Recently in Computer/Wireless Safety Category
T'was the week before Christmas and oh, was I stressed.
Then an email arrived... "you've got problems" it said.
It appears someone's hacked the blog on your site
cause when I clicked on your links, what I saw wasn't right!
With a quizzical face and lump in my throat,
I decided to check out this ominous note.
As I clicked on the browser and landed on my site,
a smile abound as all looked alright!
I wondered was his email a hoax -
Was this just a not-so-nice joke?
I fired off an email that wasn't so kind...
"don't know what you mean as my site looks just fine!"
He quickly responded to my one sentence note...
Denise he said, this is no joke,
Last night you were hacked -it was clear on the site
It may work now -but it didn't last night!
Someone attacked you -this much I know.
I'm not a kook Denise-and this is no hoax!
I read your blog often and know of your work,
I'm being honest, I'm a fan -not a jerk!
I've read many emails over the years
and can usually judge if they're fake or they're real.
My gut was telling me this guy was sincere -
my heart started pounding, my hands trembled with fear
I sent off this email to Steve, my webmaster,
within seconds he called to confirm this disaster.
Yes, you were hacked, this much is true.
We're under control now -there's nothing you can do.
No need to fret the problem's been fixed -
the hackers are gone, their plans have been nixed.
We'll need to watch it and there's still work to do,
But you needn't worry -we're protecting you.
Twas now two days before Christmas and all pleasantly hectic
Though stress level high -the site problems were corrected.
There were presents to wrap and still shopping to do,
Lots of baking and cooking and cleaning yet too!
The holidays were here, no time to relax
and then came the news...OMG, another hack!
It was quiet apparent there would be no relaxing for me
As these mean hackers had more tricks up their sleeves.
Someone again hacked the server you're on
And we've worked for days -our hours so long!
A new server's in order to stop these attacks.
But will that work, I quickly asked back?
I listened intently to the noticeable pause,
as he sighed and responded "I'm not Santa Claus.
I can't do magic Denise-but we've done all we can,
at least your blog's up -and running again.
If you are the target -we'll soon see friend,
And if they come back, we'll deal with them then.
Don't worry now, there isn't a reason...
Just try and relax-it's the holiday season!
After an uneasy night filled with tossing and turning
I awoke to a beautiful sunny Christmas Eve's morning.
The new server was running and all was okay
Did this server switch chase those mean hackers away?
That question would be answered; a dreaded call soon came through...
You've been hit again the voice said, -they're after you!
I'm sorry to say we must shut you down.
We can not continue to fool around!
I thought for a moment, scratching my head,
Thinking things were so bad... now my site's dead!
But then an idea sprang to my mind,
And I became determined that with it, we'd be just fine!
We'll get Albert involved, a top security guy.
He's costly but worth it -let's give him a try.
Hey Albert we have a big problem here,
can you take a look and share some ideas?
"Well of course" he answered in a pleasant but concerned monotone voice,
you need better security Denise -you now have NO choice.
And whenever I hear of a badly hacked blog,
It's usually by someone who's out to play "God"
They'll hack and they'll hack all night and day,
Whenever they don't like what you chose to say!
Have you been controversial or making some noise?
Are you up against foes who don't like your voice?
Yes, I relayed as a matter of fact,
I stood up for others who have been needlessly attacked.
Does it appear these hackers have targeted me?
Yes, he replied, that's clear to see!
Though the attacks were directed squarely at you
-next time they'll need to come through me -to get to you.
That's nice to hear, I like what you say
But the truth is Albert, they may not go away.
He smirked, then confirmed, with a sly grin on his face
yes, this could happen again -if they're determined to stay
But, if they come back to wreak havoc again,
next time, the FBI might just be waiting for them!
I'm glad to hear you won't play their games.
Let's track them down, let's name their names!
Whether it's a greed, corruption, abuse or fraud
we must continue to expose the harm these crimes cause!
So this is my tale of holiday woe,
taking my site down is not nice, don't you know!
But let this serve warning and maybe strike fear,
the next time you hack me the FBI may be near!
I thank all who wrote offering support and good luck
ya, they may have shut me down -but not up!
Then an email arrived... "you've got problems" it said.
It appears someone's hacked the blog on your site
cause when I clicked on your links, what I saw wasn't right!
With a quizzical face and lump in my throat,
I decided to check out this ominous note.
As I clicked on the browser and landed on my site,
a smile abound as all looked alright!
I wondered was his email a hoax -
Was this just a not-so-nice joke?
I fired off an email that wasn't so kind...
"don't know what you mean as my site looks just fine!"
He quickly responded to my one sentence note...
Denise he said, this is no joke,
Last night you were hacked -it was clear on the site
It may work now -but it didn't last night!
Someone attacked you -this much I know.
I'm not a kook Denise-and this is no hoax!
I read your blog often and know of your work,
I'm being honest, I'm a fan -not a jerk!
I've read many emails over the years
and can usually judge if they're fake or they're real.
My gut was telling me this guy was sincere -
my heart started pounding, my hands trembled with fear
I sent off this email to Steve, my webmaster,
within seconds he called to confirm this disaster.
Yes, you were hacked, this much is true.
We're under control now -there's nothing you can do.
No need to fret the problem's been fixed -
the hackers are gone, their plans have been nixed.
We'll need to watch it and there's still work to do,
But you needn't worry -we're protecting you.
Twas now two days before Christmas and all pleasantly hectic
Though stress level high -the site problems were corrected.
There were presents to wrap and still shopping to do,
Lots of baking and cooking and cleaning yet too!
The holidays were here, no time to relax
and then came the news...OMG, another hack!
It was quiet apparent there would be no relaxing for me
As these mean hackers had more tricks up their sleeves.
Someone again hacked the server you're on
And we've worked for days -our hours so long!
A new server's in order to stop these attacks.
But will that work, I quickly asked back?
I listened intently to the noticeable pause,
as he sighed and responded "I'm not Santa Claus.
I can't do magic Denise-but we've done all we can,
at least your blog's up -and running again.
If you are the target -we'll soon see friend,
And if they come back, we'll deal with them then.
Don't worry now, there isn't a reason...
Just try and relax-it's the holiday season!
After an uneasy night filled with tossing and turning
I awoke to a beautiful sunny Christmas Eve's morning.
The new server was running and all was okay
Did this server switch chase those mean hackers away?
That question would be answered; a dreaded call soon came through...
You've been hit again the voice said, -they're after you!
I'm sorry to say we must shut you down.
We can not continue to fool around!
I thought for a moment, scratching my head,
Thinking things were so bad... now my site's dead!
But then an idea sprang to my mind,
And I became determined that with it, we'd be just fine!
We'll get Albert involved, a top security guy.
He's costly but worth it -let's give him a try.
Hey Albert we have a big problem here,
can you take a look and share some ideas?
"Well of course" he answered in a pleasant but concerned monotone voice,
you need better security Denise -you now have NO choice.
And whenever I hear of a badly hacked blog,
It's usually by someone who's out to play "God"
They'll hack and they'll hack all night and day,
Whenever they don't like what you chose to say!
Have you been controversial or making some noise?
Are you up against foes who don't like your voice?
Yes, I relayed as a matter of fact,
I stood up for others who have been needlessly attacked.
Does it appear these hackers have targeted me?
Yes, he replied, that's clear to see!
Though the attacks were directed squarely at you
-next time they'll need to come through me -to get to you.
That's nice to hear, I like what you say
But the truth is Albert, they may not go away.
He smirked, then confirmed, with a sly grin on his face
yes, this could happen again -if they're determined to stay
But, if they come back to wreak havoc again,
next time, the FBI might just be waiting for them!
I'm glad to hear you won't play their games.
Let's track them down, let's name their names!
Whether it's a greed, corruption, abuse or fraud
we must continue to expose the harm these crimes cause!
So this is my tale of holiday woe,
taking my site down is not nice, don't you know!
But let this serve warning and maybe strike fear,
the next time you hack me the FBI may be near!
I thank all who wrote offering support and good luck
ya, they may have shut me down -but not up!
Koobface, a malicious virus that attacks users with spyware and then hacks their system for passwords and credit card numbers, has now been found on Facebook.
Many people enjoy networking and keeping track of friends and family through sites such as Facebook and MySpace which makes Koobface a challenge to those that frequent social networking sites.
How does Koobface work?
According to reports, the virus spreads via messages sent between friends on the site.
When one user is infected, his or her account will send messages to friends like, "you just look awesome in this new movie!" or "they said some bad things about you. Click here to see them." Of course, most Facebook users can't help but want to find out exactly what these messages mean. Even those distant, grade nine friend-of-friends will make many users of the site click on to find out more about all the juicy gossip. (Source: telegraph.co.uk)
If users do click on the link, they'll be led to a site asking them to update to a newer version of Adobe's Flash player. Downloading that bogus software will instead infect the victim's computer with a nasty worm that searches out personal information that can help hackers steal identities. Of course, social security and credit card numbers, along with banking passwords, are gold mines.
Spokesman for Facebook Barry Schnitt denies rumors that the site may have already been hit hard by Koobface;
"Only a very small percentage of Facebook users have been affected, and we're working quickly to update our security systems to minimize any further impact," he assured millions of worried users.
Craig Schmugar of McAfee Avert Labs said Koobface messages are likely to come from infected friends. The best advice is to be wary of Facebook messages, which could actually be from the Koobface worm. Facebook has posted a message on its security page advising users to install the latest antivirus software. Users who have been affected, the company added, should change their password. McAfee also warns against following unexpected hyperlinks, and adds that it's best to install software and updates from the source, whether Adobe or some other provider, instead of trusting content from a third-party site.
Facebook has not disclosed how many of its more than 120 million members have been infected with the virus.
"You must run an up-to-date antivirus, security patches, and firewalls," Graham Cluley, a senior technology consultant at Sophos advised. "That will not only help you defend your computer if you click on a dangerous link, but it will also help reduce the chance of a hacker stealing your Facebook identity and using it to spread messages to your network of friends."
Is this a serious threat? It's serious in the sense that Facebook users are receiving spam messages on their wall or Facebook inbox pointing to malicious content, said Cluely.
"A key factor which helps social-networking spam and malware succeed is that people are more prepared to click on a link or message if they believe it is from someone they know," Cluley said. "The average person is used to receiving unsolicited e-mails in their regular inbox, but believe messages have more credence when they arrive via Facebook. The message is clear -- people need to beware.".
Sources: it.toolbox.com,sfgate.com, infopackets.com
Many people enjoy networking and keeping track of friends and family through sites such as Facebook and MySpace which makes Koobface a challenge to those that frequent social networking sites.
How does Koobface work?
According to reports, the virus spreads via messages sent between friends on the site.
When one user is infected, his or her account will send messages to friends like, "you just look awesome in this new movie!" or "they said some bad things about you. Click here to see them." Of course, most Facebook users can't help but want to find out exactly what these messages mean. Even those distant, grade nine friend-of-friends will make many users of the site click on to find out more about all the juicy gossip. (Source: telegraph.co.uk)
If users do click on the link, they'll be led to a site asking them to update to a newer version of Adobe's Flash player. Downloading that bogus software will instead infect the victim's computer with a nasty worm that searches out personal information that can help hackers steal identities. Of course, social security and credit card numbers, along with banking passwords, are gold mines.
Spokesman for Facebook Barry Schnitt denies rumors that the site may have already been hit hard by Koobface;
"Only a very small percentage of Facebook users have been affected, and we're working quickly to update our security systems to minimize any further impact," he assured millions of worried users.
Craig Schmugar of McAfee Avert Labs said Koobface messages are likely to come from infected friends. The best advice is to be wary of Facebook messages, which could actually be from the Koobface worm. Facebook has posted a message on its security page advising users to install the latest antivirus software. Users who have been affected, the company added, should change their password. McAfee also warns against following unexpected hyperlinks, and adds that it's best to install software and updates from the source, whether Adobe or some other provider, instead of trusting content from a third-party site.
Facebook has not disclosed how many of its more than 120 million members have been infected with the virus.
"You must run an up-to-date antivirus, security patches, and firewalls," Graham Cluley, a senior technology consultant at Sophos advised. "That will not only help you defend your computer if you click on a dangerous link, but it will also help reduce the chance of a hacker stealing your Facebook identity and using it to spread messages to your network of friends."
Is this a serious threat? It's serious in the sense that Facebook users are receiving spam messages on their wall or Facebook inbox pointing to malicious content, said Cluely.
"A key factor which helps social-networking spam and malware succeed is that people are more prepared to click on a link or message if they believe it is from someone they know," Cluley said. "The average person is used to receiving unsolicited e-mails in their regular inbox, but believe messages have more credence when they arrive via Facebook. The message is clear -- people need to beware.".
Sources: it.toolbox.com,sfgate.com, infopackets.com
Has your machine been slow to respond lately? I don't mean on start-up, we all know that this is an indication that you've collected to many SpyWare programs. I am referring to when you are surfing the Web with your Browser. Have you noticed that it is starting to take more than one click to get where you want to go? If so, then you may already be experiencing a new security threat, called Click Jacking.
Click Jacking is what happens when you are viewing a website, and the attacker (which you never see), is able to select the links on the page that they want you to be directed to. Imagine that they have embedded a new link on a web site with less than adequate security, and now they are redirecting you to an even more hostile site to subject your computer to even more attacks by their new web site. This redirection of clicks, is called Click jacking.
ClickJacking was to be a presentation at a security conference in September. The original authors were ready to present their findings at the New York Open Web Application Security Project (OWASP) in September. When they discovered how serious the issues with Click Jacking really were, they withdrew their presentation so that they could present their findings to the vendors of the Web Browsers. In case you were thinking, yes the Internet Explorer is subject to this type of attack, along with Adobe.
Fortunately, those of you that have already switched your browsers by installing the Mozilla Firefox browser, have a solution for protecting themselves. The No Script add-on will protect the Firefox browser from getting clicked jacked. If you have not gotten the Fire fox browser yet, I highly recommend that you do, as it can protect you now, rather than waiting for the other browser vendors to update their software.
While there are many security issues on the web today, the number of vulnerabilities continues to grow on almost a daily basis. Your best approach to being protected is to use the best tools for security -any questions or concerns feel free to email me.
By: Guest Blogger
Albert E. Whale,
ABS Computer Technology, Inc
Click Jacking is what happens when you are viewing a website, and the attacker (which you never see), is able to select the links on the page that they want you to be directed to. Imagine that they have embedded a new link on a web site with less than adequate security, and now they are redirecting you to an even more hostile site to subject your computer to even more attacks by their new web site. This redirection of clicks, is called Click jacking.
ClickJacking was to be a presentation at a security conference in September. The original authors were ready to present their findings at the New York Open Web Application Security Project (OWASP) in September. When they discovered how serious the issues with Click Jacking really were, they withdrew their presentation so that they could present their findings to the vendors of the Web Browsers. In case you were thinking, yes the Internet Explorer is subject to this type of attack, along with Adobe.
Fortunately, those of you that have already switched your browsers by installing the Mozilla Firefox browser, have a solution for protecting themselves. The No Script add-on will protect the Firefox browser from getting clicked jacked. If you have not gotten the Fire fox browser yet, I highly recommend that you do, as it can protect you now, rather than waiting for the other browser vendors to update their software.
While there are many security issues on the web today, the number of vulnerabilities continues to grow on almost a daily basis. Your best approach to being protected is to use the best tools for security -any questions or concerns feel free to email me.
By: Guest Blogger
Albert E. Whale,
ABS Computer Technology, Inc
For more info on computer security see a few earlier blogs by Albert;
Over the last year, many of the reported data breaches have occurred through the theft of laptops. In fact, various manufacturers of GPS tracking software for laptops point to research gathered from the FBI and large laptop insurers that claim that one laptop is stolen every twelve seconds. And some say that number is conservative, since not all laptop thefts are reported.
Laptops are a growing target of thieves and with skyrocketing laptop usage, the number of laptop thefts will continue to rise -and so too will the number of identity thefts. When going wireless, we not only need to ensure we have properly protected our data and wireless access points, but we need to safeguard the laptop itself!
Government and corporate laptops have large amounts of data stored on them -and that data is viewed by thieves as the hottest commodity around -worth more than its weight in gold!
Today's laptop tracking software, offered by a variety of companies, once installed on your laptop, allows you to track the location of the stolen laptop, and better yet, some systems are designed to retrieve files off the laptop and simultaneously delete them from the stolen computer. Essentially, you are stealing back your own data -right before the thieves prying eyes!
Here are a few of this week's laptop thefts that reached the headlines, and computer theft stats...
Baylor Health Care says laptop with patient data stolen
Dallas News
A laptop computer containing limited health information on 100,000 patients was stolen from an employee's car in September, Baylor Health Care System Inc. said Monday.
A letter is being sent to the patients, including 7,400 patients whose Social Security numbers were stored on the computer.
Dr. David Winter, chairman of Baylor subsidiary HealthTexas Provider Network, said it could have been worse.
"Fortunately, the laptop did not contain comprehensive patient medical records, and, according to law enforcement officials, it is rare that incidents such as this result in identity theft," Dr. Winter said.
The data consisted of names of patients and medical codes relating to the treatment they received. The codes are a series of numbers requiring a medical code book to interpret, said Nikki Mitchell, a Baylor spokeswoman.
Baylor said it was in the process of upgrading its data security before the laptop theft and it had started installing a new technology that would allow it to track laptops and remotely erase data, if necessary.
Baylor is offering a $1,000 reward for the return of the laptop, which was stolen from a manager's car between 11 p.m. and 8 a.m. on Sept. 18 or 19 in Royse City.
It was within the manager's job description to visit Baylor locations collecting patient data on the laptop, but she was fired because leaving the laptop in her car broke protocol, Ms. Mitchell said.
"We take situations like this very seriously," Ms. Mitchell said.
Baylor is offering free credit-monitoring services to patients whose Social Security numbers were on the laptop.
It also set up a toll-free number, 1-800-554-5281, to respond to questions between 9 a.m. and 5 p.m. Monday through Friday. MORE
*************************************************
Man charged in theft of laptops pleads guilty
Paul Brian Steedman stole 32 laptop computers from his employer, a Marriottsville-based nonprofit health care company owned by nuns, prosecutors say.
The Westminster man then sold the computers on eBay, prosecutors say, listing photos of box labels with serial numbers that matched those of the stolen computers - along with a picture of himself as the seller and a user name that included his birth year.
Steedman, 28, pleaded guilty Tuesday in Howard County Circuit Court to a felony theft scheme and could now face 15 years in prison, according to prosecutors.
The state is recommending a sentence of 18 months in prison, five years of probation and about $53,000 in restitution.
In April, police responded to a theft complaint at Bon Secours Health System Inc., a nonprofit Catholic health system involved in managing hospitals, assisted-living facilities, nursing homes and home care and hospice groups in seven states.
Bon Secours representatives reported that Steedman, a former employee, had used his employee ID to gain access to a secure room on several occasions after business hours and stole about 32 laptop computers, according to charging documents. MORE
************************************************
GAO contractor indicted in laptop theft scheme
A former GAO contractor has been indicted in a scheme to steal and resell government laptops and other equipment.
Thirty-seven-year-old Darryl Lyles of Capitol Heights pleaded not guilty Thursday in U.S. District Court for the District of Columbia to charges of wire fraud, theft of government property, interstate transportation of stolen property, possession of stolen goods and first-degree theft.
Prosecutors say while Lyles worked at the Government Accountability Office in 2006 and 2007, he stole or caused to be stolen 30 laptops and a projector. They say he then posted advertisements for the items on craigslist MORE
***********************************
Bank of Ireland customer data on missing device
The Data Protection Commissioner is investigating the loss of a USB computer memory device containing personal details of almost 900 Bank of Ireland customers.
The full name, account numbers, first line of address and contact numbers for 894 customers from different parts of the country are held on the memory key.
The information was not encrypted despite this being required by the bank's policies and procedures.
A spokeswoman for the bank said the device had been reported missing last Wednesday and the Data Protection Commissioner notified yesterday. The bank began contacting these customers yesterday. MORE
Laptops are a growing target of thieves and with skyrocketing laptop usage, the number of laptop thefts will continue to rise -and so too will the number of identity thefts. When going wireless, we not only need to ensure we have properly protected our data and wireless access points, but we need to safeguard the laptop itself!
Government and corporate laptops have large amounts of data stored on them -and that data is viewed by thieves as the hottest commodity around -worth more than its weight in gold!
Today's laptop tracking software, offered by a variety of companies, once installed on your laptop, allows you to track the location of the stolen laptop, and better yet, some systems are designed to retrieve files off the laptop and simultaneously delete them from the stolen computer. Essentially, you are stealing back your own data -right before the thieves prying eyes!
Here are a few of this week's laptop thefts that reached the headlines, and computer theft stats...
Baylor Health Care says laptop with patient data stolen
Dallas News
A laptop computer containing limited health information on 100,000 patients was stolen from an employee's car in September, Baylor Health Care System Inc. said Monday.
A letter is being sent to the patients, including 7,400 patients whose Social Security numbers were stored on the computer.
Dr. David Winter, chairman of Baylor subsidiary HealthTexas Provider Network, said it could have been worse.
"Fortunately, the laptop did not contain comprehensive patient medical records, and, according to law enforcement officials, it is rare that incidents such as this result in identity theft," Dr. Winter said.
The data consisted of names of patients and medical codes relating to the treatment they received. The codes are a series of numbers requiring a medical code book to interpret, said Nikki Mitchell, a Baylor spokeswoman.
Baylor said it was in the process of upgrading its data security before the laptop theft and it had started installing a new technology that would allow it to track laptops and remotely erase data, if necessary.
Baylor is offering a $1,000 reward for the return of the laptop, which was stolen from a manager's car between 11 p.m. and 8 a.m. on Sept. 18 or 19 in Royse City.
It was within the manager's job description to visit Baylor locations collecting patient data on the laptop, but she was fired because leaving the laptop in her car broke protocol, Ms. Mitchell said.
"We take situations like this very seriously," Ms. Mitchell said.
Baylor is offering free credit-monitoring services to patients whose Social Security numbers were on the laptop.
It also set up a toll-free number, 1-800-554-5281, to respond to questions between 9 a.m. and 5 p.m. Monday through Friday. MORE
*************************************************
Man charged in theft of laptops pleads guilty
Paul Brian Steedman stole 32 laptop computers from his employer, a Marriottsville-based nonprofit health care company owned by nuns, prosecutors say.
The Westminster man then sold the computers on eBay, prosecutors say, listing photos of box labels with serial numbers that matched those of the stolen computers - along with a picture of himself as the seller and a user name that included his birth year.
Steedman, 28, pleaded guilty Tuesday in Howard County Circuit Court to a felony theft scheme and could now face 15 years in prison, according to prosecutors.
The state is recommending a sentence of 18 months in prison, five years of probation and about $53,000 in restitution.
In April, police responded to a theft complaint at Bon Secours Health System Inc., a nonprofit Catholic health system involved in managing hospitals, assisted-living facilities, nursing homes and home care and hospice groups in seven states.
Bon Secours representatives reported that Steedman, a former employee, had used his employee ID to gain access to a secure room on several occasions after business hours and stole about 32 laptop computers, according to charging documents. MORE
************************************************
GAO contractor indicted in laptop theft scheme
A former GAO contractor has been indicted in a scheme to steal and resell government laptops and other equipment.
Thirty-seven-year-old Darryl Lyles of Capitol Heights pleaded not guilty Thursday in U.S. District Court for the District of Columbia to charges of wire fraud, theft of government property, interstate transportation of stolen property, possession of stolen goods and first-degree theft.
Prosecutors say while Lyles worked at the Government Accountability Office in 2006 and 2007, he stole or caused to be stolen 30 laptops and a projector. They say he then posted advertisements for the items on craigslist MORE
***********************************
Bank of Ireland customer data on missing device
The Data Protection Commissioner is investigating the loss of a USB computer memory device containing personal details of almost 900 Bank of Ireland customers.
The full name, account numbers, first line of address and contact numbers for 894 customers from different parts of the country are held on the memory key.
The information was not encrypted despite this being required by the bank's policies and procedures.
A spokeswoman for the bank said the device had been reported missing last Wednesday and the Data Protection Commissioner notified yesterday. The bank began contacting these customers yesterday. MORE
Better Business Bureaus across the country have been issuing warnings of the latest known scams being perpetrated nationwide.
Here are a few of their latest warnings;
BBB warns of Postcard Scam
The Better Business Bureau of Southern Arizona issued a warning yesterday about scammers who leave postcards in mailboxes that are similar to the ones the Postal Service uses when it holds a customer's package or letter. They look a lot like the green certified mail receipts.
The postcard, which has been received by some Southern Arizona residents, tells receivers to call a toll-free telephone number to claim a parcel that's being held for them, according to the BBB. The card also says callers should have their credit card information ready.
According to the BBB it's just a marketing gimmick and people should remember that cards left by the Postal Service won't ask for credit-card information.
BBB Warns of Scams Targeting Seniors
The Better Business Bureau's (BBB) Northeast California office has issued an area-wide alert warning of a series of scams targeting local seniors and urging people to use caution when being approached for money -- even if the request comes from somebody claiming to be a relative.
Locally, the BBB has received dozens of complaints against fraudulent companies from consumers who have supposedly been selected to be mystery shoppers or who are told they have won large sums of money from a lottery.
The latest scam involves fake checks of between $3,000 and $5,000 that are sent to the prospective victim along with an explanation that the funds are for lottery winnings, a prize promotion or mystery shopping.
The victim is given a reason to deposit the check promptly and then send back a portion of the alleged funds for taxes, registration or confirmation. When the "prize" checks bounce, usually 14 days later, the victim is left responsible for the funds they withdrew from the bank -- usually around $1,000. MORE
BBB Warns of Bogus Scam Using BBB Name
The Better Business Bureau of the South Plains Inc. is alerting customers and businesses of a phishing scheme involving e-mail messages and blog posts that encourage the registration of software with the BBB.
"The messages and posts are most likely part of a large-scale phishing scheme leveraging the trusted nature of the BBB name to entice recipients and bloggers to open messages and access attachments or links," said Nan Campbell, president of the local chapter.
Campbell said the bogus messages, which began appearing Thursday, provided a link for the process.
The BBB also discovered phony "notices and postings" on various blogs being used as additional tactic to reach victims. The BBB said the attack did not affect its computer systems or networks nor has any data been compromised.
BBB Warns of Fake Check Scam
The Wisconsin Better Business Bureau is warning residents about a scam using fake checks to steal money. The BBB said it received hundreds of inquiries from consumers around the state who received a check and letter announcing they were approved for a home improvement grant.
The checks claim to be from "Briggs & Stratton Division, P.O. Box 704, Milwaukee, WI." The Briggs & Stratton manufacturing company has no connection to the scam, according to the BBB.
The letter tells people to deposit the check, then withdraw money from their account to send to "agents" for fees and taxes.
Consumers are advised to not respond to the letters or deposit the fake checks.
For additional scam alerts see:
work-at-home warnings and search scam/hoax blog entries
Here are a few of their latest warnings;
BBB warns of Postcard Scam
The Better Business Bureau of Southern Arizona issued a warning yesterday about scammers who leave postcards in mailboxes that are similar to the ones the Postal Service uses when it holds a customer's package or letter. They look a lot like the green certified mail receipts.
The postcard, which has been received by some Southern Arizona residents, tells receivers to call a toll-free telephone number to claim a parcel that's being held for them, according to the BBB. The card also says callers should have their credit card information ready.
According to the BBB it's just a marketing gimmick and people should remember that cards left by the Postal Service won't ask for credit-card information.
BBB Warns of Scams Targeting Seniors
The Better Business Bureau's (BBB) Northeast California office has issued an area-wide alert warning of a series of scams targeting local seniors and urging people to use caution when being approached for money -- even if the request comes from somebody claiming to be a relative.
Locally, the BBB has received dozens of complaints against fraudulent companies from consumers who have supposedly been selected to be mystery shoppers or who are told they have won large sums of money from a lottery.
The latest scam involves fake checks of between $3,000 and $5,000 that are sent to the prospective victim along with an explanation that the funds are for lottery winnings, a prize promotion or mystery shopping.
The victim is given a reason to deposit the check promptly and then send back a portion of the alleged funds for taxes, registration or confirmation. When the "prize" checks bounce, usually 14 days later, the victim is left responsible for the funds they withdrew from the bank -- usually around $1,000. MORE
BBB Warns of Bogus Scam Using BBB Name
The Better Business Bureau of the South Plains Inc. is alerting customers and businesses of a phishing scheme involving e-mail messages and blog posts that encourage the registration of software with the BBB.
"The messages and posts are most likely part of a large-scale phishing scheme leveraging the trusted nature of the BBB name to entice recipients and bloggers to open messages and access attachments or links," said Nan Campbell, president of the local chapter.
Campbell said the bogus messages, which began appearing Thursday, provided a link for the process.
The BBB also discovered phony "notices and postings" on various blogs being used as additional tactic to reach victims. The BBB said the attack did not affect its computer systems or networks nor has any data been compromised.
BBB Warns of Fake Check Scam
The Wisconsin Better Business Bureau is warning residents about a scam using fake checks to steal money. The BBB said it received hundreds of inquiries from consumers around the state who received a check and letter announcing they were approved for a home improvement grant.
The checks claim to be from "Briggs & Stratton Division, P.O. Box 704, Milwaukee, WI." The Briggs & Stratton manufacturing company has no connection to the scam, according to the BBB.
The letter tells people to deposit the check, then withdraw money from their account to send to "agents" for fees and taxes.
Consumers are advised to not respond to the letters or deposit the fake checks.
For additional scam alerts see:
work-at-home warnings and search scam/hoax blog entries
Microsoft began warning customers on Monday that scammers are sending out bogus emails claiming to include important Windows security alerts. Unfortunately, this warning comes a day before Microsoft is set to release authentic and critical security updates.
Though scam emails are a common way to steal personal information, this particular scam is out to infect your computer too. The attachment contains a Trojan that records your personal information such as passwords and credit card numbers and then passes it on to the scammers.
Microsoft warns they have received a string of emails all indicating the scammers are targeting Microsoft customers.
Here's what the email looks like;
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.
Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.
Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.
As your computer is set to receive notifications when new updates are available, you have received this notice.
In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.
If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.
We apologize for any inconvenience this back order may be causing you.
Thank you,
Steve Lipner
Director of Security Assurance
Microsoft Corp.
Do NOT to open attachments!
If you received this email and have already opened the attachment, you should do a virus and spyware scan immediately.
Per Microsoft:
You're welcome to use the Live OneCare safety scanner online if you don't have malware protection. In addition we encourage you to submit any suspicious files to the MMPC team for analysis by following the instructions outlined here.
For more information, you can also take a look at the MSRC blog post on this issue.
If your Microsoft systems have been affected by malware and you need help, you can find out how to get virus-related assistance from Microsoft here.
Ultimately, if you are ever unsure whether or not a Microsoft update is legitimate you can always go to the Microsoft TechNet security site directly.
Remember that email notifications from Microsoft only point to their site -and will not include downloads or attachments.
Though scam emails are a common way to steal personal information, this particular scam is out to infect your computer too. The attachment contains a Trojan that records your personal information such as passwords and credit card numbers and then passes it on to the scammers.
Microsoft warns they have received a string of emails all indicating the scammers are targeting Microsoft customers.
Here's what the email looks like;
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.
Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.
Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.
As your computer is set to receive notifications when new updates are available, you have received this notice.
In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.
If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.
We apologize for any inconvenience this back order may be causing you.
Thank you,
Steve Lipner
Director of Security Assurance
Microsoft Corp.
Do NOT to open attachments!
If you received this email and have already opened the attachment, you should do a virus and spyware scan immediately.
Per Microsoft:
You're welcome to use the Live OneCare safety scanner online if you don't have malware protection. In addition we encourage you to submit any suspicious files to the MMPC team for analysis by following the instructions outlined here.
For more information, you can also take a look at the MSRC blog post on this issue.
If your Microsoft systems have been affected by malware and you need help, you can find out how to get virus-related assistance from Microsoft here.
Ultimately, if you are ever unsure whether or not a Microsoft update is legitimate you can always go to the Microsoft TechNet security site directly.
Remember that email notifications from Microsoft only point to their site -and will not include downloads or attachments.
Many consumers have had difficulty understanding how to best protect their smart phones from being hacked. Smart Phones were introduced as being able to simplify your daily life, and the demand on the manufacturers was significant enough to ramp up production on the devices, but not on the security used in the devices. Here's some info offered by security expert, Albert E. Whale, Sr. Security, Network, and Risk Assessment and Systems Consultant of ABS Computer Technology;
Smart Phone Security
By Guest Blogger: Albert Whale
Where are you? Right
now, I want you to stop and think about where you are, what it's taken to get
where you are, and how many people were involved in getting to your present
destination or status in life. You might
think that this is an unusual request, but if you have a Smart Phone which you
use to organize your daily life, your current position or personal security, is
in serious jeopardy.
Smart Phones were introduced as being able to simplify your
daily life, and the demand on the manufacturers was significant enough to ramp
up production on the devices, but not on the security used in the devices.
As I write this article, I am protected with multiple layers
of security which protect both the network which my laptop is connected to as
well as the added bidirectional firewalls, Web Content scrubbers , Email
Security , Spyware removal tools, and anti-virus tools. None of these were needed when the Internet
was first operational, but they have become a necessity for businesses to
operate safely, due to the hazards of connecting the entire world on a single
network.
So you have similar protection, on your PC, or you may rely
on your anti-virus software to indicate that you've had a security event . Now
look at your Smart Phone. What do you
have to protect it's contents? Most
people with a Smart Phone have synced their contact lists with their PC, and
perhaps even the corporate network as well.
So you have all of the bells and whistles, remote email, GPS navigation,
mobile office software and made it portable for your convenience as well. But what have you done to protect your
assets, and identity?
Anyone's personal security is only as good as the weakest link. Think about it. A chain is only as strong as the weakest link. This is also the same for your security; this is why we stress on using a layered defense approach for security.
So why is your security so important? Well, you may have heard about the issues in
WiFi networks which permit Hackers to penetrate WiFi networks as much as 10
miles away .
Similar technology exists for extending the Blue Tooth
signal for over a mile away. Can you
spot your attacker if they are a mile away?
Probably not, especially not without the latest binoculars that the
Military uses.
OK so now what can you do?
Here are a few suggestions on what you can do today!
1. Disable the
broadcast mode on your device which will put it into a non-discoverable state
(most devices have this option). This
will make your Bluetooth device more secure by making it invisible to other
Bluetooth devices.
2. Do not
accept files transmitted via Bluetooth wireless technology or any other
technology from unknown or suspicious entities. (I'll bet that you knew that
already though, didn't you?)
3. Do not pair
with unknown devices. That will give the unknown device access to all your
services .
4. Check for security patches from your phone's manufacturer and use these fixes to minimize your phone's vulnerability.
For more info on computer and smart phone security see; ABS Computer Technology, Inc: and earlier blogs by Albert:
Protect your Wireless Access Points
