Internet Fraud

[pixel]

Warning!
This is a new one - at least to me.
Received an email from Westpac - yeah, right!

Subject: Westpac Bank Survey

Westpac Bank will add $35.00 AUD credit to your account just for taking part
in our quick 5 question survey.
Download Survey and complete the form. It`s fast and easy!

I've opened the attached html file with Notepad instead the Browser; and analysed it.
Surprise, surprise: It asks some silly questions about Internet speeds, followed by your name and address, Credit card details - so they can give you the $35, of course - and, for verification purposes, your mother's maiden name and the place you were born.

If it hadn't been sent to an email address of mine that's NOT aligned with Westpac, I might easily have fallen for it. Instead, I forwarded it to online@westpac.com.au

 

[Julia]

Would a bank like Westpac ever offer customers a fee for completing a survey?

 

[noco]

Warning!
This is a new one - at least to me.
Received an email from Westpac - yeah, right!
I've opened the attached html file with Notepad instead the Browser; and analysed it.
Surprise, surprise: It asks some silly questions about Internet speeds, followed by your name and address, Credit card details - so they can give you the $35, of course - and, for verification purposes, your mother's maiden name and the place you were born.

If it hadn't been sent to an email address of mine that's NOT aligned with Westpac, I might easily have fallen for it. Instead, I forwarded it to online@westpac.com.au

I had a similar one from the Bank of St. George.

 

[noco]

CHECK YOUR RECEIPTS BEFORE LEAVING THE CHECK-OUT

They do not automatically hand you a receipt anymore if the sale is under $30. you must ask for it



An associate bought a heap of stuff the other day while on holidaying in Melbourne (over $450), & when he glanced at his receipt as the cashier was handing him the bags. He saw cash out of $20.
He told her he didn't request any cash and to delete it. She said he'd have to take the $20 because she couldn't delete it.
He told her to call a supervisor. Supervisor came and said he'd have to take it.. he said “NO Bloody way!”
Because taking the $20 would be a “cash advance” against his Credit card and he wasn't paying interest on a cash advance!!!!!
If they couldn't delete it then they would have to delete the whole order.
So the supervisor had the cashier delete the whole order and re-scan everything!
The second time he looked at the electronic pad before he pinned in his number and again cash-back of $20 popped.
At that point he told the cashier and she deleted it. The total then came out right.
The cashier said that the Electronic Pad must be defective. Obviously the cashier knew the electronic pad was defective because she NEVER offered him any cash after either of the transactions.
Can you imagine how many people went through before him and by the end of her shift how much money she pocketed?
His wife went into a “Coles Warehouse” last week. She had her items rung up by the cashier. The cashier hurried her along and didn't give her a receipt. She asked the cashier for the receipt and the cashier seemed annoyed but gave it to her.
She didn't look at her receipt until later that night when back at their Hotel. The receipt showed that she had asked for $20 cash.

SHE DID NOT ASK FOR ANY CASH, NOR WAS SHE GIVEN IT!
So she called “Coles” who investigated but could not see the cashier pocket the money.
When back in NZ they then spoke with a friend who works for one of the banks; they told them that this was a “new scam” that was bound to come to NZ, especially around Christmas time.
The cashier will key in that you asked for cash and then hand it to one of her friends when they next come through the check-out queue.
This is NOT limited to Coles; they are just one of the largest retailers so have the most incidents.
I wonder how many "seniors" have been, or will be, "stung" by this one ?????
To make matters worse .... THIS SCAM CAN BE DONE ANYWHERE, AT ANY RETAIL OR WHOLESALE LOCATION!!!
IT COULD HAPPEN ANYWHERE. CHECK YOUR RECEIPT BEFORE LEAVING THE CHECK-OUT. ......... CHECK YOUR RECEIPT!!!!!.
I've since seen people do just that…... SO NOW START!
PASS THIS ON TO YOUR FRIENDS, KIDS, LOVED ONES - let’s not get ripped off.

 

[pixel]

Would a bank like Westpac ever offer customers a fee for completing a survey?

Unlikely, Julia; and I made the point in my fwd to online@westpac.com.au: It's out of character.
What's possible though is this: you find an attachment and open it - because that's the usual way how Westpac send out contract notes. If you do that and see what looks like a genuine Westpac page, you may easily start typing. They don't even ask you to logon.

 

[skc]

CHECK YOUR RECEIPTS BEFORE LEAVING THE CHECK-OUT


SHE DID NOT ASK FOR ANY CASH, NOR WAS SHE GIVEN IT!
So she called “Coles” who investigated but could not see the cashier pocket the money.
When back in NZ they then spoke with a friend who works for one of the banks; they told them that this was a “new scam” that was bound to come to NZ, especially around Christmas time.
The cashier will key in that you asked for cash and then hand it to one of her friends when they next come through the check-out queue.

This is relatively smart but also not likely to last... it seems pretty easy to trace as long as a few customers report unauthorised cash out on the same check out chick...

 

[captain black]

CHECK YOUR RECEIPTS BEFORE LEAVING THE CHECK-OUT

This particular email warning began in the US back in 2004, spread to the UK and is now doing the rounds in Australia.

http://www.hoax-slayer.com/cash-back-scam-warning.shtml

 

[AubreyThompson]

Yes, I don't really feel comfortable letting just anybody have a copy of my license, particularly a pub. What do they need to keep it for?

Do the pubs and clubs refuse entry if you choose not to give them your license?

what I do to avoid this, "better pay in cash", they will never ask anything from you if you pay in cash.

 

[young-gun]

Would a bank like Westpac ever offer customers a fee for completing a survey?

Would any bank give you any amount of money for doing anything other than giving them your hard earned cash into a term deposit?

 

[young-gun]

I have never actually received any fraudulent, scam emails(although i do get A LOT of emails trying to sell me little blue pills). I'm just curious as to how these people get your email address? Do some users mistakenly click on phishing links? or do they enter their email into a lot of subscriptions and things of this nature? surely you would have to give your email out to the wrong person at some point UNLESS these fraudsters are hacking email address - which is probably quite likely.

I like to think I'm pretty careful and yet i still get a hell of a lot of spam, however 99% of the time this winds up in my junk box.

Just curious is all.

 

[bellenuit]

I have never actually received any fraudulent, scam emails(although i do get A LOT of emails trying to sell me little blue pills). I'm just curious as to how these people get your email address? Do some users mistakenly click on phishing links? or do they enter their email into a lot of subscriptions and things of this nature? surely you would have to give your email out to the wrong person at some point UNLESS these fraudsters are hacking email address - which is probably quite likely.

I like to think I'm pretty careful and yet i still get a hell of a lot of spam, however 99% of the time this winds up in my junk box.

Just curious is all.

I tend to be fairly choosy in who I give my email addresses to. I have a rubbish email address that I use for most websites that insist on an email address or for promotional offers that I know are going to be followed up by regular spam. I have another email address that I use just for financial sites and never use anywhere else. I also have a third email address for friends and family. Although I try to keep access to the latter limited, I have a few (dumb) friends who constantly respond to the frequent "alert emails" that warn of a virus and at the end ask you to forward the note to "EVERYONE YOU KNOW". I'm sure that these alerts are one of the means the spammers harvest addresses. If your friend has included you on the address list of one of these and forwards it on to you and the others, then there is the potential when one of the others likewise forwards the email on for your email address to be now in hundreds of emails of people you do not know.

Another trick is a machine that generates millions of email address (almost 99% invalid) and sends some email or other to all these people. Invalid email addresses will get a response from the server saying the address is invalid, so they can then exclude these. Of the others, they know they are probably valid but are not sure if they are actively used. Should anyone of these recipients respond to the email, perhaps simply to ask to be taken off the email list, then they know that those are both valid and active email addresses.

 

[awg]

Yes. I have 5 email accounts like the previous poster, to identify and filter spam.

Yes. I have recieved a bank survey questionaire..(mine was only $5 for Rabo)

I take other precautions, and have not had any trouble.

Until I signed with Apple Itunes.

My account was instantly hacked and my credit card defrauded.

I had to cancel the card.

This fraud is very commonplace, but no-one will tell you anything

 

[pixel]

I'm just curious as to how these people get your email address? Do some users mistakenly click on phishing links? or do they enter their email into a lot of subscriptions and things of this nature?
Just curious is all.

Have you ever received one of these funny/ funky/ smoochy/ pious emails that urge you to forward them to your friends?
Many forward them with previous distribution lists still inside. Even if you delete them, the person that sent one to you did so openly to all their contacts. It only takes one to do as told...
In some cases - e.g. collections of signatures in support of some worthy cause - you even have to place your name and email at the bottom of a long list that is then sent to Ban Ki Moon.
Well - imagine the return address is given as bankimoon@yahoo.com - and Bingo!

It will disappoint a few people, who champion what's in their opinion "worthy causes" and keep including me in their distribution lists to fight Logging, to save the Whales, or to make a sick boy's last days bright by getting him into Guinness records for the most emails received. But those well-meaning fools aid and abet the spam artists by providing them with ever more live targets.

 

[sails]

This one is not even subtle - although I can imagine curiosity might get the better of some:

But then now I am surprised. I copied and pasted the email contents and what I have coloured in blue below did not show up in the email - any techies know how that works...

(And I removed the link and replaced it with Xs)

Payment Notification #89630705
The ACH transaction (ID:89630705 ), recently initiated from your checking account (by you or any other person), was canceled by the other financial institution.
Rejected transaction
Transaction ID: 89630705
Reason for rejection: See details http:xxx

His life was dedicated to peace and the furthering of peace.It didn't really matter which, either way the balloon had gone up.There's a temptation to try and guess from the first figures, but they're meaningless.My scienceand it is really not logical to call it a scienceis based on observation, experimentation, control groups and corrected observations.End of the Project Gutenberg EBook of The KFactor, by Harry Harrison (AKA Henry Maxwell Dempsey) *** END OF THIS PROJECT GUTENBERG EBOOK THE KFACTOR *** ***** This file should be named 22540.You comply with all other terms of this agreement for free distribution of Project Gutenbergtm works.He was lying on his back, looking up at them.That's why I destroyed our setup, and cut our trail.
--------------------------------------------------------------------------------

5836 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703)561-1100 2011 NACHA - The Electronic Payment Association

 

[So_Cynical]

I have never actually received any fraudulent, scam emails(although i do get A LOT of emails trying to sell me little blue pills). I'm just curious as to how these people get your email address? Do some users mistakenly click on phishing links? or do they enter their email into a lot of subscriptions and things of this nature? surely you would have to give your email out to the wrong person at some point UNLESS these fraudsters are hacking email address - which is probably quite likely.

I like to think I'm pretty careful and yet i still get a hell of a lot of spam, however 99% of the time this winds up in my junk box.

Just curious is all.

My 5 year old email address was on a list of email addresses published on several hacker sites..was stolen along with 36000 other addresses and password hashes from a Forex service providers site that was hacked about 3 months ago.

Within days i went from maybe 1 scam email per week to about 8 a day.

 

[pixel]

This one is not even subtle - although I can imagine curiosity might get the better of some:

But then now I am surprised. I copied and pasted the email contents and what I have coloured in blue below did not show up in the email - any techies know how that works...

(And I removed the link and replaced it with Xs)

Analysing an email is quite easy:
In your email program (e.g. Outlook, Outlook Express, or LiveMail) right-click on the header and select "Properties"; click on the "Details" tab and then the "Message source". As a result, you will see the text in a Notepad window.
If it's formatted as html, pay special attention to the links, return addresses, especially where the contents of commands and visible text differ.
The text may for example claim to link to http://anz.com.au... but the <a> command may link to the href="http://www.myredirection.com".

Hidden text like the one your example showed in blue is often the result of a cut/paste job, where the fraudster adapts a "template" for his own purpose; there are scores of websites and "User Groups" that share these tools. Some use tags just like grafitti vandals do; or it may simply be laziness, where the layout was ripped out from a website script without bothering to remove the underlying text.

 

[sails]

Thanks Pixel...

Yes, I had a look at the message source and it was formatted as html The text which I coloured blue and hidden in the actual email was printed twice in the message source.

It often amazes me how these people get our emails that are given to trusted sources.

 

[Garpal Gumnut]

Is Tysonboss' nanny in a slot yet for being internet scammed?

 

[pixel]

hmm Our Tax Office seems to be outsourcing reminder services to Brazil.
I did my BAS reporting yesterday via the "secure" Business Portal into ATO; using AUSkey, no emails.
Surprised to receive an email this morning, advising that my payment had been delayed by 7 days, and I was required to pay in 48 hours "to avoid aditional (sic!) costs" - "Please click attachment" to see details. yeah - rright!
Even more surprisingly, the sender's address ends in .com.br - it's in Brazil!

Oh, and another thing: this time I don't have to pay a cent, but am about to receive a GST refund..
I have forwarded the whole thing to ReportEmailFraud@ato.gov.au
They'll be happy to deal with it, I'm sure. Helps beat the New Year's boredom