Got an email this morning, ostensibly from my RSP, telling me to send my username and password to them so they can tell me the state of my webmail mailbox.

1. The email came from an address that shows no relation to the RSP's address. The timestamp suggests it came from the Americas!

2. The address to reply to is in the .ru domain (Russia).

The right person in the wrong state of mind would click on it.

Among other things, I run the company IT. I've lost count of the amount of times I've had a paniced phone call about a "notification from the server" saying they were going to lose access to their e-mail and "is it legit?".

All it takes is that one uncertain person to click through and they've won.

You and I know what to look for, but honestly anything "computer related" is black magic to *most* people, so to the perpetrators it's like shooting fish in a barrel.

We've had a massive spike in phishing e-mails in the last 3 days, so someone new has obviously obtained a list and off they go.

They only need one "winner" to make it worthwhile, and I guarantee they get more than one.

I cannot recall ever buying 'NORTON' products.... but this...

(3) Last NOTICE - We are not Responsible if you do not Renew Your Subscription!


We are sure you will appreciate our protection against dangerous viruses, hackers and cybercriminals.

Unfortunately, our protection has expired and we have noticed unusual activity on your device, we recommend that you renew your subscription as soon as possible.
As a result, you will no longer receive automatic updates that protect you from the latest threats, including viruses, spyware, hackers, and identity thieves.

If you renew your subscription within 48 hours, you will receive a 60% DISCOUNT

So renew your subscription now and let us protect you again.



I've only copied the body of text... just in case.

From ;- telstra-commxunications@news.telstra.com ....... "Yeah, R-i-i-i-i-i-i-ght"[bighmmm] (extra letter inserted)

Oh, a previous email warned me "YOUR device hacked..." and last week's offering was.. " Message 4: Your license expired today; there are (395) viruses on your device"

Oddly, .... AVAST can't find any of them ! [bigsad][biggrin]

... STIL. getting the odd. Norton spam. And now McAfee. Alll offering discounts and promises of a..... Safe & Effective future. [bigwhistle]

How many different ways of "spelling" MacAfee ( never used them ) do you think thee are? Oh, and apparently Netflix has become all sentimental, as they're suddenly sorry to see me go after five years. As Brad said, some people out of the millions who get these, will click.... All it takes.

Even I nearly fell for this one. (https://www.aulro.com/afvb/general-chat/293880-voice-grave-2.html) If Neil wasn't dead I might have, except he used a different email, but who checks on family? Well, I do now.

A few years ago I received a letter (not e-mail) with lots of official looking stamps and logos from a solicitor firm in Spain informing me that I've been left 6.2 000 000 dollars.
All I had to do was send them . I think it was, $ 120.00 to process my claim. Having just sold a 20 year old car to the wreckers for $150.00 I didn't really need the money and
promptly forgot about it.
.W.

I cannot recall ever buying 'NORTON' products.... but this...

(3) Last NOTICE - We are not Responsible if you do not Renew Your Subscription!


We are sure you will appreciate our protection against dangerous viruses, hackers and cybercriminals.

Unfortunately, our protection has expired and we have noticed unusual activity on your device, we recommend that you renew your subscription as soon as possible.
As a result, you will no longer receive automatic updates that protect you from the latest threats, including viruses, spyware, hackers, and identity thieves.

If you renew your subscription within 48 hours, you will receive a 60% DISCOUNT

So renew your subscription now and let us protect you again.



I've only copied the body of text... just in case.

From ;- telstra-commxunications@news.telstra.com ....... "Yeah, R-i-i-i-i-i-i-ght" (extra letter inserted)

Oh, a previous email warned me "YOUR device hacked..." and last week's offering was.. " Message 4: Your license expired today; there are (395) viruses on your device"

Oddly, .... AVAST can't find any of them !


How the Fast Captcha scam worksScammers create a fake website that resembles a legitimate one, or they may use pop-up ads, phishing emails, Adware, or PUPs to redirect the user to the fake website. Once on the fake website, the user is prompted to complete a human verification process in order to access content or a feature.The verification take the form of a question “CLICK «ALLOW» TO CONFIRM THAT YOU ARE NOT A ROBOT!”, or other similar process. As part of the human verification process, the user is asked to allow push notifications from the website. This is the ultimate goal of the scammer, as it will allow them to display malicious content directly on the user’s device.Once the user has allowed push notifications, the scammers can use them to display ads, phishing attempts, or other malicious content directly on the user’s device. The scammers may also collect personal information from the user, such as passwords, credit card numbers, or other sensitive information, which can be used for illegal purposes.Push notifications can take on various forms, depending on the intentions of the scammers. Some common forms of push notifications include:

Pop-up ads: Scammers may use push notifications to display pop-up ads directly on the user’s device. These ads can be disruptive and lead to unwanted data charges or decreased battery life.
Phishing attempts: Scammers may use push notifications to attempt to trick the user into clicking on a link or entering sensitive information, such as passwords or credit card numbers.
Malicious content: Scammers may use push notifications to display content that is harmful or offensive, such as adult content or violent images.
False updates: Scammers may use push notifications to trick the user into downloading malicious software or visiting a fake website by claiming that the user needs to update their software or perform some other action.

Here are some examples of the push notifications:

[B]https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.1&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ_etP_RSe0o8HuLwNF85rdgp28UWq8mLQ24DMy MyzlCjBkxP1mfjgArH4BjlUQ6lLkWR7kKQg5fP1JcWCiVPJRkm LH_EaKrKD2W8Dkcan29xY26fW9Rr5X6Rpg&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)
[B]https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.2&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ8fJ0TJcge1Aa4mnEl2cdjjLZwpmpTsb998BLN iC47buy8Z2cs7GhXEYHzRXhC_UnhTUX08Era83453HnIYkjTe7 2WXeIsgBEmo4aPNIuzDzB1vKH-99JojwGU&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)
[B]https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.3&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ-kpoMtGmWF0qe_m_h8kMkRK6aPQMvKsn65FroLGqqFxVNyTmTeE cfdFuWH1PwM5hur9vJTpl6EYCwtCkV8GWUr96Lzwgz3mQ6Ibkc Nm_o-4QUX9UyC1UrlyVU&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)


https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.4&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ8x2gHm9f0vP_W5__8bya49IA_mJiH_ejXHGEi wMS8V0Z-GykAeNTVgwd5r8mUwmyM_sxu0Mcon69BcL9G9WrLpgtAkqspi7 VpkG4ChijyzWyHMcQ2haJfigSY&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)
https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.5&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ8cLRlttwRqTS5_C1rn3X2TRoROanzxj35cxgZ yUznGxDI_SDevVwo3rY677rDNnFd01tDv6e1v7m-XR3BNuX_n7Kv6LmkNUjJRYgs4CGwwuIQSVOcq0zarT44&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)
https://mail.google.com/mail/u/0?ui=2&ik=d5ef80187f&attid=0.6&permmsgid=msg-f:1759304114392059979&th=186a4dc55638d04b&view=fimg&fur=ip&sz=s0-l75-ft&attbid=ANGjdJ86VJb1nzBZP64ba--IBH8m45ILq6ef6oeSqPhr74H9OM_MrpjGl009QKtAjKl8WgMLW SSTH02kaMImv3Z1k0N2kC4Lz4TtXEjQi8TFFeBsczY2_Sv-u0yZOME&disp=emb (https://www.myantispyware.com/2023/02/26/fast-captcha-virus-removal-guide/)
Fast Captcha can change its content based on the user’s IP address. This is done using IP geolocation technology, which can determine the geographic location of the user based on their IP address. Scammers can use this information to customize the content of their captcha scam page, making it appear more relevant or trustworthy to the user.
For example, if a user is located in a particular country, the scammers may present a fake human verification page in the local language or currency, or they may use images or logos that are familiar to users in that region. The goal of customizing the content based on the user’s IP address is to increase the chances of the user falling for the scam and allowing push notifications.If the user does not allow push notifications when visiting Fast Captcha, the scammers are able to redirect the user to other malicious URLs. The goal of the scammer is to trick the user into providing personal information, downloading malware, or visiting fake websites that are designed to steal sensitive information or spread malware.

The funniest one I received many years ago was purportedly from Westpac asking me to login to a (fake) website. It was using Commonwealth Bank logos. I was with NAB.

I cannot recall ever buying 'NORTON' products.... but this...

(3) Last NOTICE - We are not Responsible if you do not Renew Your Subscription!


We are sure you will appreciate our protection against dangerous viruses, hackers and cybercriminals.

Unfortunately, our protection has expired and we have noticed unusual activity on your device, we recommend that you renew your subscription as soon as possible.
As a result, you will no longer receive automatic updates that protect you from the latest threats, including viruses, spyware, hackers, and identity thieves.

If you renew your subscription within 48 hours, you will receive a 60% DISCOUNT

So renew your subscription now and let us protect you again.



I've only copied the body of text... just in case.

From ;- telstra-commxunications@news.telstra.com ....... "Yeah, R-i-i-i-i-i-i-ght"[bighmmm] (extra letter inserted)

Oh, a previous email warned me "YOUR device hacked..." and last week's offering was.. " Message 4: Your license expired today; there are (395) viruses on your device"

Oddly, .... AVAST can't find any of them ! [bigsad][biggrin]

I have been receiving renewal notices from booth McAfee & Norton spelt Nrton three times a day for the last couple of months. I had been ignoring them, I had a IT guy here helping me set up mu new Laptop when I received them & I asked him about them & he verified they were SCAMS. I have since blocked them, but I am still getting the messages, guess from different sauce. [bighmmm] I will keep blocking until they get sick of trying.

I will keep blocking until they get sick of trying.

That's the thing about algorithms; they never do.

Algorithms??

I was waiting for a parcel to arrive at a van park,, tracking said should arrive today, ( silly me..) I get an text from "Australia post" saying undeliverable, please ring XXXXXXXXXX to arrange a pickup time.

not the day before,, not the day after, not when I WASNT expecting a delivery..

algorithms huh..............

I am still getting the messages, guess from different sauce. [bighmmm]

Tomato, BBQ, or HP?

Tomato, BBQ, or HP?

In context, I would suspect Vindaloo.

I have been receiving renewal notices from booth McAfee & Norton spelt Nrton three times a day for the last couple of months. I had been ignoring them, I had a IT guy here helping me set up mu new Laptop when I received them & I asked him about them & he verified they were SCAMS. I have since blocked them, but I am still getting the messages, guess from different sauce. I will keep blocking until they get sick of trying.

It is likely to to be the "the Fast Captcha scam" it morphs to old registry keys even from programs you may have had years ago.

You might like to try www.ninite.com (http://www.ninite.com/) download : Malwarebytes and SuperAntiSpyware [B]the free versions!!!
Also check task manager, Startup apps, Disable it (if you find it in there)

I cannot recall ever buying 'NORTON' products....

I did - Norton Utilities, quite a useful program back in the days before Windows.

I did - Norton Utilities, quite a useful program back in the days before Windows..

Back when Peter Norton still ran it you mean. After Symantec it became bloatware. I was so glad to wave goodbye to all of that when I went to OS8.

This one must have moved from Nigeria in the last 15 years. Arrived this morning.


From the Snr. Monsignor,
Rev. Fr. Gabriel Ishaai
Children rehabilitation/orphanage Center,
Vatican City, Italy.

Greetings dear brethren, your name was willed a sum of US Two Million,
six hundred thousand dollars. On the Ukraine invasion of Russia led
force by Vladimir Putin which attacked so many civilian and orphanage
centers in kyiv.Our catholic rescue mission (CRM) saved a man by name
Alex Voloshchuk from their homes in nearby towns to a sanatorium on
Russian President Vladimir Putin launched invasion of Ukraine on
February 24th. Unfortunately he died in our hospital in Italy, but
before he died he confined on me to will out his fortune of US$2.6m
deposit in the bank.
Immediately you received my letter kindly get back to me with these
information, your name,telephone and address is highly needed.
I will be there at all time to assist you where necessary.

Yours Faithfully,
Rev. Fr. Gabriel Ishaai

There was a link disguised as an email, but I won't share that in case anyone is feeling senile this morning[bigwhistle]

I have been receiving renewal notices from booth McAfee & Norton spelt Nrton three times a day for the last couple of months. I had been ignoring them, I had a IT guy here helping me set up mu new Laptop when I received them & I asked him about them & he verified they were SCAMS. I have since blocked them, but I am still getting the messages, guess from different sauce. [bighmmm] I will keep blocking until they get sick of trying.

MeTooo.... Norton and McAfee.... telling me how much. (89%) discount is headed my way on renewal....

Then today, 'Australia Post'. has a delivery on the way, click here, pay $1.99. Customs fee.... :rulez:

Blocked all the above.... yet they cometh still....
Latest is a 'Track ALL your parcels' from one place service, only a few dollars....[biggrin]

Then there is today's offering, allegedly from a well-known. red and yellow EU delivery business (?), asking $1.99 for Customs.