ChrisBailey.info

I’ll keep posting different ones everyday as there can never be enough info out there to fight this garbage.  The final destination url of this phishing scam was reekisb.com

LaSalle Bank Consumers Warning:

Please be advised that we cannot guarantee the confidentiality of not protected information.
Therefore, we strongly encourage you to update your system.
New Bank of America x.509 privacy certificate for LaSalle Bank consumers can be downloaded from our customer service department.

Proceed to customer service department>>. url deactivated….destination was welcomelasalle.carehtmlclient.sitesurvey.ebfmh6ib1.reekisb.com/lasalle.php?/encrypted/configlogin/OSL.htm?LOGIN=9OCXNgNsug&VERIFY=oqYmTFeBfMh6Ib1

LaSalle Bank and Bank of America will not be responsible for any damages, if you ignore this warning.

Sincerely, Johnny Pritchard.
2008 LaSalle Bank and Bank of America Community.

Here is a lovely fraudulent email I received today targeting those of us who own domains.

They use a very clever domain name that took me a minute to catch.

Always beware of emails like this.  This email phishing scam was targeting Network Solution customers and sadly, at least a few will fall for it.

The safest thing to do when you get emails that are supposedly from your webhost, bank, credit card company, etc. is to go to that site directly from a bookmark or typing in the url.  Never go from links in your email to services like this.

Dear Network SolutionsŽ Customer, 

On Thu, 30 Oct 2008 23:23:17 +0100 we received a third party complaint of invalid domain contact information in the Whois database for this domain Whenever we receive a complaint, we are required by ICANN regulations to initiate an investigation as to whether the contact data displaying in the Whois database is valid data or not. If we find that there is invalid or missing data, we contact both the registrant and the account holder and inform them to update the information.

Please note: ICANN (the Internet Corporation for Assigned Names and Numbers) regulations state that the WHOIS Administrative Contact may initiate and approve domain name registration transfers from your Network Solutions account to other Registrars. If you are not listed as the WHOIS Administrative Contact a transfer can occur without your knowledge if Domain Protect is not enabled for the domain name registrations listed above.

To change the WHOIS Administrative Contact Information for any of your domains, please login to Account Manager:

1. Log in to Account Manager at: http://www.networksolutions.com. (Because I didn’t want to give a link to this thieving site, the url showed the correct address in print, but when you hovered over it, the actual destination url was http://www.networksolutions.com.sys44.biz/ so the fraudulent domain is actually sys44.biz
2. Click on the “Profile & Accounts” tab in the left navigation menu to be taken to a page listing your account details.
3. Click on “Accounts” and select the account you wish to edit.
4. Click “View/Edit WHOIS Contacts” to make your updates.

If you believe someone requested this change without your consent, please contact Customer Service.

If you would like to order additional services or to update your account, please visit us online.

Thank you for choosing Network Solutions. We are committed to providing you with the solutions, services, and support to help you succeed online.

Sincerely,
Network SolutionsŽ Customer Support

This one is a more standard phishing scam hoping your go to the website and enter some personal info.

I would recommend not visiting the url as these scam phishing expedition often link to sites that will
infest your computer with viruses, trojans, worms, and any other thing these malevolent criminals can
come up with.

From: 	- Fri Jan 18 22:09:39 2008
X-Account-Key: 	account2
X-UIDL: 	UID56699-1147259403
X-Mozilla-Status: 	0001
X-Mozilla-Status2: 	10000000
X-Mozilla-Keys:
Return-path: 	<JerispellboundSpangler@richard5.net>
Envelope-to: 	xxxxxxxxxxxxxxxxxxx
Delivery-date: 	Fri, 18 Jan 2008 21:00:14 -0600
Received: 	from [190.42.54.205] (helo=pc03) by xxxxx.xxxxxxxx.net
with smtp viagra buy  (Exim 4.68) (envelope-from
<JerispellboundSpangler@richard5.net>) id 1JG3wM-0007o4-LK for
xxxxxxxxxxxx@xxxxxxxx.com; Fri, 18 Jan 2008 21:00:14 -0600
Message-ID: 	<344001c85a47$695364f0$3501a8c0@pc03>
From: 	Barbra Bledsoe <JerispellboundSpangler@richard5.net>
To: 	<xxxxxxxxxx@xxxxxxxxxxxx.com>
Subject: 	We offer business loans up to $1,000,000
Date: 	Fri, 18 Jan 2008 21:58:47 +0500
X-Priority: 	3
X-MSMail-Priority: 	Normal
X-Mailer: 	Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: 	Produced By Microsoft MimeOLE V6.00.2800.1106
X-Antivirus: 	AVG for E-mail 7.5.516 [269.19.6/1230]
Mime-Version: 	1.0
Content-Type: 	multipart/mixed;
boundary="=======AVGMAIL-479169F3186D======="

*Your credit score doesn't matter to us!*

If you have your own business and wish IMMEDIATE money to spend ANY way
you like or require Extra money to give your business a boost or require
A low interest loan - NO STRINGS ATTACHED, here is our best deal we can
offer you TODAY (hurry, this lot will expire THIS EVENING):

*$66,000+ loan*

*Hurry, when our best deal is gone, it is gone. Simply fill out this
quick form... *

Do not worry about approval, your your credit report will not disqualify
you!

*class="moz-txt-link-freetext">http://grandplacea.net.cn/*

Well, it’s one of the lowball offers that we all receive daily in our inbox, so maybe it’s legit.

If only there were a real way to get rid of this garbage on the net.

It just seems so hard to believe that some will fall for these things.

Congratulations The Foundazion Di Vittorio has chosen you by the board
of trustees, as one of the final recipients of a
cashGrant/Donation.

You have been approved for a total pay out of US$500,000.00
Provide these below information and send it to the email address below:
Fullname,Address,Sex,Age,Occupation,Phone Number,Country
payment officer- Mr Parker Lawson .
Contact Email:acomplia buy online id=”lw_1200712197_0″>fdv_payoutofficeo3@yahoo.com.hk