Fraudulent Technical Support Calls – The Scum That Scam The Unwary

Regular readers might remember my article (April 2011), on fraudulent online technical problem solvers – Is Online PC Care A Scam? – and, several additional articles dealing with this company’s attempts to have me remove what they considered an “offending” article. Fat chance of that happening.

When an unsolicited telephone call (from India), focusing on errors in Windows Event Viewer, is used in an attempt to convince me that my computer has serious problems, including a non-existing malware infection, then by any measure – that’s a scam.

Since this first experience with a “your computer is ready for the scrap heap” telephone call, I’ve had more than a few similar calls. My normal response is to simply disconnect the call – except for yesterday. I had a few spare minutes so, I decided – why not listen to the latest bullshit baffles brains sales pitch.

Having identified me by name and address – the “tech support specialist” led off by introducing himself as a representative of the “Windows Technical Department”. Better yet, I was assured that he was a “direct employee of Microsoft.”

Since Microsoft keeps a close eye on all computers running Windows (according to the support specialist), it had come to their attention that my machine was teeming with serious problems – with, a series of malware issues being most significant.

Wow, says I – how do you know that? Easy, says he – we keep track of your Event Viewer system logs. At which point, the scripted conversation got down to the “nitty-gritty” – with an instruction for me to open Windows Event Viewer. Since Event Viewer system logs can look pretty scary to an average user (despite the fact, that the event recorded is often insignificant), this is the heart of the scam.

Here’s an example of an insignificant recorded event. In the following graphic, Event Viewer indicates that the Volume Shadow Copy Service on this machine failed to start on boot.

This is not an unexpected event – given that I have disabled  this service. If the Event Viewer didn’t show this error, then, I’d have something to worry about.

Once the “sales” process has gotten to this point, I suspect that the sales closing ratio is fairly high. After all, who wants to run a wonky machine when a solution is right at hand?

I had yet to get a word in edgewise as the caller ran through his script. Finally, I took control of the conversation and overpowered him with a rapid-fire series of technical questions – that’s when the script was dropped and the backtracking began. Since this is a PG rated site – I won’t relate the colorful language I used to callout this scammer. Except to say – my cursing vocabulary got a workout.

This scam technical support nonsense has been going on for so long now, that you might assume it has had its day – that we’ve reached the point where a typical user would know better than to be taken in.

Unfortunately not – typical computer users continue to pay little attention to warnings and alerts designed to warn them against sophisticated scams. On top of which, consumers are easily manipulated by well trained and persistent cold callers into ignoring common sense safety precautions.

As always, I ask that you as an experienced computer user, be kind to your friends, relatives, and associates, particularly those who are new computer users, and let them know that this type of scam continues at an epidemic rate.

Who Is Dany Ibrahim And Why Is He Giving You Money!

The quick answer is – Dany Ibrahim is one of the most prolific fraudulent spammers on the Internet, and a master of the 419 email scam. Good old Dany wants to screw you out of your hard earned money. But first, Dany wants to give you millions of dollars and all you have to do is, involve yourself in a fraud.

Even though the the majority of seasoned computer users (I hope), are familiar with the infamous “419” or advance fee fraud scam, in which the victim is encouraged to sent money to the scammer, with the promise they will realize a significant gain, this scam is becoming ever more popular. Our friend Dany, for example, has been around forever – and he never seems to quit!

Here’s an edited version of Dany’s latest scam attempt.

Dear Friend,

I need your urgent assistance in transferring the sum of ($15) Million US Dollars only to your account within 10 or 14 banking days. This money has been dormant for years in our Bank without claim.I want the bank to release the money to you as the nearest person to our deceased customer late Mr Andrew Eich.  I don’t want the money to go into government treasury as an abandoned fund. So this is the reason why I am contacting you so that the bank can release the money to you as the next of kin to the deceased customer.

Please I would like you to keep this proposal as a top secret and delete it if you are not interested.Upon receipt of your reply, I will give you full details on how the business will be executed and also note that you will have 30% of the above mentioned sum if you agree to handle this business with me. I am expecting your urgent response as soon as you receive my message.

Regard,

Mr. Dany Ibrahim.

If you’re sick and tired of getting scam emails like this in your inbox, and you’re looking for ways to fight back against these creepy criminals (and, have a little fun besides), then checkout Scammer Baiting Hints and Tips, at the 419 Eater website. Just to be clear, I’m not recommending that you become an anti-scam crusader, but…

I know that you won’t be deceived by this type of clumsy attempt to defraud, but you would be surprised how often reasonably intelligent people are – there are people who will believe this nonsense.

Be kind to your friends, relatives, and associates, particularly those who are new Internet users, and let them know that there is an epidemic of this types of scam on the Internet. In doing so, you help raise the level of protection for all of us.

How gullible can people be? When Michael Jackson died, I wrote a piece entitled “Hey Sucker – Read This! Michael Jackson’s Not Dead!”, simply as a test of “curiosity exploitation”.

The results that followed were astonishing – within days, this article was getting 1,000’s of daily hits. Even today, this article continues to get hits. Talk about gullible people!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Gmail Service Center and PayPal Spam Scams Are Back!

The old “Due to the congestion in all Gmail users and removal of all unused Gmail Accounts” scam, is making a reappearance. This scam has been around for years, and every so often it makes its way back.

This occasional reappearance tells me one thing – this scam pays off for the cyber-criminals who are behind it. Since new users are continuously signing on to the Internet, they are essentially a new crop of potential victims.

To an inexperienced user, this could look like an official email, and the enclosed link makes it simple to get this problem solved with just a mouse click. What could be easier than that?

If you receive an email that is supposedly from “Gmail Service Centers”, and it addresses you in any way other than your name (Dear Valued Member, for example), it’s a scam. Google is not likely to forget your name, right?

At one and the same time, the following email purportedly from PayPal, is making the rounds once again. Similar to the Gmail scam it opens with a generic salutation – in this case,  “Dear PayPal Member”.

PayPal is familiar with this type of scam, and has issued the following warning:

“PayPal will never send an email with the greeting “Dear PayPal User” or “Dear PayPal Member.” Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account. If you believe you have received a fraudulent email, please forward the entire email—including the header information – to spoof@paypal.com”.

Be kind to your friends, relatives, and associates who are new computer users and let them know about this type of scam. In that way, it raises the level of security for all of us.

Advise them to:

Consider every email, telephone call, or text message requesting confirmation of personal and financial information as a scam.

Not open emails that come from un-trusted sources.

Not run files received via email, without making sure of their origin.

Not click links in emails. If they come from a known source, to type them on the browser’s address bar. If they come from an un-trusted source, to simply ignore them, as they could redirect to a web site designed to download malware.

Keep their computer protected by installing a security solution and keeping it up-to-date.

Report suspicious e-mails as Spam.

To see how cyber criminals target new users, and new email accounts read “Email Spammers Are Smarter Than You Think”, on this site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Spammers Are Planning for the Holidays

Symantec’s October 2009, MessageLabs Intelligence Report, shows how far ahead Spammers plan in order to entrap the unwary web surfer. Just as you are preparing for the holidays, so are the Cybercriminals. As the old saying goes “forewarned is forearmed”, so be prepared.

Courtesy of MessageLabs:

October begins the holiday season and for the next three months, online shopping and research will become a premium for consumers.  Symantec today announced its October 2009 MessageLabs Intelligence Report which reveals the that the spam gangs behind the biggest botnets – Cutwail, Rustock and Donbot – are using the same upcoming major holidays and world events as the themes for their the latest spam runs.

Highlights from the latest report.

Halloween – Trick or treat?  Only 0.5% of spam right now is tied to Halloween – however MessageLabs Intelligence expects approximately 500 MILLION Halloween themed spam emails to be in circulation worldwide, each day, as the holiday approaches this week. The majority of this type of spam links to pharmaceutical or medical spam sites and comes from the Rustock and Donbot botnets.

Thanksgiving and Christmas – Spam from the Cutwail botnet uses both Thanksgiving and Christmas as a theme to sell replica watches. To date, holiday spam accounts for approximately 2% of all spam. More than 2 BILLION Thanksgiving or Christmas-themed spam emails are projected to be in circulation globally each day.

And spammers are even preparing for some of the next big holiday and major events in 2010 already.

Valentine’s Day – MessageLabs Intelligence has already started to see the first runs of St. Valentine’s Day spam, more than 4 months before the occasion. These are being sent from the Cutwail and Rustock botnets, and relate to pharmaceutical and medical spam.

2010 World Cup – Next summer’s soccer games in South Africa have already precipitated a small number of spam messages relating to the event. These are advance-fee fraud or 419-style scams, and they include images of Nelson Mandela and the official FIFA logo.

How successful are these scams? Consumers fall victim to messages like this all the time, fueling an underground economy worth an estimated $105 billion in profit from fraudulent activities.

“As is typical with spammers this time of year, we are seeing them try to capitalize on the holiday season,” said MessageLabs Intelligence Senior Analyst, Paul Wood. “Although they may be a bit overzealous, spamming is a numbers game and the spammers have certainly succeeded with volume thus far. Perhaps their early-bird approach is an attempt to compete with the other botnets and get in early to maximize their chances of success.”

You can read a full copy of the report here.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Gmail Customer Care is Gonna Close You Account – Not!

The old “we’re going to close your email account” scam is making a reappearance. This scam has been around for years, and every so often it makes its way back.

This occasional reappearance tells me one thing – this scam pays off for the cyber criminals who are behind it. Since new users are continuously signing on to the Internet, they are essentially a new crop of potential victims.

What could be better for scammers than this; a natural market for fraudulent emails – new, and unaware users. Staying safe on the Internet is definitely one area where experience counts.

According to a recent email, sent to my relatively new Gmail account, my G mail account (these guys can’t spell – it’s Gmail not G mail), will be deleted within 24 hours unless I verify my user name, password, date of birth, and country information.

To an inexperienced user, this could look like an official email, and the enclosed link makes it simple to get this problem solved with just a mouse click. What could be easier than that?

Clicking on the link would have redirected me to a spoof page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide.

If you have received the following email recently, I trust you recognized it for what it is, and after reporting it as Spam, you simply deleted it.

If your email account is not relatively new, it’s unlikely you received this email but reading it can still be instructive. BTW, all of the spelling mistakes are the spammers.

“This Email is from G mail customer care and we are sending it to every G mail accounts owner for safety. We are having congestion due to the anonymous registration of G mail accounts so we are shutting down some G mail accounts and your account was among those to be deleted. We are sending this email to you so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below.Your User name, password, date of birth and your country information would be needed to verify your account.

Due to the congestion in all G mail users and removal of all unused G mail Accounts. G mail would be shutting down all unused Accounts, you will have to confirm your E-mail by filling out your Lo gin Information below after clicking the reply button or your account will be suspended within 24 hours for security reasons.

* User name: …

* Password: ……

* Date of Birth: …….

* Country Or Territory: …..

Warning!!! Account owner that refuses to update his or her account within Seven days of receivinga this warning will lose his or her account permanently.

Thank you for using G mail !”

Be kind to your friends, relatives, and associates who are new computer users and let them know about this type of scam. In that way, it raises the level of security for all of us.

Advise them to:

Consider every email, telephone call, or text message requesting confirmation of personal and financial information as a scam.

Not open emails that come from un-trusted sources.

Not run files received via email, without making sure of their origin.

Not click links in emails. If they come from a known source, to type them on the browser’s address bar. If they come from an un-trusted source, to simply ignore them, as they could redirect to a web site designed to download malware.

Keep their computer protected by installing a security solution and keeping it up-to-date.

Report suspicious e-mails as Spam.

To see how cyber criminals target new users, and new email accounts read “Email Spammers Are Smarter Than You Think”, on this site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Monster.com Hacked – Irresponsible Response

OK, so let’s say your Doctor’s (substitute a professional of your choice), office was burglarized and all medical records, including yours, were stolen.

Your Doctor, nice guy that he is, didn’t want to cause you unnecessary anxiety, so he didn’t advise you that your confidential records were now out in the wild blue.

Can’t, or won’t happen, you’re thinking. Think again.

Monster.com, a web site that bills itself as the “world’s leading career network” is a web site used by people looking for a new job. Information required to register with the site includes, user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.

According to Patrick Manzo of Monster Worldwide, Monster.com suffered a database penetration (sometime this month – no date given), during which “certain contact and account data were taken”. So let me rephrase that for you – Monster was hacked and personal information stolen.

Simply put – if you have an account with Monster.com, your confidential information is now freely available to the vast hoards of cyber criminals who trade in this currency.

Your minimum expectations, if you are registered with Monster.com, should be that you would be notified of such a serious breech. Not too much to expect, I would suggest.

But no, Monster’s view is, since there is no direct evidence of misuse of the stolen information (yet), a small notice of this occurrence posted on their main page is sufficient notice. No other notification that your personal information is now at risk. Bizarre!

Note to Monster: Hey, don’t worry about this massive penetration of your data base – these cyber criminals just dropped in to have a look around your obviously under protected database environment.

Your attitude flies in the face of reality. Get real! You obviously need to be dragged, kicking and screaming into the real world of cyber crime.

As a consequence of this penetration, if you are a Monster.com customer, you need to do the following at once:

Change your password for ALL your accounts, not just Monster.com.

Be on guard against “phishing” fraudulent emails, and fraudulent telephone calls in the near term.

It’s not very often that I’m struck speechless by the shenanigans pulled by some of the larger Internet entities but this one; well it’s just too calculated, too condescending, too….. too damn stupid!

Malware Piggybacks on Greeting Card (E-card) Spam

Here we go again. Cyber-criminals just won’t quit (but you know that), – so get ready for another round of greeting card spam email.

Along with all the other crap spam emails I get every day, in the last few days, I’ve noticed a resurgence of that old familiar standby used by the bad guys – the e-card spam scam.

This is not a new type of scam, or even a new approach to scamming. In the last year alone, email inboxes have being swamped with similar scamming emails from fraudulent sites like Greetings.com, and 2000Greetings.com, amongst others.

This time around, the domain name being used by these scammers is Greetingcard.org, the legitimate site of The Greeting Card Association, a greeting card industry trade association. This organization makes no bones about it when it says on it’s website “We do not publish cards, nor do we have an e-card pick up. If you receive an e-card notification from our association, it is fraudulent and should be deleted”.

The hook, as it always is in this type of socially engineered email scam, is based on exploiting our curiosity. Let’s face it, we are all pretty curious creatures and, who doesn’t like surprises. I think it’s safe to say, we all love to receive good news via email greeting cards. The bad guys know this, and count on it to great effect.

What to watch for:

In this scam (like so many other e-card scams), the body text of the message urges you to click on an embedded link so that you can see the greeting card. However, clicking on this link will lead to malware being installed on your computer.

According to The Greeting Card Association, a legitimate e-card notification will always include the full name or personal e-mail address of the sender. Furthermore, the sender will never be identified by a generic term such as a “friend” or “family member”; terms that are frequently used in fraudulent e-card scams.

Unless you recognize the full name or personal e-mail address of the sender, the e-mail is quite likely fraudulent, and you should obviously delete this message.

You know what to do, right?

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web site designed to download malware onto your computer.

Keep your computer protected. Install a security solution and keep it up-to-date. If you’re unsure if your computer is adequately protected, then checkout – “Need Free Security Programs? – 10 Of The Best!” on this site.

To help you keep ahead of cyber criminals, visit Scambusters.org, where you can get all the latest information on Internet Scams, Identity Theft, Internet Fraud, and more.

From the Scambusters.org website:

Don’t Get Scammed!

Many scammers are very cunning, so being smart is NOT enough to protect yourself. Every day smart subscribers thank us saying they would have been scammed if they didn’t subscribe to ScamBusters.

Don’t take a chance. Subscribe FREE to ScamBusters, a public service and the #1 publication on Internet fraud.

IRS Tax Notification Refund Scam – Don’t be Victimized!

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $939.40. – Fraudulent IRS email

Now who wouldn’t be thrilled to receive an email informing them that U.S. Internal Revenue Service is going to play Santa Clause and give them $939.40? Well I wouldn’t object, and I suspect you wouldn’t either. Like you, I can think of a few places where this unexpected windfall could be put to good use.

Despite the fact that I am a Canadian, and I reside in Canada, it seems the U.S. Government is eager, and determined, to give me money for the third time in just a few months. Yes, this is the third such scam email I have received in just the last few months.

Since I am a Canadian I do not file U.S. income tax returns and I do not qualify for a refund from the IRS. Despite this, the cyber-criminals responsible for this fraudulent email were optimistic that I would click on the enclosed email link.

Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun a process in which the scammers would have stripped me of all the confidential information I was willing to provide.

Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth. The financial and personal details entered into this fraudulent web site are harvested by cyber-crooks who would have used this information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to discover the current status of your tax return, or your tax refund.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS confirms that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

• Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
• Don’t open emails that come from un-trusted sources.
• Don’t run files that you receive via email without making sure of their origin.
• Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
• Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan.

Be kind to your friends, relatives, and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site

Bogus IRS Tax Notification Email – Don’t Be a Victim!

Despite the fact that I am a Canadian it seems the U.S. Government, by way of the Internal Revenue Service, wants to give me money for the second time in just a few months.

Back in February of this year, I received an email indicating I could expect a tax refund of $873.20, and just in the last few days I received an IRS Tax Notification email informing me that an additional $184.80 was mine if I just clicked on the enclosed email link.

Unfortunately, since I am a Canadian I will not be getting a refund from the IRS, but the cyber-criminals responsible for this email were hopeful that I would click on the enclosed link.

Clicking on the link would have redirected me to a spoof IRS page, comparable to the original site, and I would then have begun the process whereby the scammers would have stripped me of all the confidential information I was willing to provide. Information requested on the spoof IRS page includes; social security number, credit card and debit card numbers, postal address, and date of birth.

The financial and personal details entered are harvested by cyber-crooks who would then have used this information to commit identity and financial theft.

The reality is of course, the IRS doesn’t send out unsolicited emails asking for personal or financial information. Credit card numbers, ATM PIN numbers and additional financial information would never be required to enable you to find out the current status of your tax return, or your tax refund.

According to the IRS there are over 1600 IRS phishing sites operating, or online, at any given time in search of potential victims willing to hand over sensitive financial data. It’s easy to see that the emails I received are not isolated incidents. The IRS goes on to say that by their estimates, 1% of all spam email is an IRS phishing scam.

What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses. As well, giving the time of year, the timing is right. Be warned, IRS scam emails always ramp up before tax day and continue for some time afterwards.

You know what to do right? Follow the tips below to protect yourself against these threats:

• Your bank, the IRS, or any other legitimate organization will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.
• Don’t open emails that come from un-trusted sources.
• Don’t run files that you receive via email without making sure of their origin.
• Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an un-trusted source, simply ignore them.
• Keep your computer protected. Install a security solution and keep it up-to-date. Also, before carrying out any kind of financial transaction on the Web, I recommend that you scan your computer with a second-opinion security solution, such as NanoScan at www.nanoscan.com.

Be kind to your friends, relatives and associates and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

To help you fight back, the following information has been taken from the official IRS web site and provides instructions on how to assist the IRS in shutting down these schemes.

The good news is that you can help shut down these schemes and prevent others from being victimized. If you receive a suspicious e-mail that claims to come from the IRS, you can relay that e-mail to a new IRS mailbox, phishing@irs.gov.

Follow instructions in the link below for sending the bogus e-mail to ensure that it retains critical elements found in the original e-mail. The IRS can use the information, URLs and links in the suspicious e-mails you send to trace the hosting Web site and alert authorities to help shut down the fraudulent sites. Unfortunately, due to the expected volume, the IRS will not be able to acknowledge receipt or respond to you.

IRS reporting site: phishing@irs.gov