Frequently Asked Questions relating to Spamhaus data
Frequently asked questions relating to our data and research.Categories
- Botnet Controller (BCL)
- Commercial Data
- Consumer
- CSS Blocklist (CSS)
- DNSBL Usage
- Domain Blocklist (DBL)
- DROP
- Exploits Blocklist (XBL)
- General Definitions
- General Questions
- Hacked - General Help
- Hash Blocklist (HBL)
- ISP General Questions
- Legal Questions
- Malware Questions
- Marketing Email
- Media Enquiries
- Online Scams
- Organization
- Policy Blocklist (PBL)
- Port 25 General Questions
- Reputation Statistics
- ROKSO
- Spamhaus Blocklist (SBL)
- Zero Reputation Domain (ZRD)
Categories
Online Scams
Millions of email users around the world regularly receive scam emails. This type of scam often follows in the wake of a disaster, and will be crafted to create a sense of urgency around it (we saw a lot of this during Covid, for example).
If its too good to be true, it usually is!
This particular type of spam is usually sent out to huge lists of addresses in the hope a few victims will fall for it. These emails promise $Millions in ‘inheritance’ from someone you never knew existed, or inform you that you won ‘$Millions’ in an ‘Email Lottery’ (no such thing exists), or promise you a share of $Millions if you’ll help launder the money (which does not exist). The email Subjects vary endlessly, typical themes include:
- CONGRATULATIONS! You have won a Lottery!
- Contact Western Union Bank Urgently!
- Your ATM MASTERCARD worth $800,000 USD is with FedEx!
- URGENT! Contact My Secretary Now!
- Contact me for your Compensation Fund
These scam emails have endlessly-varying topics, typical examples say things such as:
- “I write to solicit your assistance in a funds transfer deal involving US$ 3.5M.This fund has been stashed out of the excess profit made last 2y ears by my branch office of the International Commercial Bank of Lagos Nigeria which I am the manager.”
- “I am a rich widow, all my family died in a horrible plane crash, I too am dying of cancer. Before I die I wish to give all my {$Millions} to you, because I found your name on the Internet and I trust you. Please help me. God Bless You.”
- “I have deposited your ATM MASTERCARD worth $800,000 USD with FedEx. Insurance and delivery charges have been paid for, but the only fee remaining is the security safe keeping fee of $185 USD which you will be required to pay.”
- *“Congratulations on your success in our sweepstake! Your email address attached to Ticket No:WRNM/SMI/5990 won the draw in the Second category! You have been approve for the star
prize of USD$1.7M! Just send us your bank details…”*
- “My name is Dr. Mrs. Rev. Brown Hamilton Esq. I am the attorney of Late Mrs. Jennifer Wilson who died in London UK . I have a business proposition for you. My late client lodged huge amount of money in a security vault and I need your help to get it… in return I’ll split it with you”
- “The Bank Of Nigeria is pleased to notify you that you have been chosen by the board of trustees as one of the final recipients of a Grant/Donation cash aid of US$850,000.00”
- “This letter is from the United Nation World Fund Discovery Management And Payment Bureau. We have discovered an unclaimed sum of money in favour of your name and a mandate has been given to this body World Fund Discovery Management And Payment Bureau to ensure that this fund gets to you without delay. You are advised to furnish this office with your contact information.”
- “My name is Sgt. James Clayton. I am in the Engineering military unit here in Ba’qubah in Iraq,we have about $5 Million US dollars that we want to move out of the country. My partners and I need a good partner someone we can trust. Waiting for your urgent response.”
- “I am Lt. Ken William, US Army serving in the 3rd Infantry Division in Iraq. I am desperately in need of assistance and I have summoned up courage to contact you. In 2003 My men and I found over $600 million in Saddam Hussein’s hideout in Baghdad. I have now found a secured way of getting the package out of Iraq for you to pick up and your share will be 20% of the money.”
- “We are hereby officially notify you concerning your fund telegraphic Transfer through our bank, Bank of America, New York, to your bank account, which has been officially approved by the management of World Bank Swiss (WBS) to credit the sum of US$18.5 Million into your bank account. Your quick response shall be mostly appreciated.”
Important: For any imminent threat to your self, your family or your property, or if an actual crime has already been committed, call your local police department immediately.
If you are getting this type of error message, your computer has been infected with a type of malware called ransomware, which attempts to extort internet users to pay a fee to criminals to get their computer “unblocked”.
DO NOT pay the ransom fee, instead search Google for more info on the particular ransomware and how to remove it, or contact a professional to help you. Also, report the incident to your local police, who should forward it to their cybercrime division.
It is also highly recommended to install anti-virus/malware software, and to keep your Windows installation as well as high-risk software such as Java, Adobe Acrobat and Adobe Flash Player up-to-date. The same advice applies to websites: all CMS and plug-ins should be patched and updated regularly.
Phishing is a scam that uses spam, pop-up messages, text messages, etc. to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.
Phishing spams are email messages that claim to be from a business or organization that you deal with, such as your bank, a delivery courier like DHL or UPS, an online payment service such as PayPal, an auction house such as eBay, your Internet service provider (ISP), or even a government agency. The message usually says that you need to “update” or “validate” your account information, and often threatens the closure of your account if you don’t respond to instill a sense of urgency.
When clicked, the email link will take you to an official-looking web site, which usually looks identical to the real one (since the fraudster has simply lifted the logos and wording from the real site), and will request you enter your account number, password, etc. DO NOT DO THIS – they will then empty accounts of funds or use your information to commit other crimes.
If you see one of these scams, please report it to the Anti-Phishing Working Group by emailing their reportphishing@apwg.org address. eBay scams can also be emailed to spoof@ebay.com and PayPal scams can be reported to spoof@paypal.com.
Origin:
Named after the 4.1.9 section of the Nigerian penal code, the 419 scam is an ‘advance fee’ fraud which originated in Nigeria and has victimized many unwary Internet users. The scam has since been adopted by criminals globally, but it is still referred to as a 419.
How it works:
- The email is generally marked “urgent” or “confidential” from someone asking for help in moving “millions of dollars” out of their country.
- The scammer claims to be a Nigerian bank manager, a Nigerian government official, the wife of a deceased Nigerian general, an official with the Nigerian National Petroleum Corporation, or other ‘important’ person.
- Sometimes the scammer claims to be a church minister, an Iraqi officer on the run, or a tragic widow dying of cancer, etc. A common variation is to use the Crisis Of The Day to make this scam more believable. We saw a lot of this around Covid, for example.
- This communication causes the victim to send money in the hopes of getting even more money, and people lose their savings, get arrested for embezzlement or stealing from their jobs, or worse.
The variations of 419 ‘Advance Fee Fraud’ are highly creative and often leverage current global events.
- There is always is an offer of giving the victim a percentage of a “vast sum of money” for your help moving the money out of the country. The money does not exist.
- Common variations on the scam include: needing help moving millions of dollars from a forgotten account, getting diamonds or gold out of the country, a frozen inheritance, oil money, charity money, etc.
At some point, the victim is asked to pay up front an Advance Fee of some sort, be it an “Advance Fee”, “Transfer Tax”, “Performance Bond”, or to extend credit, grant COD privileges, send back “change” on an over-paid cashier’s check or money order, etc. If the victim pays the fee, there will be many “complications” which require still more advance payments until the victim finally runs out of money.
These scams are frighteningly successful, even in 2023. DO NOT DO THIS!
A common variation on the 419 scam, the “You’ve won the lottery!” scam is an advance fee fraud where the victim is asked to put up a cash advance (and they will not see the money again).
They send an email generally marked “CONGRATULATIONS!” or “confidential” which says that the recipient has won a lottery (that they never entered), but that due to a “mix-up of lottery numbers” the winner needs to keep this fact “secret” for now.
The scammer wants the recipient’s bank details or wants them to pay a sum of money for “processing” or “security” or “insurance.” Any victim who pays the fee will never see their money again, and the scammers may continue to ask for more and more money for various fees.
There’s also a scam where someone overpays a seller for an item, and then panics and demands a refund immediately. This is common on payment platforms like PayPal, who has some advice about it.
DO NOT FALL FOR THIS!
Additional resources:
- Internet Watch Foundation (UK): http://www.iwf.org.uk/
- Internet Crime Complaint Centre (UK): https://www.ic3.gov/
- FTC Scam site (USA) https://consumer.ftc.gov/scams
- Where to report scams (USA): https://www.usa.gov/where-report-scams
- Common Scams and Crimes (USA): https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/common-scams-and-crimes
Child sexual abuse material (CSAM) – or links to it – is occasionally sent as unsolicited bulk e-mail. If you receive CSAM spam, the correct place to report it is to the authorities in your country.
Please report them immediately.
The following websites are set up by law enforcement authorities specifically to provide such information to the correct agencies:
Europe www.inhope.org
Canada www.cybertip.ca
USA www.cybertipline.com (Child Pornography Tipline 1-800-843-5678)
Links to other countries’ reporting addresses are on the www.vachss.com site.
The United States FBI suggests using the MissingKids.com reporting form, which is also linked from CyberTipLine.com.
INHOPE provides links to child abuse reporting forms for the United Kingdom, Canada, Australia, USA, and Interpol.
Follow the “report abuse” links and forms for the correct reporting forms for your country.