Posts Tagged: ‘keystroke logging malware’

Scam of the day – October 7, 2016 – Kim Kardashian robbery leads to 2,400% increase in scams

October 7, 2016 Posted by Steven Weisman, Esq.

It was only four days ago that I warned you about scams linked to popular celebrities listed in security software company McAfee’s list of the ten most dangerous celebrities on the Internet.  These are people whose popularity is exploited by identity thieves and hackers who lure unsuspecting people through links in emails, social media and text messages relating to these celebrities to malware filled websites where they unknowingly download ransomware or keystroke logging malware that enables the identity thieves to steal all of the personal information from the victim’s computer, laptop, smartphone or other electronic device and use that information to make the person a victim of identity theft.  Whenever something or someone is of great interest to the public, scammers promptly capitalize on that interest to lure people into falling prey to online scams that promise to provide photos or information about the person or event and so it has been with the ten million dollar Paris jewel robbery of Kim Kardashian.  According to security software company, Norton, online scams related to Kim Kardashian increased by a startling 2,400% in just the first twenty-four hours following the robbery.  Emails, text messages and social media posting promising news about the robbery have been used to lure people into clicking on malware infested links. As an indication of the wide popularity of Kim Kardashian, these scams are appearing in English, French and German.

TIPS

Never click on links or download attachments unless you are absolutely sure that they are legitimate.  Merely because it appears that a friend is passing them on to you does not make them legitimate.  Your friend’s email or smartphone could have been hacked or your friend could unwittingly be passing on malware.  As for celebrity news, you should have a healthy mistrust of websites with which you are not entirely familiar.  If the information promised is legitimate, it will be able to be found in trustworthy news websites.  Finally make sure that you keep all of your electronic devices secure with anti-malware and anti-virus software and keep your security software current with the latest security patches.

Scam of the day – October 3, 2016 – Latest edition of most dangerous celebrities on the Internet

October 3, 2016 Posted by Steven Weisman, Esq.

Each year, computer security company, McAfee releases a list of the most dangerous celebrities on the Internet.  These are people whose popularity is exploited by identity thieves and hackers who lure unsuspecting people through links in emails, social media and text messages relating to these celebrities to malware filled websites where they unknowingly download ransomware or keystroke logging malware that enables the identity thieves to steal all of the personal information from the victim’s computer, laptop, smartphone or other electronic device and use that information to make the person a victim of identity theft.  This year comedian Amy Schumer tops the list followed by Justin Bieber, Carson Daly, Will Smith, Rihanna, Miley Cyrus, Chris Hardwick, Daniel Tosh, Selena Gomez and Kesha.

TIPS

It is important to remember that merely because a website turns up high on a Google search does not mean that it is legitimate.  Google doesn’t check out websites for legitimacy in ranking sites.  The ranking is done by secret algorithms that some identity thieves are adept at manipulating.  Also, as I constantly warn you, never click on links or download attachments unless you are absolutely sure that they are legitimate.  Merely because it appears that a friend is passing them on to you does not make them legitimate.  As for celebrity videos and photos, you should have a healthy mistrust of websites with which you are not entirely familiar.  For gossip, www.tmz.com is a good place to go.  They always have the latest gossip and they are legitimate.  Finally make sure that you keep all of your electronic devices secure with anti-malware and anti-virus software and keep your security software current with the latest security patches.

Scam of the day – September 30, 2016 – New Chase Bank phishing email

September 30, 2016 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or  trick you into providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank. It comes with the heading, “Chase Bank detected suspicious activity.”  DO NOT CLICK ON THE LINK.  Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is not particularly convincing. The email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.  Also, the word “now” is incorrectly capitalized.  No logo for Chase Bank appears anywhere in the email and,  most telling, the email is not directed to you by name and does not contain your account number in the email.

Confirm Transaction

Your online account has been suspended (Reason: the violation of terms of service).
Update and Restore your online account Now
Log On
Thank you for using Chase Bank.
Member FDIC © 2016 Chase Bank Financial Corporation. All Rights reserved.

 
TIPS

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would specifically direct the email to you by your name.  This email has no salutation whatsoever.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to purchase phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

Scam of the day – September 10, 2016 – A new Chase phishing email

September 10, 2016 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank.  DO NOT CLICK ON THE LINK.  Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is pretty good.  It looks legitimate.  However, the email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.   The grammar and spelling is good, but a minor flaw is the inconsistent capitalization in the phrase, “All Rights reserved.” Also, as so often is the case, the email is not directed to you by name and does not contain your account number in the email.  It carries a legitimate looking Chase logo, but that is easy to counterfeit.

Chase logo

Chase Bank Online® Department Notice:

Your online account has been suspended (Reason: the violation of terms of service).
Update and Restore your online account Now
Log On
Thank you for using Chase Bank.
Member FDIC © 2016 Chase Bank Financial Corporation. All Rights reserved.
TIPS

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would specifically direct the email to you by your name.  This email has no salutation whatsoever.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

Scam of the day – July 16, 2016 – Google warning Gmail users about foreign hackers

July 16, 2016 Posted by Steven Weisman, Esq.

State sponsored hacking from countries such as China, North Korea and Russia pose a threat to everyone, but Google, which has for years been monitoring hacking attempts by foreign governments, is notifying Gmail customers when Google has reason to believe that their Gmail accounts are being targeted.  If Google finds that you have been targeted you will receive the following message that takes up your entire screen warning you of the danger and urging you to use the more security dual factor authentication.  In its warning, Google indicates that less than 0.1% of all Gmail accounts are targeted, however, it is important to note that this percentage translates into more than a million people who are in jeopardy.

Screen Shot 2016-04-01 at 3.52.40 PM

TIPS

As I have suggested many times, whenever you have the opportunity to use dual factor authentication, it is a wise choice to make because even if someone manages to steal your password or even trick you into providing it, as was the case with Jennifer Lawrence when she was convinced by a phishing email to provide her password to a cybercriminal who used it to access nude photos of her that she stored in the cloud, the hacker will not be able to access your email or other account because a special code provided to you through your cell phone is required whenever you wish to gain access to your account.

Finally, as I so often say, even paranoids have enemies so I urge you to err on the side of caution if you receive this type of notice and not necessarily trust it.  It could be a phishing communication from a cybercriminal luring you into clicking on a link which will either get you to provide personal information that can be used to make you a victim of identity theft or will download keystroke logging malware or ransomware.  The best course of action would be to merely go to Google directly from your browser without clicking on the link contained in the notification.  Here is a link you can trust that will take you to instructions for enabling dual factor authentication for Gmail  https://support.google.com/accounts/answer/185839?hl=en

Scam of the day – July 5, 2016 – Wegmans Facebook scam

July 5, 2016 Posted by Steven Weisman, Esq.

Wegmans, the popular supermarket chain is warning people about a scam involving phony Facebook postings that appear to be from Wegmans containing the company logo (which is easy to copy) and promising a free $100 voucher as a way to celebrate Wegmans 100th anniversary.  Phony coupon scams, which turn up regularly on Facebook,  often require you to provide information in order to claim your coupon. Unfortunately, this information, which may include your credit card number or Social Security number, will be used to make you a victim of identity theft.  Even worse, however, is what happens when merely by clicking on the link to claim your coupon you unwittingly download keystroke logging malware software that harvests all of your computer’s information and makes you a victim of identity theft.

TIP

As always, if the offer looks too good to be true, it probably is, so a bit of skepticism is in order.  In this particular case, offering free $100 vouchers to every customer definitely is too good to be true.  If you are routed to a survey, don’t take it and make sure that you do not enter personal information that could lead to your identity being stolen.  Also, a bit of prevention is worth a pound of cure, so make sure that your computer security software is up to date.  Finally, the best course is to never click on links promising coupons unless you are absolutely sure that the coupon is legitimate.  Instead, merely go to the real website of the real company and if there are coupons to be had, you will find them there.

Scam of the day – June 17, 2016 – Scams springing up following the Orlando nightclub shootings

June 17, 2016 Posted by Steven Weisman, Esq.

Today’s Scam of the day, unfortunately is very much a repeat of warnings I have had to make after tragedies such as the school shootings at the Sandy Hill Elementary School in Newtown, Connecticut. Today,’s warning, of course, relates to the tragic shootings of innocent people at an Orlando nightclub this past week.  Scammers and identity thieves will be preying upon both our best and worst instincts in response to this tragedy.  People seeking videos and photographs of the event may find themselves clicking on links that purport to provide you with such material, but may only end up downloading keystroke logging malware that will steal all of the information from the computers of these curious people who will find themselves becoming victims of identity theft.

Another group of scams stemming from the murders will be the pleas for charitable contributions for the victims and their families.  You should always be wary when anyone asks you for a charitable donation, but particularly when a charitable solicitation quickly follows an emotional event such as the killings in Orlando.  You will want to make sure that you are giving to legitimate charities that will use your contribution wisely rather than giving your money to a scammer or a “legitimate” charity that misuses your donations by paying its administrator inordinately large salaries.  It is important to know the difference between a legitimate charity and a phony one.

TIP

Whenever you are contacted by a charity whether by text, phone, email or otherwise, you can never be sure that the person contacting you legitimately represents the charity or that the charity itself is legitimate.  If you are charitably inclined, you should not respond directly to the person or entity soliciting you, but rather first, confirm that the charity itself is legitimate.  Many phony charities have similar names to legitimate charities. You should always check out the legitimacy of the charity first before considering making a contribution.  A good place to find out if a charity is legitimate or merely has a name that sounds legitimate is www.charitynavigator.org.  This website also will provide you with information as to how much of the charity’s collected donations actually are applied to its charitable works and how much goes to administrative fees and salaries.  As a general rule of thumb if a charity spends more than 25% of its donations on salaries and administrative costs, you may wish to contribute to another charity.

As for looking for videos and other “inside” information about the Orlando shootings,  many of the sources for that “exclusive” information will be infected with malware that will attack your computer and lead to your becoming a victim of identity theft.  So first and foremost, it is important to have good firewalls and security software installed and kept up to date on all of your electronic devices including your computers, smart phones, iPads and other portable devices that you use.  Many people may think to protect their home computers, but fail to protect their portable devices even though they may use these devices as much and even more than their home computers.  Second, you should not click on any link unless you are sure that it is legitimate and even if the link is contained in what appears to be a text message or social media posting of a friend, you can’t be sure that your friend has not had his or her account hacked into by an identity thief in order to make you more trusting than you should be of the message being sent.  Additionally, even if you receive a text, email or social media posting that actually is from a friend of yours, it may merely be passing on to you a tainted link that your friend does not realize they are helping to spread after receiving it themselves from a source that they should not have trusted.  Frankly, the safest course of action is not to click on any links from anyone that try to appeal to your curiosity about major public events such as this, but rather limit your search for information to legitimate news websites that you can be confident are not likely to contain tainted or provide  inaccurate information.  As for those people who lust after disturbing videos and photographs that they think they will only be able to access from “special” sources, those special sources are usually phony as are the videos and photographs that they provide, however, the malware that you get from them is very real and dangerous.

Scam of the day – May 31, 2016 – New WhatsApp scam

May 30, 2016 Posted by Steven Weisman, Esq.

WhatsApp is a mobile messaging app for your smartphone that allows you to send text messages, photographs, videos and audio.  With more than a billion people using WhatsApp, it is not surprising that it has become attractive to scammers seeking to use its popularity to lure people into becoming scam victims.   I have reported to you for years about the various scams targeting WhatsApp users.    The most recent WhatsApp scam starts with a message that purports to be from WhatsApp offering an upgrade to a golden version of WhatsApp that it says will let you  make video calls, send up to a hundred pictures at one time and delete messages after you have sent them.   However, there is no golden version of WhatsApp and if you click on the link to upgrade your WhatsApp subscription you will end up downloading keystroke logging malware that can steal the information from your smartphone to be used to make you a victim of identity theft.

TIPS

Never click on a link in an email or text message until you have independently confirmed that it is legitimate.  The risk of downloading malware is too great.  Even if your computer or other electronic device is protected with anti-virus and anti-malware security software, the best security software is always at least thirty days behind the latest malware.  Trust me, you can’t trust anyone when it comes to clicking on links.  Even if the link is contained in a communication that appears to come from a person or company you trust, you should always verify that it is legitimate before clicking on the link.

Scam of the day – May 2, 2016 – Another new USAA phishing scam

May 2, 2016 Posted by Steven Weisman, Esq.

Yet another phishing email is turning up purporting  to be from USAA, the insurer of millions of members of the military as well as many veterans, telling you that you need to click on links in the email in order to resolve security issues.  Like many phishing emails,this one tries to convince you into thinking you must click on a link and provide personal information or suffer dire consequences when the truth is that if you click on the link or provide personal information, you will become a victim of identity theft as the criminal will use the information you provide to make you a victim of identity theft.  Alternatively, merely by clicking on the link provided in the email, you may download keystroke logging malware that will enable the identity thief to steal all of the information in your computer, laptop or other device and use that information to make you a victim of identity theft.  Here is a copy of the newest phishing email that is presently circulating.  DO NOT CLICK ON THE CONTINUE BUTTON.  As phishing emails go, the graphics are pretty impressive, however there are several grammatical errors including the word “temporal” being used instead of “temporary”.  It also  should be noted that the email is directed to “Dear Valued Customer” rather than your name and no account number is provided.  These are further indications that this is a scam.  Finally, this email was sent by an email address that had nothing to do with USAA, but was undoubtedly part of a botnet of computers using email addresses of hacked email accounts to send out the phishing email.

TIPS

Frankly, whenever you get an email, you can never be sure who is really sending it to you.  Obviously if you receive this email and you do not have an account with USAA, you know it is a scam, however, if you receive something like this that appears to come from a company with which you do business, you should still not click on any links contained in the email unless you have independently confirmed with the company that the email is legitimate.  Remember, even paranoids have enemies.