New Facebook Phishing campaign!

According to Sans Internet Storm,  They have seen some signs of a new Phishing campaign like the[intlink id=”3419″ type=”post”] Look at this Phishing campaign[/intlink] that went through a few weeks ago.  At the time of writing that report they weren’t being resolved they now are being resolved making you look like you are logging into Facebook:

Phishing look a like!! Phishing look a like!!

[ad]Sites that are hosting these are in Belgium and are Redbuddy.be, Redfriend.be, and picoband.be.     If you recieve this with these urls you best thing you can do is just to delete them.   Some people have said it is using the term “look at this” I am unsure as to is or not but you can usually tell because of the the URL and if it isn’t Http://www.facebook.com or Https://www.facebook.com then you aren’t logging into Facebook but are logging into a fake site.

We’ve talked about [intlink id=”2644″ type=”post”]why criminals want to use your account and why they need to get your passwords[/intlink].  I know they want to take control of your account for one reason or another but that is where the Facebook users need to keep watch on the URLS being displayed when you log into Facebook.    If you did that then you are one step ahead of the nefarious criminals and can be at peace.  Just like the Look at this campaign if you did visit those sites and given out your password it is strongly recommended to reset your password.

Update #1 — More Domains have been created areps.at, greenbuddy.be, vispace.be, whiteflash.be, and bestspace .be . All these domains resolve to 211.95.78.98 And can be determined by going to Http://www.dns.be or http://www.dns.at  .   It looks like the server is hosted in China.  I wouldn’t be surprised if t here were even more domains going to be regestered that were in Belgium!!  On a Side note it seems all these have a malicious hidden iframe in them so “DON”T Visit them unless you know what your doing“.   I suspect that is how they are keep having people post to Facebook about these but that is only my theory!!  (Thanks Sans Internet Storm for all those updates)

New Spam Campaign for Cooltweeting.com

I got an Email that shows that people are giving out there twitter accounts password for a Free Mac book air. I did a Search for cooltweeting.com and well you take a look.

twitterspam-cooltweetingcom2

The Site Cooltweeting.com looks to be a phishing for your information by wanting you to do this:

twitterspam-cooltweetingcom3

[ad]As you can see this looks pretty simple and some users would think this is true. I do wonder how I am going to receive email from them if they don’t have my email in the first place? You have to read the fine print on this one here I will make it bigger:

You agree to receive emails from trusted 3rd parties containing special offers and promotional emails.

Powered by BrandGivewayCentre.com. BrandGivewayCentre.com is an independent rewards program and not associated with any of the above listed merchants or brands. The above listed merchants or brands in no way endorse or sponsor BrandGivewayCentre.com’s offer and are not
liable for any alleged or actual claims related to this offer. The above listed trademarks and service marks are the marks of their respective owners. BrandGivewayCentre.com is solely responsible for all Gift fulfillment. In order to receive your gift you must: (1) Meet the eligibility requirements (2) complete the rewards bonus survey (3) complete the number of sponsor offers in the redemption instructions
(4) Follow redemption instructions.

As you can see you will have to complete a number of offers to get this macbook.   I also check out the  source page for this so called page and here is what I find:

twitterspam-cooltweetingcom4

Now we see  there is a a file on the server called “viraltweets.php” which we can’t access because it is a protected file and even though they say they don’t store this that doesn’t mean they don’t grab your email address and other personal information while they send this tweet out.   afterall if you read the fine print, you agree to recieve emails from third parties?  which begs the questions how do they get your email and other information?  They will get it through your twitter account.     As we know the from time to time it isn’t always a good idea to give out your twitter password because it can be easily abused.   This is definately just spam.  If you do use this page you will probably start getting even more email spam.   They obviously have a way to unsubscribe but that usually is used to just confirm you have an email address.    I will let you decide if it is worth a macbook or not but you’ll probably have to pay 2 times as much in offers just to get the macbook in the first place.

Internet Security Companies Warn about Patch Tuesday and Valentines Day.

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.
[ad#ad2-right]

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

So which ones will likely be the exploits they will use? I have a few theories on that and One of them is the INTERNET EXPLORER vulnerability that will be patched and will try to get you to launch the link and will most likely try to launch it in Internet explorer, That would be my guess.    It seems to be Internet Explorer 7 and Below which will be patched so if you want to try out the IE 8 Beta,  You should be safe on that.  Although the best bet is to prevent users from clicking links in emails and also warning them not to open any attachments they are not expecting.    I’d also have the AutoPatcher ready to install the lastest patches for this Tuesday and schedule a time this week to update all the possible systems involved with the Databases.  Although this isn’t one that tries to steal your data it is however a chance the writers to look at what you have and you know how that can be call a data breach.   So if your the IT for the department I’d suggest sending out warnings so they can keep from being caught with their pants down.   I’d also suggest having Anti-Virus and free Firewall installed on all the major systems and it wouldn’t hurt to have the installed on minor systems if at all possible.

Left 4 Dead Sneak Peak!

[ad#ad2-left]Yes they finally released the demo. According to my sources and I’ll quote:

Newell said: “We will be releasing demos for both the Xbox and for the PC. I don’t know what the date is for release on that, though. I think it’s going to contain the first part of one of the campaigns. I think it’ll probably be Hospital but I’m not sure. That’s a decision that Doug Lombardi is making.”

[Via Videogamer]

If you want to see the game screen shots you and preview the pictures all you need to do is go HERE.  You can also start pre-purchasing Left 4 Dead on The PC and be ready to play when it comes out. Watch the Video from Steam for Left 4 Dead Intro In English. You can also Gift the Game for the Holidays, I would like one to get and try it out so if you want to give me the Gift just send it to me via my email address.  According to Steam, you will haveto pre-purchase Left 4 Dead and then the Demo will be available for you a week before hand!! so that is one good thing!!  So go buy it and enjoy!!!  Also you will need to install Steam to enjoy the demo.