V.I.B.

This spam was not sent by CareerBuilder as claimed: it originated from the Turk Telekom network, and used a return address in the domain "b-m.fr", so there is nothing to associate it with CareerBuilder at all. The message does not make it clear what the company name is, or what kind of work is involved. My guess is that "V.I.B." is supposed to stand for something related to the domain name "vendasoinvestas.com", but, scams being scams, neither of these names is particularly meaningful or important, and they may change at the drop of a hat. The job itself fits the usual profile of a money mule scam, despite the lack of information.

   Domain Name: VENDASOINVESTAS.COM
   Registrar: ESTDOMAINS, INC.
   Whois Server: whois.estdomains.com
   Referral URL: http://www.estdomains.com
   Name Server: NS1.GRISHEK.RU
   Name Server: NS2.GRISHEK.RU
   Updated Date: 26-mar-2008
   Creation Date: 26-mar-2008
   Expiration Date: 26-mar-2009

The website at this domain currently serves a script which redirects to http://www.v-i-b.biz/index-4.html. That page has the title, "Vendas o Investas de Brazil", which is presumably what V.I.B. is supposed to stand for. This page also confirms that the scam is a money mule job: "During all working process you will operate with money transfers, so you have to provide us with valid bank account which you will be using especially for our company needs and transfers you process and forward."

Domain Name:                                 V-I-B.BIZ
Domain ID:                                   D22972891-BIZ
Sponsoring Registrar:                        ESTDOMAINS INC
Sponsoring Registrar IANA ID:                832
Domain Status:                               clientTransferProhibited
Registrant ID:                               DI_6758232
Registrant Name:                             Voland
Registrant Email:                            v@volandzerocker.info
Name Server:                                 NS1.VOLAND-DNS.ORG
Name Server:                                 NS2.VOLAND-DNS.ORG
Created by Registrar:                        ESTDOMAINS INC
Last Updated by Registrar:                   ESTDOMAINS INC
Domain Registration Date:                    Thu Jan 31 18:33:14 GMT 2008
Domain Expiration Date:                      Fri Jan 30 23:59:59 GMT 2009
Domain Last Updated Date:                    Tue Mar 25 12:21:38 GMT 2008

Curious -- who is volandzerocker.info? And who is voland-dns.org?

Domain ID:D23068396-LRMS
Domain Name:VOLANDZEROCKER.INFO
Created On:30-Dec-2007 11:10:15 UTC
Last Updated On:29-Feb-2008 03:00:39 UTC
Expiration Date:30-Dec-2008 11:10:15 UTC
Sponsoring Registrar:Blog.com Digital Communications Inc. (R315-LRMS)
Registrant ID:DI_4356825
Registrant Name:Veev
Registrant Email:admin@veev.ru
Name Server:NS1.3MA.RU
Name Server:NS2.3MA.RU

Domain ID:D152132088-LROR
Domain Name:VOLAND-DNS.ORG
Created On:25-Mar-2008 11:48:04 UTC
Last Updated On:25-Mar-2008 11:55:28 UTC
Expiration Date:25-Mar-2009 11:48:04 UTC
Sponsoring Registrar:EstDomains, Inc. (R1345-LROR)
Registrant ID:DI_3079491
Registrant Name:Pit Gate
Registrant Email:pitgate@bigmam.org
Name Server:MANAGEDNS1.ESTBOXES.COM
Name Server:MANAGEDNS2.ESTBOXES.COM

Quite a twisty little maze of recent registrations, this. The domain "bigmam.org" currently advertises "localhost" for its MX host (mail), so that's pretty much a dead end. On the other hand, "veev.ru" has no MX record, but does have an address record, so it could theoretically receive mail. The record has a "time to live" of ten minutes, however, which potentially makes it a fast-flux target.

---------- Forwarded message ----------
From: [redacted (random)]
Date: 26 Mar 2008 XX:XX UTC
Subject: PART-TIME
To: ideceive@gmail.com

	[CareerBuilder graphic redacted]

WE HAVE A JOB FOR YOU. Leading international company is expanding! My name is Raul and we have an exciting opening for a Company Representative. Please make an attention about position offered. Have you been looking for a great part-time job during the day?  Monday thru Friday?  Do you have experience with outside sales, person to person marketing and management?  Do you like making simple and interesting tasks? If this is you, have we got a great opportunity! HOURS: Our's typical operating hours are Monday through Friday from 7 a.m. – 5 p.m. As a part-time employee, you would average 20-25 hours per week during normal business hours. The preferred shift for this position is mornings. QUALIFICATIONS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION and/or EXPERIENCE: High School, College or equivalent; or one to ten three related experience and/or training; or equivalent combination of education and experience. If you want more details on joining our employees or for an immediate start please visit Careers section on our website at: www.vendasoinvestas.com//" Regards, Raul V.I.B. Recruiting Director WE TREASURE YOUR PRIVACY AND PROTECTION This email was sent by: CareerBuilder.com 8420 W Bryn Mawr Ave, Chicago, IL, 60631 USA

LHN Pro Builder

This looks pretty much like a textbook case of a pyramid scam, where money is made by persuading other people to buy into the system. As is typical for this kind of thing, the participants also resort to spamming, which is how I got this invitation in the first place. The tinyurl link in this message redirects to http://www.lhnprobuilder.com/joebizness

   Domain Name: LHNPROBUILDER.COM
   Registrar: GODADDY.COM, INC.
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS1.PASHOSTING.COM
   Name Server: NS2.PASHOSTING.COM
   Updated Date: 08-jan-2008
   Creation Date: 08-jan-2008
   Expiration Date: 08-jan-2009

---------- Forwarded message ----------
From: work at home info <info@refer3retire.net>
Date: 26 Mar 2008 02:47
Subject: 4 people needed immediately...do you want too earn $10,650 every month guaranteed
To: ideceive@gmail.com

silly question right....who doesn't want or need too earn $10,650 every month with GAS PRICES and everything else on the rise today except our paychecks....now is the time too take control of your own financial future.....How YOU may ask? It's EASY! All YOU have to do is simply JOIN US and place a monthly product autoship order TODAY then find and signup 4 people who are SERIOUS about $10,650 every month, LHN Pro Builder provides YOU with everything YOU need too find and signup your 4 people a awesome postcards mailing service, email co-op or YOU can find them from emailing and calling F.R.E.E. leads that THEY provide YOU with every month.

Now just imagine if you joined and got started advertising and marketing your own personal LHN Pro Builder website TODAY and YOU enrolled 4 people your first month and then those 4 people enrolled 4 and they enrolled 4 in their first month and so on you will have a large, profitable home business very very fast. Did you know that by signing up 4 people and duplicating that effort for just 6 months YOU could create a $10,650 monthly income......

Here's how it's possible.....

During Your First 30 days

You will need to direct people to our money making website audio presentation by emailing leads and calling leads until YOU find and signup 4 business partners, 4 people that are commited to changing their lives just like YOU are and YOU will earn $120 in commissions. (hint: I send out 100's of emails every single day)

During the next 30 thru 60 days

You will work with your 4 new partners, giving them this same email training & support. When they each find 4 people - you will have 16 GOLD distributors on your second level in Liberty Health Net which will earn YOU an additional $90 in your second month.

During Days 60 thru 90

Same process, you will just be teaching the plan of signing up 4 people & helping everyone utilize our team tools & system... now you will have 64 on your 3rd level YOU will be paid $410 in commissions!

During Days 90 thru 120

You got it... same thing, now you will have 256 on your 4th level and you will get paid $5,600 in commissions!

During Days 120 thru 150

You got it... same thing again, now you will have 1024 on your 5th level! GREAT JOB!!! You just created a $10,650 monthly income for YOU and YOUR FAMILY in just 6 short months!

Where else can you start your own business for as little as $30 a month that has the potential to earn you over $125,000 plus in your first year, just by introducing it to 4 like-minded people?

Now that you understand the power of duplication and the simplicity of simply SIGNING UP 4 people and HELPING 4 people to do the same and so on and etc.... what are YOU waiting for click my website link below, signup and place your monthly autoship order right now...

http://tinyurl.com/2kf89l



P.S. I am looking for 4 serious, highly motivated, postive entrepreneurs who are ready to commit to doing whatever it takes to reach a minimum of $10,650 MONTHLY in the next 6 months. WE will teach you exactly what it takes to IMMEDIATELY start adding MORE MONEY to your monthly income EVERY month using a simple step by step system - called the LHN Pro Builder! All you have to do is join for a FR'EE tour right now and WE will provide you with everything you require too start making money after YOU upgrade... see you at the top!


Here's Too Your Succeess! I Am Looking forward too working with YOU!

Joseph Hunt










No spam disclaimer....... If you are not interested in working at home and earning $10,650 monthly please reply with unlist!

Thompson WareHouse Network Group

This is a reshipper scam. Fraudsters who purchase items using stolen credit card information prefer to provide a shipping address which is close to the merchant, since the merchant is likely to be less concerned if he thinks he can repossess his goods. Thus, if you accept this employment offer, you are being employed by a fraudster who is using you to re-ship fraudulently acquired goods which can only be traced to you!

There may or may not be an actual business with the name "Thompson Warehouse Network Group" or similar. In this case, it is just a fabrication used as a cover story. Note that the domain name in use, thompsonwh.com, is registered to someone who claims to be in the Ukraine. Even if that's true, it's highly suspicious.

   Domain Name: THOMPSONWH.COM
   Registrar: DIRECT INFORMATION PVT LTD D/B/A PUBLICDOMAINREGISTRY.COM
   Whois Server: whois.PublicDomainRegistry.com
   Referral URL: http://www.PublicDomainRegistry.com
   Name Server: NS1.MGVRK.ORG
   Name Server: NS2.MGVRK.ORG
   Updated Date: 22-mar-2008
   Creation Date: 22-mar-2008
   Expiration Date: 22-mar-2009

---------- Forwarded message ----------
From: [redacted (random, false)]
Date: 24 Mar 2008 XX:XX UTC
Subject: Part-time work for you.
To: ideceive@gmail.com

An old, time-proved company is looking for representatives in United States.
Part-time work, ideal for students, part-time workers, unemployed persons.

Work is generally in non-business hours. 2 hours a day is enough.
  Increase your income easy!

Thompson WareHouse Network Group needs US (local) Warehouse Representatives. No
money is necessary to start.

Job Responsibilities:

*     Receive, confirm, repack and send incoming items.
*     Provide detailed report about sent parcels.
*     Checking package contents for missing parts. Report to manager if something is
wrong.

We pay every 4 weeks with Real money. You may choose preferred way
to acquire payments (Western Union, Transfers to Your Bank Card or Bank Account, other).

Earn at least 1300$ at your FREE-TIME!

Don't wait long! Send your resume (CV) to cv@thompsonwh.com

Please, be sure to provide correct information about you, such as Full Name, address,
zip code and Telephone numbers, for us to be able to contact you.

For further information visit www.thompsonwh.com

This message was brought to you, because we took note on your profile on job-seeking sites.
If you you believe this message is delivered to you wrongly, just erase it.

HCC Sales Company

The last time I saw this scam, it was operating under the name of "Apple Enterprise Sales Company". Nothing much else has changed: it's still a money mule recruitment scam which is targeting Australians.

---------- Forwarded message ----------
From: [redacted (random, false)]
Date: 24 Mar 2008 XX:XX UTC
Subject: Need to Pay Bills? This will help you.
To: [redacted (privacy)]

Greetings!

You have a chance to start making 1200+ AUD a week spending 1-2 hours a day Monday-Friday, working most of the time from
home.

This opportunity is brought to you by HCC Sales Company and now is hiring!

You received this offer via Worldwide net of advertisement brought to you via paid ads by Google.

If you are looking for an additional job or just an extra income - this position is for you.

Designed for an ease of use and the best position available nowadays, time wise and income wise.

Although some requirements need to be met:

You are 18+ years old*
You have 1-2 hours of free time a day Monday-Friday*
You are responsible and dependable*
You are located in Australia only*

    -----

Some reference:

"Best offer on The Net" - "Money" magazine, -John Keppke.
"Employment situation has gotten on a new level" - "The Economist" magazine, -Laura Star.
"Amazing solution for Extra Income" - "Newsweek" magazine, -Dennis Coleman.

    -----

If you meet all requirements - don't hesitate to get more information on this great position called "Fund Operator".

Reply to: salesourcehcc@gmail.com with

subject "Interested" to receive full information on this great position. Limited time offer, don't wait! And Good luck.

LCD Systems

This is a typical money mule recruitment scam, targeting Australians. There may be one or more real companies with a name like "LCD Systems", but this one is just a fabrication -- a pretext to disguise the money laundering which is actually taking place. They're currently using the domain name "lcd-systems.com", but may also have other variations on the same theme.

   Domain Name: LCD-SYSTEMS.COM
   Registrar: DIRECT INFORMATION PVT LTD D/B/A PUBLICDOMAINREGISTRY.COM
   Whois Server: whois.PublicDomainRegistry.com
   Referral URL: http://www.PublicDomainRegistry.com
   Name Server: NS1.MGVRK.ORG
   Name Server: NS2.MGVRK.ORG
   Updated Date: 20-mar-2008
   Creation Date: 20-mar-2008
   Expiration Date: 20-mar-2009

---------- Forwarded message ----------
From: LCD Systems <[redacted (false, random)]>
Date: 23 Mar 2008 XX:XX UTC
Subject: work for international company from your home
To: [redacted (privacy)]

LCD Systems is a market-leading provider of world-class technologies is once again beginning a global campaign of employing new staff in Australia. We are offering you one more opportunity to earn extra cash working with us. We are looking for honest, responsible, hard-working people to operate with our company in your particular region. To optimize our work with existing clients and to expand our business we need new staff that can dedicate 2-4 hours of their time per day and earn extra 300-500 AUD weekly. All offered positions are currently part-time and give you a chance to work mainly from home. Please visit LCD Systems for more details regarding these vacancies. There are no fees or monetary expenses for you whatsoever. We offer an honest and dependable opportunity for you to get some extra income working with us from home.

Shamrock Holdings (not)

There is a real "Shamrock Holdings" at shamrock.com, but this spammer has nothing to do with them. The use of English is better than average for this kind of scam, because a substantial chunk is plagiarised from Scottrade. The spam makes no mention at all of the kind of work available, but it's a foregone conclusion that it's a money-forwarding job. Stay clear: spam job ads are attempts to recruit victims, not employees. More than one Gmail contact address is being used in this scam.

---------- Forwarded message ----------
From: [redacted (false, misleading)]
Date: 19 Mar 2008 XX:XX UTC
Subject: make your career
To: [redacted (privacy)]

Shamrock Holdings's Career Center

Looking for part-time job?  Try us and you'll be glad you did!

Providing quality customer service is the foundation of our business model.  We work hard to make our customers happy, and have been consistently recognized by industry watchers for our efforts. We take pride in our ability to please our customers and always do our best to do what is right for them.

Shamrock Holdings's approach to service for our online customers sets us apart from other online brokers that have set up personal brokers to handle customer inquiries. Our customers tell us they want a Personal broker who can be easily reached to answer financial and account questions. . We call it "Online Finance With a Personal Touch" and it comes with every Shamrock Holdings online brokerage account regardless of account size or trading activity.

What happens when the best employees come together with the best online investment tools and services? We achieve great things.

In your career with Shamrock Holdings , you will work together with a team of energetic, driven individuals, each with their own unique talents and skills, but all dedicated to one common end goal - providing the best customer experience in the financial services industry.

Interested?

Send  us an e-mail to:    shamrock.hr@gmail.com

with  phone numbers  to reach you, and one of our representatives will contact you and answer all your questions.

We are proud to have so much experience working with investors and look forward to serving many more investors' needs in the future.


Best regards,
Tina Lee, Senior Asset Manager of Shamrock Capital Advisors

Chen Hsongs Holdings

This is more Nigerian scammery, originating from IP address 41.220.70.3. As such, it's probably a check or money order forgery scam: the victim is sent forged checks or money orders to cash and forward, and will wind up seriously out of pocket when the bank revokes the check after the forgery is discovered. I don't know whether there is such a company as the one described here, but you can be sure that the Nigerian scammer behind this spam has nothing to do with it if it does exist: it's just a cover story.

---------- Forwarded message ----------
From: Chen Hsongs Holdings Limited <Post@chenhsongs.org> [domain does not exist at this time]
Reply-to: chiang.m2@gmail.com
Date: 17 Mar 2008 XX:XX UTC
Subject: Hello
To: ideceive@gmail.com

Dear Sir/madam,

I am the GBM (Chairman) of Chen Hsong Holdings Limited   This Company Established since 1958. After half a century of endless efforts, Chen Hsong has grown from a small machinery workshop to one of the largest manufacturers of injection moulding machines in the world.Chen Hsong Holdings Limited, Produces, Exclusive circular platen (patended), ichen shop- floor Networked management system, Ductile iron casting and machining, Jetmaster minijet series, Jetmaster MKIV series, Jetmaster large series, CHEN-PET Two-stage preform moulding turnkey system, jetmaster C Series, E.T.C. Due to long association with our suppliers and our thorough understanding of the working condition in the Industry; It is upon this note that we are writing you this mail to seek your assistance in representing our
company in your locality as our RECEIVING AGENT/REPRESENTATIVE.One who will act as a medium for our clients in those locality to be reaching us with  their  payments and so on. Note that as a receiving Agent of our company,You will be entitled to TEN Percent Payment of any amount you receive from our customers We seek your Sincere cooperation and assistance to establish a cordial relationship with our clients.To facilitate the conclusion of this proposal if accepted,Please send us
the  following Information

1) Your Full name..............and present occupation............

2) Telephone number..............and Fax..............

3) Contact address................

4) Age................

Thanks in anticipation.
Regards,
Dr. Chiang Chen
GBM (Chairman)
Chen Hsong Holdings Limited

Guang Dong Light Industrial Products

This spam originated from IP address 81.199.43.177, which WHOIS reports as delegated to Kas Telecom, Nigeria. It is a payment processing scam: the victim is sent checks or money orders and asked to cash them, forwarding 90% (or thereabouts) of the proceeds via Western Union (or similar). The checks are clever forgeries which the receiving bank will eventually detect and revoke, leaving the victim out of pocket.

---------- Forwarded message ----------
From: Guangdong Company?? <guangdongcorp@yahoo.com.cn>
Date: 17 Mar 2008 XX:XX UTC
Subject: Greatfully Submitted.
To: undisclosed-recipients



GUANG DONG LIGHT INDUSTRIAL PRODUCTS IMPORT AND EXPORT CORPORATION
52,De Zheng Rd.S.,
Guangzhou, China.

REF:GD/07/00867546.

Dear Sir/Madam,

We are presently searching for Representatives/Collection Agents who
can help us establish a medium of getting to our customers in the
Americas, precisely USA and Canada and Europe as well. If interested,
Please contact me on:info_guangdongrepoffers@yahoo.cn

Respectfully Submitted,
Mr. Hou Weijun
Gen.Manager
GUANG DONG LIGHT INDUSTRIAL PRODUCTS IMPORT AND EXPORT CORPORATION


----------------------------------------------------------------
This email was sent by IMP Webmail System
Universitas Indonesia - www.ui.edu

Cheetah Oil & Liquid Gas

This message originated from IP address 80.248.72.137, which WHOIS reports as being used by an Internet Cafe in Togo, West Africa (just a little to the west of Nigeria, if you're looking for it). I believe this to be an advance fee fraud scam: they will offer you a job to suit your skills, but require some kind of up-front fees for visa processing or whatnot. There is no job, and they are not part of any oil company: this is just a way to sucker people into sending money.

---------- Forwarded message ----------
From: colgcheetahoilga colgcheetahoilga <colgcheetahoilga@walla.com>
Date: 17 Mar 2008 XX:XX UTC
Subject: CLIENT/EMPLOYER:
To:

                                JOB REF:JOB/CHGRP/UK/453-08                    

                                               CLIENT/EMPLOYER: 

                            C.O.L.G   (CHEETAH OIL & LIQUID GAS)
 

CHEETAH OIL & LIQUID GAS has immediate employment opportunities. C.O.L.G intends to invite experienced individuals/expatriates or Consultancy firm capable of rendering expertise services in various fields of Business Management, M.B.A (Finance), Administrative and Commissioning, C.O.L.G has immediate employment/Vacancies in following Designations. Accountant, Duty Manager, Front Manager, Sales Manager, Receptionists, Drivers, Bar boy, Cook, Food & Beverage Cost Controller/Manager, Customer Manager, Computer Applicant, Software/Hardware Engineers, Elect. Engineer, Auto Engineer. e.t.c. Experienced is preferred, but we're willing to train an eager individual who wants to learn all aspects of pastry.

ENTITLEMENT, BENEFITS AND PACKAGES;

. A very attractive net salary paid in US$, Sterling or Euros equivalent depending on   employee home country and currency preference with annual salary review.

. Quality single or family housing accommodation in company community.

. Free medical/dental care for employee and family.

. Excellent educational assistance benefits with family status employment.

. Paid airfares allowing full flexibility with holiday travel.

. Personal effects shipment and excess baggage allowances.

. Full access to some of the finest and social recreational facilities .

. Life Insurance and Paid vacation.

. Official vehicle/Maximum security in work environment and housing community.

JOB STATUS:

Full-Time and contract

SALARY INDICATION:

JOB STATUS:  US$5,400.00-USD15, 000.00 depending upon experience and field of specialization. Interested candidates are to email resume and details of experience ONLY to colgcheetahoil2@yahoo.co.uk

---

Walla! Mail - get your free 5G mail today

Holmes Recruitment Agency

This is just a random Nigerian scammer, and the name he's using seems to be completely made up. He's being extremely nondescript about the kind of work available, which leaves me insufficient information to determine which particular scam he's pulling. It's probably one of two Nigerian specialities: advance fee fraud, or check forgery. If it's advance fee fraud (which I think is the more likely case), the scammer will say that he's found you a job, but there are certain expenses involved in getting it. The promise of a job (there is no actual job) is the bait; the fee is the hook. If it's check forgery, then the scammer offers you a job as a money mule, accepting payments by cheque, and forwarding cash via Western Union. The chance to keep a percentage of the payment is the bait; the fact that the checks are clever forgeries and will eventually be dishonoured is the hook.

The originating IP address of the second email below was 193.220.212.156, which (by current WHOIS data) is in Nigeria. Note that the UK +4470 telephone number can be redirected internationally at no cost to the scammer -- Nigerian scammers love them.

---------- Forwarded message ----------
From: Mr. Richard Holmes <holmesrecruitment@msn.com>
Date: 16 Mar 2008 XX:XX UTC
Subject: JOB OFFER
To:

Dear
William Recruitment Agency is an outfit in England
that helps people to live and get a good work in
England.
We are a non-profit organization that is here to help
the underdeveloped countries.
Do you really need to live and work? Gibbon is the answer Apply today with your resume attached to us online via email attachment for safety.

Mr Richard
THE HUMAN RESOURCE DEPT,
HOLMES RECRUITMENT AGENCY
Phone (+44) 702 405 2582
E-mail: holmesrecruitments@yahoo.com
 

---------- Forwarded message ----------
From: HOLMES RECRUITMENT AGENCY <holmesrecruitments@yahoo.com>
Date: 17 Mar 2008 XX:XX UTC
Subject: Information on Request......
To: Deception Spotter <ideceive@gmail.com>

Dear

Thanks for your mail to us.We are happy to have heard
from you and want to let you know that we do welcome
questions like yours.

I want to let you know that we recruit all spheres of
qualifcation ranging
from,Unskilled,Skilled,Semi-Skilled Labours and
professionals.

Experince and Awards attached is an added advantage to
you because its attracts more salary to your offer.

We will be expecting to have your Resume sent to us
soon for review and possible offer to you.

With Regards,

Holmes
+44 702 405 2582

SkySoft

Same old money mule scam; new name: SkySoft. There may or may not be an actual company of that name in the Ukraine -- it's just a random name that the scammers use as a cover story. This scam involves receiving stolen money via direct bank transfer, and forwarding it to the thieves via Western Union. There may have been further domain names registered in addition to the ones seen here.

Domain Name:                                 SKYSOFTONLINE.BIZ
Domain ID:                                   D23519727-BIZ
Sponsoring Registrar:                        EASYSPACE LTD.
Sponsoring Registrar IANA ID:                79
Registrant ID:                               TUZMFVWTSAPEMBNR
Registrant Email:                            hyang@skysoftonline.com
Name Server:                                 NS4.EASYSPACE.COM
Name Server:                                 NS5.EASYSPACE.COM
Created by Registrar:                        EASYSPACE LTD.
Last Updated by Registrar:                   EASYSPACE LTD.
Domain Registration Date:                    Fri Feb 29 03:05:30 GMT 2008
Domain Expiration Date:                      Sat Feb 28 23:59:59 GMT 2009
Domain Last Updated Date:                    Fri Feb 29 03:05:32 GMT 2008

   Domain Name: SKYSOFTONLINE.COM
   Registrar: EASYSPACE LTD.
   Whois Server: whois.easyspace.com
   Referral URL: http://www.easyspace.com
   Name Server: NS4.EASYSPACE.COM
   Name Server: NS5.EASYSPACE.COM
   Updated Date: 13-feb-2008
   Creation Date: 13-feb-2008
   Expiration Date: 13-feb-2009

---------- Forwarded message ----------
From: Victor Krainov <[redacted (random address)]>
Date: 16 Mar 2008 XX:XX UTC
Subject: Flexible job conditions
To: [redacted (privacy)]

Hello!
My name is Viktor Krainov. I am manager a of personal staff of SkySoft inc. Ukraine.
At this moment we are developing market of Australia and other countries. In connection with it we have a nessesity in regional managers in
different countries. Full-time and part-time are possible.

Available vacancies: Regional manager.*
Essential requirements:
-Computer skills(MS Word, Excel)
-Available time(2-3 hours a day part-time)
-Elder than 20
-Right to work in the country of living
-Internet access

Job descriptions:
-Days off: Saturday and Sunday
-Salary: part-time beginning from 800-2000USD per month, full-time 1000-4000 per month. For efficient work award fee would be paid.
-vacation: the vacation available from the beginning of 4th month of work. Year vacation don't suppose to exceed more than 1.5 month.
-The organization pay all taxes, that need to be paid during our work.

* SkySoft is an equal opportunity employer. This means we do not discriminate on the basis of race,
color, creed, national origin, citizenship, religion, disability, age, sex, gender identity,
veteran status, sexual orientation or marital status, or any other legally prohibited basis in hiring,
training, promotions, compensation, benefits, layoffs, terminations or any other personnel decision.

If you interested in the vacancy, please send us the resume on the following e-mail: job@skysoftonline.biz and we will contact with you.
Please, with resume send us contact telephone, so we could make phone interview.

Best regards,

Victor Krainov,
Personal staff manager,
Skysoft inc.

Rinky Ltd (auf Deutsch)

This job scam is thin on details, and it's in German. I don't see a lot of that. Presumably it's just the usual money mule type of thing.

---------- Forwarded message ----------
From: [redacted (random, false)]
Date: 13 Mar 2008 XX:XX UTC
Subject: Haben Sie Spass an Ihrer neuen Arbeit!!
To: [redacted (not my address)]

Wir sind ein dynamisches Gewerbe im Bereich der Finanzdienstleistungen !

Unsere internationalen Geschäftsbeziehungen werden immer wichtiger. Zur Verstärkung unseres Teams suchen wir einen Profi als Treuhandagenten .

Sie
ˇ wohnen in der EU
ˇ verfügen über Engagement, denken unternehmerisch und handeln zielstrebig
ˇ haben einige Komputer Kenntnisse und sind tagsüber erreichbar
ˇ haben min. 5 Stunden pro Woche frei

Unser Unternehmen

ˇ bietet Ihnen ein leistungsorientiertes Gehalt und wunderbare Aufstiegschancen
ˇ überlässt es Ihnen selbst ,wie Sie Ihre Arbeitszeit planen

Ihr Einkommen beträgt ab 2500 Euro pro Monat. Falls Sie näheres wissen möchten oder Interesse an dieser Position haben, senden Sie bitte Ihre Bewerbung bzw. Fragen an:

rinky1@mail.ru

Mit freundlichen Grüssen

RINKY LTD

Benxi Steel Company (not)

There are a number of things to note about this job scam. The first is not immediately obvious: it originated in Nigeria (ip address 41.220.70.3), although it was sent via hamdard.net.pk, as per the "from" address. The second thing to note is that this scammer is getting his scams mixed up: the "from" name is "Heineken Lottery", suggesting that the same scammer has also been pushing lottery scams. Beyond that, it's safe to say that this job involves the "employee" being duped into cashing forged checks and forwarding the proceeds via Western Union before the forgery is detected by the bank.

---------- Forwarded message ----------
From: HEINEKEN LOTTERY <heinekenlottery@hamdard.net.pk>
Date: 12 Mar 2008 14:13
Subject: ONLINE JOB OFFER
To:

Benxi Steel Company
1, Kita-Aoyama 2-chome
Minato-ku, Tokyo 107-8077,
China.

I am Mr. Chon Kawasaki, the Director of Benxi Steel company based in
China. We specialize in the production of Iron and steel, which we
export to the US,CANADA and some part of Europe.

We are searching for payment officer in the USA,CANADA,ETC. The reason
we seek your assistance, is that we need you to  pressurize our
customers that are owning the company money, to enable them pay on
time. You can  receive payment via wire transfer, checks/bank draft
etc. In otherwords, you shall be receiving payment from our customers
on behalf of the company. That must be based on trust.

Should you have a present job, you can still be part of our business
as your service to us would not interfere with your working hours at
all. The job is an online business.

IF YOU ARE INTERESTED,PLEASE COMPLETE THE FORM BELOW  AND SEND IT
TO  THE COMPANY FOREIGN AFFAIRS MANAGER IN UK (ONLY).

NAME:
SEX:
AGE:
ADDRESS:
STATE:
CITY:
ZIP CODE:
COUNTRY:
TEL:
FAX:
MOBILE TEL:
HOME TEL:
COMPANY NAME:
WEBSITE:
OCCUPATION:
YOUR BANK NAME (s):

COMPLETE THE ABOVE FORM AND SEND IT TO THE COMPANY FOREIGN AFFAIRS
MANAGER IN UK (ONLY), VIA HIS PRIVATE ID BELOW:

Foreign Affairs Manager,
NAME: MR Ellis Bryan.
EMAIL: benxisteel01@yahoo.co.uk

Sincerely,
Mr. Chon Kawasaki.
Director,
Benxi Steel company.

Apple Enterprise Sales Company (fake)

I believe we last saw a money mule scam following this pattern in the Camac Sales and Distribution Group scam. The general layout of the spam is similar, and specifically includes three fake endorsements from real magazines, plus a Gmail reply address which requests the keyword "interested" in the subject. Anyone who thinks that The Economist magazine would actually carry a phrase like "Employment situation has gotten on a new level" isn't paying close attention.

---------- Forwarded message ----------
From: [redacted (false, misleading)]
Date: , 10 Mar 2008 16:15:52 +0100
Subject: Best Position available Brought by Google.
To: [redacted (privacy)]

Greetings Dear Recipient of This Great Offer!

You have a chance to start making 1200+ AUD a week spending 1-2 hours a day Monday-Friday, working most of the time from home.

This opportunity is brought to you by an Apple Enterprise Sales Company and now is hiring!

You received this offer via Worldwide net of advertisement brought to you via paid ads by Google.

If you are looking for an additional job or just an extra income - this position is for you.

Designed for an ease of use and the best position available nowadays, time wise and income wise.

Although some requirements need to be met:

You are 18+ years old*
You have 1-2 hours of free time a day Monday-Friday*
You are responsible and dependable*
You are located in Australia only*

    -----

Some reference:

"Best offer on The Net" - "Money" magazine, -John Keppke.
"Employment situation has gotten on a new level" - "The Economist" magazine, -Laura Star.
"Amazing solution for Extra Income" - "Newsweek" magazine, -Dennis Coleman.

    -----

If you meet all requirements - don't hesitate to get more information on this great position called "Fund Operator".

Reply to:  apple.entinfo@gmail.com

with subject "Interested" to receive full information on this great position. Limited time offer, don't wait! And Good luck.

Osell International

I've recently received two of these in a spamtrap account, and I'll report it while it's still fresh. The job description talks about forwarding payments and receiving payments directly to a bank account, so this is almost certainly the usual kind of money mule scam associated with phishing.

   Domain Name: OSELL-JOB.NET
   Registrar: DIRECT INFORMATION PVT LTD D/B/A PUBLICDOMAINREGISTRY.COM
   Whois Server: whois.PublicDomainRegistry.com
   Referral URL: http://www.PublicDomainRegistry.com
   Name Server: NS1.BIZHOSTING.RU
   Name Server: NS2.BIZHOSTING.RU
   Updated Date: 02-mar-2008
   Creation Date: 02-mar-2008
   Expiration Date: 02-mar-2009

---------- Forwarded message ----------
From: Mr. Paolo [random surname] <[random address]>
Date: 5 Mar 2008 XX:XX UTC
Subject: work in Osell International
To: [redacted (privacy)]

Hello,

We thought that you might be interested in part time position to work from home with our company. My name is Paolo [surname], project coordinator and your direct supervisor at Osell International. Please read the information bellow about our company and your job description.

Osell International is an online-to-offline international money transfer service. Osell International currently offers a secure, fast, and inexpensive means to send money from any of 26 countries to recipients in 18 countries. Osell International's headquarters is located in Rome, Italy. For more information, please visit our website: www.osell-job.net

There are 5 openings for a representative to assist in creation our virtual local presence for the back office functions. Person, who is accepted for this position, will perform these tasks:


1. Facilitate the financial transactions from the clients. Osell International will organize the sales and marketing campaigns. Our manager will inform you when the transaction is expected to arrive.
2. Report to our manager on arrival of the payment.
3. Forward the payment to the customer at the destination. The instructions will be provided on the case-per-case bases.
4. The average monthly salary is about 4000 - 5000AUD. Your wages will be paid every month from the start of your employment by direct deposit to your bank account. You must have a bank account to receive wages from us. Plus you will receive a commission (3.5% - 4%) for the completed transaction. This commission will be paid out after every transaction. Also we have a rating system and bonus systems for the quarterly review. Dependant on your work results, you might be promoted to the management positions within 3-6 months.

To continue please fill in our online application:

http://www.osell-job.net/register.php

Your information will be used only within Osell International. Every employee, who satisfies our requirements, will be contacted by our manager. At that time you will be able to ask any questions you might have.

Best regards,

Mr. Paolo [surname]
Project coordinator
Osell International
http://www.osell-job.net

consumer-opinion.org (paid survey scam)

Since 14th February, 2008, I've been receiving an irritating barrage of spam (up to six per day) inviting me to get paid for participating in online surveys. Here's my earliest sample.

---------- Forwarded message ----------
From: [redacted (random name and address)]
Date: 14 Feb 2008 XX:XX
Subject: additional job earnings available
To: Ideceive <ideceive@gmail.com>

Hi,

Are you interested in getting paid by major online retailers for completing
simple online surveys, participating in focus groups and to watch movie
trailers?
All you need is a little time and willingness to voice your honest opinion.
Our organization offers competitive remuneration for participating in simple
on-line surveys and forum discussion groups. What we offer is work from the
comfort of your own computer, determine your working time, express your
opinion freely about different kinds of products and services, and be paid
well.

If you'd like to become one of our highly valued survey takers, please
e-mail me back at maximilianwaytt@gmail.com and we will send you additional information.

Best regards,
Katie Anderson
HR

The contact address has varied continuously, but it has always been a gmail address. I suspect that they forward their various Gmail accounts to some other address which acts as an autoresponder, although they may possibly be using the built-in Gmail autoresponder. If you write away to one of the contact addresses (and the Gmail team hasn't whacked it yet), you get a response back like the following.

---------- Forwarded message ----------
From: CONSUMER-OPINION.ORG <april@consumer-opinion.org>
Date: 3 Mar 2008 XX:XX
Subject: RE:RE: part-time job available
To: ideceive@gmail.com

Hi,
Thank you very much for your interest in the online survey jobs we offer.
For more information please go to our website:
http://www.Consumer-Opinion.org.
If you have any additional questions please fill in the form on our website or email info@Consumer-Opinion.org.
I look forward to doing business with you.
Best regards,
April Hofmann
http://www.Consumer-Opinion.org

Note that the domain "comsumer-opinion.org" was registered shortly after the spam run commenced (within 24 hours).

Domain ID:D151346870-LROR
Domain Name:CONSUMER-OPINION.ORG
Created On:14-Feb-2008 16:24:35 UTC
Last Updated On:15-Feb-2008 08:48:05 UTC
Expiration Date:14-Feb-2009 16:24:35 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR)
Registrant ID:c8c3142d2e6cbb3e
Registrant Name:PATRICK LAWRENCE
Registrant Email:consopi@gmail.com
Name Server:NS19.SUPERHOSTING.BG
Name Server:NS20.SUPERHOSTING.BG

Paid survey scams are old news. The website itself does not offer you a job: it invites you to pay money in order to find out where these paid surveys are. There's no guarantee whatsoever that you will be able to make any money at all out of this, although they make big claims about the average payment that their members receive. The so-called "surveys" usually involve signing up for a trial of some kind of product, and may expose you to further expense. Your payment goes through ClickBank, so this is not an attempt to phish for credit card details -- it's just an attempt to get a thirty dollar payment out of any sucker willing to take the bait.

I don't usually report on this kind of scam, but these guys have been absolutely clamoring for my attention with their spam, so here you go. In my opinion, "comsumer-opinion.org" is just another scam which advertises by spamming and wilfully misrepresents ("lies about") the nature of its product. If you give these guys money, you are funding people who generate spam, and it's likely that you'll get nothing of value in return. Also, due to substantial unique overlap in content, I believe that "consumer-opinion.org" is a repackaged version of the older "planet-surveys.com". Compare the consumer opinion FAQ with the planet surveys FAQ, and look for overlapping questions and answers.

   Domain Name: PLANET-SURVEYS.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: DNS1.NAME-SERVICES.COM
   Name Server: DNS2.NAME-SERVICES.COM
   Name Server: DNS3.NAME-SERVICES.COM
   Name Server: DNS4.NAME-SERVICES.COM
   Name Server: DNS5.NAME-SERVICES.COM
   Updated Date: 04-oct-2007
   Creation Date: 04-oct-2007
   Expiration Date: 04-oct-2008

Arcandor

I should have reported this one ages ago, but I'm busy with other things of late. The scam is nothing special -- just the usual money mule job that makes up 90% of what I report on this blog -- but these guys are pretty darn persistent with this particular spam. They've been at it for four weeks now with very little change other than a continuously varying Gmail contact address. Only one such spam was sent directly to my contact address, but I am still seeing them arrive in other spamtrap accounts.

---------- Forwarded message ----------
From: [redacted (false)]
Date: 5 Feb 2008 XX:XX UTC
Subject: start your career with us
To: ideceive@gmail.com

Welcome to the Arcandor Service!

We are very glad that you  wish to join our team, will be delighted  to have you work with us
The position of ?Assistant? provides support filling  the transactions of our customers.
We deal exclusively with private clients,- that have special requirements for high speed of receiving funds for their business .
  This way we can offer a new kind of financial and banking service to our clients - and we
would like you to work as an ?Assistant?.(part-time job 3-4 hours a day except holidays)

At first  your work  would be very basic,  yet meticulous -you will  make transfers for our clients  to suit their needs. Our managers will
assist you during the trial period and explain everything you will need to know.
We offer an extremely competitive graduated salary: for the first month you will receive up to
$2000 for your work  the next month your salary will be increased if you do your work accurately
and  on time.
Now you are only one step away from successful career.

All you need is to send  an e-mail to: arcandorservice3@gmail.com

with  phone numbers and times to reach you, and one of our representatives will contact you
and answer all your questions.

Thank you in advance,

Helen Jones
Manager
Arcandor Service

QD International

Just a typical money mule scam which targets Australians.

   Domain Name: QD-CAREERS.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS1.REMOVESE.COM
   Name Server: NS2.REMOVESE.COM
   Updated Date: 11-feb-2008
   Creation Date: 11-feb-2008
   Expiration Date: 11-feb-2009

---------- Forwarded message ----------
From: QD International <[redacted (false)]>
Date: 2 Mar 2008 XX:XX UTC
Subject: Virtual Office - Careers
To: [redacted (privacy)]

QD International is currently hiring in Australia for the positions of Virtual Office Administrative Assistants, part-time and full-time available.  These positions focus on providing administrative assistance in online sales.

About Us:
Quik Drop Int. is an exciting business that simplifies the online auction process. We have established sellers who sell items through auctions worldwide providing higher sales profits to clients. These positions will be vital to the success of Quik Drop Int. as we continue to expand our business worldwide.

Part-time and full-time positions available, work at home, online.

Part-time: Three hours per day, during either one of these shifts:
9:00am-12:00pm        11:00am-2:00pm        12:00pm-3:00pm      2:00pm-5:00pm

Full Time: Six hours per day during either one of these shifts:
9:00am-3:00pm          11:00am-5:00pm

Salary
Part-time: $1,200/month and commission
Full-time: $2,400/month and commission

Professional Qualities:
- Customer focused decision maker
- Demonstrates a high level of personal accountability
- Thinks about the team first over personal agendas

Requirements:
- Internet Access
- Microsoft Office
- Proficient PC user
- Basic Accounting skills

If interested in the proposal please email your resume to Casey.Evans@qd-careers.com stating whether you are interested in a full-time or a part-time position.

Thank You,
QD Team
Casey.Evans@qd-careers.com