Hall of Shame‎ > ‎


Here's some phishing scams and other such lies I have come across. Maybe you'll get a good laugh. Maybe you'll learn something. Anyway here goes...
   Phishing Scam (June 2011)   
Headquarters: 60 Merriman Road
Blackheath London SE3 8RS
Ref: UK/9420X2/70
Batch: 065/088/XY24


This is to inform you that the prestigious MICROSOFT CORPORATION has
release final result for winners of the just concluded 2011 anniversary promo
whereby email address was randomly selected and attached to a ticket number.

Congratulations, your email address has been proved a winner for
our users
reward scheme, you are therefore eligible for a substantial portion of
$500,000.00 USD.

To claim your prize kindly confirm the receipt of this mail with your
(a)Full Name:
(b)Address & Telephone:
(c)Age & Gender:
(e) country:
To the Program Director with his details below.

Name: Mr.Derek Nelson.
Email: program_director@w.cn
Tell: +44-703-591-3709

©Microsoft Corporation.
Oh, stop, I'm laughing so hard it hurts!  First of all, this claims to be from Microsoft Corp but the address is in the United Kingdom.  Even if you don't know Microsoft is headquartered in Redmond, Washington, you should at least know it is in the USA and not the UK.
Second, the email is full of typos.  I think we can agree Microsoft isn't perfect, but I should hope (and their documentation confirms) they have a better command of the English language.  It is almost like some foreigner -- let's imagine a Chinese man -- was trying (and failing) to write a message in English.
Third, the reply email address has a domain based in China, while the phone number maps to the UK.  So, a USA company is using a Chinese mail host and a UK phone service / postal address.  Even if this were legitimate, I would say they are not very coordinated (hence, unreliable).
Fourth, it doesn't have a proper closing: "Sincerely, (C) Microsoft Corporation".  I've never seen a real company try to combine a signature with a copyright message.  Maybe I don't read enough?
   Another Hotmail Phishing Scam (August 2010)   

Dear Account User


This Email is from Hot mail Customer Care and we are sending it to every Hot mail Email User Accounts Owner for safety. we are having congestion's due to the anonymous registration of Hot mail accounts so we are shutting down some Hot mail accounts and your account was among those to be deleted. We are sending this email to you so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below. after clicking the reply button, or your account will be suspended within 24 hours for security reasons


User name: 

Date of Birth:

Country Or Territory:

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.
Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account permanently.


The Windows Live
Hot mail Team


Okay, this is really stupid! First, there is no way you can fill out the requested information... anybody dumb enough to reply would have to smart enough to manually provide all the requested information... Asking dumb victims to smartly provide sensitive information has got to be the worst phishing scheme ever! Almost as bad, is that Hotmail / Windows Live / Microsoft actually allowed this email into my mailbox (instead of dumping it into Junkmail). Pathetic... double pathetic...  Hopefully most of you noticed the multiple violations of standard English writing.  Although I like to bash Microsoft on several fronts, at least they know how to write in proper English.  The looser that created this should go back to school.  Maybe they are targeting ignorant imigrants with modern technology and valuable assets?
   Hotmail Phishing Scam (March 2010)   
From:  Windows Live Team (elezabethann@hotmail.com)
Medium riskYou may not know this sender.Mark as safe|Mark as junk
Sent: Wed 3/03/10 2:28 PM
To: Windows Live Team (elezabethann@hotmail.com)
Dear Account User,
We encountered a problem with our database and a lot of records were lost, we are restoring our database to enable us serve you better. Your Windows Live! Account details are required so as to store in our database to keep your account active. Failure to do this will lose his or her account permanently.

To update and enable us restore your account details in our data base to keep your account active, you are required to provide us the details below urgently. Click the reply button to enter details below.

Name: ……………………..
Username: ……………………..
Password: …………………….
Date of Birth: …………………

Country or Territory: …………
Windows Live Alert Team

Microsoft Corporation

Well, the above is a blatent phishing scam! They are asking for both your account name and password! If you learn nothing else from me, learn this: NEVER, EVER give your password to any account you have in a reply to any email. In fact, I would not even provide my password on a secure webpage (https://) unless it for the sole purpose of logging in to use the service (regardless if that service is mundane like email or important like a bank acount).

More importantly, I am concerned that Microsoft's HOTMAIL "spam filter" did not catch this, especially since the from line is "WINDOWS LIVE TEAM" and it specificaly asks for sensitive account information (username and password).

Another give away is it wants to know your date of birth. WTF? Unless the account is subject to legal taxation (banking, insurance, etc.) you should NEVER divulge your birth date. Just another tip from me to you. On some occassions, I have encountered requests for this info when it is not legally required when signing up for a service (a new service, not request for info like this scam). In this case I recommend you choose to either:

  1. Not signup for new service (don't give them unneeded info).
  2. Lie about your birthdate; you may consider this immoral, but if they don't legally need it, then it doesn't bother me (but that's me...)
 E-Mail Scam, February 2008   
Please Update Your Account

Dear valued PayPal member: It has come to out attention that your PayPal account information needs to be updated as . part of .our continuing. commitment to protect .your account and to reduce the instance of .fraud on our website. If you .could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online services.

However, failure to update your records will result in account suspension. Please update your records on or before Wednesday 29, 2007.

Once you have updated. your account records, your PayPal session will not be interrupted and will continue as normal.

To update your PayPal records click on the following link:
Click here

PayPal, Inc.
P.O. Box 45950
Omaha, NE 68145



This PayPal notification was sent to PayPal member. To modify your notification preferences, log in to your PayPal account, click the Profile sub-tab, then click the Notifications link under Account Information. Changes may take up to 10 days to be reflected in our mailings. PayPal will not sell or rent any of your personally identifiable information to third parties. For more information about the security of your information, read our Privacy Policy at https://www.paypalsecure.com.ar/.

Copyright© 2006 PayPal Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. PayPal is located at 2211 N. First St., San Jose, CA 95131.


Notice the date listed is Wednesday 29, 2007. There is no month specified! February does have 29 days in 2008 because of leap year, but February of 2007 does not have 29 days. Of course it doesn't really matter what month of 2007 because this was recieved in 2008. So a year late you think? Well, the 'copyright' is 2006! Boy are they slow! Notice that the mailing address in the 'email' is Omaha, NE but in the 'fine print' it is San Jose, CA. Two different states! Finally, note that Click Here link does not go to PayPal but instead to bank-secures.com. The domain registry for bank-secures.com lists no parent company, only the registrar, name servers, and a status of clientTransferProhibited.

   Another Phishing Scam   

I'm Mr. Ching Hsu, Opportunity seldom come once way, and sometime when it does, some are ignorant to know, but for the few that could read in between the line would see that opportunity, grab it and make good use of it, this is the case I have today. as the Head Auditor, Taiwan business Bank, Taiwan.

During our account audit session, I discovered a 17.7 Million USD dormant account, and I wish to claim this funds, but my presence as a staff not allow me do it directly/personally, I therefore seek your partnership so you and I can claim this funds,if interested, contact me by providing me with;

2. PHONE No:

I would prefer you reach me via my personal E-mail address: Email : mrchinghsu8@yahoo.com.hk


Mr. Ching-Hua Hsu

Any high school student in America would be able spot numerous spelling and gramatical errors, despite what some may say about the U.S. educational system. Then there is the misused colloquialism "read between the line" which should be plural (lines). Funny stuff, I think. Note to phishers: don't even try to use colloquialisms if you can't even get the basics correct! Umm, maybe I shouldn't be helping these guys out?

© H2Obsession, 2008, 2009, 2010, 2011