The ludicrous spam just keeps on rolling in! I decided to run a second installment of Ridiculous Spam Friday this week.
No, I am not paying tribute to the Alvin and the Chipmunks movies with the title of today’s post. They’re terrible. I now tack the words “The Squeakquel” onto everything that’s a “part two” in a series because it cracks me up. Rocky II: The Squeakquel. See? Hilarious.
Anyway, here are three more examples of spam I received this past week. The crooks in this first case are hardly trying. Just like the people who made the Alvin and the Chipmunks movies. Ba-zing!
From: Support <Laura.Ferelli@service.amazon.com>
Date: Sunday, February 28, 2010 1:31 PM
To: <email address>
Subject: Confirm Order #05830659
Your Order Id:153517648031959 Accepted.
Amazon.com Customer Service
The word “Details” was linked to a website in Romania. I’m no expert on Amazon’s server setup, but I’m pretty sure their website isn’t hosted in Romania. I’m also completely certain it will have the word “Amazon” in the URL, no matter where it is hosted.
Here’s one that uses a real name and email address from Rady Children’s Hospital in San Diego. Everything else about it is fake:
From: Nespeca, Mark MD
Date: Monday, March 01, 2010 3:26 AM
Subject: You Have A Pick Up
You have a consignment containing a bank draft of 450,000.00 United States Dollars and gift items which await an outstanding payment of $240 .
For claims, Please confirm your ful name, home address, and telephone number with Mr. Garry Moore. Contact email and phone number are
firstname.lastname@example.org and (+234) 802 378 8093 respectively.
Miss Margaret Hagopian
Of course, this is a pretty typical “Lottery Scam” setup. As often happens, there is some disagreement about who is sending the message. Is it Mark Nespeca (who apparently is a real doctor)? Is it Gary Moore? Miss Margaret Hagopian? Also, why would you be contacting a company in Thailand (.th) for something involving a hospital in San Diego? Nothing here makes sense at all. I’m sure $240 is just the tip of the iceberg. By the time you wired $8,000 overseas, you’d probably begin to suspect something.
I’ve noticed more scams and spam using real names and email addresses from real businesses lately. The thing is, their choices seldom make any sense. Why would a children’s hospital be giving you nearly half a million dollars out of the blue?
Our final contestant today is doing the exact same thing with another healthcare-related business (this time with Continuum Health Partners, based in New York, I believe). This time, it’s Nicholas “Patrick Chan” Romas, MD, Director of Hang Sang Bank. The offer isn’t some crummy $450,000, though:
From: Nicholas Romas, MD
Date: Tuesday, March 02, 2010 1:31 AM
Greetings to you.
I’m Mr.Patrick Chan, Director of Hang Seng Bank. I am contacting you because I have a 42 million
dollars business proposal for you. For details, contact me confidentailly at email@example.com
Mr. Patrick Chan
This message and any attachments are confidential and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, you are prohibited from printing, copying, forwarding, saving, or otherwise using or relying upon them in any manner. Please notify the sender immediately if you have received this message by mistake and delete it from your system.
Name confusion, geographic confusion, it’s all here. The confidentiality notice at the bottom is a cute touch, too. It makes it look like you’re getting some kind of secret information that’s going to help you get your mitts on $42 million.
All three of these are similar, insofar as they’re using the names of real companies to lure victims. I’ll also bet you a buck fifty those last two come from the same person or persons. One has firstname.lastname@example.org in the recipient line and the other has email@example.com. Too similar to be a coincidence.
I don’t know exactly what these people are trying to accomplish with these messages. The first one looks like a malware attempt, and the other two are lottery-style scams. I’m not pursuing them to find out! As always, delete with extreme prejudice.