Thursday, September 06, 2007

Pfizer zombies send Viagra spam, Wired reports

Zombie Pfizer Computers Spew Viagra Spam

By Ryan Singel 09.06.07 | 2:00 AM

Computers inside pharmaceutical giant Pfizer's network are spamming the internet with e-mails touting the company's flagship erectile-enhancement drug Viagra, along with ads for knockoff Rolexes and shady junk stocks.

But the e-mails are not part of Pfizer's official marketing efforts.

Pfizer's computers appear to have been infected with malware that has transformed them into zombie computers sending spam at the behest of a hacker. Oddly enough, they are spamming the public's inboxes with ads for the company's own product.

"There is a disaster inside this company, and they don't know it," says Rick Wesson, CEO of Support Intelligence -- a small San Francisco-based security company that alerted Wired News to the problem.



The flood of spam adds to Pfizer's recent computer security woes. This summer, the company revealed that it had suffered three breaches of sensitive data, cumulatively affecting more than 50,000 individuals.

In one breach, a Pfizer employee exposed personal information on 17,000 employees after installing peer-to-peer software on a laptop. In another breach, confirmed Tuesday, a former employee downloaded sensitive data, including social security numbers and credit-card information for about 34,000 Pfizer employees.


Full story at Wired.

Wednesday, September 05, 2007

True or false : Joshua needs your help

Update : the information I had found in the Internet regarding this illness was not even nearly complete to estimate the whole story, so I have updated the bits and pieces provided in the comments section, striking over pieces here, and have to update the category. Not scams.

This is a real child, and with a real disease, of which the costs to cure him or to help him get as normal as possible life are not cheap, so the gala evenings are a way to help them be able to afford the treatment. Which they cannot have done closer to where they live due to the rarity of disease, as the Irish hospitals are not prepared for treating it.

Here a link for ways for helping his family.


This as a piece of email may be scam and spam questionable regarding companies email acceptable use policies. Not the blog post itself - but the points Rahina makes in it. This is how I run to it.

Come join us on Sat September 29th for a Drinks Reception, 4 Course Banquet, Goodies Bag for everyone worth €150!! Live music and dancing and an auction!!
Every single penny goes to Josh Huffy Duff from Castletownroche, who is 20 months old and has a rare medical condition which necessitated both his legs being amputated. This money will fund his medical treatment in Shriner Hospital, Chicago as well as prosthetic limbs.
For more details on the night planned and Josh & family see the offical email below from my friend Gerry, formerly of RTÉ Radio 1.
Tickets are €100 per person - so when you think of it, you actually *make* €50 by going and getting the goodie bag alone
I know we’re all short of cash these days, but I think something like this really puts things in perspective - please pass this on to as many people as you know, we really need a big turn out for this event to help Josh and his family.
If you can go, we require a minimum of 50% deposit (or if possible the total amount) — Cheques made payable to “For Josh.” — Their second son has autism but is responding very well on the one to one teaching method. However, the costs involved with Josh are horrendous.


1. It was sent out to him in company email (not where I work for, nevertheless)
2. It underlines, not only in this email but also in the whole country wide media coverage how this is a sick child and how they want to raise money for it.
I'm not saying this child would be fake - the newspapers on national level probably would have noticed by now if it was. I'm not saying the kid would not be sick either, or that getting new prosthetics etc would be cheap either. It for sure isn't. BUT a few things .. The story seemed odd as the medical details provided did not seem to match. The things that seemed particularly odd :

They live in Ireland, in a country where their some sort of national health insurance should cover the costs of it. The system should be closer to the UK NHS style than the wild range US market.
Where the hospitals are not prepared to deal with this disease. Where they should cover it.

Why does a under 2 years old need 2 prosthetic legs? He will grow so fast out of them - good point (in Rahina's post)

From comments:

2. Children are given prosthetic lower limbs at the same age they would be starting to learn to stand and walk. They get adjustments made as they grow, and get new ones as they outgrow them. The earlier they start, the better they learn to use them. Weight bearing and walking helps shape the hip sockets in the toddler years, so if they don't walk early enough, they may end up with deformed hips that will make it more difficult to wear prostheses as an adult.


The exact disease of this child is not really mentioned in the articles in the national newspaper. The event mentioned is not organized by RTE but by a private person. Or they do mention arthrogryposis as the disease, but that can't be it.

Arthrogryposis, also known as Arthrogryposis Multiplex Congenita, is a rare congenital disorder that causes multiple joint contractures and is characterized by muscle weakness and fibrosis. It is a non-progressive disease.


Since when is amputation a cure for congenital, non-progressive muscle and joint wasting disease?

1. Children with severe arthrogryposis sometimes have legs amputated, when the severity of the contractures are such that they cannot be corrected to any kind of functionality. Severe contractures can be painful as a child grows. It is not common, but it happens. There can also be complications from previous surgeries that make it the best option.

Brave Joshua Duffy-Huff was born with a rare condition which meant he had to have emergency surgery when he was just one month old.


That is over 1,5 years ago? This is unfortunately one of the serious cases about AMC. And far from fun for a small child, or a person of any age.

Due to complications and limited medical resources in Ireland, doctors have amputated his legs and now there is discussion of his hands or arms.


This looks identical to the scam email Rahina received. Same $ 100 food deal.
It is better in this case if they actually DO manage to organize more people for the dinners and other help, so that the child will be able to have as normal and happy life as possible.

Shriners Hospitals for Children is a network of 22 pediatric hospitals in the U.S., Canada and Mexico providing specialized care for orthopaedic conditions, burns, spinal cord injuries and cleft lip and palate. All services are provided at no charge.


Is on big bold letters on Shriners hospital webpage.

Again, from comments clarified :

3. Shriners hospitals do provide treatment free of charge. And parents are offered places in Ronald McDonald houses if they need them. However, they do not pay for airfare, for incidentals, or for loss of wages and babysitters for the other children while a parent is at the hospital with the child. The RM houses are sometimes full, and the hotels that you are bumped to can be more expensive. You can usually only get a visa to come to the US for treatment if you can get everything done in one shot, meaning some serious time away from home. I researched this on behalf of a parent from Pakistan who was hoping to bring his child to Shriners.


Living months there to be with the child to get him back to health will be far from cheap.

I hope this will help to convince anyone else running to the story of Joshua and wondering if it is a real story or a made up one. Now that it is debusted as a made up story, consider helping him.

Thank you for the information priovided additionally in the comments. My apologies.

I would like to see this kid grow up keeping the happy smile he has in the only picture that I've seen of him in the internet.

Tuesday, September 04, 2007

University degrees spam - they can't even spell other than their phone number, (206) 350-2402

From: stheis@blizzop.com
Subject: RE: Your-Degree is pending.
Date: September 4, 2007 5:20:47 PM GMT+01:00
To: [someone else's email]

Received: from [59.23.249.177] ([59.23.249.177]) by mac.com (Xserve/smtpin073/MantshX 4.0) with ESMTP id l84GK2LQ001140; Tue, 04 Sep 2007 09:20:42 -0700 (PDT)
Received: from [59.23.249.177] by redir-mailav-telehouse2.gandi.net; Tue, 35 Aug 2007 25:20:46 +0900
Date-Warning: Invalid date header replaced by ms121.mac.com; original content: Tue, 35 Aug 2007 25:20:46 +0900
Message-Id: <0107ffa4$0107fe78$b1f9173b@stheis>
Mime-Version: 1.0
X-Mimeole: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Mailer: Microsoft Outlook Express 6.00.2800.1106



F A S T T R A C K D E G R E E P R O G R A M

Obtain the degree you deserve, based on your present knowledge and life experience.

A prosperous future, money earning power, and the Admiration of all.

Degrees from an Established, Prestigious, Leading Institution.

Your Degree will show exactly what you really can do.

Get the Job, Promotion, Business Opportunity

and Social Advancement you Desire!

Eliminates classrooms and traveling.

Achieve your Bachelors, Masters, MBA, or PhD
in the field of your expertise

Professional and affordable

Call now - your Graduation is a phone call away.

Please call:
1-206-350-2402


Interesting. No website, just phone number. Maybe a few other people have got this same spam it seems...

Would you consider getting a degree from something that spams you, and does not even know how to capitalize words? You could even think that these are German Spammers as All Conceptual Words are Capitalized.

(206) 350-2402

Type: Land LineProvider: International Telcom, Ltd Location: Seattle, WA


The landline registrant details look shady too.

Registrant:
International Telcom
Attn: chip phillips
417 Second ave West
Seattle, WA 98119
US

Registrar: DOTSTER
Domain Name: ITLTD.NET
Created on: 24-FEB-96
Expires on: 25-FEB-08
Last Updated on: 03-FEB-06

Administrative, Technical Contact:
Telcom, International admin@itltd.net
Attn: chip phillips
417 Second ave West
Seattle, WA 98119
US
(206) 666-4991

Domain servers in listed order:
GATE.KALLBACK.COM
BART.KALLBACK.COM

Sunday, September 02, 2007

Paypal scammers, srdev.fr

From : service@paypal.com
Sent : Sunday, August 26, 2007 9:37 PM
Subject : Notification of Limited Account Access

X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator33.hostgator.com
X-AntiAbuse: Original Domain - hotmail.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

Information Regarding Your account:
Dear PayPal Member:

Attention! Your PayPal account has been limited!

As part of our security measures, we regularly screen activity in the PayPal system.We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:

Our system detected unusual charges to a credit card linked to your PayPal account.

Reference Number: PP-259-187-991

This is the Last reminder to log in to PayPal as soon as possible. Once you log in, you will be provided with steps to restore your account access.

Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

Click here to activate your account



We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologise for any inconvenience..

Sincerely,
PayPal Account Review Department
Copyright © 1999-2007 PayPal. All rights reserved. PayPal Ltd. PayPal FSA Register Number: 226056.

PayPal Email ID PP059

Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.

For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips
Protect Your Password
You should never give your PayPal password to anyone.


Sure, the images linked from paypal's server and the warnings to not give out passwords for fraudulent sites give some authentic look, but why would paypal want you to authenticate to a completely non-paypal website? http://srdev.fr/images/paypal.co.uk/paypal/cgi-bin/webscrcmd=_login-run/webscrcmd=_account-run/updates-paypal/confirm-paypal/index.htm - srdev.fr shows a few other google results for fraud attempts.

UK FORTUNATE DRAWS RESULT - Sure, UK national lottery giving out money for email addresses harvested with a spambot

From : UK FORTUNATE DRAWS RESULT < fortunate_draws0012@hotmail.com >
Reply-To : < barrister_frank_davies@yahoo.co.uk >
Sent : Friday, August 24, 2007 5:08 PM
Subject : UK FORTUNATE DRAWS

MIME-Version: 1.0
X-Originating-IP: [64.214.231.141]
X-Message-Delivery: Vj0zLjQuMDt1cz0wO2k9MDtsPTA7YT0w
X-Message-Info: 9P4r4dq6Pdvh5oKuxbNsBa2zvH2Q9ir2TxJbseS7RDpsNCRTK3LhyPfGDKOAuM14VqTDtl4l20iIC3uTglQ+xA==
Return-Path: fortunate_draws0012@hotmail.com
X-OriginalArrivalTime: 24 Aug 2007 17:08:13.0786 (UTC) FILETIME=[5B1FEBA0:01C7E671]


UNITED KINGDOM NATIONAL LOTTERY
292, Upper Richmond Rd West,
East Sheen, London,
SW14 7JG United Kingdom

TRACK Nº: 51024060210 OFFICIAL PRIZE NOTIFICATION

This is to inform you that have been selected for a cash prize of £500,000.00 (
FIVE HUNDRED THOUSAND GREAT BRITAIN POUNDS) programs held on the 23th OF August
, 2007 in the London U.K. The selection process was carried out through random
selection in our computerized email selection system(ess) from a database of
over 250,000 email addresses drawn from all the continents of the world
. The UK
National Lottery is approved by the British Gaming Board and also Licensed by
the The International Association of Gaming Regulators (IAGR). This lottery is
the 3rd of its kind and we intend to sensitize the public.

To begin the processing of your prize you are to contact your claims officer
through our accredited Prize Transfer agents as stated below:
================================================================
Mr.Frank Davies
292, Upper Richmond Rd West,
East Sheen, London,
SW14 7JG United Kingdom

Email:(barrister_frank_davies@yahoo.co.uk)
Phone/ Fax: +44 709 288 0349
Phone Number: +44-70457-15368
For further enquiries Please call us (10.00am to 5.30 pm london Standard Time)
====== ==========================================================
contact him, please provide him with your secret pin code x7pwyz2006 and your
reference number BCLY:12052006/21.You are also advised to provide him with the
under listed information as soon as possible:
========================== ========================================
If you do not claim your WINNINGS on or before 30TH of SEPTEMBER,your winnings
would be revoked. Winners are advised to keep their winning details/information
from the public to avoid fraudulent claim (IMPORTANT)pending the transfer/claim
by Winner.


*Winner under the age of 18 are automatically disqualified.
*Staff of all Companies in the UK are not to partake in this Email Promotional
Lottery
.

Accept my hearty congratulations once again!

Regards
Mr ANTHONY CAMPBELL
(Lottery Manager)

_________________________________________________________________
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE


Text pieces in bold and italics added to highlight the best pieces.

So they have selected YOU based on a spambot finding 250,000 email addresses from the web, for he sole purpose of donating BIG AMOUNT OF MONEY (why does it always have to be spelled in capitals?)

Also the contact person you should contact is always with a free email provider, not once from anything like lottery.gov.uk ..

So you would need to be over 18, in UK, and yet "Staff of all Companies in the UK are not to partake in this Email Promotional Lottery"..