Security alert on Microsoft Internet Explorer, Deliver My Mail, and an example of the Nigerian 419 Scam:
Internet ScamBusters #84
The #1 Publication on Internet Fraud
By Audri and Jim Lanford
Copyright © Audri and Jim Lanford
All rights reserved.
Issue #84 July 14, 2004
Today we have a short — but important — ‘Snippets’ issue for you.
We start with an especially significant security alert that affects you if you
use the Microsoft Internet Explorer browser. We then share a very interesting
campaign that our good friend Ken Evoy is spearheading called ‘Deliver My Mail,’
(aka "I’m Mad As H*** And Not Going To Take It Anymore").
This is followed by two ScamBusters website updates you won’t want to miss.
We conclude with a fascinating, real-life example of the Nigerian 419 scam.
Let’s get going…
Security Alert — Microsoft Internet Explorer: Should You Continue to Use It?
As many subscribers already know, Microsoft Internet Explorer has significant
‘holes’ or vulnerabilities that scammers and virus creators can easily take
advantage of. This is certainly not new.
In fact, judging from the number of viruses and Trojans sent to us by subscribers
each week, we know that many subscribers are currently infected by one or more
of these viruses and Trojans.
What may be new is that the security problems for users of Windows Microsoft
Internet Explorer are becoming even more serious and severe.
In the past couple of weeks, a new Trojan was detected that is particularly
malicious. It installs itself when you visit a website — without your knowledge
— and without your having to do anything. In other words, you don’t need to
click or accept anything — this Trojan installs itself anyway.
It is delivered through a pop-up ad that loads a file called "img1big.gif"
onto your computer.
This Trojan is a ‘password sniffer.’ That means that it looks for certain kinds
of information, such as user names and passwords, and relays them back to the
Once it’s installed, this Trojan pays attention when you visit a secure webpage,
and it looks for specific banking sites, including Citibank, Deutsche Bank and
If you visit one of these sites and type in your user name, password, etc. to
log in, despite the secure connection, it still watches your keystrokes and
sends them back to the scammer. (Security experts believe this scammer is in
The scammer then has access to your account information — and you didn’t even
know any of this had happened!
What this means: Trojans like this one can give scammers access to your banking
information so they can steal money from your bank account. Further, these kinds
of viruses and Trojans can be used to gain credit card and other personal information,
again to steal your money — or your identity.
This is serious stuff.
If you want to read a technical article that contains more information about
this Trojan, visit:
The Department of Homeland Security’s U.S. Computer Emergency Readiness Team
has gotten so fed up with these Microsoft Internet Explorer vulnerabilities,
that they recently recommended that consumers switch to a different browser.
You can read about the storm they touched off with this recommendation at:
We happen to agree with this recommendation to switch browsers. There are just
too many security holes in Microsoft Internet Explorer for Windows. Whereas
it certainly is true that no browser is completely secure, we no longer feel
that using Microsoft Internet Explorer is worth the security risks.
Our current favorite browser for Windows is Firefox. Visit:
Note: Microsoft did
release 7 patches yesterday after this article was completed. You should definitely
run these patches if you use Windows. However, this doesn’t really change the
general points made in this article.
Deliver My Mail — Join Ken Evoy’s "I’m Mad As H*** And Not Going To Take
It Anymore" Campaign
Our friend Dr. Ken Evoy has recently launched what he describes as ‘the most
important thing we’ve ever done.’ Ken is the President of Sitesell Inc., and
has done some important things in his career — so that’s saying a good deal.
Basically, Ken is completely fed up with ISPs (Internet Service Providers),
filtering services, and email services that refuse to let legitimate, opt-in
email reach people who want to receive it. (For example, subscribers like you
who double opt-in to Internet ScamBusters and still don’t get some issues —
which is why we now send the Friday update notice.)
Ken is NOT talking about spam. Ken, like us, is a pioneer against spam.
Ken is talking about ISPs and mail companies that won’t let customers and subscribers
receive email they want and have requested — either by allowing ‘whitelisting’
or providing reasonable explanations when legitimate email is bounced.
Ken has decided to fight back by launching the ‘Deliver My Mail’ program. We
support Ken in his efforts.
Rather than trying to describe this free program to you, it’s simpler to let
Ken explain it himself. Visit Deliver My
Internet ScamBusters Website Updates
Given today’s security alert, we recommend you check out the big update on our
main page on viruses.
And, visit this week’s most popular urban legend page — on envelopes.
Nigerian 419 Scam: An Example
Want to see exactly how the Nigerian 419 scam works? Here’s an excellent six-page
description in "The Register" of how someone lost $1,000.
Pay attention to the fake banking site the scammers set up — you’ll see how
they are sometimes able to make themselves seem more credible.
That’s it for today. Time to enjoy some lunch on our back porch… See you next