Beware sneaky web addresses

February 15, 2013

I came across something interesting not too long ago. I can’t remember if it was part of a junk email message or a spam comment on this site. It really doesn’t matter either way.

There was a pitch for some sketchy health/beauty/investment/dating product or service and a shortened URL. I already knew it was a scam or a rip-off, but I was curious to see where that shortened URL led. I copy-and-pasted it at LongURL, which is still a fine tool for checking out a link before you click.

I forget the specific contents of the website. Again, that part doesn’t matter so much for my purposes today. What does matter is the address the shortened URL pointed to: www.cnbc.com-feb-finance.net/[removed]. (By the way: there’s no link to the actual site for a reason).

Look at that address closely; it looks like it points to www.cnbc.com, the mainstream stock market and business news site, but it doesn’t.

The actual domain is “com-feb-finance.net” — you’ve got to look closely to see that what comes after the “com” is not a slash, but a dash.

Most web browsers make detecting this trick relatively easy, since they highlight every website’s domain in some way (with a background color, bold text, etc.). But if you’re using an old web browser like Internet Explorer 6, you may glance at the URL, see “www.cnbc.com” and assume the site is reputable.

So be cautious when visiting a new website. If someone is attempting to deceive you with the URL, you can rest assured their motives are sinister.


Shady Online Advertisements

December 2, 2011

If it wasn’t part of my job, I’d completely ignore online banner advertisements like these, but here we are…

Example #1:

This one showed up on Weather.com today (without the arrows and giant NO, obviously; those are my additions).

Now, that’s a pretty reputable website. I mean, generally you look at your city’s weather page and it says SNOW, and you look out the window and hey presto, it’s actually snowing. But the site is just littered with ads like this. You’re not getting a gigantic TV for 60 bucks, and you’re not getting car insurance for $9, unless they mean per day. Don’t click.

Example #2:

This one came from CNN.com, another reputable website. Nobody is selling an iPad for $14. Nobody. Apple doesn’t discount. Know why? They don’t have to. They could come out with a $7,500 Macbook tomorrow, in this economy, and it would be a hit with their core users.

Once again, just ignore these ads. Do what I would do if I wasn’t paying attention to this junk for the purpose of writing about it. (I’d also ignore that noise about “penny stock rockets” and “Royal Caribbean whatever”, too.)


Poll: Do You Own a Crosscut Paper Shredder?

August 19, 2011

I’m a big advocate for crosscut paper shredders. When it comes to disposing of old bills, credit card offers and other documents, a shredder is your best friend. Even the most dedicated identity thief isn’t going to bother trying to reassemble a bag of confetti into a credit application.

So…do you have one?

 


The “Never Do This” Files: wiring money to strangers

March 29, 2011
Flag of the United Kingdom, Union Flag.

Image via Wikipedia

I’ve talked about lottery scams, secret shopper scams, overpayment scams and advance fee fraud on this site until I’m literally blue in the face.

Yeah, literally!

There isn’t much more to be said about those topics at the moment, so what about some other variations?

Here’s one from our friends in the U.K.: a scam that involves getting people to wire good-faith money in advance of making a used car purchase.

How it works: a used car is advertised by a con artist, and an interested buyer contacts him. The “seller” agrees to make a long-distance trip to sell the car, but only if the buyer wires some money first to show serious interest. After all, he doesn’t want to make the trip only to find out the buyer is going to back out, right?

So, the buyer complies. He wires the money and forwards the receipt to the crook, who is then able to take the cash.

That’s all there is to it. Of course there never was a car.

It’s actually an even simpler scam than the old fraudulent check schemes, because it only requires a telephone and the ability to place a classified ad. No complex setups or realistic-sounding fake company names, no long, convoluted emails about Microsoft Lotteries or the need to come up with a counterfeit cashier’s check. Just a listing for a car that doesn’t exist.

So put this in the “Never Do This” file: don’t wire money to strangers.

Ever.


Continental Broadcasting Network: um, who’s Kristi?

January 25, 2011

I haven’t posted any goofy spam word-for-word in a while, so when I got this, I thought it would be a good one to share:

From: admin@biographicalezecutive.com
To: Kristi Lee <my email address>
Subject: Kristi biographical confirmation

CONTINENTAL BROADCASTING NETWORK INC.
If you do not wish to be notified Unsubscribe me from this list

Kristi,

It is my honor to notify you of your candidacy as decided upon by the CWW Editorial Division on January 21st 2011. The Editorial Division eagerly awaits your biographical finalization and submission.

Through our CWW forum, outstanding professionals and executives are showcased for their many talents, accomplishments, and knowledge.

On behalf of our staff we wish you much continued success.

http://www.Kristi.Lee.biographicalezecutive.com

Samuel Whitfield
Member Services Director

Twenty Three Briaroot Drive Smithtown, New York 11787
This is an advertisement

I have so many things to say about this. So many questions.

For example, from the custom URL what is an “ezecutive?” Is it some new kind of executive that has attained such a level of awesomeness that they spell it with a Z? Or is it a way to slip past spam filters that might flag any URL with “executive” in it?

Why does Christopher Malone own “about 120 other domains” (according to the whois information for this site)? Why are there eight other domain names pointing to this site’s IP address?

Is that his real name?

Why do people report their spyware filters going ape when they try to visit one of these sites?

Does this guy really live at 23 Briaroot Ct. in Smithtown, New York? Why doesn’t his information show up on a Whitepages search?

Why didn’t my version of this email contain the hilarious misspelling “worldclass” like other people who have received it?

What’s the real racket, here? Is it just another “Who’s Who” style directory rip-off, or is it a malware-laced phishing website with far more sinister purposes?

I have so many things I’d like to know, but I’ll gladly forget about those if someone can tell me just one thing:

Who the heck is Kristi?


Follow

Get every new post delivered to your Inbox.

Join 196 other followers