(Updated)
Here’s an email I received this morning:
Dear xxxxxx,
Thank you for your subscription to
http: // polarstaryouth.org/scken1578.html (link removed for my readers protection)
You have been billed as KRBILL LLC for the amount of:
3.95(USD) for 3 days (trial) then 34.95(USD) recurring every 30 days .
Your new subscription identification number is:xxxxxxx,
Your membership access information is:
Username for your subscription: xxxxxxx
Password for your subscription: xxxxxxx
E-mail: xxxxxxx
Membership website: http: // polarstaryouth.org/scken1578.html (link removed)
Thank you for choosing KRBill as the eMerchant for your subscription!
Customer Support/Cancel Your Subscription 28/08/2006 07:06
Obviously scammers are getting smart: reading you’ve just been billed, wouldn’t you instinctively click to clarify/cancel? We’re all getting smarter about scam, but the sense of urgency can easily trigger a kneejerk reaction, forgetting all precautions, and that’s exactly what the scammer counts on. However, there’s two safety precautions I strongly recommend to everyone:
- No card to charge: I only ever use throwaway, virtual credit card numbers on the Net, so scammers can bill all they want, they can’t charge my card
- Protected Email address: I have specific email addresses for subscription lists and online orders, another one for financial activity (banks, brokers), yet another for the blog…etc. I don’t ever use online my “real” email addresses that I want to protect. So when scam arrives to the protected email, I can rest assured they don’t have any of my data, the email is harmless junk.
Any other good ideas? Please leave them in a comment below.
Update (8/28): Polar Youth appears to be a non-profit, not selling anything. However, the full URL (I did not click it, but retyped it) leads to a page where one can supposedly by a software product, and the licence terms refer to Intuit. Since it’s obviously forgery, perhaps someone from Intuit will chime in here.
Update (9/1): Wow… apparently this scam was first insignificant enough that only I posted about it, thus getting the #1 postition on Google for the search term “Krbill”… than it got widespread enough that a lot of people are searching for it… I am getting a lot of hits. I also may have become the target of the scammers revenge: the appear to phish my email as sender. I received emails asking for explanation, even one asking for a refund of any money charged to them. Rest assured: the scammers could not get your money, unless you provided them with data.
As a commenter points out below, the websites the scam email leads to contain hidden iframe that attempts to download malware on your computer.
Recent Comments