MalwareTeks Blog

Got this gem of an email the other day:

Mr. Chow York-wai, Joseph
THE BANK OF EAST ASIA,
DEAN STREET, OFF SHAFTBURY AVENUE,
LONDON, UNITED KINGDOM (UK).
DATE: 17/09/2006.
E-mail: EMAIL ADDRESS REMOVED FOR SECURITY REASONS

Good Morning,
I would not have used this medium (Internet) but I chose to reach you
through it because it is the fastest, surest and most secured medium of
communication. However, this correspondence is un-official and private,
and it should be treated as such. I also guarantee you that this
transaction is hitch free from all what you may think of.

I am Mr. Chow York-wai, Joseph of THE BANK OF EAST ASIA (London Branch) I
am contacting you based on Trust and confidentiality that will be
attached to this transaction. The Management and the Legal department of
our BANK (THE BANK OF EAST ASIA) in a recent meeting, recommended that
the account of MR. JAMES D.CLEERE, who was one of my branch depositor,
should be declared Dormant, confisticated and the depositor's fund sent to
the Bank Treasury according to UK Banking and financial law. He died in
world trade center as a victim of the September 11,2001.Incident that
befall the United State of America; the bank has made series of  efforts
to contact any of the relatives to claim this money but without success,
you can confirm
through  this site:

http://www.september11victims.com/september11Victims/victims_list.htm

MR. JAMES D.CLEERE is an account holder in my branch, he owns a dollar
account with the sum of US$58.2M (Fifty Eight Million, two Hundred
Thousand United States Dollars Only) deposited in a Secret account with my
branch .In fact, since his death, no next of kin of the Dollar account
holder  (the brother) nor any relative of him has shown up for the claim
this because he has the account as a secret account thus he left all the
documents for the deposit with me.

This is where I am interested and where I want you to come in. I want you
to come in as the relation of the deceased, I will give you the relevant
documents and contacts to file the application and then effect the
approvals for the transfer of the money, I will be the one to provide the
vital documents for the claims of the money and then advise you exactly
how we should handle it. Please
include your telephone/fax number/ Home Address when replying this mail
and I will give you more information as soon as you indicate your
willingness to assist in this transaction.

We will use our positions to get all internal documentations to back up
the claims. Do not be bothered that you are not related in any way to him
as I am in position to affix your name as the next of kin. The whole
Procedures will last only 7 working days to get the fund retrieved
successfully without trace even in future. After the transfer of the money
we shall share the money 60-40.that is I will have 60% while you will have
40%. Kindly respond promptly so that I can
advice you on the next step to follow.

PLEASE SEND YOUR RESPONSE TO MY PRIVATE EMAIL ADDRESS AT: (EMAIL ADDRESS REMOVED)

I will be waiting to hear from you.
Yours truly,
Mr. Chow York-wai, Joseph
THE BANK OF EAST ASIA
(London Branch)

Email Header inidcates this email originated from saguntomail.com.

Whois information for saguntomail.com:

Whois Server Version 1.3

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: SEPTEMBER11VICTIMS.COM
Registrar: REGISTER.COM, INC.
Whois Server: whois.register.com
Referral URL: http://www.register.com
Name Server: DNS1.INTERLAND.NET
Name Server: DNS2.INTERLAND.NET
Status: REGISTRAR-LOCK
Updated Date: 02-sep-2006
Creation Date: 11-sep-2001
Expiration Date: 11-sep-2007

>>> Last update of whois database: Mon, 25 Sep 2006 15:32:50 EDT <<<

NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (”VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
The data in Register.com’s WHOIS database is provided to you by
Register.com for information purposes only, that is, to assist you in
obtaining information about or related to a domain name registration
record. Register.com makes this information available “as is,” and
does not guarantee its accuracy. By submitting a WHOIS query, you
agree that you will use this data only for lawful purposes and that,
under no circumstances will you use this data to: (1) allow, enable,
or otherwise support the transmission of mass unsolicited, commercial
advertising or solicitations via direct mail, electronic mail, or by
telephone; or (2) enable high volume, automated, electronic processes
that apply to Register.com (or its systems). The compilation,
repackaging, dissemination or other use of this data is expressly
prohibited without the prior written consent of Register.com.
Register.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.

Registrant:
Alex
Spektor, Alex
610 Valley Stream Circle
Langhorne, PA 19053
US
Email: a_spekt@hotmail.com

Registrar Name….: REGISTER.COM, INC.
Registrar Whois…: whois.register.com
Registrar Homepage: www.register.com

Domain Name: september11victims.com

Created on…………..: Tue, Sep 11, 2001
Expires on…………..: Tue, Sep 11, 2007
Record last updated on..: Sat, Sep 02, 2006

Administrative Contact:
Alex Spektor
Alex Spektor
610 Valley Stream Circle
Langhorne, PA 19053
US
Phone: 2157417133
Email: a_spekt@hotmail.com

Technical Contact:
Register.Com
Domain Registrar
575 8th Avenue 11th Floor
New York, NY 10018
US
Phone: 1-902-7492701
Email: domain-registrar@register.com

DNS Servers:

dns2.interland.net
dns1.interland.net

Register your domain name at http://www.register.com

Reply-To: email address is an Yahoo India email address.

This scam follows the pattern of similar emails scams. A banking official needs help recovering funds from a secret account of some deceased individual. Since this is a secret account no relatives are aware that the funds exist. Now he needs my help to recover the funds by acting as a relative of this long dead person. Wow, Mr. Chow you pick me among the millions of people in the world to help you retrieve these funds, of course I will be generously compensated for helping you, NOT. Mr. Chow I’m not the least bit interested in helping you commit a crime.

These scams always work, they play upon a person’s greed. The catch here is they need your personal information and for you to cover any expenses. So you shell out several hundred, may be even a couple thousand to cover the fees involved. Why not, I stand to get several million in return. NOT.

People stay clear of these scams, delete the email. DO NOT answer these.