Copy


THE WEEK IN REVIEW

Welcome to our many new subscribers who signed up for our newsletter after seeing Doug’s interview last week on the Mel Robbins TV show talking about phone scams.  It was one of our newest readers who sent us much of the content in this week’s Top Story “Blurred Lines between Legitimate and Scam!” Thanks to ALL our readers who sent us their scams and suspicious emails, texts and links!

 We’ve written many times, including our top story from the January 15, 2020 newsletter, about the significant risks associated with clicking links to “day old domains.”  Or clicking any domain that is just a few weeks old! Overwhelmingly, they are created and used as malicious clickbait by cybercriminals.  To find out the age of a domain, use a WHOIS tool, such as Whois.sc, Whois.net, or Who.is.  Here is a perfect example for you to practice your skill at using a WHOIS tool!  (You will also see, if you look closely at the bottom of this email, how links can have hidden redirects buried in them.) This email appears to be a Capital One banking survey, offering $50.  But that is a lie. The email came from outgyro[.]com, not capitalone.com.  Most importantly, the links in this malicious clickbait seem to point to a subdomain-domain owned by Microsoft called safelinks.protection.outlook.com.  But buried in that link is a hidden redirect to the domain bordedgy[.]com.  Visit one of the WHOIS tools and enter the fully qualified domain name bordedgy[.]com (WITHOUT the brackets around the period) and look for “creation date” of the domain!  This email was sent January 25, 2020. When was the domain bordedgy[.]com created?





 

Crap day-old domain! (And it was registered anonymously in Panama.)

In case you missed it last week, here is a link to our newest feature article… Targeting the Elderly - One Man’s Story.  Though it is very sad, the outcome could have been much worse!


Daily Scam Home Page

PHISH NETS
Bank of America and Amazon Alerts

This smelly carp made no effort to hide the fact that is was sent from a bizarre domain name (vrlfy-usr5354vlld[.]com) that has never been registered, according to two WHOIS tools we checked with. “You are receiving this email because we noticed a failed sign-in attempt to your account from an unrecognized device.”  If this is true, then why don’t they address this user by name and provide her account number or a portion of it?  Also, NO FINANCIAL INSTITUTION WILL EVER SAY “Failure to verify yout account will lead to permanent suspension of your access to our banking services.” (Their misspelling of “yout” not ours!)  The link for “Get Started” points to the website anjsub[.]com.  Take a look at the screenshot below of that website! It looks just like the real Bank of America website. The Zulu URL Risk Analyzer tells us that this website is being hosted in Vietnam.







This next email doesn’t even identify who it is from!  Once again, REAL COMPANIES don’t say things like “Please Verify your account information by clicking on the link below If you do not complete the validation process, your account will be suspended..” (Did you notice the 3 capitalization or punctuation errors in these 2 sentences?)  And, of course, the link for “UPDATE MY ACCOUNT” doesn’t point to amazon.com. It points to the malicious domain winningrevoletion[.]club, which was registered last November. Virustotal.com clearly shows this domain is malicious. 

Just delete!





Daily Scam Home Page

 

YOUR MONEY
Your Shipment of Free Stuff and Affordable Assisted Living

In the Top Story of last week’s newsletter, we showed readers a scam email with links to an oddball domain named great-info-tokeeprunning-ahead[.]info.  Another TDS reader sent us this sketchy email with the subject line “Confirm Your Shipment of F-R-E-E STUFF!”  Links in this “free stuff” email point to best-wisdomtosave-moving-forth[.]info.  We find these two bizarre domains oddly similar. By the way, it’s worth pointing out that ONLY spammers and scammers take the word “free” and break it up with hyphens, changing it to F-R-E-E.  They are hoping to avoid anti-spam servers that might notice the word “free” and block it. This junk appears to have come FROM “quickjobalert[.]com.”  According to their website, QuickJobAlert.com represents “a team of creative researchers dedicated to helping job seekers get employed and stay employed...” Why would a job site ship “a box filled with items from top brands” to someone at random who was not expecting this?  This email smells badly! Deeeleeete! (By the way, the address at the bottom of this email is a P.O. Box at a Mail Drop in California.)

 


 

Daily Scam Home Page

 
 

TOP STORY
Blurred Lines between Legitimate and Scam

We think it’s safe to assume that all of our readers know what to do when they see an email like this one that says it’s from “Western Union” and begins with “Dear Beneficiary.” It is so ridiculously obvious that it is a Nigerian 419 scam!  The “Board of Directors of WESTERN UNION, MONEYGRAM, the FBI alongside with the Ministry of Finance” have not agreed to award you $250,000.00 from the U.S. Department of Treasury.

 


But what about this email that appears to have come from Tonya at mycareerfriend[.]com to inform you that a payment as much as $683.20 will be made to you for answering some questions?  A person who pays very close attention to detail will see that the email was signed by “Allison” not Tonya and that there is some bizarre text at the bottom of the email about Keto Aisian stir fry.  But nevermind those things that make no sense, we’re interested in making some money! The email points to the domain sailthru[.]com.


 

Sailthru[.]com appears to be a legitimate marketing firm, with lots of information on their website and several social media accounts.  Their LinkedIn account says “Sailthru, part of CM Group's family of brands, helps modern marketers at leading retail and media companies build deeper, longer-lasting relationships with their customers.”  Crunchbase lists information about this company, including links to their Facebook, Twitter and LinkedIn accounts, as well as the company phone number.  Apparently, the company was founded in 2008. Does this information make you feel differently about this offer to earn up to $683.20 by answering a few questions?

We believe it is important to broaden our perspective and see what others may be saying about Sailthru[.]com.  We found information listed on the Better Business Bureau website about Sailthru[.]com and it wasn’t pretty.  The BBB.org website gives Sailthru an “F” grade and the four complaints we found there are scathing.  Here is a snapshot of two of them….


 

Given this rating and these complaints, how do you feel about clicking that link to provide them with your email address, answer some questions and, presumably, collect your payment?

What about this next email that was sent from another legitimate business called MyLife[.]com?  The subject line reads “see new criminal and court records, reviews, scores & more for your network.” The woman who received this email was shown the names, addresses and ages of three of her neighbors.  Each was given a “reputation score,” though there is no explanation in this email how a score was calculated. Apparently, you can visit their website and search reputation scores on all your relatives, neighbors, friends and classmates. Feels a bit intriguing, doesn’t it? (We’ve confirmed that all links in this email point back to web pages on MyLife[.]com.)


 

According to Wikipedia, MyLife[.]com was founded in 2002 (as Reunion[.]com) as an information broker, collecting and selling personal information about people.  However, the company has been sued multiple times for a variety of reasons. Here is a link to a news article on ABCNews.com about one of these lawsuits in 2011.  The article is called MyLife[.]com: People Searching Website Sued as ‘Scam’. On TrustPilot.com, 98% of the 54 reviews listed give MyLife[.]com a rating of 1 out of 5 stars. Similarly, 321 of 335 reviews on SiteJabber.com give MyLife[.]com 1 star out of 5 stars. Though BBB.org currently gives this business a “B” grade rating, there are more than 13,000 complaints listed against this company!  The most favorable rating we could find about this company was 2.5 stars out of 5 on ConsumerAffairs.com. But the day before we visited ConsumerAffairs.com, “Edmund of Medway, MA.” posted this severely critical review…

“Stay away. STAY FAR AWAY. 1 dollar free trial subscription turned into 21 dollar charge and then without knowing sign you up for a search subscription and wack your credit card for searching. 41.85 dollars. They auto charge to start billing. You have to disable the auto renewal. But when you try to deactivate the account they require you to call a phone number. Really? I have contacted my bank about this charge. I will Never sign up for anything without taking a deeper look into the company. If I could I would give the[m] negative stars.

We found many more complaints against this company as well as articles about how to get your personal information removed from their databases.  So, once again, it begs the question… How do you feel now about clicking any of those links to look into the reputation of friends, neighbors, relatives and classmates?  We think it’s much more important to look into the reputation of the company that claims to possess and provide that information! We’ll leave you with one more news article about this company worth reading.  It appeared on the Pittsburg CBS News website in May, 2019 and is called Concern Growing Over ‘Nefarious’ Website Offering Individuals’ Personal Information, Reputation Rating.

Let’s turn our attention to one more “legitimate” company… Cloudclickforriches[.]com.   This email from CloudClickForRiches[.]com told one of our readers that they “found a check in your name.”  They say that she might be missing out on “some serious cash.” To “Claim Your Missing Check” she’s asked to click a tracking link to icptrack.com that will redirect her to cloudclickforriches[.]com  and then send her to Click4Riches[.]com..  According to DomainBigData.com, cloudclickforriches[.]com was registered in March, 2019 and belongs to “Brought to you by Click 4 riches.”  This company owns about 70 domain names that are similar and related to “riches,” clicking, and sweepstakes.




What is exceptionally striking to us is the lack of information about this company, despite the fact that they have owned 70 domains since 2015.  When we try to look up information about many of their domains, we either can’t find the domain online or find that Google knows nothing about it at all…


 

One of the few reviews we could find on the Internet was this very negative review on The Make Money Online Blog. They rated Click4Riches[.]com 10% out of 100 because of the personal information the blog claims that Click4Riches[.]com collects and sells to others, and the fact that there doesn’t seem to be any identifiable winners of their $50,000 sweepstakes since at least 2017.

Reflecting on what we’ve learned about these legitimate companies that have been around for years and have a history, but questionable practices and strategies for engaging with consumers, the message seems clear to us… Before you believe any email, offer or claim, due your due diligence to check on the reputation of the company behind the email and website!  And if you can’t find anything about that company, that should also be a red flag to proceed with caution or not proceed at all! Here are links to a couple of useful tools in your effort to spotlight helpful information:

   DomainBigData.com

   BBB.org

And remember to enter the name of the website into Google, followed by the word “review” and “scam!”


Daily Scam Home Page

 


FOR YOUR SAFETY
Microsoft Order Confirmation


For your safety, DO NOT call 815-709-0251!  One of our readers got this oddly constructed order confirmation from an email address in the European Union!  (Notice the 2-letter region code “.eu”) You can ignore the “on behalf of Microsoft” as total BS. There were no links in this email, only the phone number 815-709-0251 to call to question your presumed order. (Notice that the recipient is not identified by name and address and the email was sent to 13 people!)  When we searched Google for that phone number, the first link was to the website ReportScam.com, saying that there have been 635 complaints against this phone number!

Until next week, surf safely!

Forward to Friends

About Us
Contact Support
Manage Subscription
Unsubscribe


SUBSCRIBE


Produced by:
Deutsch Creative
 
Copyright © 2020 The Daily Scam, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp