Most Common E-Mail Scams This Week
We saw a resurgence this week of the "You have received an e-greeting" e-mail scam. The various types of debt relief scams were
also widespread.
These debt related email scams came with a huge variety of subjects, including, "debt relief", "christian debt relief", "south
carolina [and other states] debt consolidation", "debt buster", "debt reduction", "consolidating debt", "get out of credit card
debt", "tenant debt consolidation", "unsecured debt consolidation loan", "debt consolidation loans for people with bad credit",
"help to get out of debt", etc. etc.
We also saw several cases of online pharmacy scams with subject lines similar to: "Never be ripped off by a doctor again", or
"Get all of your pharmacy needs online".
As always we remind you to remain skeptical and make sure all your friends and especially those most vulnerable, know
that if it seems to good to be true, it probably is.
BBB Warns Against Credit Union Scam
These next two reports from outside our area are ones that we've seen more and more often. Be aware of these types of scams because they
are very likely to be tried here.
Connecticut Better Business Bureau (CT BBB) has learned of a scam targeting customers of the Commonwealth Credit Union.
CT BBB reports the scam has made its way from Kentucky to Connecticut. Commonwealth CU has been the target of an extensive
“voice-fishing” scam. A recorded message tells clients their credit cards have been suspended, asks them to call a toll-free
telephone number, and once they do, they are asked for their credit card numbers to “reactivate” their accounts. Both
members and non-members of Commonwealth CU have received these calls on their cell, work and home phones. The Kentucky Attorney
General cautions against responding to the message.
Commonwealth Credit Union confirms it never makes calls asking for personal information. On its website, Commonwealth acknowledges
the voice phishing scam, and says thousands of people in Kentucky alone have been targets of these attacks. Among the toll-free
numbers victims are asked to call is one based in Columbia,
West Virginia Warns About Phony Debt Collectors
Consumers in West Virginia who at one time obtained payday loans over the Internet – and even those who never borrowed money at
all – have been getting threatening phone calls from alleged debt collectors.
West Virginia’s attorney general says the debt collectors are actually scam artists. Internet payday loans are short-term loans or
cash advances, usually for 14 days, made over the Internet via interactive web sites and secured by an agreement authorizing
debits of the loan and all fees owed from the consumer’s checking account. These loans typically charge interest rates ranging
from 600-800 APR and are unlawful in West Virginia.
The scam artists, who speak English with a foreign accent, call themselves “U.S. National Bank,” “Federal Investigation Bureau,”
“United Legal Processing” and numerous other phony names. They refuse to disclose real names and addresses and are believed to be
operating “off the grid” from homes, automobiles, or from off shore locations or foreign countries, including India. Since the
scammers have kept themselves purposely well hidden, the official says no law enforcement agencies have succeeded in locating or
shutting them down.
The scammers typically pose as law enforcement officers, investigators, lawyers, and bankers and threaten consumers that they will
be arrested for “bank fraud” or other fictitious crimes unless money is wired immediately. The scammers almost always call
consumers at work several times a day, and tell their supervisors, “Your employee has committed fraud and is about to be
arrested.” Such threats have proven unsettling even to the most savvy consumers and employers who suspect the calls are
fraudulent.
Both of these types of attacks are becoming quite prevalent nationwide, so be aware and avoid becoming a victim.
Hackers Resort To 'Sick' Kidnap Spam
Hackers are claiming they have kidnapped children in a bid to infect PCs with a Trojan Horse virus, says Sophos, and antivirus
vendor and security firm.
The security firm is warning users that emails entitled 'We have hijacked your baby' are being sent to Web users around the globe.
As well as asking for a US$50,000 ransom for the 'release' of the child, the messages also contain an attachement supposed to be a
photograph of the child. Instead the file actually contains a deadly Trojan Horse that will steal personal information.
"Receiving or reading these widespread emails themselves does not mean you are infected, but if users open the attachment they
will be infecting their Windows computer, they will give hackers an open door to take control and steal information," said Graham
Cluley, senior technology consultant for Sophos.
"There's no other way of putting it - this attack is sick. Hackers have no qualms about exploiting a family's natural instinct to
defend its most vulnerable members," added Cluley.
Apple Forgets To Fix iPhone Passcode Bug.
An iPhone bug that Apple Inc. patched last January to stop unauthorized users from bypassing the password-protected locking
feature has resurfaced in newer versions of the phone’s software. The bug also affects the iPod touch.
First reported yesterday by a user identified as “greenmymac” on the MacRumors forum, the flaw lets anyone sidestep passcode
locking by simply tapping “Emergency Call” on the password-entry screen, then double-tapping the Home button. That leads to the
iPhone’s Favorites, a list of frequently-called contacts, and their contact information, including phone numbers and addresses.
If any of the contacts have e-mail or Web addresses associated with them, the trick also allows access to the iPhone’s e-mail
application and Safari browser, respectively.
If you use an iPhone or one of the other effected platforms, make sure to stay tuned to Apple for a fix for this,
expected very soon.
Ubuntu Issues Warning, Urges Users To Upgrade
If you are an Ubuntu user, you may want to take note that the company has issued a warning to all its users to make sure they are
using the latest version of the distro.
Due to a security flaw, the vendor has warned that all versions from Ubuntu 6.06 onwards to 8.04 are vulnerable to a local
security exploit that could result in system compromise once the attacker gains access to root.
The flaw is not a remote vulnerability. The attacker would have to have an account on the system in question in order to attempt
the exploit, the result of which could range from crashing the system to compromising its data. The issue affects multiple
editions of Ubuntu, including Kubuntu, Edubuntu and Xubuntu.
Canonical sent the warning email earlier this week. If you are using an older version of Ubuntu, now is a good time to
update.
E-Mail Scam Targeting Law Firms Ensnares a Lawyer in Atlanta
I just include this to emphasize that fact that anyone can become a target in this battle, and just because you went to a lot
of college, doesn't mean you can't be fooled.
A lawyer in Atlanta who often handles legal transactions with Asian clients and often via email, was understandably fooled by an
email from Taiwan asking him to help collect a debt in the United States.
The "debtor company" sent him a cashier's check for nearly $200,000 and he depositied it in his trust account before wiring the
money to a South Korean bank. The check, of course, was counterfeit.
The Attorney waited three days after the check was deposited before wiring the money, as his bank had told him that was enough
time to ensure the check had cleared. However, the scammers had changed the nine-digit routing number at the bottom of the check
so that it was wired to a different bank then the one named, resulting in a delay in processing. The Lawyer's bank is now sueing
him for the money claiming that it extended him provisional credit when it wired the money to South Korea.
The scammer identified itself as Tah Tong Textile Co., a real company that trades on the Taiwanese stock exchange. However, the
attorney now says he's pretty sure there is no connection between that company and the scammers who contacted him.
There are reports of at least seven more attorneys who have fallen prey to similar email scams across the country.
BitRoll and Torrent101 Used to Distribute the Lop Adware
Panda Security today announced that PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has discovered
two spoof P2P application installers, BitRoll-5.0.0.0 and Torrent101-4.5.0.0 that are being used to install the Lop adware on
users' systems. These programs are used to exchange files between remote users and both these installers are available for
download on the Internet, so any user could access them and become infected.
The Lop adware is designed to display ads from various advertisers through pop-up windows, banners, etc. It also switches the
Internet Explorer home page to its own search engine. When searches are made with this engine, the results returned will be
advertising pages related to the search words.
Other false applications are also being used by cyber-crooks to install malicious code, such as a program called
wavesoftwarecreative.exe (which passes itself off as audio software) or another called bitdownloadsetup.exe.
To help prevent detection, this adware connects periodically to a Web page from which it downloads new files containing variants
of the code and making it difficult to delete all active malicious files on the system. If users try to use the program installed,
they will be able to search for files but not download them.
"Very often, users unwittingly 'consent' to installing adware through clauses in the license agreements of other programs,"
explains Luis Corrons, technical director of PandaLabs. "In this case however, there is no mention in the agreement about the
installation of Lop."
The Case of the 12,000 Lost Laptops
Business travelers are losing more than 12,000 laptops per week at U.S. airports. Only one-third of those are reclaimed,
according to a study by the Ponemon Institute, sponsored by Dell.
At the same time, more than 53 percent of polled business travelers say their laptops contain confidential or sensitive
information, and 65 percent of these travelers admit they do not take steps to protect or secure the information contained on
their laptop.
Companies are dependent on a mobile workforce with access to information no matter where they travel. This mobility, however, is
putting companies at risk of having a data breach if a laptop containing sensitive information is lost or stolen.
To gather more information about this concern, the Ponemon Institute conducted field research at 106 major airports in 46 states
and surveyed 864 business travelers in an airport environment. The airports with the highest number of lost, missing or stolen
laptops include: Los Angeles International, Miami International, Kennedy International and Chicago O’Hare. While Adanta’s
Hartsfield- Jackson International is the busiest airport in the United States, it is tied for eighth place (with Washington’s
Reagan National) for lost, stolen or missing laptop computers.
According to the study, the types of company information contained on business travelers’ laptop computers include customer or
consumer data (47 percent), business confidential information (46 percent), intellectual property such as software code,
drawings or renderings (14 percent), and employee records (13 percent). The average business cost when confidential personal
information is lost or stolen is $197 per record, says the Ponemon Institute. Even one missing laptop, however, can become a
serious problem for any organization.
New Online Encyclopedia of Internal Network Threats
Promisec has released an online encyclopedia of internal network security threats. The encyclopedia, which can be viewed by
anyone for free, is continually updated with detailed explanations of the latest internal threats. The site contains monthly
charts showing how internal network risk trends have changed in the past year, an internal security tips and tricks section,
articles on recent internal security incidents, an overview of internal threats, and a wide array of other resources.
Check it out at promisec dot com slash encyclopedia.
