Blocklist Removal Center
About Spamhaus  |  FAQs  |  News Blog   
Frequently Asked Questions (FAQ)
BGPf FAQ
Datafeed FAQ
DNSBL Usage
DROP FAQ
Generic Questions
Glossary
ISP Spam Issues
Legal Questions
Marketing FAQs
Online Scams
Organization
ROKSO FAQ
Spamhaus BCL
Spamhaus CSS
Spamhaus DBL
Spamhaus PBL
Spamhaus SBL
Spamhaus XBL



Online Scams

Help! My computer is 'blocked' and it says I have to pay 'Spamhaus' to unlock it
I have a Million Dollars for you, just contact me for it.
Bank / Paypal and other "Update your Account" Phishing Scams
The 'Nigerian' 419 Scam
The 'Nigerian' Purchase Scam
International Sweepstakes Lottery Scam
More information on Online Scams
Criminal Child Pornography (Abuse and Exploitation)
Stalking and Harassment online


Help! My computer is 'blocked' and it says I have to pay 'Spamhaus' to unlock it
Your computer is infected with specialised malware called ransomware, which attempts to extort internet users to pay a fee to criminals to get their computer "unblocked".

In reality your computer is NOT blocked at all. The malware program is simply redirecting requests for certain websites (such as youtube.com, google.com and facebook.com) to a page which pretends to be a message from Spamhaus.

It's vital that you DO NOT pay the fee, but instead you must find a way to remove the malware by using tools downloaded from a non-infected computer. It is also highly recommended to install anti-virus/malware software and to keep your Windows installation as well as high-risk software such as Java, Adobe Acrobat and Adobe Flash Player up-to-date.


I have a Million Dollars for you, just contact me for it.
Millions of email users around the world regularly receive scam emails. This type of spam is sent out to huge lists of addresses in the hope a few 'suckers' will bite. These emails promise $Millions in 'inheritance' from someone you never knew existed, or inform you that you won '$Millions' in an 'Email Lottery' (no such thing exists), or promise you a share of $Millions if you'll help launder the money (which does not exist). The email Subjects vary endlessly, typical themes include:

  • CONGRATULATIONS! You have won a Lottery!
  • Contact Western Union Bank Urgently!
  • Your ATM MASTERCARD worth $800,000 USD is with FedEx!
  • URGENT! Contact My Secretary Now!
  • Contact me for your Compensation Fund
These scam emails have endlessly-varying topics, typical examples say things such as:
  • "I write to solicit your assistance in a funds transfer deal involving US$ 3.5M.This fund has been stashed out of the excess profit made last 2years by my branch office of the International Commercial Bank of Lagos Nigeria which I am the manager."

  • "I am a rich widow, all my family died in a horrible plane crash, I too am dying of cancer. Before I die I wish to give all my {$Millions} to you, because I found your name on the Internet and I trust you. Please help me. God Bless You."

  • "I have deposited your ATM MASTERCARD worth $800,000 USD with FedEx. Insurance and delivery charges have been paid for, but the only fee remaining is the security safe keeping fee of $185 USD which you will be required to pay."

  • "Congratulations on your success in our sweepstake! Your email address attached to Ticket No:WRNM/SMI/5990 won the draw in the Second category! You have been approve for the star prize of USD$1.7M! Just send us your bank details..."

  • "My name is Dr. Mrs. Rev. Brown Hamilton Esq. I am the attorney of Late Mrs. Jennifer Wilson who died in London UK . I have a business proposition for you. My late client lodged huge amount of money in a security vault and I need your help to get it... in return I'll split it with you"

  • "The Bank Of Nigeria is pleased to notify you that you have been chosen by the board of trustees as one of the final recipients of a Grant/Donation cash aid of US$850,000.00"

  • "This letter is from the United Nation World Fund Discovery Management And Payment Bureau. We have discovered an unclaimed sum of money in favour of your name and a mandate has been given to this body World Fund Discovery Management And Payment Bureau to ensure that this fund gets to you without delay. You are advised to furnish this office with your contact information."

  • "My name is Sgt. James Clayton. I am in the Engineering military unit here in Ba'qubah in Iraq,we have about $5 Million US dollars that we want to move out of the country. My partners and I need a good partner someone we can trust. Waiting for your urgent response."

  • "I am Lt. Ken William, US Army serving in the 3rd Infantry Division in Iraq. I am desperately in need of assistance and I have summoned up courage to contact you. In 2003 My men and I found over $600 million in Saddam Hussein's hideout in Baghdad. I have now found a secured way of getting the package out of Iraq for you to pick up and your share will be 20% of the money."

  • "We are hereby officially notify you concerning your fund telegraphic Transfer through our bank, Bank of America, New York, to your bank account, which has been officially approved by the management of World Bank Swiss (WBS) to credit the sum of US$18.5 Million into your bank account. Your quick response shall be mostly appreciated."
Without exception, ALL such emails are scams. Never, ever, respond to any of these emails, you would be responding directly to criminals.


Bank / Paypal and other "Update your Account" Phishing Scams
Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.

Phishing spams are email messages that claim to be from a business or organization that you deal with, such as your bank, an online payment service such as PayPal, an auction house such as eBay, your Internet service provider (ISP), or even a government agency. The message usually says that you need to "update" or "validate" your account information, and often threatens the closure of your account if you don't respond.

When clicked, the email link will take you to an official-looking web site, which usually looks identical to the real one (since the fraudster has simply lifted the logos and wording from the real site), and will request you enter your account number, password, etc. This should obviously not be done as they will then empty accounts of funds or use them to commit other crimes.

If you see one of these scams, please report it to the Anti-Phishing Working Group by emailing their <reportphishing@apwg.org> address. eBay scams can also be emailed to <spoof@ebay.com> and PayPal scams can be reported to <spoof@paypal.com>.



The 'Nigerian' 419 Scam
Named after the 4.1.9 section of the Nigerian penal code, the 419 scam is an 'advance fee' fraud which has suckered many unwary Internet users.

You receive an email generally marked "urgent" or "confidential" from someone asking for your help in moving "millions of dollars" out of their country. Often the scammer claims to be a Nigerian bank manager, a Nigerian government official, the wife of a deceased Nigerian general, an official with the Nigerian National Petroleum Corporation, or other 'important' person. Sometimes the scammer claims to be a church minister, an Iraqi officer on the run from Saddam's men, or a tragic widow dying of cancer (and you're her last hope), etc.

The variations of 419 'Advance Fee Fraud' are highly creative and virtually endless. Always there is an offer of giving you a percentage of a "vast sum of money" for your help moving the money out of the country. The money naturally, doesn't exist. Common variations on the scam include: needing help moving millions of dollars from a forgotten account, getting diamonds or gold out of the country, a frozen inheritance, oil money, charity money, etc.

At some point, the victim is asked to pay up front an Advance Fee of some sort, be it an "Advance Fee", "Transfer Tax", "Performance Bond", or to extend credit, grant COD privileges, send back "change" on an overage cashier's check or money order, etc. If the victim pays the fee, there are often many "complications" which require still more advance payments until the victim finally runs out of money.


The 'Nigerian' Purchase Scam
You receive an email from someone wanting to buy somthing from you/your website, he wants to pay by check and (usually) wants you to ship the products to his address in Lagos, Nigeria.

The variants on this scam often involve:
  • A payment via check is made, but (some weeks later) is returned by the bank on which it's drawn because it was forged. The scammer counts on your willingness to ship the product after your bank has (provisionally) cleared the check, and before the check has cleared its way through the whole international banking system.

  • An "accidental" overpayment by the buyer, who asks you to deposit the check and then refund the amount of the "overpayment" when you ship the goods. You're out both the cost of the goods, and whatever "overpayment" you refund, when you find that the original check is made of rubber.


International Sweepstakes Lottery Scam
A variation on the Nigerian 419 scam, the "You've won the lottery!" scam is an advance fee fraud where the victim is asked to put up a cash advance (they will not see the money again). It is perpetuated largely by Nigerian scammers claiming to be located in Amsterdam, London, Hong Kong, Cape Town, etc.

You receive an email generally marked "CONGRATULATIONS!" or "confidential" which tells you you've won a lottery (that you of course don't remember entering), but that due to a "mix-up of lottery numbers" you need to keep this fact "secret" for now (while the fraudster scams you).

The scammer either wants your bank details or wants you to pay a sum of money for "processing" or "security" or "insurance." Any victim who pays the fee will never see their money again, yet the scammers may continue to ask for more and more money for various fees.


More information on Online Scams
U.S. Federal Trade Commission
Spam scam information for consumers

U.S. Postal Inspection Service
Sweepstakes and Lottery Fraud

Lottery Scams
The "International/Dutch/Belgian/British/Swiss" Lottery Scam

Internet Watch Foundation
http://www.iwf.org.uk/



Criminal Child Pornography (Abuse and Exploitation)

Worse than spam, worse than scams, child abuse material, or links to it, is occasionally sent as unsolicited bulk e-mail. While the definition of spam is independent of the content of the message, the illegal content of that sort of spam, the sheer repugnance of the material, and the evil disdain for other human beings makes this variety worse than any other. If you receive child abuse spam, the correct place to report it is to the authorities in your country. The following websites are set up by law enforcement authorities specifically to funnel such information to the correct agencies:

Europe www.inhope.org
Canada www.cybertip.ca
USA www.cybertipline.com (Child Pornography Tipline 1-800-843-5678)
Links to other countries' reporting addresses are on the www.vachss.com site.

The United States FBI suggests using the MissingKids.com reporting form and links to that site, too, on their "Innocent Images" website about child abuse at http://www.fbi.gov/innocent.htm. It's also linked from CyberTipLine.com.

Virtualglobaltaskforce.com provides links to child abuse reporting forms for the United Kingdom, Canada, Australia, USA, and Interpol. Follow the "report abuse" links and forms for the correct reporting forms for your country.

The term "child pornography," while embedded in legal codes and common language, is inaccurate for the abuse and exploitation of children. As noted on INTERPOL's website, "Pornography is a term used for adults engaging in consensual sexual acts distributed (mostly) legally to the general public for their sexual pleasure. Child abuse images are not. They involve children who cannot and would not consent and who are victims of a crime." The terms Child Abuse Material (CAM), Child Exploitive Material (CEM) or Child Abuse Images (CAI) are now the terms used by law enforcement organizations.



Stalking and Harassment online
There are a variety of organizations and services dedicated to helping victims of online harassment, stalking and fraud, and to educating Internet users about how to avoid becoming victims. Here are a few such organizations as a starting point for anyone seeking assistance or further information:

Jayne Hitchcock learned how evil cyberstalkers can be from personal experiences in the late '90s. She founded WHOA (Working to Halt Online Abuse) in 1997 to fight online harassment through education of the general public, education of law enforcement personnel, and empowerment of victims.

Fraudwatchers.org provides an informational and supportive community for persons who have, directly or indirectly, fallen foul of fraud.

Important: For any imminent threat to your self, your family or your property, or if an actual crime has already been committed, call your local police department immediately.



© 1998-2017 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy