Tag Archives: fake

Tom Sanders SEO – A Bottom Feeding Specialist

imageOver the last 60 days or so, comment spam here has taken a huge jump. Not a big deal you might suppose – after all, with one or two clicks the damn stuff can be deleted. With 400 or more spam comments every day, I find that deletion is the only sane solution. Taking as little as 10 seconds to peruse each spam comment, would add roughly one hour of unproductive activity to an already full day.

So, the solution to this aggravation is simple enough (or, so it seems) – but, the downside to hitting the “Empty Spam” button is an increased risk of seemingly ignoring a reader’s comment which has been spam trapped. In terms of “blogging sins” – ignoring a reader’s comment, ranks well up on the list of grievous offenses.

The screen capture shown below (taken from my blog’s Dashboard several weeks ago), shows 259 spam comments awaiting moderation.


I have little doubt, that trapped within these fake comments (such as the one shown below), were bona fide readers’ comments which (as they normally do), would have expanded the scope of the relevant article. The power of reader comments to enhance, and round out an article, is a key feature of blogging in my estimation.


Which brings me to Tom Sanders (if that’s his real name). Tom is in the business of pissing people off. Tom, like so many of his competitors in the search engine optimization (SEO) business, is an unethical twit – a parasitic ignoramus who is content to feed off, and potentially damage, the works of others.

Sanders, and others like him, ignore the impact their SEO schemes (as illustrated in the following email dated October 13), are likely to have on web content providers. Slimy, sleazy practices, such as this, inevitably lead to an onslaught of spam email which the content provider is then forced to deal with.

Tom Sanders tom193@seo-service.com to me (show details 6:32 AM (47 minutes ago)


My name is Tom and I am a link builder. I sell blog comment links for website owners at low price.

Blog comment links can help you in a number of ways. Here are three major advantages:

– Increase link and IP popularity
– Direct traffic to your site
– Higher rankings in search engines

I can do thousands of blog comment links for your site in a couple of days, and they get indexed very fast. If you would like more details about my offer, or would like to ask me anything you’d like regarding this matter, then feel free to reply with a YES.

Best regards,

Normally, I wouldn’t bother writing an article on what might be perceived to be a “so what” internal issue. Except, my good buddy Michael F., questioned me this morning as to whether I was knowingly rejecting his comments. Which, immediately raised the question – “how many other readers have encountered the same ‘rejection’ issue?”

If you have commented here, and then failed to receive an acknowledgement from me, please accept my apology. Tom Sanders (in reality, just another cyber criminal), and his leech-like SEO industry operatives, have created a bottleneck in the free flow of reader comments. Another obstacle to overcome – created by the marginal morons who slither through the Internet.

Just a passing note – There are bloggers (known to me), who regularly post “edited” spam comments passed off as legitimate comments. Sleeping with the enemy just about covers that. You (and you know who you are), need to give your head a shake.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under blogging, Comment Spam, Cyber Crime, Cyber Criminals, Opinion, Point of View, SEO, spam

Fake URL Shortening Services –Spammers Latest Weapon

imageAccording to Symantec’s May 2011 MessageLabs Intelligence Report, released several days ago, spammers are now employing their own fake URL shortening services to redirect users to the spammer’s Web site. It’s hardly surprising that this new technique has directly contributed to rising spam rates.

MessageLabs Intelligence reports that “shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.”

Key findings from the May 2011 report include:

Spam: In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).

In the US 76.4 percent of email was spam, 75.3 percent in Canada, 75.4 percent in the UK, and 73.9 percent in Australia.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April.

Endpoint Threats: The most frequently blocked malware targeting endpoint devices for the last month was the W32.Ramnit!html, a worm that spreads through removable drives and by infecting executable files.

Phishing: In May, phishing activity was 1 in 286.7 emails (0.349 percent), a decrease of 0.06 percentage points since April.

Web security: Analysis of Web security activity shows that approximately 3,142 Web sites each day were harboring malware and other potentially unwanted programs including spyware and adware, an increase of 30.4 percent since April 2011. 36.8 percent of malicious domains blocked were new in May, an increase of 3.8 percentage points since April. Additionally, 24.6 percent of all web-based malware blocked was new in May, an increase of 2.1 percentage points since last month.

The May 2011 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available here.

Reading this type of report (or at least the highlights), can be a major step in expanding the sense of threat awareness that active Internet users’ require.

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, MessageLabs, Online Safety, spam, Symantec, Windows Tips and Tools

Cybercrime 101 – Advertise On A Search Engine For Success

imageIf you want to enhance your chances of being a successful cyber scam artist/cybercrook, you need to; look the part and act the part, of a successful Internet business organization.

How hard is that? Not hard at all when you consider all you need to do is offer a product that appears genuine, and perhaps most importantly – advertise in readily available and trusted media.

So, if you want to succeed in the $105 BILLION “Internet shadow economy”, advertising your “product” on an Internet search engine, could be a major step in helping you reach your financial goals.

Why an Internet search engine? Well, if one were to poll a group of typical Internet users as to the safety and reliability of search engine results, including the pervasive ads that search engines sprout; there is little doubt that the answer would be positive. In a sense, search engines impart instant legitimacy.

Part of the process of offering a product that appears to be genuine, would include producing and promoting a Web site that instills confidence in those unlucky enough to click on your ad, such as the site pictured below for ErrorSmart.


But, here’s what 2-Spyware.com has to say about ErrorSmart:

Error Smart is not an anti-spyware as it says but a smart new scam luring online for victims. Usually, ErrorSmart must be downloaded and installed manually from promoting website, but sometimes it is distributed by trojans. Error Smart is presented as reputable security tool, but the facts speak differently.

It compromises the system by disabling firewalls and other security applications. It displays large numbers of fabricated security reports that are partially true because Error Smart is able to download additional computer parasites on the infected computer.

On top of that, Lavasoft’s Ad-aware, sees ErrorSmart as a Rogue application as the following graphic indicates.


But hold on! Given that search engine results can be manipulated, or worse (see “Search Engine Results – Malware Heaven!” on this site), it’s reasonable to ask the question – why aren’t typical Internet users aware of this situation?

The simple answer is – search engines make little, or no effort, to educate their users in the risks involved in relying on advertisements appearing in their applications. As a consequence, the typical user I come into contact with believes search engine output to be untainted, and free of potential harmful exposure to malware.

A user looking for a review of ErrorSmart, for example, has a reasonably good chance of finding the following review:

ErrorSmart uses the industry’s most advanced error-resolution technology and puts it to work for you. By scanning your hard drive, analyzing the errors and correcting the problems, ErrorSmart can restore your system performance and increase startup speed by up to 70 percent.

Whether it’s incomplete uninstalls, failed installations, driver issues or spyware infections that are affecting your PC, ErrorSmart will rid you of your computer problems in just minutes.

However, the graphic below, illustrates WOT users’ reactions to this article.


Fact: Consumer confidence in the strength and reliability of search engine results, particularly ads, is seriously misplaced.

ErrorSmart (the site pictured earlier), a “scareware/rogueware” application developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false positives generated by the application, has been “advertised” for months on a number of leading search engines.

If you think this is a one off, or an isolated incident, then you’ll be surprised to learn it’s not. For additional information on this issue see “Search Engine Results – Malware Heaven!”, on this site.

So will search engine providers address the issues described in this article? Sure – but only when consumers who are totally fed up with tainted search engine results finally force them to. I don’t see that happening any time soon.

Writing articles like this is not without risk. For example, several years ago I wrote an article on an application – Finally Fast – considered by many to be less than it pretends to be. Google “Finally Fast scam” to see what I mean.

Recently, Ascentive, the developers behind Finally Fast, had their lawyers email me a letter in which they threatened to sue me for posting my unbiased views on their product. Since I live in Canada, where the courts are not sympathetic to lawsuits that are launched to intimidate and harass, this letter had little effect. Actually, I considered their threat a backhanded compliment!

Nevertheless, since Ascentive is well know for aggressive threats to sue – they even sued Google – “ The claimant, Ascentive,  a software producing corporation that, after some bad press, got kicked (“suspended”) out of Google’s organic search results & whose AdWords account got disabled, is now  suing  Google”, I did hand the email to my lawyer.

My lawyers advice to me, in decidedly unlawerly language was – “tell them to kiss your ass”.  He want on to explain that a “libel chill” lawsuit such as this, had little chance of being considered by the courts in this country.

Like most people I don’t react well to threats, so I did consider looking to the Blogger community for support on this and mounting a campaign, with the help of the community, to take up the gauntlet and spotlight Ascentive’s actions.

But, considering the number of hours that such a campaign would require, I took the easy way out and removed the article. However, if my daily workload should ever lighten – I may yet revisit my decision.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under blogging, cybercrime, Don't Get Scammed, Google, internet scams, Internet Security Alerts, scareware, Search Engines, Windows Tips and Tools

Defensive Downloading – The Basics

malware 5BitDefender is currently warning,  on its Malware City site, of a fake Stuxnet removal tool which, once downloaded and installed, will wipe out the contents of the victim’s Hard Drive.

As we’ve pointed out here many times in the past – if it’s in the news, you can be sure cyber criminals are exploiting it to their advantage. So we shouldn’t be too surprised, that cyber criminals have been very successful in hijacking searches related to the Stuxnet worm.

Unfortunately, following hijacked links is the common behavior of a large percentage of unaware, undereducated, and less security conscious computer users. Is it any wonder the cyber criminals are winning the game?

At the risk of sounding insensitive it’s fair to say, that users who get victimized by the type of scheme described above, end up that way because they behave like victims.

It’s beyond dispute that download sites are not all equal and as a result, downloading can be extremely risky, especially for unaware users. It’s frustrating to realize that so many users lack this basic knowledge.

Download basics are just that – basic:

Download ONLY from well established sites, or sites that are known to you.

Preferably, download from the developer’s official site.

Regardless of origin, scan all downloads with 2 or more, security applications.

Install a Browser security add-on such as WOT, which  investigates web sites for spyware, spam, viruses, browser exploits, phishing, and online scams.

Since “trusted” websites, are not always to be trusted, consider installing an additional layer of security by substituting your ISP provided DNS service, with a more secure alternative such as ClearCloud.

Despite the best precautions, it is still possible to become infected – so, make regular backups of critical data. If you become infected this may be your only solution.

Finally, don’t store critical data on the system partition.

Regular readers will know, that virtually all downloads recommended here, are hosted on CNET’s (download.com), site. There is good reason for this – CNET scrupulously audits hosted downloads, to ensure they are not contaminated by malware.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under BitDefender, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Safety Tools, Malware Advisories, Recommended Web Sites, Safe Surfing, Software, Windows Tips and Tools, WOT (Web of Trust)

XP Antivirus 2010 is Back – Removal Instruction

Back in the day (the mid 1960’s), I heard an old time College Football coach (Darryl Royal, of the University of Texas Longhorns) say, in answer to a question concerning his plans for an upcoming game, “we’ll dance with who brung us”.

What he meant was, he would continue to go with the players, and plays, that had contributed to a winning season. Or, to put it more succinctly – success breeds success.

Cyber criminals, particularly those responsible for the rogue software/scareware application, XP Antivirus, have learned this lesson well. XP Antivirus is back, and is running rampant on the Internet at the moment; having morphed from previous versions we had to deal with in 2008, and 2009.

Of all the rogue security applications released to date, and there have been thousands of them, this particular one has been the most successful for the criminal developers.

I first wrote on this scourge in 2008, and in the interim period, that specific article has been read 130,000+times. In the last week or so, I was surprised to see this older article, suddenly jump to the top of the daily read chart.

This shift in popularity, coupled with a number of readers reporting having to deal with infections caused by XP Antivirus 2010, convinced me to cover the scareware issue once again.

Just like its predecessor, XP Antivirus 2010 installer can be found on adult websites, salacious news sites, or it can be installed manually from rogue security software websites.

After the installation of XP Antivirus 2010 be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, XP Antivirus 2010 was developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.



If the full program fee is not paid, XP Antivirus 2010 continues to run as a background process incessantly reporting those fake or false malware detection warnings. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool.

XP Antivirus 2010 Removal Instructions:

If you have become infected by XP Antivirus 2010, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools and the advice you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security app

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.

Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites.

As a form of added protection, you should consider running in a virtual environment while connected to the Internet. To find out what this means to your overall security, and to download a free virtual software application, please read “Download Free Returnil Virtual System 2010 Home”, on this site.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Anti-Malware Tools, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Malware Advisories, Rogue Software, Rogue Software Removal Tips, scareware, Scareware Removal Tips, Software, Windows Tips and Tools

Got a Christmas Card Video? Beware of the Koobface Worm

image Just yesterday I mentioned; even technically astute users are finding that staying safe on the Internet is more difficult than it has ever been.

To illustrate this point, I noted that in last few months, some of my favorite tech writers have come clean, and admitted having had to deal with malware infections on their personal machines.

If you’re wondering why even security experts can be fooled, the simple answers is – all of us, you, me, the informed and the uninformed, are in a battle with cybercriminal experts.

I long ago came to the conclusion that cybercriminals are some of the craftiest people on the planet. I say this, not in admiration of what they do, but instead, how they do it.

Business in general, could take away some valuable lessons from the methods used by cybercriminals to achieve maximum “market” penetration. Recognition of opportunity, and the timing and implementation of strategy, is critical to business success. I can’t think of another group  that does this with more skill, than the cybercriminal community.

Cybercriminals use every conceivable opportunity to spread malware, and the celebration of special events creates an exceptional opportunity for cybercriminals.

The Christmas season, when most of us let our guard down somewhat, in the spirit of the season, I suspect, is a timely opportunity for cybercriminals.

PandaLabs, Panda Security’s malware analysis and detection laboratory, has just reported on a new Christmas Holiday FaceBook scam that renders users’ computers useless, should they follow a malicious link on a user’s wall.

If you have a Facebook page, you may well be curious and even anxious to follow this link, or links like it, but don’t let your curiosity override your common sense. Security experts argue (none too successfully it seems), that a significant number of malware infections could be avoided if users stopped  clicking haphazardly, or opening the types of files and emails that are potentially dangerous.

Those unlucky victims who become infected by the Koobface worm involved in this attack, may be lucky, and may be able to recover control of their computer – but I wouldn’t count on it.

I encourage you to read the following PandaLabs Report:

Cybercriminals are capitalizing on the Christmas holiday in a new Facebook scam that renders users’ computers useless.

Following the posting of malicious links on Facebook users’ walls, the bait directs to a fake embedded video player that poses as a Christmas greeting. When users try to play the video or click on a link on the page, their computers download and install a variant of the well-known Koobface worm, Koobface.GK.


After the virus is installed on a computer, a Captcha is displayed that threatens to reboot the computer within three minutes. Although nothing happens after three minutes, the computer is rendered useless.

Every time a user enters the Captcha text, Koobface.GK registers a new domain where the infection files are hosted, facilitating the worm’s continued distribution.


“Social networks have become one of the popular entry points used by hackers to spread their creations, due to the false sense of security many users have regarding the content published on these networks,” says Luis Corrons, technical director of PandaLabs. “Users generally trust the messages and content they receive, and consequently hackers get a high level of response through these channels.”

Christmas: Cybercriminals’ favorite time of year

The latest attack takes advantage of an increase in Internet users sending Christmas greeting cards to their family and friends. It follows continued attention from cybercriminals on the holiday season, with Christmas-themed malware that is created year after year.

Examples of Christmas-specific malware first appearing in past holiday seasons include:

ZafilD, 2002: Although this worm appeared several years ago, it is still distributed through e-mails that use Christmas greetings as bait. It opens a port on the infected computer without users’ knowledge and downloads another Trojan.

MerryX.A, 2005. MerryX.A infected users’ computers in a Christmas greetings e-mail with an attachment, which was really a Trojan designed to capture keystrokes and steal information.


This Trojan managed to infect more than 50,000 Internet users in only one week.

The Navidad (Christmas in Spanish), 2007. This malware family has numerous variants. These astute worms are difficult to detect because they reach computers are sent in the form of an e-mail reply, which has previously been sent to another (infected) recipient. The message includes the Navidad.exe file, which infects computers when run.

To stay safe on social networks, PandaLabs recommends Internet users do the following:

Don’t click suspicious links from non-trusted sources. This should apply to messages received through Facebook, other social networks and even via e-mail.

If you click on links, check the target URL. If you don’t recognize it, close your browser.

Even if you don’t see anything strange on the target URL page but are asked to download something, don’t accept.

If you do download or install an executable file and the PC starts to launch messages, there is probably malware on your computer.

As a general rule, make sure your computer is well protected to ensure you are not exposed to the risk of infection from any malicious code. You can protect yourself by downloading Panda Security’s new free Panda Cloud Antivirus solution.

More information about these and other malicious codes is available in the Panda Security Encyclopedia. You can also follow Panda Security’s online activity on its Twitter and PandaLabs blog.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

1 Comment

Filed under Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Internet Security Alerts, Malware Advisories, Online Safety, Online Spyware/Virus Scanners, Panda Security, PandaLabs, Safe Surfing, social networking, Software, Viruses, Windows Tips and Tools, worms

Search Engine Results – Not to be Trusted!

It’s been more than a year since I last reported on fake search engine results, and in that time, this Internet scam has not gone away, but it did seem to develop a lower profile.

Despite developing this lower profile, cyber-crooks continued to be unrelenting in their chase to infect web search results. Recently, there has been a resurgence in the use of custom-built Websites designed to drop malicious code on computers, and in the manipulation of legitimate pages in order to infect computers with malware.

A new grouping of 200,000+ compromised sites has been discovered, all of them redirecting to fake security software. The following graphic (courtesy of Cyveillance Blog), shows an attack underway.


As is usual with this type of redirection, when a potential victim visits one of these sites the likelihood of the downloading of malicious code onto the computer, by exploiting existing vulnerabilities, is extremely high.

The following graphic (courtesy of Cyveillance Blog), illustrates 260,000 sites, they discovered, which will redirect.


Redirection exploit process:

Generally, there are several ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate.

Another method is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.

It’s often difficult to determine who the cybercriminals responsible for specific attacks of this type are, but not in this case. Researchers have concluded the infamous Koobface gang are responsible.

Regular readers are aware that we repeat the following advice regularly, but it’s worth repeating.

Keep all applications (including your operating system) patched.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Turn off your computer or disconnect from the network when not in use.

Disable Java, JavaScript, and ActiveX if possible.

Disable scripting features in email programs.

Make regular backups of critical data.

Make a boot disk in case your computer is damaged or compromised.

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

Ensure the anti-virus software scans all e-mail attachments.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Browser add-ons, Don't Get Scammed, Don't Get Hacked, Firefox Add-ons, Internet Explorer Add-ons, Internet Security Alerts, Malware Advisories, Online Safety, Rogue Software, scareware, System Security, Windows Tips and Tools