Twitter – Page 9 – Paul's Tech Talk

Being a Bad BOT!

PaulFebruary 23, 20097 Replies

I had the strangest thing happen today, Seemed a Bad Bot was Crawling my pages. I was getting at least 60 page views an hour from this bad Bot!! The individual IP’s of this Bad Are:

65.208.151.112
65.208.151.113
65.208.151.114
65.208.151.115
65.208.151.116
65.208.151.117
65.208.151.118
65.208.151.119

[ad#ad2-right]After the first initial hour of this going on, I started wondering what this bot was doing. I did some more research into this little bot. I did find out it is owned by Kintiskton LLC. (Twitter Search)

Anyways It bothers me that when you do a Google Search for this company, it comes back with no company. Some people have already did there research and have come up with very little.

I dug even more and some are saying this might be Homeland Security, and I have my own thoughts on this. I might be paranoid myself but if there is no company out there and the IP keeps coming back, I assume it is BAD mojo. Some people worry that it is a hacker probing for vulnerabilities and that worried me.

I decided with the Help from Godaddy, to ban the lot of IPs. I figure someone is trying to get information or trying something they shouldn’t, I’ll stop it myself. If you have WordPress and are also having problems with this ip, you can ban it by adding this to your HtAccess file:

order allow,deny
deny from 65.208.151.112
deny from 65.208.151.113
deny from 65.208.151.114
deny from 65.208.151.115
deny from 65.208.151.116
deny from 65.208.151.117
deny from 65.208.151.118
deny from 65.208.151.119
allow from all

This is how you block those ip in the HtAccess file. Thanks to WordPress for showing me how.

Careless Facebook profiling can lead to Identity Theft!

PaulFebruary 19, 2009

I just got in contact with a old friend from High school and another friend of mine suggest the new friend. I was looking at her profile and couldn’t believe what I saw:

As you can see this is not good I was amazed at how many people are giving out there birthdays and who they are married to to friends and family. So we heard about how people are claiming they need help or are in need of desperate money. This is nothing new, as you know people are having hard economy times and people are using the social engineering to scam people out of money.

I feel that I should warn people the important necessity. You shouldn’t be broadcasting your DOB and who your married to to your friends, just in case they get hacked.

Recent activity indicates that identity thieves are hacking into trustworthy profiles before selling on the login details to interested parties. This information is used by spammers to target legitimate users, posting misleading links on their “walls” – personalized message boards.

[Via Computing.Co.UK]

This deservese a little mind and a lot of understanding. By the spammers hacking into facebook accounts they have the chance to scam or spam people with links to possibly have a virus or trojan installer.

[ad#ad2-right]For example This one blog talks about the Virus:

Symantec’s Norton Antivirus software has flagged this as a “high risk” Infostealer.Gampass virus. More info on this particular Trojan vius is here. (Note: Symantec warns the risk level is “low,” since it originated in 2006, but this new Facebook email is a new iteration of the same virus.)

You might be inclined to click on this link because it’s from a friend, but they did not intentionally send it to you — and yes, their Facebook photo is attached, too.

[Via Sync-blog]

Now I went searching through my friends list and also found this little bit of information. As you can see this one is asking for people to use there account to scam people out of money. They could use this to find out even more information of the Other partner and make you believe your talking to the real deal. Saying they need money because they are stuck over seas or something like that. I’ve seen this on other blogs where people have sent money to “friends” but are actually people who are the scammers. Then if you send the money you are out of luck with your money and possibly your friends to. I am sure there are more but this is prime examples of what you shouldn’t do and why.

So what can you do to prevent Identity Theft and/or being scammed?

Roboform Review — A Password Manager that will help protect your passwords from key loggers and other such phishing sites. I strongly recommend it to to all who are security minded. (Never use the same password for all your accounts)

Are you worried about your identity? — This is good information in checking out sites that might be questionable. You can find out what type of site it by using your brains.

Old Phish Become New again — This is blog post about twitter and what may happen if you did give out your password. This is a good example of why you never should give out your password to third party websites.

Twitter Spammers a getting more smarter — This is also good example of what happens when you see become friends with someone who isn’t real. You could be the next to be spammed and/or impersonated.

If you follow some common steps you to could prevent from being the victim or getting your Identitiy stolen. Some things to remember is Never tell anyone your Birthday the whole date like someone did on twitter a few days ago. It’s nice that they are growing older but that gives people that much more information to use to steal your money or your idenitiy. Think before you give out any personal information like Age, Married, who your married to and anything that might be used to be able to access your account or your impersonate you. Remember only you can prevent from being scammed or lossing your identity, you wouldn’t want to have to pay for your mistakes.

Tech Journalist breaks the silence — Journalist got Pwned!!

PaulFebruary 18, 2009

It was another ordinary day for this tech journalist. He had just waken up from his lovely dreams and hadn’t realized that he was being baited with Phish. Yes that is correct he actually gave out his password to an Phish site and didn’t know it.

I have to admit that he didn’t hide it, in fact he decided to post about how he got Pwned and what happened.

The Face Of A Facebook Phishing Scam
[Click Picture to see the full story]

[ad#ad2-right]As you can see the site : Facebookcom.awardspace.com is a phishing site and should never give out your information to third parties. Some things to remember if you get an email with a link sometimes won’t send you to the real link. This can be easily done just like blogging. You don’t know where you will end up when you click an email link. One thing to remember is if in doubt log into facebook the old fashion way and see for yourself.

You could be the next person to have your Identity taken away from you. So what should you do to prevent this type of phishing attacks, assume any email you get from Facebook, Myspace, Twitter, and Any other Social Sites to be a possible phish email. These are always going to be a problem for these sites. The spammers want access to be able to spam your friends and family with links, or to make you look foolish. This is the reason they do it for Money or just for laughs.

One thing to remember is having a strong password will make it that much harder for you to be phished because if you can’t remember it you will be more careful. I will keep preaching this having a good Firewall and Anti-virus will also prevent you from getting viruses from these type of phishing attacks. It will also make it much more harder to go to sites that smell like Phish. Remember only you can keep your identity a secret.

Twitter Spammers are getting more smarter

PaulFebruary 8, 2009

I got an interesting email about someone following me. I went to go check out there profile and Guess what I see:

As you cann se this account only had one post but people seem to be following back due to the picture and the bio. I checked the account about 30 mins later and here I will show you:

[ad#ad2-right]It seems that if people see it has a picture and a bio that doesn’t sound like it is is advertising anything, they will simply follow them back. That really isn’t a good idea. Sooner or later they will start sending out spam to people who are following just because they haven’t been caught. I also checked out the Web site they have new there bio and it leads to http://www.squidoo.com/twittertipstricks. I hope the website knows their link is being used by a spammer. Although this could be a 2 for one deal for having there link also being used for spammer so they can get traffic to there site. I would be worried my ISP doesn’t cut my website due to THE TOS. Although I serious doubt it would happen I do know it could happen. So users are being fooled by spammers, and people aren’t looking hard enough into the account. Users should be warned they shouldn’t just follow back if it looks like it is a person. I know this is a robot and expect it soon to start sending out spam to all those people who are following. I just thought I’d share what I found out. If you clicked on the tinyurl.com it sends you to Partnerwithpaul.com website which talks about making money like all other spam. Just be careful you don’t end up having regrets on following people who are bots.

A fan wants to Release Windows 7 Now : My Security Concerns

PaulJanuary 29, 2009

After reading about this from PcWorld, I’ve went to check this site out. I went to his twitter accoun(Kelly Poe) to find out the site he put up and I am quite impressed. Here are few things that I am concerned about starting with the website.

[ad#ad2-right]I love the idea and all but I am quite concerned with the privacy of my email account. I don’t know if you have to submit your email account but I would caution people not enter one until the site says what it will do with your email address.

Now that being said that’s the only thing I can think of when it comes to security for your email address, you don’t want to someone to give out your email address to spammers. That would just make it even worse for your email account. You could however use a 10 min Email account to use but that might make it harder for Microsoft to contact you if they want to verify these accounts!!

Now my main concern is Windows 7 right now and Security. You know the Conflicker/Conflickr/Downadup Worm is currently loose on the internet. It uses the the Ms 08-067 Exploit and currently Windows 7 does not protect against this Worm in fact Microsoft has released information that you would need to install the updates manually to fix this problem.

Some vendors are yet to develop for Windows 7 beta due to it being a beta. Some others like Security Vendors are offering protection for Windows 7 Beta. This is mainly the Anti-virus software group, I would like to see more people embrace windows 7 as much as the security groups. Although this is the first step it would need to be more open response from Manufacturers and dealers alike they would need to get it to work making sure their drivers and such will work good with Windows 7. This is where it takes time, that is why I am glad it is a beta, it allows vendors and Companies a like a chance to test out their software and Hardware and even their drivers before the release.

Before I support this, I would like to see more happen to Windows 7 in some areas. For instance I’d like to see more compatability and more drivers and software that works for Windows 7. I’d also like to see Microsoft to take Windows 7 Beta Serious and Keep the Security up on it and not let it lapse. I’d want Microsoft to send out patches for Vulnerabilities just like Vista and keep people’s system updated so you don’t have to update them manually. I just hope Microsoft takes Apple’s example to heart and release Windows 7 without having to have several versions of the same Operating System.