tell you to contact is overseas as well. That should usually be a dead giveaway where something isn’t right as you wold think companies would have someone local handle these things usually. Stay away from this if you get it.

From – Tue Mar 04 21:57:43 2014
Return-Path:
Received: (fqmail 10695 invoked from network); 05 Mar 2014 02:29:35 -0000
Received: (qmail 14552 invoked from network); 5 Mar 2014 02:29:35 -0000
Received: from server12.nocdata2.com (server12.nocdata1.com [66.45.255.122])
Received: from localhost ([127.0.0.1]:50108 helo=www.citionline.sxx.in)
by server12.nocdata2.com with esmtpa (Exim 4.82)
(envelope-from
)
id 1WL1Xa-003lL7-1w; Tue, 04 Mar 2014 21:26:38 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit
Date: Tue, 04 Mar 2014 21:26:37 -0500
From: COCA COLA

To: undisclosed-recipients:;
Subject: COCA COLA 2014 PROMOTION
Reply-To: cocacolapromothailand@yahoo.co.jp
Mail-Reply-To: cocacolapromothailand@yahoo.co.jp
Message-ID: <1dc98a00819a332198beb6ced7ddfa9d@citionline.sxx.in>
X-Sender: cocacolaadmin@cocacola.org
User-Agent: Roundcube Webmail/0.9.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname – server12.nocdata2.com
X-AntiAbuse: Originator/Caller UID/GID – [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain – cocacola.org
X-Get-Message-Sender-Via: server12.nocdata2.com: authenticated_id: citionli/only user confirmed/virtual account not confirmed


COCA COLA 2014 PROMOTION

This is to inform you that your email id has been selected for this 2014
Coca Cola promo award, The email ballot
systempromotion from our company here in Thailand (ASIA) with a cash
prize of1,000,000 Dollar.You are to contact your fiduciary agent for
therelease of your cash prize . Secret pin code D/M00147C.

CONTACT YOUR FIDUCIARY AGENT WITH THE
INFORMATION BELOW INCLUDING YOUR SECRET PIN CODE.

Name In Full:
Address:
Sex:
Age:
Personal Number:
Country:
Secret Pin code:
This details above you have to send to your
agent email id below.

Name: Dr Frank Johnson
Email: cocacolapromothailand@gmail.com
Note: Do not reply to this e-mail, Send an e-mail to your claims officer
with the contact details above.

Regards,
Mrs Ashley Powel
Online Co-ordinator
Congratulation once again from Coca Cola promo board

Sales Pitches Disguised As Travel Deals

Tuesday, September 24th, 2013 by

I was reading some interesting stories today of travels deals that seemed way too cheap here you have to wonder what the catch was. By cheap think of it as airfare and accommodations to places that would normally cost about $1000 come out to about $80. Again, sounds ridiculously cheap huh?

Apparently the catch was many of these trips are actually sponsored by businesses where as the tourist you are brought to places such as shops and markets where people are pressured to buy useless items. In many examples I have read people were buying hundreds of dollars of items due to the high pressure sale tactics. So in the end, they didn’t really get to see any great landmarks that you would expect when taking a vacation. As well, most people ended up paying just as much due to all the junk they bought.

As the old saying goes, if it sounds too good to be true it probably is. It does make me wonder how companies can survive with this type of tactic these days as I am pretty sure there must always be someone carrying like a video capture phone who would document everything which would make the business look really bad.

Fake Walmart TV Purchase

Monday, May 20th, 2013 by

Well, looks like someone out there is trying the old e-mail phishing scam again. This time it looks like they are trying to pretend to be Walmart.com and attempting to scare people in making them think that they made a purchase. This is what the e-mail looks like:

Walmart TV Phishing Scam

From – Thu May 16 14:26:40 2013
X-UIDL: 1368709532.17838.pt01
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: Received: (fqmail 17837 invoked from network); 16 May 2013 13:05:32 -0000
Received: (qmail 15440 invoked from network); 16 May 2013 13:05:32 -0000
Received: from 36-230-174-36.dynamic-ip.hinet.net (36-230-174-36.dynamic-ip.hinet.net [36.230.174.36])
Return-path:
Delivery-date: Thu, 16 May 2013 21:05:20 +0800
Received: from [16.34.49.217] (port=60661 helo=[192.168.199.151])
by 36.230.174.36 with asmtp
id 5YLB76-7112H5-If; Thu, 16 May 2013 21:05:20 +0800
X-EN-OrigIP: 36.230.174.36
X-EN-IMPSID: WLKW1l02w0lF5W901LKWYU
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=walmart.com; i=help@walmart.com; q=dns/txt; s=IP;
t=1367353171; x=1398889171;
h=date:message-id:to:from:cc:subject:
content-transfer-encoding;
z=Date:=20Tue,=2030=20Apr=202013=2013:19:24=20-0700=20(PDT
)|Message-Id:=20<201304302019.r3UKJOLd022606@ndc-fulmaila
pp3.walmart.com>|To:=20tom@tomgivens.com|From:=20″Walmart
.com”=20|CC:=20|Subject:=20Thanks=20for
=20your=20Walmart.com=20Order=202677175-375050;
bh=Y5/lWjKcTaPNp8T8dOICiPv+PwPN9urNh/jRID58VAU=;
b=btTEEO7LpaM983cciYDSzAai3ciXwZxh7/LWlEci41J17LEU/kS4D/TN
fkXgtUVI/SrLjh/7sH3+0daB9OdkRzRYpVWrQDWGnC6VTbYjY1ex4qRgr
HsvHvxo/OvUlB67Y4PlUL8ahqxh9OqELNVXebj35MuQP6gKD78lLB26Ws
M=;
Accreditor: Habeas
X-Habeas-Report: Please report use of this mark in spam to
Date: Thu, 16 May 2013 21:05:20 +0800
Message-Id: <705711808426.ICRFUIFS346176@ndc-fulmailapp4.walmart.com>
X-Authentication-Warning: ndc-fulmailapp5.walmart.com: batch set sender to orders@mail.wallmart.com using -f
From: Wallmart.com
Errors-To: eorderconfirm@mail.wallmart.com
Subject: Thanks for your Walmart.com Order 6036254-090423
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”–Boundary-49=_0B139ELD_PC76FKN4K”

Thanks for ordering from Walmart.com. We’re currently processing your order.
Items in your order selected for shipping

• You’ll receive another email, with tracking information, when your order ships.

• If you’re paying by credit card or Bill Me Later®, your account will not be charged until your order ships. If you see a pending charge on your account prior to your items shipping, this is an authorization hold to ensure the funds are available. All other forms of payment are charged at the time the order is placed.
Shipping Information
Ship to Home

Liam Wilson
2636 Burgess St
St Peters, DC 68025-3157
USA

Walmart.com Order Number: 6036254-090423
Ship to Home – Standard
Items Qty Arrival Date Price
Toshiba UN48EH8000 62″ 1080p 400Hz Class LED (3.7″ ultra-slim) 3D HDTV 1 Arrives by Tue., May 21
Eligible for Free Standard Shipping to Home. $898.00
Subtotal: $898.00
Shipping: Free
Tax: $62.86
See our Returns Policy or
contact Customer Service Walmart.com Total: $960.86
Order Summary
Order Date: 05/15/2013
Subtotal: $898.00
Shipping: Free
Tax: $62.86
Order Total: $960.86
Credit card: $960.86

Billing Information
Payment Method:
Credit card
If you have any questions, please refer to help.walmart.com or reply to this email and let us know how we can help.
Thanks,

Your Walmart.com Customer Service Team
www.walmart.com

This one is a little more apparent that it is illegitimate as they try to get you to go to a misspelled domain called “Wallmart.com” as opposed to “Walmart.com.” As usual, I’m sure someone out there may have fallen for it so be sure to just dump it in the trash.

Yahoo Lottery Scam

Tuesday, April 2nd, 2013 by

Been awhile since I got one one these in the e-mail. This scam seems like they are trying to disguise themselves like the company Yahoo! I did find it a little humorous that they say it’s like for the New Years when it’s already April. I know a lot of people usually fall for things like this when the messages use big company names, so here is what the mail looks like:

From – Tue Apr 02 22:01:19 2013
X-Account-Key: account3
X-UIDL: 1364964786.25669.pt01
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
X-Mozilla-Keys:
Return-Path:
Received: from daneurope.org (89-96-185-116.ip13.fastwebnet.it [89.96.185.116])
by mx10.futurequest.net ([10.2.1.182])
with ESMTP via TCP; 03 Apr 2013 04:53:05 -0000
X-MDAV-Result: clean
X-MDAV-Processed: daneurope.org, Wed, 03 Apr 2013 06:49:31 +0200
Received: from User by daneurope.org (MDaemon PRO v13.0.3)
with ESMTP id md50002832916.msg
X-Spam-Processed: daneurope.org, Wed, 03 Apr 2013 06:48:47 +0200
(not processed: message from trusted or authenticated source)
X-MDPtrLookup-Result: hardfail ip=221.234.24.46 (no PTR records found) (daneurope.org)
X-MDHeloLookup-Result: hardfail smtp.helo=User (does not exist) (daneurope.org)
X-Authenticated-Sender: roberto@daneurope.org
X-MDRemoteIP: 221.234.24.46
X-Return-Path: info@yahoo.com
X-Envelope-From: info@yahoo.com
Reply-To:
From: “Yahoo!”
Subject: CONGRATULATIONS !!! YOU WON $1, 000.000.00USD
Date: Wed, 3 Apr 2013 11:48:01 +0700
MIME-Version: 1.0
Content-Type: multipart/related;
boundary=”—-=_NextPart_000_0047_01C2A9A6.62DB2BB8″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

YAHOO LOTTERY RESULTS 2013
YAHOO INTERNET LOTTERY
CONGRATULATIONS!!!

Yahoo!! International Lottery Organization
Bangkok Branch Office
Address: 3 Sukhumvit Lane
Bangkok 10400 Thailand

Yahoo! Mail announces you as one of the 25 lucky winners of the ongoing 10
Years Yahoo lottery Award of the New Year Held this month.

All 25 winning email addresses were randomly selected from a batch of 50,000,000 international emails each from Canada, Australia, United States, Asia, Europe, Middle East, Africa and Oceania as part of our international promotions program which is conducted annually, consequently, you have been approved for a total pay out of ONE MILLION UNITED STATE DOLLARS ( $1, 000. 000.00USD).

This Lottery was promoted and sponsored by a conglomerate of some multinational companies as part of their social responsibility to the citizens in the communities where they have operational base.

Further more your details (e-mail address) falls within our Bangkok representative office in Bangkok Thailand, as indicated in your play coupon and your prize of ( $1, 000.000.00USD) will be released to you from this regional branch office in Bangkok Thailand.

Your fund is now deposited with our Bank:Kasikorn Bank Pcl. Bangkok Thailand and insured in your name. Due to mix up of some numbers and names, we ask that you keep this award from public notice until your claim has been processed, and your winning Cheque have being sent to you or remitted to your account, as this is part of our security protocol, to avoid double claiming and unwarranted taking of advantage of this program by participants, as has happened in the past.

HOW TO CLAIM YOUR PRIZE
These are your identification numbers.
Ticket number…………………467-76843196-07
Serial number…………………..312091-4
Lucky number……………….34-14-13-89-77-58
Ref number……………….G.YILD/9733212206/76

To begin your lottery claims, Please contact our Yahoo Lottery Co-ordinator as follows,
Name: Mr. Mark Chang
Email: redeem_info@yahoo.co.jp

You are to send the completed verification form below to the co-ordinator whose email address is given above so that you will be advised on what to do to getyour prize money. Congratulations once more!!
1. FULL NAME:…………………………..
2. COUNTRY OF ORIGIN:…………
3. PRESENT ADDRESS:…………..
4. DATE OF BIRTH:…………………
5.OCCUPATION;……………………..
6.TELEPHONE NUMBER:………
7. SEX:…………………………………..
8. FAX NUMBER:………………….
9. MARITAL STATUS:………….
10. WINNING NUMBER, BATCH NUMBER AND LOTTO NUMBER:…….

Remember, all prize money must be claimed not later than one month time. Any claim not made by this date (within one month) will be returned to HER MAJESTYS DEPARTMENT OF THE TREASURY. And also be informed that 10% of your lottery winning belongs to (THE PROMOTIONS COMPANY). Because they are the company that bought your ticket and played the lottery in your name.

Note also that this 10% will be remitted after you have received your winnings prize, because the money is insured in your name already.

NOTE: In order to avoid unnecessary delays and complications, please remember to quote your reference and batch numbers in all correspondences with us, Furthermore, should there be any change of address, please do inform our Co-ordinator as soon as possible. Yahoo lottery is a free service that does not require you to be a Yahoo! Registered user.

An original copy of your lucky winning ticket and your deposit certificate will be sent to you by Administrative Remittance Operation Manager of Kasikorn Bank Pcl. Bangkok Thailand.

CONGRATULATIONS!!!
Once again from all members of our staff and thank you for being a part of our International Promotions program. We wish you continued good fortunes.

Yours Sincerely
Vice President
Yahoo! Lotto Org.
Online Coordinator.
Copyright! 2002-2013 The Yahoo-Thailland Internet Promotions.
All rights reserved. Terms of Service – Guidelines.