Wednesday, January 9, 2013

Scam Email: Fake LinkedIn Private Message Emails

Okay, I'm getting slammed with these tonight so I wanted to post an alert. These look like they come from LinkedIn and someone has left you a private message, then providing you a link to click on in the email to see the private message. DON'T CLICK ON THAT LINK!

From:Glenda Clark [yianniskalaitzakis@s109.loopia.se]
Subject: Glenda sent you a 1 personal message‏

Linked In

Glenda Clark sent you a 1 personal message
Date: 1/10/2013

http://linkedin.com/do?viewProfile&message=89839692

This email was intended for katiemoe@hotmail.com. Learn why we included this.
© 2013, Linked In Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA


The actual destination of the links in this email goes to: http://123-beach-resort.com/caverns.html (don't click on this link either!!)

Here is another one I got tonight was well (and the actual destination of the links goes to http://cgssac.com/headland.html, so don't click on it!!!)

From:Andrea Cook [Cook1972@server41.campusspeicher.de]








 

Subject: Andrea Cook just sent you a private message.

LinkedIn

Andrea Cook has sent you a personal message.
Date: 1/10/2013
https://www.linkedin.com/trk?act=viewProfile&yt=message&poster=8897
Don't want to receive e-mail notifications? Adjust your message settings.
© 2013, LinkedIn Corporation



5 comments:

  1. In the emails I got like the following:
    (LinkedIn REMINDERS
    Invitation reminders:
    From Bryan Johnson (Marketing & Admin Manager at ReConsulting Ltd)
    PENDING MESSAGES
    There are a total of 6 messages awaiting your response. Go to InBox now. .......... etc

    Anyhow the point is that the links under the From "name" and the "Go InBox now" were not to an http reference but were to:
    x-msg://19/?c002 Also there was an IP address from Israel in the raw source email.
    Does anyone know what the x-msg link, if it is that, means?

    ReplyDelete
  2. x-msg:// is a thing that gets added to the beginning of links in emails that have not been formed properly. The x-msg tries to make it a valid link for the email reader.

    But of course, in this case, the point is NEVER click on these gake links from scammers, lest you download spyware or other malicious software unknowingly to your computer.

    Thanks for your example of this scam email.

    ReplyDelete
  3. Bonjour

    Suite de votre courrier je tiens à vous informé que je suis un consultant en investissement privé basé à Cotonou en République du Bénin en contact direct depuis quelques semaines avec une cliente à moi qui souhaite investir dans les secteurs d’activités suivants :

    - Energie Renouvelable
    - L’import-export
    - Le tourisme
    - L’immobilier
    - Le transport

    Vous pouvez me proposez un secteur d’activité rentable qui pourra nous permettra de travailler ensemble.
    Une chose est que vous devez savoir qu’il y aura un contrat de partenariat et de gestion de fonds qui va lier vous et ma cliente. Ce contrat sera rédiger par un notaire et je vous enverrai un exemplaire si vous êtes intéressé par ce partenariat.
    Nous serons très heureux de vous recevoir ici à Cotonou au Bénin pour la signature, l’officialisation et l’enregistrement du contrat auprès des autorités compétentes.
    J’attends votre réponse afin que nous puissions évoluer.
    Très cordialement.
    nicolaslawson25@gmail.com

    ReplyDelete
  4. I got one from a Hari Morgan, so I left my email and went to LinkedIn and checked the name, it doesn't exist. I always check the original site before clicking something unknown. Fortunately my email had already married this as spam, but we do have to verify that everything is truly spam. To summarize again check the original source site before clicking the convenient link, a little more time and effort but worth it.

    ReplyDelete
  5. I got one from a Hari Morgan, so I left my email and went to LinkedIn and checked the name, it doesn't exist. I always check the original site before clicking something unknown. Fortunately my email had already married this as spam, but we do have to verify that everything is truly spam. To summarize again check the original source site before clicking the convenient link, a little more time and effort but worth it.

    ReplyDelete