Category: scam

Facebook games having Scareware redirect Sites

Paul

I was on Facebook Yesterday doing my usually just playing one of my games when all of the sudennly this pops out:

powerantiviruscannerv2scam

[ad]As you can see this seems to be another site which is a [intlink id=”3397″ type=”post”]scareware site[/intlink], the site Powerantivirusscannerv2.com is trying to [intlink id=”3607″ type=”post”]scare you into buying a fake antivirus.[/intlink]   I don’t know if it was Facebook doing this or if I got the redirect cookie somewhere else.    Although if you have downloaded the program that they want you to install or even think you have this fake antivirus installed, Spywareremove has the information needed to remove off your system.  It seems they are going to use social sites more and more and you should be careful.  I also have some good resources like [intlink id=”2205″ type=”page”]Free Anti-virus and Free firewalls[/intlink] that would help protect you from this threat.

Somethings to consider when you see something like this pop up are?  Do you have antivirus or a firewall?  If so, then you shouldn’t be worried to much.   Always look to see if you can see if it is a webpage and not from the system.  This is something the scammers are always trying to do to get your money.  Remember these sites are not really a trustworthy site and should be avoided at all cost.  I also recommend using the[intlink id=”2362″ type=”post”] Hijackthis software[/intlink] to look for these rogue softwares in your system to better protect your system.

Remember not everything is real or truthfull on the internet with proper research and understanding you won’t be making those rash decisions.   Only you can prevent you system from being infected.

The behind the scenes of the bad guys

Paul

Photo by freezelight Photo by freezelight

Have you ever wondered how they find out your Email address or even find out your name or so called shipping address.   I’ve been wondering that for quite some time and have went researching online for the reason.  You see I’ve been getting spam email with my name and address  like this “Possible Check Pending [Last Name] [Mailing Address] Sender : Pam [Last Name]

That email was a “Kevin Hoeffer” scam that advertise getting you money from Google, called the Cash Secret club.   Suffice it to say that the Rip of Reports all say this is a scam.  Seems they try to fool you into paying $1.99 and then charge an extra $98 after you give them your information.  The Domain that I looked up is protected by Whoisguard.com.  So I reported to them about this spam, this is a sure way to get off there list.  Reporting spam will black list you from getting spam because to there major providers.  That cost them money, if everyone did that the spammers would be stopped.  Although I think society as a whole isn’t even trying to fight the spam this way they just try to keep it under control.  I believe that if 10% of the spam is reported then we are making the spammers and scammers  pay for their misdeeds.

[ad]So I went searching for the reason behind how they got my information and I found Email Finder, which offers people email address or it offers to find out all that is out there to find about the particular email address.  Such as Name, last known address, social networks, and it goes on.  They do have an Opt-out policy where you can request not be listed, I advise everyone to go check and see if your listed.  You would have to pay to get the information but I if you see the screen where they said they have found information that is enough for me to opt out.   Actually it only cost the scammers and spammers $1.95 a month to use this service so they are making money in the long run.  You should also do an SEO Search on your email address  in Yahoo, Google, Bing and Other services to see if your email is out on the web.

There is a FAQ file on how Spammers Get your Email address, I strongly recommend people at least looking at it because it is still quite relevant to today’s spam.  I’ve also seen ways to Detect spam by using Bayesian filter but most companies now a days are using that from the get go.   Remember only you can prevent spam and from getting scammed, So do your research.

Personal Antivirus just scareware

Paul10 Replies

I was going through checking a site brought to my attention from a reader and I went there and yep he told me it might be [intlink id=”3114″ type=”post”]scareware[/intlink] and it was:

mailware-live-pro-scanv1-1

If you click “Cancel” or “Ok” you will still get to this page:

mailware-live-pro-scanv1-2

[ad]It is on the Malicious site : http://maleware-live-pro-scanv1.com.  You can also see it tries to scare you with the tactic of  knowing your IP address and where you are in the world, it’s called Geo-ip Location.   It tries to convince you have a virus, but in reality it is just trying to scam you out of money.   Although if you go to the site you will see that there is no company information.  That is the first clue this is a scam or scareware.

Personal Antivirus gets installed in unsuspecting computers by way of exploits, backdoors, Trojans, or unsafe downloading practices.   This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by.   This software is fake ware, it tries to tell you have a virus and that they can get rid of it.   In fact, this software is not designed with Antivirus engine in it but to illicit pop ups and warning to raise the users security concerns about the computer in question.   Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

*[intlink id=”4403″ type=”post”]Personal Antivirus Scareware Site and How to Remove it[/intlink]*

Threat to System : Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware. Most of the time if you have one Trojan, you usually have more.  Personal Antivirus has been know to have some type of program installed on the system in question and should be removed.

I recommend :

[ad#SUPERAntiSpyware]

On a side not, if you are wondering why I think I know I am not infected with these virus for those who are probably asking that question is because I already have a [intlink id=”2205″ type=”page”]dependable free anti-virus[/intlink] software installed.  Don’t forget to visit the Forums for other ways to watch for spyware or scareware.   I will always recommend buying antivirus software from vendors you know and not ones that are fly by the night scams.

Facebook and Twitter Phishing going on today!

Paul

According to Techcrunch we have one phishing site ground around peoples inboxes on facebook with it say “Check areps.at”.  You go to the site and you will think your at the facebook login but your not.  I wouldn’t suggest going to any of these sites, it has been reported by Phishtank.

[ad]Some of the sites to avoid today are : “nutpic.at, bests.at, areps.at, kirgo.at” each site will make you think your at facebook but this is what most will call a [intlink id=”3419″ type=”post”]Phishing scam[/intlink].  Some other things to avoid are some Twitter phshing going on today as well.

According to Trend Micro there is one where the url looks like it is a twitter url but isn’t (tvviter[dot]com).  The site is what people would call a typosquatting site.   This makes people think they are on twitter but aren’t.   If you go to these to sites and have given out your passowrd, it is strongly recommended that your reset them:

Facebook password reset page

Twitter password Reset Page

If you would like to know more about what phsihing is please check out my blog for more information.  Don’t forget to check out the forums for more information on this or just to talk about anything on your mind.

*Some reports I am seeing is some of these sites might be trying to get you to install the [intlink id=”2249″ type=”post”]Koobface virus [/intlink]so please be careful, will update when I find out more.*

Spyware : Michelle Obama’s Ta’s Ta’s Video

Paul1 Reply

I love this one, I was reading the Sans Report about Michelle Obama Ta’s Ta’s on Video.  I wanted to investigate this a little further so I went searching around.  I found some comment spam links to a site I will not talk about the links directly.  The site however had a fake video on it :

michelleobamatoplessfake

It looks like if you hit Cancel or Details it keeps trying to tell you need to install an ActiveX Object.   It also makes the user think that there is only one option to use right now.   As you can tell  it makes you think you can’t cancel or get details but I did.  I tried to cancel and it kept on popping up trying to get you to install this active X installer.   AVG detects it as:

michelleobamatoplessfake1

[ad]This proves the fact that any Anti-virus software is better than nothing at all.   I also  have talked in the past about [intlink id=”2991″ type=”post”]fake codecs and how they are used maliciously[/intlink] to spread malware to people who aren’t up to the job.   I didn’t take long to find Phrases such as “Michelle Obama Topless” or “Michelle Obama Topless Video” to find spam comments linking to sites that are hosting these types of malware.  It seemed that in order to get out of the cycle with the Malware site, I had to do a CLT-ALT-DELETE and End the process of Internet Explorer process from Task manager.  It was an infinite loop and could not be closed any other way.  upon trying to go the link again it seems to be a random redirection every time you visit that site the next time I went there, I had a scare message pop up telling me:

michelleobamatoplessfake2

As you can tell this [intlink id=”3397″ type=”post”]pops up with scareware[/intlink] instead of the video and tries to tell you have a virus and you should run a free scan from the site of their choice.   This is an old tactic and still being used but funny if you look at that message one you know it is from a “Webpage” and two there are at least one grammar error?  Can you see it?

You’re best bet is not to go clicking on links that people have left in comments.   I am so glad I have moderation turned on and I have to approve each and every post someone comments on.   This is the only way I know how to prevent from being used in the spam campaign.  Remember it is time to update your [intlink id=”2205″ type=”page”]Anti-virus and Firewall [/intlink]if you don’t already have it.  Don’t forget to visit the Forums and help discuss this problem in detail.