411 on Spyware » Phishing Emails http://www.411-spyware.com 411-Spyware.com Fri, 20 Nov 2009 02:05:11 +0000 http://wordpress.org/?v=2.8.5 en hourly 1 Facebook Password Reset Confirmation http://www.411-spyware.com/facebook-password-reset-confirmation http://www.411-spyware.com/facebook-password-reset-confirmation#comments Wed, 28 Oct 2009 21:06:02 +0000 Kristopher http://www.411-spyware.com/?p=5575 Facebook Password Reset Confirmation screenshot If you’ve received the “Facebook Password Reset Confirmation” email, you’re being targeted by scammers. Over the past few days, thousands of Facebook users have received emails pretending to be from “The Facebook Team” at support@facebook.com. The emails contain an attachment called something like “Facebook_Password_c92dd.zip,” which includes the file Facebook_Password_ c92dd.exe”—although that set of five numbers and letters is randomly generated for each email. The text of the email says:
Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document. Thanks, The Facebook Team
Instead of delivering a new password, the attachment will install a piece of malware in the Bredolab family of viruses, which can take control of your PC and steal information including passwords and credit card numbers. It may also display more spam on your computer, while downloading additional viruses and bots. Sounds like loads of fun. If you downloaded this bot, don’t smash your computer just yet. Let me show you how to remove this infection, for free.]]> http://www.411-spyware.com/facebook-password-reset-confirmation/feed 0 “1 of Friends Awaiting Your Response” Email http://www.411-spyware.com/1-of-friends-awaiting-your-response-email http://www.411-spyware.com/1-of-friends-awaiting-your-response-email#comments Wed, 01 Apr 2009 03:38:40 +0000 Kristopher http://www.411-spyware.com/?p=4115 “1 of Friends Awaiting Your Response” Email screenshot “1 of Friends Awaiting Your Response” Email is a classic phishing email. This “1 of Friends Awaiting Your Response” Email tells you to log into your Facebook account and confirm a friend request. The catch? This “1 of Friends Awaiting Your Response” Email links to a scam webpage that tries to trick you into giving con artists your Facebook login info.. If you log into the site this “1 of Friends Awaiting Your Response” Email links to, you'll give con artists access to your Facebook, and a chance to steal your personal identity. If you've logged into any sites that this “1 of Friends Awaiting Your Response” Email links to, alert Facebook and your bank and credit card companies. You might need to close your accounts. Whenever you see an email like this “1 of Friends Awaiting Your Response” Email, never click any links. If you're concerned the email might be real, type Facebook.com into a fresh browser window, and login from there.]]> http://www.411-spyware.com/1-of-friends-awaiting-your-response-email/feed 3 “Internal Revenue Service” Email http://www.411-spyware.com/internal-revenue-service-email http://www.411-spyware.com/internal-revenue-service-email#comments Thu, 05 Feb 2009 07:16:15 +0000 Kristopher http://www.411-spyware.com/?p=3589 “Internal Revenue Service” Email screenshot I just got an email from the IRS, subject line "Internal Revenue Service - Please read." So I did please read, and guess what? If I click a link -- within 48 hours (!!!) -- , I'll get a $192 tax refund. Sounds nice, right? Only if you click the link, you don't visit www.IRS.gov, but www-irs-gov-id-session-9uf4389fu43898uj.id-890421.com, a scam site that'll steal your ID, so hackers can take more than $192 out of your pocket. Whenever you see an email claiming to be from the government -- or the bank -- type the organization's website address into your browser, and check for any news that way. Directly clicking links in emails can lead to identity theft and Trojans on your PC. However, all of those Russian bride emails are legit.]]> http://www.411-spyware.com/internal-revenue-service-email/feed 0 “A Question About Your iOffer Item” email http://www.411-spyware.com/a-question-about-your-ioffer-item-email http://www.411-spyware.com/a-question-about-your-ioffer-item-email#comments Sun, 18 Jan 2009 22:08:52 +0000 Kristopher http://www.411-spyware.com/?p=3337 “A Question About Your iOffer Item” email Threat Level: “A Question About Your iOffer Item” email is a threat “A Question About Your iOffer Item” email screenshot “A Question About Your iOffer Item” email is a classic phishing email. This “A Question About Your iOffer Item” email tells you you've posted a "brand new Nikon D80 package" for sale on iOffer, and links to a scam webpage that tries to trick you into giving con artists your iOffer login info. If you accidentally log into the site this “A Question About Your iOffer Item” email links to (http://222.124.199.98), you'll give con artists access to your iOffer account and a chance to steal your personal identity. If you've logged into any sites that this “A Question About Your iOffer Item” email links to, alert iOffer and any related credit card companies. You might need to close your accounts. Whenever you see an email like this “A Question About Your iOffer Item” email, never click any links. If you're concerned the email might be real, type iOffer's website address into a fresh browser window, and login from there. Now let me show you how to block this “A Question About Your iOffer Item” email.]]> http://www.411-spyware.com/a-question-about-your-ioffer-item-email/feed 0 “Your Craigslist Posting” email http://www.411-spyware.com/your-craigslist-posting-sony-playstation-3-metal-gear-solid-4-ps3-80gb-bundle-email http://www.411-spyware.com/your-craigslist-posting-sony-playstation-3-metal-gear-solid-4-ps3-80gb-bundle-email#comments Sun, 18 Jan 2009 02:44:50 +0000 Kristopher http://www.411-spyware.com/?p=3304 “Your Craigslist Posting” email Threat Level: “Your Craigslist Posting” email is a threat “Your Craigslist Posting” email screenshot “Your Craigslist Posting” email is a classic phishing email. This “Your Craigslist Posting” email tells you you've posted a Sony PlayStation for sale on Singapore Craigslist, and links to a scam webpage that tries to trick you into giving con artists your Craigslist login info. If you accidentally log into the site this “Your Craigslist Posting” email links to (http://accounts.craigs.szm.com), you'll give con artists access to your Craigslist account and a chance to steal your personal identity. If you've logged into any sites that this “Your Craigslist Posting” email links to, alert Craigslist and any related credit card companies. You might need to close your accounts. Whenever you see an email like this “Your Craigslist Posting” email, never click any links. If you're concerned the email might be real, type Craigslist's website address into a fresh browser window, and login from there. Now let me show you how to block this “Your Craigslist Posting” email.]]> http://www.411-spyware.com/your-craigslist-posting-sony-playstation-3-metal-gear-solid-4-ps3-80gb-bundle-email/feed 6 “Update Your Information” email http://www.411-spyware.com/update-your-information-paypal-email http://www.411-spyware.com/update-your-information-paypal-email#comments Tue, 16 Dec 2008 22:01:31 +0000 Kristopher http://www.411-spyware.com/?p=3090 “Update Your Information” email Threat Level: “Update Your Information” email is a threat “Update Your Information” email screenshot “Update Your Information” email is a classic phishing email. This “Update Your Information” email tells you your Paypal account needs to be updated, and links to a scam webpage that tries to trick you into giving con artists your Paypal login info. If you accidentally log into the site this “Update Your Information” email links to (http://203.187.186.131), you'll give con artists access to your bank account and a chance to steal your personal identity. If you've logged into any sites that this “Update Your Information” email links to, alert your bank and credit card companies. You might need to close your accounts. Whenever you see an email like this “Update Your Information” email, never click any links. If you're concerned the email might be real, type Paypal's website address into a fresh browser window, and login from there. Now let me show you how to block this “Update Your Information” email.]]> http://www.411-spyware.com/update-your-information-paypal-email/feed 0 “Protect Your Visa Card” Email http://www.411-spyware.com/protect-your-visa-card-online-with-a-personal-password-email http://www.411-spyware.com/protect-your-visa-card-online-with-a-personal-password-email#comments Tue, 09 Dec 2008 19:18:39 +0000 Kristopher http://www.411-spyware.com/?p=3051 “Protect Your Visa Card” Email Threat Level: “Protect Your Visa Card” Email is a threat “Protect Your Visa Card” Email screenshot “Protect Your Visa Card” Email is a classic phishing email. “Protect Your Visa Card” Email tells you to protect your Visa card with a new password, and links to a scam webpage that tries to trick you into giving con artists your Visa login info. If you accidentally log into the site “Protect Your Visa Card” Email links to, you'll give con artists access to your bank account and a chance to steal your personal identity. If you've logged into any sites that “Protect Your Visa Card” Email links to, alert your bank and credit card companies. You might need to close your accounts. Whenever you see an email like “Protect Your Visa Card” Email, never click any links. If you're concerned the email might be real, type your bank's website address into a fresh browser window, and login from there. Let me show you how to block “Protect Your Visa Card” Email.]]> http://www.411-spyware.com/protect-your-visa-card-online-with-a-personal-password-email/feed 0 E-Greetings.exe http://www.411-spyware.com/e-greetings-exe-trojan http://www.411-spyware.com/e-greetings-exe-trojan#comments Mon, 08 Dec 2008 19:37:45 +0000 Kristopher http://www.411-spyware.com/?p=3057 E-Greetings.exe Threat Level: E-Greetings.exe is a threat E-Greetings.exe screenshot E-Greetings.exe is a Trojan that gets linked to from a fake Postcards.org email, subject line "You have just received a virtual postcard from a friend !" Sounds friendly, right? Wrong. If you click through the "You have just received a virtual postcard from a friend !" email, you'll download E-Greetings.exe. E-Greetings.exe is really a Trojan, that'll likely allow a hacker to get creepy-cozy with your PC -- and likely all your personal and financial information. Let me show you how to block E-Greetings.exe.]]> http://www.411-spyware.com/e-greetings-exe-trojan/feed 0 “You have (1) New Message” US Bank email http://www.411-spyware.com/you-have-1-new-message-us-bank-email http://www.411-spyware.com/you-have-1-new-message-us-bank-email#comments Mon, 08 Dec 2008 19:24:45 +0000 Kristopher http://www.411-spyware.com/?p=3053 “You have (1) New Message” US Bank email screenshot “You have (1) New Message” US Bank email is a classic phishing email. This “You have (1) New Message” US Bank email tells you to protect your US Bank account with a new password, and links to a scam webpage that tries to trick you into giving con artists your US Bank login info. If you accidentally log into the site this “You have (1) New Message” US Bank email links to, you'll give con artists access to your bank account and a chance to steal your personal identity. If you've logged into any sites that this “You have (1) New Message” US Bank email links to, alert your bank and credit card companies. You might need to close your accounts. Whenever you see an email like this “You have (1) New Message” US Bank email, never click any links. If you're concerned the email might be real, type your bank's website address into a fresh browser window, and login from there. Let me show you how to block “You have (1) New Message” US Bank email.]]> http://www.411-spyware.com/you-have-1-new-message-us-bank-email/feed 0 “Please Restore Your Account Access” email http://www.411-spyware.com/please-restore-your-account-access-email http://www.411-spyware.com/please-restore-your-account-access-email#comments Fri, 05 Dec 2008 22:07:45 +0000 Kristopher http://www.411-spyware.com/?p=2992 “Please Restore Your Account Access” email Threat Level: “Please Restore Your Account Access” email is a threat “Please Restore Your Account Access” email screenshot “Please Restore Your Account Access” email is a classic phishing email. This “Please Restore Your Account Access” email tells you your Paypal account needs to be restored, and links to a scam webpage that tries to trick you into giving con artists your Paypal login info. If you accidentally log into the site this “Please Restore Your Account Access” email links to (http://99.198.96.114), you'll give con artists access to your bank account and a chance to steal your personal identity. If you've logged into any sites that this “Please Restore Your Account Access” email links to, alert your bank and credit card companies. You might need to close your accounts. Whenever you see an email like this “Please Restore Your Account Access” email, never click any links. If you're concerned the email might be real, type Paypal's website address into a fresh browser window, and login from there. Now let me show you how to block this “Please Restore Your Account Access” email.]]> http://www.411-spyware.com/please-restore-your-account-access-email/feed 1