Ridiculous Spam Friday

I’ve been getting a lot of really ludicrous spam lately. Below are three examples. This first one was barely even trying:

From: sgh12345@sg1es.tnc.edu.tw
Date: Monday, February 15, 2010 8:49 AM
To: undisclosed-recipients:
Subject: You’ve Won

You’ve been awarded (500,000.00GBP) from microsoft lottery for claims send info:full name, address, age, country,to mr stephen scott via email to msnclaim@movmail.com

Interesting that someone from Taiwan (.tw) would be sending a message to an American about a prize of British Pounds. Also weird how an alleged representative of Microsoft would forget to capitalize the company name, not to mention direct you to a non-Microsoft website.

Next up, an exciting offer from Robert “Sgt. Lee Johnson” Brhel, who is either in Hong Kong (.hk) or Iraq, he’s not quite sure:

From: Robert Brhel
Date: Friday, February 12, 2010 6:47 PM
To: none
Subject: Please send your reply to this E-mail address:  sgtlee1971@yahoo.com.hk

My name is Sgt. Lee Johnson, a member of the U.S. ARMY USARPAC Medical Team, which was deployed to Iraq in the beginning of the war in Iraq. Please do visit the BBC website stated below to enable you have insight as to what I’m intending to share with you, believing that it would be of your desired interest one-way or the other.
     Also, could you get back to me having visited the above website to enable us discuss in a more clarifying manner to the best of your understanding. Please send your reply to this E-mail address:  sgtlee1971@yahoo.com.hk
Sgt. Lee Johnson.

I left the link intact in this one because it leads to a legitimate news story. From seven years ago. Even if this message was real (which it’s not), I’m pretty sure somebody has found a home for that cash by now.

This is actually a pretty common variation on the old Nigerian 419 scheme. This time, it’s “I’m a soldier and I found a pile of money in whatever-country-I’m-fighting-in,” which inevitably leads to, “Hey person-I’ve-never-met, want to share it with me? Just wire me some money first.” As always, the “delete” key is your friend.

Finally, an attempt to infect you computer (and probably add it to some malicious botnet), wrapped up in a fake message from a real anti-fraud organization:

From: “National Health Anti-Fraud Association” <admin@nhcaa.org>
Sent 2/13/2010 1:39:53 AM
To: [removed]
Subject: Complaint registered against you

We have received a complaint regardding transaction No: 8711322 dated 01/28
/2010 in value of $ 2.871,00 representing the check issued by your company
to Fillmore Inc that was later deposited in the companies bank account.
If you feel this is an error please review the attached complaint document and contact us imediatly with proof to clear out this situation.
The copy of the check issued to your name is attached to this email as well as the original complaint.
Please call at 800-2661-7711 to sort out this situation. Your email was pro vided by the persson that filed the complaint.
You can also get in touch with our staff using the information on our websi

NHCAA – National Health Anti-Fraud Association

This one contained a virus-infected attachment. The clever part here is that they used a real website…that deals with fraud prevention. Gutsy, although I’d posit that most legit messages aren’t going to contain mangled spelling like ”imediatly.” I mean, that’s not even close, is it?

NHCAA.org is already aware of this message; there’s a warning on their front page. Attempts to scare people into opening attachments seem to be the flavor of the month. Any time you get an urgent message accusing you of something and instructing you to open a file, you can assume it’s fake. Whatever you do, leave those attachments alone.