My good buddy Oprah.  Yeah, right.  This is a lame as they come.  Do people really click on something like this?

Senders:

zomg.amazing@yahoo.com
theroughrider_692000@yahoo.com

To:

grhiner@yahoo.com
dollyn216@earthlink.net

Subject:

Re:

Text:

Oprah has sent a message to you. Click here to read it.

I don't see any reports on what these links lead to, but I assume means to do me harm.

Tags: Spam

I got three of these today.  There are a bunch of clues that they're not legit.  First, there's no Apple logo (easy enough to fake, but still...).  Second, the Apple ID it says was used is not my Apple ID.  Third, the From addresses are not at apple.com (again, easy to fake so why not take the time?).  But of course the biggest clue is that if you hover over the "Learn More" links you'll see that they don't point Apple domains.  This post says they lead to hacked accounts that will bounce you to a Russian online drug store.

Senders:

Apple [noreply@conestoga.net]
Apple [noreply@shaw.ca]
Apple [noreply@icqmail.com]

Subject:

Your Apple ID was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5

Text:

Dear Customer,
Your Apple ID (robert@rlweiner.com) was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5.
If you have not recently set up an iPhone with your Apple ID, then you should change your Apple ID password. Learn More.

Tags: Spam

Here's a selection of messages from spammers who don't even seem to be trying -- no graphics, no attempt to make the links look legit, plain text.  Are these spammers just lazy or do these things actually work?  Bottom line: think before you click.  Hover your mouse over URLs and see where they lead.  And use anti-malware tools that will warn you about suspicious web sites.  (I've removed or defanged the URLS.)

Sender: Jessica Taylor [admin@m78mail.com]

Subject: Re: robert@rlweiner.com 2013 Update

Text:

Account ID: 90692780TG
Email: robert@rlweiner.com

Hello robert@rlweiner.com,
Your credit score has reduced by 80 points at start of 2013.
You should check your score to make sure there's no Identity Theft.
Get your score at No Cost HERE.

Thanks
Credit Score Updates

Sender: Classmates.com [classmatesemail@accounts.classmates.com]

Subject: Order N35085

Text:

Good afternoon,

You can download your Adobe CS4 License here -

We encourage you to explore its new and enhanced capabilities with these helpful tips, tutorials, and eSeminars.
Thank you for buying Adobe InDesign CS4 software.
Adobe Systems Incorporated

Sender: UN ATM OFFICE [info@uncief.org]

Subject: Over-due ATM Card Payment****

Text:

Over-due ATM Card payment $515,510.00 USD by the UN Office, We will
send you an International Swift ATM Card that has been approved in your
favor with Card Number:8401236451206112,:Contact Mr. Oliver
Stephens:ask.oliverconsultant@zbavitu.net with this details 1.Valid
Delivery Address. 2.Full Names.3. Phone Number. Note: that you will take
responsibility for cost of delivery $200USD.

Sender: support@rlweiner.com

Subject: Fwd: Re: Banking security update.

Text:

Dear Online Account Operator,

Your ACH transactions have been
temporarily disabled.
View details

Best regards,
Security department

Sender: support@rlweiner.com (also sent from sales1@rlweiner.com and Tagged@taggedmail.com)

Subject: RE: MITZI - Copies of Policies. (other names substituted for MITZI in other messages)

Text:

Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.
Here is the Package and Umbrella,
and a copy of the most recent schedule.

MITZI Newsome, (also sent by BRIGETTE KIRKLAND and JACKLYN PIERSON)

Sender: Support [BBECBF281@omnicoretech.com]

Subject: Order confirmation.

Text:

If you can't read this message please click this link

Sender: Willie Crawford [Willie@Acumlator.co.us] (also Lazy Cash System [LazyCashSystem@65.com])

Subject: Executive Team (also 2012-10-21-New York Conference - Registration)

Text:

This page from Public Allies has been forwarded to you by Willie Crawford:

www (dot) dit (dot) mu/bks

If the text above does not appear as a full, clickable link, please copy the whole web address and paste it into the address box of your browser.

(another version said: "This page from Profectum Foundation has been forwarded to you by Lazy Cash System" --- Lazy Cash System.  Sign me up!)

Sender: Accounts support [accounts@ewingcole.com] (also sent by Support Center [noreply@message.oehtb.at] and noreply@message.rvdk.minjus.nl)

Subject: Access Code Ticket [#952] (and other ticket numbers)

Text:

Thank you for your letter of Nov 21, your request arrived.

Alright, here's the link to your support ticket and help:

Proceed to information
If we can help in any way, please do not hesitate to contact us.

Best regards,
Account support team.

Sender: Contact [customer-notification@ups.com] (also DAISEY_Roark@gmail.com, Katerine Elliot via LinkedIn [member@linkedin.com])

Subject: Re: End of Aug. Statmeent required (also Re: Inter-company inv. from Safeco Corporation Corp.)

Text:

Good day,
as reqeusted I give you inovices issued to you per oct. (Open with Internet Explorer or Mozilla Firefox)
Regards

(messages included attachments Invoices-14-2012.htm, Invoices-13-2012.htm, Invoices-12-2012.htm, etc. as well as Invoice_P350.htm)

An almost identical spam with Invoice_P350.htm claimed to come from Safeco:

Good day
Attached the intercompany invoice for the period July 2012 til Aug. 2012.(Internet Explorer file)

thanks a lot for support setting up this process.
CANDICE QUINTANA
Safeco Corporation Corp.

Sender: qrlevis@aol.com

Subject: approved store

Text:

Link: Online Store
5% off code: w22c4
Comment: approved, A++

Sender: Administrator [administrator@rlweiner.com]

Subject: You have a new encrypted message from administrator@rlweiner.com

Text:

You have received an encrypted message from administrator@rlweiner.com. The sender intended for the message contents to be secured by using the Barracuda Email Encryption Service. You can retrieve the message from the Barracuda Networks Message Center.

The link to this secure message will expire in 24 hours. If you would like to save a copy of the email or attachment, please save from the opened encrypted email. If an attachment is included, you will be given the option to download a copy of the attachment to your computer.

To view your secure message, click here.

Sender: alert@notification.atcoflex.com

Subject: WARNING: Email could not be delivered - Maximum email size exceeded

Text:

The following email could not be delivered to you as it exceeded the maximum size limit:

Subject: 2011 tax return
Sender: administrator@rlweiner.com

To download or view the email content please use the following link - internal.rlweiner.com/download.aspx?id=P0UW50 (disguised link)

If you require further assistance visit IT Helpdesk

Sender: Update Tracker [70D92739@aproundtable.org]

Subject: Svetlana has just updated new her profile

Text:

Dear Member of our site.
Nastya has just updated new her profile. (Subject said it was Svetlana)
For looking through her new info and photos, please, follow the link

Sender: SLYVIArZ@aol.com

Subject: You have been sent a file (Filename: Robert-1421215.pdf)

Text:

Sendspace File Delivery Notification:
You've got a file called Robert-14281.pdf, (886.78 KB) waiting to be downloaded at sendspace.(It was sent by SLYVIA Sweeney).

You can use the following link to retrieve your file:

Download Link

The file may be available for a limited time only.

Thank you,

sendspace - The best free file sharing service.

----------------------------------------------------------------------
Please do not reply to this email. This auto-mailbox is not monitored and you will not receive a response.

Tags: Malware, Scam, Spam, Viruses

I got two dozen of these this morning, which may be some kind of record.  This site says they're malware delivery devices, so do not click on them!

A few of the senders:

alets-no-reply@customercenter.citibank.com

alets-no-reply@serviceemail6.citibank.com

alets-no-reply@citibank.com

citibankonline@customercenter.citibank.com

citibankonline@customercenter.citibank.com

serviceemail@citibank.com

Some of the subject lines said the bills were from AT&T, Verizon, or American Express, bill but the logos are all Citi's.  There's some great mangled English among the subjects.

Sample subjects:

Recent eBill is  Available. From:  Citibank Credit Card

Your got  Further eBill  Ready for review from  Citibank Credit Card

Your got  Fresh eBill  Is Ready from  Citibank Credit Card

Your New eBill from Citibank Credit Card

Your  Recent eBill from Citibank Credit Card

Your New eBill from AT&T Bill

You have received a New eBill from  AT&T Bill

You have received a New eBill from  American Express

Your just received New eBill  Ready for review from  American Express

Your  Recent eBill from American Express

Your  Recent eBill from American Express

You have received a  Recent eBill from  American Express

Your  Renewed eBill from American Express

Your New eBill from Verizon Wireless

Your  Recent eBill from Verizon Wireless

Fresh eBill is  Available. From:  Verizon Wireless

Sample text:

New eBill Ready for review
________________________________________
     Account Number: **************1
Due Date: 12/28/2012
Amount Due: 52.94
Minimum Amount Due: 52.94

How do I view this bill?
1. Sign on to Citibank Online using this link.
2. Use the Payments Menu to find the bill pointed in this message.
3. Select View Bill to overview your bill details. Select the icon to see your bill summary.

Please don't reply to this message.

If you have any questions about your bill, please contact Verizon Wireless directly. For online payment questions, please choose Bill Payment from the menu.

E-mail Security Zone
At the top of this message, you'll see an E-mail Security Zone. Its goal is to help you check that the e-mail was in reality sent by Citibank. If you have questions, please visit our help center. To learn more about fraud, click "Security" at the bottom of the screen.

To set up alerts sign on clicking here and go to Account Profile.

I prefer not to have this email contain specific information from my statement. Please send me just the announcement that my statement is ready to view online.

Here's a sample:

 

 

Tags: Malware, Spam

A question was posted to a listserve for nonprofit techies looking for tips on training staff on a new database.  I discussed training at a high level on page 13 of this chapter from CASE's Handbook of Institutional Advancement.  Here are some more detailed rules of thumb:

• 90% of training is forgotten within the first 2 weeks if it's not put to immediate use.
• Not everyone can train.  It's an art.  The trainer needs to understand the database, present technical concepts clearly and without jargon, teach at the students' level, and be incredibly patient.
• Train the system administrator thoroughly at the start of the implementation project.
• Also train the team that will be making decisions about the system's configuration at the start of the implementation project.  Train them again just before going live.
• Train end users just before going live.
• Train end users on a sample database, not production data. 
• The sample database should be configured with your own codes, menus, security settings, and any customizations.  Ideally it should be populated with your own data, not a vendor's dummy data.
• If you're training a lot of people, try to train in a classroom setting so everyone hears the same thing.  But recognize that not everyone will be available for classroom trainings, and some people will need 1 on 1 training to understand the concepts.
• Test the computers and software in the classroom before every training.
• Document your data entry standards, policies, and procedures before training so users are taught to do things the right way from the start.
• Create cheat sheets for common tasks.  Give trainees materials they can take away.
• Provide access to online video training materials if possible.  (Record the training sessions if you can and make those videos available.)
• Someone needs to be available to answer questions and provide refreshers after the first training.
• Don't give users access to add, change, or delete records until they've demonstrated that they understand what to do.  Be prepared to retrain staff who aren't getting it.  And be prepared to take away their add/change/delete access if they still don't get it.
• Training is not a one-time event.  You'll get new staff, staff will need to learn new things over time, and there will be new software releases. 

What have I missed?

Tags: Advancement Services, Databases, Donor Databases, IT Management, Nonprofit Management, Nonprofit Technology

I got a bunch of these this week.  I don't know what happens if you click the links, but they look like malware delivery vehicles.  They included a variety of graphics that look like typical credit score spam, but the sender addresses are obviously faked and the links look like they point to hacked WordPress sites like nbouhout.astblogs.org//wp-content/themes/trulyminimal/includes/framework/plugins/score_for_free.html.

Senders:

Credit Masters [flaredx379@blomnet.com]

Credit Score Free [olivero6@deltamar.net]

Credit Report Center [afforest084@blomnet.com]

Credit Check 2013 [impatientg8@clickz.com]

Credit Masters [hillel6@ef-law.com]

Credit Check 2013 [tangosnqt805@cochamber.com]

Credit Report System [teasest090@glgmc.org]

Credit Masters [obeisancesb3@pado.com.br]

Credit Report Center [stepbrotherssr89@ritenour.k12.mo.us]

Credit Report Center [scavenger3385@lsinter.net]

Credit Score Free [midsthk0@polysto.com]

Credit Masters [percentilea9@davisandsons.net]

Credit Score Free [timeworn@financial-tracking.com]

Subjects:

Your TransUnion, Equifax, and Experian Scores Have Updated

Your TransUnion, Equifax, and Experian Scores Have Changed

Your TransUnion, Equifax, and Experian Scores Have Decreased

Important: Your Score Report  Just Changed

Warning: Your Report  Just Changed

Your Score May have been Changed - please take a look

Your Score Apparently Changed - please browse online

Your Score May have been Increased - please overview

Your Score May be Increased - please overview

Warning: Your Credit Score  Just Changed

Get Your 3 FREE Credit Scores Today

Get Your 3 Credit Scores Today

Text:

The text looks like the following, but the first line and details like the ID and "Report creating time" vary.  The first lines read:

Your score apparently decreased!

Your credit score probably increased!

Your score apparently changed!

Your score apparently increased!
Your score may have been increased!

Your score apparently updated!

Your credit score probably changed!

Here's what followed in one version (the English is better in some versions):

ID: #L015T-0RDFDOZ5
       
- Browse this link to see eventua changes
- Click this link to see fresh credit score updates as of December 18th, 2012
      
Browse your score fast!
Report creating time: 12 seconds
       
3LIC7XAMG94KP8LT2R5KJOLNCPR8PFYLK51APBXI70X0R31C8WACKSNHJKZZ63GOE1KLS5IXFN01AWOJ5Q1IV3A3XQ0P5QF4EII0
Regards,
Score Team

Here's a screen shot showing one of the many graphics they included:

 

 

Tags: Malware, Spam

This batch of spams looks like Facebook messages -- same colors, fonts, and formatting, and they have a "Go To Profile" button.  But they don't mention Facebook.  Does the familiar look and feel dupe people into clicking before they read?  According to this post, they're selling meds online.

Senders:

Anna Norman [supportcenter@erichbaumeister.com]

Valentina Byrd [supportcenter@crimlawyer.ca]

Cheyanne Conley [emailconfirm@cabrera.nl]

Jordan Compton [support@opduin.nl]

Carolyn Goodman [support@russin.com]

Subjects: All but one had "Support Center" as the subject.  The exception said "Med Support Center"

Text: Identical in every case

Welcome to Support Center

Hello,
You have been successfully registered in our Ticketing System

Please, login and check status of your ticket, or report new ticket here

Sample:

 

Tags: Spam

This type of phishing spam is seldom worth a glance, but I was drawn in by the subject line and the random capitalization.  An interesting twist in the story is that brunext.com appears to be a real company. Brunext.net looks like an exact duplicate of that site. 

Sender: Malcox Jason [brunext@brunext.net]

Subject: Who Is She To You?

Text:

My Name Is Mr. Malcox Jason. I Am The Foreign Exchange Officer Of Brunext Secure Vault And Cargo Company London.

This is to Notify You that Your Over Due Inheritance Funds has been Gazetted to be Released to You Via The Foreign Remittance Department Of Our Brunext Secure Vault And Cargo Company London.

Meanwhile,A Woman Came to My Office Few Days Ago with a Letter, Claiming to Be Your Representative and Sent by You. If she is not your representative or sent by you, kindly respond immediately reconfirming to me the following details to avoid any mistake.

Full name;  

Full residential contact address;  

Direct telephone number; 

Age and current occupation; 

Copy of your identification if available .

However, We Shall Proceed To Issue All Payments Details To The Said Mrs. Barbara Kleihans If We Do Not Hear From You Within The Next Three Working Days From Today. Await for your prompt response you.Email me at [deleted].

Regards,

Mr. Malcox Jason
Foreign Exchange Officer
BRUNEXT SECURE VAULT & CARGO COMPANY
44 Lewisham way
London, W1G 7BD
United Kingdom

Tags: Phishing, Spam

I'm working on an article with the title, "Maybe It's Not Your Database, It's You."  The premise is that complaints about an organization's database may be misdirected: the problem is how the system is being managed (aka management problems disguised as technology problems).  Now, it's certainly possible that an organization chose the wrong database to begin with, or has outgrown the system they chose, or the vendor isn't providing good support and keeping the technology up to date.  But it's often the case that the database is perfectly fine but wasn't configured properly, or isn't being used or supported properly, or the change to a new system wasn't managed well and was never accepted.  Here are my thoughts so far.  What am I missing?

© Walt Kelly

• Did you implement the system properly in the first place? 
• Do your codes make sense and give you the information you need?
• Do you have policies and procedures governing the use of the database?
• Have users been trained on those policies and procedures? 
• Are there easily understandable reference materials (preferably online, in plain language) to help refresh memories?
• Is someone in charge of making sure that users actually do what they were trained to do?
• Do your security settings enforce what users are allowed to do and see?
• Do volunteers enter data?  If so, does this really work for you?
• Is anyone in charge of monitoring your database to make sure everything’s running smoothly (that your database takes in accurate data, and that it produces accurate reports)?
• Has the person managing the database actually been trained on the database?  What about best practices in data management and any applicable laws?
• Does the person who oversees the database understand the organization’s strategic plans so they can make sure the technology can support them?
• Does this person play well with others?
• Is there some sort of “help desk” where someone is readily available to help users when needed? 
• Is the “help desk” staffed by friendly people with good customer service skills?
• Have you looked at your business processes to make sure they’re efficient and effective?
• Have you looked at whether your database can help you automate time-consuming routine tasks? 

Tags: Databases, Donor Databases, IT Management, Nonprofit Technology

I got a big batch of these today. They're similar to the fake Amazon HDTV receipts I wrote about in September. These aren't as lame-looking as most of the spam I write about: they use the right logos, fonts, and typefaces.  This site says they lead to malware.  The giveaways are: 1) Hover over the links and see where they point before clicking (that's the best way to prevent phishing attacks and malware infections from spam).  2) The Amazon receipts have no details about what I purchased.  3) I got a dozen of the Amazon spams.  I certainly didn't buy a dozen items yesterday.  4) One of the PayPal receipts was poorly formatted, but the spammers wised up and fixed that quickly.  5) Some mangled English, but not too bad.

One note on the Amazon spams -- they include payments for gift certificates in odd amounts, like $5.99, $2.99, $4.99.  I'm pretty sure you can't buy a gift certificate for $5.99.  (I do like the sender address no-try-to-reply@amazon.com.)  Also, like a lot of spams, the subject lines end with a period.  Is this built into the tool?  Who adds punctuation to email subjects?

Senders:

Amazon.com [digital-no-reply@amazon.com]

Amazon.com [digital-notifier@amazon.com]

Amazon.com [store-news@amazon.com]

Amazon.com [no-try-to-reply@amazon.com]

PayPal [service@paypal.com]

PayPal [noreply@paypal.com]

Subjects:

Your Amazon.com order confirmation.

Your Amazon.com Kindle e-book order confirmation.

Your Amazon.com order receipt.

Your Kindle e-book Amazon.com receipt.

Your Amazon.com Kindle e-book order.

Your Paypal.com transaction confirmation.

Your Ebay.com transaction details.

Your Ebay.com purchase receipt.

Text:

Here's the text of one of the Amazon messages.  They were all basically the same except for the details.

Respective Amazon.com Customer,

Thanks for your order, robert@rlweiner.com!
Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.
Order Information:
E-mail Address:  robert@rlweiner.com
Billing Address:
166 Summerset Drive
Greenwisch SC 92717-4157,,FL 67151}
United States
Phone: 747-099-4260
Order Grand Total: $ 65.99

Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More

Order Summary:
Details:
Order #:  C32-6356600-4941029
Subtotal of items:  $ 65.99
------
Total before tax:  $ 65.99
Tax Collected:  $0.00
------
Grand Total:  $ 60.00
Gift Certificates:  $ 5.99
------
Total for this Order: $ 65.99

Here's one of the PayPal spams:

Dec 5, 2012 07:03:40 EST
Transaction ID: FWASD05E081JTT6G1

Hello robert@rlweiner.com,
You have made a payment of $450.48 USD to Kurtis Walls.

It may take a few moments for this transfer to show up in your account.
________________________________________
Seller
Kurtis-Walls@ googlemail.com  Instructions to seller
You haven't entered any instructions.
Shipping address - confirmed
Hendrerit Ave.
Manlius SC 79035-0085
United States Shipping details
The seller hasn't provided any shipping details yet.

Details  Qty.  Amount
PHOTAX PLASTIC SLIDE CASE PLUS 175 x 35mm SLIDES
Item# 671512376273  46  $450.48 USD
Shipping and handling  $14.99 USD
Insurance - not offered  ----
Total  $450.48 USD
Payment  $450.48 USD

Payment sent to Kurtis Walls 

Receipt ID: C-FJY21UQ72O68WD7H9

Problems with this operation?
You have 45 days from the date of the operation to issue a dispute in the Resolution Center.

Please Not try to reply to this message. automative notification system unable to accept incoming email. For fast answers to your problems, visit our Help Center by clicking "Help" located on any PayPal page.

PayPal Email ID PC873

Here's what seems to have been a test message from the PayPal spammer. 

hello {mailto_username}@{mailto_domain},
you {l4} a payment of $557.48 usd to {_firstname} {_lastname}.

it may take a {l5} for this {l6} to {l7} in your {l8}.
________________________________________
{l9}
{_firstname}{la}{_lastname}@{lb}  instructions to {lc}
you haven't entered any instructions.
shipping address - confirmed
{ld} {le}
{lf} {l10} {l11}{digit}-{digit}
united states shipping details
the seller hasn't provided any shipping details yet.
{l12}  qty.  amount
{l13}
item# {l14}{digit}  {number}  $557.48 usd
shipping and handling  ${l15}.{l16} usd
insurance - not offered  ----
total  $557.48 usd
payment  $557.48 usd

payment sent to {_firstname} {_lastname} 

receipt id: {l17}-{symbol}

{l18} with this {l19}?
you have 45 days from the date of the {l1a} to {l1b} a dispute in the resolution center.

please {l1c} reply to this message. {l1d} system {l1e} accept incoming {l1f}. for {l20} answers to your {l21}, visit our help center by clicking "help" located on any paypal page.

paypal email id p{symbol}{digit}

Sample Amazon spam:

 

Tags: Malware, Spam