Scam of the day – December 20, 2014 – Latest phishing emails

Phishing emails by which an identity thief sends you an email that purports to be from a trusted source, such as your email provider or bank in which you are instructed to click on a link in order to resolve a major problem is a common and effective way for identity thieves to get you to unwittingly install keystroke logging malware on to your computer that will steal your personal information from your computer and use it to make you a victim of identity theft.  In a more advanced form of phishing called “spear phishing” the email may be directed to you by name and have other information that can fool you into believing that the email is legitimate.  Spear phishing has resulted in many of the major data breaches in the past year including Target and possibly Sony.

Here are some examples of some phishing email commonly circulating.  DO NOT CLICK ON THE LINKS.

“Your mailbox has exceeded the storage limit of 1 GB. You can not receive new messages until you update your mailbox. CLICK HERE to update.
Thank you
Aol Team!”

“Dear Aol User,

Your Account needs to be updated to enable your account work properly, Aol is doing upgrades to all users to keep there account safe from viruses and hacking.

Please CLICK HERE to upgrade now and continue to enjoy the benefits and services of Aol Mail.

Privacy Policy | Terms of Use | Security Tip
Copyright © in 2014 All rights reserved.”

“The Mail Team

Dear Customer,
Your incoming messages were placed on pending due to our recent upgrade.
You have 1 new Security message From Wells Fargo Bank.Click the secure link below to confirm your account.

Security Adviser, ATM/debit card number.
Copyright © 1999 – 2014 Wells Fargo. All rights reserved. NMLSR ID 399801.”

“We believe you have violated either the Terms of Service, product-specific Terms of Service (available on the product page),or product-specific policies.Please view all violated Terms below

Violated Terms Of Service”


Trust me, you can’t trust anyone!  These particular phishing emails are pretty rudimentary.  Not only does your name not appear in the email, but the email addresses from where they were sent does not reflect that it was sent by AOL or Wells Fargo as represented in the email.  Rather, the email addresses from which these emails were sent are those of innocent people whose email accounts have been hijacked by the identity thieves and made a part of a botnet by which these phishing emails are sent.  Never click on a link or download an attachment from anyone unless your absolutely sure that it is legitimate. Even if the email appears to come from a legitimate company or someone you trust and even if the email addresses you by name, you should not click on the link until you have confirmed that the email and link are legitimate.  Identity thieves can hijack the email accounts of your friends or make the address of the sender appear to be legitimate.


Scam of the day – January 7, 2014 – Latest AOL scam

Phishing scams often take the form of emails that you receive that appear to be legitimate and require you to click on a link contained in the email for various reasons which also may appear legitimate.  However, in the case of phishing emails, if you click on the link, you will only succeed in doing one of two things, both of which are bad.  In one type of email, you will be taken to another page where you will be prompted to provide personal information which will then be used to make you a victim of identity theft.  The second bad thing that can happen if you click on a link in a phishing email is that by clicking on the link, you will unwittingly download keystroke logging malware that can steal all of the information from your computer, laptop, smartphone, tablet or other device and use that information to make you a victim of identity theft.

Here is a phishing email that is presently being sent that purports to be from America Online (AOL), but it is not.  It is a phishing scam.  DO NOT CLICK ON THE LINK.


Your two incoming mails were placed on pending status due to the recent upgrade to our database,
In order to receive the messages Click here to login and wait for responds from Aol Team.
We apologies for any inconvenience and appreciate your understanding.
Regards, Aol Team.


There are a couple of telltale signs that this is a scam.  People receiving this email do not have their name appear in the salutation and if you click on the details section of your email, you will see that the email did not come from AOL, but instead came from a botnet which is a network of zombie computers taken over by hackers to spread this type of material.  Check the archives of Scamicide or “50 Ways to Protect Your Identity in a Digital Age” for more information about botnets.

In any event, as I have told you many times, even if you think the email is legitimate, you should never click on a link in an email unless you are absolutely sure that it is, in fact, legitimate.  Because you can never be sure who is actually sending you an email, if you are an AOL subscriber who has the slightest thought that this email might be legitimate, call AOL at a customer service number that you know is accurate to confirm that it is merely a scam.