More Than 300,000 Complaints of Online Criminal Activity Reported in 2011

Washington, D.C. May 10, 2012

Fairmont, WV -- The Internet Crime Complaint Center (IC3) today released the 2011 Internet Crime Report—an overview of the latest data and trends of online criminal activity. According to the report, 2011 marked the third year in a row that the IC3 received more than 300,000 complaints. The 314,246 complaints represent a 3.4 percent increase over 2010. The reported dollar loss was $485.3 million. As more Internet crimes are reported, IC3 can better assist law enforcement in the apprehension and prosecution of those responsible for perpetrating Internet crime.

In 2011, IC3 received and processed, on average, more than 26,000 complaints per month. The most common complaints received in 2011 included FBI-related scams—schemes in which a criminal poses as the FBI to defraud victims—identity theft, and advance-fee fraud. The report also lists states with the top complaints, and provides loss and complaint statistics organized by state. It describes complaints by type, demographics, and state.

""This report is a testament to the work we do every day at IC3, which is ensuring our system is used to alert authorities of suspected criminal and civil violations,"” said National White Collar Crime (NW3C) Center Director Don Brackman. “"Each year we work to provide information that can link individuals and groups to these crimes for better outcomes and prosecution of cases."”

Acting Assistant Director of the FBI’s Cyber Division Michael Welch said, “"Internet crime is a growing problem that affects computer users around the world and causes significant financial losses. The IC3 is an efficient mechanism for the public to report suspicious e-mail activity, fraudulent websites, and Internet crimes. These reports help law enforcement make connections between cases and identify criminals.""

IC3 is a partnership between the Federal Bureau of Investigation, the NW3C, and the Bureau of Justice Assistance. Since its start in 2000, IC3 has become a mainstay for victims reporting Internet crime and a way for law enforcement to be alerted of such crimes. IC3’s service to the law enforcement community includes federal, state, tribal, local, and international agencies that are combating Internet crime.

Download the 2011 Internet Crime Report (pdf)

FBI National Press Office
(202)324-3691

***

About IC3

IC3 receives, develops, and refers criminal complaints of cybercrime. IC3 gives victims a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the local, state, federal, and international levels, IC3 provides a central referral mechanism for complaints involving online crime.

SpamScams.net

Malware Installed on Travelers' Laptops Through Software Updates on Hotel Internet Connections

Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms.

Recently, there have been instances of travelers' laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.

The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor’s website if updates are necessary while abroad.

Anyone who believes they have been a target of this type of attack should immediately contact their local FBI office and promptly report it to the IC3’s website at www.IC3.gov. The IC3's complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration. The complaint information is also used to identify emerging trends and patterns.

SpamScams.net

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Investment Scam

The IC3 continues to receive complaints involving subjects who have obtained the names and social security numbers of individuals for illegal purposes. Subjects use the information to defraud the U.S. government by electronically submitting a fraudulent tax return for a hefty refund. The prevalence of such complaints mirrors the recent surge in tax fraud cases involving identity theft.

Investment fraud is another scheme with an Internal Revenue Service (IRS) nexus, on which the IC3 has received complaints. Subjects are incorporating the use of bogus IRS documents to perpetrate this scheme. One example of how subjects are using bogus IRS documents to commit investment fraud and steal victims' identities is by the subjects posing as a tax consulting firm. The subjects engage potential victims via telephone and attempt to convince them to sell their under-performing shares in a company. The potential victim is advised to sell their corporate shares, applicable taxes must be paid. Some of the victims were also advised they had to buy other certain shares with their profit. Documents such as share certificates and invoices for federal and state taxes were exchanged via e-mail. After the funds were wired, the subjects became unresponsive to the victim’s inquiries. An open source search also revealed multiple complaints concerning this scheme. It is unknown at this time how the subjects obtained knowledge that the victims actually owned under-performing stocks.

The loss amounts tend to be much higher with investment fraud complaints than in regular identity theft complaints.

Blackhole Exploit Kit 1.2.3 Released

Blackhole is currently the most widely purchased exploit pack in the underground market. An exploit pack is a software toolkit that is injected into malicious and/or compromised websites, allowing the attacker to push a variety of exploits targeting vulnerabilities of popular applications like Java and Flash.

On March 25, 2012, the Blackhole Exploit Kit 1.2.3 was released. This kit included the latest critical vulnerability in Java, allowing the bypassing of Java's sandbox environment. Java's sandbox is designed to provide security for downloading and running Java applications, while preventing them access to the hard drive or network. New malware samples appearing in the wild have been highly successful at exploiting this flaw. It is estimated at least 60% of Java users have not yet patched against this latest flaw, CVE-2012-0507.

The table below illustrates the number of vulnerabilities loaded by type and the overall percentage:

Termination of Your Certified Public Accountant (CPA) License Spam Campaign Containing Malware

Recently, unsolicited e-mails titled "[BULK] Termination of your CPA license" have been sent to numerous IC3 e-mail accounts. One example of the many e-mail addresses used was support@aicpa.org. The IC3 has also received complaints reporting this spam campaign.

The e-mails were purportedly from The American Institute of Certified Public Accountants concerning a complaint filed against the recipient for filing fraudulent tax refunds for their clients. A link was provided for the recipient to view the complaint. Recipients were advised to provide feedback within a specific period of time and threatened with possible termination of their accountant licenses if they failed to do so.

Analysis conducted by an IC3 Information Technology Specialist found the e-mails were pushing out a Blackhole exploit kit containing a Trojan redirector. It was also determined that the IP addresses used in this campaign have been involved in large volumes of DDoS activity from the same botnet and appear to have originated from Brazil.

Want to Get Paid to Drive Your Own Car?

Several complainants reported a scam to the IC3 involving the advertising of a company's logo on their personal vehicle while they go about their normal daily routine. Although legitimate offers exist, those scammed reported to the IC3 that initial contact with the subject was mostly through online ad postings. The posting offered an easy way to earn extra income by allowing businesses to advertise their logo on the complainant's personal vehicle through a vinyl decal or "auto wrap." The fraudsters were using company names such as Coca Cola, Monster Energy drink, Carlsberg beer, Heineken Co., and Red Bull.

Individuals were advised they would be paid an average of $400-$600 per week in exchange for driving around with vinyl advertising signs wrapped around their vehicle. Those interested in participating were asked to provide their contact information and vehicle details. They were promised an up-front payment, which would be sent by check or money order.

The employment offer was, of course, entirely bogus. Those who fell for the scam received a check or money order for more than the promised amount. They were directed to cash it and wire the difference to a third party, who was supposed to be the graphics designer to pay for the cost of the design. The checks and money orders turned out to counterfeit and the criminals, once again, were able to convert fraudulent checks and money orders into untraceable cash, leaving the victim responsible for the bank's losses.

Online Property Rental Scenarios

The IC3 continues to receive complaints regarding rental property scams from victims and real estate agencies. Several real estate agencies reported that their listings are being duplicated to perpetrate fraudulent online postings. These postings have been damaging to their companies reputations. These complaints make it evident that there are many who capitalize on people are looking to rent property and attempt to take advantage of those individuals, especially when they are in pressing situations in which they need to find a residence within a short amount of time.

Below are some scenarios of the scheme recently reported to the IC3:

• A fraudster posted rental property online. When the prospective renter inquired about the property via e-mail, the fraudster requested detailed personal information, as well as a security deposit of $1000 to hold the home. Payment, in the form of a money order, was requested because of the "online scams." After the deposit was received, the fraudster claimed that he mailed the keys and lease agreement for a hard copy to be signed. Later, the victim received an e-mail from an individual posing as the fraudster's "lawyer" stating a hold had been placed on the package containing the key until the full amount of the first and last month's rent is paid. The victim realized it was a scam after they contacted the realtor who advised the home had been foreclosed.
• Another victim also responded via e-mail to an online post advertising a house for rent. The victim was asked to submit an online credit report. The fraudster then provided a link in his e-mail, allowing the victim’s credit report information to be directly accessible to him.
• A complainant had inquired about a condo rental advertised online. The complainant was advised to go to the condo and call the fraudster so he could meet her with the keys. Upon placing the call, no one answered. Later, the fraudster provided the complainant an excuse for not being available and requested the deposit be made through an online payment service. After the deposit was made, the complainant realized it was a scam and contacted the online payment service. Upon an investigation, the receiver of the deposit advised they had been defrauded as well and was only acting as the "pay agent" for the true fraudster.

For more information regarding online scams visit our Press Room page for the most current Public Service Announcements. http://www.ic3.gov/media/default.aspx

SpamScams.net

The following email spam was disguised to be from the US Postal Service, using support@usps.com as the sender's email address, and contained an attachment. DO NOT download or open the attachment. The primary email hostname for this email was w16.webd.pl.

Delivery information,

Our company’s courier couldn’t make the delivery of parcel.
Status deny:It’s not right the address of recipient.

LOCATION OF YOUR PARCEL:Glendale
STATUS OF YOUR PARCEL: not delivered
SERVICE: Express Shipping
ITEM NUMBER:U194369668NU
FEATURES: Yes

Label is enclosed to the letter.
You should print the label and show it in the nearest post office to get a parcel.

Information in brief:
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it's keeping in the amount of $3.48 for each day of keeping.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you for your attention.
USPS Customer Services.

[The attachment Label_Parcel_USPS_13-114.zip has been manually removed]

SpamScams.net

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends and new twists to previously-existing cyber scams.

Fraudulent Utility Bill E-mail

The IC3 has received over 40 complaints since May 2011 reporting the receipt of an unsolicited e-mail purportedly from a specified utility company. The e-mail stated the recipient had a new bill which needed to be paid, and the bill was attached to the e-mail. The recipient was instructed to click on the attachment to view their bill. The attachment contained a zip file with a computer virus.

The e-mail concluded by stating the recipient received the e-mail message, because he/she receives e-bills from this utility company. Many of the recipients are located in areas of the United States that do not use this utility company as their electric provider.
Businesses Targeted With E-mail Purportedly from the Better Business Bureau (BBB)

The IC3 has received several complaints from businesses regarding an e-mail, purportedly from the BBB, which states the BBB has received a complaint from a customer regarding their business. The recipient is asked to review the complaint attached to the e-mail and respond to the BBB. The file attached to the e-mail contains a virus.

In one complaint received by the IC3, a business claimed their computer was infected with a virus after opening the attachment in the e-mail they received. As a result, the business lost nearly $100,000 when fraudsters successfully wired money from the company's bank account after the virus enabled them to capture passwords and other important banking information.

The BBB posted the following alert on December 7, 2011.
http://www.bbb.org/us/article/alert-malicious-complaint-email-claiming-its-from-bbb-30916

Moving Company Scams

The IC3 continues to receive complaints regarding moving company scams. The complaints received at the IC3 do not appear to be linked to each other. There are many individuals who take advantage of those posting moving services on-line, receive an estimate for the service, and hire the company. Scams include the company showing up, and the estimate suddenly doubles or additional fees are added; the counterfeit check scheme, where the victim is selling an item on-line, and the buyer claims a moving company has been hired to pick up the merchandise, and the buyer pays for the merchandise with a check written for more than the price of the merchandise; and after loading and driving away with the customer’s property, the moving company later calls to inform the customer they must pay more if they want to see their belongings again, basically holding the property hostage. Often, even after paying the additional costs, deliveries were late and many of the customers’ items were damaged or missing. Those who refused to pay the additional cost were told they would not receive a refund or their belongings.

Browser Bot Infection

What happens when your web browser becomes the "bot?" A look at a current Trojan infection campaign similar to the infamous Zeus malware makes open source web browser users a bit nervous.

The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself. Unfortunately, the kill function is a bit excessive and deletes critical system files, which in turn prevents users from logging in properly.

The way it builds the malicious code into the open source browser is notable, because it uses the design of the browser against itself. In the past, researchers have seen threats create malicious extensions. Users would have to disable that particular add-on, which would eradicate the threat. For this particular piece of malware, this is not the case. Since it is a component, it does not appear as an add-on in the browser's Add-ons Manager in the same manner other extensions and plugins appear. Furthermore, due to the design of the open source browser, the Trojan will be reinstalled every time the browser establishes a connection to the Internet.

HTML Attachments Used to Spread Malware

In the last month, security researchers have observed several large spam campaigns with malicious HTML attachments. A 2007 botnet is believed to be behind the spike in these attacks. Traditionally, HTML-based attachments were used for phishing attacks to entice HTML victim to the desired spoofed web page. This current attack vector uses the HTML attachment with malicious javascript to redirect victims to the exploit kit. The exploit kit will then scan the target machine for vulnerabilities that can be exploited to install an information-stealing Trojan.

For more information regarding online scams visit our Press Room page for the most current Public Service Announcements. http://www.ic3.gov/media/default.aspx

SpamScams.net

So I promise you. Have you ever wondered why the average industry retention rate is only 5%? Why some people just seem to have the Midas touch and sky rocket to the top of their com plans. While other other struggle, even to sponsor just one person. Ask yourself these few questions;

Number 1: Am I, really, personally sponsoring at the rate I want?

Number 2: Is my team sponsoring rate work should be?

Number 3: Is my business growing week to week?

Number 4: Is there more than 50% of my team making more than $1,000 a month -- be honest, for that one.

If the answer is "no" to any these questions and let me give you three, absolutely free, three Building tips in the area of marketing, lead generation and social media that will absolutely explode your business without destroying those relationships

Call me at this number [ REDACTED ] extension, 2030. Let's talk.

We were the top sponsoring couple in two well known companies. We have trained and coached over thousands of people in the the direct sales industry.

Let me tell you, we were given the same promises about traditional methods of building these businesses and nearly destroyed our relationships with our family and our friends.

It does not have to be that way.

Again, you can call me direct. At [ REDACTED ] extension 2030.

If you do not reach me you can leave a message with your area code, number, first and last name and I will get back to you shortly.

Again, that number is [ REDACTED ] extension 2030.

We'll be talking to you soon. I'd love to hear your story.

Press 9. If you wanna be removed from this list.

SpamScams.net

Dear Walmart shopper, Congratulations you have just won a $1000 Walmart Gift Card. Click here to claim your gift. www.WmartCash.com (cancel: reply STOP)

SpamScams.net

U.S. Law Firms Continue to be the Target of Counterfeit Check Scheme

The IC3 continues to receive reports of counterfeit check schemes targeting U.S. law firms. The scammers contact lawyers via e-mail, claiming to be overseas and requesting legal representation in collecting a debt from third parties located in the U.S. The law firms receive a retainer agreement and a check payable to the law firm. The firms are instructed to deposit the check, take out retainer fees, and wire the remaining funds to banks in China, Korea, Ireland, or Canada. After the funds are wired overseas, the checks are determined to be counterfeit.

In a slight variation of the scheme’s execution, the victim law firm receives an e-mail from what appears to be an attorney located in another state requesting assistance for a client. The client needs aid in collecting a debt from a company located in the victim law firm’s state. In some cases, the name of the referring attorney and the debtor company used in the e-mail were verified as legitimate entities and were being used as part of the scheme. The law firm receives a signed retainer agreement and a check made payable to the law firm from the alleged debtor. The client instructs the law firm to deposit the check and to wire the funds, minus all fees, to an overseas bank account. The law firm discovers after the funds are wired that the check is counterfeit.

Law firms should use caution when engaging in transactions with parties who are handling their business solely via e-mail, particularly those parties claiming to reside overseas. Attorneys who agree to represent a client in circumstances similar to those described above should consider incorporating a provision into their retainer agreement that allows the attorney to hold funds received from a debtor for a sufficient period of time to verify the validity of the check.

If you have been a victim of an internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.

SpamScams.net

For Immediate Release
Department of Justice
WWW.JUSTICE.GOV
(202) 514-2007 TDD (866) 544-5309

Washington – The Department of Justice, the FBI and the National Center for Disaster Fraud (NCDF) remind the public there is a potential for disaster fraud in the aftermath of a natural disaster. Suspected fraudulent activity pertaining to relief efforts associated with the recent series of tornadoes in the Midwest and South should be reported to the NCDF hotline at 866-720-5721. The hotline is staffed by a live operator 24 hours a day, seven days a week, for the purpose of reporting suspected scams being perpetrated by criminals in the aftermath of disasters.

NCDF was originally established in 2005 by the Department of Justice to investigate, prosecute and deter fraud associated with federal disaster relief programs following Hurricanes Katrina, Rita and Wilma. Its mission has expanded to include suspected fraud related to any natural or man-made disaster. More than 20 federal agencies, including the Justice Department's Criminal Division, U.S. Attorneys' Offices and the FBI, participate in the NCDF, allowing the center to act as a centralized clearinghouse of information related to disaster relief fraud.

In the wake of natural disasters, many individuals feel compelled to contribute to victim assistance programs and organizations across the country. The Department of Justice and the FBI remind the public to apply a critical eye and do its due diligence before giving to anyone soliciting donations on behalf of tornado victims. Solicitations can originate from e-mails, websites, door-to-door collections, mailings and telephone calls, and similar methods.

Before making a donation of any kind, consumers should adhere to certain guidelines, including the following:

• Do not respond to any unsolicited (spam) incoming emails, including clicking links contained within those messages, because they may contain computer viruses.
• Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via email or social networking sites.
• Beware of organizations with copycat names similar to but not exactly the same as those of reputable charities.
• Rather than following a purported link to a website, verify the existence and legitimacy of non-profit organizations by utilizing various Internet-based resources.
• Be cautious of emails that claim to show pictures of the disaster areas in attached files, because the files may contain viruses. Only open attachments from known senders.
• To ensure that contributions are received and used for intended purposes, make donations directly to known organizations rather than relying on others to make the donation on your behalf.
• Do not be pressured into making contributions; reputable charities do not use coercive tactics.
• Do not give your personal or financial information to anyone who solicits contributions. Providing such information may compromise your identity and make you vulnerable to identity theft.
• Avoid cash donations if possible. Pay by debit or credit card, or write a check directly to the charity. Do not make checks payable to individuals.
• Legitimate charities do not normally solicit donations via money transfer services.
• Most legitimate charities maintain websites ending in .org rather than .com.

In addition to raising public awareness, the NCDF is the intake center for all disaster relief fraud. Therefore, if you observe that someone has submitted a fraudulent claim for disaster relief, or any other suspected fraudulent activities pertaining to the receipt of government funds as part of disaster relief or clean up, please contact the NCDF.

If you believe that you have been a victim of fraud by a person or organization soliciting relief funds on behalf of tornado victims, or if you discover fraudulent disaster relief claims submitted by a person or organization, contact the NCDF by phone at (866) 720-5721, fax at (225) 334-4707 or email at disaster@leo.gov.

You can also report suspicious e-mail solicitations or fraudulent websites to the FBI’s Internet Crime Complaint Center at www.ic3.gov.

SpamScams.net

Email Subject: Attention! Critical Information About Your Account

Dear Paypal valued member,

Due to concerns, for the safety and integrity of the paypal account we have issued this warning message.

It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. This notification expires in 1 day. After that your account will be locked.

Once you have updated your account records your paypal account service will not be interrupted and will continue as normal.

Please follow the link below and login to your account and renew your account information

https://www.paypal.com/cgi-bin/webscr?cmd=_login-run

(Admin note: the above is the anchor text for the link but the link actually goes to a different website. Do NOT click the link!)

Sincerely,
Paypal customer department!

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.

SpamScams.net

Hi,

Greetings of the Day!

Are you looking for a reliable, creative and experience team for the web designing or redesigning of your website???

Do you want to put your business model and creative ideas in the design of your website? We will match your business goal with our creative ideas.

We are a vibrant and fast moving platform that surpasses customers’ expectations by consistent focus on the designing, creativity and business model.

We are one of the India's largest firm with finely crafted creative and strategic designers and develop an SEO friendly website to give meaning to your online business.

We have innovative web solutions for organizations including advanced database interactivity & database design, e-commerce solutions, Flash design with programming etc.

Our expertise is in following areas:

1. HTML/DHTML
2. Flash Pages with programming.
3. Advanced Database interactivity.
4. XML
5. Programming in PHP.Net,
6. Logo Designing

Please reverts for designing or redesigning of your website with the most competitive rate and the best quality delivery.

Work with us and you would see the difference
-----------------------------
Kind Regards
Johny
Online Marketing Consultant

SpamScams.net

The IC3 continues to receive complaints from victims of payday loan telephone collection scams. As previously reported in the IC3 alert posted December 1, 2010, the typical payday loan scam involves a caller who claims the victim is delinquent on a payday loan and must make payment to avoid legal consequences. Callers pose as representatives of the FBI, Federal Legislative Department, various law firms, or other legitimate-sounding agencies and claim to be collecting debts for companies such as United Cash Advance, U.S. Cash Advance, U.S. Cash Net, or other Internet check-cashing services. The fraudsters relentlessly call the victim’s home, cell phone, and place of employment in attempts to obtain payment. The callers refuse to provide information regarding the alleged payday loan, refuse to provide any documentation, and become abusive when questioned.

The IC3 has recently observed a variation of this scam in which the caller tells the victim there are outstanding warrants for his/her arrest for non-payment and hacking into a named business with the intent of obtaining customer information. During the perpetration of this crime, the caller demands payment via debit/credit card; in other cases, the caller further instructs victims to obtain a prepaid card to cover the payment.

The high-pressure collection tactics used by the fraudsters have also evolved. In one recent complaint, a person posing as a process server actually made a personal appearance at the victim’s place of employment. In another instance, a fake process server came to victim’s home. In both cases, after claiming to be serving the victim with a court summons, the alleged process server indicated the victim could avoid going to court if the victim provided a debit card number for repayment of the loan.

If you are contacted by someone who is trying to collect a debt that you do not owe, you should:

• Contact your local law enforcement agencies if you feel you are in immediate danger;
• Contact your bank(s) and credit card companies;
• Contact the three major credit bureaus and request an alert be put on your file;
• If you have received a legitimate loan and want to verify that you do not have any outstanding obligation, contact the loan company directly;
• File a complaint at www.IC3.gov

SpamScams.net

Timeshare owners across the country are being scammed out of millions of dollars by unscrupulous companies that promise to sell or rent the unsuspecting victims' timeshares. In the typical scam, timeshare owners receive unexpected or uninvited telephone calls or e-mails from criminals posing as sales representatives for a timeshare resale company. The representative promises a quick sale, often within 60-90 days. The sales representatives often use high-pressure sales tactics to add a sense of urgency to the deal. Some victims have reported that sales representatives pressured them by claiming there was a buyer waiting in the wings, either on the other line or even present in the office.

Timeshare owners who agree to sell are told that they must pay an upfront fee to cover anything from listing and advertising fees to closing costs. Many victims have provided credit cards to pay the fees ranging from a few hundred to a few thousand dollars. Once the fee is paid, timeshare owners report that the company becomes evasive—calls go unanswered, numbers are disconnected, and websites are inaccessible.

In some cases, timeshare owners who have been defrauded by a timeshare sales scheme have been subsequently contacted by an unscrupulous timeshare fraud recovery company as well. The representative from the recovery company promises assistance in recovering money lost in the sales scam. Some recovery companies require an up-front fee for services rendered, while others promise no fees will be paid unless a refund is obtained for the timeshare owner. The IC3 has identified some instances where people involved with the recovery company also have a connection to the resale company, raising the possibility that timeshare owners are being scammed twice by the same people.

If you are contacted by someone offering to sell or rent your timeshare, the IC3 recommends using caution. Listed below are tips you can use to avoid becoming a victim of a timeshare scheme:

• Be wary if a company asks you for up-front fees to sell or rent your timeshare.
• Read the fine print of any sales contract or rental agreement provided.
• Check with the Better Business Bureau to ensure the company is reputable.

To obtain more information on Internet schemes, visit LooksTooGoodToBeTrue.com.

Anyone who believes they have been a victim of this type of scam should promptly report it to the IC3's website at www.IC3.gov. The IC3’s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

SpamScams.net

Email Subject: Scheduled Maintenance & UpgradeIT Help Desk

Attention Account User,

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newset of Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along withh IMAP Support for mobile devices that Support IMAP to enhance your usage.

To ensure that your account is not intermittently disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* User name:
* Password:

This will prompt the upgarde of your account.

Failure to acknowledge receipt of this notification, might result to a temporal deactivation of your account from our database.

Your account shall remain active upon your confirmation of your login details.

We do apologize for any inconvenience caused.

IT Help Desk.

© Copyright 2012, All Rights Reserved.

SpamScams.net

Joint FBI and DHS Public Service Announcement:

Cyber criminals can damage their victim's computer systems and data by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. By wiping, or "zeroing out," the hard disk drives, which overwrites good data with zeros or other characters, the criminals effectively erase or alter all existing data, greatly impeding restoration. This sort of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Completing network restoration efforts and business damage assessments may also be hampered.

The FBI and DHS encourage businesses and individuals to employ mitigation strategies and best practices such as:

• Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
• Regularly mirror and maintain an image of critical system files.
• Encrypt and secure sensitive information.
• Use strong passwords, implement a schedule for changing passwords frequently, and do not reuse passwords for multiple accounts.
• Enable network monitoring and logging where feasible.
• Be aware of social engineering tactics aimed at obtaining sensitive information.
• Securely eliminate sensitive files and data from hard drives when no longer needed or required.

The US-CERT Web page at www.us-cert.gov hosts a wide range of tips, best practices, and threat information for business and home users.

To receive the latest information about cyber schemes, please visit the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes.

If you have been a victim of cyber crime, please file a report with the Internet Crime Complaint Center at www.IC3.gov.

SpamScams.net

The FBI has observed a trend in which cyber criminals are compromising the e-mail accounts of U.S. individuals and businesses and using variations of the legitimate e-mail addresses associated with the victim accounts to request and authorize overseas transactions. The wire transfers are being sent to the bank accounts of individuals typically located domestically or in Australia and the funds are being sent directly to Malaysia. Investigations indicate that some of the money mules in the U.S. and Australia are victims of a romance scam and are asked to further transfer the funds to Malaysia. As of December 2011, the attempted fraud amounts total approximately $23 million; the actual victim losses are approximately $6 million.

This type of fraud has affected banks, broker/dealers, credit unions and other institutions. Therefore, this threat is relevant to any organization that may engage with clients through e-mail channels.

In a typical scenario, the cyber criminal will send an e-mail to a financial institution, brokerage firm employee, or the victim’s financial advisor pretending to be the victim and request the balance of the victim’s account. When the request for balance information is successful, the cyber criminal then sends another e-mail providing a reason why they can only communicate via e-mail and asks that a wire transfer be initiated on their behalf. The excuse is typically based on an illness or death in the family which prevents the account holder from conducting business as usual.

Victims

Victims of these schemes include both individuals and businesses that typically invest significant amounts of money with their financial advisor(s) or financial institution(s). The individual unauthorized wire transfers range from $17,500 to $183,000.

E-mail Addresses

Cyber criminals are using both legitimate compromised e-mail accounts and e-mail addresses that are slightly altered. In cases in which the e-mail addresses were adjusted, they were either modified via the top level domain (eg., from .com to .net) or by adding an additional letter to the user name (eg., abcd@abc.com to abcdd@abc.com). Further investigations have also revealed that the e-mail service provider name has been modified by changing a letter to a number or vice versa (eg., abc@0123.com to abc@.O123.com). The modifications can be very subtle and easily mistaken as the legitimate account holder’s official e-mail address on file. In many cases, the e-mails have originated from e-mail service providers including Yahoo, Gmail, and AOL.

Authentication

In some instances wary financial institutions or brokerage firm employees asked for a letter of payment authorization via fax, and the cyber criminals were able to produce a fax with the legitimate customer’s signature as further proof that the transaction was being requested by the bank customer. This was most likely done through extensive research of the compromised e-mail accounts in which the cyber criminals were able to obtain copies of official documents signed by the victim. Some institutions reported that the signatures resembled a “copy and paste” from a previous document.

There have been several reports connected to this scheme where the cyber criminal modified the victim’s e-mail settings to block all legitimate e-mails from the victim’s financial institution. This was accomplished either by implementing a spam rule to dump all communications from the financial institution into a spam folder or automatically deleting the communications. Either method prevents the victim from being alerted that the transaction had taken place and may provide additional time for the money to be transferred out of the account before anyone can identify the transaction as fraudulent.

Recommendation to Financial Institutions

1. Review internal procedures to ensure payment instruction authentication and validity.
2. Enhance internal awareness of this fraudulent activity and ALWAYS perform proper authentication of the customer and internal verification processes even if client is asking for a “rush.”
3. Perform out-of-band authentication and verification of the payment instructions through a validated contact channel.
4. Leverage payment instruction and transaction anomaly tools to flag suspect transactions.
5. Use traditional security tools (DLP, spam filters, etc.) to search for e-mails with key words like “wire + funeral”, or “wire + travel,” etc. Clients and employees noted in flagged messages should then be contacted directly by other resources within your financial institution.
6. Provide notice of this joint FBI/FS-ISAC bulletin to customers via various delivery channels, i.e., e-mail, financial institution website, branch flyers, etc.
7. Review and implement financial institution payment instruction processes in the context of the Federal Financial Institutions Examination Council (FFIEC) Supplemental Authentication Guidance (PDF) that was issued on June 28, 2011.

Incident Reporting

1. The FS-ISAC encourages member institutions to report any observed fraudulent activity through the FS-ISAC submission process and login at http://www.fsisac.com/. This can be done with attribution or anonymously and will assist other members and their customers to prevent, detect, and respond to similar attacks.
2. The FBI encourages victims of cyber crime to contact their local FBI field office, http://www.fbi.gov/contact/fo/fo.htm, or file a complaint online at www.IC3.gov.
3. Financial institutions’ compliance or anti-money laundering team should submit a Suspicious Activity Report (SAR) utilizing the Account Takeover guidance recently issued by the Financial Crimes Enforcement Network (FinCEN).

This product was created as part of a joint effort between the Federal Bureau of Investigation, the Financial Services Information Sharing and Analysis Center (FS-ISAC), and the Internet Crime Complaint Center (IC3). Download the PDF here

SpamScams.net

Dear friend,

I have decided to use this medium to contact you today for a corporate business partnership and international relationship. However strange or surprising this contact might seem to you, as we have not met face to face nor had any dealings in the past. I humbly ask you take due consideration of its importance and the immense benefit it will be to you and I in the very nearest future. But, on the other hand, I duly apologize for infringing on your privacy if this offer and contact is not acceptable to you.

In a nut shell, the purpose of my writing to you is that I want to pull out an unclaimed deposited funds, amounted to the total sum of seven million five hundred thousand Euros that belong to one of our late customers who died in a ghastly auto accident along with his entire family here in Burkina Faso some years back.

Ever since we gathered the information about his death, we have been expecting any of his relatives or business associates to visit our bank and put claim over the said funds, but up till this time of writing no next of kin or associate of him has come forward to claim his funds with us. Hence, I decided to contact you today for your capable, reliable assistance and maximum cooperation to transfer the funds out from our country into yours for a solid investment between two of us in the very nearest future.

As it may interest you to know, for your future cooperation and maximum efforts, 35% of the money will be for you as my foreign partner, 64% of it will be for me and one of my colleagues that will eventually visit your country for disbursement and investment of our funds portion, while 1% will be set aside for expenses incurred during the business, most especially telephone communication bills.

To be more honest and candid with you, I need your maximum assistance and co-operation to get this deal done, because as a foreigner you stand in a very better position to be presented through documentation as the business associate from your country since the deceased was also a foreigner. In this regard, I want you to assure me of your capability of handling this transaction perfectly with trust and confidence by giving me the following information about yourself:

1. Your full name.
2. Your residential and postal address
3. Your occupation and position.
4. Your age.
5. Your marital status.
6. Your direct telephone and fax number for quicker and effective communication.

As a matter of fact, it is pertinent to also inform you that all modalities and logistics are in good shape to effect payment into your nominated bank account as soon as you applied to our bank as a claimant. So, advisably, I will prefer all further communication and future correspondences in English language. Meanwhile, I strongly advise that you treat this communication with top maturity and confidentiality for future prospect.

Most importantly, I pray and implore you to kindly reply me as soon as you received this email. And above all, upon receipt of your quick and positive response, I will equally send you all the necessary vital information concerning the deceased person himself, details information of the paying bank here in Burkina Faso and all other coverage that you might needed to achieve 100% success at the end of the day.

I look forward to your quick and positive response / acceptance. Thank you for the common understanding and future cooperation.

Yours faithfully,

Mr. Abdul RAHIM.

SpamScams.net

Hi Sir/Madam

I am Marketing Manager.

We have a SEO discount offer on the New Year 2012 occasion going for the following package:

Monthly Task and responsibilities:

Package For 15 Keywords:

1. 20 Search Engine Submissions
2. 200 Manually Directory Submissions
3. 90 Article Submissions (1 Articles Submit in 30 Top Directories)
4. 10 Press Release Distributions (1 Press Release submit in 10 Sites)
5. 5 Web2.0/Blog postings(Using pre-written articles)
6. 30 Social Bookmarking Submissions
7. 5 Forum postings
8. 3 Unique Article writing (400+ words)
9. 1 Press Release writing (350+ words)
10. Keywords Mapping
11. New pages suggestions
12. Keywords research
13. Competitor Analysis
14. Title Tag changes suggestions
15. Meta tags changes suggestions
16. Alt tag changes suggestions
17. HTML Site Map
18. XML site map setup
19. Anchor text optimization
20. Google webmaster setup
21. Google analytics setup
22. Weekly Work Report
23. Monthly Ranking Report
24. Monthly Full Detailed SEO Work Report in Excel

Note: We send weekly report to each of our clients so that they can have regular updates on their website. Also, this shows that we work regularly on the website in a very elegant way.

We use only white hat SEO techniques for each website.

Our Best rate for this is: USD 250 per month per project.

This Discount is Valid till Jan 31th 2012.

Please let us know in case you are interested.

Thanks & Regards,
Marketing Manager

P.S. :- Happy New Year 2012

SpamScams.net

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Popular Passwords

An Internet site who manages passwords recently posted an article pertaining to the lack of secure passwords being utilized which may be a factor in data breaches -- past, present, and future. One reason for the lack of security is the amount of passwords a user is required to remember to access the many databases, applications, multiple networks, etc., used on a daily basis. Sharing passwords among users in a workplace is becoming a common theme to continue the flow of operations. Users have prioritized convenience over security when establishing passwords.

The article provided a list of millions of stolen passwords posted on-line by hackers and ranked the top 25 common passwords.

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

Operation In Our Sites

On November 28, 2011 (Cyber Monday), the Department of Homeland Security released a bulletin announcing that 150 Web site domain names were seized by U.S. Immigration and Customs Enforcement's Homeland Security Investigations, the National Intellectual Property rights Coordination Center, the Department of Justice, and the FBI Washington Field Office. These domains were illegally selling and distributing counterfeit merchandise. The seized domains are now in the custody of the federal government, and visitors to these sites will find a banner indicating the domain has been seized by federal authorities. The entire bulletin is available at http://content.govdelivery.com/bulletins/gd/USDHSICE-1e5f08.

Internet Crime Complaint Center's (IC3)
Scam Alerts
December 29, 2011

SpamScams.net

Email subject: "Your Amazon.com order of "Keurig Special Edition KNZ 8 Cups Coffee Maker" has shipped!"

Hello,

Shipping Confirmation
Order # 284-2844017-1733963

Your estimated delivery date is:
Tuesday, December 22, 2011

Track your package Thank you for shopping with us. We thought you'd like to know that we shipped this portion of your order separately to give you quicker service. You won't be charged any extra shipping fees, and the remainder of your order will follow as soon as those items become available. If you need to return an item from this shipment or manage other orders, please visit Your Orders on Amazon.com.

Shipment Details

Keurig Special Edition KNZ 8 Cups Coffee Maker $149.95
Item Subtotal: $149.95
Shipping & Handling: $0.00
Total Before Tax: $149.95
Shipment Total: $149.95
Paid by Visa: $149.95

You have only been charged for the items sent in this shipment. Per our policy, you only pay for items when we ship them to you.

Returns are easy. Visit our .
If you need further assistance with your order, please visit Customer Service.

We hope to see you again soon!
Amazon.com

SpamScams.net