Today’s Scam of the day comes from the inbox for my own email. It is a common phishing scam that attempts to lure the victim into clicking on a link contained in the email. If the intended victim clicks on the link, he or she will unwittingly download keystroke logging malware that will enable the scammer to steal all of the personal information from your computer or smartphone and use it to make you a victim of identity theft. This particular phishing email follows a common pattern at educational institutions or businesses where the email is made to appear as if it originated with your school’s or company’s IT department requiring you to verify your account in order to continue to use your email account. It appears to be legitimate, but it is not. Here is a copy of the email. DO NOT CLICK ON THE LINK.
Recently the Department of Homeland Security joined Interpol and the FBI to issue a serious warning about a botnet called the Simda botnet. A botnet, as readers familiar with Scamicide will know, is a network of infected computers used by cybercriminals to spread malware. According to the Department of Homeland Security more than 770,000 computers have already been affected by the Simda botnet which has been around since 2009 preying on computers that are not properly protected by up to date anti-malware software. The Simda malware not only enables the cybercriminals to use their victims’ computers to spread this and other malware, but it also enables the cybercriminals to steal personal information from the infected computers that make up the botnet and then use that information for purposes of identity theft.
Here is a link to which you can go to find out if your computer has been infected with the Simda malware. http://www.cyberdefense.jp/simda/
If you have been a victim of the Simda malware, you should install anti-virus and anti-malware software to rid your computer of the Simda malware. You should then change the passwords for all of your accounts because they have been compromised. You should also get a copy of your credit report from each of the three credit reporting agencies, Equifax, TransUnion and Experian to determine if you have already become a victim of identity theft. You should also lock up your credit reports with a credit freeze at each of the three credit reporting agencies. You can find instructions as to how to do this here in the Scamicide archives.
Even if you have not become a victim of the Simda malware, you should make sure that your anti-virus and anti-malware software is constantly updated.
Every year, the number of people shopping online and the money spent through online shopping grows significantly. And why not? The convenience alone of being able to shop from the comfort and privacy of your home is reason enough for many of us to shop online and when you couple that with often lower prices and, in many instances, the sales not being subject to sales taxes, online shopping is a winner. But how safe is it? We all know from last year’s data breach at Target, how risky shopping in brick and mortar stores is, but shopping online can also be risky. However, if you follow a few simple rules, you can dramatically improve the safety and security of your online shopping.
Here is a list of some online shopping tips:
1. Make sure that the computer, laptop, tablet or smartphone you use is equipped with the anti-virus and anti-malware software programs and that you have updated the programs with the latest security patches.
2. As with shopping at brick and mortar stores, don’t use a debit card for online purchases, as well. In the event of a data breach, the consumer protection laws in regard to fraudulent use of your debit card are not as protective as those that apply when your credit card is fraudulently used.
3. Don’t supply your credit card number unless the address of the website is preceded by the letters “https.” That additional letter “s” indicates that the transmission of your data is encrypted and secure.
4. Don’t leave your credit card number on record with the online retailers you use for the sake of convenience. Doing so only makes you more likely to become a victim of identity theft if the company suffers a data breach (and many of them will).
5. Don’t click on coupons or ads that you may receive by way of an email or text message regardless of how good they appear. They may be loaded with malware that will be downloaded on to your computer, tablet or smartphone if you click on the link. That malware can steal all of your personal information and lead to your becoming a victim of identity theft. Any legitimate coupon you might receive through an email or a text message will also be available on the website of the company where you want to shop.
6. Limit your online shopping to companies that you know and trust. Merely because a company comes up high on a Google search does not mean that the company is legitimate. Any company offering a price that appears too good to be true, should be particularly suspect.
7. Use distinct and complex passwords for each online company with which you shop and use dual factor authentication whenever possible.
A number of times I have written about email phishing scams that start when you receive an email that purports to be sent from AOL informing you that there is some problem with your AOL account which requires you to click on a link in order to rectify the problem. Recently, another email server is the subject of a phishing scam. This time it is Yahoo. Here is a copy of an email that is presently finding its way into many people’s email boxes. This is a phishing scam. DO NOT CLICK ON THE LINK. Clicking on the link will result in either your downloading a keystroke logging malware program that will steal all of the information from your computer such as your Social Security number, credit card numbers and banking information that will then be used to make you a victim of identity theft or when you click on the link you will be prompted to provide personal information that will also be used to make you a victim of identity theft. Some phishing emails are better than others and this one was not very convincing. The email address from which it was sent was not even a Yahoo email address. It was the address of someone whose email had been hacked and made a part of a botnet of computers used by identity thieves to send out their phishing emails. In addition, this email is not directed to you by name, but rather as “Yahoo user.” As with many of these scams that often originate in foreign countries where English is a second language, the grammar is suspect as where in this email the word “responds” is used instead of the correct word “response.”
“Dear Yahoo! User
Your two incoming mails were placed on pending status due to the recent upgrade to our database, In order to receive the messages Click Here to login and wait for responds.
Customer! Mail Product Management.
Copyright © 2014 Mail! Inc. (Co. Reg.. No. 2344507D)All Rights
Reserved. Intellectual Property Rights Policy
Please do not reply to this message. Mail sent to this address cannot be answered.”
The most important thing to remember is to never click on links in emails or download attachments unless you are absolutely sure that they are legitimate. In this particular case, it is easy to see that it is a scam. Additionally, you should make sure that your anti-malware and anti-virus software are installed and up to date with the latest security updates while remembering that you cannot rely on your security software because it is generally about thirty days behind the latest viruses and malware programs.
The E-Z Pass transponder system is available to drivers in fourteen states and enables the drivers to avoid stopping to pay tolls when driving on toll roads. Instead they merely drive through a special lane where their transponder is electronically read. The tolls are then charged to a credit card on file with E-Z Pass. It is a very efficient system that works well. It also works well for scammers who recently have been sending phishing emails to residents of New York, New Jersey, Massachusetts and even Canada where they system is also used. The emails appear official looking. It carries the logo of E-Z Pass. The message is short. It reads: “Dear customer, You have not paid for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time.” The stilted language is a good indication that this scam may have originated in a country where English is not the primary language. The email goes on to indicate “The invoice can be downloaded here” and it provides a link for you to supposedly access your bill. DON’T CLICK ON THE LINK. In some versions of the scam, if you click on the link, you will be prompted to provide information that can be used to make you a victim of identity theft. In other versions of the scam, merely clicking on the link will download malware on to your computer that will steal all of your personal information from your computer and use it to make you a victim of identity theft.
Never click on links or download attachments in emails or text messages regardless of how official they may appear. You can never be sure as to whether it is legitimate or not. Your best course of action is, if you have any inclination that it may be legitimate, to contact the real company or agency and inquire as to the legitimacy of the contact. In this particular case, E-Z Pass does not communicate regarding bills by emails so you can be confident if you do get such an email it is a scam. As always, you should also make sure that your anti-malware and anti-virus software is kept up to date, but don’t rely on that to keep you safe because the best anti-malware and anti-virus programs are always at least thirty days behind the latest malware and viruses.
With an estimated 46% of the planet’s population eagerly watching the FIFA World Cup tournament it should come as no surprise that this event will also spawn scams and identity theft schemes concocted by criminals around the world. One of the most common scams involves an email informing you that you have won tickets to the tournament in Brazil. However, if you click on the link in the email, you will only succeed in downloading malware on your computer that will steal your information which will then be used to make you a victim of identity theft. Another common scam being seen now is one in which you are promised that by clicking on links in the email you will either be able to get free access to the games streamed on the Internet or free news and highlight videos. Again, however, if you click on the links, you will end up installing malware on your computer.
The advice is the same as always, never click on links in emails unless you are absolutely sure that they are legitimate. It is impossible to win a contest you have not entered so that should be warning enough not to click on links in emails regarding contests you apparently have won although you never entered. It is impossible to know if any of these emails that you receive regarding the World Cup are legitimate, so do yourself a favor and stick to either the official FIFA website, www.fifa.com or other sports websites that you know are legitimate, such as ESPN’s www.espn.go.com. Also, make sure that your anti-malware and anti-virus security software is up to date.
It was only a few days ago that I warned you about some iPhone scams threatening users of Apple’s iPhone through a manipulation of the Find My Phone feature of the iPhone. The Find My Phone feature allows iPhone owners to track and lock their phones if they are lost or stolen. However this feature was allegedly misused by two Russians who used phishing techniques to get access to their victims’ Apple ID accounts where they activated the phone locking feature. They then sent messages to their victims indicating that they would remotely delete the data in their phone and keep the phone locked unless they paid a ransom. Another technique allegedly used by the pair of criminals to gain access to the phones was to place online ads offering to provide access to much media content to be accessed through the victim’s iPhone. Once the victim linked his or her iPhone to the scammer’s account, the scammers activated the Find My Phone feature to lock the phone.
The best way to resolve a problem is to avoid the problem altogether. As I constantly warn you, never click on links in emails unless you are absolutely sure that they are legitimate. It is always safer to confirm first that the email with a link is legitimate first before considering clicking on the link. You also should make sure that you always backup whatever content you keep on all of your electronic devices. All of your electronic devices should also be protected with anti-virus and anti-malware software although it is important not to rely to heavily on these security programs because they are always a bit behind in protecting you from the latest malware and viruses. Finally, If you are unlucky enough to have had your iPhone hijacked, you can correct the problem yourself through a “hard” reset. Here is a link to instructions from Verizon as to how to do a hard reset: http://www.verizonwireless.com/support/devices/knowledge_base.html/39607/
You also can to to your Apple store with your iPhone and proof of purchase to have Apple resolve the problem.
Earlier this week, the Department of Justice revealed that it had broken a massive hacking scheme and taken over the computer servers that spread two major types of malware about which I have warned you previously. The two types of malware are GameOverZeus and Cryptolocker. GameOverZeus steals banking information from victims’ computer which the hackers then used to empty their victims’ bank accounts. Cryptolocker is a particularly insidious type of malware that when installed on the victim’s computer encrypts all of the data contained on the computer. After the encryption was accomplished, the criminals then notified the victim that their data would be destroyed unless a ransom payment was made. This type of malware, has, appropriately been deemed ransomware. Law enforcement officials estimate that as much as 100 million dollars was stolen by the gang operating these malware programs through a botnet. Members of the gang included Russians, Ukrainians and British criminals. Through the joint efforts of the FBI and law enforcement agencies in ten other countries, the computer servers of the hackers were seized and the alleged ringleader of the group, Russian Evgeniy Bogachev was indicted. American authorities are in contact with Russian authorities to have Bogachev extradited to the United States for trial.
This story is important for many reasons. Certainly is not only good to see law enforcement cracking criminal hacking crimes, but also seeing international cooperation in the law enforcement effort. However, ultimately, law enforcement is not going to be able to prevent you from becoming a victim of hackers seeking to steal from you through the use of malware such as GameOverZeus and Cryptolocker. Instead the burden of protecting you from these attacks falls on all of us individually. In all cases, these malware programs ultimately found their way to their victims’ computers when the victims invited them in by clicking on tainted links in emails or downloaded tainted attachments from phishing emails. The first line of defense is not to ever click on emails or download attachments unless you are absolutely sure that they are legitimate. You should also make sure that you have constantly updated anti-virus software and anti-malware software on all of your electronic devices.
The United States Department of Homeland Security has issued a warning about the GameOverZeus malware that contains links to a number of effective anti-malware programs that can help protect your computer and other electronic devices from infection and remove the infection if it occurs. Here is a link to that warning which, in turn, contains a link to the anti-malware software programs: https://www.us-cert.gov/ncas/alerts/TA14-150A
A recent report from computer security company, Kaspersky Labs confirms what I have been telling you for the last few years. As people use their smartphones more and more, hackers and identity thieves are focusing their attention on our mobile devices. The tactic they use is the same type of phishing technique used for years to lure people through tainted messages in emails to click on infected links that download keystroke logging malware on to their victims’ computers that then steal personal information such as credit card numbers, Social Security numbers and banking information from the computer and use that information for identity theft purposes. Many people are far too trusting of the apps, social media and text messages on their smartphones which have now become a prime source of links with malware that unwitting victims click on and the become victims of identity theft when the identity thieves steal information from their victims’ smartphones.
You can never trust any email, phone call, text message or any other form of communication that comes to you as being legitimate. Never click on a link or download an attachment regardless of how your receive it even if it appears to come from a trusted source. Your trusted source may have been hacked and you are being targeted through a technique called spear phishing where you receive a communication that appears to come from someone you trust and is addressed to you personally. Never click on any link or download an attachment until you have confirmed that it is legitimate. It is also important to install and maintain up to date anti-virus software and anti-malware software on all of your electronic devices including your mobile devices. Too many people fail to protect their smartphones even though they use them so much and store important information on them.
Hardly a day goes by that I don’t receive a number of email scams and I am sure you are receiving the same or similar ones. Today’s scam of the day comes from an email that came with the message line “Wire Payment Transfer Confirmation.” Here is a copy of the email:
"I am glad we were able to resolve the issue with the payment. I have attached
the confirmation slip from the completed wire of $13,700 into your designated
account. Please view the slip attached and get back to me ASAP.
Attached to the email was what was indicated to be a confirmation slip from a wire transfer. Curiosity killed the cat and it can also infect your computer. Scams like this appeal to your curiosity. Don’t give in because if you download the attachment all you will succeed in doing is downloading keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft.
Never click on links in email or download attachments unless you are absolutely positive that they are legitimate. I have never done business with someone named Weber Green so why would I download an attachment from him? Even if an email appears to be legitimate, you should always confirm that it is real before ever considering downloading an attachment or clicking on a link. Also, make sure that you have up to date anti-virus and anti-malware software on your computer and other electronic devices.