Posts Tagged: ‘Malware’

Scam of the day – October 28, 2016 – Yet another Adobe Flash emergency security patch

October 28, 2016 Posted by Steven Weisman, Esq.

For the sixteenth time in the last twelve months, Adobe has issued new security updates for Adobe Flash software.  I have been warning you for years about flaws in Adobe Flash that have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  According to security company, Symantec 80% of the newly discovered software vulnerabilities which can be exploited by malware created by cybercriminals involved Adobe Flash.

Beginning on October 11th Microsoft began blocking outdated versions of Adobe Flash from running in Internet Explorer on Windows 7.  If you use Windows 8.1, Windows 10 or Windows Server 2012R2, this will not affect you because these systems automatically install Adobe Flash security patches.  In addition, Google has indicated that it will drop support for Adobe Flash in Chrome later this year.

It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.    Adobe Flash has already been proven to be so vulnerable to successful attacks by hackers that installing new security patches as quickly as they are issued is little more than putting a Band-aid on the Titanic if I can mix my metaphors.


Here is the link to the latest Adobe Flash security update which I urge you to download as soon as possible if you wish to continue to use Adobe Flash:

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: while GNU Gnash can be downloaded free at this link:

Scam of the day – October 26, 2016 – How to protect yourself in the Internet of Things

October 25, 2016 Posted by Steven Weisman, Esq.

Distributed Denial of Service (DDoS) attacks against companies that temporarily shut down websites by flooding them with more traffic than they have the capacity to accommodate are nothing new, however, what was unusual about last week’s DDoS against Dyn a prominent Domain Name System (DNS) provider that hosted such popular sites as Amazon, Twitter, Spotify, Netflix and Paypal was that the botnet of hijacked devices used to launch the attack was not made up of hacked computers, but rather was made up of hacked devices such as smart televisions and webcams that make up the Internet of Things which are devices connected to the Internet that one would not generally think of as requiring security.   However, anything that  is connected to the Internet can be hacked and used to become a part of a botnet and therefore requires security precautions.

So what can you do to protect yourself from having your devices hacked and becoming part of a botnet?


Your first line of defense is your router so it is important to change the default password with which your router came.  In addition, each of your Internet of Things devices should have its own distinct password.  Unfortunately, particularly for older devices that are a part of the Internet of Things, security was not built into these devices and they may not even be password enabled. Another helpful device is an Internet hub which is a a device that can control multiple Internet of Things devices through a single mobile app that utilizes dual factor authentication and encryption.  The manufacturers of these Internet hubs such as Samsung’s SmartThings also provide regular security updates.  Not all Internet of Things devices are hub certified which is why when buying an Internet of Things device, you should look for hub certification as an indication that the manufacturer is security conscious.

Finally, and perhaps of greatest importance in protecting yourself from becoming part of a botnet is to do what you already should be doing which is refraining from clicking on links or downloading attachments in emails that may contain the malware enabling a hacker to access first your computer and move through it to your entire network of Internet enabled devices.  Never click on links or download attachments unless you have absolutely confirmed they are legitimate.

Scam of the day – September 30, 2016 – New Chase Bank phishing email

September 30, 2016 Posted by Steven Weisman, Esq.

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or  trick you into providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank. It comes with the heading, “Chase Bank detected suspicious activity.”  DO NOT CLICK ON THE LINK.  Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is not particularly convincing. The email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.  Also, the word “now” is incorrectly capitalized.  No logo for Chase Bank appears anywhere in the email and,  most telling, the email is not directed to you by name and does not contain your account number in the email.

Confirm Transaction

Your online account has been suspended (Reason: the violation of terms of service).
Update and Restore your online account Now
Log On
Thank you for using Chase Bank.
Member FDIC © 2016 Chase Bank Financial Corporation. All Rights reserved.


There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would specifically direct the email to you by your name.  This email has no salutation whatsoever.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to purchase phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

Scam of the day – September 13, 2016 – Phony Hillary Clinton video contains malware

September 12, 2016 Posted by Steven Weisman, Esq.

A common way that hackers manage to trick people into downloading malware used to steal the information from your computer or smartphone and enable them to make you a victim of identity theft is to send the malware disguised as an attachment for a video of something of great interest to many people.  It may be something related to a celebrity, such as purported nude videos or it may be of an event in the news, such as a video purporting to show formerly unavailable footage of, for instance, the shootings in the Orlando nightclub.  The presidential election is tremendous fodder for people seeking videos of candidates in compromising situations and scammers are taking advantage of this with malware attached to emails promising to provide newsworthy events. Such is the situation, as reported by computer security company Symantec, with an email presently circulation promising that the attached video shows Hillary Clinton accepting money from an ISIS leader in 2013.  In addition to being a totally outrageous accusation not based in any fact, the email is fraught with poor grammar.  However, that is not stopping some people who are clicking on the link and unwittingly downloading malware that can result in their becoming a victim of identity theft.


Regardless of who sends you an email or a text message with a link attached, you should never click on the link until you have confirmed that the communication is legitimate.  Even if the message appears to come in the email or text message from a trusted friend, you can’t be sure that your friend has not had his email or smartphone hacked and used by a scammer to spread malware.  You should have security software on all of your electronic devices including your computer and smartphone and make sure that you keep your security software up to date with the latest security patches, but you cannot totally rely on that software to protect you from all malware dangers because it generally takes the software security companies about a month to catch up with the latest strains of malware.  Finally, in regard to communications promising startling videos or pictures of celebrities or newsworthy events, you should be particularly skeptical as to their authenticity.   Instead, it is better to rely on legitimate news sources that you can trust to be safer and more accurate.

Scam of the day – September 11, 2016 – New malware attacking online banking app

September 11, 2016 Posted by Steven Weisman, Esq.

Many people find that doing their banking through their mobile devices is quick, efficient and convenient.  Unfortunately, it also carries with it risk of cybercriminals hacking the smartphones and other mobile devices used by their victims to gain access to their victims’ bank accounts and steal their money. In my Scam of the day for June 3, 2016 I gave a number of tips about how to do your online and mobile banking more safely.  Cybersecurity, however, is a never ending process and a few days ago, researchers at cybersecurity company Kaspersky Lab announced it had discovered a new form of malware used to steal banking information and credit card information from the smartphones of Android users that can override the new security features Android had installed in the Android OS version 6 specifically to combat this type of threat and other similar threats.

The new malware which is a modification of the Gugi banking malware starts, as with so many attacks by luring the victim into clicking on a link in a legitimate appearing text message that results in the initial downloading of the malware.  Once it is downloaded, however, the malware creates a display on your screen indicating the need for additional rights to work with graphics and windows.  If the victim clicks on the only link provided, another screen asks them to authorize app overlay and then other permissions. If the victim realizes what is going on and does not provide the requested permissions, the malware blocks the entire smartphone.  The only way to fix the problem at this point is to reboot the smartphone in safe mode and attempt to remove the malware, which  is difficult to do.

If the malware does get fully installed with all of the permissions it requires, it enables the cybercriminal to take total control of the victim’s electronic banking and can readily empty his or her accounts.


Along with the basic online and mobile banking precautions I urged you to take in my Scam of the day for June 3, 2016, you can protect yourself from the Gugi malware by never just automatically giving rights and permissions when an app requests you to do so.  Always evaluate why the app would need such permissions.

As always, the two most important things to do to protect yourself from any cybersecurity threat to your mobile phone is to follow my advice of “trust me, you can’t trust anyone” and never click on links regardless of who appears to be sending them until you have absolutely confirmed that the links are legitimate.  Also, make sure you that you not only have security software on all of your mobile devices, but that you keep the security software updated with the latest security patches as soon as they are available.

Scam of the day – September 6, 2016 – Phony survey scam

September 6, 2016 Posted by Steven Weisman, Esq.

Today’s Scam of the day is one about which I have been writing for more than two years, but keeps turning up in the email of many people.    Using the logos of legitimate companies such as Kohl’s Costco, Walmart and Amazon, just to name a few, you are told that you will receive a $50 gift card from these companies if you merely complete a short survey.  The survey looks official and the page has the official logo of a familiar company, however often what the scammers are seeking is personal information that can be used to make you a victim of identity theft.  Sometimes they use the information to craft spear phishing emails likely to convince you to click on links infected with malware.  In other instances, your phone number is turned over to telemarketers.


As I always say, “trust me, you can’t trust anyone.”  Merely because an email appears to be official and carries a company’s logo does not make the communication legitimate.  It is very easy to copy a logo on to an email and make the communication look official and legitimate when, in fact, it is a counterfeit and a scam.  No legitimate survey will ever ask for banking information, passwords, Social Security numbers, credit card information or banking information.  The only reason for asking for that information is to make you a victim of identity theft.  Finally, no company is going to be in a position to give everyone who completes a customer satisfaction survey a $50 gift card.  A legitimate company may enter you into a drawing to win such a card by completing a survey, but no company is giving away $50 gift cards to everyone.

Scam of the day – August 30, 2016 – NASCAR team becomes victim of ransomware

August 29, 2016 Posted by Steven Weisman, Esq.

This past Spring, the computer of the crew chief of the NASCAR Circle Sport-Leavine Family Racing (CSLFR) team was infected with ransomware.  Ransomware, as regular readers of Scamicide know is malware that gets unwittingly downloaded on to a person’s or company’s computer, which when downloaded encrypts the data of the victim.  The victim is then told to either pay a ransom, generally in bitcoins within a short period of time or the hacker will destroy the data.  In this case, the racing team paid the $500 bitcoin ransom and got their  huge amounts of data back.  The particular type of ransomware used in this attack was TeslaCrypt for which there already existed security software that could have prevented the malware from being able to encrypt the files, however,  CSLFR did not have such security software on their computers.

Ransomware has become one of the most common and effective cybercrimes in the last year, successfully targeting individuals and a wide range of companies including law firms, accounting firms and even police departments.  As big data becomes more and more a part of sports teams, particularly in Major League Baseball, the National Basketball Association and the National Football League, you can expect future attacks against professional sports teams to become more common.


The key to not becoming a victim of a ransomware attack is to prevent it in the first place.  Generally, the malware is installed unwittingly by victims when they are lured through phishing and spear phishing emails to click on links infected with the malware.  Never click on links in emails or text messages regardless of how legitimate they may appear until you have verified that it is legitimate.  You should also install anti-phishing software.  It is also important to not only have anti-malware software installed on all of your electronic devices, but to make sure that you update the security software with the latest security patches and updates.  In the case of CSLFR, they fell victim to a type of ransomware for which there already existed security software to prevent the TeslaCrypt ransomware from operating.  Always keep your security software up to date.  Finally, always back up your computer’s data daily, preferably in two different ways in order to protect your data in the event you do become a victim of ransomware.

Scam of the day – August 4, 2016 – Olympic scams

August 4, 2016 Posted by Steven Weisman, Esq.

Tomorrow brings the much anticipated opening ceremonies of the 2016 Rio Olympic Games and scammers will be taking advantage of the public’s interest in the event to lure them into scams.  As the Games get underway many people will be receiving emails and text messages purporting to contain updates, photos and videos of Olympic events.  Unfortunately, if you click on the links or download the attachments in these emails, you will end up downloading keystroke logging malware that will steal your personal information from your computer, laptop, tablet or smartphone and use that information to make you a victim of identity theft.   You also run the risk this year of downloading ransomware that will encrypt all of the data on your computer and threaten to destroy it if you do not pay a ransom.

Also, If you are shopping for Olympic merchandise, you should be wary of the large amount of counterfeit and poor value fake Olympic merchandise that is being sold on the Internet.


As I have warned you many times, never click on a link or download an attachment unless you are absolutely sure that it is legitimate.  In regard to Olympic email or text message updates you are better off not downloading or clicking on links in any emails or text messages you may receive even if they appear to be from a legitimate source because the URL may appear to be legitimate, but it may merely be “spoofed” or copied from a legitimate site so it appears legitimate, but in truth is not.  You are better off going directly on your own to sources such as that you know are legitimate.  Also, make sure that your anti-malware and anti-virus software is installed and up to date on all of your electronic devices.  Also, be wary of links sent to you through social media such as Facebook even if they look legitimate because it is easy to hack someone’s social media accounts to send out malware that unwary victims click on.

In regard to purchasing official Olympic merchandise, go directly to the official Olympic website of  If you want Team USA merchandise, go the official Team USA website of   Both of these websites are safe and secure places to purchase official Olympic merchandise and apparel.

Scam of the day – July 18, 2016 – Facebook cloning or spoofing

July 18, 2016 Posted by Steven Weisman, Esq.

Just last weekend, I received three “friend” requests on Facebook from people who were already Facebook friends of mine, which is an indication that someone had set up new Facebook pages in their names and was attempting to lure their friends into becoming friends with the hacker.  This scam is called either Facebook cloning or Facebook spoofing and the goal of the hacker is to get people to respond to the new friend request and then to lure the friends of the person whose Facebook page they commandeered to trust communications and postings from the cloned page in an effort to get them to click on links and download malware or ransomware or respond to emergency requests by sending money.


There are many things you can do to protect yourself from this type of scam.  Scammers harvest information from social media to help them in their scams so the first thing you should do is to check to see if the public is able to see your posts.  Click on the padlock at the top right hand side of your Facebook page and click on “Who can see my stuff?”  It should say “friends,” but if it says “public” you should change that setting to “friends” to increase your privacy.

As for accepting friend requests, if you are already a friend of the person, don’t accept a second request.  Also, when accepting friend requests, don’t do it from the friend request email.  Instead go directly to your Facebook page from your browser and not from a link in the email because it could be a phishing scam seeking to steal your password or other information.

Finally, it is worth repeating that you should never trust any communication that contains a link until you have confirmed independently that the communication is legitimate.  The risk of malware in a link found in social media, a text message or email is just too great.

If your Facebook account has been cloned, here is a link that will take you to Facebook with tips as to what to do and how to report the problem.

Scam of the day – July 12, 2016 – Instagram Ugly List scam

July 12, 2016 Posted by Steven Weisman, Esq.

A recent scam that has been victimizing people starts when you get an Instagram notification telling you that you have been tagged in a post called “Ugly List 2016.”  To make things worse, it appears that it is a friend of yours who tagged you.  The notification contains a link to enable you to see the full post.  If you click on it, it takes you to what appears to be the Instagram log in page where you have to type in your username and password in order to see the full Ugly List 2016.  However, the log in page to which you were directed by the link is a phony and if you type in your username and password, you have just turned over that information to a hacker.  The hacker, in turn, may send out Instagrams that appear to come from you including new Ugly List 2016 tags to your friends.

But why, would a hacker do this?

Certainly sometimes it is just done to embarrass people, but other times it is done to get people to turn over their usernames and passwords to the cybercriminals who count on many people using the same usernames and passwords for all of their accounts including online banking and other online accounts that have information that can be used by the cybercriminal for purposes of identity theft.


In regard to this particular scam, it is important to remember that there is no Ugly List 2016 so do not respond to it.  It is also important to remember when you are contacted by your friends through social media or even through emails or text messages, you can never be sure that any links contained in these communications that you are urged to click on are legitimate.  They may be tainted with malware.  Remember my motto, trust me, you can’t trust anyone.  These messages that appear to come from your friends may indeed come from their accounts which have been hacked and sent by an identity thief.  Never click on links or download attachments in emails, text messages or on social media until you have absolutely confirmed that the communication is legitimate.

As for your passwords, it is important to have a complex an unique password for every online account you have.