Tag Archives: phishing

Outrageous scam! Don’t be fooled.

I received this ‘subpoena’ from the AFP [Australian Federal Police] in my inbox this evening.

outrageous

Can’t believe the blatant hutzpah of this person, or the bad English, OR THEIR EMAIL ADDRESS!

outrageous from

Since when did the AFP get so broke they had to outsource their emails to a private address…in Turkey?

Well, atleast Satinalma from Turkey gave me a good giggle for the evening.

Night, night all!

Meeks


Spear Phishing – a nasty variation of the email scam

I came across an article this evening that talked about a hack attack against Kaspersky Labs, one of the best anti-virus companies around. Coincidentally, I happen use Kaspersky anti-virus software so I had a vested interest in finding out more.

I won’t bore you with the full story but apparently the hackers gained access to the Kaspersky networks via what’s called ‘spear phishing’. Excuse me?

This is an excerpt from the best explanation I found online:

Introduction

The latest twist on phishing is spear phishing. No, it’s not a sport, it’s a scam and you’re the target. Spear phishing is an email that appears to be from an individual or business that you know. But it isn’t. It’s from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Learn how to protect yourself.

Email from a “Friend”

The spear phisher thrives on familiarity. He knows your name, your email address, and at least a little about you. The salutation on the email message is likely to be personalized: “Hi Bob” instead of “Dear Sir.” The email may make reference to a “mutual friend.” Or to a recent online purchase you’ve made. Because the email seems to come from someone you know, you may be less vigilant and give them the information they ask for. And when it’s a company you know asking for urgent action, you may be tempted to act before thinking.

Using Your Web Presence Against You

How do you become a target of a spear phisher? From the information you put on the Internet from your PC or smartphone. For example, they might scan social networking sites, find your page, your email address, your friends list, and a recent post by you telling friends about the cool new camera you bought at an online retail site. Using that information, a spear phisher could pose as a friend, send you an email, and ask you for a password to your photo page. If you respond with the password, they’ll try that password and variations to try to access your account on that online retail site you mentioned. If they find the right one, they’ll use it to run up a nice tab for you. Or the spear phisher might use the same information to pose as somebody from the online retailer and ask you to reset your password, or re-verify your credit card number. If you do, he’ll do you financial harm.’

You can read the complete article here:

http://au.norton.com/spear-phishing-scam-not-sport/article

What I find particularly unpleasant about spear phishing is that it uses personalised attacks to take you off guard. We all know not to bite when we get an email address to Dear Customer or some such generic salutation, but when we get something specifically addressed to us? Perhaps from a company that we actually do have contact with? How many of us would think to question that nice, convenient link?

Luckily most of us aren’t important enough to justify such an attack, but that does not mean we are safe. As a matter of principle [and habit!] we should make it a rule to NEVER use links in emails, no matter how convenient they are. It’s just not worth it.

Night, night

Meeks


Phishing SCAM! – Apple iTunes

No, this is not a scam by Apple, it’s a scam pretending to be Apple. And, apart from a few small giveaways, it could almost be genuine :

SCAM apple itunesThe email came to the correct email address, but as you can see, ‘they’ didn’t know my real name so the message is just addressed to ‘Dear Customer’. That’s dead giveaway no. 1.

The grammar and spelling isn’t quite right. ‘…from the iTunes Store on a Apple Iphone…’ Dead giveaway no. 2. Apple can’t afford to make errors like these in official correspondence.

The trickiest clue, however, is in the URL [internet address] provided as the link.

The real URL for Apple support is :

https://http://www.apple.com/au/support/itunes/contact/  [the orange colour is for emphasis only].

The bogus URL is :

SCAM apple itunes URL

[Note: To ensure that no one accidentally clicks on that URL, I took a ‘picture’ of it instead of typing it in. Pictures contain no clickable information.]

It you look at the two addresses you can see obvious differences. Unfortunately, first impressions are quite powerful and even I had to check that URL by going to the official Apple website.

Another tricky thing about that bogus URL is that it does not mention having to sign in to anything, which is normally another dead giveaway. However, clicking on the URL could do 1 of 2 things :

1. it could take you to an Apple lookalike site where you are asked to enter login details, or

2. it could take you to a site that will load malware [or worse] onto your computer.

So quite a clever scam. If anyone knows more about it I’d love to hear in comments.

cheers

Meeks


What I always wanted – a Russian bride?

I’ve been getting an awful lot of phishing emails lately, but this one really tickled my funny bone

phishing russian brides

I used to imagine that some sweatshop hacker sat hunched over a keyboard somewhere, grinning maniacally as he/she sent out another virus laden email. But I suspect the reality is more like :

1. Unsuspecting Netizen enters his/her email address somewhere,

2. Said email address is tacked onto some database of addresses,

3. Said database is sold to malware distributors who then activate a program that sends out a hook email to every address in the database,

4. Neither the program nor the malware distributor care whether the hook is going to be ‘plausible’ to most addressees – e.g. why would I have signed up to digitally date women? [No offence to gay ladies!]

5. The rationale of these mass mailings is that out of all those millions, one or two will bite. They are the real targets. They will click on the link, their pc’s will become infected and the cycle of digital infection continues.

Anyway, that was not the post I meant to write, but who can resist a Russian bride?

cheers

Meeks


Phishing in 2014

cat burglar picDon’t worry, I haven’t taken up creative spelling!

‘Phishing’ describes a process whereby hackers ‘fish’ for information by sending bogus emails to unsuspecting netizens. These emails purport to come from legitimate companies, and are designed to scare netizens into divulging their Account IDs, and passwords.

Rather than trying to describe the process in detail, I have an example to show you. I received the email below just today. The nasty bits have been taken out.

From : Blizzard Entertainment <tvestt@gmail.com>

[The email reply-to is the first big giveaway. Blizzard Entertainment is a legitimate gaming company, and produced the highly successful MMO – World of Warcraft. BUT! All official Blizzard emails use email addresses linked to their website, NOT gmail!]

Greetings

An investigation of your World of Warcraft account has found strong evidence

that the account in question is being sold or traded.

[I did have a World of Warcraft account – about five years ago. Oddly, I didn’t start receiving these emails until a year or so after I stopped playing.]

As you may not be aware of,

[Awkward grammar and sentence construction can often be a dead giveaway as well]

this conflicts with Blizzard’s EULA under section 4 Paragraph B which can

be found here:

WoW -> Legal -> End User License Agreement

and Section 8 of the Terms of Use found here:

WoW -> Legal -> Terms of Use

[The email references genuine, Blizzard Entertainment web pages, but does not actually link to them]

The investigation will be continued by Blizzard administration to determine the

action to be taken against your account. If your account is found violating the

EULA and Terms of Use, your account can, and will be suspended/closed/or

terminated.

[This is the big stick designed to scare players into quickly clicking on the link provided]

In order to keep this from occurring, you should immediately verify that you are

the original owner of the account.

To verify your identity please visit the following webpage:

[To verify your identity, you will be asked to enter your Account ID and password. The minute you do that, the hackers will have all your account information and will be able to enter World of Warcraft as youThe consequences can range from annoying to devastating.]

xxxx//www.baltte.com/xxxxxxxxxxxxx

[Look carefully at web site name. ‘baltte’ is NOT a typo. URLs with typos do not work. Blizzard does have an account with ‘battle’ in the address, but this is definitely not it.]

Only Account Administration will be able to assist with account retrieval

issues. Thank you for your time and attention to this matter, and your

continued interest in World of Warcraft.

Sincerely,

Account Administration

Blizzard Entertainment

***

The above example is actually a rather amateurish job, with fairly obvious clues to its origins – if you know what to look for, and don’t panic. The problem is, most normal netizens don’t know what to look for, and phishing is not restricted to online games.

In the past couple of years, I’ve received more than one phishing email – supposedly from my bank – with the right logos and graphics etc, and no easy giveaways. In fact, the only thing these highly professional phishing emails had in common with the example above was that they required me to follow a link and SIGN IN.

Now, if you don’t use internet banking, this warning probably doesn’t apply to you. However if you do use internet banking, then please understand that once you follow one of these bogus links, and sign in to your banking account, your money will be gone in minutes.That is how serious phishing can be.

So, two very important facts to learn and remember :

1. If you get an email from your bank telling you there is a problem, and asking you to login to your account via a link in the email – DON’T DO IT!

2. Always login to your account via the normal, legitimate web address. Having to type in the URL may not be as convenient as clicking on a link, but it is far, far safer. If there is a genuine problem with your account, it will show up once you are safely logged in to your account. 99.99999% of the time, however, there won’t be a problem, and the email you received will have been bogus.

The internet is a wonderful place, but even the best anti-virus software cannot protect you from hackers if you aren’t aware of the danger, and don’t exercise some common sense.

Play safe, bank safe!

cheers

Meeks


%d bloggers like this: