Līve Ambitions

FYI – there’s a UPS email virus going around.

Yesterday, I received an email which seemed pretty legitimate.  It was an email from UPS telling me that my package was undeliverable.  Attached with the message was a file.  I almost opened the file, but decided that I should do a little research before opening a somewhat suspicious email.

Upon doing a search for “UPS virus scam”, I could pretty much confirm that what I had received was a virus file.

Here is the email virus that I received:

Hello!

The courier company was not able to deliver your parcel by your address.

Cause: Error in shipping address.

You may pickup the parcel at our post office personaly!

Please attention!

The shipping label is attached to this e-mail. Please print this label to get this package at our post office. Please do not reply to this e-mail, it is an unmonitored mailbox.

Thank you.
United Parcel Service of America.

The attachment was named: UPS_invoice_NR12345.zip

And, here is a message from UPS confirming the email virus:

Attention Virus Warning

We have become aware there is a fraudulent e-mail being sent that says it is coming from UPS and leads the reader to believe that a UPS shipment could not be delivered. The reader is advised to open an attachment reportedly containing a waybill for the shipment to be picked up.

This e-mail attachment contains a virus. We recommend that you do not open the attachment, but delete the e-mail immediately.

UPS may send official notification messages on occasion, but they rarely include attachments. If you receive a notification message that includes an attachment and are in doubt about its authenticity, please contact customerservice@ups.com.

Please note that UPS takes its customer relationships very seriously, but cannot take responsibility for the unauthorized actions of third parties.

Thank you for your attention.

Today, I received an email that looked like this.  The actual domain was changed.

(If you are not the person who is in charge of this, please forward to the right person/ department, as this is urgent, thank you.)

Dear CEO,  
                                                                                     
We are the department of registration service in China. We formally received an application on December 7, 2009, one company which self-styled Bopcl Corporation is applying for registering internet brand “domain”, and Domain names as below:

 domain.asia  
 domain.cc  
 domain.cn  
 domain.com.cn  
 domain.com.hk  
 domain.com.tw  
 domain.hk  
 domain.net.cn  
 domain.org.cn  
 domain.tw
                                                               
After our initial examination, we found out that Bopcl Corporation has no trade mark, brand nor patent even similar to that word. As authorized anti-cybersquatting organization we hereby suspect Bopcl Corporation to be a domain grabber. So we hope to get the affirmation from your company. If your company and this Bopcl Corporationas are the same company, there is no need reply to us, We will accept their application and will register those for them immediately.       
                                                                               
If your company has no relationships with that company nor does not authorize them, please reply to us within 5 workdays, if we can’t get any information from yours over 5 workdays, we will unconditionally approve the application submitted by Bopcl Corporation. Thanks for your cooperation.  
                                                                                    
Best regards,
 
halen
 
Senior Consultant
Tel:+86 2164609758
Fax:+86 2164609768
Website: http://www.nzcop.org.cn

Looks innocent enough, right?  Well, having received many of these types of emails in the past, I can pretty much confirm this is a scam.  These emails are an attempt to instill fear of losing your brand name in other TLD extensions.  And by instilling fear, they’re hoping to convince you to register those domain names via their website.

Here’s another email phishing scam to watch out for.

Email Subject Line:

Notification of Limited Account Access RXI033

Email Body:

Hello Steve,

As part of our security measures, we regularly screen activity in the PayPal
system. We recently contacted you after noticing an issue on your account.

We requested information from you for the following reason:

A recent review of your account determined that we require some additional
information from you in order to provide you with secure service.

Case ID Number: PP-766-695-887

This is a second reminder to log in to PayPal as soon as possible. Once you log
in, you will be provided with steps to restore your account access.

Be sure to log in securely by using the following link:
Click here to login and restore your account access

Once you log in, you will be provided with steps to restore your
account access. We appreciate your understanding as we work to ensure account
safety.

In accordance with PayPal’s User Agreement, your account access will remain
limited until the issue has been resolved. Unfortunately, if access to your
account remains limited for an extended period of time, it may result in further
limitations or eventual account closure. We encourage you to log in to your
PayPal account as soon as possible to help avoid this.

To review your account and some or all of the information that PayPal used to
make its decision to limit your account access, please visit the Resolution
Center. If, after reviewing your account information, you seek further
clarification regarding your account access, please contact PayPal by visiting
the Help Center and clicking “Contact Us”.

We thank you for your prompt attention to this matter. Please understand that
this is a security measure intended to help protect you and your account. We
apologize for any inconvenience.

Thanks,

PayPal Account Review Department

Please do not reply to this email. This mailbox is not monitored and you
will not receive a response. For assistance, log in to your PayPal account
and click the Help link in the top right corner of any PayPal page.

—————————————————————-
Copyright © 1999-2009 PayPal. All rights reserved.

PayPal Email ID PP522

The way to tell if this is a scam is by hovering over the links within the email body.  The URL that is exposed looks something like this:

http://www.paypal.com.0qrrxs8jmav.003elsvvwfve4jw6cyx2.com/cgi-bin/webscr/?login-dispatch&login_email=&ref=pp&login-processing=ok

As you can see, the actual domain name is: 003elsvvwfve4jw6cyx2.com, not paypal.com.  This is a sneaky attempt to disguise the real domain.

And as usual, they’ve disguised the “from” field with service@paypal.com.

This is just a warning to everyone.  I received an email this morning which appeared to be a message from Facebook, but in reality is just a scam.  The “from” field is disguised as service@facebook.com.  The way to tell is when you actually click on the reply button, the “reply to” email then changes to ferriess0@topfont.com.

Here’s how the email looked:

Hey steve,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team

Along with the email, came an attached file.  I’m assuming the attached file would unleash some sort of malicious virus onto your computer.

Nigerian 419 Scams?  Nope.  Now the scams are right in our backyard.

Today, I received this email:

Dear Website Owner,

65% of people searching the Internet will never find your web site unless you’re ranked on first page of Google, MSN, or Yahoo. If I help you obtain as much as 4 times more WEB traffic to your online business by promoting you to the first page of the search engines would you be interested?

Our company is on the first page when you search on Google for our primary search term “SEO Company.” We would like to do the same for your web site so you can come up for your main keywords as well? All of our processes use the most ethical “white hat” Search Engine Optimization techniques that will not get your website banned or penalized.

This special SEO program includes:

• No upfront fees
• A month-to-month program
• More traffic guaranteed

Please reply to my email and I would be happy to send you a proposal.
______________________________________________

Sincerely,
Cliff Blackwell
501 VERDUGO WAY
WESTLAKE VILLAGE , CA
91362 – USA

______________________________________________
Simply reply with opt out if not interested to hear from us.  

I try to check out all emails even if it ends up in the spam box because I figure you may eventually come across a legitimate offer.  In the past, I have done business with companies who have solicited me via email. 

With all offers like this, I do some research even before responding to the email.  Running a simple search on Google led me to a bunch of complaints regarding the same type of scammy email.  The verbiage is usually the same – sometimes they change the name, address and contact information.

Speaking of SEO scams, the company I currently work for was recently scammed by a company called Visible.net.  This was before I came into the picture, but they got scammed for about $6,000 within a couple of months.  My company tried to dispute the charges, but Visible.net fabricated a bunch of BS documents at the last minute.  Credit card companies don’t know crap about the SEO business, so it’s no surprise they bought the documents as proof.  Also, under the terms of contract, should there be any dispute, the client would agree to use an intermediary service chosen by Visible.net.  This intermediary service would probably end up costing more than the disputed charges, so no point.

There are 2 parties at fault here – Visible.net for being the scammer and the person at my company who failed to do their homework on Visible.net.

To make matters worse, these dirt bags post positive reviews on various review sites hoping to fool someone else.

For businesses seeking to hire a SEO company, my advice is:  Do your research!

• Just because they call you on the phone doesn’t mean they are legit!
• Just because they have a legit sounding company and domain name, doesn’t make them legit!
• Just because they tell you what you want to hear doesn’t make them legit!
• Just because they have a fancy looking website doesn’t make them legit!
• Just because they have some positive reviews doesn’t make them legit – it’s easy to make phony reviews!
• If their email address is using a different domain from their website, I would be suspicious.
• Check to see that their credentials are legit.

A good way to find some sincere reviews of companies is by reading forums.  If the forum is popular and well-maintained, more often than not, the reviews will be from real customers.