With this latest email (I received 2 today, even though I am not in the US) they use the threat of a complaint against your company to get you to click on a link in the email.

Here is a copy of the email

RE: Case # 18558568
2011/12/20

Hello,

The Better Business Bureau has been filed the above-referenced complaint from one of your clients on the subject of their dealings with you.
The detailed information about the consumer’s concern is presented in enclosed document.
Please give attention to this matter and let us know about your opinion.
We encourage you to open the ATTACHED REPORT to reply this complaint.

We look forward to your prompt response.

Sincerely yours,

Louis Gerald

Dispute Counselor
Better Business Bureau

So again, it is a case of being careful when something like this appears in your mailbox. Don’t panic and click the link to see what the issue is, if in doubt hover over the link and it will tell you in the status bar of your email program the real link that it will take you to.

If it looks in any way suspicious, leave it alone.

In this instance it appears to be a phishing scam by trying to trick you to click on an apparent document link that takes to to a webpage.

Other known reports of this (here) talk of zip files being delivered to entice people to run the included .exe file (similar to the UPS scams)

This appears to a bit cleverer as it takes you to a website rather than the hassle of unzipping and running the executable.

The organisation mentioned does not send out these emails and so you can delete with impunity.

Here is the message:

Anz Bank

We’d like to inform you that your Secure Messages Center has 1 new message.

Please login to your Online Banking and visit the Secure Message Center section in order to
read the message.

Log On to Online Banking.

(The Message Center contains only important information about your account and online banking.)

Copyright Australia and New Zealand Banking Group Limited ABN 11 005 357 522, 1996-2011.
ANZ’s colour blue is a trade mark of ANZ.

The log on link goes to http:// nogueirametalurgica . com . br/www . anz . com/index . php

This is a typical ploy where they hide the link to a hacked website. Here they have placed a site that looks the same as the target (This time ANZ) and hope that you do not look at the link that appears in the URL section of your browser.

Whenever you get a dodgy email, you can often just hover over the link in the email, and the email program will show you the link that you will be taken to.

If it is anything like this, then stay away

However, I have just received one directly and have noticed that although the scam is the same, the wording and formatting are a bit better, more convincing.

Here is the transcript:

Dear Manager,

(If you are not the person who is in charge of this, please forward this to your CEO,Thanks)

This email is from China domain name registration center, which mainly deal with the domain name registration and dispute internationally in China and Asia.
On October 17th 2011, We received Tianhua Ltd’s application that they are registering the name ” yourdomain ” as their Internet Keyword and ” yourdomain .cn “?” yourdomain .com.cn ” ?”yourdomain .asia “domain names etc.., they are China and ASIA domain names. But after auditing we found the brand name been used by your company. As the domain name registrar in China, it is our duty to notice you, so we are sending you this email to check. According to the principle in China, your company is the owner of the trademark, In our auditing time we can keep the domain names safe for you firstly, but our audit period is limited, if you object the third party application these domain names and need to protect the brand in china and Asia by yourself, please let the responsible officer contact us as soon as possible. Thank you!

Best Regards,

John
General Manager
Shanghai Office (Head Office)
3002, Nanhai Building, No. 854 Nandan Road,
Xuhui District, Shanghai 200070, China
Tel: +86 216191 8696
Mobile: +86 136615 29704
Fax: +86 216191 8697
Web: www.ygnetworkltd.com

So you can see that the construction of the email is much more professional, but still is  not quite perfect.

Again the point of these emails is to scare people into thinking that their domain name is going to be registered by a Chinese company. All they are wanting is to get you to register the domain name through them (often at an inflated price)

Don’t worry, I have not seen one of these be real yet.

Rather than the all capitals, poor grammar and spelling of previous emails, this one reads better and so is harder to spot.

However, the key ingredients are the same

• Doesn’t match the products on offer (Asking for 7 people, when only 6 available)
• Insists on credit card as only payment method
• Urgency
• Not an enquiry, but a straight booking

Here is the copy of the email

Greetings,

I am Mr. Simon Cowell, I am writing from the Cowell Travel & Tours, Liverpool England, we have group of 7 people coming to spend their vacation in your country for 10 days. With due respect, we will like you to provide accommodation and breakfast for 7 of them for the whole period of their stay.

Let me know your room’s types and cost per night so that reservation will be made on time.

Our Arrival Date is 20th September 2011; Our Departure date is 30th September 2011.

Number of People: 7. all adult.

Kindly Confirm if you will have availability during these dates so as to proceed with the booking.

I will be appreciating your urgent response, I hope you accept credit card as means of payment, because I will be making the payment with my credit card only.

Regards,

Mr. Simon Cowell
Cowell Travel & Tours
Adlib House, Fleming Road,
Liverpool, Merseyside, L24 9LS
England.

Tel: (+44) 703 182 0750

What is hidden though is that by signing and sending back the form, you lock yourself in for a three year listing at EU995 per year.

But they do let you update your details for free.

Transcript is here:

From: contact@business-listing.info

Subject: EU Business Register 2011/2012

Dear Madam/Sir,

In order to have your company inserted in the EU Business Register for 2011/2012, please print, complete and submit the enclosed form to the following address:

EU BUSINESS REGISTER
BOX 252 – 28020 Madrid
SPAIN

Fax: +34 91 791 9167

Updating is free of charge!

These kind of scams are pretty common, I get ones faxed to me a few times a year. Similar ones for overpriced domain names are common as well.

You know your business and will know the kinds of places that are worthwhile advertising. If anything comes across your desk or into your inbox that offers advertising, check it thoroughly before committing, this one had the price in the fine print in the attached PDF, not in the email itself. IT’s terms and conditions were even further hidden on a website not linked to in the PDF.

I got two emails this morning, both titled “Royal win!” to two different addresses. Aren’t I lucky to win two 1st category prizes. Especially when I didn’t enter!

PDF’s are attached that ask for personally identifiable information, such as Passport, Drivers License or other ID.

Together this, with the other standard info such as contact info, can be all that is required for identity theft.

Don’t fall for these kinds of scams. Any time someone is asking for information that can be used for identification such as middle name, passport or date of birth, be very careful you know who you are giving it to.

These guys are using the lure of winning money to entice people to hand over these details.

Don’t be fooled.

Below is the email contents, there are also two pdf’s attached, a claim application form and a terms and conditions document.

*************************************DO NOT DELETE THIS MESSAGE***********************************************
Europe Royal
Win Ballot.
Stationplein 13
Rosendaal – Holland.
Tel: 0031-685242542
Fax: 0031-847508652
Email: europeroyal@europe.com

Ref: ER/07533
Ticket Number: 025613-ING.

With the introduction of new types of games, with the ushering in of online technology and with the permit issued under EU laws to compete for concession to run games and give away prizes on the internet. Europe Royal wishes to congratulate you for being one of the luckywinners in the Europe Royal Win Ballot. You have been officially selected as a winner from Europe Royal. You are a winner and you are hereby authorised for claim with your email attached to winning ticket Number: 025613-ING in the 1st category winning prize of One Million Five Hundred Thousand Euros.

Read, understand and agree to the rules and provisions for claim.You are to fill the claim application form attached and choose a mode of payment,also send along a proof of identification (Passport copy/Driver’s Licenseor Identity card) by fax or email to your claims officer:

************************************************************************************

Contact your claims officer:
Europe Royal Lot B.V
Mr Laurens Nijenhuis
Tel: 0031-685242542  ext:03
Fax: 0031-847508652
Email: laurens.nijenhuis@europe.com

*****************************************************************************************
Keep this email confidential & away from public notice to prevent double claim or impersonation with your Reference Number until after remittance/payment to you.
Claim expiry date is 25th March 2011, after this date winning prize is filed as unclaimed.

Best Regards,Zeeman Jaap.Europe Royal.

© 2011 Europe Royal. All rights reserved. Terms of use. Privacy Statement.

ie. Scare users into divulging logins and passwords by saying their access to something is finishing.

Fortunately, the link in the one a client of mine has sent me has been deleted, so the damage has been minimised. But these tactics appear all too frequently.

Here is the content of the email:

From: Webmail <acctupdate@vz301.securenet-server.net>

Date: 27 January 2011 10:30:54 AM NZDT

To: recipient address

Subject: Access to your e-mail is coming to an end

Good customer,

Access to e-mail is coming to an end,
We recommend that you upgrade your account, to avoid suspension.

Click on the Upgrade Now below to update your account.
Upgrade Now

Thank you.
Webmail.

Whenever you get an email that you are suspicious of, paste some of it into Google and see if it has been mentioned anywhere.

And remember, don’t click on any links you are not sure of.

They ways that these people try and avoid the antispam brigade can be quite hilarious.

What I really can’t understand is when something is this bad, that people still respond.

Because, in the end, the proliferation of spam is collectively our own fault. If it didnt work, they would stop.

Here is the latest humerous additon to my spam collection.

Submit your own, and lets laugh at the spammers

Privet, my friend!

Love does not consist in gazing at each other, but in looking outward together in the same direction. It is spring and love in my soul and the scent of beautiful lilacs fills the air in my imagination. And I cannot get you out of my mind, because I am dreaming to find your precious love. Can you guess what I would like to do for you?
I want to protect you from all of the injustices
in the world and carry you off into a blazing sunset.
I want to do all I can to make you happy and make you fill loved every day of your life. My honey, I am here for you, so do not make me wait for too long, because I am hunger for you love.

Hugs and kisses
Mila

Sent supposedly from inlandrevenue@newzealand.govt.nz (The wrong address, the source says it comes from dukecmimpo01.coxmail.com) their real emails are ending in ird.govt.nz.

Tax Refund Form
Get Tax Refund on your Debit Card
*Please enter your name and a valid Debit Card where you want the refund to be made.
Please enter the following information here.

It then asks for Name address etc

But it then goes onto your Debit Card info. Now with Debit and Credit Cards being very similar in operation, giving up your debit card details is just as dangerous.

But since it is called a Debit Card, people may be less likely to think it is a scam.

While giving up your account number for direct crediting is relatively safe, any request for card details should be viewed suspiciously.

They even get a bit cheeky to cover their tracks

Note: For security reasons, we recommend that you close your browser after you have finished the refund process.