Phishing – Page 4 – Paul's Tech Talk

Another Facebook Phishing going on again! (fbaction.net)

PaulApril 29, 2009

(Click image to enlarge it)

[ad#cricket-right-ez]

It looks like site fbaction.net (Don’t go there) is a phishing site for people today. It looks like it would send out an Email with the Title being “hello'” and a link to this website. This is being sent from people friends and should not login to Facebook through this site. Remember the other [intlink id=”3008″ type=”post”]Phishing sites that happen with Facebook[/intlink].

Someone is wanting your password to either spam others or to use it for other nefarious means. For the time being anyone sending your a link should be sent through facebook and you will examine them one at a time. You should not got this site.

Some other things you can do if you have done this is to reset your password. You could also change it manually but you might not be able to use your current password because the Nefarious person has changed the password. This will allow you to change the password without the current password. You should also consider using a good [intlink id=”2646″ type=”post”]Password Manager[/intlink], this will help you identify a fake Facebook site really easily.

If you use a good strong password, one with both Upper and Lowercase with Numbers and symbols, you will have a password that most people will not be able to guess. This will help protect your account from being compromised.

Also with people sending files, it is also recommended that you install some [intlink id=”2205″ type=”page”]free Anti-virus and Free firewalls[/intlink] to help prevent people from sending malware to your computer.

Hijacked Accounts being used to spam

PaulApril 29, 2009

I just read this from Security Fix and Thought I should talk about it some to better help people fix this:

Dear Friend,

New shopping new life!

How are u doing these days?Yesterday I found a web of a large trading company from china,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer most competitive and reasonable price and high quality goods for our clients,so i think we you make a big profit if we do business with them.And they promise they will provide the best after-sales-service.In my opinion we can make a trial order to test that.

Look forward to your early reply!

According to Security, they are advertising the Easylifeing.com domain and have compromised GMAIL and Yahoo Mail. This resembles the ones that happen to some other Accounts. Check [intlink id=”3330″ type=”post”]Yahoo article[/intlink] and the [intlink id=”3233″ type=”post”]Hotmail Article[/intlink] for other example of compromised accounts.

I must keep reminding people that you shouldn’t have a easy password for those account it shouldn’t be anything someone can guess like a name or place or even a word. It should be something with Letters and Number, both lower and higher case. You should also consider not writing it down where people can see it just in case you have visitors. Probably best to use a [intlink id=”2646″ type=”post”]password manager[/intlink] to keep your passwords from prying eyes.

We know that this all comes down to either a dictionary attack or a phishing attack. You can decide which, but I am going to assume it was someone Phishing for your password. If you only use one password for several accounts that can be very dangerous, you should not keep the same password for each account. Just like people phishing for your [intlink id=”2650″ type=”post”]Twitter account[/intlink] or your [intlink id=”3008″ type=”post”]Facebook account[/intlink], if you use one password for all then he has that password for every account.

I can see why spammers are going to be using this heavily in the the coming months to years because these will not be thrown into the spam folder, being that you know the person or persons sending the email. You probably have it set up to not put it in the spam. The more eyes who see this more chance that they will get someone to buy something, and the more people who see it the more money they make.

Your best bet is if you see someone doing something like this you should contact them by phone if possible, or you should email them back and tell them to change there password. This I am sure will be an even harder job for the IT guys because they will have to start monitoring this type of traffic more often then not. Although it isn’t a bad idea to have a[intlink id=”2205″ type=”page”] Free anti-virus or a Free Firewall[/intlink] installed just to be on the safe side.

Hotmail accounts get compromised!!

PaulMarch 28, 20098 Replies

I received an email on a list and wanted to warn people:
[ad]

Dear friend,
i would like to introduce a good company who trades mainly in electornic products. Now the company is under sales promotion, all the products are sold nearly at its cost. They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you! It is realy a good chance for shopping.just grasp the opportunity,Now or never!
The web address: http://www.nekcn.com

Seems this is being sent from Hotmail accounts. There are a number of ways someone could be getting a hold of your email address. According to Microsoft forums this seems to delete your email contacts and also send out this in the same time. This seems to be a new spam campaign for this one company. I would guess someone bought advertising from this company and the advertiser is doing some really unmoral things.

There are several ways someone hotmail account could be sending out these emails. It could be a [intlink id=”2650″ type=”post”]phishing attempt like they did with Twitte[/intlink]r. They could of done a dictionary attack on each account to find the password, that I why [intlink id=”2646″ type=”post”]I suggest having a password generator[/intlink]. It could of been a virus, and if that is the case you would need to [intlink id=”2205″ type=”page”]check your system out for the virus[/intlink]. I would guess it is the first two, because I am unsure of if you can have pop3 account or not. I don’t use Hotmail but people seem to be using it.

If you recieve this email, I’d email the account responsible to let them know that they have sent this. I would also like to know if it was a virus or how they account got compromised. Remember only you can prevent from getting a virus, nothing else works better than yourself.

The Seriousness of the Twitter Vulnerability?

PaulMarch 25, 2009

The main question is how much do you want to know about this? Yes I am talking about a Vulnerability that could risk your twitter account or even yet inject malious software into the computer.

[ad#cricket-right-ez]We’ve seen that there have been [intlink id=”2650″ type=”post”]twitter phishing[/intlink] in the past, and [intlink id=”3008″ type=”post”]Facebook phishing[/intlink] have made people wonder out much do we depend on Twitter.

Lance James and Eric Wastl have provide Proof of Concept for this vulnerability, according to Information Weekly:

James cautions that XSS vulnerabilities should be taken seriously because they can reach beyond Web pages. “A lot of people think XSS is limited to the Web,” he said. If there’s another vulnerability in the victim’s browser, the Twitter flaw could be used to launch additional malicious code, he explained.

As you can see there is more to this problem then meets the eye. For one using the [intlink id=”2980″ type=”post”]URL redirects[/intlink] could be one way this could be used. No telling what other vulnerabilities lay for the client side twitter programs. Twitter has a long way to go to be security minded, and yet Twitter hasn’t said what they will do to fix this problem.

I for one would like to see this problem fixed just as quickly as possible due to the security risk involved to me, the consumer. Twitter needs to jump on this and fix it to prevent any more attacks against there twitter audience. Although it doesn’t hurt to have [intlink id=”2205″ type=”page”]Anti-virus And a good firewall[/intlink], it all depends on End user to prevent this for the time being.

Come on Twitter, Fix this problem.

TINYURL being used by scammers and hackers — How to prevent it!!

PaulFebruary 25, 2009

With Phishing attempts going on with the TINYURL redirect website, I thought I would show you how you could prevent from going to a site you don’t want. Tinyurl.com has a great little feature, although it is a feature based on your cookies. It however will help prevent you from going to a site that you don’t know anything that about. It’s called the Preview Feature, and is available to any user who wants to use it.

As you can see if you enable it and you go to a click on a tinyurl, you will see this:

http://tinyurl.com/6t7ukk

[ad#ad2-right]As you can see, if you click any TINYURL links you will automatically be told where that link is redirecting you to. This however only works with there being a cookie left behind in your system to let tell Tinyurl that is has to show the link first. So if you clean your cookies out from time to time, you will need to enable it every time after you clean the browser cookies. This will help prevent you from being phished because you will be able to tell if it is the right site in the first place. If not then you don’t have to visit that site. This should be enabled on all Short URL Sites, I hope they make it a mandatory for any site that redirects. This would help stop phishing and scammers because they can’t hide behind unknown url. Only time will tell though, these sites are always going to have problems but this would solve so many problems.