Posts Tagged: ‘Phishing’

Scam of the day – October 26, 2014 – Myverizon38.com scam

October 26, 2014 Posted by Steven Weisman, Esq.

This scam is a slight variation of the scam I reported to you about on March 6, 2014 in the Scam of the day. “Spoofing” is the name for the tactic used by identity thieves to make a call that you receive appear to come from a legitimate source, when, in truth it is from a scammer who has merely managed to make it look like the call is legitimate.  Many people are reporting receiving calls on their smart phones or landlines that on Caller ID appear to be from “Technical Support” and carrying a telephone number that is a real number for Verizon Wireless technical support.  The call received is an automated robocall that informs you that you have are eligible for a $38 reward and then directs you to the website www.myverizon.38.com.  This website is a phony website which lures you into providing personal information that is then used to make you a victim of identity theft.  In other variations of this scam, merely by clicking on a link on the phony website, you will unwittingly download keystroke logging malware that will steal the personal information from your computer and use this information to make you a victim of identity theft.   This type of scam by which a legitimate-looking, phony website tricks you into providing personal information or clicking on tainted links is called “phishing.”  Back when I first reported on this scam to you, the phony website was www.verizon54.com and the amount of the phony reward was $54.

TIPS

You can never trust a phone call to actually be from whom the caller says.  Spoofing is easy to accomplish by identity thieves.  Don’t be tricked into trusting a telephone call.  In addition, robocalls are illegal so you should never trust a prerecorded call.  Nor should you click on links that you are not sure are legitimate.  If you have any thought that the original contact might be legitimate, contact the company directly at a website address or telephone number that you know is accurate to inquire about the particular matter.

Scam of the day – October 2, 2014 – Important update on Bash bug

October 2, 2014 Posted by Steven Weisman, Esq.

On September 27th I warned you about the revelation that there was a bug called Shellshock in the Bash command-line interpreter on many operating systems including Linux, Unix and Apple’s OSX that had just been discovered after more than twenty years.  This bug is simple to exploit and tremendously dangerous since when exploited by hackers, permits the hacker to take over the computers using the infected operating systems.   The Federal Financial Institution Examinations Council (FFIEC) has warned the banking industry that it should take immediate steps to protect itself from this major threat.  Hackers have been busy trying to take advantage of this security flaw by attacking servers using affected operating systems while security experts have been equally as busy trying to create new patches.   A series of security patches have been released just in the last couple of days. It is also important to know that, as individual computer users, your firewall should protect you unless a hacker tricks you through phishing into clicking on a link and download malware to exploit the flaw.

TIPS

For all of us, this is a reminder to never click on a link in an email, text message or social media posting unless you are absolutely sure that it is legitimate.  Too often, what appear to be legitimate communications with emails are phishing scams with malware attached.

Here are links provided by the Department of Homeland Security which in turn have links to the latest security patches issued by Apple and others to deal with this problem.

https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

https://www.us-cert.gov/ncas/current-activity/2014/09/30/Apple-Releases-OS-X-bash-Update-10

Scam of the day – September 23, 2014 – How LinkedIn can be used to hack companies

September 22, 2014 Posted by Steven Weisman, Esq.

LinkedIn is a very popular social networking service site for business people where 300 million people share knowledge and opportunities.  Unfortunately, however the information provided on LinkedIn can be manipulated in the hands of a hacker to provide information that can be used to hack a business’ computers and data.  If you look up a company on LinkedIn you will find a number of profiles for individual employees of the company.  Many of these will include the employee’s email address.  After viewing a few employee profiles a hacker can determine the protocol used for emails within the company, such as initial of first name, last name@companyname.com.   Using this information, the hacker can send a legitimate appearing email to a company employee that looks like it comes from within the company luring the real employee to either click on a tainted link or enter a username and password.  This can be used to either directly install malware on to the company’s computers through the tainted link or get access through the user name and password of the employee victimized by the scam.  From there it is an easy thing to install malware to steal information from the company.

TIPS

Never click on links in emails, text messages or social media or download attachments until you have absolutely confirmed that they are legitimate.  Also, when it comes to network security, most companies will never ask for an employee’s user name or password.  Again, never provide this information on any website or anywhere else until you have first confirmed that the website is legitimate.  It might be a phony, tainted website merely phishing for your information.  Trust me, you can’t trust anyone.

Scam of the day – September 21, 2014 – Qantas phishing scam

September 21, 2014 Posted by Steven Weisman, Esq.

Qantas airline has issued  warning about a Facebook scam in which the banner advertisement featured below invites people to “like” it and then to share it with their friends in order to win a $1,500 travel voucher.  If you click on the page, you are directed to a phony Qantas Facebook page where you are asked to provide personal information.  People providing the information are in great danger of identity theft as the phony ad is just a phishing scam to get your personal information.

This is the fake Qantas Facebook account which is being investigated 

TIPS

In the case of Qantas, it only runs its promotional campaigns from its own authenticated Facebook page or though the official Qantas website.  As I always warn you, never click on links unless you are absolutely sure that they are legitimate.  Merely because it appears on your Facebook page does not make it legitimate.  If you believe it may be a legitimate promotional offer, ignore the social media posting, email or text message that sends you a legitimate looking offer and go directly to the company’s own website and make sure that you type in the name of the company’s website correctly to avoid being directed to another phony website.

Scam of the day – July 21, 2014 – Yahoo email phishing scam

July 21, 2014 Posted by Steven Weisman, Esq.

A number of times I have written about email phishing scams that start when you receive an email that purports to be sent from AOL informing you that there is some problem with your AOL account which requires you to click on a link in order to rectify the problem.  Recently, another email server is the subject of a phishing scam.  This time it is Yahoo.  Here is a copy of an email that is presently finding its way into many people’s email boxes.  This is a phishing scam.  DO NOT CLICK ON THE LINK.  Clicking on the link will result in either your downloading a keystroke logging malware program that will steal all of the information from your computer such as your Social Security number, credit card numbers and banking information that will then be used to make you a victim of identity theft or when you click on the link you will be prompted to provide personal information that will also be used to make you a victim of identity theft.  Some phishing emails are better than others and this one was not very convincing.  The email address from which it was sent was not even a Yahoo email address.  It was the address of someone whose email had been hacked and made a part of a botnet of computers used by identity thieves to send out their phishing emails.  In addition, this email is not directed to you by name, but rather as “Yahoo user.”  As with many of these scams that often originate in foreign countries where English is a second language, the grammar is suspect as where in this email the word “responds” is used instead of the correct word “response.”

“Dear Yahoo! User

Your two incoming mails were placed on pending status due to the recent upgrade to our database, In order to receive the messages Click Here to login and wait for responds.

Customer! Mail Product Management.

Copyright © 2014 Mail! Inc. (Co. Reg.. No. 2344507D)All Rights
Reserved. Intellectual Property Rights Policy
Please do not reply to this message. Mail sent to this address cannot be answered.”

TIPS

The most important thing to remember is to never click on links in emails or download attachments unless you are absolutely sure that they are legitimate.  In this particular case, it is easy to see that it is a scam.  Additionally, you should make sure that your anti-malware and anti-virus software are installed and up to date with the latest security updates while remembering that you cannot rely on your security software because it is generally about thirty days behind the latest viruses and malware programs.

Scam of the day – July 15, 2014 – Mailbox identity theft danger

July 15, 2014 Posted by Steven Weisman, Esq.

Identity theft can be high tech, low tech or no tech and although much attention is often focused on computer phishing schemes, malware and other high tech methods of turning you into a victim of identity theft, low tech and no tech methods of identity theft can be equally as effective in stealing your identity.  One low tech method that has been around for a long time, but seems to be making a resurgence is when identity thieves put strong glue like the kind used on mouse trap paper is put on the inside of the swing-down chute in the mailboxes you find scattered throughout your city.  This glue traps mail on the chute rather than letting it go down into the mailbox when the lid is closed making it easy pickings for an identity thief who can be looking for checks you may be mailing to a business or a credit card payment.  Your check can either be altered through a process called “washing” so that the check is made to appear to be payable to the identity thief.   The identity thieves can also take the information from your check and make counterfeit checks in order to access your checking account.   They may also steal the information from your credit card statement to gain access to your credit card.

Another similar type of scam involves the identity thief putting the glue on a small object at the end of a string and lowering the string into the mailbox to go fishing for mail with checks, credit card statements or other information that can be used to make you a victim of identity theft.

TIPS

Although it seems like you should be able to trust the U.S. mail, you would be prudent to mail payments and letters with financial information directly from the post office rather than use vulnerable mailboxes.  You also should consider making your payments electronically which is even safer.  When you do use checks, you should use a type of pen called a gel pen which you can purchase at any office supply store.  The ink from these pens is almost impossible to wash off of a check by a counterfeiter.  Finally, do not put mail with personal information or checks in your own personal mailbox at your home.  Often people do this and raise the red flag on the mail box to inform the letter carrier  that there is outgoing mail to be picked up from your box.  Unfortunately, it also informs an identity thief cruising your neighborhood that there are “goodies” in your mailbox.

 

Scam of the day – July 13, 2014 – Bank of Hawaii text message scam

July 13, 2014 Posted by Steven Weisman, Esq.

Recently many residents of Hawaii have been receiving a text message that appears to come from the Bank of Hawaii informing them that their accounts have been blocked or suspended or their lines of credit have been reduced.  They are also told in the text message to call 857-453-3714 and enter their account number and PIN in order to rectify the situation.  This is a  phishing scam and anyone providing that information to the scammer would end up becoming a victim of identity theft and having their accounts emptied.

TIPS

Regardless of how official such a text message may appear, you should never provide personal information to anyone in response to a telephone call, email or text message because in none of those situations can you be sure that the person contacting you is legitimate.  If you do receive a communication from a bank, government agency or any other person or entity that you think might have a legitimate need for personal information from you, you should call the real entity at a telephone number that you know is legitimate in order to ascertain the truth.  Banks do not call, text or email their customers asking for personal information.  You should always be skeptical of anyone asking for such information.  As  I always say, “trust me, you can’t trust anyone.”  This particular scam involved the Bank of Hawaii, but this scam is constantly being done around the country using the names of other banks.  As for those of you in Hawaii who may have fallen for this scam.  You should contact the real Bank of Hawaii at 888-643-3888 or by email at icare@boh.com for help.

Scam of the day – June 15, 2014 – Russian iPhone hackers arrested

June 15, 2014 Posted by Steven Weisman, Esq.

It was only a few days ago that I warned you about some iPhone scams threatening users of Apple’s iPhone through a manipulation of the Find My Phone feature of the iPhone.  The Find My Phone feature allows iPhone owners to track and lock their phones if they are lost or stolen.  However this feature was allegedly misused by two Russians who used phishing techniques to get access to their victims’ Apple ID accounts where they activated the phone locking feature.  They then sent messages to their victims indicating that they would remotely delete the data in their phone and keep the phone locked unless they paid a ransom.  Another technique allegedly used by the pair of criminals to gain access to the phones was to place online ads offering to provide access to much media content to be accessed through the victim’s iPhone.  Once the victim linked his or her iPhone to the scammer’s account, the scammers activated the Find My Phone feature to lock the phone.

TIPS

The best way to resolve a problem is to avoid the problem altogether.  As I constantly warn you, never click on links in emails unless you are absolutely sure that they are legitimate.  It is always safer to confirm first that the email with a link is legitimate first before considering clicking on the link.  You also should make sure that you always backup whatever content you keep on all of your electronic devices.  All of your electronic devices should also be protected with anti-virus and anti-malware software although it is important not to rely to heavily on these security programs because they are always a bit behind in protecting you from the latest malware and viruses.  Finally, If you are unlucky enough to have had your iPhone hijacked, you can correct the problem yourself through a “hard” reset.  Here is a link to instructions from Verizon as to how to do a hard reset: http://www.verizonwireless.com/support/devices/knowledge_base.html/39607/

You also can to to your Apple store with your iPhone and proof of purchase to have Apple resolve the problem.

 

Scam of the day – June 7, 2014 – Latest iPhone scam

June 7, 2014 Posted by Steven Weisman, Esq.

Recently many iPhone users have found that their Find My iPhone anti-theft feature had been accessed and used to lock the screen.  The victims then received a ransom demand of $100 by the hacker in order to unlock the screen.  However, this scam does not end there.  Other scammers are sending out emails posing as Apple and informing you about the problem with iPhones being remotely locked and prompting you for your username, password and other information under the guise of helping you to defend yourself from the threat of a remote locking of your iPhone.  The problem is that this email is a phishing email sent by a scammer who is merely trying to use this ruse to obtain your information to be able to take over your Apple account.

TIPS

If you were unlucky enough to have had your iPhone hijacked, you can correct the problem yourself through a “hard” reset.  Here is a link to instructions from Verizon as to how to do a hard reset: http://www.verizonwireless.com/support/devices/knowledge_base.html/39607/

As for dealing with the phishing emails that purport to be from Apple, my advice is the same as it always is.  Never provide information that can be used against you in response to an email, text message or telephone call from someone where you have not initiated the communication.  If you receive any such message and have the slightest thought that it might be legitimate, contact the company or person at an email address or phone number that you know is accurate to confirm whether or not the communication you received is a counterfeit phishing communication.  Making an email look legitimate is very easy to do, so trust me, you can’t trust anyone when it comes to communications asking you for personal information

Scam of the day – June 4, 2014 – Justice Department halts massive hacking scheme

June 4, 2014 Posted by Steven Weisman, Esq.

Earlier this week, the Department of Justice revealed that it had broken a massive hacking scheme and taken over the computer servers that spread two major types of malware about which I have warned you previously.   The two types of malware are GameOverZeus and Cryptolocker.  GameOverZeus steals banking information from victims’ computer which the hackers then used to empty their victims’ bank accounts.  Cryptolocker is a particularly insidious type of malware that when installed on the victim’s computer encrypts all of the data contained on the computer.  After the encryption was accomplished, the criminals then notified the victim that their data would be destroyed unless a ransom payment was made.  This type of malware, has, appropriately been deemed ransomware.  Law enforcement officials estimate that as much as 100 million dollars was stolen by the gang operating these malware programs through a botnet.  Members of the gang included Russians, Ukrainians and British criminals.  Through the joint efforts of the FBI and law enforcement agencies in ten other countries, the computer servers of the hackers were seized and the alleged ringleader of the group, Russian Evgeniy Bogachev was indicted.  American authorities are in contact with Russian authorities to have Bogachev extradited to the United States for trial.

TIPS

This story is important for many reasons.  Certainly is not only good to see law enforcement cracking criminal hacking crimes, but also seeing international cooperation in the law enforcement effort.  However, ultimately, law enforcement is not going to be able to prevent you from becoming a victim of hackers seeking to steal from you through the use of malware such as GameOverZeus and Cryptolocker.  Instead the burden of protecting you from these attacks falls on all of us individually.  In all cases, these malware programs ultimately found their way to their victims’ computers when the victims invited them in by clicking on tainted links in emails or downloaded tainted attachments from phishing emails.  The first line of defense is not to ever click on emails or download attachments unless you are absolutely sure that they are legitimate.  You should also make sure that you have constantly updated anti-virus software and anti-malware software on all of your electronic devices.

The United States Department of Homeland Security has  issued a warning about the GameOverZeus malware that contains links to a number of effective anti-malware programs that can help protect your computer and other electronic devices from infection and remove the infection if it occurs.  Here is a link to that warning which, in turn, contains a link to the anti-malware software programs: https://www.us-cert.gov/ncas/alerts/TA14-150A