Top

Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Blog Index

Subscribe to our mailing list

* indicates required
Email Format

View previous campaigns.

Powered by MailChimp

Follow Us

Navigation
Sponsors

Entries in Email (58)

Tuesday
Jun282011

Amazon really is Confusing some times!

Author: AuthorPaul Sylvester | Date: DateTuesday, June 28, 2011 at 2:05PM |

Your Amazon.com password has been changed!

Dear [First] [Last],

This is an important message from Amazon.com

As a precaution, we've reset your Amazon.com password because you may have been subject to a "phishing" scam.

Here's how phishing works:

A scam artist sends an e-mail, which is designed to look like it came from a reputable company such as a bank, financial institution, or retailer like Amazon.com, but is in fact a forgery. These e-mails direct you to a website that looks remarkably similar to the reputable company's website, where you are asked to provide account information such as your e-mail address and password. Since that web site is actually controlled by the phisher, they get the information you entered.

Go to amazon.com/phish to read more about ways to protect yourself from phishing.

To regain access to your Amazon customer account:

1. Go to Amazon.com and click the "Your Account" link at the top of our website.

2. Click the link that says "Forgot your password?"

3. Follow the instructions to set a new password for your account.

Please choose a new password and do not use the same password you used with us previously.

Thank you for your interest in Amazon.com

Sincerely,

Amazon.com

Please note: this e-mail was sent from an address that cannot accept incoming e-mail. To contact us about an unrelated issue, please visit the Help section of our website.

This Happened a Few Days ago, and I thought I would talk about the security implications of this email. Some users and people are thinking this is fake. Obviously, I was concerned like everyone else so I contacted Amazon to find out about this. I talked on the Phone, and talked to a Representative that didn't really know why my password was changed. So they told me the she'd give my email address to a specialist and that was it.

Account Alert: Please Read

Greetings from Amazon.com.

Please take the time to read this message - it contains important information about your Amazon.com account.

After careful review of your account, we believe it may have been accessed and used by a third-party to attempt to make purchases without your permission. It seems that someone obtained your personal account and/or financial information elsewhere, and used it on Amazon.com to access your account. Please note that no unauthorized charges were completed as we were able to cancel the order(s).

We have taken immediate steps to secure your account. We’ve assigned a new, temporary password to prevent further access by the unauthorized third-party, and removed any credit cards or other payment methods from your account. Additionally, if any information was added to your account by someone other than you, it has been removed. Your account access has been restored and is available to use at your convenience.

You’ll need to reset your password when you return to our site. Just click “Your Account” at the top of our Home page and select “Forgot your Password?” in the Settings section.” Enter your email address as prompted, and once completed, we'll send you an e-mail containing a personalized link. Click the link from the e-mail and follow the directions provided. Your new password will be effective immediately. Please note that you will need to re-enter your complete credit or debit card number during the checkout process.

It is important to know that Amazon.com accounts can only be accessed by those who know personal, specific information about you and your account, including your email address and Amazon.com password. As mentioned above, it appears someone obtained this personal account information elsewhere and used it on Amazon.com to access your account.

While it is not clear how this happened in your case, we do know that personal account information is often obtained by scam artists who send unsolicited email to unsuspecting users asking them to "update" their account information. The email usually contains a link to a website that is controlled by the thief asking the user to submit personal information including email address, password, credit card number, and other relevant information. Once the information is obtained, the scam artist can then gain access to numerous online accounts since many internet users frequently use the same user name, email address, password, and financial information at multiple web sites.

Please know that Amazon.com employees will *never* ask for your password, nor will we ever send an email asking you to verify personal information.

Although it appears someone did access your Amazon.com account, they would not have been able to view your full credit card numbers as they are never displayed on our site. However, it is possible your credit card numbers may have been compromised at the time your other personal information was obtained. Therefore, we suggest you carefully review recent credit card statements to check for any unusual activity or unauthorized charges.

In the future, you can protect your Amazon.com password and account by following some of these safety tips:

-----------------------------------------------------------------------

1. Choose a good password: Use at least 8 characters and a combination of letters and numbers. Do not use single dictionary words, your name or other personal info that can be easily obtained, or a password that contains part of your email address.

2. Password protection: Avoid using the same password at multiple sites or for your email account. Do not share your password with others.

3. Account protection: Be cautious of unsolicited emails that appear to come from reputable online shops or services that ask you to submit personal information such as your credit card number, email address, and password. Often these emails will look as though they come from the company you're familiar with, and the email will ask you to click on a link and "sign in". You should never provide this kind of personal information in an unsolicited email.

I don't know if this isn't just an automated message because anyone who know me, knows I do listen to Security Now and other such security podcasts. So I know about phishing attacks and other such ways of how someone can get your password. I've recommended Lastpass in the past and still recommend it. I don't get what happened but it looks like they were concerned with my account and decided it need to be restricted until I changed my password. I even like the fact that Lastpass now uses Yubikey as a second factor of authentication, which I am quite glad they have implemented this. Great Going Laspass guys.

Don't Click Links in Emails!

I've talked about in the past but I thought it was something that we should at least remind people. If you get an email with a link to your account and you're not expecting it then don't click it. You can click links if your resetting your password but those are expected. I always tell people if your not expecting it, talk to the person who sent it to you because they might have a virus or some link that will compromise your account or get your passwords. Remember, surf safe and think about your security.

Security is #1

Paul Sylvester

VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , ,
Friday
Apr082011

Why I never volunteer for bacon!

Author: AuthorPaul Sylvester | Date: DateFriday, April 8, 2011 at 8:32PM |


"Please Enter A Valid Email Address" Image by pjsherman via Flickr


All Dogs love bacon!


If your wondering what I am talking about.   I will explain it to you in ways that you probably never considered.    If you have ever signed up to websites and they ask you if they could share your email address and name to 3rd parties.   3rd parties are like Epsilon Marketing and they make there money by selling products to people who have volunteered to receive bacon advertisements.

Security is nothing to Epsilon!


I won't go into detail about why because if I did you would probably agree with me just because of what happened.   Most likely Epsilon will loss a lot of customers and businesses due to the security breaches.    It just depends on how people feel about this company and why anyone should trust them after this breach.   I always tell anyone who signs up for a service to always makes sure to opt out of those emails.   I don't know about you but I know right now Epsilon has Egg on their faces and wouldn't mind sticking their heads in the sand.

Don't Get Caught Spear Phishing!


Now since the hackers have your name and your Email address, you probably are wondering what can I do not to get fooled.   I thought it would be a good idea to give some good guidance for those who might want to prevent this from happening in the first place.   You don't want them to get your sensitive information.    I don't want anyone to know my passwords or even my credit card numbers.   They will try to fool into giving out this information because there is some kind of urgent response about some kind of problem with your account.

Some stuff to consider:

  • No Company will call you asking for personal information

  • Nothing is so important as to go to the website directly

  • If they don't sound professional then tell them you will go visit the local bank or institution

  • Just because they know your name doesn't mean they are real

  • Don't click links in emails that you don't trust, always go the sites that you trust by typing it in your browser


These are just a few ways to help prevent yourself from being phished but nothing can prevent it but yourself. So remember to think before you click and think before you give out any information to unknown emails or people.
Related articles


VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , ,
Saturday
Jul102010

Email Oppurtinities that seem Phishy!!!

Author: AuthorPaul Sylvester | Date: DateSaturday, July 10, 2010 at 6:53PM |
Subject: Service manager position. Job ID 1278757758

Subject: New employment opportunity. Vacancy ID 1278793388
From: Xyla Cleveland <lopes_vivian@diamond-sky.net>
Date: Sat, 10 Jul 2010 11:29:22 +0100
To: (hidden)

Our company Diamond Sky, which is dynamically developing with every passing year, is going to offer you the convenience of various perspectives on the prospective position of a service-manager.

We are acting as concierge services in  7 highly-developed countries of the world. Our managers provide assistance in different spheres of business and leisure such as:
- booking of air tickets
- hotel bookings
- car renting
- search, hire and design of conference halls
- search, purchase and delivery of presents

As a result of our managers` assistance our clients are exempt from spending their personal and business time. Due to the fact that the services we deliver are in great demand all over the world, we expand  the stuff and we invite you to participate in the contest for the position of the Service MANAGER and to join, become a member of our company.

MAJOR DUTIES AND RESPONSIBILITIES of the service-manager are mentioned below:
-work with clients
-processing of orders of our clients
-processing and updating of our database of services

Position Requirements:
- efficiency in processing of orders
- responsibility in carrying out your duties
- good communication skills

We are constantly looking for diligent individuals, at all levels, to join our winning team, across all our concierge services divisions.
At Diamond Sky, we distinguish ourselves as a high performance organization with hard-working people who provide quality service to our customers. We believe that one of the most important functions of management is to provide employees with the possibility to develop their talents to the full. The benefits are job satisfaction for our employees enabling them to make a positive contribution to the success of the company.

If this position seems to be interesting to you, you fit the requirements and would like to become a member of our company
send your resume  and your contact phone number to vivian_lopes@xxxxxx and we will contact you.

My Wife got this email and I wanted to talk about how this looks phishy!!   After doing my research about this company, by going to their website. You’ll probably thinking they have a website, well it isn’t a very useful website just a page that has nothing clickable or even any phone numbers or where they are actually located.    This is why I suspect there is more than meets the eye.   I wanted to warn people not send your resumes to people you have no way of verifying because like anything else if you have done your homework, you will have found my website.  This is most likely a way to get your personal information from your resume,   like you name, your email address and you home address and other sensitive stuff.   Since there was no way to contact them directly I would advise caution when you find emails like this and the possibility of a job.   It seems like more and more these scammers and other nefarious people will lure you into giving out your personal information in hopes of landing a job to help pay off your bills and other such necessities.     If you get this email, I would just delete it and do not even consider this a viable source of a job opportunity.    My Wife got 3 different emails from the same place, I also did some searching and I found the website in question was recently made June 29, 2010. Stay Safe and remember do your homework before you jump into anything like this!!


I get my glasses from GlassesUSA. They have a Satisfaction Guarantee and evenPrescription Sunglasess for when your out doors. Give them a try, and I know you'll like them!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , ,
Monday
Jul272009

Computer Security : important caveat not all websites are safe

Author: AuthorPaul Sylvester | Date: DateMonday, July 27, 2009 at 8:54PM |
Everyday we've seen people get infections on there systems and most don't understand that they've been duped and have installed the software themselves.

In this article we will talk about how most people will willingly install these Trojans and virus themselves for several different reasons.

ineluctable truth about Human Nature


These malware authors know all about how people think.    It usually happens when people think they are seeing something provocative and something you can watch in your private homes.   There are several different ways to do this:

  • News stories --  Alas this is always being used to spread malware.   For example Erin Andrews Peephole malware.

  • Fake photos files -- This is also a very common ploy, to make people think it is a Photo but in reality it is an Executable.  Example : MichealJackson.JPG.EXE

  • Fake Codecs -- You visit what you think is a popular movie and it says you need to install a codec.  This is another way for people to get infected with a Trojan, or a Virus.   For example : [intlink id="3739" type="post"]Harry Potter and the Half Blood Prince malware[/intlink].

  • Fake PDF's --  There have been known exploits in the Adobe Reader and Adobe where a malware author can take control over the pc and install whatever they want into the system.  Example : Attackers Target New Adobe Flash/Reader Flaw


As you can see these are just a few but have been used in the past so it doesn't mean they won't be used in the future.   The Malware authors will also use Social sites to infect your pc, Here are a few common ones:

  • You get a message that states "[intlink id="3662" type="post"]Look at this[/intlink]" Most of the twitter users were very curious and had not seen alot of malware on twitter and was very trusting, so they would willingly go to these sites not expecting to get a trojan or virus.

  • You get a message in face book "You look just awesome in this video."  You try to go to the URL and it says You have to update your flash player.   This is another common way to get the user to install a trojan or virus and think it is a legitimate update.

  • Twitter Spambots --  You get a message about a Registry cleaner but it is a rogue Antivurs.  You down load this software and without thinking run it and your infected.   Twitter and facebook users are to relax to see just how dangerous links can be.


Most or all can be used as email also so you don't have to be on any site to recieved an attached file with something similar to that you see up there.   You must never download anything you know nothing about and if in doubt scan it with several virus scanners by uploading it to Virustotal that is a good site to see if some well known vendors consider this program or file to be a virus. These were just a few, I am sure I have missed several and will probably hear about this from the users. I encourage people to discuss this and talk about other ways this can happen.

I recommend:
[ad#SUPERAntiSpyware]
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , ,
Thursday
Jul022009

How to Send Files Securely -- Securezip

Author: AuthorPaul Sylvester | Date: DateThursday, July 2, 2009 at 8:20AM |
I've been testing out Securezip the last few days and I am convinced this is the best option people can use to send files through email.

How does Email work?


So Let's get down to the basics of Email.   Email uses DNS just like the web pages it also can be Sniffed if you are using a public hotspot or other unecrypted networks.   We've seen people talk about Email Privacy and documents alone can be the most private thing we have.

Email has to be sent through several different servers that you have no control to get to its final destination.   So if your really paranoid you know that a server could be used for the man in the middle scenario.   In which some server claims to be the final destination and here it is copied and sent on to the true person.

Securing your Email


As you can see email privacy is as easy as telling people everything they want to know about you.  Email Security is always going to be an ever evolving technology, because those who want to listen will tend to find ways to listen. You could use PGP Email Encryption to prevent people from reading your emails but what about the files?

[ad]Softpedia has an excellent screen shots of the Securezip.   I would strongly recommend check the screenshots out first.     Here are Three points of interest for people who want to consider Securezip:

  1. You can Digitally Sign the zip the File --  This is good to start doing to prevent people from claiming they are you and sending files that aren't really from you.   So this would help prevent people from spoofing you sent you the file.

  2. Passphrases --  Also good to use because even if someone takes physical control of your computer they will still need to know the passphrase to open the file.

  3. Public and Private Keys -- Each person has a certificate from Comodo where as you install a private key into your system and only your system can open it or encrypt it.   You can send this file to multiple people to be able to open this file up.


So in short this is the best possible way to keep your files safe from hackers and man in the middle attacks.   Although if you only have one securezip and not PGP, people would still be able to read your emails so to be safe on the internet you should also encrypte your private emails to better protect your privacy

[Download Securezip]
VPN4ALL best privacy&encryption
Comment3 Comments | in , , , , , , ,
Thursday
Jun252009

Spoof Spam from Skype users

Author: AuthorPaul Sylvester | Date: DateThursday, June 25, 2009 at 9:10PM |
I got a strange email from Skype:

Click to Enlarge Click to Enlarge

As you can tell this is spam but it got through my spam filters because the spammers are actually spoofing the email address.  Upon further inspection of the headers of the message I have found this came from a Black Hole IANA.org name server.   Then when I did some even more investigation on this, I found that they are seeing more and more of Email Spoofing for Skype. Which if you went to that URL (Websweetness.com) you will not like what you see.   IT is an Adult site but that is besides the point.  I am betting the spammers are trying to fool the spam filters to make sure this get through.  I talked about the [intlink id="3566" type="post"]Skype Bots[/intlink] before and this seems to be another way they are using Skype for there spam campaigns.


Skype is getting to be used by almost everyone who has internet so this is a good bet that people will get even more spam from spammers who are trying to get around the spam filters.  Until Skype fixes this problem, you can go into Email settings and uncheck "Skype can contact me when someone adds me as a contact".   Although I would like to prevent this totally until they add a way for me to only receive messages from people on my contacts through email this will always be problem until they do that.


Remember if this got through there are a number of things that could also get through such as A Phishing attempt, Scam, or even an Exploit link to have software installed on your system.  So I will always caution people in clicking links they don't know where they go and not everything from friends are always going to safe.  I would recommend people download some good [intlink id="2205" type="page"]Anti-virus and Firewall[/intlink] software to better protect your system and make sure you surf the web a little more safer.

VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , ,
Monday
Jun082009

Canadian Pharamacies not from Canada!!

Author: AuthorPaul Sylvester | Date: DateMonday, June 8, 2009 at 8:57AM |
I got an Email that happen to get past the spam filters and wanted to talk about it.   The Email goes like this:
Hi there
Hey where have you been recently ? I could not get any news from you for a long time. Anyway, I found a decent pharmacy store from google last week. I decided to give a shot because it was Canada Licensed Drugstore. Well the prices were % 65 cheaper than the local pharmacies in my region. So I took a chance. I took my medicines in my hand 3 days after i ordered and they were packed very well as they claimed that they provide full anonymity. Needless to say medicines are legit and they give me what i want :) If you need any medicine without any prescription, give it a try until the discount ends.
Take care of yourself. I included the url below. See you later.

http://www.guidefabledme.com

Several things makes me wonder where it stands out that this is just spam. Here are some examples:

  • the word Google -- It isn't capitalised and that should be capilitized.

  • Bad Grammar -- This shows me this isn't even close to Canada, I'll explain later in this article.

  • Makes it sounds like I know the person --  Again this email tries to socialize and makes you think you know the person.


[ad]The first untrusted relay in  this email is the the Url Redirect, the instant you click on that you are transported to perfectpharmstart.com which isn't even located in Canada.   If you check the whois on this domain you will see it is [intlink id="3141" type="post"]located in Russia[/intlink].

So the "Canadian Licensed Drugstore" isn't real in the sentenced because It is nowhere close to the Canada.  I looked around the website and find there is this number "(210) 888-9089".   I read what people posted on the forums they were calling this a scam.   I do not know if it is or not but I do know you are far better getting your drugs from your local pharmacy and not even trying to order online.  You don't know what they will send your is the right stuff.  Also if you want to contact them just click on the Contact  us, but you won't find any information there it will be a web form.

So let's go over this again, I get an email from a Verizon User which shows a the guidefabledme.com is in the US, but the Redirect goes to a Russian server.  That one things is the most important key, they are trying to get you to think you are trusting a US or Canadian site but really are just be sent to a Russian server.  Although the URL will change the idea is the same they will probably change it around soon or later with a different URL but the email will be the same.  I would be willing to be it will be a different redirect all together but if you check it out it will be in Russia and not Canada.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , ,
Sunday
May172009

You've got hacked thanks to Twitter : Don't "email me at"

Author: AuthorPaul Sylvester | Date: DateSunday, May 17, 2009 at 7:49PM |
I was reading a blog post about Spammers Harvesting Sorrow From Twitter.

Something came to my mind, so I did a little research and a lot of thinking and it finally came to me. It is easy for someone to find your email and use it for there own means. There are several different scenarios I can come up with:
    [ad]
  • Impersonating someone you know --  It is quite simple to find out who we know and who we follow.  You can always find someone who you don't know the email address of and make it seem like your them to get even more information from the person.

  • Receiving Viruses, Trojans, or worms --   Although if you have a good Anti-virus this one won't be getting to you but  according to ESET : 10 percent of computer users didn't know if they had anti-virusware installed. This means that there are going to be some success for malware authors to send out a virus to every who twitters there email address and still have success.

  • Try to guess your password --  If they have your email address, which is almost like your SSN in some respects, they could go to Facebook and try to get into your account by doing a Dictionary attack or a Brute Force Attack.  They may even try to hack into your email address just to get access to all the other accounts.


I am sure I am going to miss others that could possibly happen but this isn't about what could happen this is about ways to prevent this type of stuff.   Chris Pirillo seems to think that if we use the "AT" and "dot" in place of the real things that no Bot would be able to figure that.   I say no because this is the easiest thing for a bot to do is to copy everything after the "Email me at"  and put it in a text file.   Then the person harvesting the email address would just have to go through and find all them that have the "dot" and "at" and change them to what they should be.  I have been watching the search terms for the last few hours and it seems there is a new person posting there email address every 5 minutes or so.  Have you don't it in the past?

In short, if you want someone to email you it is always best just to send a Direct message to them so no other eyes can see it.  I'd also suggest installing some [intlink id="2205" type="page"]Free Anti-virus and Firewalls[/intlink] if you haven't already to better help your protect your personal information.  Remember only you can prevent from getting your personal information stolen.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , ,
Sunday
May032009

Miketechshow Listener Roundtable : #242 Backups

Author: AuthorPaul Sylvester | Date: DateSunday, May 3, 2009 at 9:04AM |
We had a great time talking about backing up our system. On a side note, I'd like to tell people that During the Round table, I was restoring my system due to a major network issue. The system wouldn't stay connected at all to my network or my [intlink id="3059" type="post"]USB A600 Cricket Modem[/intlink].  I used the A600 Modem during the podcast [intlink id="2601" type="post"]with Skype[/intlink], so the quality isn't as good as it should but that is due to two different factors.  One I had a cheap headset and two the bandwidth limitations.  This however shows that this is possible and works really well.  I also used the [intlink id="3387" type="post"]Antenna[/intlink] for the Skype meeting.   It actually seems like a stable connection.   Although Mike has told us in his email this might be the last Round Table, so if you want this to continue you can either email him or twitter him telling him you want to keep seeing these podcasts.  I also talk about [intlink id="2646" type="post"]Roboform[/intlink] and how I make sure the passwords are backed up.   We did talk about making sure to test our backups, so we know if the backup process works.   I have to say my backup procedure was without doubt working for me.   Even though I had some issues with Vista security updates after the restore, my restore to laptop didn't take more than an hour to get the programs that I wanted back on the system.
Mike Tech Show Listener Roundtable #242 Backups

Follow us on Twitter -

IRC chat log from show [here]

Show Links -

System Image:

Syncronization Programs:

Backup Software:

Online Backups:

Online Photo Backups:

Other Solutions:
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , ,
Friday
May012009

New address cnuncn.com, old Yahoo email

Author: AuthorPaul Sylvester | Date: DateFriday, May 1, 2009 at 9:43AM |

In my Previous Email about yahoo [intlink id="3330" type="post"]email accounts being use[/intlink]d and then their contacts being deleted.  I recently came across another post about this email but with a new address so I go to the site and see and It looks like the old one:


cnuncnyahooemail


It looks like this site was registered on 9-27-08 and Looks like the other site nekcn.com:


nekcnyahoospam1



[ad#cricket-right-ez]As you can see this looks like the other one, both of them are Chinese websites.  I have heard from one or two users that this is a Scam website trying to scam you out of money.  I am also sure the scammer just started doing this with the emails due to my previous post about this site. I wouldn't purchase anything on these sites. I have created a Forum area to discuss Email scams like this one and warn others of new scams like this one.   I hope you warn the person who sends this out that they have been compromised and should reset there password.  This is one way to gain control over your account.

Remember there are sites out on the net that [intlink id="3407" type="post"]would like to get your email account or your Facebook account [/intlink]and spam people.  The reason being is that contacts people have with each other are more likely to get through the spam filters to the person.   The Email reads:
Dear friend:

What are u doing these days?I am going to recommend a Eshop to you.Yesterday I found a web of a large trading company from China,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer really competitive and reasonable price and high quality goods for their clients,so i think you will make a big profit if you did business with them.And they promise they will provide the best after-sales-service.If you are interested to do business with them,in my opinion, you can make a trial order to test that.

Their Web address: www.cnuncn.com or www.nekcn.com

[Via Yahoo Answers]

In case someone has a question about this, please feel free to post to Forums and someone will answer it.  It is a good idea to install [intlink id="2205" type="page"]Free Anti-virus and Firewall[/intlink] software to better protect your system.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , ,
Wednesday
Apr152009

Dear Friend Spam Emails from Yahoo

Author: AuthorPaul Sylvester | Date: DateWednesday, April 15, 2009 at 12:36PM |
The email from our[intlink id="3233" type="post"] old friend has come back[/intlink] into now compromising Yahoo accounts by sending out this email:
Dear friend:
What are u doing these days?I am going to recommend a Eshop to you.Yesterday I found a web of a large trading company from China,which is an agent of all the well-known digital product factories,and facing to both wholesalers, retailsalers,and personal customer all over the world. They export all kinds of digital products and offer really competitive and reasonable price and high quality goods for their clients,so i think you will make a big profit if you did business with them.And they promise they will provide the best after-sales-service.If you are interested to do business with them,in my opinion, you can make a trial order to test that.
Their Web address: www.nekcn.com

In what seems to be the way of this advertisment company, it seems they have been doing what they did with Hotmail.  Deleting your contact list and emailing your friends with this message.  Now I am thinking it is being done by them [intlink id="2660" type="post"]Phishing for the password and Account name[/intlink], they probably set up an web page to look like Hotmail or Yahoo.  One thing to remember to do is check to see that you address bar looks like this:

yahoomailloginYou should make sure you see the "https", meaning that is a encrypted login and also make sure you see either Mail.yahoo.com or Login.yahoo.com.  If you see anything else included in your the screen like maybe a .ru or .pl then you aren't logining into the true yahoo account.  Obviously the website shouldn't be trusted until they advertise the right way, and find ways to advertise online other than spam.  If you get an email saying you need to do something with your Hotmail account or yahoo mail account you should not click any links and go to the site manually to investigate the problem.  You should never click links in email that you don't know where they are going.  Thanks to Jazzcorner for Alerting me that they have started to do this with yahoo.  I am betting the next one will be for Google Mail, or Gmail as some will call it. It wouldn't hurt to have a [intlink id="2205" type="page"]firewall and Anti-virus[/intlink] and also check your system out just to be sure.
VPN4ALL best privacy&encryption
Comment4 Comments | in , , , , , , , , , , ,
Friday
Apr032009

Hackers Jump onto Power Point Exploits : KB969136

Author: AuthorPaul Sylvester | Date: DateFriday, April 3, 2009 at 11:23AM |
In my Previous post, we talked about Microsoft [intlink id="3280" type="post"]Advisory for KB969136[/intlink] and the exploit was in the wild.  It looks like Trend Micro has published some new spam attempts to get the users to open up the Maleware for them to deposit TROJ_PPDROP.AB onto there systems.

[ad#cricket-right-ez]Trend Micro has some screen shots of the most common Fake Presentations for you to see just how they try to get you to open the file.

Although these are some common tactics for  attackers to use such as  nude pictures, Earth Hour, or Celebrities without Makeup,  users who don't normally use PPT should check the files out before you load them.  You also should remember to save them to a file and [intlink id="2205" type="page"]scan them with your Anti-virus software[/intlink], also it wouldn't hurt to have a firewall software.  It looks like these exploits tries to connect to the internet and you might be able to find out by the request from the firewall.

According to Internet Storm Center, the CVE place Holder for this is CVE-2009-0556 and hasn't become live yet. I do not think they will release that information until they get a chance for Microsoft to patch the systems.

This would be a good time to remind IT staff and anyone who might use Power Point that they should not open anything they aren't expecting and even then they should verify with your IT staff that it is safe until Microsoft issues a patch for this. I expect that if this become widely used it will be released out of Cycle or even In May's Patch Tuesday. According to Microsoft you could install Microsoft Office Isolated Conversion Environment (MOICE) but requires Office 2003 and Office 2007 systems. Find out how you can use this work around at Microsoft's Advisory of KB969136 for further instructions.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , ,
Sunday
Mar222009

Are You and Your Friends Fine -- Virus Spam

Author: AuthorPaul Sylvester | Date: DateSunday, March 22, 2009 at 5:52PM |

Logged into my Google Email and was checking my spam to see what I see and this one draws my attention:

virusspam

I think I know where this is leading me but I click the link and this website with the Reuters logo pops up:

fakesvideo

Now as you can tell this looks authentic but when I did go to this site, AVG detected some trojan.  It blocked it, but  the file that it is downloaded called "save.exe" and I have talked about [intlink id="2991" type="post" target="_blank"]flash player fake updates[/intlink].  I have seen other blogs talking about dirty bomb news report leads to malware.  I don't know about you but if I wanted to update my flash player, I go to the source and not use any links.  It is wise not to download any programs or files and run them without properly checking them out for viruses and Trojans.  You should have a fiewall and anti-virus running at all times and that will help but it is your actions that help your prevent from getting viruses or Trojans.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , ,
Saturday
Mar142009

Malicious Spammers target Bank of America

Author: AuthorPaul Sylvester | Date: DateSaturday, March 14, 2009 at 5:29AM |
I've saw two different security firms talking about Bank of America and I wanted to share with you:

Fake Bank Of America SitePicture from F-secure


[ad#cricket-right-ez]The two sites are F-secure and Pandalabs who are talking about Bank of America and how they try to get you to install malware.  With Adobe having just sent out the new updates last month it looks like spammers are using this to get people to install Malware.


It is also been known to be floating around in Facebook this spam.  So if you get a link going to a site you don't know about to see a video and it says you need a codec or the Adobe update you should turn right around and leave site. You should always type in the url of Your Bank and not go there through links.


From what they are saying it monitors Network traffic and Steals ICQ, POP3, and IMAP passwords.  If you find network traffic going to Hong Kong IP, then it is time to check to make sure all your Virus definitions are up to date and you've installed an Anti-virus and Firewall.  I would encourage  users to report it to Phishtank so that any other unsuspecting user or person going to that site will be warned.

VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , ,
Monday
Mar092009

Are you Email domains being blocked by Cricket?

Author: AuthorPaul Sylvester | Date: DateMonday, March 9, 2009 at 9:53AM |
So I got this Tweet from Mai_ling on twitter and she said:

mai_lingemail



So I did some digging around the net and found it is something that is a common practice for ISP's to block PORT 25.   If you want to find out if Cricket is blocking your mail service you can easily follow these instructions to see if port 25 is actively being blocked.  So what are some options in fixing this little problem.

[ad#cricket-right-ez]Due to spammers exploiting port 25, ISP have been blocking port 25 for other domains but theirs.   You can receive email but not send email.  Most ISP's have a way for you to have an Alternative Port that you can use and you should check with your email domain provider to see if you can send and receive on either a SSL or another Port.

You could set up your email client to receive on port 25 but send out on the SMTP server of Gmail.  This would be useful for people who want to send mail out but not have to change there email address.  People will still see it coming from whatevername@whatever.com.   You can tell Thunderbird to send out on the port and yet use your domain as your email address.

Another possible solution that may work for some is to sign up for Google Apps.  The downside of this is It cost 50$ a year but that is 4.20$ a month to be added on to your Cricket Modem charge.  This looks promising and has a 30 day trial so, if it works then you will know before you have to pay for anything.  This should be dealt with by Cricket, they should have a way for there customers to send and receive email without having to jump through hoops to send email and receive email.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , ,
Monday
Mar092009

Fake Emails about Windows Support spam!

Author: AuthorPaul Sylvester | Date: DateMonday, March 9, 2009 at 7:33AM |
According to Trend Micro, Some malicious software is being sent to unsuspecting users about Windows SP1 andSP2 having a error that could damage software or even hardware.  See Trends blog with the photos of the fake spam.

[ad#ad2-right]Although from time to time Microsoft does send out security information to Technet subscribers people have also used this in the past to get people to install Viruses and Malware, like this one that installs TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information




Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.


[Via Microsoft]



So if you get an email from Microsoft you'll probably want to delete it.  Any Microsoft communications will be sent from the Update center.  You should never install software that is from an untrusted website.    If you are concerned you should check the web and find out what people are saying about the situation and see if it is a scam or true!!  Remember only you can prevent a virus or Malware!

VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , ,
Thursday
Mar052009

I hate Snopes Spam

Author: AuthorPaul Sylvester | Date: DateThursday, March 5, 2009 at 11:13AM |
As you know Snopes is used to find out about urban Legend and Rumors:

I received a Virus alert from my RSS feed about Email virus warning.  It even adds a Snope URL.  The Author just copies and pasted the virus warning into the blog without even going to Snopes.
[ad#ad2-right]
According to Snopes and I'll quote:
Although the Postcard virus is real, it isn't a "BIG VIRUS COMING" (it's already been around in multiple forms for a long time now), it will not "burn the whole hard disc" of your computer, CNN didn't classify it as the "worst virus" ever, and it doesn't arrive in messages bearing a subject line of 'Invitation.'

[Via Snopes]

Now as you can tell the link described in the blog post was "http://www.snopes.com/computer/virus/postcard.asp". If you went there, you'd have seen this as a not really true and some parts of this might be but that part about burning your Hard drive or even consider the Worst virus isn't true.

Some things you need to consider before forwarding anything is:

  • Is it completely True?

  • Is it Legitimate?  (True blown warning about something like a product recall  or something important like that)

  • Does it Say to Forward? (if so it is probably not wise)

  • is it from a Friend (If so you might want to remind the friend nicely that it isn't nice to send spam)


If you follow some of these suggestions you'll be making the Internet a far better place for everyone.  Remember if you don't know, it's time to learn.  if you do know, it is time to teach.  These are the fundamental aspects of using the internet the right way.  Also if it is a fake virus warning you should tell them to get a Free Anti-virus and Firewall to better protect them.  Also  remind them that if they keep their system updated then they shouldn't be too worried.  Remember only you can prevent a Computer Virus and it's up to you keep your system up to date.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Wednesday
Mar042009

Microsoft Releases the Patch Information for March

Author: AuthorPaul Sylvester | Date: DateWednesday, March 4, 2009 at 8:07AM |
Microsoft Has Released the Patch information For march and This is what is expected to be patch on March 11, 2009:

  • Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (Kb949029) -- This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  (affected System : Microsoft Office)

    • [ad#ad2-right]
  • Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (Kb949031) -- This security update resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. (affected System : Microsoft Office)

  • Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (Kb949030) -- This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. (affected System : Microsoft Office)

  • Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (Kb933103) -- This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  (affected System : Microsoft Office)


These Four are all Critical and should be applied the week of March 11, 2009.  Their are Seven Patches coming out, but these are the main focus.   According to Microsoft they have released MS08-014, MS08-015, MS08-016 and MS08-017 to better help you find out which ones are affected.

Now is the time to get AutoPatcher ready and make sure it is up to date on any patches that might of came out this month that you didn't know about.  Also consider downloading the new version of Anti-virus and Firewall software while you are it.  In case you come accross a rogue virus and need to disinfect it!!  Some of these patches for this month is due to the EXCEL vulnerability that is out right now and is in the wild, so that should be your top priority once Tuesday come around.  Remember hackers will start exploiting these patches on Wensday and you will be racing against the clock.   One last bit of information for the Mac Users you should also apply these patches they are vulnerable to according to Microsoft.  I'll update as more information becomes available!!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Page 1 2 3 Next 20 Entries »