Lame spams of the day: messages from key.com

I received seven copies of two versions of this spam.  Plain text, no formatting, no logos.  This site lists them as malware delivery devices but doesn't elaborate on the threat.  Here they are:

Senders:

Georgina_Stevens@key.com
Gavin_Deal@key.com
Ana_Bowers@key.com
Denise_Fish@key.com
Rickie_Roberts@key.com

Version 1

Subject: Please respond - overdue payment
Text:

Please find attached your invoices for the past months. Remit the payment by 02/04/2013 as outlines under our "Payment Terms" agreement.

Thank you for your business,

Sincerely,
Georgina Stevens

This e-mail has been sent from an automated system. PLEASE DO NOT REPLY.

The information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer. Thank you.

Attachment: INVOICE_28781731.zip

Version 2:
Subject:
Key Secured Message

Text:

You have received a Secured Message from:

Denise_Fish@key.com

The attached file contains the encrypted message that you have received.

To decrypt the message use the following password - nC4WR706

To read the encrypted message, complete the following steps:

- Double-click the encrypted message file attachment to download the file to your computer.
- Select whether to open the file or save it to your hard drive. Opening the file displays the attachment in a new browser window.
- The message is password-protected, enter your password to open it.

This e-mail and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from
disclosure under applicable law. If you are not the addressee, or have received this e-mail in error, please notify the sender
immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this e-mail or its attachments.

If you have concerns about the validity of this message, please contact the sender directly. For questions about Key's e-mail encryption service, please contact technical support at 888.764.6802.

Copyright © 2013 KeyCorp®. All Rights Reserved

Attachment: Key_Denise_Fish.Zip
A second version from Rickie Roberts had the attachment Key_Rickie_Roberts.Zip
 

Filed in Malware,Spam No Responses yet

Lame spam of the day: Fake BBC news stories

Like most lame spam, this one lacks any formatting or graphics.  The tricky part is that it's masquerading as a news story sent to me by a friend, and those typically lack formatting and graphics.  Clues that it's fake: I don't know the sender; the sender shows as Wendy Kauffman but the text says it came from Rich Webb; it went to an account that I only use for newsletters and discussion lists; and hovering over the URLs shows that they don't lead to a BBC site.  This site says these are malware delivery vehicles.

Sender: webmasters@bbc.co.uk; on behalf of; Wendy Kauffman [cosponsorma@pacunion.com]
Subject: BBC-Email: Cyprus races to rework savings tax after closing banks till Thursday
Text:
Rich Webb saw this story on the BBC News website and thought you should see it.

** Cyprus races to rework savings tax after closing banks till Thursday **
Cyprus can amend terms to a bailout deal that has sparked huge public anger....
< http://www.bbc.co.uk/go/em/news/world-financial-53321772 >

** BBC Daily E-mail **
Choose the news and sport headlines you want - when you want them, all in one daily e-mail
< http://www.bbc.co.uk/email >

** Disclaimer **
The BBC is not responsible for the content of this e-mail, and anything written in this e-mail does not necessarily reflect the BBC's views or opinions. Please note that neither the e-mail address nor name of the sender have been verified.

If you do not wish to receive such e-mails in the future or want to know more about the BBC's Email a Friend service, please read our frequently asked questions here
 

Filed in Malware,Spam No Responses yet

On the value of donor database ratings

A colleague forwarded the following email from a vendor and asked how I think a potential buyer should respond.  I've redacted the message to anonymize the vendor:

Dear ____,

I thought you might be interested in a recent analysis of low cost fundraising software, conducted jointly by independent organizations Idealware and N-TEN. If you are not familiar with Idealware and N-TEN, they are both well-respected non-profit organizations that focus on helping non-profits enhance their use of technology. They have published numerous reports and whitepapers on technology for nonprofit organizations. Bottom line – (our software) received more “Excellent” ratings than any of the over 33 products reviewed!

(The report they sent is actually from 2011, so I wouldn’t call it “recent” if I were them.)

My response: These reports are definitely useful — if a vendor is rated well they’re worth considering (assuming the rating criteria are appropriate for your needs) and if they’re rated badly they’re probably not. But while nonprofits aren’t like snowflakes, each unique in its own special way, they’re not clones, either. Needs vary tremendously from one organization to the next. Nonprofits need to know what they need and then test systems against those specific needs.  In fact, the section of the report that discusses how to go about choosing a system concludes:

Each available option has its own strengths and weaknesses. It doesn’t matter how good a particular system is if it doesn’t fit your organization’s needs. Regardless of what we say in this report, it’s critical to take a look for yourself, and make your own decision.

Bottom line: you need to do your homework and be a smart shopper.

Filed in Donor Databases,Nonprofit Management,Nonprofit Technology,Software No Responses yet

Lame spam of the day: Smoking device

This is as lame as it gets.  Plain text, no graphics, the sender name looks suspicious, the recipient name isn't me, there's no subject, and the text is lame.  I ran the link in the "click here" line through some online virus scanners and it seems clean, so maybe they're just trying to sell something.  In any case, I hope no one would click on something like this.

Sender: lost.gender@yahoo.com
To:
jsales@fulbright.com
Subject:
Re:
Text:

Smoking device thats clean. Click here to see.

Filed in Spam No Responses yet

More nonprofit software mergers and acquisitions

Last year the big news in my industry was Blackbaud's acquisition of Convio and the merger/acquisition of Datatel and Sungard Higher Education (now called Ellucian).  2013 is off to a bang with Accel-KKR's acquisition of Sage's Nonprofit Solutions Group and iModules acquisition of Harris Connect.

The Sage staff I've talked to can't comment publicly until the sale is final, which they hope will happen this month.  Millennium users, at least, seem excited about the change and the possibility of new investment in the product.

The press release for the iModules deal says Harris Connect “will be supported ... for the foreseeable future.”  I've heard that Harris clients are being given a year to decide if they are going to move to iModules. If they do, they'll have to pay conversion fees.

Filed in Advancement Services,Alumni Relations,Databases,Donor Databases,Software 3 Comments so far

Lame spam of the day: Oprah sent me a message

My good buddy Oprah.  Yeah, right.  This is a lame as they come.  Do people really click on something like this?

Senders:

zomg.amazing@yahoo.com
theroughrider_692000@yahoo.com

To:

grhiner@yahoo.com
dollyn216@earthlink.net

Subject:

Re:

Text:

Oprah has sent a message to you. Click here to read it.

I don't see any reports on what these links lead to, but I assume means to do me harm.

Filed in Spam No Responses yet

Lame spam of the day: Your Apple ID was used to sign in

I got three of these today.  There are a bunch of clues that they're not legit.  First, there's no Apple logo (easy enough to fake, but still...).  Second, the Apple ID it says was used is not my Apple ID.  Third, the From addresses are not at apple.com (again, easy to fake so why not take the time?).  But of course the biggest clue is that if you hover over the "Learn More" links you'll see that they don't point Apple domains.  This post says they lead to hacked accounts that will bounce you to a Russian online drug store.

Senders:

Apple [noreply@conestoga.net]
Apple [noreply@shaw.ca]
Apple [noreply@icqmail.com]

Subject:

Your Apple ID was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5

Text:

Dear Customer,
Your Apple ID (robert@rlweiner.com) was used to sign in to FaceTime, iCloud, and iMessage on an iPhone 5.
If you have not recently set up an iPhone with your Apple ID, then you should change your Apple ID password. Learn More.

Filed in Spam 6 Comments so far

Lame spams of the day: another roundup

Here's a selection of messages from spammers who don't even seem to be trying -- no graphics, no attempt to make the links look legit, plain text.  Are these spammers just lazy or do these things actually work?  Bottom line: think before you click.  Hover your mouse over URLs and see where they lead.  And use anti-malware tools that will warn you about suspicious web sites.  (I've removed or defanged the URLS.)

Sender: Jessica Taylor [admin@m78mail.com]

Subject: Re: robert@rlweiner.com 2013 Update

Text:

Account ID: 90692780TG
Email: robert@rlweiner.com

Hello robert@rlweiner.com,
Your credit score has reduced by 80 points at start of 2013.
You should check your score to make sure there's no Identity Theft.
Get your score at No Cost HERE.

Thanks
Credit Score Updates

Sender: Classmates.com [classmatesemail@accounts.classmates.com]

Subject: Order N35085

Text:

Good afternoon,

You can download your Adobe CS4 License here -

We encourage you to explore its new and enhanced capabilities with these helpful tips, tutorials, and eSeminars.
Thank you for buying Adobe InDesign CS4 software.
Adobe Systems Incorporated

Sender: UN ATM OFFICE [info@uncief.org]

Subject: Over-due ATM Card Payment****

Text:

Over-due ATM Card payment $515,510.00 USD by the UN Office, We will
send you an International Swift ATM Card that has been approved in your
favor with Card Number:8401236451206112,:Contact Mr. Oliver
Stephens:ask.oliverconsultant@zbavitu.net with this details 1.Valid
Delivery Address. 2.Full Names.3. Phone Number. Note: that you will take
responsibility for cost of delivery $200USD.

Sender: support@rlweiner.com

Subject: Fwd: Re: Banking security update.

Text:

Dear Online Account Operator,

Your ACH transactions have been
temporarily disabled.
View details

Best regards,
Security department

Sender: support@rlweiner.com (also sent from sales1@rlweiner.com and Tagged@taggedmail.com)

Subject: RE: MITZI - Copies of Policies. (other names substituted for MITZI in other messages)

Text:

Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy.
Here is the Package and Umbrella,
and a copy of the most recent schedule.

MITZI Newsome, (also sent by BRIGETTE KIRKLAND and JACKLYN PIERSON)

Sender: Support [BBECBF281@omnicoretech.com]

Subject: Order confirmation.

Text:

If you can't read this message please click this link

Sender: Willie Crawford [Willie@Acumlator.co.us] (also Lazy Cash System [LazyCashSystem@65.com])

Subject: Executive Team (also 2012-10-21-New York Conference - Registration)

Text:

This page from Public Allies has been forwarded to you by Willie Crawford:

www (dot) dit (dot) mu/bks

If the text above does not appear as a full, clickable link, please copy the whole web address and paste it into the address box of your browser.

(another version said: "This page from Profectum Foundation has been forwarded to you by Lazy Cash System" --- Lazy Cash System.  Sign me up!)

Sender: Accounts support [accounts@ewingcole.com] (also sent by Support Center [noreply@message.oehtb.at] and noreply@message.rvdk.minjus.nl)

Subject: Access Code Ticket [#952] (and other ticket numbers)

Text:

Thank you for your letter of Nov 21, your request arrived.

Alright, here's the link to your support ticket and help:

Proceed to information
If we can help in any way, please do not hesitate to contact us.

Best regards,
Account support team.

Sender: Contact [customer-notification@ups.com] (also DAISEY_Roark@gmail.com, Katerine Elliot via LinkedIn [member@linkedin.com])

Subject: Re: End of Aug. Statmeent required (also Re: Inter-company inv. from Safeco Corporation Corp.)

Text:

Good day,
as reqeusted I give you inovices issued to you per oct. (Open with Internet Explorer or Mozilla Firefox)
Regards

(messages included attachments Invoices-14-2012.htm, Invoices-13-2012.htm, Invoices-12-2012.htm, etc. as well as Invoice_P350.htm)

An almost identical spam with Invoice_P350.htm claimed to come from Safeco:

Good day
Attached the intercompany invoice for the period July 2012 til Aug. 2012.(Internet Explorer file)

thanks a lot for support setting up this process.
CANDICE QUINTANA
Safeco Corporation Corp.

Sender: qrlevis@aol.com

Subject: approved store

Text:

Link: Online Store
5% off code: w22c4
Comment: approved, A++

Sender: Administrator [administrator@rlweiner.com]

Subject: You have a new encrypted message from administrator@rlweiner.com

Text:

You have received an encrypted message from administrator@rlweiner.com. The sender intended for the message contents to be secured by using the Barracuda Email Encryption Service. You can retrieve the message from the Barracuda Networks Message Center.

The link to this secure message will expire in 24 hours. If you would like to save a copy of the email or attachment, please save from the opened encrypted email. If an attachment is included, you will be given the option to download a copy of the attachment to your computer.

To view your secure message, click here.

Sender: alert@notification.atcoflex.com

Subject: WARNING: Email could not be delivered - Maximum email size exceeded

Text:

The following email could not be delivered to you as it exceeded the maximum size limit:

Subject: 2011 tax return
Sender: administrator@rlweiner.com

To download or view the email content please use the following link - internal.rlweiner.com/download.aspx?id=P0UW50 (disguised link)

If you require further assistance visit IT Helpdesk

Sender: Update Tracker [70D92739@aproundtable.org]

Subject: Svetlana has just updated new her profile

Text:

Dear Member of our site.
Nastya has just updated new her profile. (Subject said it was Svetlana)
For looking through her new info and photos, please, follow the link

Sender: SLYVIArZ@aol.com

Subject: You have been sent a file (Filename: Robert-1421215.pdf)

Text:

Sendspace File Delivery Notification:
You've got a file called Robert-14281.pdf, (886.78 KB) waiting to be downloaded at sendspace.(It was sent by SLYVIA Sweeney).

You can use the following link to retrieve your file:

Download Link

The file may be available for a limited time only.

Thank you,

sendspace - The best free file sharing service.

----------------------------------------------------------------------
Please do not reply to this email. This auto-mailbox is not monitored and you will not receive a response.

Filed in Malware,Scam,Spam,Viruses No Responses yet

Lame spams of the day: so many ebills

I got two dozen of these this morning, which may be some kind of record.  This site says they're malware delivery devices, so do not click on them!

A few of the senders:

alets-no-reply@customercenter.citibank.com

alets-no-reply@serviceemail6.citibank.com

alets-no-reply@citibank.com

citibankonline@customercenter.citibank.com

citibankonline@customercenter.citibank.com

serviceemail@citibank.com

Some of the subject lines said the bills were from AT&T, Verizon, or American Express, bill but the logos are all Citi's.  There's some great mangled English among the subjects.

Sample subjects:

Recent eBill is  Available. From:  Citibank Credit Card

Your got  Further eBill  Ready for review from  Citibank Credit Card

Your got  Fresh eBill  Is Ready from  Citibank Credit Card

Your New eBill from Citibank Credit Card

Your  Recent eBill from Citibank Credit Card

Your New eBill from AT&T Bill

You have received a New eBill from  AT&T Bill

You have received a New eBill from  American Express

Your just received New eBill  Ready for review from  American Express

Your  Recent eBill from American Express

Your  Recent eBill from American Express

You have received a  Recent eBill from  American Express

Your  Renewed eBill from American Express

Your New eBill from Verizon Wireless

Your  Recent eBill from Verizon Wireless

Fresh eBill is  Available. From:  Verizon Wireless

Sample text:

New eBill Ready for review
________________________________________
     Account Number: **************1
Due Date: 12/28/2012
Amount Due: 52.94
Minimum Amount Due: 52.94

How do I view this bill?
1. Sign on to Citibank Online using this link.
2. Use the Payments Menu to find the bill pointed in this message.
3. Select View Bill to overview your bill details. Select the icon to see your bill summary.

Please don't reply to this message.

If you have any questions about your bill, please contact Verizon Wireless directly. For online payment questions, please choose Bill Payment from the menu.

E-mail Security Zone
At the top of this message, you'll see an E-mail Security Zone. Its goal is to help you check that the e-mail was in reality sent by Citibank. If you have questions, please visit our help center. To learn more about fraud, click "Security" at the bottom of the screen.

To set up alerts sign on clicking here and go to Account Profile.

I prefer not to have this email contain specific information from my statement. Please send me just the announcement that my statement is ready to view online.

Here's a sample:


 
 

Filed in Malware,Spam 4 Comments so far

Training on your new database

A question was posted to a listserve for nonprofit techies looking for tips on training staff on a new database.  I discussed training at a high level on page 13 of this chapter from CASE's Handbook of Institutional Advancement.  Here are some more detailed rules of thumb:

  • 90% of training is forgotten within the first 2 weeks if it's not put to immediate use.
  • Not everyone can train.  It's an art.  The trainer needs to understand the database, present technical concepts clearly and without jargon, teach at the students' level, and be incredibly patient.
  • Train the system administrator thoroughly at the start of the implementation project.
  • Also train the team that will be making decisions about the system's configuration at the start of the implementation project.  Train them again just before going live.
  • Train end users just before going live.
  • Train end users on a sample database, not production data. 
  • The sample database should be configured with your own codes, menus, security settings, and any customizations.  Ideally it should be populated with your own data, not a vendor's dummy data.
  • If you're training a lot of people, try to train in a classroom setting so everyone hears the same thing.  But recognize that not everyone will be available for classroom trainings, and some people will need 1 on 1 training to understand the concepts.
  • Test the computers and software in the classroom before every training.
  • Document your data entry standards, policies, and procedures before training so users are taught to do things the right way from the start.
  • Create cheat sheets for common tasks.  Give trainees materials they can take away.
  • Provide access to online video training materials if possible.  (Record the training sessions if you can and make those videos available.)
  • Someone needs to be available to answer questions and provide refreshers after the first training.
  • Don't give users access to add, change, or delete records until they've demonstrated that they understand what to do.  Be prepared to retrain staff who aren't getting it.  And be prepared to take away their add/change/delete access if they still don't get it.
  • Training is not a one-time event.  You'll get new staff, staff will need to learn new things over time, and there will be new software releases. 

What have I missed?

Filed in Advancement Services,Databases,Donor Databases,IT Management,Nonprofit Management,Nonprofit Technology 2 Comments so far

« Previous PageNext Page »

Switch to our mobile site