Now pointlessly enhanced with AI
I posted the audio and transcript of a scam call pretending to be from Amazon.com. I also have recording of another scam call involving Social Security number.
The beginning part of the call was not recorded.
It is a scam!
I’ve received scam calls from scammers pretending to be from Amazon.com:
“This is Amazon. This call is to authorize the payment of $799 for the recent order of iPhone 11 on your Amazon account. If you do not authorize this payment, please press one to speak to our customer support representative. Thank you.”
A number of people told me that they too received similar calls. Unfortunately, some of them fell for the scam and gave the scammer access to their computer.
The scammer insists on “verifying” your Amazon account or gave them access to your computer remotely.
Should you receive calls like these, do not panic, don’t forget to bring a towel…
Do not press anything to speak to the fake customer support, simply hang up.
You can always check your Amazon.com account for any activities.
Within the last 150 minutes, our spam filter caught more than 40 Pump-and-Dump email spam; the same ones from April 11, 2017.
Pump-and-Dump email spam typically comes in waves with randomly generated sender names. It is really easy to spot as it promises the potential collaborating-victim a quick scheme to make money. Based on our statistics, the scammer sends the email spam with two different subject lines and contents each day. If you happened to receive this kind of email spam, you would see multiple emails from different senders with the same exact subject line and content. They are really easy to spot.
You can help fighting the spammer by using services such as SpamCop.net.
One of our colleagues took his iPhone 6s for repair at a local Apple Store and found out that the serial number had been replaced. Essentially, according to Apple database, his iPhone had gone through a warranty exchange some months prior. Thus rendering his actual iPhone no longer eligible for warranty repair.
Perplexed by this issue, he reached us to us. In turn, we contacted Apple for some clarifications. Unofficially according to Apple:
Apple is quick to recognized this issue and started the process of restoring the AppleCare registration on the iPhone 6s.
In this happened to you, don’t panic. Gather all the documents pertaining to the purchase of the iPhone. If you bought an iPhone from authorized iPhone reseller or directly from Apple, it would be really easy to get your AppleCare registration restored. Remember if you kept the receipt, invoice, purchase order and/or the info of the credit card you used to make the purchase; that would make the process much easier too. Contact Apple for support and service, immediately.
We have heard incident like this happened in the past and this is the first time it happened to one of our colleagues.
I received a frantic message from a friend when she saw a message that “virus found” on her Mac. She then sent me a few photos of the message.
As it turns out, it is related to none other than MacKeeper. In January2014, a class action lawsuit was filed against ZeoBIT, the maker of MacKeeper.
“macoscheck.com” was registered on December 26, 2015.
Whois info on macoscheck.com:
Deus-ex-Mac:~ ultra-slacker$ whois macoscheck.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: MACOSCHECK.COM
Registrar: INTERNET DOMAIN SERVICE BS CORP
Sponsoring Registrar IANA ID: 2487
Whois Server: whois.internet.bs
Referral URL: http://www.internetbs.net
Name Server: NS1.SPEEDLOADINGSERVER.COM
Name Server: NS2.SPEEDLOADINGSERVER.COM
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 26-dec-2015
Creation Date: 26-dec-2015
Expiration Date: 26-dec-2016
>>> Last update of whois database: Wed, 06 Jan 2016 11:49:01 GMT <<<
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: MACOSCHECK.COM
Registry Domain ID: 1989721914_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.internet.bs
Registrar URL: http://www.internetbs.net
Updated Date: 2015-12-26T12:22:03Z
Creation Date: 2015-12-26T12:22:03Z
Registrar Registration Expiration Date: 2016-12-26T12:22:03Z
Registrar: Internet Domain Service BS Corp.
Registrar IANA ID: 2487
Registrar Abuse Contact Email: abuse@internet.bs
Registrar Abuse Contact Phone: +44.7546458118
Reseller:
Domain Status: clientTransferProhibited – http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Whois Privacy Corp.
Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
Registrant City: Nassau
Registrant State/Province: New Providence
Registrant Postal Code: 0000
Registrant Country: BS
Registrant Phone: +1.5163872248
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: macoscheck.com-owner@customers.whoisprivacycorp.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Whois Privacy Corp.
Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
Admin City: Nassau
Admin State/Province: New Providence
Admin Postal Code: 0000
Admin Country: BS
Admin Phone: +1.5163872248
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: macoscheck.com-admin@customers.whoisprivacycorp.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Whois Privacy Corp.
Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
Tech City: Nassau
Tech State/Province: New Providence
Tech Postal Code: 0000
Tech Country: BS
Tech Phone: +1.5163872248
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: macoscheck.com-tech@customers.whoisprivacycorp.com
Name Server: ns1.speedloadingserver.com
Name Server: ns2.speedloadingserver.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-06T11:49:10Z <<<
Whois info on speedloadingserver.com:
Deus-ex-Mac:~ ultra-slacker$ whois speedloadingserver.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: SPEEDLOADINGSERVER.COM
Registrar: TLD REGISTRAR SOLUTIONS LTD
Sponsoring Registrar IANA ID: 1564
Whois Server: whois.tldregistrarsolutions.com
Referral URL: http://www.tldregistrarsolutions.com
Name Server: NS-CANADA.TOPDNS.COM
Name Server: NS-UK.TOPDNS.COM
Name Server: NS-USA.TOPDNS.COM
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 09-sep-2015
Creation Date: 03-sep-2015
Expiration Date: 03-sep-2016
>>> Last update of whois database: Wed, 06 Jan 2016 12:17:54 GMT <<<
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: SPEEDLOADINGSERVER.COM
Registry Domain ID: 1957177560_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tldregistrarsolutions.com
Registrar URL: http://www.tldregistrarsolutions.com
Updated Date: 2015-09-09T07:28:32Z
Creation Date: 2015-09-03T07:26:31Z
Registrar Registration Expiration Date: 2016-09-03T07:26:31Z
Registrar: TLD Registrar Solutions Ltd.
Registrar IANA ID: 1564
Registrar Abuse Contact Email: abuse@tldregistrarsolutions.com
Registrar Abuse Contact Phone: +44.2034357312
Reseller:
Domain Status: clientTransferProhibited – http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Whois Privacy Corp.
Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
Registrant City: Nassau
Registrant State/Province: New Providence
Registrant Postal Code: 0000
Registrant Country: BS
Registrant Phone: +1.5163872248
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: speedloadingserver.com-owner@customers.whoisprivacycorp.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Whois Privacy Corp.
Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
Admin City: Nassau
Admin State/Province: New Providence
Admin Postal Code: 0000
Admin Country: BS
Admin Phone: +1.5163872248
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: speedloadingserver.com-admin@customers.whoisprivacycorp.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Whois Privacy Corp.
Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
Tech City: Nassau
Tech State/Province: New Providence
Tech Postal Code: 0000
Tech Country: BS
Tech Phone: +1.5163872248
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: speedloadingserver.com-tech@customers.whoisprivacycorp.com
Name Server: ns-canada.topdns.com
Name Server: ns-uk.topdns.com
Name Server: ns-usa.topdns.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-06T12:16:03Z <<<
A tip from reader:
A pop-up warning showed up on Safari claiming the viruses were found on the computer. It was almost impossible to quit Safari as the pop-up re-emerges when closed. One way to deal with this is to force quit (Command-Option-Escape) Safari, then disable the auto-resume feature in OS X. In OS X Lion, Mountain Lion and Mavericks, go to System Preferences > General > and uncheck the “Restore windows when quitting and re-opening apps” option.
In the upcoming OS X Yosemite, the option looks slightly different; well, more than slightly different.
Check the “Close windows when quitting an app” option.
This particular scam has been around for a while.
It seems the scammer was astroturfing the comments on this page.
A reader passed along an information on a scam site targeting Mac users.
The site address is applesecurityissue.com
Quick search on the phone number 1-800-610-8993 yields one discussion at Apple Support Communities, so far. The site itself was registered on September 4, 2014 and updated today, September 18, 2014.
Whois information on applesecurityissue.com:
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.Domain Name: APPLESECURITYISSUE.COM
Registrar: GODADDY.COM, LLC
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS17.JIXHOST.COM
Name Server: NS18.JIXHOST.COM
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 18-sep-2014
Creation Date: 04-sep-2014
Expiration Date: 04-sep-2015>>> Last update of whois database: Thu, 18 Sep 2014 20:01:06 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: APPLESECURITYISSUE.COM
Registry Domain ID: 1874184235_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2014-09-04 11:22:40
Creation Date: 2014-09-04 11:22:40
Registrar Registration Expiration Date: 2015-09-04 11:22:40
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: Gaurav Kumar
Registrant Organization:
Registrant Street: New Delhi
Registrant City: Delhi
Registrant State/Province: Delhi
Registrant Postal Code: 110018
Registrant Country: India
Registrant Phone: +91.1234567890
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: gautam@webcreationindia.co.in
Registry Admin ID:
Admin Name: Gaurav Kumar
Admin Organization:
Admin Street: New Delhi
Admin City: Delhi
Admin State/Province: Delhi
Admin Postal Code: 110018
Admin Country: India
Admin Phone: +91.1234567890
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: gautam@webcreationindia.co.in
Registry Tech ID:
Tech Name: Gaurav Kumar
Tech Organization:
Tech Street: New Delhi
Tech City: Delhi
Tech State/Province: Delhi
Tech Postal Code: 110018
Tech Country: India
Tech Phone: +91.1234567890
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: gautam@webcreationindia.co.in
Name Server: NS17.JIXHOST.COM
Name Server: NS18.JIXHOST.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Last update of WHOIS database: 2014-09-18T20:00:00ZThe data contained in GoDaddy.com, LLC’s WhoIs database,
while believed by the company to be reliable, is provided “as is”
with no guarantee or warranties regarding its accuracy. This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC. By submitting an inquiry,
you agree to these terms of usage and limitations of warranty. In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam. You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes.Please note: the registrant of the domain name is specified
in the “registrant” section. In most cases, GoDaddy.com, LLC
is not the registrant of domain names listed in this database.