I run and/or host lots of other domains than my own.  This one in particular is for a non-profit organization and the domain ends in an “s” (plural).  A couple of weeks ago I started getting emails from this place called Intrust Domains informing me that the domain without the “s”on the end was soon coming up for auction, or some crap like that.  I deleted the first few, “like, whatever,” but they kept emailing me every.day.  The emails claimed there was a similar domain to mine going up for auction and if I’m interested I should click a link and then “if you don’t want business proposals like this one, click” this link.  I finally figured what the heck, they were emailing me constantly anyway, so I clicked the unsubscribe link twice.  It gave me confirmation that I had been unsubscribed, yet the emails continued.  I started replying to them requesting they unsubscribe me that I do not want the domain and then I even filled out the quote form telling them I’d pay $0 for the domain and please unsubscribe me.  Finally, I filled out the FTC complaint form for spam.

Then I finally got a chance to Google.  Turns out, these guys aren’t just insanely annoying and rude, they’re scammers, too.  Looks like they will  typically sell a “back order” of a domain to people for an amount such as $69 then when they obtain the domain after expiration, will turn around and sell it to the highest bidder, despite people already having paid money on a domain they are not informed that they are not the highest bidder or that other people can also back order the same domain.  I was also reading reports where they have gotten a bit of interest from a potential customer on a domain and after obtaining the domain, despite not being in contract with that person, have started billing them and harassing them for money.  Probably when their “highest bidder” backs out.  Of course, a lot of people seem to have the impression that there’s no real “highest bidder” but that it’s all in company, that they’re just trying to get more money.

So if the inability to unsubscribe from their constant emails didn’t tip you off, by now you should know to stay away, these guys are shady!  The most recent email I got from them was different, too, the guy tells me he knows I’ve been in contact with “Alex” and “Lynn” and that he wanted to remind me that the auction on this domain ends tomorrow.  Yes, I have been in contact with them, telling them to leave me alone!  I hope that the “auction” really does end tomorrow and that they will stop emailing me.

What’s really interesting, too, is that the domain they are trying to push on me is kind of specialized, I don’t know why it would be registered in the first place unless they registered it just in the hopes of selling it to me for an exorbitant amount of money!

Editing to add that the “auction” has now ended and they emailed me again that “good news, you can buy this domain!”  If I click their page, it shows me that I can buy the domain that was supposedly auctioned off today for $400.  Well, woohoo.  I can now buy a domain for $400 that I have told them repeatedly that I don’t want.  Yay.

FEDERAL BUREAU OF INVESTIGATION SEEKING TO WIRETAP THE INTERNET.

ROBERT MUELLER III
EXECUTIVE DIRECTOR FBI
FEDERAL BUREAU OF INVESTIGATION FBI.WASHINGTON DC.
Email: fbi.state-gov@live.com
FBI SEEKING TO WIRETAP INTERNET
FEDERAL BUREAU OF INVESTIGATION SEEKING TO WIRETAP THE INTERNET.

Attn: sir,

We believe that this notification meets you in a very good present state of mind and health. We the Federal bureau of investigation (FBI) in conjunction with some other relevant Investigation Agencies here in the United states of America have recently been informed through our Global intelligence monitoring network that you presently have a transaction going on with you and Dr Usman Shamsudeen as regards to your payment which was fully endorsed in your favor accordingly.

They further informed us that we should warn our dear citizens who must have been informed of the payment, which was awarded to them from the Dr Usman Shamsudeen, to be very careful prior to these irregularities so that they don’t fall victim to this ugly circumstance. And in case you are already dealing with anybody or office claiming to be from the Central Bank of Nigeria, you are further advised to STOP further contact with them in your best interest and then contact immediately the real office of the Offices only with the below information’s accordingly:

Dr Usman Shamsudeen
Email: drusman_shamsudeen31@yahoo.dk
TEL: +234- 702-542-8716

NOTE: In your best interest, any message that doesn’t come from the above official email address and phone numbers should not be replied to and should be disregarded accordingly for security reasons. Meanwhile, we will advise that you contact the Dr Usman Shamsudeen office immediately with the above email address and request that they attend to you payment file as directed so as to enable you receive your fund accordingly.

Ensure you follow all their procedure as may be required by them as that will further help hasten up the whole procedures as regards to the release of your fund to you as designated. Also have in mind that the Dr Usman Shamsudeen equally has their own protocol of operation as stipulated on there banking terms, so delay could be very dangerous. Once again, we will advise that you contact them with the above email address and make sure you forward to them all the necessary information’s which they may require from you prior to the release of your fund to you accordingly.

All modalities has already been worked out even before you were contacted and note that we will be monitoring all your dealings with them as you proceed so you don’t have anything to worry about. All we require from you henceforth is an update so as to enable us be on track with you and the Dr Usman Shamsudeen. Without wasting much time, will want you to contact them immediately with the above email address so as to enable them attend to your case accordingly without any further delay as time is already running out.

If you are in need of any more information’s in regards to this notification, feel free to get back to us so that we can brief you more as we are here to guide you during and after this project has been completely perfected and you have received your fund as stated. Thank you very much for your anticipated co-operation in advance as we earnestly await your urgent response to this matter.

BEST REGARDS
Robert S. Mueller III
Federal Bureau of Investigation
J. Edgar Hoover Building
935 Pennsylvania Avenue,
NW Washington, D.C.
20535-0001, USA
Email: fbi.state-gov@live.com

CONFIDENTIALITY NOTICE: This communication and its attachments may contain non-public, confidential or legally privileged information. The unlawful interception, use or disclosure of such information is prohibited. If you are not the intended recipient, or have received this communication in error, please notify the sender immediately by reply email and delete all copies of this communication and attachments without reading or saving them.

BEST REGARDS

Robert S. Mueller III
Federal Bureau of Investigation
J. Edgar Hoover Building
935 Pennsylvania Avenue,
NW Washington, D.C.
20535-0001, USA

CONFIDENTIALITY NOTICE: This communication and its attachments may contain non-public, confidential or legally privileged information. The unlawful interception, use or disclosure of such information is prohibited. If you are not the intended recipient, or have received this communication in error, please notify the sender immediately by reply email and delete all copies of this communication and attachments without reading or saving them.

Ohhh, I love it.

Yeah, because the FBI always works “in conjunction with some other relevant Investigation Agency here in the United states of America” and because the FBI is very interested in seeing that I get *my* money, and because the FBI always emails and inquires about your health rather than busting down doors, AND because the FBI always uses a live.com email address… rofl!!

You Have One New Private Message.

To view your message, please download the form attached to this email and open it in a web browser.

Thank you, Pay,Pal.

And a file – PP-ACC.html – was attached.

There’s no virus in the file or anything like that but if you download it and run it, you’re presented with a contact form, of sorts:

So it looks pretty professional, but it’s running from your hard drive and if you fill out the form and submit it, it uses http://sosetephpone.com/tmp/bar-on.php or possibly http://sosetephpone.com/tmp/netsol-form.php to process. So if you send the form through, you’re sending all your info to those people – then you’re redirected to PayPal’s About Us page. (I did send the form through with false information telling them how much they sucked after removing the verification part of the code from the html so it would send through whatever I want. Otherwise, it tries to prompt you to enter in a valid pin, etc.)

Of course, we know from the email itself that this is NOT from PayPal. Remember, you can always tell right away because PayPal will ALWAYS ALWAYS address you as Dear First Name Last Name….

If you got this email, just spam it and/or delete it. And don’t fret, they don’t have your info already!

This has been another public service announcement, brought to you by the letters S, F, and the number 4.

Dear SBCGLOBAL ACCOUNT OWNER,

This message is from the Online Sbcglobal Team to all at^t account owners. We are currently upgrading on our web/data base and carrying out maintenances of all our Sbcglobal e-mail accounts due to error Atsb47658. in order to reduce the rate of spam mails. We are also deleting all unused at^t Account to create more space for new accounts.

To prevent your Account from being closed unnecessarily, you will have to update us with the following informations below in order to know that it’s a present used account and to also facilitate maintenance operation.

CONFIRM YOUR EMAIL IDENTITY BELOW :accountteam001@gmail.com
1.Full Email Address :::
2.password:::
3.age/country:::
4.date of birth:::
5.First name/Last name:::
Warning Code:VX2G99AAJ

Warning!!! Account owner that refuses to update his or her
account within Seven days of receiving this warning will
lose his or her account permanently.
Warning Code:VX2G99AAJ

Sbcglobal(at^t).DatatBase Centre
Thanks For Using the SBCGLOBAL.

There are so many things wrong with that, I don’t know where to begin! Let’s start with the Gmail address! Do you think that if ATT really needed me to reply with some info that they’d use a Gmail address!!?!?!?! Say it with me: roflmfbo!!!

And I love how they say they’re deleting accounts to make room for new accounts!

They’re not to subtil either, they’ve really gone to harrassing me, I’ve gotten this email and others that are very similar about 6 times in a matter of 3 days. Here’s another one:

Account Department!

SBCGLOBAL WEBMASTER COMMUNICATIONS

Upgrade/Maintenance All webmail Accounts Holders

We regret to announce to you that we will be making some system maintenance on our sbcglobal.net Web mail account. During this process you might have login problems in signing into your sbcglobal.net Web mail account, but to prevent this you have to confirm your account immediately after you receive this notification.

To confirm and to keep your sbcglobal.net web mail active during and after this process, please reply to this message with the below Web mail account information. Failure to do this might cause a permanent deactivation of your Web mail account from our data base to enable us create more spaces for the 2009 session.

Send your Web mail account for confirmation stating:

*sbcglobal.net Login ID:
* Password:
* Date of Birth:

Your account shall remain active after you have successfully confirmed your account details. We thank you for your prompt attention to this
notification.

Please understand that this is a security measure intended to help protect your Web mail account.

We apologize for any inconvenience.

SBCGLOBAL COMMUNICATIONS HELP DESK

—————————————————————-
This message was sent using IMP, the Internet Messaging Program.

Yeah because I’m THAT stupid I’m going to send them my password.

I love how that one has a signature stating the message was sent using IMP because everyone knows that ATT and Yahoo employ use of IMP that requires a sponsorship link.

The only other spam in my box right now states that if I don’t respond to the Nigerian money scam email, I am dead. Oooooh, lyke, I’m so scared ryght.

Oh, and “Thanks For Using the SBCGLOBAL.”

Yesterday I listed my SLR camera on Craigslist. Since I have a dSLR now and the fact that I haven’t shot much film since 2004 anyway, Steve insists I try to sell it (even though I don’t want to). Anyway, within hours, I had an email from someone who was asking if it was still for sale, that it would make a great Christmas gift. Nothing about the email was suspicious, or the emails following where we discussed payment and shipping, etc.

Some might say the whole idea of shipping things with Craigslist is strange, but I actually live an hour away from the area I “subscribe” to with Craigslist, so I don’t have a problem shipping things. I always mention that I can meet the people in such-and-such areas or ship but since I often get responses from people who are on the North end of the area and I on the South end, if the item’s shippable, I assume that’s what’s gonna happen.

So the guy ends up telling me that it will be a gift for his son who’s away in college that I ship it there. I really don’t think anything of it because, again, it’s Christmastime and there was nothing red-flaggy about the emails.

But when I got the payment email this morning, I knew right away it was a scam. How?

– He “paid” me for $200 when I was asking $125 for the camera and a max of $12 for shipping.

Anytime someone sends you more money than what you are asking for, it’s a scam. I’ve never heard of this NOT being a scam.
A friend of mine who I do her website and she breeds dogs recently had this happen. Actually, I just called to verify and they’ve had it happen in excess of nine times now. Of course, it was only the first guy that got the farthest, the others were nipped in the bud right away. But basically, someone sent them a check for more than twice the cost of the dog and shipping and they were supposed to cash the check (which turned out to be a legitimate check, stolen from an airline) and give the difference to the courier who was supposedly coming to pick up the dog. Of course, if it all went to the scammer’s plan, they would have lost the dog and been out all the money when the check came back bad.

If someone sends you a check/cashier’s check/money order for than what you’re asking for and what has been agreed upon, report it right away. If the check looks legitimate, call the company or person on the check and verify. That’s how my friends found out the check was stolen, and the airline was very happy to hear where it ended up. If it comes from PayPal and it’s really in your account, report it to PayPal immediately.

– The email didn’t address me by name, it said dear [email address]

PayPal will ALWAYS address you by name. Never “dear member” or “dear anything else” – ALWAYS by your name that you have on the account. The ONLY time I have received mail from PayPal that didn’t have my name on it was when I forwarded this spoof email to spoof@paypal.com and got a response that it was fraud and thanks for forwarding it. Then they responded with Dear name that appeared on my outgoing email, aka my company name.

So any time you get an email from “PayPal” that doesn’t address you by name, just delete it, it’s fake!

– The subject line of the email was non-PayPal-typical, every word was capitalized and it had misspellings and said it was a payment for an “auction.”

Proper PayPal emails actually spell things right and usually follow the same format that is to say, basically, “Notification of Payment Received from [name] [(email address)].”

– The email header image was not the one that PayPal uses for payment notifications.

This good:

(followed by solid blue line)

This bad:

– Email said it was from Service@paypal.com

Also a dead giveaway. The email claims to be from service@paypal.com but it’s actually from some address at mail2pal.com which is apparently a free email service much like Yahoo or Hotmail.

– Shipping address was:
Name: Kevin Innocent F.
Address: #26 Peter Okoye Street Uwani,
City: ENUGU,
State: ENUGU STATE,
Zip Code: 400001
Country: NIGERIA

Need I really say more?
Now I don’t know that that’s a real address or not (Engu is a real city, the capital) but, well, I feel sorry for those legitimate Nigerians ’cause those scammers really have ruined it for them. I am very wary of anything that claims to be from Nigeria. That’s just the way it is.

But let’s say I’ve fallen for the scam? And I do ship to Nigeria? Then not only have I lost any income, but I’ve lost the camera, AND I’ve spent a buttload of money in shipping. I have a friend who was a missionary to Nigeria and now is in Niger, trust me, it’s not cheap!

– Besides all that, the bottom of the email said:

This PayPal. payment has been deducted from the buyer’s account and has been “APPROVED”but will not be credited to your account until the shipment reference/tracking number is sent to us for shipment verification and this is done to secure both the buyer and the seller against any fraudulent activities. Below are the necessary information requested before your account will be credited. Send tracking number to us or email us through this Mail paypal_service@mail2pal.com our customer service care will attend to you. As soon as you send us the shipment’s tracking number the money will be credited to your account and this is done for security purposes and the safety of the buyer and the seller.

This payment is Approved but it will stand as payment pending until we receive the shipment reference/tracking number from you.

First off, not only can you note that that paragraph has bad grammar, spacing, punctuation, etc. Second, note the bad email address to you. And third, it’s their last ditch effort to get you to fall for it. Let’s say you’ve been iffy so far. You read this paragraph and go, oh, that’s why there’s no money in my PayPal account yet.

No, it will never be in your account! Real PayPal payment notifications say this on the bottom: “Have you lifted your withdrawal and receiving limits? Just log in to your PayPal account and click View Limits on the Account Overview page. Sincerely, PayPal” At least mine do. But even beyond that, the rest of the email is just clearly not legitimate. Here is the email I got alongside an actual one I received yesterday:

You’ll have to click to get the full images.
I’m sure if you really picked at it you’ll find more reasons the email is not legitimate. Also, sorry for the pixelation, but gotta have privacy. :)

So, anyway, just another reminder, be careful out there! They wouldn’t try to pull this crap if it wasn’t productive to them on some level. And always remember, don’t just click on links in emails claiming to be from PayPal, mouse over them and see what the link really is. But more importantly, just open a new browser window/tab and type in paypal.com.

And in conclusion for me, I’m not out anything. I wasn’t going to mail anything until the money was in my account completely from PayPal anyway.

So I click through and it doesn’t even ask me for a password and I get to my inbox and read the message. The full thing reads:

Quick question: have you been happy with your experience on OkCupid? I ask because I just noticed that you haven’t answered any match questions and you’re probably not showing up in people’s searches as much as you could be if you answered even just a few. (which you can do right here.)

Anyway, I’d love to get any feedback you might have on how we can make OkCupid better for you. It would be especially good to know if answering match questions helps you find better matches.

So I assume it’s from an admin/creator of the site and I’m left thinking two things. 1) Good, I’m glad I’m not showing up in searches and 2) Who the crap signed me up for OkCupid???

The email came to the address I only use with this website. It’s where my comments arrive and from where I answer if I don’t know the person and need to reply. So I go to reply to the message, right, and OkCupid tells me it won’t deliver my message until I answer some questions towards my profile. So I have to do that, too. I respond to the message with “I didn’t even know I had an OkCupid account. I’m married.” Quite happy, too, I might add!

So then I surf around. The site has my name, my age, my basic location (though not exact, within an hour of me) and it says I’ve taken one test. At this point, I’m thinking someone was playing a joke on me and signed me up for this. It takes me a bit but then I find out what test I supposedly took.

Guess what? I DID take that test.

Recently, a very dear blog friend whom I love very much posted the results of a quiz she took. I was late to the party but a few days ago, I took the test, too., but never commented about my results ’cause her comments were already closed. So I realize now that the other day I read too fast and didn’t have to sign up for an account to see my results, but I did. Only, that was on helloquizzy.com, NOT OkCupid. So who’s doing the screwing around? I’m looking at the same signup form again and I don’t see ANYWHERE where it tells you that by getting a helloquizzy account you’ll also end up with an OkCupid. It says you can log in with an existing OkCupid account if you want but that’s it. There’s also a section, I notice, that says it’s for pretty graphs and it asks you what your sexual orientation is, your status in a relationship (or not), and your location.

So then, apparently, helloquizzy takes this information that you supplied to them for a helloquizzy account (including that info that’s just for graphs) and then transfers it right over to OkCupid and signs you up for an account whether you want one or not without notifying you!

Isn’t that just downright dirty?

I think so.

So yeah, then, because I’m completely bored and watching Men In Black right now, I come to blog it. Whatever. Off to find account deleting information now for both helloquizzy and OkCupid.

Addendum: Oh, nice. When deleting my OkCupid site, it said to me: “Leaving already? We’re sorry to see you go. It’s a big, scary Internet out there. Stop back soon!” Uh… big, scary Internet? What the heck??