Spammers take advantage of Naked Security writing about spammers

GreenCard3-250It was nearly two years ago that our very own Graham Cluley wrote a story about a 419 scammer who was posing as a woman name Karen Shaw.

Thanks to Naked Security readers, we discovered that the photograph used was in fact a press photo of then Australian Prime Minister Julia Gillard.

In a strange twist of fate, this photo has once again crossed paths with Naked Security.

Earlier today I received an instant message from Joe Kirwin from SophosLabs here in Vancouver, Canada.

He pointed me to an interesting message in our spam trap. This one was related to a scam suggesting you had won a United States green card in a lottery.

Yes, there really is a green card lottery, better known officially as “Diversity Visa Immigrant Program”.

I guess the first hint of trouble is you aren’t likely to win any sweepstakes, lottery or contest if you haven’t entered to begin with.


Winning-No: WAC20147730094DD

Dear Winner:,
Congratulation’s!- We wish to notify you that you are among the selected lucky winners of the U.S visa Lottery (Green Card) through our email ballot lottery program held on the 22th of MARCH 2014 in Arkansas (USA) The Green Card email ballot lottery program was conducted under the terms of Section 203 of the Immigration and Nationality Act (INA) Section 131 of the Immigration Act of 2006 (Pub.L.101-649).

Fortunately for the recipients, the English is very poorly written and should be spotted by most native speakers.

Of course those most likely to be interested in a green card are also likely to speak English as a second or third language and may not be as adept at spotting spelling and grammatical errors.

As far as identity theft scams go, this is a great ruse. The criminals are asking recipients to submit official US government documentation to them containing every conceivable component of a modern identity.

In addition to the US government PDF document, they also need a copy of the photo page from your passport. Just to be sure you understand, they link to an example. . .


On Naked Security. Yes, that’s right, criminals are using Naked Security as an image hosting service for their spam campaigns.

I dug a little deeper into the domain name used and it the top level domain belongs to a pair of Australian islands in the Southern Indian Ocean. Population zero.

It does beg the question of why it has a top-level domain, but for the moment it is fair to say that .hm domains are not likely to represent local businesses.

Stay vigilant, keep your eyes open and if it sounds too good to be true, it almost always is.

Oh and just because one of the images comes from one of the most trustworthy sources in the world, don’t be fooled. Only trust news you get directly from

Special tip of the hat to Joe Kirwin from our lab in Vancouver for spotting this message and suggesting we make note of it.

Note: Many of you have suggested replacing the image with one that warns the viewer it is a hoax. This is a work in progress, but because of the CDN we use to host the site it is taking longer than desired.