Monday, January 28, 2013

ING Betalen

Hello all, If you receive one of the below DUTCH email, then do NOT click on the link, it is going to an hacked Wordpress website: /wp-content/uploads/ 2013 /

Mail link number 2 is going to:

www. yourhealthtalk .org/ wp-content /

 As you can see, both on the same place in the Wordpress content.

If you receive similar, then talk about it on our FORUM, the more people talk about it the better!


ING Bank Netherlands

Alert; Om veiligheidsredenen moet uw betaalrekening zo spoedig mogelijk worden bijgewerkt,als u geen gebruikt maakt van de update wordt de toegang tot uw ING internetbankieren geblokkeerd.Klik op het onderstaande link voor de update. Inloggen Mijn ING (Link removed)

Mail number 2:

Geachte klant,

De ING Bank is op dit moment bezig met technische werkzaamheden op de afdeling internet bankieren.Deze afdeling is bezig met het installeren van een nieuwe software voor u internetbankieren. Met deze dienst willen wij van de ING Bank het internetbankieren voor u spamvrij maken en ook extra beveiligen zoals tegen internetfraude.

Om van deze dienst gebruik te kunnen maken adviseren wij u om onderstaande link aan te klikken en de gevraagde informatie in te vullen.

Inloggen Mijn ING (Link removed)

Na het invullen van de gevraagde informatie word u internetbankieren automatisch geupdate met de nieuwe software. Wanneer u dit eenmaal heeft gedaan word u telefonisch benaderd door een van de medewerkers van de ING Bank afdeling internetbankieren om de software volledig te installeren. Vergeet niet dat ING Bank waarde hecht aan uw veiligheid en bescherming. Hartelijk dank voor uw tijd en medewerking.



2013 ING Bank Nederlands.

Sunday, January 27, 2013

Forum Restart

Because that our hosting had erased our account (terminated)
All data was gone, so we have to start all over again.

If you had an account on our forum then, as soon as we are open again, you have to create a
new account. Sorry


UPDATE: The forum is open again, and you can register there for free again.

Friday, January 25, 2013

LinkedIn - Join my network

The fake email from LinkedIn

Looks real, but all links are going to an hacked WordPress website.
So be careful to response on something like this ... /wp-admin/ track.php?c002

Website has now already an database error..
did you receive any, then talk about them on the forum here.



Invitation reminders:
 From Adam Wendel (Brand Marketing at Unilever)


�There are a total of 3 messages awaiting your response. Go to InBox now.
This message was sent to Don't want to receive email notifications? Login to your LinkedIn account to Unsubscribe.
LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. c 2013, LinkedIn Corporation.

FedEx Online Billing - Invoice Prepared to be Paid

If you receive below e-mail or similar, then do NOT click on the links. It is an fake email.
It use an html file in an wordpress theme. The them has this file not standard in it. Check your files if you use the TOOLBOX theme. (Download the original and compare!) wp-content /themes/toolbox /invoice_fedex.html

FedEx® FedEx Online Billing - Invoice Prepared to be Paid
Your mail here   

You have a new invoice(s) from FedEx that is ready-made for pay.

The following invoice(s) are ready for your review:

Invoice Number
Invoice Amount

To pay or view these invoices, please sign in to your FedEx Billing Online account clicking this link:

Note: Please do not use this email to submit payment. This email may not be used as a remittance notice. To pay your invoices, please visit FedEx Billing Online,     

Thank you,
Revenue Services

Please Not try to reply to this message. auto informer system not configured to accept incoming email.

The content of this message is protected by copyright and trademark laws under U.S. and international law.
review our privacy policy . All rights reserved.

Thursday, January 24, 2013 You have made an purchase.

When you recieved below email, then do NOT click on the links ... It is again fake.
All are going to Hacked Wordpress Website's : /wp-content  /themes /toolbox /pp-purchase-details.html

Did you receive it also, then send us your mail. Place in subject : type of scam!

Below is an example !

PayPal logo Date and time here TIME HERE PST
Transaction ID: An number here!
Hello Your email address ,

You have made a payment of $Amount USD to Name of person.

It may take a few seconds for this transfer to figure in your transactions history.

Email address seller
Instructions to seller
You haven't entered any instructions.
Shipping address - confirmed
Adress seller
United States
Shipping details
The seller hasn't provided any shipping details yet.
Details Qty. Amount
Article here
Item# number here
62 $Amount USD
Shipping and handling $amount USD
Insurance - not offered ----
Total $amount USD
Payment $amount USD

Payment sent to Seller name

Receipt ID: number here

Problems with this transaction?
You have 45 days from the date of the purchase to issue a dispute in the Resolution Center.

Please DO NOT reply to this message. automative notification system can't accept incoming messages. For immediate answers to your questions, visit our Help Center by clicking "Help" located on any PayPal page.

PayPal Email ID PW838

Wednesday, January 23, 2013

Payroll Reversed logineftps . html  Hacked Website. Do NOT click links.


This notification was mailed to inform you that your payment file has Reversed. 2013-01-21-
Transaction details is accessible by sign in the Batch Provider with this link.
Thank You,
Contact Us: EFTPS Batch Provider Customer Service (Was above link)

Direct Deposit payment ID number here rejected

Fake email with link on hacked Wordpress website! Be carefull to who you give your password / login information from your server. wp-content/ plugins/ zagoonouiod/track.php?nacha

Dear Customer,

We would like to notify you, that your most recent Direct Deposit payment (Int. No.605134252963) was declined,because of your current Direct Deposit software being out of date. The details regarding this matter are available in our secure section::

Click here for more information (Link removed, see above)

Please consult with your financial institution to get your updated version of the software needed.

Sincerely yours

ACH Network Rules Department
NACHA - The Electronic Payments Association

16175 Sunrise Valley Drive, Suite 122
Herndon, VA 20160
Phone: 703-561-7467 Fax: 703-787-1176

Friday, January 11, 2013 fake post Payment File Successfully Processed


If you receive below e-mail then do not click on the links . They are going to: /actualites /eftpssignin.html

The owners of the website have received an warning.

See below example email. All email addresses and links are removed.


This email was sent to inform you that your batch payment file was Successfully Processed. 2013-01-10-
Detailed information is available by logging in the Batch Provider with this link.
Contact Us: EFTPS Batch Provider Customer Help Center

Thursday, January 10, 2013

If you receive below e-mail, then do NOT click on link. It is again fake. Links are going to: wp-content/ plugins/zdtaiodyuar /chkpayroladp.html

Subject can be:


We will report all website's here that have this on there website.

Talk about it on our forum. Or response to it here in a comment.

ADP Instant Announce
Report #: 27037
Our Valued ADP Partner January, 9 2013
Your Refused Account Activity Statement(s) have been put onto the web site:
Sign In here
Please overview the following notes:
  Please note that your bank account will be debited within 1 business day for the total indicated on the Statement(s).
   Please Not try to reply to this message. auto-notification system unable to accept incoming email. Please Contact your ADP Benefits Authority.
This notification was sent to acting users in your company that access ADP Netsecure.
As usual, thank you for choosing ADP as your business pard!
Rep: 27037

Wednesday, January 9, 2013

FedMail (R): Federal ACH Notification - End of Day - 12/27/12

If you receive the following then do NOT click on links. It is fake.

FedMail (R): Federal ACH Notification - End of Day - 12/27/12



Please review the ACH Notification Record from the Federal Reserve Banking System with this link. (Link removed)

Link are going to: /wp-content /plugins/ zufaxaoqjub/ frbachdt.html /wp-content /plugins /zcjeofturea/ frbachdt.html

Again a hacked Wordpress website. 

Better Business Beareau Pretense

If you receive below email then do NOT click on the links. They are all going to an hacked website.
One of them is: / wp-content/ plugins /zkonfbphvul /compl_bbb_reged.html

And other hacked website are: wp-content/ plugins/ zivhohshuea/compl_bbb_reged.html wp-content /plugins/ zoquateeoai/ bbborg_complid.html /wp-content /plugins /zrnpjarodes / compl_bbb_reged .html /wp-content /plugins /zojemsukoot bbborg_complid.html /wp-content /plugins/ zvconefaqoo/ bbborg_complid.html


Subject can be:

BBB Appeal ID (With a number behind it.)
Better Business Beareau Pretense (With a number behind it.)

Mails look as they are coming from and from, but this is NOT true.

Sorry, your e-mail does not support HTML format. Your messages can be viewed in your browser
Better Business Bureau ©
Start With Trust ©
Tue, 8 Jan 2013
RE: Issue No. P a number here
The Better Business Bureau has been registered the above mentioned plaint from one of your clients in respect of their business contacts with you. The details of the consumer's concern are available visiting a link below. Please pay attention to this issue and notify us about your mind as soon as possible.
We pleasantly ask you to visit the CLAIM REPORT to reply on this claim letter.
We awaits to your prompt rebound.
Landon Roberts
Dispute Counselor
Better Business Bureau

Better Business Bureau
3063   Wilson Blvd, Suite 600   Arlington, VA 28401
Phone: 1 (703) 276.0100   Fax: 1 (703) 525.8277
This letter was delivered to YOUR EMAIL HERE. Don't want to receive these emails anymore? You can unsubscribe

Wednesday, January 2, 2013

How to report spam? Here is a list with some emails.

To report spam or unsolicited emails:,,

* When you are an Hotmail user, you should click the "Junk" button to report Spam, but if  you are
an Non- Hotmail customers should then you should address an email to, or (Just check where the originating mail domain was coming from: hotmail or msn or live). Attach a copy of the spam email to this email and send it.
If they do not receive a copy of the email as an attachment there ability to take action against the spamming account is severely impacted, because they need to have evidence showing from which Hotmail account the SPAM was sent. It is possible that the email address was spoofed, and we don't want to mistakenly close a non-spamming account.

This are just some of the places where you can report spam.
Soon more information.