This week’s funniest spam email, and why a strong email password is good

I don’t normally see much spam thanks to the spam filters, but I did see this funny one a few days ago:

IMF APPROVED PAYMENT LETTER.

GOOD DAY TO YOU,

It is a great pleasure to contact you this day as i have just been appointed the new Chief of the International Monetary Fund (IMF) and on assumption in office i have seen your untreated transaction with my else while predecessor Dr Dominique Strauss Khan, i
have seen the records of all your payment made in the past to (IMF) and also have a complete files of yours here with me.

This mail is to inform you that i am here to release without any delay your outstanding contract payment of $10.7 usd as reflected here in my record to you within 24hrs from when you respond to this mail.

As i wish to inform you that there will be no fee needed for this transfer. but be informed that the only thing needed is the Affidavit of claim (AOC)of which you have to respond back to my e-mail and i will direct you to the right office for you to get the Affidavit of claim (AOC) so i advise you to get back to me as soon as you get this mail so that i can know what actually went wrong and why you weren’t paid along with others.

Re-confirm to me the followings information to enable the urgent processing of your payment.

1.Name
2.Phone,fax and cell number
3.Delivery Address.
4.Age,profession and sex.
5.Copy of ID.

Endeavor to call me as soon as you get this mail on my official number below in this mail.

Treat as top urgent.

Regards,

Dr.Mrs Christine Lagarde
Chief of the International Monetary Fund (IMF)
DIRECT E-MAIL: of-fice-m-ail01@msn.com

“Top urgent”! I didn’t realise the head of the IMF sent these emails out personally, and from an MSN account, but there you go.

Presumably this was sent from the IMF’s Nigerian branch office.

I can’t help thinking they meant to say $10.7 million usd — a mere $10.70 doesn’t seem like it’s going to convince many people to send in all their details.

On a more serious note, a friend of mine got his web email account hacked this week. Not only did his contacts receive an email allegedly from him, claiming he was on vacation (a term he and most Australians would never use) in Spain, had lost his wallet and his phone, only had email access, and was in desperate need of money — and could I please send funds via Western Union?

They also changed his Reply-To address slightly, so any replies were likely to go to the scammers (unless you noticed the change, which was quite subtle).

I rang him up, and he was quite definitely in Richmond, not Spain. He’s now changed his email password and Reply-To address.

It underscores the value of strong passwords, and also (if you are using a webmail provider that offers it, such as GMail) two-factor authentication — in GMail’s case, it means they confirm your logon once a month (or when you use a different computer) by sending you a text message. This means a hacker not only needs your password, they also need your mobile phone to get into your email, which makes things much safer. Here’s how to switch it on in GMail.

Domain Registry of America/Domain Renewal Group – scammers

If you have your own internet domain name, you may have come across the Domain Registry of America (DROA), also known as the Domain Renewal Group.

They’re a bunch of scammers who regularly and repeatedly send out letters which look like an invoice for a domain name, but are in fact custom advertisements for overpriced online services. If you blindly follow the form and send them money, you’ll transfer your domain name over to their registry, and pay a handsome amount for doing so — almost certainly more than you were already paying.

Domain Renewal Group scam

Their carefully worded FAQ (which is similar to the letters) tries to make out that at US$30/A$45 per year, they are cheap. They’re not. There are any number of domain registrars that will register a .com domain name for around US$10 (at the moment about A$10) per year — or even less.

So you might as well just chuck any letter from DROA into the bin.

Or, I pondered, could you go and harass them in person? You see, I noticed one of their offices is here in Melbourne: “189 Queen Street #209″ — that’s US-speak for “unit 209″.

So I went along to see if I could find it.

Medina Serviced apartments, 189 Queen Street, Melbourne

I had a good look around, and couldn’t actually find number 189. There is an optometrist, which is supposedly 185-191. Next door to that is a Medina Serviced Apartments building, with no street number on it. I thought this might be number 189 (I checked later and found that it is indeed) so I went and looked inside. According to the list in the lift, there is no unit 209. There’s not even a level 2, unit 9 — levels 2-5 are the carpark. So it doesn’t seem to be there.

Little Bourke Street, Melbourne

185-191 is on a corner. I checked around the corner (in Little Bourke Street) for another entrance. I didn’t find one, but it’s notable there there’s a business centre there, though it has a Little Bourke Street number. Peeking inside the window, I did note that their letterboxes are numbered from 201, and there is a 209. I wonder if that’s them? Looks like it — a commenter here reckons he was directed from the Medina to the business centre.

So, 189 Queen Street #209 clearly doesn’t exist. Which is no surprise really — like I said, the whole thing’s a scam.