Latest email scam to watch for

I had seen a warning about this earlier today, but wouldn’t have fallen for it after even the briefest review:

secure-your-credit-card scam email

First of all, all the links (including the one to Microsoft and all the credit card companies) link to the same scammy web address, which you can see in the final "For security your Credit Card information" line. Ingeniously, someone actually registered the domain name with which to scam the public into giving away their credit card information. You have to give them credit for that, although their nameservers are Yahoo, so it was only a matter of time before someone woke up over there and cut them off — the site is already down.

Secondly, the scam artist claims to be from Microsoft, yet gives a non-Microsoft email address and website. Yeah, right.

Thirdly, the grammatical errors are beyond laughable:

  • "the up mentioned Credit Card companies"
  • "The securing of your Credit Card will not take longer than 3 minutes, and can spare you of loosing your hard earned money"
  • "Microsoft has sent this email in conformity with the law protected email program rules"

The email header included the following:

Return-Path: [email protected]

Received: from ([]) by with ESMTP id 5si706804nzk.2007.; Tue, 18 Dec 2007 17:17:03 -0800 (PST)

Received-SPF: neutral ( is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=;

Authentication-Results:; spf=neutral ( is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]

Received: from ts1.albblaw.local ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Dec 2007 17:35:45 -0700

From: "Microsoft" <[email protected]>

I’m not sure if that means that the SMTP server or the IP address were hijacked for this purpose.

Leave a Reply