Hello everyone. Well another day, another phishing email. These Internet con-men/women do not have much imagination, just keep on recycling the same old scam under a different name. This one is particulary interesting as it purports to be from a reputable bank in UK. However on doing further investigation, checking where the email originated from, it seems to be from somewhere in Australia, or at least from an Australian email account. obviously the scammers are using hacking technology to use other peoples email address's to re-route there cons through various different email address's until they eventually end up in your in-box. Here is a breakdown of where this email has come from, via various address's. --------------------------------------------- Return-Path: Received: from rly-xg01.mx.aol.com (rly-xg01.mail.aol.com [172.20.115.198]) by air-xg03.mail.aol.com (v107.10) with ESMTP id MAILINXG32-4464305d88b111; Fri, 19 Aug 2005 09:03:29 -0400 Received: from fallbackmx01.syd.optusnet.com.au (fallbackmx01.syd.optusnet.com.au [211.29.132.93]) by rly-xg01.mx.aol.com (v107.10) with ESMTP id MAILRELAYINXG14-4464305d88b111; Fri, 19 Aug 2005 09:03:09 -0400 Received: from mail26.syd.optusnet.com.au (mail26.syd.optusnet.com.au [211.29.133.167]) by fallbackmx01.syd.optusnet.com.au (8.11.6/8.11.6) with ESMTP id j7JD36j03411; Fri, 19 Aug 2005 23:03:06 +1000 Received: from localhost.localdomain (webmail03.syd.optusnet.com.au [211.29.132.237]) by mail26.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id j7JD0sQB024053; Fri, 19 Aug 2005 23:00:54 +1000 Message-Id: <200508191300.j7JD0sQB024053@mail26.syd.optusnet.com.au> Content-Type: text/plain Content-Disposition: inline Mime-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) Received: from [196.1.178.83] as user johnpower01@optusnet.com.au by webmail.optusnet.com.au with HTTP; From: "Mr.John Power" Date: Fri, 19 Aug 2005 23:00:54 +1000 Subject: Please confirm receipt Reply-To: johnpower04@tiscali.it Content-Transfer-Encoding: base64 X-MIME-Autoconverted: from 8bit to base64 by fallbackmx01.syd.optusnet.com.au id j7JD36j03411 X-AOL-IP: 211.29.132.93 X-AOL-SCOLL-SCORE: 0:2:423776590:15032385 X-AOL-SCOLL-URL_COUNT: 0 --------------------------------------------- As you can see, it is not from who it is meant to be from. Here is the body of the email, I would not advise anyone to click on the links that are in this email, I left them there in the entirety so that you can all see them, & know what to avoid. ---------------------------------------------This message is in the Spam Folder because you reported the message as spam. Subject: Please confirm receipt Date: 8/19/2005 6:03:29 A.M. Pacific Standard Time From: johnpower04@tiscali.it From the desk of: John Power, Auditor General Natwest Bank Group, Caryle House, Carlyle Rd, Cambridge,CB4 3DH,UK Date:19/08/2005 Dear Sir, I am Mr John Power,Auditor General Natwest Bank Group UK. I am writing following an oppurtunity in my office that will be of imense benefit to both of us. In my department we discovered an abandoned sum of £20.5million British Pounds Sterling (Twenty million five hundred thousand British Pounds) in an account that belongs to one of our foreign customers Late Mr. Morris Thompson an American who unfortunately lost his life in the plane crash of Alaska Airlines Flight 261 which crashed on January 31 2000, including his wife and only daughter. You shall read more about the crash on visiting this site. http://www.cnn.com/2000/US/02/01/alaska.airlines.list/ and http://www.nativefederation.org/history/people/mThompson.html Since we got information about his death, we have been expecting his next of kin or relatves to come over and claim his money because we cannot release it unless somebody applies for it as next of kin or relation to the deceased as indicated in our banking guidelines. Unfortunately I learnt that his supposed next of kin being his only daughter died along with him in the plane crash leaving nobody with the knowledge of this fund behind for the claim. It is therefore upon this discovery that I and two other officials in this department now decided to make business with you and release the money to you as the next of kin or beneficiary of the funds for safety keeping and subsequent disbursement since nobody is coming for it and we don’t want this money to go back into Government treasury as unclaimed bill. The banking law and guidelines here stipulates that such money remained after six years the money will be transferred into banking treasury as unclaimed funds. We agreed that 35% of this money will be for you as foreign partner, while the balance will be for me and my colleagues. I will visit your country for the disbursement according to the percentages indicated above once this money gets into your account. Please be honest to me and trust is our watchword in this transaction. Note this transaction is confidential and risk free. As soon as you receive this mail you should contact me by return mail.Please note that all necessary arrangement for the smooth release of these funds to you has been finalised. We will discuss much in details when I do receive your response. Please if you are interested in this project contact me for further directives. Best regards Mr.John Power --------------------------------------------- You can see, it is an obvious con, unfortunately there are people on the Internet who are guillible enough & greedy enough to answer to this email & it will cost them dearly in money & time,, as not only will the scammers try to get them to pay for the 'privellage' of being a partner, but they will also have there identity stolen in the process. Be warned, no matter how enticing these emails get, they are complete scam/cons. Send them to your internet provider, or to the FBI or CIA. I will post a further thread with the email address's of the dept's to which emails of this kind can be sent, I would do it now, but I have to go to therapy in a little while & I don't have the time now. I just wanted to get this warning out to Adlandpro members before anyone fell for it. More later.

Hi Anthony, Wouldn't it be nice if the authorities could find some way to stop all this. There are too many of them about now! I work for NatWest in UK, and know how damaging they can be to reputable firms. Regards Jill

Hi Anthony, Pam, and all, Thanks for the "head's up" :-) I rec'd one from a bank yesterday that I've never heard of before - "Bank of the West" - from "service @ bankofthewest.com" with a subject line of "Protect Yourself Against Fraud". """Protect Yourself Against Fraud" At the Bank of the West, we take protecting your financial information seriously. We recognize and respect your right to privacy when it comes to your personal financial information. Please attend to our request to our active consumers to protect them of online fraud and frequent rising scam attacks against our financial institution. Actually, we are performing security improvements of our banking community and enforce customers to register their sensitive information for an additionally created free security service to prevent any fraudulent activity against their assets and savings. We, hereby ask you to respond within few hours of current notification and complete security application form via our SSL protected website to apply for this service absolutely for free, otherwise your account(s) may not process posted transactions correctly and on time. Please visit us to apply http://www.bankofthewest.com/?register=aSODJ3 Thank you for your time! Donald McGoldrick, Bank of the West For more information on how we protect your information online and our approach to privacy, please see our website."" #####*****##### IF you were to click the link in the original e-mail, you would be taken to: http://server.jkahosting.com/~tony/pixer/images/contact/cgi-bin/.www.BankOfTheWest.com/UserInformation/Update/CreditCard/ so, as you can see, you'd get screwed if you went there and gave them the info they requested. #####*****##### I also rec'd the latest "phish" from the "PayPal" bunch. I have removed the name and address. If you click the link at the top of the e-mail, the "Official Logo" will take you to: http://www.hubertuswochen.de/.www.paypal.com/login-run/index.html If you click the link in the e-mail under "View the details of this transaction online", it will take you to: http://140.114.32.1/~shwang/attic/.temp/paypal/ """Protect Your Account Info" Make sure you never provide your password to fraudulent websites. To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal URL to be sure you are on the real PayPal website.https://www.paypal.com/us/) to be ! sure you are on the real PayPal site. PayPal will never ask you to enter your password in an email. For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips "Protect Your Password" You should never give your PayPal password to anyone, including PayPal employees. You've got cash! James XXXXX sent you money with PayPal. James XXXXX is a Verified buyer. -------------------------------------------------------------------------------- Payment Details Amount: $22.50 USD Transaction ID: DDI989XXXXX14871XXXXX View the details of this transaction online -------------------------------------------------------------------------------- Shipping Information Address: James XXXXXX XXXXXXXXXXX XXXXX, IL XXXXX United States Address Status: Confirmed -------------------------------------------------------------------------------- Thank you for using PayPal! The PayPal Team PayPal Email ID PP58144"" #####*****##### I believe I said this in another forum or thread along this nature: IF you need to login to the "PayPal" website, your bank or financial institution website or any other website that might contain PERSONAL INFORMATION - PLEASE - PLEASE - TYPE THE ADDRESS INTO YOUR BROWSER and login from there NEVER - NEVER click a link in an e-mail. It's pretty "ballsy" for these folks to be sending out "phishing" e-mails telling us how to prevent ourselves from being taken by them :-) Sincerely, Max Welton Elliot Lake, Ontario, Canada

Hi Jill & Max... Yes Jill, a good friend of mine in the UK is quite high up in Nat West & was somewhat annoyed when I sent her this email. Max, nice to hear from you to. You are right about the emails from banks that no one has heard from. These are just 'phising mails' sent out in millions to unsuspecting people on the assumption that someone out there belongs to these banks & is gullible enough to fall for this email & put in their bank details. As for your Pay-pal scam, eleswhere in this security forum I have printed Pay-Pals response to these scam-mails & their email address to send them all to. Pay-Pal states emphatically that they will NEVER!!! ask members for login or password details & all Pay-Pal official emails will have the members name & membership number in it. Also, they never give you a clickable link to log in. The only links they may have are for security section informing you of scams & where to send these emails.

Hello Anthony, I am so lucky with the little knowledge I have of the internet. At the beginning of this year I go what looked like a honest letter from a lady in Hong Kong. A few months passed and still continuing I did some searches by then, the Hong Kong bank they stated had merged with another bank and was no longer known as the Hong Kong Bank. My emails came from a server in South Africa, then New York, then England. Then someone claiming to be writing from the attorney office in Canada, the email origin was from USA again. Yes another plishing, plisher!!! They go some some great extent, they make webpages, save articles, mine was saved from a aeroplane accident, I have seen 911 articles saved now and war torn countries used. Its really quite sick when u think of what efforts they go to. If you get a email from someone you don't know use my favourite button, DELETE! DO NOT ANSWER THESE AT ALL.........EVER. I hope this helps someone today or soon. Thank you for sharing this with me. Kindest Regards Lisa Lomas