Tag Archives: bogus

Breadcrumbs Privacy Software 1.1.3.1 (Beta) Updated – Now With 64 Bit Support

Earlier this month, I ran a short test on Breadcrumbs Privacy Software (Beta) – Free Breadcrumbs Beta – Slaps Down Data Miners – which, according to the developer “……. automatically creates a Bogus Identity for you, thus preventing trackers from analyzing your real browsing information, leaving them with useless data.”

So, is this fair – is it OK to screw with so called “data miners”? Undoubtedly, you’ll make up your own mind on this – but, I won’t hesitate to state my opinion – “You’re damn right it is!”

Data miners, in an attempt to camouflage broad scale privacy intrusions, conveniently refer to their activities as predictive analytics, customer profiling, customer segmentation, predictive modeling, lifestyle clustering – yeah, right.

While predictive analytics, predictive modeling, etc. (you have to love how these guys paint privacy intrusions), may well be allowed under existing legislation – from a moral and ethical perspective, it’s reprehensible in my view.

Consider this – you’re cruising the Net and a tracker, or trackers, records every action you take, every motion you make –recording the type of sites you visit and revisit, time spent on sites, your shopping and spending habits, your political views, your marital status, and much more. All of this builds a profile of your browsing habits so that the data (your personal data), can be sold, bartered, and traded.

But don’t look for any sweeping legislative changes which will rein in these parasites any time soon. By and large, regulatory authorities have neither the moral courage, or the technical acumen (they simple fail to grasp the essence of the technology) necessary to enact appropriate consumer protection laws.

If you object to this type of intrusion into your privacy, then consider installing Breadcrumbs Privacy Software, and give these intrusive jerks the heave-ho. It may not be a perfect solution but, it’s a definite step in the right direction.

Fast facts:

Create your bogus identity – Breadcrumbs bogus Identity feature automatically creates a Bogus Identity for you, thus preventing trackers from analyzing your real browsing information, leaving them with useless data. Read more

The Do Not Track Me stamp – Once enabled, the Do Not Track Me stamp identifies you as a Breadcrumbs Protected User. It tells trackers that you do not wish to be tracked, and also lets them know that they will be fooled by your Bogus Identity in case they decide to track you anyway. Read more

Watchers Analytics – Breadcrumbs Watchers Analytics feature enables you to see who is watching you online. It’s an easy way to block ads and prevent trackers from tracking you across the Internet. Read more

Installation is simple and the application settings are limited, but effective. Click on the graphic to expand to original.

image

The dashboard will give you the opportunity to “watch the watchers” and block selectively. Click on the graphic to expand to original.

image

The most interesting feature of Breadcrumbs is the promise that it will build a “‘bogus identity” which will mislead watchers. Click on the graphic to expand to original.

According to the developer –

“In order for the feature to work it first needs to “learn the user” then it will synthesize what bogus data should be added in order to mask your real data and identity (so give it a few more hours/days). All of the learning process is encrypted and is done on the client-side, hence no one can see or use it but the software (and in the future you).”

image

In the following screen capture the expandable “Page Watcher” panel is shown – (shown expanded). This feature is selectable under “settings”. Click on the graphic to expand to original.

image

Current Version: 1.1.3.1 (Beta) – release date: May 24, 2011.

Changes in this version:

Bug fixes.

Better performance (CPU + RAM)

64 bit support.

Enhanced security to the automated Bogus browser.

Tray notifier which notifies when privacy protection analysis ended, and when a new software version is available.

Added the option to turn watchers blocking on and off through the Watchers Analytics Panel in your browser, this feature is very helpful in cases you are not sure if the page is not loaded correctly because a watcher is blocked (so you can just turn blocking off and see if that is the problem) – the panel appears in red in case blocking is turned off.

System Requirements: Windows XP, Vista and Win 7. Microsoft .NET Framework 3.5 SP1 or above. (Breadcrumbs installer will alert you in case .NET Framework installation is needed)

Supported Web Browsers: Internet Explorer 7 or above. (including IE9). Firefox 3.6 or above. (including FF4). Google Chrome.

Download at: Developer’s site (Breadcrumb Solutions)

Breadcrumbs Usage and Demo: Video 2:26

I often hear from people who feel that since the information being mined is anonymous, no real invasion of privacy is taking place. While that may have been the case previously, that’s not the case currently.

Consider readingPrivacy: reidentification a growing risk.

Browser fingerprinting (a method used to identify you specifically) – Consider taking the Panopticlick test which analyses  your browser to see how unique it is based on the information it will share with sites it visits.

My test results:

Your browser fingerprint appears to be unique among the 1,546,722 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 20.56 bits of identifying information.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under 64 Bit Software, Beta Software, Browsers, downloads, Freeware, Interconnectivity, Privacy, Software, Surveillance, Windows Tips and Tools

Cybercrime 101 – Advertise On A Search Engine For Success

imageIf you want to enhance your chances of being a successful cyber scam artist/cybercrook, you need to; look the part and act the part, of a successful Internet business organization.

How hard is that? Not hard at all when you consider all you need to do is offer a product that appears genuine, and perhaps most importantly – advertise in readily available and trusted media.

So, if you want to succeed in the $105 BILLION “Internet shadow economy”, advertising your “product” on an Internet search engine, could be a major step in helping you reach your financial goals.

Why an Internet search engine? Well, if one were to poll a group of typical Internet users as to the safety and reliability of search engine results, including the pervasive ads that search engines sprout; there is little doubt that the answer would be positive. In a sense, search engines impart instant legitimacy.

Part of the process of offering a product that appears to be genuine, would include producing and promoting a Web site that instills confidence in those unlucky enough to click on your ad, such as the site pictured below for ErrorSmart.

image

But, here’s what 2-Spyware.com has to say about ErrorSmart:

Error Smart is not an anti-spyware as it says but a smart new scam luring online for victims. Usually, ErrorSmart must be downloaded and installed manually from promoting website, but sometimes it is distributed by trojans. Error Smart is presented as reputable security tool, but the facts speak differently.

It compromises the system by disabling firewalls and other security applications. It displays large numbers of fabricated security reports that are partially true because Error Smart is able to download additional computer parasites on the infected computer.

On top of that, Lavasoft’s Ad-aware, sees ErrorSmart as a Rogue application as the following graphic indicates.

image

But hold on! Given that search engine results can be manipulated, or worse (see “Search Engine Results – Malware Heaven!” on this site), it’s reasonable to ask the question – why aren’t typical Internet users aware of this situation?

The simple answer is – search engines make little, or no effort, to educate their users in the risks involved in relying on advertisements appearing in their applications. As a consequence, the typical user I come into contact with believes search engine output to be untainted, and free of potential harmful exposure to malware.

A user looking for a review of ErrorSmart, for example, has a reasonably good chance of finding the following review:

ErrorSmart uses the industry’s most advanced error-resolution technology and puts it to work for you. By scanning your hard drive, analyzing the errors and correcting the problems, ErrorSmart can restore your system performance and increase startup speed by up to 70 percent.

Whether it’s incomplete uninstalls, failed installations, driver issues or spyware infections that are affecting your PC, ErrorSmart will rid you of your computer problems in just minutes.

However, the graphic below, illustrates WOT users’ reactions to this article.

image

Fact: Consumer confidence in the strength and reliability of search engine results, particularly ads, is seriously misplaced.

ErrorSmart (the site pictured earlier), a “scareware/rogueware” application developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false positives generated by the application, has been “advertised” for months on a number of leading search engines.

If you think this is a one off, or an isolated incident, then you’ll be surprised to learn it’s not. For additional information on this issue see “Search Engine Results – Malware Heaven!”, on this site.

So will search engine providers address the issues described in this article? Sure – but only when consumers who are totally fed up with tainted search engine results finally force them to. I don’t see that happening any time soon.

Writing articles like this is not without risk. For example, several years ago I wrote an article on an application – Finally Fast – considered by many to be less than it pretends to be. Google “Finally Fast scam” to see what I mean.

Recently, Ascentive, the developers behind Finally Fast, had their lawyers email me a letter in which they threatened to sue me for posting my unbiased views on their product. Since I live in Canada, where the courts are not sympathetic to lawsuits that are launched to intimidate and harass, this letter had little effect. Actually, I considered their threat a backhanded compliment!

Nevertheless, since Ascentive is well know for aggressive threats to sue – they even sued Google – “ The claimant, Ascentive,  a software producing corporation that, after some bad press, got kicked (“suspended”) out of Google’s organic search results & whose AdWords account got disabled, is now  suing  Google”, I did hand the email to my lawyer.

My lawyers advice to me, in decidedly unlawerly language was – “tell them to kiss your ass”.  He want on to explain that a “libel chill” lawsuit such as this, had little chance of being considered by the courts in this country.

Like most people I don’t react well to threats, so I did consider looking to the Blogger community for support on this and mounting a campaign, with the help of the community, to take up the gauntlet and spotlight Ascentive’s actions.

But, considering the number of hours that such a campaign would require, I took the easy way out and removed the article. However, if my daily workload should ever lighten – I may yet revisit my decision.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under blogging, cybercrime, Don't Get Scammed, Google, internet scams, Internet Security Alerts, scareware, Search Engines, Windows Tips and Tools

Want to be a Successful Cyber Crook – Here’s a Tip!

If you want to enhance your chances of being a successful cyber scam artist/cyber crook, you need to; look the part and act the part, of a successful Internet business organization.

How hard is that? Not hard at all when you consider all you need to do is offer a product that appears genuine, and perhaps most importantly – advertise in readily available and trusted media.

So, if you want to succeed in the $105 BILLION “Internet shadow economy”, advertising your “product” on an Internet search engine, could be a major step in helping you reach your goals.

Why an Internet search engine? Well, if one were to poll a group of typical Internet users as to the safety and reliability of search engine results, including the pervasive ads that search engines sprout; there is little doubt that the answer would be positive. In a sense, search engines impart instant legitimacy.

Part of the process of offering a product that appears to be genuine, would include producing and promoting a Web site that instills confidence in those unlucky enough to click on your ad, such as the site pictured below for ErrorSmart, a notoriously misleading application .

image

But hold on! Given that search engine results can be manipulated, or worse (see “Search Engine Results – Malware Heaven!” on this site), it is reasonable to ask the question – why aren’t typical Internet users aware of this situation?

The simple answer is – search engines make little, or no effort, to educate their users in the risks involved in relying on advertisements appearing in their applications. As a consequence, the typical user I come into contact with believes search engine output to be untainted, and free of potential harmful exposure to malware.

A user looking for a review of ErrorSmart, for example, has a reasonably good chance of finding the following fraudulent review:

ErrorSmart uses the industry’s most advanced error-resolution technology and puts it to work for you. By scanning your hard drive, analyzing the errors and correcting the problems, ErrorSmart can restore your system performance and increase startup speed by up to 70 percent.

Whether it’s incomplete uninstalls, failed installations, driver issues or spyware infections that are affecting your PC, ErrorSmart will rid you of your computer problems in just minutes.

Fact: Consumer confidence in the strength and reliability of search engine results, particularly ads, is seriously misplaced.

For example ErrorSmart (the site pictured earlier), a “scareware/rogueware” application developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false positives generated by the application, has been “advertised” for months on a number of leading search engines.

I shudder when I think of the huge numbers of surfers who have suffered the consequences of accepting a download of this misleading application.

If you are one of the unlucky computer users’ who is struggling with computer chaos caused by the installation of this “scareware”, visit 411-spyware.com, a great site that specializes in helping those who have been manipulated into installing rogue software.

If you think this is a one off, or an isolated incident, then you’ll be surprised to learn it’s not. According to Panda Security, approximately 35 million computers are infected with scareware/rogueware each month (roughly 3.50 percent of all computers), and cybercriminals are earning more than $34 million monthly through rogueware attacks.

I’ve said it before and I’ll say it again – an argument can be made, that the Internet has turned into a playground for cyber-criminals.

So will search engine providers address the issues described in this article? Sure – but only when consumers who are totally fed up with tainted search engine results, and malicious hackers, finally force them to.

Fact: Failure to protect the Internet, which by definition is an open network, has substantial penalties ranging from productivity decreases, infrastructure compromise, to a failure in consumer confidence and more.

Great business model!!

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Don't Get Scammed, Don't Get Hacked, Free Security Programs, Freeware, internet scams, Internet Security Alerts, Malware Advisories, Panda Security, Rogue Software, scareware, Search Engines, Windows Tips and Tools

IRS Tax Notification Refund Scam – Don’t be Victimized!

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $939.40. – Fraudulent IRS email

Now who wouldn’t be thrilled to receive an email informing them that U.S. Internal Revenue Service is going to play Santa Clause and give them $939.40? Well I wouldn’t object, and I suspect you wouldn’t either. Like you, I can think of a few places where this unexpected windfall could be put to good use.

Despite the fact that I am a Canadian, and I reside in Canada, it seems the U.S. Government is eager, and determined, to give me money for the third time in just a few months. Yes, this is the third such scam email I have received in just the last few months.

Since I am a Canadian I do not file U.S. income tax returns and I do not qualify for a refund from the IRS. Despite this, the cyber-criminals responsible for this fraudulent email were optimistic that I would click on the enclosed email link.

Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun a process in which the scammers would have stripped me of all the confidential information I was willing to provide.

Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth. The financial and personal details entered into this fraudulent web site are harvested by cyber-crooks who would have used this information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to discover the current status of your tax return, or your tax refund.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS confirms that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

  • Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
  • Don’t open emails that come from un-trusted sources.
  • Don’t run files that you receive via email without making sure of their origin.
  • Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
  • Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan.

Be kind to your friends, relatives, and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site

2 Comments

Filed under Email, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Banking, Online Safety, Phishing, Windows Tips and Tools

Bogus IRS Tax Notification Email – Don’t Be a Victim!

Despite the fact that I am a Canadian it seems the U.S. Government, by way of the Internal Revenue Service, wants to give me money for the second time in just a few months.

Back in February of this year, I received an email indicating I could expect a tax refund of $873.20, and just in the last few days I received an IRS Tax Notification email informing me that an additional $184.80 was mine if I just clicked on the enclosed email link.

Unfortunately, since I am a Canadian I will not be getting a refund from the IRS, but the cyber-criminals responsible for this email were hopeful that I would click on the enclosed link.

Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide. Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth.

The financial and personal details entered are harvested by cyber-crooks who would then have used this information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to find out the current status of your tax return, or your tax refund.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS goes on to say that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

  • Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
  • Don’t open emails that come from un-trusted sources.
  • Don’t run files that you receive via email without making sure of their origin.
  • Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
  • Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan at www.nanoscan.com.

Be kind to your friends, relatives and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site: phishing@irs.gov

3 Comments

Filed under Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Phishing, Privacy, Safe Surfing, Windows Tips and Tools