I also suspect that the phrase "They also fix security holes in your current browser!" might be an indicator of malicious intent.

Lack of a serial comma is also a clue.

This particular example would set off my WTF reaction because FF24 just got to my system yesterday.

I have, however, gotten emails of the same style purporting to be from my non-Gmail provider, shortly after their system was upgraded.

You made me look, and my FireFox upgraded itself to 24.

How many scams start by offering to protect you from scams? I bet it's a lot.

"PublishAmerica has detected Jim Macdonald on your computer! Click here to install our urgent fix for this malware, which is directly responsible for the current situation in Syria."

No, I don't suppose they're even that clever.

chris @ 5: Not quite the same, but these days quite a fraction of the Nigerian 419 scams are aimed at addressing people who have been taken by previous 419 scams, and offering them compensation. Looking at it from the scammers' standpoint, it makes beautiful sense - after all, that way you're going to reach the ones who not only were dumb enough to be taken in the first time but who are still falling for it.

At least you can always completely remove the programs at any time using Windows' Add/Remove Programs.

David Langford #6: You win One Internet. Please collect it from P.O. Box 419, Lagos, Nigeria.

I'm not sure why scammers are incapable of writing officialese competently. It's always a little off, even without majorly glaring grammar and spelling errors. The sentences aren't quite right.

Two ideas. One, scammers only put in enough effort to fool the really gullible, and the great majority of people don't read well enough to see the linguistic markers. The bad guys don't want extremely literate people responding to these appeals.

Two, some scammers do write really well, and find themselves recruited by Bigger Operators. What's the robbing of a bank compared to the founding of a bank?

The NSA can't write better than that?

"(I’m told that things like this infect the ads that are served by legitimate ad-servers that are installed on legitimate pages.) "

Error in parsing: "legitimate" along with "ad-servers" and the consequent "ad-servers that are installed on legitimate pages".

Legitimate websites do not display un-vetted ads from third parties.

Any website that displays 3rd party ads deserves adblock.

('"advertising" is a dead medium' is a different, related problem.)

rm @10: They are deliberately, actively including obvious bullshit that is trivially detectable.

It's a filtering function: If you're not the kind of clueless user who would ignore that kind of error, they don't want you. If you DO ignore that kind of error, you're more likely to also ignore any further mistakes and give them money for their obvious scams.

The blatant errors exist *so that* the scammers don't waste time on the not-scammed-by-obvious-scams brigade.

I looked at the Jim's screen capture. I was struck that while on first glance it gives the illusion that it's a Firefox installer, the orange swash around the globe is not the firefox — it's an orange arrow.

Also interesting was the helpful 3 pt type in 10% grey at the bottom. Here's a transcription:

Disclaimer: We are not affiliated nor partnerered with Firefox. Firefox has not authored, participated in, or in any way reviewed this advertisement or authorized it. All trademarks, service marks, logos and/or domain names including the names of products and retailers are property of their respective owners.

Modified Installer: This website is distributing custom installers which are different from the originally available distribution. These new installers comply with the original software manufacturers policies and terms & conditions. However, they are not the originals. Optimum Installer is an install manager, which manages the installation of your chosen software. In addition to managing your download and installation, Optimum Installer will offer free popular software that you may be interested in. You are not required to install any additional software to complete your installation of your selected software. You can always completely remove the programs at any time in Windows Add Remove Programs.

Rob, that sort of installer-with-extras gets used by some legitimate free software. They're sometimes a sort of advertising, but I am strongly disinclined to trust any software distributed in that manner. When the situation gets as murky-grey as this one, they don't make bargepoles long enough.

#15 – I don't much like it, either, when otherwise respectable freeware comes with unrelated opt-out-if-you-happen-to-notice extras like downloading some web browser and making it your system default.

Heck, I was livid when, a month or two ago, an otherwise perfectly unexceptional Microsoft Update reset my homepage to msn.com and my default search engine to Bing.

John @12:

Legitimate websites do not display un-vetted ads from third parties.

Any website that displays 3rd party ads deserves adblock.

John, do you include our hosts in the category of "illegitimate websites"? I don't know what blogads.com's vetting process is, but I had the impression the MakingLight folks aren't directly involved (though I thought they had the ability to kick out ads they find objectionable after they've noticed them, but I could be mis-remembering).

It was in one of those ads that I read here just today that Carolyn Cassady was dead. How I feel about that I don't know.

John @13 - I'd observed a similar pattern of deliberate misspelling to weed out the wise and aware on Facebook; (un)amusingly, those posts still get forwarded ad nauseum. I suspect that says something about the average Facebook user.