Tag Archives: sponsored

Google Gives Users The Finger One More Time

image

The Internet is one kickass place – survey after survey continue to show that cybercriminals are picking off unaware/undereducated users, as if they were shooting fish in a barrel. And Google, the “Do No Evil” company has just made it easier for the bad guys to take aim at you, and me. Read on.

As I reported in March of last year – Search Engine Results – More Malware Surprises Than Ever!

Cyber criminals have bumped up the level of search engine malware.

One in five search topics lead to malware…………

Google search results produced 38 percent of overall search engine malware.

Luckily, those users in the know – were aware that steps could be taken to mitigate the risk of an infection transmitted through a bad search engine result. The tool of choice – one I have long recommended to regular readers here – has been WOT (Web of Trust).

WOT, one of the most downloaded Firefox Add-ons at the Mozilla add-on site, (also compatible with Internet Explorer and Chrome), is a free Internet Browser resource which  investigates web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams – helping you avoid unsafe web sites.

For example, here’s a Google search in which WOT indicates which sites are safe. Notice the unsafe (red) sites, in the Google ads!

image

You can now scratch the reputation icon associated with the Google ads shown in the previous screen capture. Here’s the bad news. Google has reversed course, and no longer (as of April 13) allows a reputation assessment icon (in other words – a SAFETY assessment icon), to be displayed on Google sponsored ads.

According to WOT – “Due to Google’s policy change, WOT and some other similar tools can no longer show reputations for sponsored links on Google’s search results, or elsewhere on Google ads.”

In the following screen capture (taken today), you’ll notice WOT’s reputation icon (the green circle), attached to generic search results. You’ll also notice, on the TigerDirect (a Google ad), a reputation assessment is no longer available.

image

In my view, Google can take its “Do No Evil” motto, and “shove it where the sun don’t shine”. No matter the reasoning behind this move – the net result is, Internet surfers are at more risk than they were last week. Tell me that’s not EVIL!

A big “thank you” to regular reader Michael F. for the heads up.

26 Comments

Filed under Browser add-ons, Google, Internet Safety Tools, Software, WOT (Web of Trust)

McDonalds “Fillet O’ Phishing” Survey Scam

image Would you fill out an email survey, sponsored by McDonalds – if they paid you 250 dollars for completing it? I’ll go out on a limb here and say – yes you would. Just like most offers that sound overly attractive though – this offer is a scam.

This scam is not only plausible, but in appearance, it could easily pass for the real thing. Jump into this one though, and you’ll stand a good chance of losing your credit card information. So, no 250 dollars; just a real messy credit cleanup to look forward to.

image

Filling out the survey form really isn’t the hook – that comes later.

image

Clicking on the “proceed” link (this is where you supposedly get the 250 bucks), opens the following screen. All you have to do is provide your credit card details and additional personal information.

image

If, at this point, you don’t hear a loud warning bell resonating in your head – you’re about to become a cyber crime victim.

To add credibility (and reduce suspicion), victims of this scam are automatically redirected to the official McDonalds site – once the victim’s credit card details have been scooped by the crooks.

In August of 2010, when I first reported on this scam, which was then being “test marketed” by the cyber crooks in New Zealand and Australia, I made the following point –

The rest of us (non Australian or New Zealanders), shouldn’t be complacent because, for the moment, this scam is appearing only in that part of the world. If this scam works there, and I suspect it will work very well, there’s little doubt it will soon be on it’s way to you’re inbox.

Well, here it is in North America and according to the chat on the Net, this time out, the graphics on the survey and phishing pages are loaded directly from McDonald’s own website. You can rightfully accuse cyber crooks of being the lowest form of pond scum imaginable – but you can’t accuse them of not being technically sophisticated.

It’s the same old, same old, though – the first time I came across this scam was in 2006. This type of scam is recycled repeatedly – because it works. Reasonably intelligent people do get trapped by sophisticated scams. Due, in large part, to their failure to take minimum common sense security precautions. Don’t be one of them.

Advice worth repeating:

If you have any doubts about the legitimacy of any email message, or its attachment, delete it.

Better yet, take a look at the email’s headers. Check the initial “Received from” field in the header, since this field is difficult to forge. Additionally, the mail headers indicate the mail servers involved in transmitting the email – by name and by IP address.

It may take a little practice to realize the benefits in adding this precaution to your SOP, but it’s worth the extra effort if you have any concerns.

f you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, email scams, Malware Reports, Phishing, Windows Tips and Tools

Aussie or Kiwi? – Stay Clear Of This McDonald’s Survey Phishing Scam

image Would you fill out a survey, sponsored by McDonald’s, if they paid you 90 dollars for doing it? I’ll go out on a limb here and say – yes you would.  🙂  Just like most offers that sound overly attractive though – this offer is a scam.

Jump into this one, and you’ll stand a good chance of losing your credit card information. So, no 90 dollars; just a real messy credit cleanup to look forward to.

According to Symantec Hosted Services unit, MessageLabs Intelligence, this scam (so far limited to Australia and New Zealand), is not only plausible, but in appearance, it could easily pass for the real thing.

image

Image courtesy of Symantec.

Filling out the survey form really isn’t the hook – that comes later. Clicking on the “proceed” link (this is where you get the 90 bucks), opens the following screen.

image

Image courtesy of Symantec.

If, at this point, you don’t hear a loud WTF, resonating in your head – you’re about to become a cyber crime victim.

The rest of us (non Australian or New Zealanders), shouldn’t be complacent because, for the moment, this scam is appearing only in that part of the world. If this scam works there, and I suspect it will work very well, there’s little doubt it will soon be on it’s way to you’re inbox.

For additional information on this scam checkout Nick Johnston’s Blog post over at the Symantec Hosted Services Blog.

About Message Labs Intelligence:

Symantec’s Message Labs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Comments

Filed under Windows Tips and Tools