Tuesday, January 27, 2015
1012 C Street  •  Floresville, TX 78114  •  Phone: 830-216-4519  •  Fax: 830-393-3219  • 

WCN Site Search

Lost & Found

VideoLost: Black and white male Cocker Spaniel, around Pecan Park in Floresville on Jan. 7, wearing black collar with silver paw prints, reward! 830-393-2227.
Lost: Shadow, black female mixed Lab, last seen by F.M. 1303 and Broken Arrow, Jan. 11, white patch on chest, tail curls when happy, 30 lbs. Call/text 817-705-1116.
If you are missing a pet in Floresville, be sure to check the Floresville holding facility. Animals are only kept for 3 days. Contact Las Lomas K-9 Rescue, 830-581-8041.
More Lost & Found ads ›

Help Wanted

Mission Road Ministries is a nonprofit organization serving more than 825 children and adults with intellectual & other developmental disabilities each day with residential, day services and vocational programs in San Antonio, Texas helping clients reach independence, productivity and inclusion in the community. Seeking Residential Care Professionals for our Children and Adult Programs; FT, PT.  $8-$10.25/hr. depending on experience and education.  Must be at least 21 years of age; pass background check and drug testing.  Interviews every week. Call for an appointment, 210-924-9265.
Rainbow of Friends in Poth and Falls City looking for full-time/part-time teacher. Call for more information, 830-484-2152 Poth location or 830-254-3334 Falls City location.
More Help Wanted ads ›

Featured Videos

Video Vault ›

Scam Central

Gun sales scam among those in IC3 report

E-Mail this Story to a Friend
Print this Story
May 7, 2013 | 3,447 views | Post a comment

SOURCE: Federal Bureau of Investigation, Internet Crime Complaint Center (IC3)


Criminals capitalize on current events highlighted by the media, especially when the topic draws a significant amount of attention. The IC3 often sees evidence of this via complaints. One topic in particular that has continued to receive national attention is gun legislation reform. As a result, gun sales have skyrocketed. Consumers are not only purchasing firearms in stores, but online as well. The IC3 has seen an uptick in the number of complaints recently filed reporting fraudulent advertisements for firearms. Criminals entice victims into purchasing the firearms by using photos and descriptions hijacked from online firearm ads and advertise the firearms for below market value. The majority of the type of firearm that victims were attempting to purchase was a long gun.

In order to convince the buyer the transaction is legitimate, the criminal sometimes provides the victim a copy of a military photo ID via email, which they claim is theirs. Criminals also appear to know the procedures of transferring firearms by arranging for the firearm to be delivered to the victim’s local Federal Firearm Licensee (FFL). Many of the complainants fell for the scam, losing hundreds to over a thousand dollars in each transaction.



The IC3 has received numerous +complaints over the last couple of years regarding an online sextortion scam capitalizing on social media websites and technology. Contact between the subject and victim is initiated via social media websites and/or online dating websites. Once rapport has been established, victims are asked to engage in video chat where they are enticed to expose themselves in sexually compromising situations, while their images are secretly recorded. Subjects then threaten to make the videos available to all the victims’ social networking friends and other online contacts unless funds, ranging in the amounts of $50 to $300, are wired to various destinations overseas.



The payday loan scam involving threats and TDoS attacks was highlighted in the February 21, 2012 Public Service Announcement titled “New Variation On Telephone Collection Scam Related To Delinquent PayDay Loans” and in the January 7, 2013 IC3 Scam Alerts.

Based on IC3 complaint information, it appears the tactics used by the subjects continue to evolve. Information revealed subjects are now making unauthorized deposits for payday loans into victims’ bank accounts. The proceeds range from $200 to $300. After the initial deposit, victims reported unauthorized withdrawals every two weeks in increments between $60 and $90. The withdrawals are applied to accrued interest only, making it impossible to pay the loan in full. Victims reported all efforts to return the unwanted loan proceeds or pay the loan in full were unsuccessful. Some reported closing their bank account and holding the loan proceeds to prevent further fraud to their account. It has yet to be determined how the subjects are obtaining the victims’ bank account information, because some of the victims claim they have never applied for a payday loan.



MX Lab featured the following article on March 27, 2013
MX Lab, started to intercept a new trojan distribution campaign by email with the subject “Payment Advice -- Advice Ref:[B32454525694]“. Please note that the numbers used in the subject and mail from may vary.

The email is sent from the spoofed address “payment.advice@hsbc.com.hk ” and has the following body:

Upon your request, attached please find payment e-Advice for your reference.
Yours faithfully


We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by e-mail or otherwise to ask you to validate personal information such as your user ID, password, or account numbers. If you receive such a request, please call our Direct Financial Services hotline.

Please do not reply to this e-mail. Should you wish to contact us, please send your e-mail to commercialbanking@hsbc.com.hk and we will respond to you.
Note: it is important that you do not provide your account or credit card numbers, or convey any confidential information or banking instructions, in your reply mail.
Copyright. The Hongkong and Shanghai Banking Corporation Limited 2005. All rights reserved.


The attached ZIP file has the name Payment_Advice.zip and contains the 96 kB large file Payment_Advice.exe.

The trojan is known as W32/Trojan.IWRE-9169, PWS.Win32.Fareit.AMN (A), W32/Yakes.B!tr, Trojan.Agent.RVGen5.

At the time of writing, 11 of the 46 AV engines did detect the trojan at Virus Total. Virus Total and SHA256:


Your Opinions and Comments

Be the first to comment on this story!

You must be logged in to post comments:

Other Scam Central

Scam Central side bar header
Voncille Bielefeld homeBlue Moon Karaoke & DJTriple R DC ExpertsChester WilsonHeavenly Touch homeAllstate & McBride RealtyEast Central Driving School

  Copyright © 2007-2015 Wilson County News. All rights reserved. Web development by Drewa Designs.