home | legal stuff | glossary | blog | search

 Legend:  new window    outside link    tools page  glossary link   

Classic Spam: Fraud, pure and simple

The bottom line: Be wary of any unsolicited e-mail that claims that you bought something, or that your credit may have been misused for such a purchase. This sort of pitch is usually the prelude to a swindle.

Most spam manages to hug tenaciously to the legit side of the fuzzy line between the merely sleazy and the outright criminal, but once in awhile (more often as time goes on) you may get a message like the one featured below. I have omitted the header and reformatted the body slightly for readability.

<META content="MSHTML 6.00.2726.2500" name=GENERATOR>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Dear customer, <BR>
Recently we
have received an order made by using your personal credit card
information. <BR>
This order was made online at our official BestBuy
website on 06/17/2003. <BR>
Our Fraud Department has some suspicions
regarding this order and we need you to visit a
special Fraud Department page at
our web store where you can confirm or decline
this transaction by providing us
with the correct information. <BR>
This e-mail address has been taken from
National Credit Bureau. <BR>
Click the link below to visit a
special Fraud Department page to resolve the cause of the
problem. <BR>
<DIV><FONT face=Arial size=2>
<BR>Item No: 73890 <BR>
CDA-9815 In-Dash CD Player/Ai-Changer
Controller <BR>
Price: $387.65 Qty: 2 Total:
<BR>The order listed above has not yet been processed. <BR>
The reason for
the delay in processing your order is: <BR> <BR>
- Information provided: <BR>
Shipping <BR>
Staten Island, NY
10306 <BR>
United States <BR>
phone# 206-337-9843
<BR> <BR>
In our effort to deter fraudulent transactions, we need your help
in providing us with the correct information.
Your prompt response is needed to
avoid any unauthorized charges to your credit card.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>
><FONT face=Arial size=2>Click the link below to visit a special
Fraud Department page to resolve the cause of the problem. <BR>
<A href="http://www.digitalgamma.com/fraud.html?ordernumber?956195619">
<FONT face=Arial size=2>


Here, we have a message purported to be from Best Buy, one of America’s leading “big box” appliance store chains, warning me that my credit card may have been used for a fraudulent transaction on their “official” website (but not, I suppose, on any of their “unofficial” websites). The transaction is described (the model CDA-9815 CD players), and even the ship-to address and phone number are given. Then, I’m asked to click on a link that will take me to a page where I can “confirm” this transaction.

There’s just one thing wrong. Actually, there are a lot of things wrong here, but the main wrong thing is that the “fraud department” link (in red) doesn’t go to www.BestBuy.com as it implies (in the visible portion, highlighted in green), but to somewhere called www.digitalgamma.com (in the HREF field of the anchor tag, highlighted in blue). Now, even if you were willing to assume that digitalgamma might be handling this matter on Best Buy’s behalf, it is certainly highly suspicious that the link points elsewhere than it claims to be pointing. This is a very simple, but potentially very effective ruse that could take in those who don’t look before they click.

As it happens, by the time I got this message, the digitalgamma site was no longer available; likely it had been shut down immediately upon detection of the racket. A whois lookup on the digitalgamma.com domain revealed that it was registered to an outfit named “Fraud Recovery” in Redmond, Washington, and that the registration was quite recent (about two weeks before this mail was received). The day after I got this one, I received the same message again at my home account, this time pointing to another website (this second site was also shut down by the time I went to investigate). I got no subsequent e-mails of this sort; perhaps the perps are at this moment being treated to an extended sleepover in a federal facility.

If you receive a message like this and aren’t certain whether it checks out, it’s a good idea to spot-check some of the message details. Here is some additional info I was able to ferret out from this message:

Because the digitalgamma site was shut down, I can’t tell exactly what they had in store for me, but I’d bet you a pair of Alpine CDA-9815 in-dash CD players that they would have asked me to enter my credit card number (possibly with its extra identifying code number that is present only on the card itself and not in the account number) to “decline” the transaction. I can but guess what would have happened next.

To their credit, Best Buy got out a note on their website (and a press release) mere hours after I received this message; I post the website note below, as it contains useful information for those who may have been victimized by this or other online frauds. My only quibble is that “hoax” is far too charitable a word for this stuff.

At this point in history, e-mail is still an insecure and unreliable means to transmit sensitive information like financial or medical data (as the mail-borne epidemics of spam, phishing, and malware should amply demonstrate). You must regard any message of the sort described here with the utmost skepticism. When in doubt, use another means of contact (preferably one you locate yourself, such as a phone number from the yellow pages, or a visit to a local branch store) to get the parties involved to confirm the information in the message.

 home | legal stuff | glossary | blog | search

 Legend:  new window    outside link    tools page  glossary link   

(c) 2003-2007, Richard C. Conner ( )

03682 hits since March 29 2009

Updated: Sat, 18 Aug 2007