Phishing Audits
0 VoteSome companies have started testing their employees on how they respond to phishing attacks.
A company called Intrepidus Group has a system whereby they basically send your company’s staff spam, testing them on how they respond to it. The system can even concentrate spam on people who are ore susceptible to clicking on links.
The system sends results back to the tester on who clicked on the emails, what data they entered in (e.g., their name, credit card numbers, etc).
So the next time you see an email that doesn’t look quite right, and has links to external sites, think hard whether it’s real, spam, or this new kind of "ethical" spam.
The company’s web site explains it better, http://phishme.com/
Domain Slamming
0 VoteNick, a regular reader, offered this advice on a scam known as domain slamming. If you have any domain names registered then take note of the following.
A company known as "Domain Registry of America" has been sending letters (the paper kind) telling people that their domain will expire soon and that they need to pay to renew it.
Normally you would renew your domain name with the company you’ve already used to register. But this company sends out letters that look like invoices hoping that some people will just pay it without questioning where it came from.
When you register a domain name you’re required to provide your name, mailing address, and email address. This information is made publicly available (use any of these free Whois services to view this information about any domain name). This is where they get your details from.
There’s plenty of information about domain slamming on these pages here, here and here.
If you own a domain name, especially a .com name, make sure that it’s locked. This is just an option you select when you setup the domain name. Then ignore any letters (or emails) you receive from other companies about your domain name.
Note that this happens in most countries, not just USA.
Yahoo! Malicious Page Alerts
0 VoteYahoo! now lets you know if a web site contains malicious content. It works very similar to how Google does it. From a technical perspective Yahoo’s implementation seems better - it scans files that automatically download.
McAfee have provided the malware detection technology, called SearchScan, so it has a company with a good reputation behind it. Below is an example of how it looks when it finds something dangerous:
Yahoo! operates search engines in several countries, and it will be enabled by default for the following countries: Australia, Canada, France, Germany, Italy, New Zealand, UK, USA.
Password Safes
0 Vote
Password safes are programs that store your passwords. In general they’re a good idea because:
- You have less reason to reuse passwords (having a unique password for every site is much safer)
- You can use more complicated passwords without risk of forgetting them
- If you forget a password you rarely use you can easily retrieve it
- In a business it’s easier to share passwords and control who has access to what (especially in IT departments)
Below are some examples of good password safes:
And this is an example of something that looks good but still isn’t a good idea:
If you use a hosted service like this you’d be giving your passwords away to another organisation. They promise not to look at them. How comfortable would you be trusting someone you haven’t met to hold the password to your online banking?
This comes from their own web site and it should give you an idea (it’s in their FAQ page):
While we take every security precaution, we do not recomnmend storing sensitive information such as bank account passwords.
In summary:
- It’s ok to store your passwords on your own PC
- It’s not ok to let some other person or company store them for you
- Ideally if you store the passwords on your PC you should:
- Use a good password safe that encrypts them, like the ones above
- Use a good anti virus package to ensure you don’t have spyware on your PC
- Keep your PC in a safe place, like in your home or in a locked office
- Keep backups (in case your PC dies) and store the backups in a safe place
- Don’t do this on a shared computer, including some office computers
Side Note: The 3rd of May was the 30th anniversary of spam.
Telephone Scams
0 Vote
Most of the scams I’ve written about on this site involve the internet. Now phone call scams are making a comeback. The ideas behind these scams are almost the same whether they happen on the internet or over the phone.
There are a few variations but the basic idea is the same:
- The criminal will often steal a phone to make a call
- A criminal calls someone’s phone (often a child) and tells them maintenance needs to be done on their phone and to turn it off for an hour
- They then call that person’s parents or relatives
- They tell the parents that they’ve kidnapped their child
- They demand a ransom to be dropped off at some location cash or jewelery
It’s not a small problem either. In Mexico, in a 3 month period 30,000 complaints were made to the police regarding this scam. In a 6 month period (also in Mexico) it’s estimated that US$20m was collected from worried parents. So it’s not a small problem, it’s rampant.
There’s another variation: instead of making fake ransom requests people are told they’ve won a car or some other prize, and that they need to deposit some money to be able to collect their prize. We’ve seen this before in email scams, I guess people are starting to not believe emails and criminals have moved back to phones.
So keep this scam in mind and plan accordingly on how you contact your family members.
More information here.
Update: HP Software Update Tool
0 VoteBack in January I mentioned that HP’s Software Update Tool was vulnerable to attacks. That was limited to a support program installed on HP laptops. Now the problem appears to be worse than first thought.
A large number of HP’s printers (both laser and inkjet), scanners, cameras and PCs also include this tool. Version 4.0.9.2 or earlier is vulnerable. The problem has been resolved in the latest update, version 4.0.10.8.
So if you have an HP product on your computer check if HP’s Software Update Tool is installed, and the version number. You might need to upgrade it.
The risk is that a malicious web page can be created that activates some code in HP’s Software Update Tool and it can execute code on your computer. This is OK if you’re allowing HP to update your drivers, but it’s a bad thing if random strangers can do this.
Note that this only affects Windows users.
Hospital Spam Review
0 Vote
Last week’s post about a threatening spam email (”She has already gone to hospital“) was extremely popular here, and I think it deserves a review.
I was informed about this malicious spam on Monday morning so I wrote about it here. Later that day this site had received a few hundred visits from Australia and New Zealand. This kept up until Thursday when it received over a thousand visitors, mostly from Canada. That was fun, and it’s interesting to see how the spam spread across countries. It’s still getting lots of attention till today.
I beleive the reason this site received so much traffic was because I was the 2nd person to write about it (as far as I could tell by doing a Google search on Monday morning). So when people started to do searches to work out if the threat was real or fake, Google directed them here.
It’s great to see people researching spam instead of blindly believing it. I just hope they had a chance to read this page before they clicked on the malicious link. And I hope everyone learns not to believe everything they read on the internet.
And a special hello to Karen and Stephanie, regular readers of FraudO.com 
AVG 8.0 Released
0 Vote
AVG has released a new version of their anti virus program. It comes in three versions:
- Free
- US$35
- US$55
8.0 was just released, the main new features are:
- link scanning
- anti spyware
- Email and instant messaging protection
The difference between the three prices are the features included. See this chart for details.
Chinese Domain Scam
4 VoteA recent scam email uses the following technique:
The scam email has a long story (see below) mentioning your web site name (which could be your business name or trade mark)- It mentions that someone else is interested in registering a web site with your web site’s name
- The scam offers to sell you a .cn domain name (.cn is the top level domain for China)
Below is a sample of this scam email:
Dear Sir
We received a formal application from a company who is called Meiao Investment Co.,Ltd are applying to register “—” as their domain name and Internet keyword in China and also in Asia on Apr 17 2008. During our auditing procedure we find out that the alleged Meiao Investment Co.,Ltd has no trade mark, brand nor patent even similar to that word. As authorized anti-cybersquatting organization we hereby suspect the alleged Meiao Investment Co.,Ltd to be a domain grabber. Hence we need you confirmation for two things,
First of all, whether this alleged Meiao Investment Co.,Ltd is your business partner or distributor in China.
Secondly, whether you are interested in registering these domains. (The alleged Meiao Investment Co.,Ltd will be entitled to obtain a domain not needed by original trademark owner.)
If you are not in charge of this please transfer this email to appropriate dept.
This is a letter for confirmation. If the mentioned third party is your business partner or distributor in China please DO NOT reply. We will automatically confirm application from your business partner after this audit procedure.
Bst Rgs
chenllychen
Registration Commissioner
Beijing HA ZD Networks Science and Technology Co., Ltd
Tel: +86-10-82772601
Fax: +86-10-82773610
Email: chenlly.chen@ha-zd.com
http://www.ha-zd.com.cn
There are quite a few variations to this email, the concept is the same. Don’t reply to these emails and certainly don’t buy domain names from them. It’s just another scam. If you really want a Chinese domain name buy one from a reputable registrar.
She has already gone to hospital!…
20 VoteBelow is a new scam email being sent around the internet. The topic of the email is shown above. The email’s contents are shown below (I’ve removed the link):
Listen to me carefully, i don’t know what your name is, but i’ll find you and i’ll cripple you, because this is you who tempted her!!! She has already gone to hospital, you’re next, this is evidence:
http://www.———.sk/fotos/
If you receive this email just delete it. It’s a scam to get you to click on the link, which will then have malicious code. More details in the comments below.
BT Home Hub Wireless Networks
0 VoteWireless networks can be made safe but it’s so common to find networks that haven’t been secured properly. It’s even worse to see ISPs giving their customers routers that have been configured with weak security.
BT Broadband in the UK has been supplying wireless routers to their customers, called BT Home Hub, setup to use a very weak security system called WEP.
In fact it’s so weak that anyone sitting within wireless range (which can include a few of your neighbours) can just guess the wireless password in 80 attempts. And you wouldn’t even know someone’s trying to guess your password.
WEP is an old security system made for wireless routers, it’s been cracked before and it’s really no safer than an old rusty padlock with the key hidden in a pot plant. As the old saying goes, it keeps out honest people. WEP is practically useless. And BT Home Hub leaves it setup this way for their customers.
What everyone with a wireless network should do is change WEP to WPA. WPA is considered safe at the moment. And it’s best used with a long password (20 characters long).
To learn more about securing a wireless network read here. And to understand why it’s important to secure a wireless network read our article here.
Just remember, WEP = useless, WPA = secure.
FireFox and Safari Updates
0 VoteThe FireFox and Safari browsers have been updated. If you use either of these then you should upgrade today. The new version numbers are:
- FireFox: 2.0.0.14
- Safari: 3.1.1
This applies to Windows, Mac and Linux users. The updates fix vulnerabilities and hence are important security updates.
MasterCard 16% Scam
1 VoteA fake promotional email, claiming to be from MasterCard SecureCode, offers a 16% discount on all purchases. This could be enough to tempt readers to sign up on the fake web site.
The email has a link to a web site that has been made to look the same as MasterCard’s web site with a form to sign up. The personal details entered here end up going to a scammer. Personal details including your credit card’s number, expiry date, 3 digit security code, and your date of birth.
If you receive an unsolicited email offering 16% discounts just delete it. And don’t click on links in these emails, instead go to a web browser and type in the address you need.
Microsoft Certificate Enrolment Code
0 VoteThere’s a new phishing trick that involved the user downloading a security certificate. It’s been spotted on a fake Bank of America web site. When this fake page is accessed the user is asked to create a digital certificate.
The control is downloaded to the PC using Microsoft Certificate Enrolment Code. This ads a false sense of security for users.
The next step on the web site asks users to download a file called sophialite.exe This is a malicious program.
So if you end up at a web site that looks like the Bank of America pay close attention to the address shown in your web browser, make sure it’s exactly right.
QuickTime Patch
0 VoteApple has released a new version of QuickTime for Windows and Mac. It fixes 11 vulnerabilities so if you have QuickTime installed on your machine it makes good sense to update it now.
The new version is 7.4.5
Note that QuickTime is usually installed with iTunes, so if you use iTunes you probably also have QuickTime installed.
See Apple’s website for more details.
XP Antivirus
0 Vote
XP Antivirus is a fake antivirus program. It looks like an anti virus program and when run it tells you it found a number of threats. It then prompts you to spend money in order to remove the alleged threats. The threats it tells you about aren’t real, it’s a scam to get money from you.
The road to XP Antivirus is:
- A malicious ad appears on legitimate web sites. The operators of the web sites hosting this ad aren’t aware of what it is.
- A message appears offering a product called XP Antivirus. The message reads:
- Attention! If your computer is infected, you could suffer data loss, erratic PC behaviour. PC freezes and creahes.
Detect and remove viruses before they damage your computer!
XP antivirus will perform a quick and 100% FREE scan of your computer for Viruses, Spyware and Adware.Do you want to install XP antivirus to scan your computer for malware now? (Recommended)
(Note: I bolded the typo that appears in the original ad)
- If you say ok then a fake anti virus program is installed.
- The program then informs you about a large number of (untrue) malware on your computer
- You’re then asked to pay to remove them
A few days ago I mentioned a similar scam for Macs called iMunizator. These things will never let up so take care who you trust. Don’t just run or install unknown programs on your computer.
Ads
-
-
-
Stats