05/08/12—Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms.
Recently, there have been instances of travelers’ laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.
The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor’s website if updates are necessary while abroad.
Anyone who believes they have been a target of this type of attack should immediately contact their local FBI office and promptly report it to the IC3’s website at www.IC3.gov. The IC3’s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration. The complaint information is also used to identify emerging trends and patterns.
Wednesday, October 24, 2012
Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise
10/12/12—The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out e-mail. A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. The malicious application steals contact details from the user’s address book and the infected device’s phone number.
FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
Safety tips to protect your mobile device:
FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
Safety tips to protect your mobile device:
- When purchasing a smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
- Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
- With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
- Review and understand the permissions you are giving when you download applications.
- Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
- Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
- Be aware of applications that enable geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can also be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
- Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime an application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
- Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
- If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
- Smartphones require updates to run applications and firmware. If users neglect this, it increases the risk of having their device hacked or compromised.
- Avoid clicking on or otherwise downloading software or links from unknown sources.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
Fraud and scam alert: email lists for sale | B2BL: B2B spam
Scams abound in the email-list sales world, and a good many of them lead back to the India-based Data Champions / Sloan Marketing scam and spam group.
Fraud and scam alert: email lists for sale | B2BL: B2B spam
Some recent fake company names and addresses we’ve seen in spam from these scam groups include:
monica.thomas@technology-database.com. Signed “Monica Thomas, Business Development Manager,” no address, no telephone number. Spam subject: “Data Backup Software Users/Resellers Accounts.” Spam mailed from theirexchange-media.com[199.175.55.106] spam server, spam hosting provided by Softlayer, as often seen in the past.postmaster@b2borb2c.com/alan.greg@banetxmail.com. Signed “Alan Greg, Market Analyst, no company name, no phone number.” Spam subject: “Permission Pass Letter.” Mailed from theirb2borb2c.com[109.230.213.106] spam server.ksmith@datafinder.us. Signed “Karen Smith, Lead Consultant, Data-Finder Inc, 1275 S. Main Street, Atlanta, GA 30034, 302-384-9814.” Address does not exists, and the datafinder.us web site has contact information. Uses theiribamailer.comspam site. Spam subject: “Contact Discovery”cathy.a@b2bdatas.com. Signed “Cathy Anderson, Account Manager,” no company name. Spam subject: “Key Decision Makers List.” Mailed from theiremaillistsworld.com[72.55.131.108] spam server.davis@aadatabizleads.com. Signed “Davis Mark, Business Development Coordinator, American Accurate Data Inc.” Fake company, no valid contact info on web site, no phone number. Sent from a google.com mail server.amanda.wallace@greennetworkers.com. Signed “Amanda Wallace, Marketing Manager, ED Group Inc.” No phone number or address, no such company. mailed from theirxchangehost.biz[199.175.48.230] spam server.bs@mxpdtwelve.info. Signed “Bryan Spuler, Omaha, NE 68144,” no company name, no address. Spam links to theirsale-bluebase.comspam domain. Sent from theirbigoffers2.info[74.3.161.115] spam server. Spam subject: “New B2B Email Prospects.”jane.ferguson@leadtailors.net. Signed “Jane Ferguson, Marketing Executive – Lead Tailors, Inc., 225, Level -2 Madison Avenue, Albany, NY 12230, United States, 518-621-2695.” Not a real company, not a valid address. Sent via theirihostmediasrvr.biz / edatacluster.com[208.115.206.238] spam server. Spam subject: “Prospects List with Email-id’s.”lauren.morrison@ubermarketers.com. Signed “Lauren Morrison, Marketing Executive – Uber Marketers, 225, Level -2 Madison Avenue, Albany, NY 12230, United States, 518-621-2695.” Same spam as the one above except they’ve changed the name of the fake employee and the fake company fromleadtailors.nettoubermarketers.com. Address didn’t change, however.gerard.butler@unicemail.com. Signed “Gerard Butler, Business Development, Division Of E-mail & Data Services, UNIC Info, Inc.” Non-existent company, no phone number.
brian.becker@aol.com. Signed “Brian Becker, Online Marketing Specialist, Email Bridge, Inc, 100 Congress Ave, Austin, TX 78701.” Email Bridge is a fake company and no suite number has been provided for phony address in the Congress Ave office tower. No phone number either. Spam subject: “Professionals Industry Database.”stacy.nelson.us@gmail.com. Stacy Nelson, Online Marketing Manager, Lead Marketers, Inc., #820, 4th Floor Walnut Street, Philadelphia, PA 19107, USA, Phone: 484-221-6289. Company doesn’t exist, and somehow they forgot to specify which suite number they occupy in that Philadelphia office building. Spam subject: “Email Appending Solution.”jennifer.mintz@aol.com. Signed “Jennifer Mintz, Database Marketing Executive, UberMarketers, North Hero, VT 05474, USA, 888 329 3394 or 60 Cannon Street, London.” Non-existent company (sometimes seen as ubermarketers.com). Spam subject: “B2B/B2C Email List & Appending solution.”james.michae@aol.com. Signed “James Michae, Online Marketing Specialist, Email Bridge, Inc, 100 Congress Ave Austin, TX 78701 USA.” That fake Email Bridge company name again. Spam subject: “Business leads Follow up.”
Fraud and scam alert: email lists for sale | B2BL: B2B spam
Monday, October 22, 2012
Watch for Political Scams this Election Season
As pre-election emotions run high, the Better Business Bureau says to watch out for people pretending to be lobbyists or campaign volunteers who really just want personal information. Experts say there are some key red flags to watch for.
Most people fall for scams when they try to get something for nothing. The biggest red flag is when someone asks for your credit card or bank account information. But most importantly, trust your instincts. If it doesn't feel right, it probably isn't legitimate.
"These people say I'm an educated business person and I fell for it,” said Better Business Bureau Community Relations Director Barbara Green.
The Cedar Rapids Better Business Bureau office fields complaints such as, fill out this survey and we'll send you on a cruise.
"They ask for your credit card number to pay for your port fees,” said Green.
Another scam says, fill out this survey and we'll pay your utility bills. Just send them your bank account information and they'll make a deposit into your account.
Plenty of volunteers and paid staff on both sides of the aisle will likely call you as we inch closer to election day. But if it's too hard for you to tell the difference between a real or fake request go to their website and make a donation on their secure site.
"You go to their site and you make a donation on their secure site. You're giving out quite a bit of personal information. You home address and credit card and they can take advantage of that very quickly,” said Green.
The Iowa Attorney General's Office say they haven't received any formal complaints about these kinds of political scams. It may be a campaign volunteer calling on a specific party's behalf. But the Better Business Bureau says, as a rule of thumb, guard your personal information at all costs.
Watch for Political Scams this Election Season | KCRG-TV9 | Cedar Rapids, Iowa News, Sports, and Weather | Local News
Most people fall for scams when they try to get something for nothing. The biggest red flag is when someone asks for your credit card or bank account information. But most importantly, trust your instincts. If it doesn't feel right, it probably isn't legitimate.
"These people say I'm an educated business person and I fell for it,” said Better Business Bureau Community Relations Director Barbara Green.
The Cedar Rapids Better Business Bureau office fields complaints such as, fill out this survey and we'll send you on a cruise.
"They ask for your credit card number to pay for your port fees,” said Green.
Another scam says, fill out this survey and we'll pay your utility bills. Just send them your bank account information and they'll make a deposit into your account.
Plenty of volunteers and paid staff on both sides of the aisle will likely call you as we inch closer to election day. But if it's too hard for you to tell the difference between a real or fake request go to their website and make a donation on their secure site.
"You go to their site and you make a donation on their secure site. You're giving out quite a bit of personal information. You home address and credit card and they can take advantage of that very quickly,” said Green.
The Iowa Attorney General's Office say they haven't received any formal complaints about these kinds of political scams. It may be a campaign volunteer calling on a specific party's behalf. But the Better Business Bureau says, as a rule of thumb, guard your personal information at all costs.
Watch for Political Scams this Election Season | KCRG-TV9 | Cedar Rapids, Iowa News, Sports, and Weather | Local News
Saturday, October 20, 2012
State officials warn veterans about scams offering assistance
The N.C. Division of Veterans Affairs is warning veterans about a scam that promises help with pensions and other benefits, but for a high price.
Tim Wipperman, assistant secretary for veterans affairs, said his office has received several reports about people who claim they want to help veterans with the VA benefits process, but veterans end up losing hundreds of dollars.
"We are trying to get a grip on this," Wipperman said. "These folks are good at changing their tactics where they do what they do and stay one millimeter above the law."
The scammers target veterans - mostly those who are older or disabled - through seminars and other outreach programs about VA Aid & Attendance Special Pension, Wipperman said. That is is a special federal veterans' benefit program that provides financial support to veterans who have a limited income and who are considered to be in need of regular in-home or nursing home care.
"Once they get the veterans and their families in the room, they give them a little pitch. They try to sell them questionable insurance or investment products," Wipperman said.
The scammers also promise to file a claim with the VA at a cost, but the claim is not filed, or it is filed incorrectly, he said.
Others targeted by the scammers are homeless veterans. These scam artists charge homeless veterans a fee to prepare or assist in a claim. Their fee is taken from each monthly check, which the scammer has mailed to his home.
The state Division of Veterans Affairs is working with several agencies to try to educate veterans about the scams. The N.C. Department of Justice issued a release in September warning veterans about the problem.
Wipperman is also working with U.S. Sen. Kay Hagan to address the issue.
"We plan to stay on this," said Mary Hanley, Hagan's press secretary. "We are doing our own outreach to veterans and will continue to do so.
"We consider this a serious problem. It is unfortunate that this is going on. It is deplorable."
Veterans should seek any assistance they need from someone who is accredited by the Veterans Administration to represent veterans seeking benefits. Those who are accredited aren't allowed to charge for services.
"If we can get the veterans to come to an accredited service officer, it will help," Wipperman said.
Veterans can search for accredited service officers on the VA's website, www.doa.nc.gov /vets/locations.
They also can report a scam to the Attorney General's Consumer Protection Division at 877-5-NO-SCAM or at ncdoj.gov.
FayObserver.com - State officials warn veterans about scams offering assistance
Tim Wipperman, assistant secretary for veterans affairs, said his office has received several reports about people who claim they want to help veterans with the VA benefits process, but veterans end up losing hundreds of dollars.
"We are trying to get a grip on this," Wipperman said. "These folks are good at changing their tactics where they do what they do and stay one millimeter above the law."
The scammers target veterans - mostly those who are older or disabled - through seminars and other outreach programs about VA Aid & Attendance Special Pension, Wipperman said. That is is a special federal veterans' benefit program that provides financial support to veterans who have a limited income and who are considered to be in need of regular in-home or nursing home care.
"Once they get the veterans and their families in the room, they give them a little pitch. They try to sell them questionable insurance or investment products," Wipperman said.
The scammers also promise to file a claim with the VA at a cost, but the claim is not filed, or it is filed incorrectly, he said.
Others targeted by the scammers are homeless veterans. These scam artists charge homeless veterans a fee to prepare or assist in a claim. Their fee is taken from each monthly check, which the scammer has mailed to his home.
The state Division of Veterans Affairs is working with several agencies to try to educate veterans about the scams. The N.C. Department of Justice issued a release in September warning veterans about the problem.
Wipperman is also working with U.S. Sen. Kay Hagan to address the issue.
"We plan to stay on this," said Mary Hanley, Hagan's press secretary. "We are doing our own outreach to veterans and will continue to do so.
"We consider this a serious problem. It is unfortunate that this is going on. It is deplorable."
Veterans should seek any assistance they need from someone who is accredited by the Veterans Administration to represent veterans seeking benefits. Those who are accredited aren't allowed to charge for services.
"If we can get the veterans to come to an accredited service officer, it will help," Wipperman said.
Veterans can search for accredited service officers on the VA's website, www.doa.nc.gov /vets/locations.
They also can report a scam to the Attorney General's Consumer Protection Division at 877-5-NO-SCAM or at ncdoj.gov.
FayObserver.com - State officials warn veterans about scams offering assistance
Friday, October 19, 2012
Beware the new fake Amazon email scam
On October 16, a fake Amazon email scam began making the rounds. This phishing email claims that your account has been closed and provides a link to a “form” where the recipient can update their information. The most sophisticated of today’s email scams use the logo of the organization that is the target of the scam, however, there is no logo in the email currently being sent. In fact, the message, with the exception of the attached form, is merely plain text, which reads: “Your account has been closed because of too many failed login attempts. Please download and fill out the form below to reactivate your account.” The email includes a form with the file name “amazonform.html.”
The source code shows that the message was handled by a server at amazsecudb.com, which is owned and/or administered by Tommy Johnson of Lake Zurich, IL 60047. Messages of this sort are intended to take the unsuspecting to a website that will collect personal information to later be used by others.
Amazon.com takes Internet fraud very seriously and has pages of information on how to report email scams involving Amazon.com. They also have a dedicated form for reporting the emails at https://www.amazon.com/gp/help/contact-us/report-phishing.html?. In their October 17 automated reply to a report of this phishing scam, Amazon provided several tips on how to spot fake emails.
Beware the new fake Amazon email scam - National Crime & Courts | Examiner.com
The source code shows that the message was handled by a server at amazsecudb.com, which is owned and/or administered by Tommy Johnson of Lake Zurich, IL 60047. Messages of this sort are intended to take the unsuspecting to a website that will collect personal information to later be used by others.
Amazon.com takes Internet fraud very seriously and has pages of information on how to report email scams involving Amazon.com. They also have a dedicated form for reporting the emails at https://www.amazon.com/gp/help/contact-us/report-phishing.html?. In their October 17 automated reply to a report of this phishing scam, Amazon provided several tips on how to spot fake emails.
1. Amazon.com will *not* ask you for the following information in an e-mail message:If you suspect that you have received a phishing email involving your Amazon.com account, report the incident to Amazon immediately. You can also find information about identity theft and Internet fraud on the FBI and Internet Crime Complaint Center (IC3) websites.
* Your Amazon.com password
* Your bank account information
* Your credit card information or PIN
* Your social security number
* Your mother's maiden name or other information to identify you
2. Amazon.com will *not* ask you to verify or confirm your Amazon.com account information by clicking on a link from an e-mail.
Beware the new fake Amazon email scam - National Crime & Courts | Examiner.com
Subscribe to:
Posts (Atom)