FCC: You Really Don't Need High-Speed Internet Services
Survey: United States Citizens Don't Know Their Basic Constitutional Rights

Here Comes The Post-Equifax-Breach Spam From Scammers

If you haven't received them yet, you probably will soon. Here comes the spam - unwanted e-mail messages - from scammers, supposedly related to the massive Equifax data breach. The spam will likely include phishing attacks: attempts to trick consumers into disclosing sensitive bank account and payment data.

What might this spam look like? The spam filter by my e-mail provider recently trapped the message below in my spam folder:

Suspected spam email. Click to view larger version

The sender's intent is to clearly leverage consumers' anxieties and fears about the massive, horrific Equifax breach. The e-mail message also states:

Suspected spam email. Click to view larger version

The message offers both three free credit scores and free credit reports. The problems I see with this e-mail:

  1. The message doesn't list a price for its offer. The company name -- FreeCreditClick -- implies the offer is free.
  2. Key items in the e-mail don't match. The company name in the "From" field doesn't match the e-mail address. Nor does the company name in the "From" field match the company name in the body of the message.
  3. The sender's e-mail address in the "From" field includes a version of an e-mail address I've seen before in other spam.
  4. The Equifax site already directs consumers affected by the data breach to an Equifax site to learn how to get protection (e.g., credit monitoring and fraud resolution services) for free.
  5.  The e-mail offers credit reports from the three major credit reporting agencies: Experian, Equifax, and TransUnion. Informed consumers know that the official website for free credit reports is annualcreditreport.com.
  6. Informed consumers know that while there are several brands of credit scores, they probably need a single good one.
  7. The e-mail contains order and unsubscribe links with destinations that doesn't match either the company's name in "1" nor "2."

To understand #7, I reviewed the underlying HTML markup language used to create this e-mail message:

HTML markup of the suspected spam email. Click to view larger version

The destinations for both the order link (A) and the unsubscribe link (B) contain the "proffbuilder.com" site and embedded redirect commands. The redirect commands could take your web browser anywhere. Too risky, so I did not click on them.

As best I can tell, this definitely is spam. I don't trust it. What do you think?


Feed You can follow this conversation by subscribing to the comment feed for this post.


I have recently been receiving twenty or more emails a day, all from different email addresses but all from the domain proffbuilder.com.
However, none of these have anything to do with credit reports. They are for every kind of imaginable product or service, from "tactical grade flashlights" to "meet Russian beauties" to roofing installation to auto insurance to CBD oil.....
The one thing they ALL have in common (besides the domain name of the sender) is that the email body contains numerous links to "linkbucks.com" - none of them are even selling the product or service advertised; they are only farming clicks to linkbucks. Both the "buy now" AND the "unsubscribe" links in the emails lead to linkbucks (I never click on it, though.)
I think someone is infecting email accounts with a mailbot to send these emails to get people to click because for every 2,000 clicks, they get $1.00 from linkbucks.

I just wish I knew how to stop the onslaught in my inbox! I can't get the domain to properly be blocked!

The comments to this entry are closed.