Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Navigation
Sponsors

Entries in Facebook (39)

Friday
Jul102009

Hulu Days of Summer for July 13 through 17, 2009

So here are the Clues for:

And Here are what I think they will be:

As you can tell they are gearing up to release some good episodes next week. So people just sit tight and I will update as necessary when new clues come out. Check out the forums if you want to talk more about this and as always stay awhile!!
Monday
Jun152009

Facebook games having Scareware redirect Sites

I was on Facebook Yesterday doing my usually just playing one of my games when all of the sudennly this pops out:

powerantiviruscannerv2scam



[ad]As you can see this seems to be another site which is a [intlink id="3397" type="post"]scareware site[/intlink], the site Powerantivirusscannerv2.com is trying to [intlink id="3607" type="post"]scare you into buying a fake antivirus.[/intlink]   I don't know if it was Facebook doing this or if I got the redirect cookie somewhere else.    Although if you have downloaded the program that they want you to install or even think you have this fake antivirus installed, Spywareremove has the information needed to remove off your system.  It seems they are going to use social sites more and more and you should be careful.  I also have some good resources like [intlink id="2205" type="page"]Free Anti-virus and Free firewalls[/intlink] that would help protect you from this threat.

Somethings to consider when you see something like this pop up are?  Do you have antivirus or a firewall?  If so, then you shouldn't be worried to much.   Always look to see if you can see if it is a webpage and not from the system.  This is something the scammers are always trying to do to get your money.  Remember these sites are not really a trustworthy site and should be avoided at all cost.  I also recommend using the[intlink id="2362" type="post"] Hijackthis software[/intlink] to look for these rogue softwares in your system to better protect your system.

Remember not everything is real or truthfull on the internet with proper research and understanding you won't be making those rash decisions.   Only you can prevent you system from being infected.
Saturday
May302009

Juste Goes from Twitter to Facebook

According to Twitter Spam report:
"Best video" not so great -- we're working on it.
No matter how good that “best video” looks, don’t go to any juste.ru domains. We’re aware of the situation and are working on it.

[ad]Some sources have started to report this and how it was being sent out. It seems to be some kind of Virus that is taking control of your Twitter account. Althought this is not unusal, what is Unusual is that some have reported this jumping from Twitter to Facebook.

Juste.Ru seems to have been designed for both platforms and someone must of been logged into both to make this happen.   If you've gotten this message on Facebook you should just delete it and tell the person who sent it they need to do a [intlink id="2205" type="page"]system check[/intlink].   Also if you have been hit by this virus, first thing to do is clean your system before you do anything else.   Then reset your password, this way you won't be giving the virus access to the new password.

I talked about where you need to go tor[intlink id="3599" type="post"] reset your password,[/intlink] and it isn't to hard to do but in case your need to know just check out the other post about it.  You should always have an[intlink id="2205" type="page"] antivirus and Firewall[/intlink] this might of prevented this.
Sunday
May242009

New Facebook Phishing campaign!

According to Sans Internet Storm,  They have seen some signs of a new Phishing campaign like the[intlink id="3419" type="post"] Look at this Phishing campaign[/intlink] that went through a few weeks ago.  At the time of writing that report they weren't being resolved they now are being resolved making you look like you are logging into Facebook:




Phishing look a like!! Phishing look a like!!

[ad]Sites that are hosting these are in Belgium and are Redbuddy.be, Redfriend.be, and picoband.be.     If you recieve this with these urls you best thing you can do is just to delete them.   Some people have said it is using the term "look at this" I am unsure as to is or not but you can usually tell because of the the URL and if it isn't Http://www.facebook.com or Https://www.facebook.com then you aren't logging into Facebook but are logging into a fake site.


We've talked about [intlink id="2644" type="post"]why criminals want to use your account and why they need to get your passwords[/intlink].  I know they want to take control of your account for one reason or another but that is where the Facebook users need to keep watch on the URLS being displayed when you log into Facebook.    If you did that then you are one step ahead of the nefarious criminals and can be at peace.  Just like the Look at this campaign if you did visit those sites and given out your password it is strongly recommended to reset your password.


Update #1 -- More Domains have been created areps.at, greenbuddy.be, vispace.be, whiteflash.be, and bestspace .be . All these domains resolve to 211.95.78.98 And can be determined by going to Http://www.dns.be or http://www.dns.at  .   It looks like the server is hosted in China.  I wouldn't be surprised if t here were even more domains going to be regestered that were in Belgium!!  On a Side note it seems all these have a malicious hidden iframe in them so "DON''T Visit them unless you know what your doing".   I suspect that is how they are keep having people post to Facebook about these but that is only my theory!!  (Thanks Sans Internet Storm for all those updates)

Thursday
May212009

Facebook and Twitter Phishing going on today!

According to Techcrunch we have one phishing site ground around peoples inboxes on facebook with it say "Check areps.at".  You go to the site and you will think your at the facebook login but your not.  I wouldn't suggest going to any of these sites, it has been reported by Phishtank.

[ad]Some of the sites to avoid today are : "nutpic.at, bests.at, areps.at, kirgo.at" each site will make you think your at facebook but this is what most will call a [intlink id="3419" type="post"]Phishing scam[/intlink].  Some other things to avoid are some Twitter phshing going on today as well.

According to Trend Micro there is one where the url looks like it is a twitter url but isn't (tvviter[dot]com).  The site is what people would call a typosquatting site.   This makes people think they are on twitter but aren't.   If you go to these to sites and have given out your passowrd, it is strongly recommended that your reset them:

Facebook password reset page

Twitter password Reset Page

If you would like to know more about what phsihing is please check out my blog for more information.  Don't forget to check out the forums for more information on this or just to talk about anything on your mind.

*Some reports I am seeing is some of these sites might be trying to get you to install the [intlink id="2249" type="post"]Koobface virus [/intlink]so please be careful, will update when I find out more.*
Tuesday
May052009

It is looking like a Phish to me Niggabook

niggabookphish

This site looks to be another phishing attempt, a poor one at best. I go there and it seems that you get the Facebook Login screen. According to:
mj78niggabook

If it isn't showing Http://www.Facebook.com or Https://www.facebook.com then it probably is a a phish site.   If you've did use your password with this site, I'd strongly suggest changing it.   If I find out more I'll let you know.   I know that the site is from Godaddy but if this was done by accident or not I do not know.   I don't make the Name up Niggabook.com is the site and until more things become clear, steer clear of the site for the time being.   When I find out more, you'll be the first to know!!

Monday
May042009

Facebook malware sending people to junglemix.in Phishing!

fblightfacebookphish


It looks like this is the newest phishing attempt for the Facebook community.  According to Sans, there is malware trying to send out messages to go to "junglemix.in".  I visited the site and it redirects me to "http://fblight.com/".   This is a phishing site because you can see from the address bar.   As of writing this post, it has been flagged by Phishtank that this is a phishing site.  I am glad people are reporting these types of sites to prevent people from getting there account stolen.


Find out the other phishing attempts that have been talked about, keep yourself safe.  Also this is a good time to[intlink id="2205" type="page"] install some free Anti-virus or Free Firewall[/intlink] software to help protect your computer from Malware.

Friday
May012009

Facebook Phish : "Look at this!"

Facebook seems to be coming the most widely used Social Website around right now, I went to Alexa to see what it said about how many users go there a day and I find this:

facebookalexa

So No wonder there are a lot of people who want to get your personal information. Yesterday there was a new email that was spreading with the Subject "Look at this!" and it points to fbstarter.com. When you go there you will find it looks really like Facebook but your not really at facebook sign in page. They want to use your Facebook account to gather information about your email account, or who your friends with. They also might try doing the old Scam of asking for Money because they are someplace and can't get home without your help.  They could also want to spread a [intlink id="2249" type="post"]virus through your account[/intlink], or [intlink id="2958" type="post"]steal your identity[/intlink].

[ad#cricket-right-ez]At the time of writing this the site is active and looks like Facebook but really isn't.   You should always login in to Facebook the right way by going to:

http://www.Facebook.com


or


https://www.facebook.com


If you have went to that site and entered your password in there, I know it happens to even Journalists.   You can reset your password. This way you can make sure the people behind that site don't have your password.   I do suggest however you start using a more secure password.  You should always use both Numbers and letters in your password.  Use a different password for each place your signup for.   I suggest [intlink id="2646" type="post"]Roboform[/intlink] to better help you protect your password and it helps make up a secure password for you.  The nice thing about Roboform is that you don't have to write down your password on a piece of paper, but you do have to remember to [intlink id="3171" type="post"]backup your passwords[/intlink] from time to time.  Facebook is looking to be more and more a targeted for the criminals activity, and you should watch what you do online.


Wednesday
Apr292009

Another Facebook Phishing going on again! (fbaction.net)

facebookphish1


(Click image to enlarge it)



[ad#cricket-right-ez]

It looks like site fbaction.net (Don't go there) is a phishing site for people today.  It looks like it would send out an Email with the Title being "hello'" and a link to this website.  This is being sent from people friends and should not login to Facebook through this site.  Remember the other [intlink id="3008" type="post"]Phishing sites that happen with Facebook[/intlink].


Someone is wanting your password to either spam others or to use it for other nefarious means.   For the time being anyone sending your a link should be sent through facebook and you will examine them one at a time.   You should not got this site.


Some other things you can do if you have done this is to reset your password.  You could also change it manually but you might not be able to use your current password because the Nefarious person has changed the password.  This will allow you to change the password without the current password.   You should also consider using a good [intlink id="2646" type="post"]Password Manager[/intlink], this will help you identify a fake Facebook site really easily.


If you use a good strong password, one with both Upper and Lowercase with Numbers and symbols, you will have a password that most people will not be able to guess.  This will help protect your account from being compromised.


Also with people sending files, it is also recommended that you install some [intlink id="2205" type="page"]free Anti-virus and Free firewalls[/intlink] to help prevent people from sending malware to your computer.

Saturday
Mar142009

Malicious Spammers target Bank of America

I've saw two different security firms talking about Bank of America and I wanted to share with you:

Fake Bank Of America SitePicture from F-secure


[ad#cricket-right-ez]The two sites are F-secure and Pandalabs who are talking about Bank of America and how they try to get you to install malware.  With Adobe having just sent out the new updates last month it looks like spammers are using this to get people to install Malware.


It is also been known to be floating around in Facebook this spam.  So if you get a link going to a site you don't know about to see a video and it says you need a codec or the Adobe update you should turn right around and leave site. You should always type in the url of Your Bank and not go there through links.


From what they are saying it monitors Network traffic and Steals ICQ, POP3, and IMAP passwords.  If you find network traffic going to Hong Kong IP, then it is time to check to make sure all your Virus definitions are up to date and you've installed an Anti-virus and Firewall.  I would encourage  users to report it to Phishtank so that any other unsuspecting user or person going to that site will be warned.

Sunday
Mar012009

Facebook Goes Phishing again

In one of my Previous articles about the Koobface Worm, I talked about the way they were infecting the systems and what you need not do.

It seems that Trend Micro has seen an even more rise in people downloading the WORM_KOOBFACE.AZ and Seems to be on the RISE. This is all done with a Social engineering and Has had some attempts before with this little worm on Facebook.

[ad#ad2-right]After your Infected with this new Variant, it searches for cookies and Sends out a message to people from:
* facebook.com
* hi5.com
* friendster.com
* myyearbook.com
* myspace.com
* bebo.com
* tagged.com
* netlog.com
* fubar.com
* livejournal.com

This seems to be a social engineering Nightmare for these websites and as yet are unsure what else it does but it says the same thing it did before by saying "This is a Video of You on the Street." Which is bogus but none the less people click and think they have to download a codec or update their Flash. Social Engineering is on the rise and will be taken seriously. You should read the full report from Trend on what it does but you also should have an anti-virus and Firewall installed to prevent this from happening in the first place. The only true way of preventing this is not to be fooled, you should NEVER Download from a site you don't know or trust. See all the Facebook articles for more information.
Thursday
Feb192009

Careless Facebook profiling can lead to Identity Theft!

I just got in contact with a old friend from High school and another friend of mine suggest the new friend. I was looking at her profile and couldn't believe what I saw:

Something users shouldn't do!!!As you can see this is not good I was amazed at how many people are giving out there birthdays and who they are married to to friends and family. So we heard about how people are claiming they need help or are in need of desperate money. This is nothing new, as you know people are having hard economy times and people are using the social engineering to scam people out of money.

I feel that I should warn people the important necessity.   You shouldn't be broadcasting your DOB and who your married to to your friends, just in case they get hacked.
Recent activity indicates that identity thieves are hacking into trustworthy profiles before selling on the login details to interested parties. This information is used by spammers to target legitimate users, posting misleading links on their "walls" – personalized message boards.

[Via Computing.Co.UK]

This deservese a little mind and a lot of understanding.   By the spammers hacking into facebook accounts they have the chance to scam or spam people with links to possibly have a virus or trojan installer.

[ad#ad2-right]For example This one blog talks about the Virus:
Symantec's Norton Antivirus software has flagged this as a "high risk" Infostealer.Gampass virus. More info on this particular Trojan vius is here. (Note: Symantec warns the risk level is "low," since it originated in 2006, but this new Facebook email is a new iteration of the same virus.)

You might be inclined to click on this link because it's from a friend, but they did not intentionally send it to you -- and yes, their Facebook photo is attached, too.

[Via Sync-blog]

facebookident2Now I went searching through my friends list and also found this little bit of information.  As you can see this one is asking for people to use there account to scam people out of money.  They could use this to find out even more information of the Other partner and make you believe your talking to the real deal.   Saying they need money because they are stuck over seas or something like that.   I've seen this on other blogs where people have sent money to "friends" but are actually people who are the scammers.  Then if you send the money you are out of luck with your money and possibly your friends to.  I am sure there are more but this is prime examples of what you shouldn't do and why.

So what can you do to prevent Identity Theft and/or being scammed?


    [ad#cricket-right-ez]
  • Roboform Review — A Password Manager that will help protect your passwords from key loggers and other such phishing sites.    I strongly recommend it to to all who are security minded. (Never use the same password for all your accounts)

  • Are you worried about your identity? -- This is good information in checking out sites that might be questionable.  You can find out what type of site it by using your brains.

  • Old Phish Become New again -- This is blog post about twitter and what may happen if you did give out your password.   This is a good example of why you never should give out your password to third party websites.

  • Twitter Spammers a getting more smarter -- This is also good example of what happens when you see become friends with someone who isn't real.   You could be the next to be spammed and/or impersonated.


If you follow some common steps you to could prevent from being the victim or getting your Identitiy stolen.   Some things to remember is Never tell anyone your Birthday the whole date like someone did on twitter a few days ago.  It's nice that they are growing older but that gives people that much more information to use to steal your money or your idenitiy.   Think before you give out any personal information like Age, Married, who your married to and anything that might be used to be able to access your account or your impersonate you.  Remember only you can prevent from being scammed or lossing your identity, you wouldn't want to have to pay for your mistakes.
Thursday
Feb192009

PolyMorphic Win32:Vitro Most Viraulent Virus

This seems to be an virus that is getting some people hit hard.   I wanted to blog about this because of the nature of Virus and Trojans.   I have read reports that this might be from Online Movies, and I have to say this is one reason why you must stay away from certain online movies.  I am going to take a guess that this virus requires a special CODEC, and you downloaded it and installed it.  It Could also be the update the Adobe Flash player idea to but still results in getting the Virus.

As I said before you take a risk when you go to sites you don't trust or know anything about.   You also should know that if you need a "SPECIAL" codec, you should just go on to another site.  These sites that claim they need this special codec means only one thing they want to install something without your Knowledge.

So what is this Virus:


The Virut family of viruses uses polymorphism to hide from all anti-virus protection, it infects executable files. File infection makes it very hard to repair a system that has been infected. W32/Vitro injects code in running processes and hooks the following functions in ntdll.dll which transfers control to the virus every time any of these function calls are made.

* NtCreateFile
* NtCreateProcess
* NtCreateProcessEx
* NtOpenFile
* NtQueryInformationProcess

[via Avast Forums]

After you get this very bad Virus you are done for.  You would need to install the Operating system from backups or even start a new.   This seems to be building this week and there isn't much you can do once your infected.  I do recommend a good Anti-virus and Firewall but that wouldn't fix the problem right now.  You will need to pull your backups out and start the process.  I suggest a complete wipe and then do the Restoring the backups.  This little virus likes to infect any .EXE it can so just restoring the Windows Directory will not help.  Remember only you can prevent from getting infected.
Saturday
Jan032009

New Twitter Phishing -jannawalitax.blogspot.com

I read Chris Prillo's Blog about this and wanted to investigate this even more. When you go to this site it looks like:

http://twitter.access-logins.com/login/ --Phishing site

When you go here the web address is : http://twitter.access-logins.com/login/ and it looks like it was a redirect form the blogspot.com site.   so what I did an experiment and just took off /login/ on the address and this pops up:



Face book fake -- http://twitter.access-logins.com/
[ad#ad2-right]

This website looks to like a facebook website so now you have to ask where is this at: Hunan China.  After I did a whois look up it looks like China is at it again.  These are trying to get on to your account to either spam or use it to get people to install software.   So what are things you can do?  If you have a question about this always check it out.  That is why I like to check everything out with these types of phishing scams.   I don't know why they want twitter accounts, I just know they are doing this now.   So if you get this message:




hey! check out this funny blog about you… jannawalitax . blogspot . com



Just ignore it and possibly blog the twitter account.  That is probably a bot or someone's account been hacked and is no longer valid.   I'll leave that up to you on how you handle that account.   This is to warn people about this account and warn people. Help Protect your password with Roboform, don't just use one password for all accounts.  It also seems to be possible worm, if you think your infected check out my resource on remove the worm.  Here's the link to that talks about this being a worm.

Saturday
Dec202008

What is Whois IP/Snapshot Website Locked!

Seems People are having this issue with Facebook:


[ad#ad2-right]Although I don't know what could be wrong I'd figure we talk about what it it means.
Whois -- is a query/response protocol which is widely used for querying an official database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet. WHOIS lookups were traditionally made using a command line interface, but a number of simplified web-based tools now exist for looking up domain ownership details from different databases. Web-based WHOIS clients still rely on the WHOIS protocol to connect to a WHOIS server and do lookups, and command-line WHOIS clients are still quite widely used by system administrators. WHOIS normally runs on TCP port 43.

[Via Wikipedia]

So what does that mean?  It means that when your IP sends a request to the server to find the IP address of facebook and it comes back saying "Website Locked" meaning the DNS server you are using is being blocked.  You can however unblock it by using another DNS like OPENDNS.  This service would ultimately let you use facebook.  This is how to fix the problem for those who are having the problem.
Monday
Dec082008

Facebook: Virus Variant comes back from the dead!

In my recent post, I talked about a Virus that is circulating around on Facebook.  It is know as the Koobface virus and has been changed a little by the programers.   So I what is Techworld saying, just this:

[ad#ad2-right]
In fact, Koobface is now using one of Facebook's own features against it, Lovet said. The latest variant uses Facebook's ability to redirect web links to drive users to malicious websites, often hosted on Geocities.com, Lovet said.

[Via Techworld]

If you have been victim to this little virus, you should check out my Virus removal page and download the programs that should fix this little virus for good on your system.  You should also check out my Previous post I also have some good tips and tricks to prevent the user(YOU) from getting hit by this virus in the first place. This virus is a Good social engineered virus, so please be careful.
Sunday
Dec072008

Facebook : Beware Spam for breakfast. (Virus)

In today's society, we've been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:
[ad#ad2-right]


The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user's friends via the site.

"Unfortunately, users are very trusting of messages left by 'friends' on social networking sites," said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. "So, the likelihood of a user clicking on a link like this is very high."


[Via Channel Web]



This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they'll say you need and if you've already installed this list of codecs then you know they'll not telling the truth and you can quickly get away from the site laughing.


[ad#ad2-left]What's this program name, it is call the K-lite Mega Codec pack. In this Pack you will be able to play almost everything without having to go download another program. This is done by people who want you to have all the latest codecs installed so you don't have to go by a program you'll only going to use once a month.



Once you've done that, you'll no longer have to worry for the most part about codecs. There will be times when you might have to visit that site and update them but that will be far less.


The other thing you must remember is if it says you must update your player. That should be a sign that there is something. I'll always go to the site and check for example Adobe. If it says I need to update my flash I'll manually type it into my browser. This way you will know you have the latest updates, if you need to update the flash player by all means go to here and update.


If you got the virus I'd check out my Anti-virus and Anti-Spyware page and that should show you will you need to get rid of the Virus. This virus is very easy to get rid of, just download any one of the anti-virus software and install it. Don't forget to update the virus database while your at it. That should fix the problem pretty fast. Remember the only way to prevent from getting the virus is YOU.

Page 1 2