Wednesday, October 24, 2012

Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise

10/12/12—The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out e-mail. A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. The malicious application steals contact details from the user’s address book and the infected device’s phone number.
FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
Safety tips to protect your mobile device:
  • When purchasing a smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
  • Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
  • With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
  • Review and understand the permissions you are giving when you download applications.
  • Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
  • Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
  • Be aware of applications that enable geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can also be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
  • Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime an application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
  • Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
  • If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
  • Smartphones require updates to run applications and firmware. If users neglect this, it increases the risk of having their device hacked or compromised.
  • Avoid clicking on or otherwise downloading software or links from unknown sources.
  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.
If you have been a victim of an Internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.


Posted by at

Fraud and scam alert: email lists for sale | B2BL: B2B spam

Scams abound in the email-list sales world, and a good many of them lead back to the India-based Data Champions / Sloan Marketing scam and spam group.
Some recent fake company names and addresses we’ve seen in spam from these scam groups include:
  • monica.thomas@technology-database.com. Signed “Monica Thomas, Business Development Manager,” no address, no telephone number. Spam subject: “Data Backup Software Users/Resellers Accounts.” Spam mailed from their exchange-media.com [199.175.55.106] spam server, spam hosting provided by Softlayer, as often seen in the past.
  • postmaster@b2borb2c.com / alan.greg@banetxmail.com. Signed “Alan Greg, Market Analyst, no company name, no phone number.” Spam subject: “Permission Pass Letter.” Mailed from their b2borb2c.com [109.230.213.106] spam server.
  • ksmith@datafinder.us. Signed “Karen Smith, Lead Consultant, Data-Finder Inc, 1275 S. Main Street, Atlanta, GA 30034, 302-384-9814.” Address does not exists, and the datafinder.us web site has contact information. Uses their ibamailer.com spam site. Spam subject: “Contact Discovery”
  • cathy.a@b2bdatas.com. Signed “Cathy Anderson, Account Manager,” no company name. Spam subject: “Key Decision Makers List.” Mailed from their emaillistsworld.com [72.55.131.108] spam server.
  • davis@aadatabizleads.com. Signed “Davis Mark, Business Development Coordinator, American Accurate Data Inc.” Fake company, no valid contact info on web site, no phone number. Sent from a google.com mail server.
  • amanda.wallace@greennetworkers.com. Signed “Amanda Wallace, Marketing Manager, ED Group Inc.” No phone number or address, no such company. mailed from their xchangehost.biz [199.175.48.230] spam server.
  • bs@mxpdtwelve.info. Signed “Bryan Spuler, Omaha, NE 68144,” no company name, no address. Spam links to their sale-bluebase.com spam domain. Sent from their bigoffers2.info [74.3.161.115] spam server. Spam subject: “New B2B Email Prospects.”
  • jane.ferguson@leadtailors.net. Signed “Jane Ferguson, Marketing Executive – Lead Tailors, Inc., 225, Level -2 Madison Avenue, Albany, NY 12230, United States, 518-621-2695.” Not a real company, not a valid address. Sent via their ihostmediasrvr.biz / edatacluster.com [208.115.206.238] spam server. Spam subject: “Prospects List with Email-id’s.”
  • lauren.morrison@ubermarketers.com. Signed “Lauren Morrison, Marketing Executive – Uber Marketers, 225, Level -2 Madison Avenue, Albany, NY 12230, United States, 518-621-2695.” Same spam as the one above except they’ve changed the name of the fake employee and the fake company from leadtailors.net to ubermarketers.com. Address didn’t change, however.
  • gerard.butler@unicemail.com. Signed “Gerard Butler, Business Development, Division Of E-mail & Data Services, UNIC Info, Inc.” Non-existent company, no phone number.
The Data Champions and similar groups also use cheap mail and anonymous services such as aol.com and google.com for their spam. Some sample addresses:
  • brian.becker@aol.com. Signed “Brian Becker, Online Marketing Specialist, Email Bridge, Inc, 100 Congress Ave, Austin, TX 78701.” Email Bridge is a fake company and no suite number has been provided for phony address in the Congress Ave office tower. No phone number either. Spam subject: “Professionals Industry Database.”
  • stacy.nelson.us@gmail.com. Stacy Nelson, Online Marketing Manager, Lead Marketers, Inc., #820, 4th Floor Walnut Street, Philadelphia, PA 19107, USA, Phone: 484-221-6289. Company doesn’t exist, and somehow they forgot to specify which suite number they occupy in that Philadelphia office building. Spam subject: “Email Appending Solution.”
  • jennifer.mintz@aol.com. Signed “Jennifer Mintz, Database Marketing Executive, UberMarketers, North Hero, VT 05474, USA, 888 329 3394 or 60 Cannon Street, London.” Non-existent company (sometimes seen as ubermarketers.com). Spam subject: “B2B/B2C Email List & Appending solution.”
  • james.michae@aol.com. Signed “James Michae, Online Marketing Specialist, Email Bridge, Inc, 100 Congress Ave Austin, TX 78701 USA.” That fake Email Bridge company name again. Spam subject: “Business leads Follow up.”

Fraud and scam alert: email lists for sale | B2BL: B2B spam
Posted by at

Monday, October 22, 2012

Watch for Political Scams this Election Season

As pre-election emotions run high, the Better Business Bureau says to watch out for people pretending to be lobbyists or campaign volunteers who really just want personal information. Experts say there are some key red flags to watch for.

Most people fall for scams when they try to get something for nothing. The biggest red flag is when someone asks for your credit card or bank account information. But most importantly, trust your instincts. If it doesn't feel right, it probably isn't legitimate.

"These people say I'm an educated business person and I fell for it,” said Better Business Bureau Community Relations Director Barbara Green.

The Cedar Rapids Better Business Bureau office fields complaints such as, fill out this survey and we'll send you on a cruise.

"They ask for your credit card number to pay for your port fees,” said Green.

Another scam says, fill out this survey and we'll pay your utility bills. Just send them your bank account information and they'll make a deposit into your account.

Plenty of volunteers and paid staff on both sides of the aisle will likely call you as we inch closer to election day. But if it's too hard for you to tell the difference between a real or fake request go to their website and make a donation on their secure site.

"You go to their site and you make a donation on their secure site. You're giving out quite a bit of personal information. You home address and credit card and they can take advantage of that very quickly,” said Green.

The Iowa Attorney General's Office say they haven't received any formal complaints about these kinds of political scams. It may be a campaign volunteer calling on a specific party's behalf. But the Better Business Bureau says, as a rule of thumb, guard your personal information at all costs.

Watch for Political Scams this Election Season | KCRG-TV9 | Cedar Rapids, Iowa News, Sports, and Weather | Local News
Posted by at

Saturday, October 20, 2012

State officials warn veterans about scams offering assistance

The N.C. Division of Veterans Affairs is warning veterans about a scam that promises help with pensions and other benefits, but for a high price.
Tim Wipperman, assistant secretary for veterans affairs, said his office has received several reports about people who claim they want to help veterans with the VA benefits process, but veterans end up losing hundreds of dollars.
"We are trying to get a grip on this," Wipperman said. "These folks are good at changing their tactics where they do what they do and stay one millimeter above the law."
The scammers target veterans - mostly those who are older or disabled - through seminars and other outreach programs about VA Aid & Attendance Special Pension, Wipperman said. That is is a special federal veterans' benefit program that provides financial support to veterans who have a limited income and who are considered to be in need of regular in-home or nursing home care.
"Once they get the veterans and their families in the room, they give them a little pitch. They try to sell them questionable insurance or investment products," Wipperman said.
The scammers also promise to file a claim with the VA at a cost, but the claim is not filed, or it is filed incorrectly, he said.
Others targeted by the scammers are homeless veterans. These scam artists charge homeless veterans a fee to prepare or assist in a claim. Their fee is taken from each monthly check, which the scammer has mailed to his home.
The state Division of Veterans Affairs is working with several agencies to try to educate veterans about the scams. The N.C. Department of Justice issued a release in September warning veterans about the problem.
Wipperman is also working with U.S. Sen. Kay Hagan to address the issue.
"We plan to stay on this," said Mary Hanley, Hagan's press secretary. "We are doing our own outreach to veterans and will continue to do so.
"We consider this a serious problem. It is unfortunate that this is going on. It is deplorable."
Veterans should seek any assistance they need from someone who is accredited by the Veterans Administration to represent veterans seeking benefits. Those who are accredited aren't allowed to charge for services.
"If we can get the veterans to come to an accredited service officer, it will help," Wipperman said.
Veterans can search for accredited service officers on the VA's website, www.doa.nc.gov /vets/locations.
They also can report a scam to the Attorney General's Consumer Protection Division at 877-5-NO-SCAM or at ncdoj.gov.


FayObserver.com - State officials warn veterans about scams offering assistance
Posted by at

Friday, October 19, 2012

Suspected Scam Artist Arrested In Undercover Sting


Sidney Allan Jeffords  
Sidney Allan Jeffords

WILLIAMSON COUNTY, Tenn. – A suspected scam artist who is believed to have targeted people in at least four states was arrested in an undercover sting operation in Williamson County.
Sidney Allan Jeffords, 33, was arrested Thursday and charged with theft over $1,000 and being a fugitive from justice.
The Williamson County Sheriff's Office said Jeffords, who also goes by Al Jones, uses Craigslist to contact people who post they are looking for a rental property. Investigators said he took a couple to a property which he said he owned in Williamson County, and attempted to collect money for a rental agreement. However, he does not own the property, according to officials.
Authorities believe there are others who have been victims of Jefford's scams in Williamson County and across Middle Tennessee.
Anyone who has seen Jeffords or done business with him is asked to call law enforcement. In Williamson County, victims are asked to call WCSO Detective Kevin Sheldon at 615-790-5554.
Jeffords was held on $150,000 bond at the Williamson County Detention Center. He is scheduled to be in court on October 25.


Suspected Scam Artist Arrested In Undercover Sting - NewsChannel5.com | Nashville News, Weather & Sports
Posted by at

Beware the new fake Amazon email scam

On October 16, a fake Amazon email scam began making the rounds. This phishing email claims that your account has been closed and provides a link to a “form” where the recipient can update their information. The most sophisticated of today’s email scams use the logo of the organization that is the target of the scam, however, there is no logo in the email currently being sent. In fact, the message, with the exception of the attached form, is merely plain text, which reads: “Your account has been closed because of too many failed login attempts. Please download and fill out the form below to reactivate your account.” The email includes a form with the file name “amazonform.html.”
The source code shows that the message was handled by a server at amazsecudb.com, which is owned and/or administered by Tommy Johnson of Lake Zurich, IL 60047. Messages of this sort are intended to take the unsuspecting to a website that will collect personal information to later be used by others.
Beware the new Amazon fake email scam

Amazon.com takes Internet fraud very seriously and has pages of information on how to report email scams involving Amazon.com. They also have a dedicated form for reporting the emails at https://www.amazon.com/gp/help/contact-us/report-phishing.html?. In their October 17 automated reply to a report of this phishing scam, Amazon provided several tips on how to spot fake emails.
1. Amazon.com will *not* ask you for the following information in an e-mail message:
* Your Amazon.com password
* Your bank account information
* Your credit card information or PIN
* Your social security number
* Your mother's maiden name or other information to identify you
2. Amazon.com will *not* ask you to verify or confirm your Amazon.com account information by clicking on a link from an e-mail.
If you suspect that you have received a phishing email involving your Amazon.com account, report the incident to Amazon immediately. You can also find information about identity theft and Internet fraud on the FBI and Internet Crime Complaint Center (IC3) websites.


Beware the new fake Amazon email scam  - National Crime & Courts | Examiner.com
Posted by at

Deceased spouse insurance

When a spouse dies there are so many things that need to be handled almost simultaneously. Burial arrangements made, death certificates sent out to creditors and life insurance policies cashed out. It is the issue of life insurance that brings us to our latest scam.
The deceased spouse insurance scam works like this: a newly widowed man or woman will receive a telephone call from a “life insurance agent” stating that their deceased spouse had purchased a policy from their company. The policy is always said to be over a million dollars.
The “agent” will then tell the surviving spouse that the policy was to be kept a secret from him or her because their spouse “loved them very much and wanted to take very good care of them.” The kicker is that there is one more premium payment that is owed, usually in a very specific amount (i.e. $4890.37) and that the premium payment needs to be paid before they can release the policy amount to the beneficiary.
Of course, once this premium payment is sent (often to a foreign country) the alleged policy payout never arrives, and the widowed spouse is out the alleged premium amount that they paid. This scam has been going on for some time, but has been ramping up in recent years. It is a sad fact that there will always be scammers willing to take advantage of a person during one of the most vulnerable times in their life. Criminals pick their victims from obituaries.
How to avoid: there are very few agents who will call you when your spouse dies, so getting a phone call of this variety is red flag number one. Two, always ask to see some verifiable documents; regardless of how official they may appear, always follow up by calling the customer service department of that company or ask your personal insurance agent to verify this policy for you. Finally, if you are approached by an “agent”, never send them any money. A reputable agency (if a policy really does exist) will take any remaining premiums off of the payout amount and would never request a premium payment be sent. In the aftermath of the death of a spouse, the surviving spouse can be very vulnerable. Be aware of scams such as this one; always make sure to protect your assets.


Deceased spouse insurance - Telephone Scams - Scam Detector
Posted by at
Subscribe to: Posts (Atom)