Tag Archives: Phishing

Am I Dead? Investigation.org Wants to Know

imageI woke up this morning to find that I wasn’t dead. That’s kind of a bonus, since there have been mornings when I wasn’t entirely convinced –  if you know what I mean. But, I’m getting ahead of myself.

Assuming, one is still alive – I suspect that there might be a certain sense of urgency in refuting a rumor that one has passed on to bigger and better things (hopefully, bigger and better things, but……).

In the latest craziness on the spamming scene – Investigation.org (now there’s a catchy name), has crafted a phishing email – loaded with power words – in an effort to provoke the need to act.

First, to prove you’re not DEAD – and subconsciously, who doesn’t have a need to do that? Second, in the happy event you’re not DEAD – the good news is – you’re in line to “receive and confirm your funds without any more stress”. Good news – no?

In an attempt to show the proper degree of sincerity (just in case you’re DEAD, as you read the email), Investigation.org goes that extra mile – “MAY YOUR SOUL REST IN PERFECT PEACE – YOUR JOY AND SUCCESS REMAINS OUR GOAL.”

Text of this unintentionally hilarious email –


Investigation Bureau office@investigation.org

8:48 AM (5 hours ago)

Attn: Sir/Madame (don’t know if I’m a man or a woman – what gives?)

We are writhing to know if it’s true that you are DEAD? Because we received a notification from one MR. GERSHON SHAPIRO of USA stating that you are DEAD and that you have giving him the right to claim your funds.

He stated you died in a CAR accident. He has been calling us regarding this issue, but we cannot proceed with him until we confirm this within after 7 days of no respond.

Be advised that we have made all arrangements for you to receive and confirm your funds without any more stress, and without any further delay.

All we need to confirm now is you been DEAD Or still Alive. Because this MAN’S message brought shock to our minds. And we just can’t proceed with him until we confirm if this is a reality OR not.

But if it happened we did not hear from you after 7 days, then we say: “MAY YOUR SOUL REST IN PERFECT PEACE” YOUR JOY AND SUCCESS REMAINS OUR GOAL. May the peace of the Lord be with you wherever you may be now.

Your Faithfully,
Mrs. Vivian Martins
Tel: +123-806-731-6969

Email: investigation_departtt1@hotmail.com

OK, I will admit, that to be taken in by a scam email like this, or any scam email for that matter, one would have to be the type of person whose antenna doesn’t pick up all the channels.

Still, when you consider that 90% of all emails are spam – and scams are a big part of that percentage – it’s fair to say – more than a few unlucky souls who’ve lost contact with the mother ship, will fall for this type of scam email.

What a sad reflection on the state of the Internet.


Filed under Cyber Crime, Don't Get Scammed, email scams

Fake URL Shortening Services –Spammers Latest Weapon

imageAccording to Symantec’s May 2011 MessageLabs Intelligence Report, released several days ago, spammers are now employing their own fake URL shortening services to redirect users to the spammer’s Web site. It’s hardly surprising that this new technique has directly contributed to rising spam rates.

MessageLabs Intelligence reports that “shortened links created on these fake URL-shortening sites are not included directly in spam messages. Instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. These shortened URLs lead to a shortened-URL on the spammer’s fake URL-shortening Web site, which in turn redirects to the spammer’s own Web site.”

Key findings from the May 2011 report include:

Spam: In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).

In the US 76.4 percent of email was spam, 75.3 percent in Canada, 75.4 percent in the UK, and 73.9 percent in Australia.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April.

Endpoint Threats: The most frequently blocked malware targeting endpoint devices for the last month was the W32.Ramnit!html, a worm that spreads through removable drives and by infecting executable files.

Phishing: In May, phishing activity was 1 in 286.7 emails (0.349 percent), a decrease of 0.06 percentage points since April.

Web security: Analysis of Web security activity shows that approximately 3,142 Web sites each day were harboring malware and other potentially unwanted programs including spyware and adware, an increase of 30.4 percent since April 2011. 36.8 percent of malicious domains blocked were new in May, an increase of 3.8 percentage points since April. Additionally, 24.6 percent of all web-based malware blocked was new in May, an increase of 2.1 percentage points since last month.

The May 2011 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available here.

Reading this type of report (or at least the highlights), can be a major step in expanding the sense of threat awareness that active Internet users’ require.

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, MessageLabs, Online Safety, spam, Symantec, Windows Tips and Tools

Will The Epsilon Data Breach Affect You? Don’t Be Surprised!

imageThe damage yet to be realized from the Epsilon Data Management breach, in which 250 million consumers names and e-mail addresses were compromised, has the potential to be staggering.

With 2500 client customer databases residing on their servers, Epsilon likes to characterize itself as the world’s premier email marketing service. Since they are responsible for over 40 billion (generally unwanted) emails annually, I tend to characterize Epsilon less favorably.

To this point, all of the companies involved in this breach (and the list is growing daily), are aggressively making the point that customer financial and confidential information, remains secure – and, has not been stolen. However, in a cover their ass move, many of the affected companies slip in a caveat – “based on everything we know”, or words to that effect.

Now, if one fell off the turnip wagon yesterday, that response might seem acceptable, or even encouraging. Personally, I’ll be guided by what experience has taught me in relation to situations such as this; and that is – there’s a very good chance that what we’re  seeing today, is no more than the tip of the iceberg.

In the short term we can expect the following:

The incidence of targeted spam (since names, addresses, and most importantly, company affiliations are available), is sure to rise dramatically;  with a corresponding increase in malware laden email.

Based on the same information accessibility, spam phishing attempts will move up the list of cybercriminals’ preferred scams. Unfortunately, the success ratio is likely to increase dramatically.

Long term impact has yet to be determined with any accuracy – but, since the type of companies impacted by this breach tend to operates in the Twilight Zone when it comes to safeguarding their customers privacy, heightened vigilance on the Internet, particularly not responding to unsolicited emails, takes on a new urgency if you are one of those who has had previous, or current dealings, with any of the affected companies.

Quick questions: Why wasn’t this enormously sensitive customer information encrypted? Have things gone so far, that we need to legislate common sense?

Internet security provider Kaspersky, has put together a list of the companies impacted by Epsilon’s data breach which is worth reviewing – if you’re unsure of a relationship with an affected company.

From Kaspersky Lab’s Threat Post:

The number of companies that was affected by the attack on online marketing firm Epsilon Data Management has continued to grow, virtually by the hour.

Many retailers, banks and other firms sent out notification letters to their customers on Monday, and to help you keep track of who’s affected, we’ve compiled a list of known companies victimized by the Epsilon attack.

There are likely to be even more companies that send out breach notification letters in the coming days, so check back for updates. Here is a list of companies known to have been affected so far: List of Companies Hit By Epsilon Breach.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Malware Advisories, Online Safety, spam, Windows Tips and Tools

BitDefender TrafficLight – Real-time Anti-virus, Anti-phishing Browser Add-on

imageSurfing the Internet without a site reputation Browser add-on is not much different than stumbling down a set of stairs in the dark – while blindfolded. At a minimum, a risky venture.

As with all applications designed to enhance Internet safety however, site reputation Browser add-ons are not without there shortcomings. One particular issue that raises concern is – reputation add-ons are site specific and not page specific. In other words, the site may have passed the test for safety and yet contain a page, or pages, that harbor threats.

BitDefender’s recently released (March 24, 2011), beta – TrafficLight Browser add-on, attempts to address this page specific issue by utilizing “the BitDefender scanning engines to check, and rate, every page and link from the users’ web traffic, blocking unsafe content before it reaches the user’s browser.” In an effort to cover all the bases, TrafficLight is active in in search engines, and social networking sites (Facebook and Twitter), as well.

Control Panel screen capture.


Fast facts:

TrafficLight works with virtually any Windows-compatible browser. It even keeps look, feel and functionality consistent if you switch browsers.

TrafficLight intercepts and scans web traffic before it even reaches the browser, effectively blocking disguised or stealth attacks before it’s too late.

TrafficLight scans the pages you visit for malware and phishing attempts each and every time you access them to avoid the threat of legitimate but recently compromised websites.

TrafficLight won’t block an entire website if just some pages within are malicious. Only the potentially harmful elements are blocked, leaving you free to view the rest of the site if you so choose.

TrafficLight relies on intelligence provided by BitDefender Cloud services to flag malware and phishing attempts in search results from Google or Bing. Not only that, but it also checks links in popular social network platforms and blocks them if they are suspect.

TrafficLight does not add a toolbar to your already-cluttered browser interface. Its interface remains invisible until your input is needed or it’s called up with a simple mouse gesture.

Supported Operating systems: Microsoft Windows XP SP2, Windows Vista SP2, Windows 7.

Supported Browsers:
Internet Explorer 7+, Opera, Mozilla Firefox, Google Chrome, Safari.


Download free TrafficLight at: BitDefender

Note: As with all beta, or release candidates, take sensible precautions prior to installation. This should include setting a new restore point.

Additional reading:

WOT Beta for Social Media – Facebook, Twitter Protection And More

Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Anti-Malware Tools, BitDefender, Browser add-ons, Browsers, Cyber Crime, Don't Get Hacked, downloads, FaceBook, Free Internet Protection, Freeware, Internet Safety Tools, Malware Protection, Online Safety, Safe Surfing, Software, Spyware - Adware Protection, System Security, Twitter, Windows Tips and Tools

Free G Data CloudSecurity – Blocks Known Malware And Phishing Websites

As we reported several days ago in Search Engine Results – More Malware Surprises Than Ever!, poisoned search engine results have proven to be a gold mine for the bad guys who, naturally, continue to be unrelenting in their chase to infect web searches.

Since drive-by downloads, which don’t require user action to create an infection, are resident on many of these compromised sites, this is unhappy news for the unwary Internet user.

To reduce the chances that you will be victimized by malicious search engine results, you should consider installing an appropriate Browser add-on, or if necessary, add-ons, to increase your safety margin. A list of recommended add-ons follows later in this article. But first, take a look at a new Firefox/Internet Explorer add-on, G Data CloudSecurity – passed on by regular reader Charlie L.

According to G Data, the plugin “effectively blocks access to known malware distribution and phishing websites – in real time. The plugin can be used alongside any other installed security suite and is ready for action after installing; no additional configuring required.”

Taking advantage of this service couldn’t be easier. Simply download the setup application, and execute. Following installation, you’ll notice a new icon in your browser which indicates  G Data CloudSecurity is up and running.


Clicking on the icon opens a dropdown menu which provides access to a number of functions.


The screen capture below shows G Data CloudSecurity in action – blocking a suspicious, or dangerous Web site.


Fast facts:

Compatible with all other security products

Prevents access to malware and phishing websites

Install once – no updates required

PC performance remains unaffected

Download at: Developer’s site. (G Data)

Additional Internet Browser Protection:

It’s not prudent to rely on only one form of protection, it seems to me, so take a look at the following browser security add-ons that are noted for their effectiveness.

It’s important to recognize that cyber-criminals are crafty, and there are no perfect solutions.

Web of Trust (WOT) WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive and well deserved reputation. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites. (installed on my computer)

Search Engine Security – Search Engine Security turns the table on the bad guys by using using a technique familiar to most hackers – appearing to be something you’re not. Or, more properly, appearing to come from a location you’re not really at. (installed on my computer)

Basically, the add-on changes the HTTP referrer (selectable by you), in the search string so that when you click on a returned link it appears to the link site that you have not arrived from Bing, Google, or Yahoo.

McAfee SiteAdvisor A free browser add-on that adds small site rating icons to your search results as well as a browser button and optional search box. Together, these alert you to potentially risky sites and help you find safer alternatives. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats.

ThreatExpert Browser Defender – The Browser Defender toolbar allows you to surf safely by displaying site ratings as you browse the Internet. When you visit a site its address will be checked by our servers and a rating shown in the toolbar based on any malicious behavior or threats we have found associated with the site. The toolbar also integrates with the search results provided by popular search engines such as Google and Yahoo! so you can see if, in our view, it is safe to continue before you visit a site.

AVG Security Toolbar Free Edition AVG’s unique Search-Shield, available with the AVG Security Toolbar Free Edition, marks all web pages which are infected by zero day exploits and drive-by downloads. This powerful LinkScanner based technology works in real-time to provide comprehensive protection. Other programs rely on static databases and cannot protect you at the only time that matters – the time you click on a link.

TrendProtect – TrendProtect is a free browser plug-in that helps you avoid Web pages with unwanted content and hidden threats. TrendProtect rates the current page and pages listed in Google, MSN, and Yahoo search results. You can use the rating to decide if you want to visit or avoid a given Web page. To rate Web pages, TrendProtect refers to an extensive database that covers billions of Web pages.

Bottom line:

While G Data CloudSecurity does what it says it will do, my personal preference is unchanged. WOT (Web of Trust), backed up by Search Engine Security, is a more appropriates solution.

I’ve reviewed and recommended a bag full of Browser security add-ons in the past few months, or so. No disrespect intended to those developers who have the public’s interest at heart when they develop Browser security add-ons, but…..

Am I the only one who thinks that building protection into my Brower in this potluck fashion, has reached the height of ridiculousness?

Isn’t it long past the time, when a Browsers should be built with the most appropriate form of protection already on board?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Anti-Malware Tools, Browser add-ons, Browser Plug-ins, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Malware Protection, Search Engines, Software, Windows Tips and Tools

McDonalds “Fillet O’ Phishing” Survey Scam

image Would you fill out an email survey, sponsored by McDonalds – if they paid you 250 dollars for completing it? I’ll go out on a limb here and say – yes you would. Just like most offers that sound overly attractive though – this offer is a scam.

This scam is not only plausible, but in appearance, it could easily pass for the real thing. Jump into this one though, and you’ll stand a good chance of losing your credit card information. So, no 250 dollars; just a real messy credit cleanup to look forward to.


Filling out the survey form really isn’t the hook – that comes later.


Clicking on the “proceed” link (this is where you supposedly get the 250 bucks), opens the following screen. All you have to do is provide your credit card details and additional personal information.


If, at this point, you don’t hear a loud warning bell resonating in your head – you’re about to become a cyber crime victim.

To add credibility (and reduce suspicion), victims of this scam are automatically redirected to the official McDonalds site – once the victim’s credit card details have been scooped by the crooks.

In August of 2010, when I first reported on this scam, which was then being “test marketed” by the cyber crooks in New Zealand and Australia, I made the following point –

The rest of us (non Australian or New Zealanders), shouldn’t be complacent because, for the moment, this scam is appearing only in that part of the world. If this scam works there, and I suspect it will work very well, there’s little doubt it will soon be on it’s way to you’re inbox.

Well, here it is in North America and according to the chat on the Net, this time out, the graphics on the survey and phishing pages are loaded directly from McDonald’s own website. You can rightfully accuse cyber crooks of being the lowest form of pond scum imaginable – but you can’t accuse them of not being technically sophisticated.

It’s the same old, same old, though – the first time I came across this scam was in 2006. This type of scam is recycled repeatedly – because it works. Reasonably intelligent people do get trapped by sophisticated scams. Due, in large part, to their failure to take minimum common sense security precautions. Don’t be one of them.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address.

It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.

f you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, email scams, Malware Reports, Phishing, Windows Tips and Tools

I’ve Got 10 Kilos Of GOLD I Want To Share With You!

image My Australian friend Rod, a security developer executive, regularly forwards copies of scam emails that his company detects, through their various Internet  resources.

I’m very appreciative that Rod takes the time to do this, since it keeps me in the loop at the company level on email scams and malware threats. And,  it gives me a chance to LMAO – some of these emails are outrageously funny.

Every get one of those emails? Sure you have. In fact, you probably get a lot of emails similar to the one below, recently forwarded by Rod – this one is particularly ridiculous. But, that’s the point in using it as an illustrative example.

Anyone with an email address is bound to be bombarded with this type of scam email (including the misspellings, lack of punctuation, incorrect grammatical usage, etc.).

How are you doing sir/madam? My name is Mr. Twum a 25 year old man, please dont be surprise i got your email from yahoo. i have 10kilogram of AU RAW GOLD, i got this Gold as a beneficiary from my parent as their only son . i dont know much about Gold so i am here looking for someone who can lecture me on how i can sell the Gold and how much it worth at the market.

please note that i have all legal documentation from my late dad before he passed away and on one of the documents, It is said the specification of the gold is,

QUALITY : 22+Carat with a minimum

PURITY : 96% Or Better

Origin : Ghana.

And i am ready to send sample to you to test and see if it is Gold as i can read clearly.

if you so interested. have a nice day and enjoy your day

hope to hear from you soon

Opening this type of email is definitely not recommended (despite the humor), since, at a minimum, opening one lets the spammers/scammers know that your email address is “live”. Generally not a good idea, since this virtually guarantees you will receive a lot more spam.

We’ re all pretty curious, and spammers/scammers, being experts at social engineering – “the act of manipulating people into performing actions or divulging confidential information, for the purpose of fraud, or computer system access”, rely on this to manipulate victims into opening this type of email.

While there may be some dispute as to whether “curiosity killed the cat”, there is no dispute as to the likely outcome of following the instructions contained in emails of this type because of curiosity.

For those who are swept away by an overriding curiosity  – go ahead and click and then follow the instructions. But before you do, make sure you have:

A current backup CD/DVD or other media containing your irreplaceable files – you’re going to need it.

Your original operating system install disk – you’ll need this too.

Your system and peripherals driver disks. Without these you’re going to spend hours on the Internet locating (if your lucky), drivers that were written specifically for your hardware and peripherals.

You can save yourself all this trouble, and heartache, just by one simple action, or more properly; by a single inaction. Don’t click!

Scam emails like this are designed, and crafted, to seek out financial information from you, or from your computer, that can be used to steal your money and your identity. As well, they can be designed to install various types of malware  that can have drastic consequences for your system’s stability.

You may well be curious when it comes to emails like this, but don’t let your curiosity override your common sense. Security experts argue (none too successfully it seems), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the type of files that are clearly dangerous.

You may be lucky, and you may be able to recover control of your computer if your anti-malware applications are up to date, and the malware signature recognize the intruder as malware.

But I wouldn’t count on it. Often, anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

It is beyond dispute that the Internet now fits the criteria of a world that is not just perceived to be, but is in fact, personally threatening to uninformed or casual Internet users. I could go on, but I think the message here is clear. Think carefully before you click.

Despite every warning under the sun, there are people who will open this type of email. And, in that group, there will be people who will respond. If you’re having trouble believing this – believe it. If this type of scam didn’t show results, we wouldn’t have to deal with them on a constant basis.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, internet scams, Online Safety, spam, Windows Tips and Tools

If Your Bank Doesn’t Know Your Name – Maybe That’s A Clue The Email Is Fraud – Huh?

image I can’t imagine receiving an email from my bank that didn’t include my name and other pertinent personal details. After all, how difficult would it be for my bank to personally address an email to me, given the size and complexity of their database?

So receiving an email like the one below, instantly raises my fraud antenna – as I’m sure it does yours. Right?

“Dear Chase member,

You were qualified to participate in $50.00 credit reward surwey. – (When are these people going to learn to spell?)

Just take part in our quick 5 question survey:


Chase Fraud

Who couldn’t use an extra $50 – especially these days, with the economy in the tank? Unfortunately, there is no $50. This email is a phishing attempt.

If you’re unfamiliar with phishing, it is defined as the act of tricking unsuspecting Internet users into revealing sensitive or private information. It relies for its success on the principle that asking a large number of people for this information, will always deceive at least some of those people.

Most of this activity is automated, so phishing is considered an opportunistic attack, rather than the targeting of a specific person. You can relax – they’re not after you personally.

In a phishing attack, the attacker creates a set of circumstances where the potential victims are convinced that they are dealing with an authorized party; in this case, Chase. What makes this particular type of scam so potent is, the average person on receiving an email from an authoritative source, generally lowers their defenses.

Although it may be true that the Internet has the potential for safe, and secure transactions, staying safe online relies on you making good choices and decisions that will help you avoid costly surprises, or carefully crafted scams and phishing schemes such as the one just described.

The type of attack described above, is occurring with such frequency that the IC³ (the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance, has called the situation “alarming”, so you need to be extremely vigilant.

Be kind to your friends, relatives, and associates, and let them know that these types of scams are now epidemic on the Internet. In that way, it raises the level of protection for all of us.

Minimum safety precautions you should take:

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them.

Consider every email, telephone call, or text message requesting confirmation of your personal and financial information as a scam.

When contacting your bank; use a telephone number from your statement, a telephone book, or another independent source.

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Keep your computer protected. Install a security solution and keep it up-to-date.

An additional key point offered by my Internet friend Georg L. – Do not use any e-mail client like Outlook, Outlook Express, Thunderbird, or others. Instead, rely exclusively on the webmail facility of your service provider, even if this is less comfortable. In this way, e-mail cannot be misused as a vector for malware, because nothing is downloaded to your computer in the first place. By going without an e-mail client, you also save computer resources.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Safety, internet scams, Phishing