Damaged Evernote Images Email Scam

I’m so tired of writing about these, but I really do feel a need to share and inform.

The other day, I got a very short email message from “Support” that claimed I had damaged images. There was a link apparently to the image. A footnote had an Evernote copyright. Here’s the whole thing:

Email Scam
This is the entire message.

Yes, I do use Evernote. But I don’t put images there. So it was pretty easy for me to expect a scam.

How to Be Sure

Here’s how I knew for sure it was a scam. Pay attention, newbies!

Who is it from?

Address
Evernote Support’s email is debra@tazland.net? I don’t think so.

The first thing I did was click the name in the from field. In Mail on my Mac, that displays a menu that includes the email address of the sender. This is obviously not Evernote support. It’s an idiot scammer.

What is the link really to?

Link
This is not a link to an image. It’s a link to a PHP file that can install malware on your computer.

Just because text is colored and looks like a link doesn’t mean it links to what the text says. In Mail on a Mac, I can point to the link and wait until a popup appears, telling me exactly where the link goes. Never click a link to a PHP file. It could install malware on your computer.

The same thing goes for buttons. Point to see where it goes before clicking. This button goes to the same place as the link text above it.

What Evernote Says

Enough people reported this problem to Evernote that they have a knowledge base article about it. You can find it here.

Be Careful Out There!

I’ve said it before and I’ll say it a million times more: never click a link in an email message unless you know for sure that it was sent by someone you know and trust. Even then there could be issues if that person’s account was hacked.

An Apple ID Hack Attempt

Two unrelated incidents? Maybe.

The other day, after having lunch with a friend, I happened to check my email. There were two messages from Apple’s iCloud service, which I’ve been a user of since its first incarnation more than 10 years ago.

I should mention first that I actively use about six different email addresses and have another six or so more that I seldom check or use. The bulk of my email comes to a throw-away address on one of my domain names. Only good friends, family members, and important folks like my divorce lawyers have my keeper email addresses, including the one on Apple’s servers which I use with the @mac.com domain.

The messages were from Apple and I’m pretty sure they were real. Here’s the first:

Hack Attempt 1
First message I got warning of a hack attempt.

In case you can’t read it, it tells me that I recently initiated a password reset for my Apple ID and gives me a link to reset my password.

I looked at the URL in the link. It looked real. But I didn’t click it. I didn’t need to. I hadn’t initiated a password reset for my account.

Apparently, someone else had.

I have to admit that I first thought of my wasband and the desperate old whore he’s living with these days. Back in January or February, they’d hacked into one of my old investment accounts, probably searching for funds for their never-ending legal battle to steal what I’ve worked hard for my whole life. I’d found out because they’d actually gotten in — I’d been foolish enough to put his name on the account when I thought I could trust him — and changed the security questions for the account. I’d been automatically emailed about the change by the investment company, thus exposing their little trespass into an account my wasband knew was mine. Fortunately, there was nothing in there for them to take. Not long afterward, I discovered that I’d been locked out of another investment account because of too many incorrect login attempts. His name is not on that one so they couldn’t get in.

I couldn’t see any reason why they’d want to hack into my Apple account, though, other than to possibly access privileged communications between me and my lawyer. What would that get them, though? Unless they’re concerned about legal action by me against my wasband for his lies under oath in court?

About 25 minutes later, another message from Apple came through. This one told me that they couldn’t reset the password because too many unsuccessful attempts to answer my security questions.

Hack Attempt 2
This message told me that someone had gone so far as to attempt to answer my security questions.

Whoever was trying to hack my account was apparently rather determined. But why? Could some hacker be trying to access my credit card information on Apple’s account? I don’t store naked selfies — or anything else that should be kept private — on iCloud to leak onto the Internet.

I should mention here that both messages came to my throwaway email account, which is set up on my Apple account as a backup email contact. Obviously, if I didn’t have a backup email account, Apple couldn’t email me instructions for resetting my password on an account I couldn’t access. It seemed to me that security on the Apple servers had protected my account.

Overnight, another message came in. This was definitely not from Apple.

Hack Attempt 3
This message was definitely not from Apple.

How do I know at a glance that it isn’t from Apple? Let me count the ways:

  1. Dear Customer. A legitimate email message from an organization you do business with should always be addressed to your name. Not even to an email address.
  2. Message was from “Service Apple ID.” Who? The address for that account was service@customer.com. Yeah, like I believe that’s Apple.
  3. Link was to a page on chatkajamnika.com. No, I didn’t click the link to see it. If you point to a link in the Mail app, a tip comes up with the full URL inside it. ALWAYS check links before clicking them.
  4. Typos. Apple doesn’t have typographical or grammatical or punctuation errors in its messages.

What seriously creeped me out about this is that it also went to my throwaway account.

Now my throwaway account is “throwaway” for a reason. It’s the email address I use to sign up for things. As such, it’s subject to spam. The idea is that when incoming spam reaches a critical mass, I throw away the account and create a new one for the same purpose.

There is definitely a chance that the person who sent this message sent them out to everyone they could, hoping that some of them would have Apple IDs associated with the account and click the link. But what worries me is that it came on the same day that my actual Apple account was attacked. Coincidence? I don’t know, but I don’t like it. Still, I know my Apple account is secure, so I’m not losing sleep over it.

But I do want to spread the word.

Have you gotten messages like this? At least one of my Facebook friends has. Could this be a coordinated attack against people with Apple IDs? Perhaps a way to get access to their data for use with the Apple Pay system? Or something else?

I might never know. But if you have any insight about this, please do share it — or at least point me to a reliable source of information with real answers.

Apple, as we all know, is pretty much impossible to reach.

IRS Tax Payment Rejection Scam

Are people really this stupid?

I got an email message from “TAX@irs.gov” today claiming that:

Your federal Tax payment (ID: HF2IRS598523201), recently sent from your checking account was returned by the your financial institution.

For more information, please download notification below. (Security PDF Adobe file)

http://www.feftechnicalsupport.co.uk/google/[REDACTED].php

Seriously?

Are people really stupid enough to click a link on a site based in the UK for an IRS tax issue? Are people really stupid enough to click a link to a PHP file that’s supposed to be a PDF file?

Here’s a copy of the message. If you got one of these, “raise your hand” by posting a comment below. I’m curious.

And spread the word; you have no idea how much it irks me that scammers are preying upon people dumb enough to believe crap like this.

Tax Scam Email

Repurposing Old Bee Hive Boxes

Reuse, recycle.

A few months back, my beekeeping friend James told me he’d was able to get a bunch of used deep hive boxes for about $5 each. Knowing I used deep boxes — he uses only mediums — he offered them to me. I asked about the condition and he admitted that they were pretty beat up but could probably be usable with just a cleaning and fresh coat of paint. They were heavy-duty commercial boxes — the kind the migratory beekeepers use. I told him I’d take 10.

Beat Up Hive Boxes
These hive boxes are a little more beat up than I was expecting them to be.

I picked them up a while later. Although structurally sound, they were very beat up. James showed me one that he’d painted and it didn’t look half bad. Since the price was right and I had plenty of paint, I took them.

I spent one morning scraping the paint off four of them with a wire brush and then repainting them. They did look much better. But when I slipped some frames into one of them, I realized that they weren’t consistently sized; the frames fit too loosely and would require careful placement to prevent them from falling into the box.

Behive
This is my garden hive, so-called because I placed it near my garden. It was built with two of the used boxes and it’s pretty clear that they simply don’t fit the way they need to.

But it wasn’t until I placed the first box of frames onto a hive bottom — for a swarm capture I needed to permanently house — that I realized the problem couldn’t be solved with just a coat of paint. The top and bottom edges of the boxes were rough. This caused gaps between the bottom and the box and between stacked boxes. The gaps were large enough for light and air to pass through. That meant the bees would be busy filling all those gaps with propolis, thus gluing them together.

I used the four I’d painted and found the same problem with all of them. Although I didn’t want to invest more money in beekeeping equipment than I had to, it was clear that these boxes would not be suitable for long-term use. They’d need to be replaced.

I placed an order for five new boxes from Mann Lake, figuring that I’d begin swapping them out on my next inspections.

But what to do with the unneeded boxes?

The answer was in my garden, which was growing wild in the planters I’d bought and made: more movable planters.

Understand that bee hive boxes do not have tops or bottoms. All they have are sides. While I could simply place a box on the ground, fill it with soil, and plant something in it, that wouldn’t make it movable. It also wouldn’t keep the moles (or voles or whatever I have making holes on my property) from digging in from underneath to kill whatever was growing in the box.

So I did the same thing I did for my large pallet planters — I lined the bottom with wire mesh. I had a large piece I’d been using on the door for my chicken yard that I clipped off, cut to size, and lay inside of each of the three boxes I painted for my trial run. I used a staple gun to fasten the wire to the sides of the boxes. Then I placed the first box in position, put a layer of stray on the bottom, right over the wire, and topped it off with some potting soil. I planted corn in the box, covered the soil with some more straw (to discourage digging by birds), watered it, and left it.

The corn wasn’t supposed to germinate for 8-10 days, but within 6 days, it was pushing its way up between the pieces of straw.

Beehive Planters
A row of the beehive planters. You can see the corn poking up through the straw in the closest box.

I lined up the other two boxes on the ground beside the first. I planted corn in one and onions in the other. When the heat breaks, I’ll prep the remaining three boxes, although I may not plant anything in them until next year.

What I like most about these movable planters is that they’re making it possible for me to have a garden this year, before I’m ready to commit to a location for the garden. And while the bottoms might not be the most sturdy, they do make it possible for plant roots to reach through, into the soil below.

I just hope I didn’t plant the corn too late for a good harvest.

Amex Personal Key Scam

Yet another phishing scam.

Got this one supposedly from American Express today. Pointing to a link in the email message clearly showed that clicking a link would not take me to an American Express website:

American Express Scam

Compare the look of that email message with the top of a real one from Amex:

American Express Legit message

Note that the real one includes my full name and even the last five digits of my credit card number (which I’ve blurred out here). When I point to a link in that message, the URL goes to a page at americanexpress.com.

Don’t be fooled! If you get a message from a bank or credit card company — or any other organization on which you have an account — go directly to that organization’s website by typing in the URL. Do not click a link in an email message. It may take you somewhere you don’t expect or install software that can infect your computer with malware.