Info: Why you should never click links in spam, no matter what.

I recently received a spam like so.

Dear [name]

On 2004-07-12 03:17:00.000 you purchased SystemSoap. As a SystemSoap user,
the improved SpySpotter 3.11 is available to you.
Did you know that when a PC is infected with spyware that every keystroke,
every website and every conversation could be recorded or monitored?
Try our newest version with improved features & updated spyware lists…
Scan your computer and find out now!
http://collegeclubpoker.com/upd200606.html

I decided to investigate that link -- very carefully, of course. If you just opened it up in a browser, you'd probably see a page of pharmaceuticals for sale and think "oh, that was just a lame lure to get me to buy some medecine." You'd be wrong, though: the medecine is just a ruse. The real sting is an invisible "IFRAME" on the page which links somewhere else entirely and attempts to exploit known vulnerabilities in various versions of Windows to install software on your computer!

Unless you're well up to date with all the latest security patches, just visiting a site like this can be enough to turn your computer into a spam-spewing zombie without you knowing it. In practice, you're substantially safer if you use anything but Windows while attached to the Internet -- not that this fact helps the majority who are stuck with it for one reason or another (my sympathies to you). Just bear in mind that any web site you visit could attempt a hostile invasion of your computer, and don't go visiting sites advertised by disreputable means (like spam) no matter what the cover story is.

Job Scam: ibs-inc.biz

This looks like the usual mule recruitment drive for money laundering work. I haven't been able to access the website to which the spam links due to DNS failures.

Dear Sirs!

We are USA-AU-UK company mainly working in financial field.

Now we are enlarging our presence in different countries and for this reason we are looking for representatives in Australia
We are stable and solid company. We are looking for drivers, managers, managers of transfers, office managers.
There are a few outstanding requirements for candidate - reliability, honesty, diligence.
If all this is about you and you are interested to invest your time we would be glad to get in touch with you.

To start the registration as Payment Manager(4000$ every month), please fill in our online application: http://au.ibs-inc.biz/ The career plans: LIFE prosperity, AUTO purchasing, HOUSE purchasing
In case you need more information please do not hesitate to contact us.


Malissa L. Jackson
H.R. Manager
Independent Business Solutions
E-mail: job_au@mail333.com

Job Scam: info-tolliscatalogue.com

This job offer arrived in two completely unrelated accounts, one of them being the contact address for this blog, so it's being spammed fairly far and wide. This alone proves that it's not a job offer so much as a lure for victims. They aren't specific about the job details, but given my usual experience I'd wager that it's money laundering again. If anyone has contacted them and received a reply, please email it to me or post it as a comment in this blog.

The domain "info-tolliscatalogue.com" was registered on 28-May-2006, by the way, so this further demonstrates the fly-by-night style of operation in question.

Subject: Re: Job
Date: Mon, 29 May 2006 20:18:56 +0500

Hey [name]


Are you energetic, honest and responsible?
Are you a student looking for extra income? Are you retired but sill willing to work?
Or maybe you are just looking for a way to make a few extra bucks?

Ask us! We have great job offer for you.


Please contact us to get more information.
Our e-mail: info@info-tolliscatalogue.com

--------+++++++---------++++++++
[random name]
Mon, 29 May 2006 20:18:56 +0500

Job Scam: mercuryindustries.com

The text of this spam has been placed in an image to prevent it being indexed when it inevitably winds up posted on the web somewhere. I'm not entirely sure what the exact details of this scam are, but it seems to involve eBay fraud, and that leaves open a number of possibilities. Other than that, it has all the usual marks of a job scam: the solicitation is spammed (meaning they want lots and lots of "disposable" employees), there are no qualifications required, the website is completely and utterly vague about what this "company" actually does, but they have "vacancies" prominently displayed.

The domain "mercuryindustries.com" has only been registered since 10-Mar-2006, and their DNS records are suspicious: the time-to-live on the address records is half an hour, and all the addresses point to end-user PCs on cable services or in universities. I'd wager long odds that these are all compromised computers, and that the owners have no idea they're serving up web pages for "Mercury Industries".

I don't plan to pursue this particular scam any further, but if anyone has correspondence with the scammers, please forward it to me and I'll post it here as additional information (after removing any identifying marks such as email addresses).

Job Scam: job@soft-for-business.com

Rather like another recent job scam, the cover story here is software sales. This time they have the recently-registered (15-May-2006) domain name "soft-for-business.com" to lend the story credibility. It's still a lie, though: real jobs aren't offered via spam. This is plain old illegal money laundering again.

Greetings,

Soft 4 Biz Inc., located in USA, is a developer and marketer
of innovative software technologies. We focus our business
on business and governmental needs.

Our company has a strong tradition of developing our employees
to learn, grow and excel. We are continually building our team
with perspective, team oriented individuals to enhance the success
of our company. We currently have the following opportunity:

Account Manager - part-time (10-15 hour per week)

We need 6 Managers in Australia and 3 Managers in New Zealand.

This position manages and coordinates company's sales activity
in their region, including all aspects of payments processing.
This role is also responsible for working with outsourcing vendors.

If you are interested in this vacancy please send messages to:
job@soft-for-business.com

For more information about Soft 4 Biz Inc. please visit our website:
http://www.soft-for-business.com/

Regards,
Soft 4 Business Team

Dating Scam: solaris12@HotPOP.com

Hey, a new category! Well, I don't get much in the way of offers from eager women -- not even insincere scam-letters like this. Katya, quoted below, is breathlessly eager to hear from me, but you can bet your right arm that she says it to all the boys -- and all the girls, for that matter, since she's spamming utterly indiscriminately. I'm not going to find true love this way, sadly.

The basic plot of a scam like this is just advance fee fraud. If I contact Katya and express an interest, she'll be terribly interested to come and meet me in person, but unable to afford it. Can you see where this is going? To up the ante, she'll send me an attractive photo of herself -- or at least a photo of an attractive female model. For all we know, "Katya" is actually a Nigerian male.

For what it's worth, this spam came from a customer of wanadoo.fr (France), although there's a good chance that the computer in question was a zombie under someone else's actual control.

Greetings [name]!.
at first I should tell you about my appear, so I got E-mail from one DATING AGENCY but really that was VERY STRANGE for me because I closed all my accounts at DATING SITES, because I don't like people who are interested just in non SERIOUS RELATIONS, I have much FRIENDS from that sites but really I did not find someone special for me....


But I got your E-mail address and thought "MAYBE THAT IS MY DESTINY" to find someone special?

Really there was written that you wish to know me.
So I don't know where you did get MY E-MAIL ADDRESS but I hope that is NOT JUST MISTAKE.
I hope to hear from you soon....
If you decide to answer me I promise to SEND YOU big LETTER and MY BEST PHOTOS !!! I'd like to learn more about you. PLEASE, WRITE ME some lines about your personality, your hobbies, your way of life. I'm really interested to know!
As for me, I'm an easy-going and open-hearted person. I take life as it comes and have optimistic views. It doesn't mean that nothing makes me sad, but I consider all the difficulties in my life to be useful for me.


I'm very communicative and like to spend time in a good company. I enjoy outdoors activities and sport. What about you? Do you go in for sports?
Hope to hear from you soon, please use solaris12@HotPOP.com to answer me ! I wit your letter with large impatience . Please do it for me .
Katya

Thu, 25 May 2006 19:24:28 -0100
communicant chablis

Job Scam: allianz.group@gawab.com

This job offer pretends to be from "Allianz Finance LLC", and targets Australians and New Zealanders. None of the domain names in the email addresses or links are actually associated with any known branch of Allianz Finance, of course, so this is clearly a scam (if the fact that it's spam wasn't proof enough on its own). It's probably just the usual money laundering job, but I haven't bothered trying to research any further details. The sending mail system was located in Spain, for what that information is worth.

Allianz Finance LLC is looking for a manager in Australia and New Zealand.

Position requirements:

• Basic knowledge of Microsoft Word and Microsoft Excel(optional);
• Home Computer with e-mail account to check your e-mail box at least twice a day;
• Adults only accepted (by the Law we can not hire underage people);
• Ability to work unsupervised;
• No criminal records.

bouffant bulkhead delimitation chaparral bath doesn't chafe bushwhack

We require energetic, reliable and honest person for this position. All CV’s and/or enquires about position available, conditions and duration to be sent to our corporate e-mail address: allianz.group@gawab.com. You can also fax it to us on one of the following numbers:

+61294755003 - all applications to be sent here (Australia branch)
+17077367643 - or here, United States of America (head office)

Please note that all e-mail enquiries will be processed faster. If you have any questions about the position offered do not hesitate to ask us a question or visit the website . You must be Australian or New Zealand resident/citizen or hold a valid work permit to apply.

bela anglo commend bound assiduity barony cia candlewick

curdle brickbat affluence bestir curious detach burbank buttonhole

---

Best regards,
Dwight Vaughan,
Allianz Finance LLC,
Staffing/Management Department

Asia/Pacific Financial Group,
FAX/TEL:+17077367643

michael.suttelman@gawab.com

cartesian argumentative bluegill attentive dearborn awesome bergamot allusive

Job Scam: support@rect.net

More of the usual money laundering jobs on offer. As usual, the problem with this job is that it involves receiving stolen money and forwarding it via an untraceable service. Your "employers" don't confess the bit about the money being stolen, however: it's bad for recruitment. In some cases the incoming money may not exist at all: some banks allow direct transfers which can bounce like a bad cheque later. That's going to hurt. Whatever the case, the simple rule is "don't send money via Western Union (or similar) to anyone you don't know personally".

It's not clear what connection (if any) rect.net has with this scam. The "MX" records for that domain have been invalidated, so it shouldn't be possible to reply to the given address at the moment anyhow.

Date: Sat, 25 Nov 2006 10:21:19 +0200
From: Joseph <Joseph@netcabo.pt>
Subject: stbank AG

Greetings!

Would you like to earn some extra money, working in a legal, 
fast-growing business?

Requirements for the representatives:

1. Honesty 
2. Responsibility 
3. Basic computer knowledge

How much time will it take you? Usually it takes 3-4 hours per week.
How much will you earn? First month we pay 300-400 USD per week.

Our company is engaged in a wide variety of financial services.

PSA works since 2003 and is the constant partner of American 
corporation Andersen Business Services, Inc. and several countries in 
Europe (UK, Spain etc.) and Asia.

We began with offshore registration and opening accounts in the USA, 
UK, ES, TR, the sphere of our services is constantly extending.

Now the basic directions of our work:

1. Registration of offshores and affiliate companies worldwide
2. Drawing up of financial reports, foreign companies auditing
3. Accreditation of representatives

During many years we are trying to help our clients with the 
organization of their business activity and we hope that after studying 
the information at our site you become one of them.

To learn more, please send the following information to our email: 

For immediate and confidential consideration, please e-mail your resume 
to support@rect.net .
Please don't forget to add the following important information about 
you (field marked with
asterix are not obligatory, other fields must be filled):

1. Your full name:
2. Your country:
3. Your full address:
4. Your mobile contact phone:
5. Your fixed/home contact phone:
6. Your work contact phone or fax (*):
7. Your contact email(s):
8. Are you ready to sign a contract with our company? (must be 'Yes'
9. Are you ready to accept money transfers to your bank account or 
credit card ? (must be 'Yes')

If you received this email by mistake and do not want to receive future 
notice from
us please send a message to this address: remove@rect.net
Pleaser report abuse to this address: abuse@rect.net

In case your question is not answered in the FAQ section (below), 
please contact our support department at: support@rect.net



Frequently Asked Questions:

Q1: What do you need me for? 
A: We are glad to inform you that our way of making the transactions 
using fast money transaction systems like Western Union or Money Gram 
helps us to avoid any taxation of our funds managers. Simply saying, all 
the taxes to your local authorities have been already paid before the 
funds are available on your bank account. Also you do not need to mark 
those profits in your tax bills. However, if you prefer to pay taxes by 
yourself, you can do it (ask our support for additional information). 
But please notice that payments marked as 'commercial' are smaller and 
they take more time and effort to be processed. That's why we always 
recommend to announce these transfers as personal, like to your friend or 
family member.

Q2: Why is it recommended to announce these payments as 'personal'?

A: If you prefer to pay the taxes by yourself, you can do it (ask our 
support for additional information). But please notice that payments 
marked as 'commercial' are smaller and they take more time and efforts to 
be processed. That's why we always recommend to announce these 
transfers as personal, like to your friend or family member.

Q3: Why do you need me? Why don't you perform the transfers by yourself 
and keep the commission?

Generally speaking about the job, we have established this scheme of 
payments because it is faster than direct bank wires. Our client will 
make a payment to your bank account. You will have to visit your bank and 
to cash out that money. After that, within 12 hours you will have to go 
to a Western Union or a Money Gram office and to give them the money in 
cash for making the fast money transaction. We will give you the 
receiver's information for every transaction.
Don't you think that taking money from your own bank account in cash or 
using Western Union transaction are illegal things?
Such transaction scheme helps us to make payments go faster and both 
you and we can make money faster too.
If we tried to perform it by ourselves, imagine how expensive it would 
be - hundreds of offices (tables, chairs, computers, phones, fax 
machines and other stuff). Our scheme helps us to minimize the costs and it 
allows us to pay high commission to our managers.

Q4: How many transfers a day/week/month shall I process?

A: It depends on the quantity of the orders. It may be from one 
transfer a week to several transfers a day. We shall notify you about the 
number of the transfers beforehand, as well as about the transfers sent to 
you.

Q5: What else can I do for your company?

A: Accurate work is enough.

Q6: Can I recommend you to my friends?

A: Yes, of course.

Q7: In what currency should I receive the money? In what currency 
should it be sent? Is it necessary to exchange the currency? 

A: You should send the money in the same currency that you have 
received. You don't need to exchange the currency. 

Q8: Who pays for sending the money? Isn't it too expensive to use 
WesternUnion or MoneyGram? Is it subtracted from my commission?

A: The costs for the money transfers are paid by our company. 
Absolutely nothing is subtracted from your commission; you get exactly the 
agreed sum . 


Q09: I want to get your company's contract with a seal and CEO's 
signature.

A: Sure, our support is ready to send it to you after your first 
request. 

Q10: Is it legal?

A: Yes, our business is absolutely legal. It is already our second year 
in the market. 

Q11: I don't have higher education in the financial sphere, is it 
important?

 A: No, you needn't have higher education. 

Q12: Do you work only in the USA?

A: No, we also work with Australia, UK, Europe . 

Q13: Please give me an example of the job process
A:

1. A Customer from your country finds a Company in London, UK (for 
example) and wants to buy smth.
2. The Company asks us for a manager in your country and we find you.
3. We give the Customer your bank details to send you the payment.
4. The Customer sends the payment to you and notifies us.
5. We inform the Company that the payment is made.
6. The Company gives us the name and surname of its representative who 
must receive the money. For example: Name Surname in London, GB.
7. We send you an email like this: A money transfer has been sent to 
you. Its amount is XXXX USD. You should send it to Name Surname in 
London, UK.
8. You cash out the money and send it to Name Surname in London, UK.
9. You send the transfer receipt to us.
10. We give the receipt to the Company and they receive the money.

Q14: I would like to have more information about your company

A:PSA was founded in September of 2004 by a student of the faculty of 
Economics of Oxford. Though the majority of his friends had rich 
parents, he couldn't boast of it. That's why during his free time he was 
thinking of how to earn money. 
He noticed that many of his friends, when buying expensive clothes or 
equipment, overpaid for them a lot. From the other side, these were 
people who didn't want to walk through the shops, study the prices and 
choose the most profitable offers. The idea became reality, and the student 
opened a small internet-company named PSA as well as today. 
From the moment of the foundation the company has grown considerably, 
the staff increased the list of the offered services and different 
countries became longer. But the primary idea remained the same: to help 
people to get high-quality goods from all over the world for an acceptable 
price and with an excellent service.

Q15: Do you have any certificate or license?
A: Yes, we have all required documents and we are ready to provide it 
to you
when you fill the first form.

Info: Barcelo Travel Inc. Job Scam

I've reported two previous instances (1, 2) of job scam spam claiming to be from a "Barcelo Travel Inc." Further evidence has come to light which supports the theory that this is a money laundering job scam: a copy of details sent to a correspondent who made enquiries into the job.

Dear sir\madam,
Thanks for your e-mail.
Let me introduce myself! I`m Dominico Barcelo, direcetor Barcelo Travel Inc.
Barcelo Travel Inc. is a Company with a prestigious heritage with a combination of Anglo-Saxon efficiency and old European style.
Founded in 2003 and based in Milan, Italy, Barcelo Travel Inc. is a Receptive Tour Operator and Destination Management Company specializing in Incentive, Custom, Professional and Leisure Travel Programs. We create tailor-made itineraries to suit your requirements and budget. Now we have more than 50+ branches in the world.
We maintain excellent contacts with our suppliers and educate them about our clients' tastes and needs, thereby enabling us to guarantee high quality service.
As well as providing individually programmed trips for families, groups of friends, incentive groups and major university study tours, our business consists also of all the necessary ground tour arrangements, such as hotel accommodation, conference facilities, restaurants, deluxe motorcoaches and first class limousine services.
About your work in our company.
In this moment we have not office in [country] and also we have not bank accounts in your country, and now we can not receive money from our clients. But now we have a lot of clients from [country] and we offer you help in our bussines and earn good money with us.
Essence of your work it acceptance and processing of the payments(bank transfer, Money Orders, Western Union, Checks and etc) and other from our clients. Work will borrow some hours per day, earnings some thousand per month.
You will be earn 8% of each tranfers after received this one, and after two test week your salary will be 500 USD per week plus commission(8% of each transfer).
In the beginning of your work(1-2 weeks) your earnings ~ 1000-2000 USD per week.
Please note, that I have sent you contract with this e-mail. Please download this attachment, read and sign it, if you want work with us.
After reception of the contract signed by you, you become the employee of our company.
You can send your contract to this e-mail or to our fax in Italy: +390295441457.
IF YOU SEND CONTRACT BY FAX INFORM US BY E-MAIL ABOUT IT.
Please look plan of your work in our company:
1. Our client will make transfer money to your bank account(prefer method)
2. Our manager will send you all information about transfer by e-mail and will call you and inform about it.
2. You would go in bank with your passport and receive this payment(get cash).
3. After bank you should will go in Western Union(WU) branch and send money to our office or one of it branches in the world.
4. When you complete WU transfer, you would send all details about transfer by e-mail.
5. Your commission and charges WU you would deduct from total amount of transfer.
You would check your e-mail every day, some time per day. And Also you would always will be able by your phones.
If you will carry out all these rules you easily can earn more than 1000 USD per week.
Please ask any questions if you have.
Looking forward to hearing from you soon!
Best Regards,
Dominico Barcelo

The portion of the above text marked in italics is plagiarised directly from Italian Travel Team. When someone is setting up a fake company like this, it's common to base the fake operation on a real operation. Italian Travel Team has the dubious honour of being imitated in this case.

Speaking of plagiarism, Italian Travel Team isn't being entirely original in their description of their company. It so happens that a bunch of "Destination Management Companies" seem to have wound up using exactly the same phrases in key parts of their respective websites. Consider the following section of text.

Founded in [year] and based in [place], [company] is a Receptive Tour Operator and Destination Management Company specializing in Incentive, Ad-Hoc, Professional and Leisure Travel Programs.

The originator of this description appears to be AgenTours, but somewhere along the line the Italian Travel Team decided to appropriate it. It's not clear whether they copied AgenTours directly, or Taste of Belgium, who have plagiarised the AgenTours "about us" page pretty much in its entirety. Here's a hint, guys: if you plagiarise, you wind up looking like the job-scam fraudsters who do the same thing.

Back on the subject of the job scam, the sections of the letter that I've put in bold text are the key warning signs that the job is a money laundering scam. The transfer of money into the "employee" account can be traced, but the Western Union transfer can be done in such a way that the recipient can pick it up anywhere in the world without disclosing his identity.

I'd post the "employment contract" here as well, but it's really not all that interesting. It's a poor imitation of a real contract, included mostly to lend the arrangement an air of legitimacy. If you showed it to a lawyer, they'd tell you that it's a piece of rubbish pretending to be a contract.

Job Scam: evgenzagoruiko@aim.com

The cover story changes daily, but the scam remains the same: money laundering. The cover story in this case is that software is being sold. In actual practice, they siphon money out of compromised Internet banking accounts, transfer it to the "employee" with a cock-and-bull story about it being a payment, then get the employee to forward the loot through an untraceable service like Western Union. The police then have words with the "employee" in relation to all this illegal money laundering.

Sir/Madam,
My name is Evgen Zagoruiko, Director of SoftClub LTD. We are a growing company in Ukraine. Our business nature is the creation of financial and industrial software and sell them to interested customers. We have 1 branch and several showrooms in Kiev, Ukraine.

We have proved professional skills to our local customers and work on international markets already, I mean Europe and the USA. Unfortunately we have faced some difficulties while receiving payment for our software in the Australia as we do not have Australian bank account to accept wire transfers and can't accept cashiers checks and money orders as well.

At this time we are unable to open our own bank account in the Australia.

If you are looking to make additional profit we will accept you as our representative in your country. You will keep 8% of each deal we conduct. We plan to forward our merchandise in exchange of wire transfers and check payments. Your part is very important: accept funds and forward it to us. It is not a full time work but a very convenient and fast additional income. Being our agent may grow into future branch opening in your area if you are interested and the business will be on up and up.

Please respond ASAP and you will get additional details on how you can become our representative. Joining us and starting business today will cost you nothing, just some extra income for you.

Sincerely,
Evgen Zagoruiko, evgenzagoruiko@aim.com
Plese reply to: evgenzagoruiko@aim.com
Director of SoftClub LTD. Marketing Dept

Job Scam: swiss-invest.cn

This job scam is a run-of-the-mill money laundering position, but it's trying to fly below the search-engine radar by using an image instead of text. Many of the stock spams are doing this to dodge spam filters and make it less obvious that the process involves carpet-bombing the message all over the Internet, since the search engines don't see it.

To aid and assist the search engines and their users, I note that this particular job scam claims to be from "Swiss Invest Ltd" (a fabrication) with a contact name of "Luisa Vangelder" (another fabrication). The email subject was "Swiss invest ltd offers you a prestigious job/vacancy! [Sat, 20 May 2006 09:49:25 -0800]", and the job is the typical "Financial Manager" position with no qualifications required other than a bank account and a willingness to send money overseas to complete strangers via Western Union. As usual, they don't mention the likely police interest in the activity.

The entire image was linked to the URL http://swiss-invest.cn/html/index.php?sect_id=6

Job Scam: Unidentified

No pretense at being any particular company here: just an offer to keep 10% of every "payment" made through you. Money laundering, anyone?

From: kent2 <kent.anderson2000@laposte.net>
Date: 21-May-2006 18:45
Subject: Employment Mail!!!!!


From The Desk of
Kent Anderson PhD
L. G. A. Paper Machinery
103 Borough Road
London SE1 0AA


Dear Sir/Madam,

We will be very glad if you can be our representative in your country and earn 10% of every payment made through you for our Company.

For more information, contact us through email.

Kind Regards,
Kent Anderson(CEO)
Thanks in advance

___________________________________________________________________________
Mail sent from WebMail service at PHP-Nuke Powered Site

Job Scam: Various

This particular spam is odd in that it's a concatenation of several similar enticements to contact. Note that all the contact addresses are at yahoo.com. The nature of the jobs on offer isn't specified, but you can be sure that any job offer arriving via spam involves being an aide to a criminal.

Dear Jobseeker,

   GreatEmployment LLC a respectable European software company is seeking for employees in the
USA and Canada. Multiple positions avalaible.
 If you are still interested in finding a secure job,  please, respond to davemil2006@yahoo.com
and we will be happy to give you more details.

With due respect,
David Miller, Assistant Manager of GreatEmployment LLC.

*******************

Dear Jobseeker,

    We am emailing you because you posted your information on a job search engine. In this regard
let us offer  you a position in JobPilot, Inc. If you are still interested in finding a secure and
interesting job, please, respond to this e-mail bradyflo@yahoo.com and we will be happy to provide
you with more details.

Sincerely yours,
Brad Florey, Assistant Manager of JobPilot, Inc.

*******************

Dear Jobseeker,

    Snoop4Jobs, Inc offers you to start a career in a genuine, legitimate, practical, ethical and
profitable online business.
    You can almost instantly start working with us and make profits with minimum fuss and  effort
on your side. If you are interested email  our Support (robhough206@yahoo.com) to  know  how to get
started.

Sincerely yours,
Robert Hough, Assistant Manager of Snoop4Jobs, Inc

********************

Dear Jobseeker,

    Profistar Employment Agency, Inc a recruiting agency for online jobs has to offer a wide range
of positions in the  Internet.  Multiple jobs and options. From entry level to highly skilled.  For
all questions and comments please refer to our agents by the contacts below:


Sincerely yours,
James Doughty(jamesdousd@yahoo.com), Assistant Manager of Profistar Employment Agency, Inc

********************

Dear Jobseeker,


   BizOne Employment Agency, Inc a leader in downloadable  Internet sales offers You an original
personalized affiliate program. In the position  of Affiliate Reseller You  will be entitled to a
GUARANTEED commission on gross sales of our  products  and  services via  Your affiliate website.
Minimum knoledge and effort from your side. Provided with our exhaustive instructions and support
You will have a clear idea on how it works. ANY upfront payments are excluded.
   If you are interested email  our Support (robbyfletsh@yahoo.com) to  know  how to get
started.


Sincerely yours,
Robert Fletcher, Assistant Manager of BizOne Employment Agency, Inc

Job Scam: finstars.com

This is a modestly fancy job scam, but it has all the hallmarks of a money laundering scam for those who care to look. It arrived by spam and offers a large cut for shifting money around -- that should be enough. But this one does go the extra mile and provides a sleek-looking (but poorly written) website to represent the fake "escrow" company for which you are invited to work.

Finstars.com was registered through PublicDomainRegistry.com on 04-Apr-2006 for one year. Here are the registration details.

Registrant:
    n/a
    Joshua        (support@finstars.com)
    n/a
    n/a
    n/a
    n/a
    ,000000
    US
    Tel. +999.999999999

It's clear how much effort the registrar is putting into the verification of these details. Anyhow, the text of the spam follows, for reference.

From: Steven <Steven@nethomebiz.net>
Date: 19-May-2006 22:40
Subject: There are a lot of opportunities in our company


International escrow company provides a unique opportunity for a part-time or full-time job.
This is not a marketing, no initial expenses!
Don't miss your chance to make some extra income!!!

Have you ever dreamed about working part-time and earning much money?

Now your dream can become true with us as soon as you register as an escrow agent in our company.
On average you will be making 1500 USD a week.
If you want to make your escrow agent career with us, you need to register on our home page. Your main task will be accepting money payments from clients on your credit card or personal bank accounts and routing them to other bank account of the escrow process according to our instructions.
You will benefit from the commissions, which are 3-10% of every transaction and depend on the quantity of completed transactions and the speed of your work.

If you want constant earnings, growing career and confidence tomorrow, If you are energetic, and alert person, we will be able to cooperate successfully and give you all possibilities for the career growth.

Finstars.com

Job Scam: barceloinc@aol.com

Here's another "financial manager" position, targeting Spaniards for a change. Anything that says "financial manager" and arrives by spam is a money laundering job. Seriously, you'd have to be nuts to hire a real financial manger this way, wouldn't you?

Dear friends, please look our job offer.

If you are live in Spain, our offer for you.
We are travel company, and we looking for peoples from Italy reach success in our
bussines.

Your can earn about 2000 EUR per week after first month.
The post of financial manager has 3000 EUR per week salary.
Please send your CV to our mail: barceloinc@aol.com
regards,
Dominico Barcelo

Job Scam: Starline Cruise

I've mentioned the starlinecruise.com job scam before, but I've been prompted to uncover more information, since the scam is (sadly) still very much alive and well. There used to be a Canadian corporation called "Starline Cruises Ltd.". It was incorporated in 1986, listed as active in 1990, listed as "Dissolution in Progress" in 1993, and listed as dissolved in 1999. The fraudsters behind "starlinecruise.com" appear to have hijacked this corporate identity, and pretend that they are still operating the company -- out of Malaysia. As the 419 scam is to Nigeria, so it appears the Cruise Line Scam is to Malaysia: there are more fake cruise line jobs on offer in Malaysia than you can shake a stick at.

The scam goes something like this. The fake cruise line company (Starline Cruise in this particular case, but new identities will be invented as the old ones are exposed) sends job ads by spam and also by listing on otherwise legitimate job sites. The offer is great -- well paid work on a luxury cruise ship, no qualifications required. Every applicant is "short listed", but there are up-front costs to cover. Paperwork, you know -- and lots of it. This is why they call it "advance fee fraud". The job applicant is asked to transfer money (or send it via Western Union) to demonstrate his sincerity and cover the supposed costs of the training, and so on. Oh yes -- and would you mind sending your passport details, too?

In the end, there is no job, only fees, and your passport details will probably be used for identity fraud to boot. It's a vicious, cold-hearted, cynical scam, run by rip-off merchants who are blissfully devoid of the ravages of conscience. To further acquaint yourself with the flavour of this scam, compare the tale of woe about Vigo Cruises to the Starline Cruise "appointment letter" on this page. Note the similarities: cruise lines, Malaysia, easy job offer, up-front fees for weird bureaucratic paperwork, direct transfer to a Malaysian bank or via Western Union.

Don't be a sucker, folks! These people will take your money and waste your time, leaving you out of pocket and with a bitter taste in your mouth.

Job Scam: barcelotravel@aol.com

Someone pretending to be from "Barcelo Travel Inc" is spamming out fraudulent job offers, targeting Australians. They aren't providing any details, but this usually means a money laundering job.

Our company Barcelo Travel Inc. have a great job offer for peoples from Australia.
Your salary per week can start from 1000 USD in first week. After one month you will have about 2500 per week.


For more info please to our e-mail barcelotravel@aol.com
Regards,
Claudia Tatum
Sun, 14 May 2006 10:45:13 -0800

Job Scam: Education Partner

This particular spam doesn't contain a lot of detail, but it has all the usual hallmarks of a money laundering scam. My guess is that the job involves receiving money in the USA and forwarding it to Russia by Western Union.

   Hello.
   This email brings to your attention job offer, which might be interesting to you.

 "Education Partner" is russian-based organisation, which provides postgraduate
education for american students/adults in leading russian universities and academies.
Now we are searching for reliable, honest and flexible individual residented in
United States. High salary (up to 2000 USD/month), part-time employment, flexible
timetable, contract and more benefits are offered. 

   Requirements
   Male/female of 27 years old and more
   Resident of United States (at least for the last 2 years)
   2-3 hours free time within the work day
   
   For further informations and inquiries about the job offering, please send your
contact details to vacancy@job-directions.com

   -Your full name
   -Your contact email
   -Your phone number and best time to reach you

   Thank you for paying attention.                            
      
Job Directions Inc., Copyright 2006.                

Joe Job: bluesecurity.com and carmelventures.com

Not every spam that's sent is designed to sell something or defraud you. Another insidious form of spam is the "Joe Job", in which a disgruntled third party impersonates someone with the intention of generating backlash against that party. I've been on the receiving end of this myself.

At the moment, a company called "Blue Security" is on the receiving end of a lot of flak from an irate spammer, and the spammer is using all the sleazy tactics common to spammers -- including "Joe Jobs" -- to wreak his revenge. I found an instance of this "Joe Job" spam in my junk folder today. There's absolutely no evidence that it originates from Blue Security, and plenty of circumstantial evidence that it is the work of the spammer called "PharmaMaster" who is currently harassing them.

How do you identify a Joe Job like this? The most telling sign is the abundance of contact information. Spamming is old hat by now, and spammers have known for ten years or more that providing accurate contact information is a sure way to get bombarded with complaints. In this case, that's the intention: PharmaMaster wants Blue Secutiry to get bombarded with those complaints, and preferably for their service providers to throw them off due to complaints.

Also note that although the message has a fairly straight-laced "press release" kind of feel to it, it advertises the use of a "botnet" to simulate "DDoS" attacks. One of the allegations PharmaMaster has been spreading is that Blue Security is using their "Blue Frog" download to create a "botnet". It's true that downloading and executing software like "Blue Frog" is a very trusting action (and I want to make it clear that I don't endorse or recommend "Blue Frog"), and Blue Security could in theory use Blue Frog downloads to create a "botnet", but the suggestion that they are doing so is rather incredible because it would be like committing a crime in broad daylight on a busy street. Thus, I conclude that this is PharmaMaster manufacturing evidence to bolster his self-serving and outlandish claims.

This particular spam was received from a host inside the netrange 24.80.0.0/13 (controlled by Shaw Communications, Canada) -- probably a compromised PC, and thus probably part of a botnet controlled by PharmaMaster himself. It was sent to a legacy address that's been on spammer lists for years. The text of the Joe Job follows.

Skybox Security Solutions

Simulated DDoS Network Attacks and Network Intrusions

Customer Challenge:
Large corporations often hire consultants to conduct quarterly penetration (DDoS)
testing on specific segments of their corporate network. This testing can cost over
hundreds of thousands of dollars, and also exposes the network to many potential
disruptions. These disruptions are the result of the intense DDoS attacks testers
can impose on live networks in order to isolate vulnerabilities and weaknesses.
Since the network is constantly changing, and DDoS attacks are rarely dispersed
from a centralized location, the penetration test results often become nullified and
end up being limited to a small portion of the total network.

The Skybox Solution:
Skybox Security performs accurate and non-intrusive DDoS attacks across a larger
portion of the corporate network. The tests are modeled and analyzed through an
automated process via our large botnet network rather than manually performed on a
live network. As a result, the tests are repeated rigorously on a scheduled basis
without any fear of network disruption. Through DDoS attack and access simulation,
vulnerability exposures as well as security control weaknesses are revealed instantly.
DDoS attack simulation discovers all possible attack scenarios and reveals the step
by step process that an attacker or worm may follow. It illustrates specific vulnerabilities
to be exploited and network access traversed for each exploitable path. Access simulation
calculates network access privileges determined by firewall and routing configuration.
Our botnet helps characterize the interconnectivity between any two given points, reporting
not just whether access is possible, but also the detailed path to reach a final destination.
Based on these combined results, security personnel are able to determine what additional
DDoS attacks are necessary and where to deploy our organizations penetration testers.

Awards:
Info Security - Info Security Hot Companies 2006
The Wall Street Journal - One of the most innovative companies in 2005
Information Security Magazine - Product of the year
Network Magazine - Most Visionary Security Product
Network Magazine - Best of the Best in all categories
Secure Enterprise Magazine - Editor's Choice
Gartner - " Cool Vendor " in the security & privacy space
SC Magazine Awards 2006 Winner - The Best Security Solution for Financial Services
IM2005 Award finalist - Information Security and Product of the Year

Company Profile:
Eran Reshef
Founder, Chairman & CEO of Blue Security ( www.bluesecurity.com )

A serial entrepreneur, Eran is currently the founder, chairman & CEO of Blue Security,
the do-not-disturb registry pioneer. Prior to Blue, Eran co-founded Skybox Security and
served as its Chairman. Prior to Skybox Eran founded and managed Sanctum (acquired
by WatchFire), the leader in web application security. Eran holds a variety of security-
related patents that are based on his inventions.

Rina Shainski
General Partner at Carmel Ventures ( www.carmelventures.com )

Following a successful career leading business development and R&D operations in
high-growth software companies, Rina has been investing in software companies ever since.
Before joining Carmel she served as the VP Business Development at Clal Industries and
Investments where she was responsible for software investments. From 1989 to 1996, Rina
held several managerial positions in Tecnomatix including VP Business Development and
R&D Director. Rina serves on the boards of Followap Communications, Skybox Security,
mFormation and Silicon Design Systems. Rina holds a B.Sc. degree in Physics from Tel
Aviv University and a Master of Science degree in Computer Science from Weizmann Institute.

Contact Information:
2077 Gateway Place, Suite 550
San Jose, California 95110 USA
Phone: 866-6SKYBOX
Phone: 408 441 8060
Fax: 408 441 8068

Regional Offices (Israel)
60 Medinat Hayehudim St.
P.O.Box 4109
Herzliya Pituach 46140 Israel
Phone: +972-9-9545922
Fax: +972-9-9545933

Info: Corporate Flight Attendant Job Scams

Matt Keegan writes to inform me of a job scam he's seen, somewhat like the cruise ship job scams I've documented here previously, only this time offering jobs as corporate jet flight attendants. This is a case of advance fee fraud: the "employer" wants to offer you the job, but you first have to send them money so they can purchase an airline ticket for you to go to a job interview. If you pay up, you'll find there is no ticket waiting for you in the arranged place. Your money is gone, and that's the end of that. At the moment, this scam seems to be limited to one particular scumbag operating in the USA, but he's been at it for a year or more.

Be warned that job scams like this aren't limited to distribution via spam. Sometimes, as in this case, the scammers will use legitimate job marketplace facilities to post their job offer. If you want to avoid being ripped off, treat any "job offer" that requires any sort of money up front with extreme suspicion. Seek solid proof that such a job offer is genuine and legitimate before sending anything -- not just an absence of "red flags", but positive assurance that the company exists, is legitimate, and is represented by the person with whom you have made contact. Be doubly paranoid if the outgoing payment is to be made via Western Union, as such payments can be impossible to trace.

Job Scam: world-and-countries.com

This looks like the usual money laundering scam. Who knows -- there may be some new twists on it, but I suspect applicants will find it involves receiving direct transfers into their account, then sending it overseas via Western Union -- also known as money laundering. It's not a job offer, it's an invitation to get your collar felt by the police.

Dear reader,
World & Countries is a Registered USA traveling service company. W&C
offers a very wide range of trips varying in distance, price and
duration. We provide vacation packages for different interests and
budgets. W&C now is actively seeking a Key Account Managers for
part-time position (10-12 hours per week) in Australia.
The position provides support for hot-tours sales department.
Increases the time company's clients can spend on their payment
activities by providing administrative support.
Key Account Manager performs a variety of financial functions
including the checking on the transactions status, trustee to trustee
transfers, opens new accounts with a minimum of errors; communicates
with Sales Team, sends out information as requested.
No special education and experience are required. College degree
preferred. Experience in a financial sphere or bank operations also
preferred. Good English written and verbal communication skills. Basic
computer skills including Word, Excel, and Internet are required.
Please notice that along with your basic fee for each customer after 2
month of employment our managers are provided with travel booking to
exotic countries for 30% of its' real price. Don't miss your chance to
travel during this summer. Contact job@world-and-countries.com

--
Sincere regards,
job@world-and-countries.com
W&C Management

Job Scam: XEX ltd

This particular job scam was mailed to an "edu.au" address, and made it past all the spam filters (including Gmail's, since it gets forwarded to a Gmail account, ultimately). Other than that, it's nothing particularly noteworthy: just the usual case of a "financial" job which actually involves illegal money laundering for phishing gangs. The "employee" gets to forward money overseas via Western Union until the police show up and ask "what are you doing with all this stolen money?"

I represent a company seeking for part-time
financial contractors. I will describe the offer in a few words below:


Our company XEX ltd is a trading - financial company is
seeking for employees to work with financial correspondence.


Requirements:
- basic knowledge of computer (email),
- free time (approx 1 hour per day),
- good communication skills

Benefits:
No Selling
Work Full Time or Part Time
This is NOT a Distributorship
There is NO 'Kit' to Buy
There are NO Envelopes to Stuff
We DO NOT Charge You a Dime 


To be our representative on the full-time/part-time basisis required:

- bank account to withdraw/receive funds (You can open new account or use your own personal account)


We are an international trading company. Our main office is located in
Russia.

The policy of our business is similar to a multi-level telemarketing
company, except for our correspondence managers do not sell anything,
they are in charge of delivering the financial communication from our
customers to our company main office.


Money turnover of our company already reached the certain heights and
we are in search of regional managers, who are willing to manage our
customers database.

Salary schedule is contract-based, our employee will receive payments
based on their work load. Usually it is about AU $5000 per month, tax
applied. This is a part-time job, our contract worker needs to prove
his ability to manage money transfers in order to qualify for higher
rates and full-time job status.



Our regional employees have good perspectives of increasing their
work-load and salary, depending on their efforts.

We need two representatives, so please respond fast if you would like
to start immediately. In this case, please email for more details. 
We will email or fax you back an application form.



Sincerely,
Please reply only to this mail!!. : xex-ltd@mail.ru
Team manager 
Donny Kyle
XEX ltd