419 and Mac scams

I forwarded this to myself from another account yesterday because I thought it was one of the laziest 419 scam messages I’d ever seen.

From: British Tobacco Company
Sent: 27 August 2009 19:46
Subject: Contact Mr Paul Adams

Congratulations! Your e-mail ID was among the selected lucky winners of £1,000.000.00 GBP in our BRITISH TOBACCO PROMO.Get back to us with your Name..Coutry..Occupation..Age

Well, short and to the point, I suppose. The hard sell social engineering will follow if you’re naive enough to follow this up. However, I’ve removed the mailto address at lo.com. Here’s another, received today.

From: British Tobacco Company
Sent: 28 August 2009 08:47
Subject: Claims Of 1,000,000 GBP

We are pleased to inform you that your e-mail address has won the British America Tobacco Programme. reply today with your full names

 Even better. The mailto, which I’ve removed here, too, indicates that it was sent from an educational site in Taiwan. You’d think the British American Tobacco company would be consistent about its own name, and would be able to afford its own domain in Britain (or even the US).

Still, £2 million in two days is a nice bonus. Maybe I can afford to retire next year. :)

By the way, have you ever noticed that "scam" spelt backwards is "Macs"? No, I’m not indulging in a little gratuitious Macfreak-baiting. (Not that I’m above that…) That’s just a rather forced segue to a warning that there are reports of sites offering free copies of Snow Leopard that are actually not Snow Leopard, but malware. Ironically, a DNSchanger-type program that isn’t detected by Snow Leopard’s File Quarantine utility.

Since I’m not here to taunt Mac fanboiz, I won’t even think about asking why it is that Mac malware is so often disguised as porn or as pirated software. ;-)

Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/


Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.