Low cost software offers, contact updating services, phishing, and more: Internet ScamBusters #125
We have such a backlog of questions that we decided to do a Q&A session today. We'll answer these five questions:
- Are very low cost software offers scams?
- Was your advice on avoiding contact updating services wrong?
- Should I be scared about the Nigerian scam email I received?
- Should we send you copies of scam emails we receive?
- Humorous phishing scam
Time to begin...
Internet ScamBusters Q&A
Question: From time to time I receive spam offering name-brand professional software - Microsoft, Adobe, Macromedia, etc. at amazing prices relative to the shop/ official online prices.
Following through the URLs given finds a professional looking website declaring everything to be 100% legal.
The rationale (where given) for the price reductions is that the software comes unpackaged without 'paper' manuals, which raises prices.
The offer is spam. It uses a number of well-known methods such as believable senders' names (Jonathan Adams) and spelling tricks to avoid anti-spam software.
Is this spam a scam?
Answer: There are many examples of this type of spam. Regardless of which specific one you receive, the answer to your question is:
Yes, it's a scam.
How do we know? There are two reasons: First, because almost everything that arrives via spam is a scam (at LEAST 99.99%).
Second, there are lots of scams involving low cost software offers. The software is either stolen, counterfeit, or non-existent (a phishing and/or identity theft scam).
Don't ever reply to or buy from spam -- you'll then protect yourself from the #1 way to get scammed on the Net.
For more suggestions on avoiding counterfeit items online, click here.
Question: Thanks so much for ScamBusters. I find it helpful and share it with others as appropriate.
In a recent issue, however, you have some info with which I disagree. I use two LEGITIMATE and free online contacts lists -- Plaxo and LinkedIn.com -- with great success. I have had no problem with program updates, etc. These contact lists are confidential and password protected UNLESS the account holder adds the service's Outlook toolbar, and then anyone can hack the contact info.
Plaxo.com and LinkedIn.com are legitimate outfits. Please run a clarification in your next newsletter.
Answer: Many subscribers wrote to tell us this.
We did not mean to imply that all services that provide contact updating information are scams. Of course there are legitimate services, and the two you mention both have good reputations.
However, we still stand by our recommendation.
At the very least, you should be VERY careful about giving out your personal information unless you know exactly how it will be used and that the information is truly secure.
Many people don't have the time to research different services, and often the info is requested by people whom they do not even know. We believe it is best to be over-cautious in this area.
Question: Hi there! First of all I want to say that I find your newsletters very interesting and useful.
I would like to tell you about an email I received several days ago and I would be grateful if you gave me some details on how it works and if I have the obligation of reporting it further, and where.
PLEASE do not reveal my identity further. I'm quite scared of what might happen; I've never been in a situation like this!
By the way, please tell me if I have any reasons to be scared of anything like this.
Here is the email as I received it:
<snip> [A Nigerian fee scam email follows.]
Answer: This is a scam. Do not respond.
Many, many millions of people have gotten emails like this. There is nothing to worry about if you don't respond. The authorities have many thousands (if not millions) of copies already, and are not interested in collecting more.
To understand how the Nigerian fee scam works, you can read more about it here.
Question: Don't you think it might be a good Idea to incorporate into your emails and/or your website a way for people to send in to you SCAM emails that they have received?
For example, I have received many SCAM emails of all types, about large money transfers and about updating financial credit information or banking account information, SCAM emails trying to make a person feel sorry for someone so they will send them money. Lots and lots of stuff like this out there and coming in everyday to me anyway.
I think we Internet users need one central place to send all this stuff and then you guys could also get law enforcement involved where needed. Let me know what you think about this.
Answer: Please do NOT send us your scam emails. We get over a thousand a day as it is!
(The only exception is if you are REALLY knowledgeable about scams and you get something that is truly new. Then please use our support form to ask if we want a copy. We probably will have seen it, but occasionally there is something new. But please do not just send variants of the scams we've written about in this newsletter and on the site.)
Law enforcement agencies have no shortage of these scam emails either. The problem is not identifying that there are scams -- it is the resources and jurisdictions involved in dealing with scams.
Finally, this one isn't a question, but it's a great way to end this issue:
Thanks to Randy for passing this on... It's a normal phishing scam, but notice the 'From' address. LOL.
Date: 25 Apr 2005 02:30:37 -0000
Subject: Urgent Security Notification!
Dear Regions customer,
We recently reviewed your account, and suspect that your
Regions Personal Banking account may have been accessed by an
unauthorized third party...
That's it for today. We hope you're enjoying the Spring.