Select Page

We would love to hear your feedback

THE DAILY SCAM NEWSLETTER  |  MAY 15, 2024

Co-Founder/Content: Doug Fodeman  |  Co-Founder/Creative: David Deutsch  |  V04N14

You’ve Been Invited to a Photoshoot!

We imagine that being a Model today is a very cool job, but also one that could be stressful and demanding for lots of reasons. According to the US Bureau of Labor & Statistics, many Models work part-time and have unpredictable work schedules. This is just two of the many stressors for those pursuing this career. And, of course, Models are always looking for that next job offer! That’s why we think they may be an easy target for scammers. Last weekend we were contacted by a woman working in the Modeling Industry. She had just received an outstanding paid invitation offer from a Studio to be part of a photoshoot. The Studio has a visually rich website and lists two New York City addresses. However, something seemed a bit odd about the invitation. Thankfully, this woman asked for our opinion about her offer from this business. Take a look at the all the red flag warning signs we found. This included a conversation we had with someone from another business located at the same New York address listed in the email Karlie received. We hope you’ll agree with us that this offer is 100% a scam!

To protect her privacy, we’ll call the Model who contacted us “Karlie.”  Here is the email that Karlie received from a photography studio called Glamourflux Studio. It struck us as a bit odd that it was sent from the free email service at Mail.com instead of coming from an email address using their domain name, glamourfluxstudio.com.  Also, the email offer didn’t include any employee’s name.

The website, GlamourfluxStudio.com, consists of one web page divided into multiple parts. Here is a screenshot from the top of it. It turns out that the domain, glamourfluxstudio.com, was registered 45 days before Karlie brought it to our attention, on March 27, 2024. Of course it was also registered through a proxy service to hide the real owner’s identity, but that isn’t unusual by itself. However, we found many “red flags” on this website that raised alarms.  No legitimate business would make these mistakes or present these images as their own when they are supposed to be a photography studio!

Here is a list of just some of the “red flags” that we found on this website that led us to believe it is a lie supporting a scam…

  • GlamourfluxStudio.com shows photos of 3 Photographers by name. Two obvious male photographers are given traditional female names: “Jane Mycel” and “Laura Mark.” We discovered that ALL 3 of these images are stock images found on many websites. For example, the photo of “Laura Mark” is actually photo #424091 on the website FreeDesignFile.com

  • GlamourfluxStudio.com lists several achievements on their website. However, they misspell the word “achivements” and provide impossible statistics given the fact that their website is 45 days old!  For example, how could they possibly have “24500” people who have rated them or have “4500000 Happy Clients.”

  • Glamourflux Studio shows that one of their two addresses is 450 W 31st St 10th Floor, New York, NY 10001Our research shows that there is NO SUCH BUSINESS listed for the 10th floor at the address they give on 450 W 31st Street. In fact, there is no such business anywhere listed at this building on 450 W 31st Street. I called a real business located at this address. It is located on the same floor that Glamourflux Studio claims to have their studio. (The man I spoke with asked that his name and their business name not appear in this article about cyberfraud.) On May 11, he informed me that both his business, and another business at this building’s location, have had many people show up in the last few weeks who were tricked into thinking that they had been hired/invited to a photoshoot and offered modeling jobs for this photoshoot. This even included mothers with babies and young children. One woman told this man that she was scammed out of $500 after she realized the photoshoot invitation was a scam!

  • GlamourfluxStudio.com offers three “Testimonials” at the bottom of their website. They seemed a little odd to us, especially when one of the quotes uses a very British word for “mother” that is also used in English spoken in countries around the world, but NOT in the United States.  When we searched for a portion of this exact quote, Google found it on many websites.

In addition to the many red flags we found on the GlamourfluxStudio.com website, we discovered the following issues….

  1. Glamourflux Studio lists their phone number as (713) 487-5794Google tells us that this phone number is for a business in Houston, Texas called Texas Water and Fire. (This number is clearly seen on their website.)

  2. Before we reported this website as 100% fraudulent to our friends at Scamadviser.com, they had listed this website GlamourfluxStudio.com as highly suspicious!  Perhaps most importantly, we found a Reddit post from someone else who received the same offer as Karlie.  However, the person took the next step and contacted Glamourflux Studio to express interest in the modeling job. The email sent by Glamourflux Studio in response confirmed our suspicions that this is an advance-check scam!  Check out the post, the email response from Glamourflux Studio, and the comments on Reddit. 

Who is most likely responsible for this fraud?  We STRONGLY believe that scammers from Lagos, Nigeria are most likely behind this advance-check fraud.  We have two reasons for saying this. Firstly, we have written about these types of scams for years and documented hundreds of them in our article called Fake Job Interviews.  In a few instances, we’ve worked with victims to trick scammers into clicking a tracking link and each time it has pointed back to Nigeria.  Secondly, we found a small but important clue in our investigation that gave us a name of someone involved in this scam. The name, according to Google, is very likely a Nigerian name. (We will not publish that name or how we found it due to concerns that these scammers find/read this article.  However, we’re happy to provide this information to verifiable law enforcement agents in a video chat, if contacted.)

In this advance-check scam, fraudsters create a very believable, but fictional story, to convince someone that they have been hired by a legitimate company. As a part of their new employment, the newly hired victim will be sent a very well-crafted, but fraudulent check, and told to deposit it immediately. Then, the victim is instructed to use a large portion of this check to pay for expenses such as travel, or materials using ONLY the approved vendors provided by the company. As an incentive, they are always told that they can keep several hundred dollars as an advance payment for their work. This means that after the victim has deposited this well-crafted fake check, they will wire their REAL hard-earned money to the scammers. But the bogus check will bounce days later.

If it isn’t already crystal clear, we urge everyone to VERIFY, VERIFY, VERIFY information you receive online, via text, email, chat, or social media!  It is simply far too easy to lie online!

Dangers of Misinformation to Democracy, Have I Been Pawned, More Stupid Scammers and More

As we get closer to the Fall election season here in the United States, it becomes increasingly concerning how countries, organizations and groups of individuals use misinformation and disinformation campaigns to manipulate the opinions of voters. This is, in fact, becoming a serious problem around the world and not just in democracies. From our perspective, it is a malicious form of fraud with very serious consequences for societies as a whole. This recent article on CNN is a serious warning about these threats.  It is titled Journalist Sounds Alarm on Dangers of Propaganda, calling it ‘one of the worst crises for American Democracy this century.’

There is an outstanding free resource that we think everyone should be using at least 3 – 4 times each year!  (Set up a calendar reminder to do this every quarter!) The resource is called “Have I Been Pawned?” and the website is haveibeenpwned.com. This service evaluates instances of data breaches, posting of personal data for sale on the “dark web,” as well as other data releases by cyberhackers. Haveibeenpwned.com then puts all of this data into a searchable database by email address, along with information about the stolen information to inform the public.  We strongly recommend that you visit their website and enter your email address(es), and those of your immediate family members, to see if YOU or your loved ones have been “pawned.” The results can help you decide if you need to change passwords, close accounts, modify your username, or even lock down your credit reports to limit your risk for identity theft.  After you enter your email address and click “pwned?” be sure to scroll down and read your results carefully.  It is even possible to sign up and be notified if your email address is ever discovered in a breach or posted on the dark web for scammers to buy.  Below is an example of an email notification that we received about one of our many email addresses…

Last week our Top Story focused on ‘Celebrating Scammer Stupidity.’ Since then Professional Scambaiter Rob sent us a couple more interactions that are simply too funny not to share with readers. Check out this email conversation Rob had with a scammer over the course of two days. The scammer claimed to represent the International Monetary Fund. It ends with the scammer providing Rob with some information that you would never expect to be given!

The conversation above was followed the next day by this unbelievably crazy stupid award-winning (in our opinion) email from “FBI security” using a free Gmail account!   We LOVED this email from “fax Mulder.”

If you were wondering how you might be able to “up your game” to engage with, and waste scammer’s time you might consider downloading and using the “Jollly Roger Bot!”  This AI app is available at the Jolly Roger Telephone Company website.  You activate it either when you receive a suspicious or scam call, or when you wish to call back a scammer’s phone number from any of the dozens of scam emails that hit your inbox.

ConsumerAffairs.com has recently provided several worthwhile articles that we recommend reading…

Lose Money to a Scammer? Another One Will Promise to Get It Back!

https://www.consumeraffairs.com/news/lose-money-to-a-scammer-another-one-will-promise-to-get-it-back-050824.html

Drive on a Toll Road or Bridge? Scammers Are Looking for You

https://www.consumeraffairs.com/news/drive-on-a-toll-road-or-a-bridge-scammers-are-looking-for-you-050224.html

Scammers Are Trying to Cash In on the Latest Tornado Outbreak

https://www.consumeraffairs.com/news/scammers-are-trying-to-cash-in-on-the-latest-tornado-outbreak-050224.html

Rob tells us that he’s been suddenly getting lots of scam calls from area code “646”  There’s a scam behind that area code and the details were posted on MalwareTips.com:

https://malwaretips.com/blogs/646-area-code-scam/#google_vignette

Remember to check out our Podcast series! A new 12 – 18 minute podcast is released on the 15th of each month and we think you’ll enjoy the podcast released today!

Amazon, Mis-Matched Email Names, and Country Codes…

Last week lots of our readers from all over the world sent us phishing emails that poured into their inboxes. As far away as New Zealand, we saw many of the same types of phishing fraud. Check out this email pretending to be from Amazon about the recipient’s Prime membership account. Not only did this email NOT come from Amazon.com but the link to “update information” pointed to a Google drawing doc that was quickly taken down for violating their policies. Gee….ya think?!

In these next 2 smelly phish, take a close look at how the name in the FROM text field doesn’t even come close to matching the name found in the email address between the < > symbols!  It’s almost comical! For several months now, the favorite phishing scam used by cybercriminals also uses a free Gmail address to send a very short message with an attached fake pdf invoice. The pdf file always has the scammer’s phone number on it so you can call them to refute the charges.  Can you say hogwash? Drivel? Rubbish? Hooey? Balderdash? 

As a final example of rotten phish, check out this lovely email sent from a server in Thailand! (It’s so important to recognize 2-letter country codes! Check out our short video clip on how to do that: https://www.thedailyscam.com/country-code-scams/

Report your smelly phish! https://safebrowsing.google.com/safebrowsing/report_phish/

Free Lawn Care Quote and Starbucks Winner!

For the millions of home owners with a lawn to care for, it’s that time of year when you expect to see advertisements about lawn care in the US. That makes this malicious clickbait no surprise! This nasty email dropped into one of our honeypot email accounts, claiming to represent the lawn care company called TruGreen. But it didn’t of course. The name should have been TruScam! This clickbait is another one sent by a VERY active cybercriminal gang that we believe operates out of India. Notice that the links point to the link-shortening service at bit.ly.  That means that you’ll be redirected elsewhere and its going to hurt!

Who would have thought that your final destination for the link in the above clickbait would be SHORTER than the link in the email!  The bit.ly link will forward you to a website called oswearer[.]com. This domain was registered through the very horrible registrar called Namecheap and is hosted on a server in France.  Thankfully, three security services have already identified oswearer[.]com as malicious! Deeeeleeeete!

Starbucks is famous for their coffee! It’s no surprise then than the name and logo have been misused by the same cybercriminal gang to create another malicious clickbait.  Similar to using the bit.ly link above, this clickbait uses tinyurl.com to shorten a link and present it to you in this email. When we unshortened it, we weren’t the least bit surprised to see that you will NOT be directed to Starbucks.com!  We think you would be wise NOT to click any shortened links in emails claiming to represent a known company!

You Have a New Fax!

If you think this eFax email might be legitimate, think again! The accountant who shared it with us noticed that it came from a server in India. (Notice that the email address ends with the 2-letter country code “.in”)  When he moused over “Download PDF Pages” (without clicking!) he noticed that the file was linked to an “executable” Windows file!  That’s very dangerous! Lunge for the delete key!

Hi, I’m Anita

“Hi I’m Anita” says this random text that dropped on the phone of a married man in his 30’s. Needless to say, he wasn’t expecting it and had no idea who “Anita” was. She’s looking for “polite men” and, as you ALL KNOW, the best way to find them is to send out random texts to strangers across the Internet. However, we did love her email name of “improbity 5 nikhut”  It likely says everything you need to know about Anita…. She is improbably five nickels short of buying a hut. And so she needs to scam you to pay for a new palace! Deeeeeeeleeeete!

Until next week, surf safely!

Copyright © 2024 The Daily Scam. All rights reserved.
You are receiving this email because you have subscribed to thedailyscam.com

Marblehead, MA 01945

Contact Webmaster