• Home
  • Domains
  • Internet & Tech
  • Security & Privacy
  • Google & Search
  • Editorial Praise
  • Contact

Strategic Revenue - Domain and Internet News

Internet news authored by John Colascione

Register Domain Names

  • Isn’t Print Dead?
  • Killer Acquisition
  • New gTLD Death
  • Online Censorship
  • Gullible Domainers
  • You’re A Loser
You are here: Home / Privacy Issues / Verizon Wireless Phishing Email: Scams & How to Avoid Them (Part 2)

Verizon Wireless Phishing Email: Scams & How to Avoid Them (Part 2)

April 20, 2013 By John Colascione Leave a Comment

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

Back in May 17th 2012 I wrote a very detailed post about a fake Verizon Wireless phishing email I received. I decided to write the post because I know there are a lot of people who receive these types of emails and I wanted to help educate people about this sort of thing.

I’m sometimes taken back by how ramped this problem is and how many people are likely taken advantage of by just not knowing what to look for to keep them and their privacy safe. I also wrote it because it was a more sophisticated scam than I usually see and even I nearly fell for it at first so I thought it certainly warranted the time it would take for me to write it up, screen shots and all. If it helps just a few people it’s worth doing.I will add the same note I added on the first one:

PLEASE NOTE: THE PHOTO EMAIL BELOW IS NOT SENT FROM VERIZON®. IF YOU RECEIVE IT, IT’S A FAKE. IT IS BEING USED BELOW AS AN EXAMPLE OF AN ACTUAL “PHISHING” EMAIL I RECEIVED. THIS IS HERE TO HELP OTHERS AVOID IT AND EMAILS LIKE IT AS WELL AS TO ILLUSTRATE HOW THE SCAM WORKS IN DETAIL.

On April 15th 2013 I received another phishing email I feel warrants the time to write up which was based on the same unfortunate company being taken advantage of, Verizon Wireless; indicating that the scammers must be having a lot of success with its targets when using this company as a lure. I wanted to detail again exactly how this scam seems to be working and how the scammers are tricking people as it is very important to be aware of these types of tricks.

On April 15th, 2013 I received an email titled “Οnlіnе Alert. Action Required” which somehow avoided my bulk mail folder.

The email says:

Dear Valued Member,

It hаѕ сοmе tο οuг аttеntіοn thаt уοuг νегіzοnwігеlеѕѕ Віllіng Infοгmаtіοn гесοгdѕ аге οut οf dаtе. Τhаt геquігеѕ уοu tο νегіfу thе Віllіng Infοгmаtіοn. Fаіluге tο νегіfу уοuг гесοгdѕ wіll геѕult іn ассοunt ѕuѕρеnѕіοn. сlісκ the lіnκ Ьеlοw аnd еntег уοuг lοgіn іnfοгmаtіοn οn the fοllοwіng ρаgе tο сοnfігm уοuг Віllіng Infοгmаtіοn гесοгdѕ.

Сlісκ hеге http://www.verizonwireless.com/support/updates After a few clicks,

јuѕt νегіfу the information уоu еntегеd іѕ соггесt

Ѕіnсегеlу,

VегіzοnWігеlеѕѕΜеmЬег Ѕегνісеѕ Теаm

Ρ.Ѕ. Тhе lіnκ іn thіѕ mеѕѕаgе wіll Ье ехріге wіthіn 48 Ηοuгѕ . Υοu hаνе tο uрdаtе уοuг рауmеnt іnfοгmаtіοn

©2013 Vегіzοn LLС. Аll Rіghtѕ Rеѕегνеd.

On the surface the email appears to come from OfficialTeam@verizonwireless.com but Google has been showing the actual mail server that sends the mail so I can see that it was actually mailed by eigbox.net. If I had to take a guess, I would say that this person’s mail server has been hacked and they do not even know their server or hosting account is sending this email. This is another way that the scammer will hide; they are behind a compromised server.

eigbox
Fake Verizon Wireless Email Body

The second dead giveaway that something strange is going on is the introduction “Dear Valued Member”. This is another characteristic to look out for; most companies are addressing their customers by name now, so if you see something like “Dear Customer”, “Deer Account Holder”, or something generic like that, the email should be immorality suspect and require closer inspection.

introduction
The second dead giveaway that something strange is going on is the introduction “Dear Valued Member”.

Next is the third indication something is weird, Google has returned an option to translate the email which appears to be in English so why would translation be suggested as an option? Upon close inspection you will notice there looks to be a Russian character hidden within the email. I am not sure why the scammer would do this but I am sure there is a reason which is possibly related to avoid the spam bulk folder.

translation
Upon close inspection you will notice there looks to be a Russian character hidden within the email.

Yet again, we have an additional indicator of a phishing attempt hidden within the link of the email, the URL. By hovering over the URL you can see that web site address this link will bring you to is being shortened with a URL shortener I’ve never seen before which is possibly just a domain being forwarded: (http://j.gs/24As).

hover-over
By hovering over the URL you can see that web site address this link will bring you to is being shortened

Last but certainly not least is the actual language used. “The link in this message will be expire within 48 hours” [which it wasn’t anyway, I clicked it 5 days later to write this post and it still worked, but that is besides the point], virizonwireless (one word), just (not capitalized), etc.. etc.. This email is filled with incorrect English if you take the time to actually read it.

spelling
This email is filled with incorrect English if you take the time to actually read it.

Now that all of the ‘on the surface’ indicators are out of the way, I want to show how sinister this email is and what it is trying to accomplish which many people do not understand why these scammers even do this to people. Now we will go into the intent behind this scam.

So what happens when we click on this link and fall for the scam?

This is the fake Verizon Wireless website a user is brought to when they click the link within the email. The actual website URL in the top of the browser is:

http://www.r57.bz/wwww1 .login.verizonwireless.com.amserver. UI.Login.onlineaccounts/ nlineaccountsonlineaccounts. upgrade. online. billing. account.update. secureupgrade .activate. onlineaccounts.upgrade.online.b/ 597e3cf163f0bc48340ce568a1f2df0b/

fake-website
Fake Verizon Wireless website a user is brought to when they click the link within the email

This is what you will see below if you visit the main homepage of this domain www.r57.bz

bzdomain1
domain www.r57.bz

The hosting account for this domain is being used to host this fake web site. The owner may or may not even know about it. The address you see is actually just a subfolder like /images/ but with a much longer name designed to appear like a website address with lots of dots (.) in it. (wwww1.login.verizonwireless.com.amserver.UI.Login.onlineaccounts)

This website is still up 5 days after I received the email and I am sure Verizon Wirelesss knows about this by now so the hosting company is likely unresponsive in removing the hosted content.

None of the tabs actually work on this fake website. The only thing that works in the log-in box which you can enter in anything and it will bring you to the next screen. Entering anything into that user-name and password box likely sends the information to someone’s email or stores it in a database for later retrieval. Below is what happens if you enter in any phone number combination and a password:

update_contact
None of the tabs actually work on this fake website. The only thing that works in the login box which you can enter in anything and it will bring you to the next screen.

Again, none of the top navigation buttons work or click to any other pages. The entire scam is based on people who will not even think to click anywhere else. The scammers are looking for people to enter in their information including their date of birth, mothers maiden name and social security number (as seen above) in these boxes so they can steal the info.

anything
Entering in any information and then submitting it will bring you to the next even more sinister screen.

This is where I am very surprised people would even enter in all of this info. Not only do they ask for the CVV code, but they even request the persons PIN number to further do a number on their victim

pin_number
Not only do they ask for the CVV code, but they even request the persons PIN number to further do a number on their victim.

Entering in all of this information, then brings you to this screen:

thankyou
User (victim) is brought to a thank you page still hosted on this fake website.

And then within 5 seconds it redirects to the real Verizon Wireless website below.

done
Real Verizon Wireless website

So that’s what it’s all about. First, they hack a server to put up a fake website. Then, they hack a different server to send out phishing emails to trick people to click the link in the email and visit the compromised server where they have installed the fake website. They bring victims of this scam to a website that looks identical to an official website. They trick people to enter in all of their information, or as much information as possible, further stealing the information while returning them to a screen that the person will not know what happened to them, while the crooks have all they need to either go on a spending spree or sell the information to someone who will take advantage of the unsuspecting victim of the scam.

This sort of thing happens every day and is likely one of the major reasons why websites and servers are broken into in the first place. Hackers need access to computers where they can take advantage of both the server host and the people they send there, all while being extremely difficult to track and identify. So for these examples here, it is very important to inspect all emails that appear to have any of the ‘give away’ ‘red flag’ traits I have pointed out here, because if you do not catch it, this can and will happen to you eventually.

If you like this post, please share it with those you would like to inform about this.

John Colascione 2024
John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

Filed Under: Privacy Issues, Security Issues

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search This Site

by: John Colascione

John Colascione

Best Site for Things to Do While Visiting Florida
John Colascione is Chief Executive of Internet Marketing Services Inc. He specializes in Website Monetization, authored a book called Mastering Your Website, and is a key player in several Internet businesses through his brand SEARCHEN®

#Indiana.com

GEO domain name

Follow Me

John Colascione Twitter

USED CARS ENTERPRISE

auto buyers market
Auto Buyers Market – Shop Used Cars by Participating Dealers at autobuyersmarket.com

In The News

  • DNJournal: New Book From Veteran Domainer
  • From Brandable to Exact-Match Geo Domain
  • InnovateLI: Two Deals, One Very Interesting Digital
  • Internet Commerce Association: John Colascione
  • NamesCon: Featured Attendee: John Colascione
  • Long Island Media Inc, SmartCEO, Future 50
  • Speakers, Name Summit, John Colascione
  • Speakers, Real Estate Summit, John Colascione
  • 24 Leading Domain Experts Analyze 2017

Popular Stories

New gTLD? Not So Fast; History Suggests New ‘Right of the Dots’ Could = Total Failure

Could Domain Investing Industry End with Legal Provision for Domain “Hoarding”

Websites and Domain Names to Become Insignificant within 20 Years or Less

Does the Domain Industry Suffer From Own Versions of Trumpted “Fake News” Stories?

List of 300+ Cryptocurrency Domain Name Sales and Sale Prices [All Time] (NameBio)

Quotes to Follow

quote icon The domain name is equivalent to Gold. It is the only packaged item which is globally tax-free, portable, with value that is universal across different cultures. quote icon – Frank Schilling

quote icon Domains have and will continue to go up in value faster than any other commodity ever known to man. quote icon – Rick Schwartz

quote icon  Google knows you, your friends, your likes, what entertains you, where you are in the world at any given time. Google will soon predict your next action, your next thought, based on a collaboration of thoughts past. quote icon – John Colascione

Like These Headlines?

Enter your email address:

Delivered by FeedBurner

T.L.D. Brokerage

Domain Brokers

Books on Domain Names

  • Books on Domain Names
  • Best Biz Cash Back Credit Card (5%)

2025 Digital Real Estate Surge: High-Value Domains Prove Worth With More Big Sales

WEST PALM BEACH, FL - The domain industry is experiencing a surge in high-value transactions, as highlighted in DN Journal's latest report titled "Sizzling Domain Sales Continue to Light Up The Charts … [Read More...]

Google’s Search Market Share Dips Below 90% for First Time in Decade

MOUNTAIN VIEW, CA - Google's global search engine market share fell below 90% in the final quarter of 2024, marking the first time since 2015 that it has dipped under this threshold. Regional … [Read More...]

Near Identical Domain Used To Scam Over $800,000 With Wire For Real Estate Deal

AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. … [Read More...]

Domaining blog recommended by Domaining.com

Copyright © 2010-2025 StrategicRevenue.com - Property of Internet Marketing Services Inc.   FeedBurner: RSS
By using this site you agree to our Terms of Service and Privacy Policy. If you do not agree, please exit the service.