Posts Tagged: ‘botnet’

Scam of the day – May 10, 2013 – Hackers attack on banks and credit unions fails – this time

May 10, 2013 Posted by Steven Weisman, Esq.

The hacking group Anonymous had reportedly targeted 130 banks and credit unions for a disruptive Distributed Denial of Service  (DDoS) attack on Tuesday, May 7th, but the attack failed to substantially materialize.  In a DDoS attack, large numbers of computers, remotely controlled by hackers as a BotNet, flood the websites of particular businesses or governmental agencies and shut them down because the websites are unable to handle the huge number of hits on the website.  Tuesday’s attack pretty much failed to materialize.  Although approximately 600 sites were shut down, few of these were inside the United States and if such an attack was indeed made against American governmental agencies, banks and credit unions, the attack was successfully defended.  But this is not to say that business and government have found a way to stop hacking into their computers.  In fact, the attack may not have occurred at all.  It may have merely been a subterfuge to see what the response would be by governmental agencies and businesses.  Additionally, although DDoS attacks are a nuisance, they are rarely more than that, however, larger more insidious attacks may occur while efforts are being focused against repelling the DDoS attack.

TIPS

Large and small businesses are and will continue to be targets for hackers.  If you operate such a business you must take necessary security steps to protect your business from hackers.  As for we, the public, we should do what we can to protect ourselves.  Limit the information available about you at companies with which you do business so if they are hacked, you are not in danger of having your personal information used to make you a victim of identity theft.  Also make sure that you have backup records for all financial dealings and accounts that you have with companies with which you do business so that if an attack either accesses your account or deletes data, you have records that show what you have.  For more information about how to protect yourself, I urge you to consider purchasing my book “50 Ways to Protect Your Identity in a Digital Age” which you can get from Amazon at a reduced price merely by clicking on the link of the book on the right hand side of the front page of Scamicide.

Read full article |Leave a comment
Tags: , , , , ,
Categories: Site Related

Scam of the day – May 1, 2013 – Denial of Service attacks

May 1, 2013 Posted by Steven Weisman, Esq.

Distributed Denial of Service (DDos) is the name for a tactic that has increasingly been used by hackers against major financial institutions.  Most recently, online broker Charles Schwab & Co. was disabled and inaccessible by its customers for more than an hour because of such an attack.  Earlier in April, American Express and Wells Fargo were victims of such an attack and, in a major attack a few months ago, the websites of JP Morgan Chase, Bank of America, Citibank and Sun Trust all were temporarily shut down due to a DDoS attack.  A DDos attack is accomplished when a website is flooded with nuisance requests from tens of thousands of computers all being controlled by a single controlling computer.  This network of computer is called a BotNet.  Regular readers of Scamicide are familiar with the term BotNet which has also been called Zombie computers and refers to a network of infected computers that are infected by hackers and then controlled by the hackers to send out their viruses and other malware.  The attacked websites are not able to handle the huge volume of computer hits, which results in the affected website being closed down.  It is thought that many, if not all of these recent DDoS attacks have originated from the same hackers in Eastern Europe and there is concern that this is just the beginning of major computer attacks against American financial institutions.

TIPS

So what does this mean to you?  Although both the government and the private sector are working hard to defend DDoS attacks and, in fact, are making progress in doing so,it can be expected that these and even more sophisticated attacks will be coming against our financial institutions including banks and brokerage houses in which you have money and investments.  You can’t just put your head in the sand, but you can prepare yourself for such attacks.  Make sure that you have backup records of your financial accounts on computer discs rather than just on your hard drive which can be accessed or even destroyed by hackers.  You also can use USB  flash drives and external hard drives.  You can also store information in the cloud, but that brings a range of different security issues.  You also may wish to keep readily accessible paper records of your accounts, but make sure that you keep them secure in your home.  Even friends and family members have been known to steal such documents for identity theft purposes.  Finally, you may wish to inquire of all companies with which you do business as to how they maintain both the security of their records from attack and their online presence.

Read full article |Leave a comment
Tags: , , , , , , , , , , , , , ,
Categories: Site Related

Scam of the day – March 15, 2013 – Important Adobe Flash Player Updates

March 14, 2013 Posted by Steven Weisman, Esq.

Adobe, which makes the flash Player used by many of us on our computers and portable devices has just issued new security updates to correct vulnerabilities that could be exploited by hackers to install malware on your computer or portable device that would enable the hacker to steal all of the information from your computer as well as control your computer and make it part of a botnet, a network of computers taken over by hackers that use your computer to spread malware.  It is important to install these latest software security updates as soon as possible.  As I have often said, hackers are constantly working to detect and exploit security flaws in the software we use.  Software developers are working just as hard to plug up vulnerabilities as they are discovered.  Therefore it is critical to your personal security to install updates as soon as they are available.

TIPS

Here is a link to the security bulletin of Adobe which will provide you with all the assistance you need to download the proper security update for your particular computer or portable device.

http://www.adobe.com/support/security/bulletins/apsb13-09.html

Read full article |Leave a comment
Tags: , , , , ,
Categories: Site Related

Scam of the day – February 7, 2013 – Bamital botnet

February 7, 2013 Posted by Steven Weisman, Esq.

Yesterday, Microsoft announced that in a joint effort with federal authorities it had stopped a botnet affecting more than 300,000 computers around the world.  As regular readers of this blog know, a botnet is a network of computers remotely operated by hackers.  After infecting the computers with malware that often is unwittingly downloaded by the computer user through clicking on infected links or tainted attachments, the hackers creating the botnet use the infected computers to spread their malware for purposes of identity theft or other scams while setting up a barrier to their being discovered.  This particular botnet which appears to have come from Eastern Europe, as many botnets do, has been called the Bamital botnet.  Those computers infected by the botnet were temporarily shut down from being able to use the Internet.

TIPS

If your computer was part of the Bamital botnet, you would have been temporarily unable to search the Internet.  Then you would be directed to a website that would provide you with instruction as to how to clear your computer of offending malware so that you could again use the Internet safely.  Care should always be taken when clicking on links or downloading attachments to avoid becoming part of a botnet or to avoid downloading malware such as keystroke logging programs targeting your computer that can steal the information from your computer and make you a victm of identity theft.  A sign that your computer may be infected is that it is unusually slow or you receive emails that respond to emails that you did not send.  My recommendation if you find that you were a victim of this botnet or any botnet is to have a professional clear your computer of offending malware rather than do it yourself unless you are a sophisticated computer user.

Read full article |Leave a comment
Tags: , , , , ,
Categories: Site Related

Scam of the day – January 5, 2013 – Email hacking

January 5, 2013 Posted by Steven Weisman, Esq.

Today’s scam of the day is prompted by a friend of mine having her email account hacked into.  In her particular situation, it was not as bad as it could have been.  It was hacked into and then used as a part of a botnet to send out relatively harmless advertising spam.  However, hacked email accounts can also subject you to more sinister problems such as identity theft as when your computer becomes infected with a keystroke logging malware program that can steal all of the information from your computer.  For many people the first sign that their email account has been hacked is when friends start calling or emailing telling you that they have received a suspicious email that appears to come from you.

TIPS

The first thing you should do is make sure that your Firewall and security software are current and operative.  You should not take any further steps until you are sure that your computer is secure and that is not infected with a keystroke logging malware program because if it is, you are merely continuing to communicate with your hacker.  Send out an immediate blast email to everyone on your email list to let them know that your email account has been hacked and that despite what they might have been told in an email that appeared to come from you, you are not marooned in London and in need of cash.  That needy traveler scam is one that hacked email accounts are often used for.  Using a clean computer, log into your email account and make sure that your settings have not been changed such as where your email is being forwarded to another email address.  If any of your settings have been changed, delete those changes and put your own settings back into effect.  Set new a new password for your email account and make sure it is a secure one.  You can find more detailed information about this in my book “50 Ways to Protect Your Identity in a Digital Age.”  Finally, do a little soul searching.  Most likely, you invited the hacker in by clicking on a tainted link or downloading tainted material.  Remember my motto, “trust me, you can’t trust anyone.”  You should never download material or click on a link unless you are absolutely positive it is legitimate and not infected.  Merely because something appears to come from a friend does not mean it is legitimate.  After all, your friends are receiving links in emails that appear to be from you because your account was hacked.

Read full article |Leave a comment
Tags: , , , , , ,
Categories: Site Related

Scam of the day – December 29, 2012 – Arrests in Facebook scam

December 29, 2012 Posted by Steven Weisman, Esq.

Earlier this month in a concerted effort by law enforcement throughout the world, ten people were arrested in Boznia, Herzegovina, Croatia, Macedonia, New Zealand, Peru, the UK and the United States in regard to a scam that targeted Facebook users through a botnet called the Buttefly Botnet.  This particular type of botnet had already been used to successfully infect half of the Fortune 500 companies.  According to the United States Justice Department, the Buttefly Botnet infected eleven million computers and resulted in losses of 850 millino dollars already.  The way the Butterfly botnet worked was by hijacking the accounts of Facebook users which would then be used to post messages and links that would appear to come from the accounts of friends, but in reality would be links that, when clicked on, downloaded malware such as keystroke logging malware that would steal all of the information from the infected computer causing the computer owner to become a victim of identity theft.

TIPS

As I have been advising you for a long time (unless you are new to this website/blog, in which case you now know how important it is to read this website/blog each day to stay informed about the latest in protecting yourself from scams and identity theft schemes) never trust any email or Facebook posting that contains a link or an attachment unless you have independently verified that the email or Facebook posting is not from your someone you know and not part of a botnet.  Additionally, you should not even trust such a link or attachment even if it comes from someone you know because they may unwittingly be passing on a tainted attachment or link.  Always find out the source of any attachment or link and confirm that it is legitimate.

Read full article |Leave a comment
Tags: , , , , , , , , , ,
Categories: Site Related

Scam of the day – December 16, 2012 – Republic of Benin email scam

December 16, 2012 Posted by Steven Weisman, Esq.

Many of you may never have even heard of the Republic of Benin which is an African country that has been the subject matter of many recent scams, such as found in the email below which I recently received.  Apparently the scammers believe that if you receive an email from Nigeria, you will be skeptical, but if you receive one from Benin, you will be overcome with joy at your good luck.  In any event, the email below is an exact copy of one that I received earlier this week.  I did not include the email address of the person who sent me the email because the address appeared to be that of a legitimate person whose email account had been hijacked and made a part of a Botnet, which occurs when scammers and identity thieves manage to steal access to your email account in order to send out fraudulent emails in order to cover their tracks.  I urge you to go through the scamicide website/blog to learn more about botnets and what to do if your account has been hijacked and becomes a part of a botnet.  Never respond to emails like the one below because if you respond in any way, all you will succeed in doing is either getting scammed or letting the scammers know that they have a real person with whom to deal.  Either way you are in trouble.  The best thing you can do is delete the email.

Good Day Dear Beneficiary,

 

This is to bring to your notice that after the meeting held by the board ministry of trustee together with the federal ministry of finance Benin republic, your fund has been approved due to the instruction from the president of the federal republic of Benin Dr. Boni Yayi, Mr. president has give the mandate to release all the pending compensation fund that has not been released so far in which you are among of the beneficiary.

 

The compensation fund was awarded earlier January 15th 2009, we discovered that you have been having hard time in the system of receiving the fund but still no luck yet, we also understood that you have made so much down payment to this country Benin republic but you were dealing with the wrong people.

 

Today dated 27th November 2012, your fund is now under the custody of the ministry of finance Benin republic because we want to handle everything financially this time in other to make sure that nobody was scammed and no wrong payment is made, note that we don’t want what happened in the time past to repeat again and that is why we are taking charge of everything concerning your compensation fund.

 

It is my pleasure to tell you that we have to open another new payment file for you and everything will be documented in our office here with the help and instructions from the ministry of finance and the opening of the new payment file with our office profile will cost you the only money you have to spend in this matter in which the amount is $80.00 only.

You are advised to go and send the needed $80.00 through western union with the information below.

Receiver name is Ozemenam Michael Country is Benin republic City is Cotonou Test question is who made you? Answer is God the Father Sender name is required…….. Money transfer control number (mtcn) is needed…….

My best regards,

 

Eze Mathew Finance Minister Benin republic E-Mail;(federalministryoffinance844@yahoo.com) Phone +229 68037949

http://www.google.com.ng/imgres?imgurl=http://www.osgf.gov.ng/Admin/Files/Images/ministry.png&imgrefurl=http://www.osgf.gov.ng/Index.php?p=Ministry&usg=__XSkwXIRaAxcQBAFCRaDrkCwdtIY=&h=233&w=544&sz=2674&hl=en&start=11&zoom=1&tbnid=jEOy79Crcuad4M:&tbnh=57&tbnw=133&ei=oiXLUJnwFJCJhQfu5oCADQ&prev=/search?q=federal+ministry+of+finance+logo&um=1&hl=en&sa=N&tbo=d&biw=1366&bih=624&tbm=isch&um=1&itbs=1http://www.google.com.ng/imgres?imgurl=http://www.osgf.gov.ng/Admin/Files/Images/ministry.png&imgrefurl=http://www.osgf.gov.ng/Index.php?p=Ministry&usg=__XSkwXIRaAxcQBAFCRaDrkCwdtIY=&h=233&w=544&sz=2674&hl=en&start=11&zoom=1&tbnid=jEOy79Crcuad4M:&tbnh=57&tbnw=133&ei=oiXLUJnwFJCJhQfu5oCADQ&prev=/search?q=federal+ministry+of+finance+logo&um=1&hl=en&sa=N&tbo=d&biw=1366&bih=624&tbm=isch&um=1&itbs=1http://www.google.com.ng/imgres?imgurl=http://www.osgf.gov.ng/Admin/Files/Images/ministry.png&imgrefurl=http://www.osgf.gov.ng/Index.php?p=Ministry&usg=__XSkwXIRaAxcQBAFCRaDrkCwdtIY=&h=233&w=544&sz=2674&hl=en&start=11&zoom=1&tbnid=jEOy79Crcuad4M:&tbnh=57&tbnw=133&ei=oiXLUJnwFJCJhQfu5oCADQ&prev=/search?q=federal+ministry+of+finance+logo&um=1&hl=en&sa=N&tbo=d&biw=1366&bih=624&tbm=isch&um=1&itbs=1

 

TIPS

One of the first indications that this is a scam is that the address from which it appears to have come from is that of a person with an email address from somewhere other than the country from which it represents in the email it is coming from.  In the case of this particular email, a Canadian email address was hijacked to send out the phony email.  Bad grammar is rampant throughout the email and is another indication that the email is a scam.  In this particular scam, you might also ask yourself, why would you be possibly receiving money from a compensation fund from a country where you have had absolutely no contact?  Finally, if you need further evidence that it is a scam, merely Google the words “Republic of Benin scam” and see what comes up.  It will astound you.

Read full article |Leave a comment
Tags: , , , , , , , ,
Categories: Site Related

Scam of the day – July 6, 2012 – Extreme botnet internet risk to 277,000 computers

July 6, 2012 Posted by Steven Weisman, Esq.

In November of 2011, the FBI broke up a botnet scam by which seven Eastern European scammers since 2007 had turned more than 500,000 computers worldwide into a botnet of malware infected computers that redirected the victims’ web browsers to sites designated by the scammers that enabled them to earn more than fourteen million dollars in affiliate and referral fees.    The insidious malware used also prevented infected computers from downloading security software that could detect and cure the problem.  When the FBI shut down the operation last November, they took control of the servers used by the scammers and set up temporary servers to permit the infected computers to still have Internet access.  However, come July 9th, those temporary servers will be turned off and if your computer is one of the 277,000 still estimated as being infected, you will lose all Internet service.

TIPS

Fortunately all you need to do is to go to http://www.dns-ok.us/ to determine if you are infected.  You do not need to download any software to determine if your computer is infected and your computer will not be scanned.  If you find that your computer is infected go to http://www.dcwg.org/fix for help in clearing your computer of the malware. Don’t wait until the last minute.

Read full article |Leave a comment
Tags: , , , , , ,
Categories: Site Related