Phishing - The Tagged.com Email Scam
"Cathy Tagged You!"
You may have received an email like the one below that looks very authentic,
like it came from a friend of yours, via Tagged.com. This email was not sent
by your friend or any real acquaintance. It is a scam BY Tagged.com to phish for
more people to sign up on Tagged.com
If you receive
an email similar to the one below, DO NOT click on the link, and do not enter
any information on the forms there.
When you enter the information they ask for, you will simply be
handing the spammers the keys to your email accounts. That is how this
type of phishing works. Other blogs have reported that Tagged Inc. scoops up your
personal email addresses by manipulating the you, unsuspecting user, into
entering your Google account information - something you should never, ever do.
Invitation messages are then sent to everyone in your contact list are sent
without the possibility of you choosing which “friends” you want to “tag”.
Remember, there's risk in giving your personal
details, even just your email address to social network websites". And no reputable business would send you
an email requesting your personal account information for its own or any other
service. Any such email you
receive asking for this information should be considered phony and brought to
the attention of the business being 'phished'.
Anytime you need to go to a website for your bank, credit card companies or
other personal, financial or confidential information; do not follow a link in
an email; just type their address in your browser directly
Below are actual phishing emails that started circulating in 2007.
We have put a warning over the links to the phisher's website.
Who is Tagged.com?
IP’s of the Tagged’d servers.
64.125.115.5
64.125.115.6
The registered owner is “Tagged, LLC”
Address is a PO box in San Francisco.
Tagged.com is a social networking site. During registration, they ask applicants to supply an email address and a password for accessing that
email account (something you should NEVER do!) so Tagged can
examine your address book to "match you up with your friends,". In
truth, Tagged.com then uses your address book and contacts list to email invitations to those addresses.
The person who signed up for Tagged.com is generally unaware that this
is happening until angry friends and contacts ask what is going on! Be
sure to read
Tagged.com's Terms of Service.
The emails sent by Tagged.com often claim that the recipients have
been "added as a friend," "sent photos" or "sent a private message" on
Tagged.
I clicked on the link and entered information, What will happen now?
You'll probably get a LOT more spam and other junk email. Anyone in
your address book of the email account your supplied to Tagged may
receive email messages from Tagged, without your knowledge.
What can I do about it?
Write back to the person who is referenced in the Tagged.com email
(but write to them directly, not through Tagged.com) and tell them what
happened. Ask them to cancel their Tagged.com account and complain
to Tagged.com.
You may want to complain to:
You can also complain to Tagged.com's ISP/hosting company
(Internet Service Provider, the company that puts their website on the
internet).
They may change hosts often, so the best way to find out who is hosting
Tagged.com is to go to
http://whois.domaintools.com/tagged.com
You can also use any one of the free resources below to
determine current network provider of tagged.com/taggedmail.com:
http://www.dnstrouble.com/
http://thednsreport.com/
http://mydnstools.info/
http://dnsbench.com/
http://www.iptools.biz/
http://who.is/
https://ws.arin.net/whois
http://www.spamhaus.org/sbl
For more information about phishing, see
this page.
Example
Here is one account of what happens if you click on the links in the email (see
this blog for the complete account):
It took some generic contact details from me, then informed me who else
in my email list is also a member. I figured, sure, I will add them to the
set, since they are already involved. But one thing I did NOT want to do was
spam all my friends - I KNOW who my friends are and I don’t need a stupid
internet network to tell me who they are. I hit send…
Then I scrolled down as I waited for the next page to load.
And discovered it had not just flagged the people in the system but
flagged EVERY SINGLE PERSON I HAVE EVER EMAILED for an invitation to this
stupid network!
I had messages going out to customer service departments of a dozen
companies, billing companies, former clients, casual acquaintances, my
PASTOR, my professors! I tried to cancel it, but it was too late.
For the next two days I spent my email time replying to all my friends
who were ticked off at me for sending them this spam. And explaining myself
to countless people who hardly knew me, wondering why I was being such a
twit as to beg them to call themselves my friend.
Then the 2nd round started.
Tagged.com RE-EMAILED everyone after 3
days! Begging them again! My gosh! How pathetic is this thing?
I logged into my account and scoured it, to find out how to turn off
these stupid spam messages. There was no way. I closed my account and told
Tagged.com EXACTLY what I thought of this
system.
Avoid
Tagged.com at all costs. Reply
directly to any of your friends who send this to you, telling them yes, you
are their friend, but no you will not join any spamming network to prove it.
References:
You can read another description here, and find plenty more in a quick
Google search of "Tagged.com"
Here are links to a few of the many, many examples of people who have been
scammed and phished by and through Tagged.com:
Conclusion: Tagged .com and Other Social Networking Sites Are
Not Worth the Risks
If you really don't believe that entering a profile on social
networking websites, like tagged.com, Facebook, MySpace and others, endangers
many aspects of your privacy, and therefore also your identity, finances and
possible safety, then read these comments to the Federal Trade Commission by a
researcher, Dr. Jo Rutter.
The entire study can be seen here on the FTC website.
"After listening to the webcast of the recent FTC ehavioral
sessions on Nov 1-2, 2007, it was apparent that most online entities
acknowledge the importance of privacy, but little was resolved in terms of
taking real steps toward changes in the corporate attitude toward the
fundamental importance of this issue in light of new, and even more
profitable ways to use consumer information. 'Privacy speak' was the talk of
the day, but real change was lacking. At the time of this seminar, the
second study in the presentation was being compiled. In it you will find
that if users want to send a simple email to websites to resolve or clarify
privacy concerns -- (websites were specifically asked 1) if they share
personal info collected on the site? and with whom? and 2) can personal
information on the site be permanently deleted?) - consumer centric privacy
policies and responsive sites are the exception, not the rule.
Websites say they care, but from
this study you will see that is generally an empty statement. In a very
recent development, Channel 4 news out of the UK has televised a situation
in which a user attempted to permanently delete their account on
Facebook.com. Although the individual was permitted to deactivate their
account, the information remains on Facebook's servers indefinitely.
This specific question was posed to over 105 popular US websites in our
second study, as detailed in the attached powerpoint presentation. The
results were poor - with most not even willing to address this issue."
You will see in their study that the vast majority of social networking
websites, even the most popular and well known ones, don't even bother to answer
questions about privacy, and attempting to remove your personal; information is
simply ignored. Do you really want your personal information to be posted on the
internet forever? STAY OFF SOCIAL
NETWORKING WEBSITES!
| 
