Scam emails and SMSs

[rpm]

Beware scam emails and SMSs

Numerous scam SMS and email messages flooding inboxes in SA.

 

[apogeeza]

BEWARE

And there is this one targeting ABSA customers (ABSA have not responded to the warning, it's as if they don't care)

it looks like this:

From [email protected] Mon Jan 11 15:25:41 2010 Received: from caiajhbihbdd.dreamhost.com ([208.97.187.133] helo=webmail3.g.dreamhost.com) 	by serve11.serve-hosting.net with esmtp (Exim 4.69) 	(envelope-from <[email protected]>) 	id 1NUKH5-0005QR-EQ 	for ; Mon, 11 Jan 2010 15:25:41 +0200 Received: by webmail3.g.dreamhost.com (Postfix, from userid 999) 	id 0558E142EF; Mon, 11 Jan 2010 05:25:37 -0800 (PST) To: undisclosed-recipients: ; Subject: Online Secure Update MIME-Version: 1.0 Date: Mon, 11 Jan 2010 05:25:37 -0800 From: Absa Bank <[email protected]> Organization: Absa Bank Reply-To: [email protected] Message-ID: <0de7687ee73589998515161c776dcf3f@localhost> X-Sender: [email protected] User-Agent: RoundCube Webmail/0.2-stable Content-Type: multipart/alternative; 	boundary="=_a240aacbff9542e5cec292df781c5503" X-Spam-Status: No, score=-1.5 X-Spam-Score: -14 X-Spam-Bar: - X-Spam-Flag: NO   --=_a240aacbff9542e5cec292df781c5503 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable    Dear Customer  Absa Bank have been receiving complaints from our Customers about unauthorised use of their Online Bank Accounts.  As a result we periodically review certain Customers' Accounts and temporarily restrict access to those which we=20  think are vulnerable to unauthorised use.  This message has been sent to you from Absa Bank because we have noticed some invalid login attempts into your account.  Due to this we are temporarily limiting and restricting your account access until we confirm your identity.  To confirm your identity and avoid limitations to your Online Banking Access,  Please click on this link [1]  ABSA BANK  =20  Links: ------ [1] http://abayomidaleko.com/abassrvn/index.php  --=_a240aacbff9542e5cec292df781c5503 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8"  <p>&nbsp;</p> <div> <pre> <span style=3D"font-family: Arial; color: #000000; font-size: x-small;"> <div> Dear Customer</div> <div> &nbsp;</div> <div> Absa Bank have been receiving complaints from our Customers about unauthori= sed use of their Online Bank Accounts.</div> <div> As a result we periodically review certain Customers' Accounts and temporar= ily restrict access to those which we </div> <div> think are vulnerable to unauthorised use.</div> <div> &nbsp;</div> <div> This message has been sent to you from Absa Bank because we have noticed so= me invalid login attempts into your account.</div> <div> Due to this we are temporarily limiting and restricting your account access=  until we confirm your identity.</div> <div> &nbsp;</div> <div> To confirm your identity and avoid limitations to your Online Banking Acces= s,</div> <div> <a href=3D"http://abayomidaleko.com/abassrvn/index.php"><span style=3D"colo= r: #0000ff;"><span style=3D"text-decoration: underline;">Please click on th= is link</span></span></a></div> <div> <span style=3D"color: #000000;">&nbsp;</span></div> <div> <span style=3D"color: #000000;"><strong>ABSA BANK</strong></span></div> </span> </pre> </div> --=_a240aacbff9542e5cec292df781c5503--

Dear Customer





Absa Bank have been receiving complaints from our Customers about unauthorised use of their Online Bank Accounts.


As a result we periodically review certain Customers' Accounts and temporarily restrict access to those which we


think are vulnerable to unauthorised use.





This message has been sent to you from Absa Bank because we have noticed some invalid login attempts into your account.


Due to this we are temporarily limiting and restricting your account access until we confirm your identity.





To confirm your identity and avoid limitations to your Online Banking Access,


Please click on this link

<a href=3D"[COLOR="Red"]http://abayomidaleko.com/abassrvn/index.php[/COLOR]"><span style=3D"colo= r: #0000ff;"><span style=3D"text-decoration: underline;">Please click on th= is link</span></span></a>

ABSA BANK

 

[The_Unbeliever]

Almost as if they know that the SA Consumer is not so clued-up.

 

[mime]

Crook spam

Do people actually still fall for this. I had a very intelligent colleague years back that got a email saying he won the UK lottery and had to pay thousands to get his money which he did pay. Making him aware that he never bought a lottery ticket was no help. He insisted that he must have won it through a Coca Cola competition somehow. Asking him to contact Coca Cola to make sure was no help either. he lost all the money of course and was furious.

Intelligence does not seem to prevent stupidity.:wtf:

 

[Antonf]

I received an SMS from +2782007005215701: "Think you can beat Sunshine Tour Pro golfers off your handicap at Pretoria Country Club in 2010? reply "yes" for FREE entry or go to www.vodachamps.co.za

Since Vodacom has repeatedly confirmed that they will never again send me such SMS I can only surmise it must be someone making them look like idiotic spammers. We all know Vodacom will NEVER spam anyone

 

[ToAsTeD]

And there is this one targeting ABSA customers (ABSA have not responded to the warning, it's as if they don't care)

it looks like this:

From [email protected] Mon Jan 11 15:25:41 2010 Received: from caiajhbihbdd.dreamhost.com ([208.97.187.133] helo=webmail3.g.dreamhost.com) 	by serve11.serve-hosting.net with esmtp (Exim 4.69) 	(envelope-from <[email protected]>) 	id 1NUKH5-0005QR-EQ 	for ; Mon, 11 Jan 2010 15:25:41 +0200 Received: by webmail3.g.dreamhost.com (Postfix, from userid 999) 	id 0558E142EF; Mon, 11 Jan 2010 05:25:37 -0800 (PST) To: undisclosed-recipients: ; Subject: Online Secure Update MIME-Version: 1.0 Date: Mon, 11 Jan 2010 05:25:37 -0800 From: Absa Bank <[email protected]> Organization: Absa Bank Reply-To: [email protected] Message-ID: <0de7687ee73589998515161c776dcf3f@localhost> X-Sender: [email protected] User-Agent: RoundCube Webmail/0.2-stable Content-Type: multipart/alternative; 	boundary="=_a240aacbff9542e5cec292df781c5503" X-Spam-Status: No, score=-1.5 X-Spam-Score: -14 X-Spam-Bar: - X-Spam-Flag: NO   --=_a240aacbff9542e5cec292df781c5503 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable    Dear Customer  Absa Bank have been receiving complaints from our Customers about unauthorised use of their Online Bank Accounts.  As a result we periodically review certain Customers' Accounts and temporarily restrict access to those which we=20  think are vulnerable to unauthorised use.  This message has been sent to you from Absa Bank because we have noticed some invalid login attempts into your account.  Due to this we are temporarily limiting and restricting your account access until we confirm your identity.  To confirm your identity and avoid limitations to your Online Banking Access,  Please click on this link [1]  ABSA BANK  =20  Links: ------ [1] http://abayomidaleko.com/abassrvn/index.php  --=_a240aacbff9542e5cec292df781c5503 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8"  <p>&nbsp;</p> <div> <pre> <span style=3D"font-family: Arial; color: #000000; font-size: x-small;"> <div> Dear Customer</div> <div> &nbsp;</div> <div> Absa Bank have been receiving complaints from our Customers about unauthori= sed use of their Online Bank Accounts.</div> <div> As a result we periodically review certain Customers' Accounts and temporar= ily restrict access to those which we </div> <div> think are vulnerable to unauthorised use.</div> <div> &nbsp;</div> <div> This message has been sent to you from Absa Bank because we have noticed so= me invalid login attempts into your account.</div> <div> Due to this we are temporarily limiting and restricting your account access=  until we confirm your identity.</div> <div> &nbsp;</div> <div> To confirm your identity and avoid limitations to your Online Banking Acces= s,</div> <div> <a href=3D"http://abayomidaleko.com/abassrvn/index.php"><span style=3D"colo= r: #0000ff;"><span style=3D"text-decoration: underline;">Please click on th= is link</span></span></a></div> <div> <span style=3D"color: #000000;">&nbsp;</span></div> <div> <span style=3D"color: #000000;"><strong>ABSA BANK</strong></span></div> </span> </pre> </div> --=_a240aacbff9542e5cec292df781c5503--

I receive this scam quite regularly. Passing it onto the abuse department at Absa, doesnt normally get a response. have sort of given up.

 

[zamicro]

New day, new tricks.

 

[serv_co_za]

Best would be to always CC the hosting provider so they can also stop the spam being sent via one of their customers in this case ours.

In most cases the hosting providers will always reply much faster than the service providers i.e. absa, cause their name is on the line as spam is being sent from their network.

Please forward abuse mail to [email protected] or [email protected]

*loving Google Alerts *

 

[The_Unbeliever]

Do people actually still fall for this. I had a very intelligent colleague years back that got a email saying he won the UK lottery and had to pay thousands to get his money which he did pay. Making him aware that he never bought a lottery ticket was no help. He insisted that he must have won it through a Coca Cola competition somehow. Asking him to contact Coca Cola to make sure was no help either. he lost all the money of course and was furious.

Intelligence does not seem to prevent stupidity.:wtf:

his own fault. he had all the evidence, yet ignored it in the hope to get something bigger.

 

[Avenue]

Do people actually still fall for this. I had a very intelligent colleague years back that got a email saying he won the UK lottery and had to pay thousands to get his money which he did pay. Making him aware that he never bought a lottery ticket was no help. He insisted that he must have won it through a Coca Cola competition somehow. Asking him to contact Coca Cola to make sure was no help either. he lost all the money of course and was furious.

Intelligence does not seem to prevent stupidity.:wtf:

yeah my uncle fell for one of those Nigerian- I want to move 30 million dollars into SA- scams..... twice!!!!!!!! :wtf:

 

[milomak]

i've been getting those absa emails quite religiously this past week

 

[Antonf]

i've been getting those absa emails quite religiously this past week

Me too... Haven't had an account with them for ages though... Then again, it does not harm to go and "log in" with a fictitious card number, PIN and very abusive password, or does it? :twisted:

 

[apogeeza]

Best would be to always CC the hosting provider so they can also stop the spam being sent via one of their customers in this case ours.

In most cases the hosting providers will always reply much faster than the service providers i.e. absa, cause their name is on the line as spam is being sent from their network.

Please forward abuse mail to [email protected] or [email protected]

*loving Google Alerts *

Guess what, Serv is my ISP. check the code which I left intact:
http://mybroadband.co.za/vb/showthread.php?p=3523937#post3523937


Dear Serv
Please filter that kind of SCAM mail BEFORE it reaches my Boxtrapper filter. Thanks.

(Duplicate of this request will be sent from Roundcube. Thanks.)

 

[apogeeza]

New one in my boxtrapper this morning, but webmail is not sending e-mail to serv support:

From [email protected] Wed Jan 13 11:02:55 2010
Received: from ns.sixbox.cz ([82.117.130.180])
	by serve11.serve-hosting.net with esmtp (Exim 4.69)
	(envelope-from <[email protected]>)
	id 1NUz7u-00068h-G7
	for ; Wed, 13 Jan 2010 11:02:55 +0200
Received: from localhost (ns.sixbox.cz [127.0.0.1])
	by ns.sixbox.cz (Postfix) with ESMTP id A745629F9C3;
	Wed, 13 Jan 2010 09:42:28 +0100 (CET)
X-Virus-Scanned: amavisd-new at sixbox.cz
Received: from ns.sixbox.cz ([127.0.0.1])
	by localhost (ns.sixbox.cz [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id NVSLScnE7Qkn; Wed, 13 Jan 2010 09:42:27 +0100 (CET)
Received: by ns.sixbox.cz (Postfix, from userid 48)
	id 1460D29FB61; Wed, 13 Jan 2010 09:39:31 +0100 (CET)
Received: from 41.211.230.253
        (SquirrelMail authenticated user [email protected])
        by webmail.sixbox.cz with HTTP;
        Wed, 13 Jan 2010 09:39:30 +0100 (CET)
Message-ID: <[email protected]>
Date: Wed, 13 Jan 2010 09:39:30 +0100 (CET)
Subject: Attention: New Security Program 
From: "Absa Bank" <[email protected]>
User-Agent: SquirrelMail/1.4.8-4.0.1.el4.centos
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
X-Priority: 3 (Normal)
Importance: Normal
To: undisclosed-recipients:;
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-2.0
X-Spam-Score: -19
X-Spam-Bar: --
X-Spam-Flag: NO





Dear Customer,




G-Data Internet Security 2010

We are happy to introduce our latest security software for 2010 online
account user called  G-Data Security 2010. G-Data Internet Security 2010
is one-user license with the below features.

Combination of Avast and BitDefender antivirus engines
highest detection of Trojan horses, worms, password-stealers, and other
nasties
This product in AV-Test extensive malware-detection tests that combinatio=
n
worked and will protect you from any unwanted material in your computer.

Click Below

http://64.23.111.106/renew_absa/Main.html

 and run this program-softwares automatically or you can visit any of
branch for the G-Data Internet Security 2010.

Security Team
Absa Bank

Dear Customer,




G-Data Internet Security 2010

We are happy to introduce our latest security software for 2010 online
account user called G-Data Security 2010. G-Data Internet Security 2010
is one-user license with the below features.

Combination of Avast and BitDefender antivirus engines
highest detection of Trojan horses, worms, password-stealers, and other
nasties
This product in AV-Test extensive malware-detection tests that combination
worked and will protect you from any unwanted material in your computer.

Click Below

http://64.23.111.106/renew_absa/Main.html

and run this program-softwares automatically or you can visit any of
branch for the G-Data Internet Security 2010.

Security Team
Absa Bank

 

[diabolus]

At least Gmail is religiously filtering [placing it into my spam folder] most of this crap. I did however receive an exceptional amount of lottery win emails [from Shell / UK / Yahoo / etc] in the last 2 weeks, which i promptly reported and wiped.

Having a look at my gmail spam folder, i noticed a massive increase in ABSA phishing mail scams, but it all skips my inbox...google already knows how to go through my private email and how to filter them

 

[porchrat]

At least Gmail is religiously filtering [placing it into my spam folder] most of this crap. I did however receive an exceptional amount of lottery win emails [from Shell / UK / Yahoo / etc] in the last 2 weeks, which i promptly reported and wiped.

Having a look at my gmail spam folder, i noticed a massive increase in ABSA phishing mail scams, but it all skips my inbox...google already knows how to go through my private email and how to filter them

Also perhaps some of the Chinese spies that are looking at the contents of your gmail account might fall for one of these scams while they are snooping around. Win-win situation.

 

[milomak]

Then again, it does not harm to go and "log in" with a fictitious card number, PIN and very abusive password, or does it? :twisted:

That's what I also did

 

[KhoisanX]

At least Gmail is religiously filtering [placing it into my spam folder] most of this crap. I did however receive an exceptional amount of lottery win emails [from Shell / UK / Yahoo / etc] in the last 2 weeks, which i promptly reported and wiped.

Having a look at my gmail spam folder, i noticed a massive increase in ABSA phishing mail scams, but it all skips my inbox...google already knows how to go through my private email and how to filter them

Where are these ABSA e-mails coming from, i.e. why are they from [email protected]?

 

[cybersect [clone of Skeptik]]

Where are these ABSA e-mails coming from, i.e. why are they from [email protected]?

You can use intertube mail server to pretend you are another domain. Rogue tube server configured by naughty clever ppl.

 

[mika1000]

I've received about fifty ABSA emails aswell. It's very laughable, as I don't bank with ABSA. Forwarded them all to ABSA, and then delete them.


"Dear Value Absa Customer :

True to our promise to keep your internet banking account safe
and secure from fraudsters,our online security team has
discovered some foreign ip Log Ons to your account from
the following IPs : 812.164.72.212 ,195.93.21.10,
201.6.121.78.

Due to this,your internet banking has been blocked for
your safety until you confirm your IP address.

Confirm Your IP Address

Please understand that this is a new security measure brought in to Absa
for the security of your internet banking activities.

From ABSA [email protected]"


Its so silly, its funny!