Emergence of DDoS as a Service (DDoSAAS)
Infographic: What Can You Do To Protect Against Domain Hijacking?

Is it Spam? This Week in Credit and Refinance Fraud Scams

Spam is one of the few subjects where I practice more as a cynic than skeptic. I assume that nearly email I receive that even hints at having a commercial message is spam (and I'm careful to unsubcribe from commercial email that is opt-out). I'm most cynical and aggressive with any message that mentions credit reports or refinance. These target and prey upon people who are having financial issues, which ranks them high in the despicable category.

Recent refi or credit improvement scams use these Subject: lines:

With this increase to your credit score - you are in good shape

Your Credit Score May Have Changed

CONTACT US FOR A LOAN

Refinance rates are lower than ever! Achieve 2.99% now

Just verify the approved increase to your credit score and its done

Keep those hard earned funds in your pocket when you refinance today

Scam1 Scam2

Others attempt to look legitimate by invoking the names of the three major credit score firms (TransUnion, Experian, Equifax). 

Many have telltale spelling or grammatical errors as well.

It's not very hard to collect data to justify my (or your) cynicism. Running basic checks on messages with such headers (whois, cURL, dig, PDNS), I find that

  • The domain names are recent registrations
  • The contact information in Whois records is privacy protected
  • Using cURL, I can see that the home/base page is empty, i.e., it only contains
    <HTML><BODY></BODY></HTML>
  • The zone data for the domain is hosted on a name server that also hosts other scam domains.

I do these checks for research or reporting purposes. You don't need to.

Be cynical. Delete the message. Don't reply. Don't visit the site. 

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)