Posts Tagged: ‘botnet’

Scam of the day – May 13, 2015 – What to do if your email is hacked

May 13, 2015 Posted by Steven Weisman, Esq.

Yesterday I told you about a scam which starts when you receive an email that appears to come from one of your friends, but in actuality is coming from a scammer who has hacked into your friend’s email account is sending out messages that appear to come from your friend touting a product.  We have all received these emails and hopefully, you just immediately delete them after informing your friend that his or her email account has been hacked and scam emails are being sent to everyone on his or her email address list.

But what do you do if you are the person whose email has been hacked?

TIPS

1. Change your password on your email account. If you use the same password for other accounts, you should change those as well.
2. Change your security question. I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Report the hacking to your email provider.
4. Contact the people on your email list and tell them you have been hacked and not to click on links in emails that appear to come from you. 5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program. This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
6. Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
7. Get a free copy of your credit report. You can get your free credit reports from www.annualcreditreport.com. Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.
7. Consider putting a credit freeze on your credit report. You can find information about credit freezes here on Scamicide.com

Scam of the day – May 12, 2015 – FTC halts weight loss scam

May 11, 2015 Posted by Steven Weisman, Esq.

How could Oprah ever steer you wrong?  A company, Sale Slash, which sells phony weight loss products such as Premium Green Coffee, Pure Garcinia Cambogia, Premium White Kidney Bean Extract, Pure Forskolin Extract and Pure Caralluma Fimbriata Extracts thought so too which is why they would send spam emails, often from hacked email accounts of your friends who were made part of a botnet of computers sending out emails appearing to come from friends with messages, such as “hi, Oprah says it’s excellent.”  The message would also have links to phony news sites with videos of phony celebrity endorsements.  Obviously, neither Oprah Winfrey nor your friend whose email was hacked are endorsing these phony weight loss products.  Now the Federal Trade Commission (FTC), has obtained a court order halting the actions of Sale Slash and other affiliated companies as well as freezing their assets.

TIPS

The truth is that there are no quick fixes when it comes to weight loss and you should be wary of any product that promises you can lose tremendous amounts of weight quickly without dieting or exercise.  You should also be wary of any weight loss product that is sold exclusively either over the Internet or through mail-order advertisements.  It is also important to remember that no cream that you rub in your skin can help you lose substantial weight and no product can block the absorption of fat or calories.  The best course of action when considering a weight loss product is to ask your physician about the effectiveness of a particular weight loss product or program before you reduce your wallet in an effort to reduce your waistline.

Scam of the day – March 2, 2015 – IRS phishing email

March 2, 2015 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes, as many others do, from my own email.  It is a phishing email currently being sent to people purporting to be from the IRS that attempts to lure people who receive the email into clicking on links in the emails in order to update their income tax information.  Unfortunately, when you click on the link one of two things will happen and both of them are bad.  In some instances, you will be prompted to provide personal information that will be used to make you a victim of identity theft.  In other instances, by clicking on the link, you will download keystroke logging malware that will steal information from your computer or other electronic device and use it to make you a victim of identity theft.

TIPS

The first indication that this is a phishing email is that although it purports to have been sent by the IRS, the email address from which it was sent is not that of the IRS.  Most likely the email address indicated is that of an innocent person whose email has been hacked into and taken over by an identity thief and made a part of a network of zombie computers used to send out such phishing emails.  This network is called a botnet.  In addition, the email asks you to validate your electronic filing status, which the IRS will never ask you to do.  If you need to get an Electronic Filing PIN in order to file your tax return electronically with the IRS, you will need to go to http://www.irs.gov/Individuals/Electronic-Filing-PIN-Request where you will be prompted to provide information to verify your identity before receiving a PIN.  In regard to the Form 1098 T that this phishing email describes, that is a form that educational institutions file with the government in regard to reimbursements or refunds of qualified tuition and related expenses.  The IRS would not be providing that form to you.

The most important thing to remember is that the IRS will never initiate contact with you on any matter by an email or text message so whenever you get one that purports to be from the IRS, you should just delete it.  If you have the slightest thought that any such communication is legitimate, you should merely contact the IRS directly to inquire about it.

Scam of the day – January 20, 2015 – Apple phishing scam

January 20, 2015 Posted by Steven Weisman, Esq.

I receive the same phishing emails that you do and so when I do get one, I like to pass on a warning to everyone.  Today’s scam email came with “Please confirm your identity” on the subject line.  The email purported to be from Apple and, like all phishing emails, its goal was to lure the victim into either directly providing personal information or to get the potential victim to click on a link in the email that will download keystroke logging malware that would enable the identity thief to steal personal information from the victim’s computer or other electronic device.  Unlike many other phishing emails which are easy to spot because the email address from which it is sent carries the email address of an unwary computer user whose email account has been hacked and used as a part of a botnet to send out these phishing emails, this one came from a legitimate appearing email address of “online@Apple.com.”  However, as you can see from the email, which is reproduced below, the email itself hardly reads as a legitimate communication from Apple nor did it contain any logo or appear official.  If I had clicked on the link where it indicates “Verify Now” I would have either been prompted to provide personal information that would be used to make me a victim of identity theft or, as I indicated earlier, I would have downloaded keystroke logging malware that would steal that and other information from my computer and use it to make me a victim of identity theft.  Here is a copy of what I received.  DO NOT CLICK ON THE LINK.

“The following information for your Apple ID was updated on

Shipping and/or billing address

Please confirm your identity today or your account will be Disabled

due to concerns we have for the safety and integrity of the Apple Community.

To confirm your identity, we recommend that you go to:

Verify Now >”

TIPS

Because you can never be sure when you receive an email that asks for personal information or requires you to click on a link for whatever reason that the email is legitimate, the only course of action to follow is to not click on the link or provide any information in direct response to the email.  In this case, it was obvious that this email was a scam so I just ignored it.  If, however, you have any thought that the email might be legitimate, you should merely go directly to the real website of the company or person sending you the email or call them on the phone at a number that you know is legitimate to confirm whether or not the email is legitimate.

Scam of the day – August 26, 2014 – Sony PlayStation Network hacked

August 26, 2014 Posted by Steven Weisman, Esq.

Over the past weekend, Sony’s PlayStation Network was hacked and taken offline by a group of hackers identified as Lizard Squad.  The PlayStation Network is used by 53 million gamers around the world to play games with other people in a virtual environment.  The PlayStation Network was brought down by a simple, but still effective tactic called a distributed denial of service attack (DDOS) by which  hackers utilize a botnet to overwhelm and clog the network with artificially high traffic.  A botnet, as you may remember is brought about when hackers infiltrate the computers of unwary users and take over those computers, using them to send malware, spam or other harmful material.  Often the people whose computers are part of this botnet of what is often called zombie computers are not even aware that their computers are being used for these purposes.  In this case, all that Sony suffered was a minor embarrassment, however in 2011 the PlayStation Network was hacked and the personal information including credit card information of 77 million people was stolen.

TIPS

Although this particular hacking of Sony did not result in the personal information of any users of the Sony PlayStation Network being compromised, the security of Sony and the other online gaming network companies remains vulnerable.  It is for this reason that you should limit, as much as possible the personal information that you provide these companies to protect yourself in the event of a data breach.  Also, do not leave your credit card number on file with any company as a convenience.  Provide the number anew each time you use it online at any company so that it is not stored by the company and vulnerable to a data breach.  Also, as I constantly remind you, never use your debit card for any retail purchases.  Limit its use to ATMs.

Scam of the day – June 4, 2014 – Justice Department halts massive hacking scheme

June 4, 2014 Posted by Steven Weisman, Esq.

Earlier this week, the Department of Justice revealed that it had broken a massive hacking scheme and taken over the computer servers that spread two major types of malware about which I have warned you previously.   The two types of malware are GameOverZeus and Cryptolocker.  GameOverZeus steals banking information from victims’ computer which the hackers then used to empty their victims’ bank accounts.  Cryptolocker is a particularly insidious type of malware that when installed on the victim’s computer encrypts all of the data contained on the computer.  After the encryption was accomplished, the criminals then notified the victim that their data would be destroyed unless a ransom payment was made.  This type of malware, has, appropriately been deemed ransomware.  Law enforcement officials estimate that as much as 100 million dollars was stolen by the gang operating these malware programs through a botnet.  Members of the gang included Russians, Ukrainians and British criminals.  Through the joint efforts of the FBI and law enforcement agencies in ten other countries, the computer servers of the hackers were seized and the alleged ringleader of the group, Russian Evgeniy Bogachev was indicted.  American authorities are in contact with Russian authorities to have Bogachev extradited to the United States for trial.

TIPS

This story is important for many reasons.  Certainly is not only good to see law enforcement cracking criminal hacking crimes, but also seeing international cooperation in the law enforcement effort.  However, ultimately, law enforcement is not going to be able to prevent you from becoming a victim of hackers seeking to steal from you through the use of malware such as GameOverZeus and Cryptolocker.  Instead the burden of protecting you from these attacks falls on all of us individually.  In all cases, these malware programs ultimately found their way to their victims’ computers when the victims invited them in by clicking on tainted links in emails or downloaded tainted attachments from phishing emails.  The first line of defense is not to ever click on emails or download attachments unless you are absolutely sure that they are legitimate.  You should also make sure that you have constantly updated anti-virus software and anti-malware software on all of your electronic devices.

The United States Department of Homeland Security has  issued a warning about the GameOverZeus malware that contains links to a number of effective anti-malware programs that can help protect your computer and other electronic devices from infection and remove the infection if it occurs.  Here is a link to that warning which, in turn, contains a link to the anti-malware software programs: https://www.us-cert.gov/ncas/alerts/TA14-150A

Scam of the day – May 31, 2014 – AOL customer support scam

May 31, 2014 Posted by Steven Weisman, Esq.

Millions of people still use AOL and so scammers and identity thieves will often send out phishing emails that appear to come from AOL, such as the one reproduced below.  The logo and format of this particular email that is presently circulating is a good counterfeit, however, the repeated faulty grammar is a strong indication that this is a scam.  Like many similar scams, this one works by luring you into clicking on a link in the email in order to resolve an emergency.  However, if you click on the link, one of two things will happen.  You either will be prompted to provide information that will be used to make you a victim of identity theft or by clicking on the link you will unwittingly download a keystroke logging malware program that will steal all of the information from your computer and use it to make you a victim of identity theft.  This particular email appears to be signed by Bud Rosenthal, who actually is an AOL officer, however, the email address from which it is sent is that of a student at a university whose email has been hijacked and made a part of a botnet of zombie computers used to send out the scam emails.  Here is how the email appears.  DO NOT CLICK ON THE LINK:

 

 

AOL
Due to the recent signed in of your Account from an unknown location, you are advice toClick here to confirm the validity of your  AOL® Online Account.Thanks once again for choosing our service.

Bud Rosenthal
Bud Rosenthal, AOL Membership Group CEO

Privacy Policy | Customer Support
©2014 AOL, Inc. All Rights Reserved.

 TIPS

There are numerous reasons not to trust this email.  The email address from which it was sent has no relation to AOL.  It is not addressed to you personally.  It contains faulty grammar.  It is an obvious phishing email and its only purpose is to lure you into either providing personal information or downloading malware.  As I have warned you many times, never click on links or download attachments unless you are absolutely sure that the email is legitimate.  In this case, if you even had a slight thought that it might be legitimate, all you would have to do is to call the real AOL to learn that this was a phishing scam.

Scam of the day – March 14, 2014 – New Citibank email scam

March 14, 2014 Posted by Steven Weisman, Esq.

Today’s Scam of the day comes from my own email.  Citibank is a popular bank with more than 200 million customers throughout the world, therefore identity thieves can feel pretty confident that when they send out an email blast that many of the people receiving the email will, in fact, be Citibank customers.  This particular scam email follows a familiar pattern.   It presents what would be a reasonable reason for responding by clicking on the link; in this case it is to add security features to your account to help prevent the very types of identity theft that this scam is actually attempting to perpetrate.  It looks pretty official and the message doesn’t even have grammatical or spelling errors.  However it is a total scam.  If you click on the link in these types of scams one of two things will happen.  Either you will be sent to a phony but official looking website where you will be prompted to provide personal information that will end up being used to make you a victim of identity theft or merely by clicking on the link, you will download keystroke logging malware programs that will steal the information from your computer or other device and use that information to make you a victim of identity theft.  This identity theft tactic is called phishing.

Here is the email that I received.  DO NOT CLICK ON THE LINK.

“Dear Esteemed Customer,
We have added extra security to your Citi account to prevent identity   theft on your account.To secure your Citi account, click the link below:
http://cstr-grasses.erdi.or.th/Myaccount_Citibank_login
Note: You need to login using your email address and password to access   before you can access the secured Citi network.
Best regards,   Citi Customer Service”

TIPS

Regardless of how official an email or a text message may appear, you should never click on any links or download any attachments unless you are absolutely sure that it is legitimate.  In the case of this particular email, it was sent from an address that was not an email address of Citibank which was a sure indication that it was a scam.  Rather, it was sent from a computer address hacked into a botnet of compromised computers so that the identity thieves can send out phony emails that are difficult to trace back to the criminals.  However, even an email originating from a legitimate looking email address, can be merely a phony email.  In this particular case, if you have any thought that it might be legitimate, you should call or email Citibank at a telephone number or email address that you know is legitimate to confirm that it is a scam.  Also, make sure that you keep your anti-malware and anti-virus software up to date on all of your electronic devices.