FedChoice gone phishing.

Received yet another email scam. This one was a phishing site for FedChoice.org.

As you can see, this is the email. Plain and very simple. It is easy to mask your email to look like someone else sent it, but you need the right email service to do this with. When I clicked on the link, I was brought to www.fedchoice-profiles.org rather fedchoice.org, which is the correct site.

This is the first page that I was taken to.

"Need assistance logging in?" Sure! But where do I click? Its not a common thing to find great help sometimes... but I didn't think it was that hard to find. Yeah... I entered fake information and was brought to another page that was just areas to fill in personal information, such as full credit card information. Again... asking 16 digits, when some cards are less, depending the company you have the card with. Duh? Why would a company like this need your credit card? They have other means of going through your information in a more secure fashion...


Anyway, being the click happy person I am... I clicked everything! At the top, you'll find two bottons; Help Center and Contact Us. The Help Center link went NO WHERE. The contact page brought me to the page where you need to provide your credit card number and such. The second time, it brought me to the REAL contact page... shown below:
Notice how blue the page looks... and how the layout doesn't look like anything the phishing site shows. The Log-In box at the top... the colorful tabs... the url is simple... There is a lot more presentation to the actual site that has actual content. Remember, amateur phisher-men are not interested in what their site looks like in compared to the real thing... especially if its working for them.

Anyway... Looking back at the page where you submit your card details, etc... you are brought to this page: Again... from gray naked page to colorful and fully dressed page. Major difference between the two. Even if you are colorblind, there is no excuse! Its obvious to see that one site has a lot more going on than the other. Something phishy about it... But I emailed them and asked them what the deal was with their site. Barely 10 minutes later, someone wrote back to warn me it was a phishing attempt and that they were in the process of getting it taken care of.
Very good to know! And was very good response time from who ever wrote me back. :)

Don't answer things with out knowing why that information is necessary. Especially online. Once in a while, there will be actual LIVE HELP and they will get on a call with you... chances are, the caller ID is blocked, but if you have a really good one, it will say the company name. If it doesn't look like something you know, just be cautious about it. If the person asks you a series of questions you know they should have on file already, question them. Chances are, you'll ask them too many questions and they will hang up on you assuming you have figured them out.

Anyway, stay safe everyone. Thanks for viewing.

$650,000 for my friend!

These ones are always interesting to read. If it were me, I think I'd be a little more cautious of who I send $650,000 to... Its not like its only $30 to throw around. And if I was sincerely grateful for someone's efforts, I would at least remember the person's name. Otherwise, in all honesty, I'd be keeping that money. Either that, only $10,000 for that kind of help. That is just me though. Really would depend on what the hell was going on actually. But yeah... to find out people actually fall for this one would truly be shocking... Seriously... when can you remember helping this guy out???
You call the number, you give them your bank information, and they wipe you clean and ruin your credit. The end.

I have an eBay message?

I came across yet another email scam trying to get your information for eBay. I forgot to show the sender details, however, this was sent from "message@message.com" to my work spam mailing list.
Sure this may look like a real eBay.com email, but again... the sender isn't sending from an eBay certified email. And though a skilled artist, I suck at computer art... but I'm confident I can replicate these same details just using the basic paint program that Windows provides.

*** REMEMBER!!!! eBay, PayPal, banks, credit card companies, etc etc... If you have an account with them, THEY KNOW WHO THEIR CLIENTS ARE!

"Dear eBay Member" shouldn't even really be thought about. People need to be more aware of what they are getting themselves into when it comes to their person information and the internet. This is why some sites require that you pick a picture from their selection. So that way, if you don't see the image you selected, you know its not the real deal.
Anyway, breaking down this first image... The logo brought me to the real eBay page. However, when I tried to click on the "Learn More" link, it wasn't a functioning link. It just looked it by color while mousing over didn't change a the mouse icon or a sub-caption of the link or its description.
Other than the eBay sign, the "Respond Now" icon and the links for the "item" are click able. Problem is, they bring you to a fake log in. This example wasn't the greatest idea because the link was already banned. In fact, here are the two pages I was bought to after clicking on it multiple times.

This is the first time I clicked on the "Respond Now" button. I've seen this a lot lately for sites I have to check from affiliates. Notice that the site isn't even an eBay related URL. Its for www.evolv.pl instead. By the way, the .pl at the end of a URL signifies that it is a Polish website. Just like .hk is Hong Kong, .jp is Japan, .uk is United Kingdom, .au is Australia, etcetera.
Click the link at the bottom of the post if you wish to see more URL codes.

After clicking the "Respond Now" button for a second time, this is what I was brought to. The second two links showed the same thing. And its all in Polish.

These are truly simple to avoid... you just have to learn to pay attention to what you are doing.
If you are interested in viewing more URL codes like the ones described below the second image, please visit http://www.bitmedia.com/cc/url1.htm.

Thanks for reading and stay safe!

PayPal email scam example.

I was going through my email at work and found a good example of the emails scams sent out by different people for PayPal. Here are a few images of them.

This image below shows the actual body of the email from my gmail business account. There is always an option to "show images" when there are embedded items. Either that, it will come up with blank boxes with the small "X" icon showing the image is "broken" or unable to be opened. As you can see, there is nothing. The biggest thing is, the sender email. I visited the site for form-ppl-cmd.com and its nothing but an index with a .php file you can't access remotely. Also, they know your first and last name and they use it... if not that, they use your account name instead of "Dear PayPal member." Come one now... Continuing through the email, it states that you have to download a file and open in your web browser. Then you have to provide some information to restore your account.
Here is the part where some people get screwed... Once you download this file, it brings you to this next image where you have to fill in the *required spaces:

This was the document straight from the email. I used fake information and entered it in. Only thing real is the zip code... frankly there isn't much you can use that isn't real. 12345 is in New York. And the expiration is just a joke... 12/2012... expected end of the world? Yeah, a bit much, but I went there. Anyway, when you have to enter in security details as such, normally they make you CALL a number or LOG IN to your account before proceeding, but this just asks for your details immediately after you open the doc. And not all PayPal accounts are opened with credit cards. It can be opened with any bank account as well. And not all cards have 16 digits. American Express would be one. And I am sure there are some people that fall for this all the time too! After you submit, it bring you to a paypal page, which still isn't a good idea to use after the redirect from the other form. Its just out of context to get the option to log in to your account AFTER submitting that information... Very very fishy, don't you think? Unfortunately, some people didn't think it was odd at all until it was too late.

If you get any emails that ask for your information, whether it be PayPal, credit card companies, banks, or anything for that matter, make sure the sender's email matches. Even this can be a problem, so visit the website and get a telephone number to just call it in. Sure the service sucks and you end up having to wait nearly an hour before helped, but this is definitely better than talking with someone you think is real and your life is ruined the next day. Always ask questions to why they are contacting you and what the problem is exactly. Don't give vital information out such as credit cards, full social security numbers, or anything like that. All they will need is your email verification, full name, and sometimes an address depending on the concern. They should already have the rest of the information on hand.

If you ever get one of these emails from PayPal, you can forward the email to spoof@paypal.com and they will take care of the rest. You can also fill in their form to report an actual website for fraud. Check out a website where you have an account and see what they are doing to keep you safe from fraud and identity theft.

Stay safe!

Email Scams

I highly encourage people to take a look at this blog I found. Not exactly a rent scam... but perhaps something a little worse. Email scams. Everybody has one and everybody goes through and reads/keeps what might be important.
This blog post has pictures that point out different places you should look before downloading anything or sending information out. Very helpful.
Gonna look up more and post links. Scams sucks and people really need to know about them.


http://www.switched.com/2009/10/26/10-ways-to-spot-an-e-mail-scam/