Saturday, July 23, 2011

How to spot a scam

From: ######## ########## <***************@sbcglobal.net>
Subject: Awful Trip............######## ##########
To: [undisclosed recipients]
Date: Monday, July 18, 2011, 7:06 AM

Hi,
I'm writing this with tears in my eyes,my family and I came down here to London, United Kingdom for a short vacation. unfortunately,we were mugged at the park of the hotel where we stayed,all cash and credit card were stolen off us but luckily for us we still have our passports with us.

We've been to the Embassy and the Police here but they're not helping issues at all and our flight leaves in few hours from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills. Well I really need your financially assistance..Please, let me know if you can help us out? Am freaked out at the moment!!

######## ##########

Let's take a look at this.

If you couldn't tell from "hello" that this email was a fake, here are a few things to consider before you decide to send the sender some money:

1) Consider the sender
2) Consider the language
3) Consider the message

1) Consider the sender
In this particular email, it was coming from the email account of someone I know. If you get an email with a similar message (I've seen a few within the last year), it will likely come from someone you know -- because your email address was in the sender's address book.

This particular sender was a high school football coach. I can't imagine him (a) with tears in his eyes (pretty sure he's never cr.ied, lol), (b) getting mugged (he's a pretty solid guy), or (c) being "freaked out at the moment" (what?!).

2) Consider the language
The grammar is bad, the spelling and punctuation aren't accurate, and the language is awkward or doesn't make sense. Here are a few examples:

"came down here to London, United Kingdom for a short vacation"
  • You probably know the sender (as noted above). Would it be "down" from their home to London?
  • Would the sender find it necessary to clarify "London" with "London, United Kingdom"? And, if they clarified "London," why not "England" instead of "United Kingdom"? Sounds like a non-native English speaker, to me....
  • Would the sender go all the way to London for a "short vacation"? This is more subjective, but I'd wager that for my particular email, this family from California might want to spend more than a "short vacation" if they go that far.
"at the park of the hotel where we stayed"
  • More phrasing that sounds non-native English speaking.
  • The true sender would probably say "hotel's park" - although that's not a phrasing I'm personally familiar with (a hotel with a park?).
  • The true sender would probably say "hotel we stayed out" instead of "hotel where we stayed"
"Well I really need your financially assistance.."
  • "financially assistance," eh?
  • Why are you asking me instead of your bank or your family?
"Our flight leaves a few hours from now."
  • This sentence is meant to express urgency and inspire you to quick action. But:
    • How long has it been since the email has been sent?
    • What time was it in the sender's location at the time of the email? Was it reasonable for a flight to be leaving in the next few hours?
  • The lack of specificity is common in many phishing/scam emails. Why no flight number or flight time?
"Please, let me know if you can help us out?"
  • To me, seems awkward to end the sentence with a question mark; that sentence is making a request, not asking a question.
  • Didn't provide any way to contact him.
"Am freaked out at the moment!!"
  • Nit: Why not "right now," instead of "at the moment!!"
  • Nit: Tense should probably be "freaking"
3) Consider the message
  • The sender was robbed on vacation and lost all money, but retained a passport. The police and the embassy aren't helping. The hotel manager is preventing them from leaving. They need money fast. Can't you help?
  • Does that make any sense? Some things don't just add up:
    • They had the presence of mind to not have their passport on them, but not leave some money or a credit card behind with it?
    • The police isn't helping with what? Recovering the money quickly enough? Not sure what kind of help they're anticipating once they file a police report...
    • The embassy isn't helping with what? The sender still has a passport; I'd expect the embassy to be helping the traveler get documents to leave the country if a passport was stolen. The embassy isn't going to pay their hotel bills...
    • The hotel isn't letting them leave before their bill is settled? I'm not sure how hotels in London work, but in the U.S., you give a credit card at check-in and then the final bill is slipped under your door early in the morning before you check out. The bill will be settled because the hotel received payment information at check-in. Further, while not an advocate of skipping out on hotels or restaurant checks, I'll just point out that I'm not sure how the hotel can physically prevent the sender from catching the airplane.

It all seems fishy to me. Not planning on sending the email sender any money any time soon. I'd call them and let them know their email has been hi-jacked. If someone has control of the account to send that message, they're probably monitoring responses for both gullible persons who are trying to send money and aware persons who reply to warn the sender his account is hijacked. Most webmail providers have support pages that help users re-gain control of hijacked account.

What about you -- what else do you see in this email that makes you realize that it's a scam?
Posted by JErb at 11:29 PM 0 comments
Labels: , ,

a persistent weed

Doing maintenance and upgrades on a family member's PC (Windows Vista). Dutifully use Control Panel | Add/Remove Program to get rid of AVG. Uninstall appeared to be successful.

I tried to use Firefox a little while later to download another favorite tool, used the search feature in the address bar, and was taken to a search results page that was search.avg.com instead of Google.

What?!?!

Double-checked Add/Remove. No AVG remaining.

Searched the web. Found several other people who were having the same problem.

Found several remaining files from AVG.
  • AVG8 (Folder C:\Program Files\AVG)
  • AVG Security Toolbar (Folder C:\Users\#####\AppData\LocalLow)
  • AVGTOOLBAR (Folder C:\Users\#####\AppData\LocalLow)
  • AVG7 (Folder C:\Program Files\Grisoft)
  • AVG (Folder C:\Program Files\)
  • avg_igeared.sml (File C:\Program Files\Mozilla Firefox\searchplugins)
  • AVG8Uninstall.ico (File C:\Users\#####\AppData\Roaming\Software Informer\cache\icons)
  • avglinks.bmp (File C:\Users\#####\AppData\LocalLow\AVGTOOLBAR)
  • avglogo.bmp (File C:\Users\#####\AppData\LocalLow\AVGTOOLBAR)
  • avgtoolbartb0503.cfg (File C:\Users\#####\AppData\LocalLow\AVGTOOLBAR)
  • avhchk75.exe (Application C:\Program Files\Grisoft\AVG7)
  • glossary_avgcost.html (HTML Document)
Deleted them. Reset the keyword.url value from the search.avg.com hijack to http://www.google.com/search?hl=en&q=

Think we're back in business....



Keywords
AVG reset my firefox search settings
Firfeox search hijacked by AVG
Firefox search redirected to search.avg.com
AVG is a pain to remove
Posted by JErb at 9:54 PM 0 comments
Subscribe to: Posts (Atom)