indian "419" scam

just got a mail from what was purportedly the reserve bank of india. with one attachment. it was very tersely worded, but knowing how inscrutable government communications can be (yes, i know, there's no reason for the RBI to mail me... but still), i previewed it in google docs. i was half expecting a virus, but what i read surprised me:

---

from: Reserve bank of India <info@rbi.net>
reply-to: <rbitransferunit9@gmail.com>
to: <info@rbi.net>
date: Tue, Oct 22, 2013 at 3:12 AM
subject: (no subject)

«--
Please Find The Attachment To This Mail

---

attachment: open.rtf

---

Payment file: RBI-DEL/id1033/11.

Payment amount: $ 500,000. us dollars.

                           RESERVE BANK OF INDIA OFFICIAL PAYMENT NOTIFICATION    

Attn: Beneficiary:

The Foreign Exchange Transfer  Department Reserve bank of India has decided to bring to your attention, that you were listed as a beneficiary in the recent schedule for payment of outstanding debts incurred by the BRITISH GOVERNMENT Pending since  2009  to  2013  According to your file record with your email address, Your payment is categorized as:

Contract Type: Lottery/inheritance/ unpaid contract funds/ Undelivered Lottery fund/

Recently on the 01 October 2013. The Reserve Bank of India (RBI) Governor, Dr. Raghuram Govinda Rajan and Ban Ki-moon Secretary-General of the United Nations met with the Senate Tax Committee on Finance RBI Mumbai/Delhi branch. Regarding unclaimed funds which have been due for a long run, at end of the meeting (RBI) Governor, Dr. Raghuram Govinda Rajan mandate all unclaimed funds to be release back to the beneficiary stating that it is an unfair practice to withhold funds for government basket for one reason or the other for tax accumulations. Therefore, we are writing this email to inform you that $500,000usd will be release to you in your name, as it was committed for (RBI) Governor that Beneficiary will have to pay crediting fees only. So you are therefore required to pay 16,500 INR ONLY in cash deposit to credit your account immediately making a deadline of 2 working days after date of receiving this mail. Also reconfirm your details- for crediting.

Fill The Form Below:

1. Full Names: 
2. Residential Address:
3. MOBILE NUMBER:  
4. Occupation:                   
5. Sex:                                  
6. Age:                                 
7. Country:                        
8. Marital Status:              
9. E-mail id:                     
10. Bank Name:               
11. Account Number:
12. Account Holders Name: 
13. Bank Branch:                 

Dr. Raghuram Govinda Rajan                                               
RESERVE BANK OF INDIA
          GOVERNOR.

work offer)

From: "Andrew Smith" <andrew_smith009smith@aol.com>
Date: Mar 4, 2013 2:10 AM
Subject: work offer)
To: <kris...@gmail.com>

Hello,

I'm Dr Andrew Smith, 53yrs of age, I'm a Dentist, I have been pretty successful in a handful of ventures which have involved. I'm presently working with UNICEF and other private organizations, also various welfare and community service programs.

As my assistant, your activities will be:

* Running  errands and supervision

* Taking care of my Financial activities

* Appointment schedule

* Memo

Wages is $ 500 per week.

We will start with things as soon as possible. I do have a pile up of work and a number of unattended chores which you can immediately assist me with and i hope we can meet up with the workload eventually. Permit me to use the coming week to test your efficiency and diligence towards all this, also to work out your time schedule and fit it to mine.I really need to find the perfect person for this job, I have confident in you that you can take-up the challenge and on the long run we should have a relatively sound working relationship between each other.

This is only an introductory e-mail, as time goes on we should be able to arrange a proper meeting to get things started officially when i get back from my trip because am currently in Belgium for health Summit.

So i will be here for couples of weeks, till i get back this position will be a part-time and home-based job because my new office in your local area will not be set up till i get back to the state.

I have been checking my files and I would want you to do for me is to help my clients get their monthly medication from the Pharmaceutical Company.

The funds will be in form of certified Cashier's Check, it will be sent over to you from one of my clients and I will e-mail the guidelines to you once you receive it.

FILL YOUR DETAILS BELOW FOR APPLICATION:

First Name:

Last Name:

Full Street Address (not PO BOX):

Cityy:

State:

Zip-Code:

Cel Numbr:

Home Numbr:

E--mail Address:

Ag:

H1N1/2

i remember the last time there was a H1N1 scare in mumbai. it was the week that ended on 14th august 2009. there were reminder emails being sent out requesting people to stay at home if they showed any sort of flu symptoms, we had hand sanitizers kept ready, face masks were made available on request, etc. i stopped all contact with doors, etc (yesh, i was actually pushing doors open with my foot, and using napkins to touch doorknobs etc)

everyone in my office was sneezing and coughing. a small fraction of them stayed at home too.

even the normally nonchalant working mumbai junta were wearing face masks or poorly draped handkerchiefs UNDER their helmets and inside their air conditioned cars on the roads.

i survived the week without a sneeze or a cough or a face mask.

we then had independence day on the 15th, and people (not me, i was busy drinking away my birthday :D) gathered in large numbers for flag hoisting, parades etc, despite all logic that said it's best to stay away from crowded places. and the next monday, everyone i saw was fit as a fiddle. not a mask in sight, on the roads even!

a couple of days ago, we all got another reminder email that H1N1 flu is spreading in the northern hemisphere.

everyone in my office is sneezing and coughing. few people are staying home too.

i have a bad cold, a sore throat, and a mild fever.

i think we'll need a national celebration this weekend.

sphincter extraction

i hate people who randomly pull figures out of their ass, usually with little or no logical explanation. my name for it is "sphincter extraction" - and looking at how often i come across these smelly numbers, it seems like people seem to love doing it as much as i hate hearing about it, if not more.

for example, today, i read/dugg an article on yahoo news that claims that accidental use of "reply all" cost the us economy USD 650 billion (that's almost 5% of its GDP, btw).

some time ago i read that changing the background of google's home page to black would save the world thousands of kilowatt-hours worth of electricity in a year.

in either case, the numbers are entirely meaningless because nothing is concretely defined.

what is the definition of "accidental" use of reply all? how do you define cost of receiving such a mail? don't we have to also factor in the potential loss of productivity caused by not getting an important message because you weren't included in the conversation?

for the black google thing, it's even stranger when you consider that an lcd screen actually uses *MORE* electricity to display black than to display white, while a crt one uses less. if lcds outnumber crts (which i'm jolly well sure they do), black google would actually use *MORE* electricity. and even if they did save a million lightbulbs worth of electricity, it would be less than what my block uses in a year. wonder where they got their "377,753.418 watt hours saved" line from.

maybe i should calculate how much money was lost due to sphincter-extraction-based reports. now that would be a nice number to pull out of my ass.

orkut phishing attempt

beware of the site orkutverification.awardspace.com - it's a phishing site that attempts to lure orkut users.

i received the link from someone on my orkut friends list, and it was a url that had an id at the end which identified my username, so i'm assuming it could figure out my username from the link.

based on the information i have, here's how it works:

1. users are presented with a screen identical to orkut's login screen


2. on signing in, the site opens its own connection to orkut.com


3. it scrapes orkut for all available information (don't have any details on that) about the compromised user and his/her friends


4. it then sends out a unique message to all of the user's friends, asking them to view the site. it gives a unique url, so it knows which user clicked the link, and even displays the username in the login box, the way google does


5. if anyone is fooled by this and logs in, the process continues from step 2

reasons why you should be concerned:

• your google account isn't used ony for orkut, but also for a lot of other things like gMail, gTalk, blogger, personalised search (freaky!!!), gReader...the list goes on!!!


• many orkut users put up private information such as their date of birth, address, telephone numbers, etc on their orkut profiles and make the information visible to only their friends, assuming that friends can be trusted not to misuse the information. that assumption is not valid anymore, now that this phishing site can also act on behalf of your friends (i'm a victim of this assumption too...and i still don't know how much info has been leaked. it's very scary)


• the worst part is that one person's ignorance can lead to leaking private information of all his/her friends, without their control at all, and they have no easy means of preventing it, short of deleting that information from the site


• you probably don't have your credit card number posted on your orkut profile, but you've probably received some mail or the other from your bank/credit card company. if you use gMail, and archive all your mail (just like i do)...well...you can do the math :)

steps to prevent this:

• always look at the address in the address bar before signing in. phishing attempts usually use similar URLs, so you may need to look carefully.


• never enter your login info on any third party site, no mater what that site claims to do for you. i have endless friends who have done such things, usually for the sake of automatically inviting all their friends to some new social networking site. what they don't realise is that the addresses and all other details of all their friends (including the ones who didn't join up) are stored in a database somewhere, awaiting further abuse


• do not click on links starting with a "javascript:" in the URL. this is rather tricky, since you may need to hover your mouse over the link and look it up in the status bar of your browser. quick and dirty, but not foolproof.


• the safest precaution when clicking links on a site that contains your confidential info is to copy the link (usually right click -> "copy link" does the trick) and paste it into your address bar. if it contains "javascript:", or if it links to an external site and contains a "?" somewhere in the link, do not hit enter and open it. this only applies to user posted links (links in scraps/messages/emails/blogs/blog comments/profiles etc)


• for the above mentioned suspicious links, (atleast the ones containing a ?), try opening the link in a new browser window, and delete everything starting from the ? to then end of the link. that ensures that the new site cannot identify who you are or where you came from.


• read http://hoaxbusters.ciac.org for more anti phishing, anti spamming and hoax spotting techniques


• last of all, but definitely most important, when in doubt, DON'T CLICK!!!!

bill gates is giving his money away!

i get a lot of these chain mails stating that bill gates is giving his fortune away to people who forward a given mail, or that aol will donate 10 cents to some kid who needs a brain transplant. all these mails have one common feature that they claim microsoft, aol or some other combination of big internet/computer related companies are tracking this mail.

this kind of stupid misinformation and waste of internet bandwidth (not to mention unwanted filling up of my inbox) pisses me off no end. i've tried many approaches, none of which have worked so far. these include replying with:

"this is a rumor - check (insert link here) for more info"

"i can't believe someone as intelligent as you can think that one big co can track every single mail. do you think if they had so much power they wouldn't have known all your secrets by now?"

"i know how email works. it's not possible for any one organisation to track any email"

"i can't believe that a computer student like you spreads rumors like this...were you sleeping in class for all of last year???"

anyway...neither of them have worked frequently enough to be touted as generic solutions to this generic problem. so i finally hit upon this solution - and surprisingly it works better than all of the above!!!

"i just checked with (paste big co's name here from original mail) and they told me they are not monitoring this mail."

talk about fighting misinformation with misinformation!!! i guess thats the only way you can convince misinformed people :D

cellphone virus

today i got this very funny mail from my MCA classmate:

---

Hi All,
Its very important news for all of you. Do not pick up calls from the Under given numbers.

9888308001,
9316048121,
9876266211,
9888854137,
9876715587,

These numbers will come in red color, if the call comes up from these numbers. Its with very high wave length, and frequency. If a call is received on mobile from these numbers, it creates a very high frequency and it causes brain hamrrage. It's not a joke rather, it's TRUE. 27 persons died just on receiving calls from these numbers. Watch Aaj Tak (NEWS), DD News and IBN 7.

Forward this message to all u'r friends and colleagues, and relatives.

---

reply-freak that i am, i couldn't help sending this mail in response:

---

if you get a call from 9833511193, please do not answer it. it's a very dangerous virus. it's called kristopher and is a cellphone virus. after you answer the call, you will have to listen to a half an hour lecture about how gullible you are and how you should not believe anything you hear before verifying the facts. you will also have to listen to a very emotional lecture about how people don't think anymore, and how even MCA students who have (hopefully) studied wireless technology do not have the intelligence to realise that such a thing is not possible. in such a situation, please do not say that "i was bored and forwarded it for timepass", or anything similar, because that will trigger off a hidden payload in the virus which will cause it to make a hypersonic wave through the cellular network, which will cause the phone to explode and kill atleast 10 people in the radius, and cause permanent brain damage to people within a 20 km radius of the phone.

this is real. it was on the news. 45 people died in the past 30 minutes. it was in the times of india, dna, mid day and hindustan times. it was also on aaj tak, ndtv, dd news and cnbc. nokia has confirmed that this threat is real and is trying to make a fix for it. the fix is applicable as a special 'brain patch' to be worn over the head. this brain patch will prevent all radiation, but it will also block all sounds too. executives at sony-ericsson were unavailable for comment.

---

feel free to put your name and number in place of mine and use it on unsuspecting/naive/mentally challenged acquaintances of yours who send you similar mails :)