About Internet Fraud and Spoofing - Spoofing Information and Samples

This page updated July 12, 2007.

The Following are images of spoofed and fradulent emails received recently. For more informaton about spoofing, see Learn about Spoofing and fraudulent messages.

Air Resources Board Spoof - The receiver of this e-mail reported it to ARB
July 12, 2007 - PDF document Spam

Spam is Delivered in .PDF E-mail Attachments - Computer World reports that spammers are by-passing spam filters by now using PDF attachments in two ways. The first is a static PDF that they've generated from something like Microsoft Word which is used to make emails look more legitimate. The second is more dynamic and automated, and it involves dropping the images cranked out by spam generators into a PDF file. For more information, see Infoworld.

If you receive a .pdf email attachment the best rule is evaluate your the email before opening it. After evaluating it, you still wish to open it:

  • Verify that you have a current Symantec Definition file.
  • Save the attachment to your desktop.
  • Right click the .pdf file select Scan for Viruses...
  • If no virus found, right click and select 'Open With'...Do NOT double-click file.
  • Select the appropriate application (in this case Acrobat).
  • If a virus is found, contact the HelpDesk (916) 445-8812.
  • If it's SPAM, delete or forward directly to filter@arb.ca.gov , as appropriate.
  • Delete the file from desktop, using Shift+Delete (if Symantec hasn't already done so).

Questions can be directed to the HelpDesk (916) 445-8812

November 16, 2006 - Social Security e-mail Scam
  Computerworld - Social Security agency warns of e-mail scam - Phony e-mail seeks personal information, threatens to close accounts - November 10, 2006 (Computerworld) -- The U.S. Social Security Administration is warning the public about a fraudulent e-mail purporting to be from the agency and designed to lure users into divulging personal information.  In a statement published on its Web site, the SSA said it has received several reports of an e-mail being circulated with the subject header of "Cost-of-Living for 2007 update." The e-mail is designed to appear as if it were from the agency and provides information about a 3.3% benefit increase for 2007. It then proceeds to ask the recipient for personal information warning that those who failed to provide it by Nov. 11 would have their accounts suspended indefinitely.  The mail contains a link to a Web site designed to look like the official one where users are asked for information such as Social Security numbers, as well as bank account and credit card information, the statement said.
For more information, See how to protect yourself. For information security practical tips, see OnGuardOnline.gov. Please contact the HelpDesk at (916) 445-8812 with questions or concerns.
November 9, 2006 - Spam Delivers a Pink Slip
  Spam That Delivers a Pink Slip - Last week, a handful of employees at Dekalb Medical Center in Decatur, Ga., received e-mails saying they were being laid off. The subject line read “Urgent – employment issue,” and the sender listed on the message was at dekalb.org, which is the domain the medical center uses. The e-mail contained a link to a web site that claimed to offer career counseling information. Concerned about their employment status and no doubt miffed about being laid off via e-mail, a few employees clicked on the link to learn more. In doing so, they unwittingly downloaded a keylogger program that was lurking at the site.

This is an example of targeted spam or ' spear phishing,' that is currently on the rise and is particularly vexing because the spammer is able to "spoof" the sending e-mail address to make it look like it's coming from within the organization of the recipient, making it difficult for spam filters to catch.

For more information, See how to protect yourself. For information security practical tips, see OnGuardOnline.gov. Please contact the HelpDesk at (916) 445-8812 with questions or concerns.
October 17, 2006 - Instant-Messaging Accounts Hijacked
  Phishers Hjack IM (Instant Messaging) Accounts -    In a twist on phishing, cybercrooks are hijacking instant-messaging accounts to lure people to their information-thieving Web sites.  Traditional phishing scams send out spam e-mail that contain links to fraudulent Web sites. These sites try to trick people into giving up sensitive information, such as credit card details, Social Security numbers or login credentials for online services.  In a tactic that includes an arsenal of online weapons, scammers are now also commandeering IM accounts to spread their bait. The barrage of attacks used includes account hijacking, phishing and SPIM, or spam via instant messaging. See how to protect yourself.

On Friday, for example, a Yahoo employee found that scammers had used her account. They sent her Yahoo Messenger contacts a link to a phishing site. The miscreants had gotten hold of her login credentials, probably through another scam that she had fallen for, the company said.  The link led to a site hosted on Geocities, Yahoo's free Web space service. The fraudulent site looked just like a Yahoo Photos Web site and asked visitors for their Yahoo login information. Yahoo took the scam site down on Friday morning.  "These hackers are super-devious, and we try to stay as much ahead of them as we can, but it is an industrywide issue," a Yahoo representative said Monday.
Contact the HelpDesk at (916) 445-8812 with questions or concerns.
March 21, 2006 Chase OnLine $20 Reward Survey Fraud
March 16, 2006 Internal Revenue Service Refund
  The Internal Revenue Service has issued several consumer warnings on the fraudulent use of the IRS name or logo by scamsters trying to gain access to consumers' financial data in order to steal their assets. Fraudsters may use the IRS name because most consumers recognize it, have had prior communication with or from the IRS (such as receiving annual tax form and instruction packages) and have previously provided the IRS some financial data (such as that contained on tax returns). More..

March 10, 2005 - Ebay Spoof
February 23, 2005 - FBI Spoof
  New virus being distributed in fake FBI e-mail - Reported by Computerworld
Washington, D.C. - The FBI today warned the public to avoid falling victim to an on-going mass e-mail scheme wherein computer users receive unsolicited e-mails purportedly sent by the FBI. These scam e-mails tell the recipients that their Internet use has been monitored by the FBI’s Internet Fraud Complaint Center and that they have accessed illegal web sites. The e-mails then direct recipients to open an attachment and answer questions. The attachments contain a computer virus.

The latest message has multiple misspellings and is written in broken English, Bresson said. "The wording is very poor,
which helps us," he said. "We're hoping that that flags people that this is not legitimate."

The message warns recipients that their Internet use continues to be watched and that the alleged illegal activity should
be halted. "If there will be anover [sic] attemption [sic] you will be busted," the message states.
February 19, 2005 - Washington Mutual Spoof
February 18, 2005 - EBAY Spoof

February 4, 2005 - Washington Mutual Spoof