Personal Finance 
10
comments

Don’t Be Phished Like An Internet N00b

I received an email today from Comcast about how they recently changed their policy regarding accounts:

Comcast takes the security of our customers personal and account information very seriously. As part of our ongoing effort to ensure the security of our customers information, we have recently enhanced the security of the Comcast.com account management system.



As a result of these recent enhancements, if a Comcast.com account is inactive for 180 days, it is removed from our system.



In order to keep your Comcast.com account active, please log in today with your user name and password: www.comcast.com/login.

First off, anytime someone emails me to log into my account, I never click any links in the email. Never ever. I don’t care if it’s some stupid account on some random free email account that you wouldn’t care gets stolen. The fact of the matter is that thieves know that people use the same username and password on multiple accounts so a free email account could yield a free bank account as well. Lastly, I can just go to Comcast.com directly and login there to confirm whatever.

Secondly, if this is legit, Comcast is ridiculously stupid because they should check to see if the account is connected to an active customer account (it is). If it is, then ignore this stupid little rule because they’re obviously “active” because they’re paying for service! If it’s not connected, then I suppose you can request that someone log in every 180 days (though the chances of a non-Comcast subscriber caring about their Comcast account is exactly zero).

Moral of the story – Companies may be stupid and make legitimate but dumb requests, but don’t be a dummy and get phished.

FYI, the email I received, according to the headers, was legitimately sent from a comcastonline.com’s server but…

  • The email was “from” a comcastsupport.com email…
  • The link in the email was to to comcast.com…
  • And the link itself was to gothere2.comcastonline.com…

Seriously Comcast, you gave me 2034982304938 reasons to think it was a phishing email (all they missed was the link going to thisisacomcastphishingemail.com).


 Personal Finance 
1
comments

Beware Phishing Schemes

Yesterday I wrote a joke post about how I won about a billion dollars in an “international lottery.” Hopefully everyone understood I didn’t actually win a billion dollars but I was just pointing out how obvious a scam that was. Everyone with an email address has gotten email from “Bank of America” (not really BoA, a farce BoA) or “Paypal,” requesting personal information. I’m sure you’ve even been asked by the envoy of a recently deceased monarch (Nigerian?) to “hold funds” if you are willing to send them some bank information. Maybe you’ve been asked to verify your account information at Ebay… but bottom line, they’re all phishing scams and you shouldn’t respond to any request by anyone to provide sensitive information.

I believe phishing referred to back in the day of modems and bboards, phishers would call up blocks of phone numbers in hopes of hitting a bboard they could interface with. Now, malicious scammers send out spam to try to catch a tiny percent of folks who do respond to these emails. NEVER RESPOND.

What if someone calls you and asks you to verify information? If it’s Bank of America (and you actually have a BoA account, which I don’t), then say thank you, hang up, and then call them back. Look on the back of your Bank of America card and call them. If anyone ever asks you for information, call them back and go through the official channels if you’re seriously concerned. 99.999% of the time it will be a scam. Don’t become a statistic! :)


 Personal Finance 
10
comments

I Won The 1,300,000,000.00 International Lottery!

Can you imagine my luck? I didn’t even know I entered in the 1,300,000,000.00 international lottery but luckily Mr. William Lopez from Super Standard Company notified me by email that I have been approved for a lump sum payment of 1,625,000.39! That’s awesome! I’m so rich! I’m going to buy two houses right now because they say the real estate market is sizzling hot right now. I mean, when you win 1,625,000.39 in lottery, you can blow it on whatever you want right? Read on to see the notification email and all that jazz!

So here’s the first half of the letter because I was so excited I couldn’t read the whole thing at once:


WINNING NOTIFICATION
FROM: THE DESK OF THE MANAGING DIRECTOR INTERNATIONAL PROMOTIONS/PRIZE AWARD DEPARTMENT.
CALLE COLONE-28080 MADRID-SPAIN
REF Nº: EPSL/25003127/CSL/02
BATCH Nº:0007571982

ATTN: WINNER,

RE: AWARD NOTIFICATION/ FINAL NOTICE.

We are pleased to inform you of the release of the results LOTERIA PRIMITIVA/INTERNATIONAL PROGRAM, Held 19TH March 2005 Your email address name attached to a ticket number 025-1146992-750 with serial number 2113-05 drew the lucky numbers 4-18-24-30-31-35 which consequently won the lottery in the 3rd category. You have therefore been approved for a lump sum payout of 1,625,000.39 (One Million Six Hundred and Twenty Five Thousand Euros and Thirty-Nine Cents) in cash credited to the file reference number: EPSL /25003127/CSL/02. This is from a total cash price of 20,368,770.00 (Twenty million three hundred and sixty-eight thousand, seven hundred and seventy euros only) shared among the seventeen international winners in this category.

CONGRATULATIONS!!!

Congratulations indeed! 1.6M in Euros is about $2M USD! With $2M in an Emigrant Direct account, I’d make over $60k a year for doing nothing except collecting interest payments! Sure my money isn’t totally protected by the FDIC (only the first 100K) but who cares? Banks are the bedrock of our capitalist society, I should be fine.

But with $2M, I think I would want to donate some of it to a school, get an honorary degree, and maybe the wing of one of the libraries named after me. Hmmm… a couple hundred thousand probably only buys me a bookshelf or maybe a bust in the back with all the nerdy science fiction novels by Heinlein and Asimov. That’d still be awesome… anyhow, before I get ahead of myself I need to figure out how to get this money into my account ASAP…


Your fund is now deposited with our correspondence bank insured to your name. Due to the mix up of some numbers and names , we advice that you keep this award from public notice until your claiming or unwarranted taking advantage of this program by participants. All participants were selected through a computer ballot system drawn from 25,000 names from Asia, Australia, New Zealand, Africa, Europe and North America as part of our international promotions program which we conduct once every year. We hope that with part of your prize, you will part-take in our end of year high stake 1,300,000,000.00 international lottery .

Shoot, there’s always a mixup! I’m glad they advice me to keep this from public notice… nah, you guys can’t enter it so I don’t mind gloating about my new found loot. It’s an international lottery that I didn’t even enter so how would you even know where to enter? That and I’m so surprised I hadn’t heard about this before, it’s done every year on every continent except Antarctica (polar bears and penguins don’t need millions).


To begin your claim please contact your claim agent,

SUPER STANDARD COMPANY
Mr. William Lopez
Foreign services manager
Tel:0034 65 9060871
Email: superagent@terra.es

for processing and remittance of your prize fund into your designated bank account.

Super Standard Company? That’s a weird name for a company… but they must be pretty cool since they let him have superagent as his email address. I guess if your job was to hook people up with $2M, you’d get a pretty big head and call your self superagent. Heck, I would.


Note: All prize funds must be claimed before the 18Th of April 2005 after this date all funds will be returned to the MINISTERIO DE ECONOMIA Y HACIENDA as unclaimed. In order to avoid unnecessary delays and complications, please endeavour to quote your reference and batch numbers in every correspondence with us to your claim agent. Furthermore, should there be any change in your address do inform your claim agent as soon as possible. Congratulation once again from all members of our staff and thank you for being part of our promotion program.

I have eleven days and there’s no way the MINISTERIO DE ECONOMIA Y HACIENDA is getting a penny of my hard earned money! I’ve never even been to Spain! I suppose I have to send them all my bank information, my social security, and my mom’s maiden name in order to get put into this lottery… better get that to them quick! I know they only want me to contact them but to speed along the process I’ll just email them that information.


N.B. Any breach of confidentiality on the part of the winners will result to disqualification. Please do not reply to this email address. Contact your claim agent.

Oh crap.

THIS IS A SCAM!!! To avoid this scam and others, check out my post about avoiding phishing scams.


 Personal Finance 
0
comments

Fight Back Against ID Theft Phishers

Most people are aware of the various phishing scams out there like President [insert any non-Anglo sounding name] of [insert a country in political distress in a remote area of the world] wanting to wire out $500M to you or how PayPal wants to know your social security number, password, and mother’s maiden name. Every so often, people still fall for them. Well, are you interested in fighting back?

I was reading an MSNBC investigative article that uncovered the fraudulent Pearl Atlantic Credit & Trust today when it introduced me to this great site, Artists Against 419. The 419 refers to the “advance fee scam” where you need to send someone money in order to get money for yourself (sending information and money to register to receive a contest you’ve won, etc).

So AA419 investigates these scam sites and will report them to the authorities and to their hosts. They will try all normal means by which to shut the scammer down. Sometimes the hosts listen, sometimes they don’t. Often times, the scammer is using a fake identity and so legal recourse isn’t possible. At any rate, the AA419 resorts to what they call a “flashmob,” which is simply using up the scammer’s bandwidth so the site has to shut down! Totally legit because they’re not DoS’ing the server, just eating up its bandwith quota! Here is the official definition to a flashmob:

What is a flashmob?
Sometimes a Web host will ignore the evidence that a site is fake and refuse to act against it, although the existence of such a site is very often in clear violation of the host’s own Terms of Service or Acceptable Use Policy. These sites become the focus of our regular flashmobs: with an intense letter-writing campaign and bandwidth usage, we seek to remind the host that these sites are fraudulent and are created and operated by criminal gangs solely for the purpose of deception.

I think this site is great, it’s fighting ID theft head on and with little risk (or even work) to you. Street justice at its very best, I love it…


Advertising Disclosure: Bargaineering may be compensated in exchange for featured placement of certain sponsored products and services, or your clicking on links posted on this website.
About | Contact Me | Privacy Policy/Your California Privacy Rights | Terms of Use | Press
Copyright © 2014 by www.Bargaineering.com. All rights reserved.