The U.S. Centers for Disease Control has issued a warning about fraudulent e-mails referencing a "State Vaccination Program" sponsored by the CDC. According to the CDC, the message urges recipients to create a personal H1N1 (swine flu) Vaccination Profile on the cdc.gov website. The message then states that anyone who has reached the age of 18 has to have his/her personal Vaccination Profile on the cdc.gov site.
The CDC says that it has NOT implemented a state vaccination program requiring registration on www.cdc.gov.
Users who click on the “Create Personal Profile” link in the email are at risk of having malicious code installed on their system.
For legitimate information about H1N1 vaccination, please contact the CDC directly or speak with your health care provider.
Wednesday, December 2, 2009
Tuesday, October 27, 2009
Princeton Who’s Who Registry Scam
Wow! I’ve been tagged for inclusion in the “Princeton Who’s Who Registry,” and now I feel like a big deal.
Don’t—we repeat DO NOT—fall for this vanity scam or you will end up with an $800-plus charge. Bottom line: Never reveal your credit card, debit or bank account numbers or other personal information to someone who emails you or calls you on the phone.
A member of WebAddo's staff recently received this email, which has absolutely no connection to Princeton University, the august institution based in New Jersey:
Welcome! You were recently appointed as a biographical candidate to be listed in the 2009/2010 online Princeton Who’s Who Registry among Executives and Professionals. We are pleased to inform you that your candidacy was approved. Your prompt response is needed to ensure your correct professional information. For accuracy purposes, please be sure to visit your personal application to verify your biographical information at:
http://mywhoswhoapplication99.com/55 (links to: http://eliteprofessional.info/go.php/465039/16164676/3090717)
The office of the Managing Director appoints individuals based upon a candidate’s current position, and usually with information obtained from researched executive and professional listings. The Director thinks that you may make an interesting biographical subject, as individual achievement is what Princeton Who’s Who is all about. Upon final confirmation, you will be listed among thousands of accomplished individuals in the Princeton Who’s Who Registry. Remember, your listing is a privilege, and not based on paying a fee. On behalf of the Managing Director, we look forward to your appearance in this year’s edition. Best wishes for continued success.
Sincerely, Jennifer Rivera, Editor
Notice how it says there is no fee? Those who respond discover that they are urged to upgrade to a “premier level” at a cost of $800. “Shan,” writing on the Responsible Marketing blog, was taken in and charged $878.95 on January 5, 2009. Another writer said he was told that he couldn’t be included in the registry because he did not have a credit card. Ha!
Buyer Be Scared and don’t let your vanity get you scammed!
Don’t—we repeat DO NOT—fall for this vanity scam or you will end up with an $800-plus charge. Bottom line: Never reveal your credit card, debit or bank account numbers or other personal information to someone who emails you or calls you on the phone.
A member of WebAddo's staff recently received this email, which has absolutely no connection to Princeton University, the august institution based in New Jersey:
Welcome! You were recently appointed as a biographical candidate to be listed in the 2009/2010 online Princeton Who’s Who Registry among Executives and Professionals. We are pleased to inform you that your candidacy was approved. Your prompt response is needed to ensure your correct professional information. For accuracy purposes, please be sure to visit your personal application to verify your biographical information at:
http://mywhoswhoapplication99.com/55 (links to: http://eliteprofessional.info/go.php/465039/16164676/3090717)
The office of the Managing Director appoints individuals based upon a candidate’s current position, and usually with information obtained from researched executive and professional listings. The Director thinks that you may make an interesting biographical subject, as individual achievement is what Princeton Who’s Who is all about. Upon final confirmation, you will be listed among thousands of accomplished individuals in the Princeton Who’s Who Registry. Remember, your listing is a privilege, and not based on paying a fee. On behalf of the Managing Director, we look forward to your appearance in this year’s edition. Best wishes for continued success.
Sincerely, Jennifer Rivera, Editor
Notice how it says there is no fee? Those who respond discover that they are urged to upgrade to a “premier level” at a cost of $800. “Shan,” writing on the Responsible Marketing blog, was taken in and charged $878.95 on January 5, 2009. Another writer said he was told that he couldn’t be included in the registry because he did not have a credit card. Ha!
Buyer Be Scared and don’t let your vanity get you scammed!
Thursday, October 22, 2009
Essential Tips to Keep Your PC Safe
5. Choose a strong password
This is one of the most important steps to take in securing your computer or other accounts. A strong password will help keep your data safe not just from hackers, but also in the unfortunate circumstance that your laptop is stolen.
We recommend you pick a password with a minimum of 12 characters, but more is even better. Your password should include capital letters, lowercase letters, punctuation, numbers, and special characters. You should also avoid dictionary words, pets names, birthdays, or any other personal info that people could easily glean from a social networking site. Also try and add some variety by using numbers in place of letters (3=E, 5=S).
If you want to be especially secure, use a different password for every account you have. Develop a formula for creating unique passwords. Here's an example:
Start with a base, just as an example we'll use "home." Swap a few letters for numbers: h0m3. Then add the first letter of the service (e-mail, IM) or site (Facebook, banks, etc) the password is for and the number of letters in the name to the front -- we'll use the generic e-mail: e5h0m3. Then tack on the middle letter of the service name and the number of letters in your last name to the end of the password: e5h0m3a6. Lastly, capitalize a couple of those letters: e5H0m3A6.
Now you have a seemingly random password that should be easy for you to remember (if you can just remember the above 'system'). Just pick a longer base word than "home." You can also use a password management program like KeePass, 1Password, or RoboForm to help you keep track of all those passwords in case you have trouble memorizing them.
Bonus tip
Backup, backup, backup!
Sometimes, despite your best efforts, a virus or other nasty piece of malware can make its way into you PC and screw everything up. Should you live in total fear? Not at all -- as long as you backup your most important data on a regular basis, then you don't have to worry about viruses ruining your whole computer (or life). See our guide on backing up your computer for how to make sure that even the worst case scenario isn't that bad. Also, follow our tips on how to clean your PC and save your data if your computer is infected by a virus.
This is one of the most important steps to take in securing your computer or other accounts. A strong password will help keep your data safe not just from hackers, but also in the unfortunate circumstance that your laptop is stolen.
We recommend you pick a password with a minimum of 12 characters, but more is even better. Your password should include capital letters, lowercase letters, punctuation, numbers, and special characters. You should also avoid dictionary words, pets names, birthdays, or any other personal info that people could easily glean from a social networking site. Also try and add some variety by using numbers in place of letters (3=E, 5=S).
If you want to be especially secure, use a different password for every account you have. Develop a formula for creating unique passwords. Here's an example:
Start with a base, just as an example we'll use "home." Swap a few letters for numbers: h0m3. Then add the first letter of the service (e-mail, IM) or site (Facebook, banks, etc) the password is for and the number of letters in the name to the front -- we'll use the generic e-mail: e5h0m3. Then tack on the middle letter of the service name and the number of letters in your last name to the end of the password: e5h0m3a6. Lastly, capitalize a couple of those letters: e5H0m3A6.
Now you have a seemingly random password that should be easy for you to remember (if you can just remember the above 'system'). Just pick a longer base word than "home." You can also use a password management program like KeePass, 1Password, or RoboForm to help you keep track of all those passwords in case you have trouble memorizing them.
Bonus tip
Backup, backup, backup!
Sometimes, despite your best efforts, a virus or other nasty piece of malware can make its way into you PC and screw everything up. Should you live in total fear? Not at all -- as long as you backup your most important data on a regular basis, then you don't have to worry about viruses ruining your whole computer (or life). See our guide on backing up your computer for how to make sure that even the worst case scenario isn't that bad. Also, follow our tips on how to clean your PC and save your data if your computer is infected by a virus.
Tuesday, October 20, 2009
5 Essential Tips to Keep Your PC Safe
4. Don't use an administrative account
Administrator accounts on your computer should only used when you want to make big changes to your system, or install new software. At all other times you should be using 'standard user' accounts when you're logging into and using your computer.
Luckily, Linux and OS X require a password anytime you want to make changes to the computer, and Windows 7 and Vista by default use "standard user" accounts when creating new accounts. Windows XP, on the other hand, defaults to an administrative user account, which allows unfettered access to the inner workings of the OS and makes it easier for malware and hackers to hijack your PC and steal data, or make potentially disastrous changes to your OS and files. If you're on Windows XP, make sure you create and switch over to a standard user account for all activities other than installing software.
Of course, since you need your administrative account to install stuff, then you'll need to follow or last essential tip, which we will post shortly.
Administrator accounts on your computer should only used when you want to make big changes to your system, or install new software. At all other times you should be using 'standard user' accounts when you're logging into and using your computer.
Luckily, Linux and OS X require a password anytime you want to make changes to the computer, and Windows 7 and Vista by default use "standard user" accounts when creating new accounts. Windows XP, on the other hand, defaults to an administrative user account, which allows unfettered access to the inner workings of the OS and makes it easier for malware and hackers to hijack your PC and steal data, or make potentially disastrous changes to your OS and files. If you're on Windows XP, make sure you create and switch over to a standard user account for all activities other than installing software.
Of course, since you need your administrative account to install stuff, then you'll need to follow or last essential tip, which we will post shortly.
Tuesday, October 13, 2009
Essential Tips to Keep Your PC Safe
3. Install a spyware/malware removal tool
Speaking of malware, there are plenty of threats and annoyances out there besides viruses, including spyware (which tracks what you do and where you go online), adware (software that bombards you with unwanted pop-up ads and the like), key-loggers (software that logs all your keystrokes, making it easy to snag your passwords and other personal information) and more. Most anti-virus applications, especially the paid ones, include some form of malware removal, but we strongly recommend you get a dedicated tool... or two. Apps like SpyBot and MalwareBytes are much better at removing and protecting against spyware than a multi-function program, so you'll want one regardless of what other security software you have installed.
As an added bonus, some apps, such as SpyBot, are able to immunize your PC against certain malware apps permanently, and will alert you anytime something attempts to make changes to your systems registry -- one of the major ways such malware hijacks your PC. This is a feature often missing from anti-virus programs, particularly free ones.
Speaking of malware, there are plenty of threats and annoyances out there besides viruses, including spyware (which tracks what you do and where you go online), adware (software that bombards you with unwanted pop-up ads and the like), key-loggers (software that logs all your keystrokes, making it easy to snag your passwords and other personal information) and more. Most anti-virus applications, especially the paid ones, include some form of malware removal, but we strongly recommend you get a dedicated tool... or two. Apps like SpyBot and MalwareBytes are much better at removing and protecting against spyware than a multi-function program, so you'll want one regardless of what other security software you have installed.
As an added bonus, some apps, such as SpyBot, are able to immunize your PC against certain malware apps permanently, and will alert you anytime something attempts to make changes to your systems registry -- one of the major ways such malware hijacks your PC. This is a feature often missing from anti-virus programs, particularly free ones.
Wednesday, October 7, 2009
Essential Tips to Keep Your PC Safe
Set up a firewall
Firewalls control the flow of data into and out of your PC and are essential for keeping out hackers. Most importantly, they prevent any malware (bad programs with viruses and the like) you might accidentally pick up from sending out your personal data over the Internet.
Both Windows and Mac OS X come with a basic firewall pre-installed. You can access Windows Firewall in Vista and Windows 7 by going to Control Panel -> System and Security -> Windows Firewall, or in Windows XP by going Control Panel -> Security Center -> Windows Firewall. In Mac OS X, the firewall options are located in System Prefs -> Security -> Firewall. At the very least, make sure you have these basic firewalls turned on.
For Windows users, there are also free options like ZoneAlarm and Comodo, which are standalone packages that offer stronger protection against intrusion and more advanced options for controlling what programs are allowed to send or receive data than the aforementioned built-in Windows firewalls. Paid Internet security suites (like Norton and Kapersky) also pack firewalls that are tightly integrated into the anti-virus and other security tools, meaning there is one less piece of software to worry about updating and learning to use.
Firewalls control the flow of data into and out of your PC and are essential for keeping out hackers. Most importantly, they prevent any malware (bad programs with viruses and the like) you might accidentally pick up from sending out your personal data over the Internet.
Both Windows and Mac OS X come with a basic firewall pre-installed. You can access Windows Firewall in Vista and Windows 7 by going to Control Panel -> System and Security -> Windows Firewall, or in Windows XP by going Control Panel -> Security Center -> Windows Firewall. In Mac OS X, the firewall options are located in System Prefs -> Security -> Firewall. At the very least, make sure you have these basic firewalls turned on.
For Windows users, there are also free options like ZoneAlarm and Comodo, which are standalone packages that offer stronger protection against intrusion and more advanced options for controlling what programs are allowed to send or receive data than the aforementioned built-in Windows firewalls. Paid Internet security suites (like Norton and Kapersky) also pack firewalls that are tightly integrated into the anti-virus and other security tools, meaning there is one less piece of software to worry about updating and learning to use.
Monday, October 5, 2009
5 Tips to Keep Your PC Safe
One of the most important things everyone -- even Mac users -- needs to do with a computer is to make sure it is as secure from viruses, phishing scams, and other 'net threats as possible. No matter how often you practice safe browsing habits or think twice before clicking on a random link in your e-mail, you'd be surprised how often even the most cautious of folks can be caught off guard, which is why you need to have some basic security measures in place to protect you (and your computer), should something slip past. We've boiled it down to five basic steps that everyone -- even the computer and 'Net-threat-savvy -- should take to make sure that their PC and personal data are safe. We will review one step each day this week.
1. Get an anti-virus program
It doesn't matter whether you opt for a free product like AVG Free or the new Microsoft Security Essentials, or spend the money on a commercial product like Norton Internet Security or Kaspersky Internet Security. What's important is that you get yourself some virus protection that has a few basic features -- live protection (a real-time shield that will protect whatever you're working on at the moment, not just scheduled scans), and a behavior-based detection engine that looks for software that is acting suspiciously. All quality anti-virus programs -- even the free ones -- have these essential features. Primarily what you get with a paid product is a more polished interface (the previously mentioned AVG Free is ugly as sin and sometimes confusing) and better integration with other security tools, so you don't have to run separate updates on various pieces of security software.
Once you pick an anti-virus program, make sure that it is scheduled to download updates and run a quick scan once a day. Set it to run in the middle of the night at, say, 3 a.m., so it won't interfere with your other computing activities.
Commercial options usually come as part of complete security suites, which can address our next tip which we will discuss tomorrow.
1. Get an anti-virus program
It doesn't matter whether you opt for a free product like AVG Free or the new Microsoft Security Essentials, or spend the money on a commercial product like Norton Internet Security or Kaspersky Internet Security. What's important is that you get yourself some virus protection that has a few basic features -- live protection (a real-time shield that will protect whatever you're working on at the moment, not just scheduled scans), and a behavior-based detection engine that looks for software that is acting suspiciously. All quality anti-virus programs -- even the free ones -- have these essential features. Primarily what you get with a paid product is a more polished interface (the previously mentioned AVG Free is ugly as sin and sometimes confusing) and better integration with other security tools, so you don't have to run separate updates on various pieces of security software.
Once you pick an anti-virus program, make sure that it is scheduled to download updates and run a quick scan once a day. Set it to run in the middle of the night at, say, 3 a.m., so it won't interfere with your other computing activities.
Commercial options usually come as part of complete security suites, which can address our next tip which we will discuss tomorrow.
Thursday, October 1, 2009
How Can You Keep Your Kids From Getting Tangled in the World Wide Web?
The Internet is a valuable tool, and one the whole family can enjoy. However, it can also be a serious threat and danger to unsuspecting and inexperienced children. Here are a few simple guidelines that all households should follow to keep kids safe when surfing the web.
•Place computers in a common room in full view of everyone - not in kids' bedrooms.
•Learn about filtering software and parental controls. (www.http://www.parentalcontrolbar.org/)
•Use search engines such as Yahoo!Kids (www.yahookids.com) and Ask for Kids (www.askforkids.com).
•Teach kids never to give out their telephone number or address online.
•Keep the Internet account in your name to control passwords and filtering.
•Check your childrens' Internet browsing history.
•Allow them to email and instant-message only people they know.
•Randomly check their email and buddy lists.
•If your children participate in chats, help them pick screen names that don't reveal personal information.
•Make sure your kids' online photos don't reveal identifying information, such as their school's name.
•Teach kids to use caution when posting about their friends and plans.
•If someone posts threatening or dangerous comments about your child, report it to the police and your service provider.
•No downloading without your permission.
Be aware of what sites your child is using and what messages are being given in the form of online games. Talk to your children about what they encounter online and how to know which sites could be harmful to them.
•Social networking sites such as MySpace and Facebook set minimum ages for participation. Generally, if your children are 13 or younger, you can have their pages removed. Read a site's Terms of Use carefully for full details.
•Ask to see your kids' pages on social networking sites. Read their blogs if they have them.
•Have your kids use the privacy settings on social networking sites, but be aware that some information such as their picture, nickname, age and location may still be available for all users to see.
•Go through your kids' "friends" lists to make sure they know and trust those people in real life. Consider making your own profile and "friending" your kids' to stay informed about what they're posting.
Questions about kids and computers? Visit www.netsmartz411.org for expert advice from the National Center for Missing & Exploited Children.
•Place computers in a common room in full view of everyone - not in kids' bedrooms.
•Learn about filtering software and parental controls. (www.http://www.parentalcontrolbar.org/)
•Use search engines such as Yahoo!Kids (www.yahookids.com) and Ask for Kids (www.askforkids.com).
•Teach kids never to give out their telephone number or address online.
•Keep the Internet account in your name to control passwords and filtering.
•Check your childrens' Internet browsing history.
•Allow them to email and instant-message only people they know.
•Randomly check their email and buddy lists.
•If your children participate in chats, help them pick screen names that don't reveal personal information.
•Make sure your kids' online photos don't reveal identifying information, such as their school's name.
•Teach kids to use caution when posting about their friends and plans.
•If someone posts threatening or dangerous comments about your child, report it to the police and your service provider.
•No downloading without your permission.
Be aware of what sites your child is using and what messages are being given in the form of online games. Talk to your children about what they encounter online and how to know which sites could be harmful to them.
•Social networking sites such as MySpace and Facebook set minimum ages for participation. Generally, if your children are 13 or younger, you can have their pages removed. Read a site's Terms of Use carefully for full details.
•Ask to see your kids' pages on social networking sites. Read their blogs if they have them.
•Have your kids use the privacy settings on social networking sites, but be aware that some information such as their picture, nickname, age and location may still be available for all users to see.
•Go through your kids' "friends" lists to make sure they know and trust those people in real life. Consider making your own profile and "friending" your kids' to stay informed about what they're posting.
Questions about kids and computers? Visit www.netsmartz411.org for expert advice from the National Center for Missing & Exploited Children.
Friday, September 25, 2009
Twitter Scam Incidents Growing
Twitter is good fun for millions -- and a commercial opportunity akin to email for people who want to market their products and services, including, of course, Twitter spammers.
Since some people eventually accumulate many thousands of followers, they have a ready audience for whatever they're trying to sell -- whether it's an opinion or a birdhouse. (Some celebrities and politicians have over a million followers.)
Hardly surprising then that the mushrooming growth of this social networking site has given birth to a number of Twitter scams.
Here are the main types of Twitter scams:
1. "Easy-money, work-from-home" schemes
With this Twitter scam, firms claim they can show you how you can make money by promoting other people's products to them.
They charge a modest sign-up fee, typically a couple of dollars, but when you pay (with your credit card) you're also signing up for a recurring monthly membership fee of around $40 for ongoing tips.
Now, there are many legitimate membership sites that charge recurring monthly fees. However, what makes these Twitter scams is that the membership explanation is either completely hidden or non-existent -- and it's almost impossible to cancel and get your money back.
Needless to say, the only people making money from this scheme is the Twitter scam artist.
For more on phony work-from-home schemes, check out these articles:
Top 10 Work At Home and Home Based Business Scams
Work At Home Jobs: How to Avoid Getting Scammed
2. Promises of thousands of instant followers
Whether you want lots of followers out of personal vanity or to plug misguidedly into the Twitter scam outlined above, you might be tempted to sign up for a service that offers to deliver thousands of followers literally overnight.
They claim to be able to do this by identifying other Twitter users who automatically follow anyone who follows them.
Some even claim they have built up databases of people according to their interests, so you can be sure you are targeting the right people with your "tweets."
Well, they may or may not be able to do all of these things but they're really no different from people who sell email addresses to spammers.
They charge for the service, of course, and if you buy, you could end up being accused of trying to send Twitter spam and be banned from Twitter.
3. The Twitter phishing scam
Well, what did you expect? Anyplace where there's a chance of netting someone's personal details is a haven for phishing -- the technique of fooling people into disclosing things like passwords, Social Security numbers and other confidential information.
Twitter phishing scammers have a number of different tricks for doing this but they mostly boil down to the same fatal step -- getting you to click a link that takes you to what appears to be a Twitter sign-on page where you give them your password.
Once they have that, they can pretend they're you and use your account for evil purposes -- like spreading more Twitter spam or infecting other people's computers.
One sneaky Twitter scammer invited followers to make up a username using their answers to three common sign-on secret questions, "just for fun."
For example, your first pet's name, your mother's maiden name and your first car, might yield: TrixieDoeTBird.
Scores of people responded, giving this Twitter scammer a possible route to hacking into their various online accounts by answering their secret question to get a new password!
Read more about phishing in this Scambusters article: Phishing Scams: How You Can Protect Yourself.
4. Spreading viruses and spyware
This Twitter scam is in full swing, using tempting messages like "Just saw this photo of you" followed by a link that, when you click it, takes you to a site that uploads malware onto your computer.
Sometimes, by exploiting the phishing technique outlined above, the message may seem to come from one of your regular followers, perhaps even a friend or relative. In reality, their Twitter account has been hijacked.
There are some clever variations of this Twitter scam. For instance, one site offered a program that, when installed, supposedly would tell you who had been checking out your Twitter profile.
It did nothing of the sort. Instead, it installed spyware.
5. Other money-making Twitter scams
Twitter scammers have developed lots more cunning ideas that try to fool you into parting with your hard-earned cash, some of them variations of scams we've seen many times before in other guises.
For instance, you may get a message from someone you know claiming to be in trouble and asking you to wire cash. In fact, their Twitter account has been hijacked by a scammer.
Or, you may have been tweeting about a product you want to buy, when you get a "direct-message" tweet from someone who claims to work for the manufacturer or retailer and offers to sell you one at a bargain price. Of course, they want your credit card number.
Then there's the tweet that tells you you've won a cell phone. You just have to send them your existing number so it can be transferred to the new device. In fact, you're signing up for a monthly astrology service charged to your phone account.
By the time you read this, some other Twitter scam merchant will probably have come up with another ruse to try to relieve you of information or money.
Since some people eventually accumulate many thousands of followers, they have a ready audience for whatever they're trying to sell -- whether it's an opinion or a birdhouse. (Some celebrities and politicians have over a million followers.)
Hardly surprising then that the mushrooming growth of this social networking site has given birth to a number of Twitter scams.
Here are the main types of Twitter scams:
1. "Easy-money, work-from-home" schemes
With this Twitter scam, firms claim they can show you how you can make money by promoting other people's products to them.
They charge a modest sign-up fee, typically a couple of dollars, but when you pay (with your credit card) you're also signing up for a recurring monthly membership fee of around $40 for ongoing tips.
Now, there are many legitimate membership sites that charge recurring monthly fees. However, what makes these Twitter scams is that the membership explanation is either completely hidden or non-existent -- and it's almost impossible to cancel and get your money back.
Needless to say, the only people making money from this scheme is the Twitter scam artist.
For more on phony work-from-home schemes, check out these articles:
Top 10 Work At Home and Home Based Business Scams
Work At Home Jobs: How to Avoid Getting Scammed
2. Promises of thousands of instant followers
Whether you want lots of followers out of personal vanity or to plug misguidedly into the Twitter scam outlined above, you might be tempted to sign up for a service that offers to deliver thousands of followers literally overnight.
They claim to be able to do this by identifying other Twitter users who automatically follow anyone who follows them.
Some even claim they have built up databases of people according to their interests, so you can be sure you are targeting the right people with your "tweets."
Well, they may or may not be able to do all of these things but they're really no different from people who sell email addresses to spammers.
They charge for the service, of course, and if you buy, you could end up being accused of trying to send Twitter spam and be banned from Twitter.
3. The Twitter phishing scam
Well, what did you expect? Anyplace where there's a chance of netting someone's personal details is a haven for phishing -- the technique of fooling people into disclosing things like passwords, Social Security numbers and other confidential information.
Twitter phishing scammers have a number of different tricks for doing this but they mostly boil down to the same fatal step -- getting you to click a link that takes you to what appears to be a Twitter sign-on page where you give them your password.
Once they have that, they can pretend they're you and use your account for evil purposes -- like spreading more Twitter spam or infecting other people's computers.
One sneaky Twitter scammer invited followers to make up a username using their answers to three common sign-on secret questions, "just for fun."
For example, your first pet's name, your mother's maiden name and your first car, might yield: TrixieDoeTBird.
Scores of people responded, giving this Twitter scammer a possible route to hacking into their various online accounts by answering their secret question to get a new password!
Read more about phishing in this Scambusters article: Phishing Scams: How You Can Protect Yourself.
4. Spreading viruses and spyware
This Twitter scam is in full swing, using tempting messages like "Just saw this photo of you" followed by a link that, when you click it, takes you to a site that uploads malware onto your computer.
Sometimes, by exploiting the phishing technique outlined above, the message may seem to come from one of your regular followers, perhaps even a friend or relative. In reality, their Twitter account has been hijacked.
There are some clever variations of this Twitter scam. For instance, one site offered a program that, when installed, supposedly would tell you who had been checking out your Twitter profile.
It did nothing of the sort. Instead, it installed spyware.
5. Other money-making Twitter scams
Twitter scammers have developed lots more cunning ideas that try to fool you into parting with your hard-earned cash, some of them variations of scams we've seen many times before in other guises.
For instance, you may get a message from someone you know claiming to be in trouble and asking you to wire cash. In fact, their Twitter account has been hijacked by a scammer.
Or, you may have been tweeting about a product you want to buy, when you get a "direct-message" tweet from someone who claims to work for the manufacturer or retailer and offers to sell you one at a bargain price. Of course, they want your credit card number.
Then there's the tweet that tells you you've won a cell phone. You just have to send them your existing number so it can be transferred to the new device. In fact, you're signing up for a monthly astrology service charged to your phone account.
By the time you read this, some other Twitter scam merchant will probably have come up with another ruse to try to relieve you of information or money.
Wednesday, September 23, 2009
Clampi Virus Targets Users at Banks and Credit Card Sites
Keeping up with the latest Web security threats is a daunting task, because viruses and trojans emerge, evolve, and spread at an alarming rate. While some infections like Nine Ball, Conficker, and Gumblar have hit the scene and immediately become the scourge of the cyber security world, others take their time -- quietly infiltrating more and more computers before revealing the true depth of the danger they pose.
One such slow grower is Clampi, a trojan that made its debut as early as 2007 (depending on who you ask) but is only now raising hairs outside professional security circles. Clampi primarily spreads via malicious sites designed to dispense malware, but it's also been spotted on legitimate sites that have been hacked to host malicious links and ads. Using these methods, Clampi has infected as many as half a million computers, Joe Stewart, of SecureWorks, told a crowd at the Black Hat Security Conference in July, USA Today reports.
Once installed on a PC, the trojan quietly waits for you to visit a credit card or banking Web site. When it detects you're on one of the roughly 4,600 financial Web sites it's trained to watch, it records your username and password, and feeds that information back to the criminals. Clampi can even watch for network login information, allowing it to spread quickly through networked PCs (e.g., those in an office). In fact, it seems that businesses have been the primary target of Clampi so far.
According to the Times Online, in July, an auto parts shop in Georgia was robbed of $75,000 when criminals stole online banking information using Clampi. The trojan was also used to infiltrate computers for a public school district in Oklahoma and submit $150,000 in fake payroll payments.
Part of what makes Clampi so worrisome is the sheer breadth of its reach. Most trojans of its kind only watch about 30 different financial sites, Stewart told Network World. Clampi, on the other hand, watches over 150 times as many. Additionally, the coders of the malware have closely guarded their creation, wrapping it in heavy encryption. That tactic has so far kept security experts from identifying all of the sites being watched by it.
As usual, the best defense starts with good browsing habits. Also, make sure to have an up-to-date anti-virus package installed and a quality firewall set up. The Telegraph also suggests making all online purchases with a pre-paid credit card, in order to limit the damage in the event your computer does become infected.
If you are unsure if your company network is safe, please contact WebAddo at 770-217-7350 as soon as possible. Security measures can be implemented that will ensure the privacy and security of your sensitive data and information.
Thursday, September 17, 2009
Fan Check Facebook Virus
We’ve received tips about a Facebook application called Fan Check; reports say this application is actually a virus, and should be avoided at all costs. We’ve dug a bit deeper, however, and it seems more likely that the rumor about Fan Check (even if the actual virus exists, which we’ve found no proof of) has been used to lead users to various malware and spyware ridden sites.
This alleged virus has only been described on a couple of blogs, but we’ve found no reports about it on sites of security firms such as McAfee or Symantec.
The virus supposedly acts in the following way: if you try to access a Facebook application located at apps.facebook.com/fancheck/ (previously called StalkerCheck), you’ll get this message:
“FanCheck is adding new features and new capacity. This could take a few days. Please become a fan, and we’ll send you an update when we’re back online”.
According to sources, merely becoming a fan will “infect” your Facebook account, which is highly unlikely. All other reports about the virus seem to be created by spammers themselves. Google lists the phrase “facebook fan check virus” as a popular trend, but there lies the problem; if you actually try to search for this phrase, you’ll be bombarded by sites containing malware.
We believe that this is merely a two part hoax: on one hand, you have a defunct application that allegedly lets you see who’s been visiting your Facebook profile – which cannot work due to Facebook’s policies, and all applications claiming to do so are scams. On the other, spammers and malicious hackers are feeding the rumors around this application to lead people to search for a solution, and getting their computers infected by malware in return.
In any case, this is what you should do: stay away from Fan Check application – or any other Facebook application that hints at being able to tell you who’s been visiting your profile. Furthermore, don’t search for the “Fan Check Facebook virus,” as it is most likely a hoax.
This alleged virus has only been described on a couple of blogs, but we’ve found no reports about it on sites of security firms such as McAfee or Symantec.
The virus supposedly acts in the following way: if you try to access a Facebook application located at apps.facebook.com/fancheck/ (previously called StalkerCheck), you’ll get this message:
“FanCheck is adding new features and new capacity. This could take a few days. Please become a fan, and we’ll send you an update when we’re back online”.
According to sources, merely becoming a fan will “infect” your Facebook account, which is highly unlikely. All other reports about the virus seem to be created by spammers themselves. Google lists the phrase “facebook fan check virus” as a popular trend, but there lies the problem; if you actually try to search for this phrase, you’ll be bombarded by sites containing malware.
We believe that this is merely a two part hoax: on one hand, you have a defunct application that allegedly lets you see who’s been visiting your Facebook profile – which cannot work due to Facebook’s policies, and all applications claiming to do so are scams. On the other, spammers and malicious hackers are feeding the rumors around this application to lead people to search for a solution, and getting their computers infected by malware in return.
In any case, this is what you should do: stay away from Fan Check application – or any other Facebook application that hints at being able to tell you who’s been visiting your profile. Furthermore, don’t search for the “Fan Check Facebook virus,” as it is most likely a hoax.
Thursday, September 3, 2009
"Life is Beautiful" Virus
It seems like everyday a new virus is released int cyberspace. However, many of these alerts that we receive are false. For instance, many of you may have recently received the following email:
Be Extremely Careful especibally if using internet mail such as Yahoo, Hotmail,Gmail,AOL and so on. bThis information arrived this morning direct from both Microsoft and Norton.Please send it to everybody you know who has access to the Internet. You may receive an apparently harmless email with a Power Point presentation 'Life is beautiful.' If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES , and delete it immediately ... If you open this file, a message will appear on your screen saying: 'It is too late now, your life is no longer beautiful.' Subsequently you will LOSE EVERYTHING IN YOUR PC and the person who sent it to you will gain access to your name, e-mail and password. This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it.The virus has been created by a hacker who calls himself 'life owner.' PLEASE SEND A COPY OF THIS EMAIL TO ALL YOUR FRIENDS and ask them to PASS IT ON IMMEDIATELY
This is a hoax. There is no such virus. So before following the email's instructions and forwarding this to 10,000 of your closest friends and family, please visit http://www.snopes.com/computer/virus/virus.asp to make sure that the threat is legit.
Be Extremely Careful especibally if using internet mail such as Yahoo, Hotmail,Gmail,AOL and so on. bThis information arrived this morning direct from both Microsoft and Norton.Please send it to everybody you know who has access to the Internet. You may receive an apparently harmless email with a Power Point presentation 'Life is beautiful.' If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES , and delete it immediately ... If you open this file, a message will appear on your screen saying: 'It is too late now, your life is no longer beautiful.' Subsequently you will LOSE EVERYTHING IN YOUR PC and the person who sent it to you will gain access to your name, e-mail and password. This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it.The virus has been created by a hacker who calls himself 'life owner.' PLEASE SEND A COPY OF THIS EMAIL TO ALL YOUR FRIENDS and ask them to PASS IT ON IMMEDIATELY
This is a hoax. There is no such virus. So before following the email's instructions and forwarding this to 10,000 of your closest friends and family, please visit http://www.snopes.com/computer/virus/virus.asp to make sure that the threat is legit.
Tuesday, September 1, 2009
The Worst Computer Viruses -Part I
As more computer users become wise to viruses, the criminals behind them are often a few steps ahead. Some malware infects your computer without you ever realizing it and then can truly mess up your life. Others arrive as a result of user mistakes, then do their dirty work undetected. We've got the scoop on 12 of the most devious and crafty viruses currently out there, including information on how they can harm you and tips on how to protect yourself against them. Here are a few:
The Storm Worm
This virus is one of the nastiest and most prolific out there. It's a backdoor Trojan - malicious software disguised as a harmless program - that is spread to PCs via fake news and holiday greeting card e-mails. Once infected, your computer becomes part of a botnet, a network of computers running and spreading the malware at an alarmingly fast rate -- so essentially your computer not only slows down, but also serves as a perpetrator of the crime. How to protect yourself? Don't open any files in e-mails from people you don't know, turn on your e-mail program's spam prevention tool, and make sure your virus protection software is up-to-date.
Mal/Hupig-D
Mal/Hupig-D runs in the background of Windows and steals your passwords, credit card information, and the like. Virus scanners look for it now, but rely on your common sense first and don't click on suspicious e-mails. If you're worried that your computer might be infected with it, don't enter your passwords or credit card information until you get it looked at by a computer professional.
OSX/Hovdy-A
Sorry, Mac users, but you're in danger too. This Trojan affects computers using Mac OS X 10.4 or 10.5, and lets the bad guys use your Apple Remote Desktop agent for a host of disturbing activities. The virus can be used to monitor your keystrokes, transmit passwords, turn on file sharing, take screenshots, and, creepiest of all, take pictures with the built-in iSight camera -- all unbeknownst to you! It's spread through downloads that you have to agree to, so if you stay sharp, avoid sketchy utilities, and keep your anti-virus protection current, you'll be fine.
The Facebook Trojan, aka Troj/Dloadr-BPL
Facebook users have probably seen it happen - a friend posts a link to a Web site on other people's walls, urging them to see a funny video or find out who has a crush on them. Just as with spam e-mails, the link takes you to a bogus site that tells you to download a newer version of Flash, which turns out to be Troj/Dloadr-BPL. This virus then lets hackers take over your computer to spread spam and malware. Basically, criminals are using Facebook because they think users are more likely to visit a link if a friend tells them to. The solution? Don't click it, or better yet, stop using those annoying Facebook Wall programs anyway. Be particularly wary of videos posted by people who don't usually send videos (at least to you).
Zlob
Beginning in 2005, the Zlob Trojan has been infecting computers by convincing users they need to download a codec to view a spam or porn video. The Trojan then reroutes your Internet traffic through a hacker's server. The end result is a computer that shuts down randomly and reboots with confusing text messages. The newest variation of Zlob actually works on your Wi-Fi router by running through a list of default username and password combos, which many users never bother to change. In addition to the usual anti-virus and trusted downloading advice, this time make sure to change your router's security settings and passwords on a regular basis. It's that easy.
Mebroot
Starting around the last new year, the Mebroot virus began infiltrating computers' master boot records, the part of the hard drive that loads the operating system, by installing itself from untrusted Web sites. The virus installs keyloggers that are triggered when the infected computer is used to visit any of 900 financial sites, stealing usernames and passwords any time they're typed (and thus eventually stealing your money or identity). Unfortunately, his rootkit hides from most virus protection software, but you can visit GMER to get software that scans and deletes this menace.
As you are reading this, there are hackers and viruses infecting computers and stealing data. Don't let this happen to you. Your data and the data of your customers is valuable and should never fall into the wrong hands.
If you suspect that any of your office computers may be infected, call WebAddo at 770-217-7350 as soon as possible for a Technology Appraisal.
The Storm Worm
This virus is one of the nastiest and most prolific out there. It's a backdoor Trojan - malicious software disguised as a harmless program - that is spread to PCs via fake news and holiday greeting card e-mails. Once infected, your computer becomes part of a botnet, a network of computers running and spreading the malware at an alarmingly fast rate -- so essentially your computer not only slows down, but also serves as a perpetrator of the crime. How to protect yourself? Don't open any files in e-mails from people you don't know, turn on your e-mail program's spam prevention tool, and make sure your virus protection software is up-to-date.
Mal/Hupig-D
Mal/Hupig-D runs in the background of Windows and steals your passwords, credit card information, and the like. Virus scanners look for it now, but rely on your common sense first and don't click on suspicious e-mails. If you're worried that your computer might be infected with it, don't enter your passwords or credit card information until you get it looked at by a computer professional.
OSX/Hovdy-A
Sorry, Mac users, but you're in danger too. This Trojan affects computers using Mac OS X 10.4 or 10.5, and lets the bad guys use your Apple Remote Desktop agent for a host of disturbing activities. The virus can be used to monitor your keystrokes, transmit passwords, turn on file sharing, take screenshots, and, creepiest of all, take pictures with the built-in iSight camera -- all unbeknownst to you! It's spread through downloads that you have to agree to, so if you stay sharp, avoid sketchy utilities, and keep your anti-virus protection current, you'll be fine.
The Facebook Trojan, aka Troj/Dloadr-BPL
Facebook users have probably seen it happen - a friend posts a link to a Web site on other people's walls, urging them to see a funny video or find out who has a crush on them. Just as with spam e-mails, the link takes you to a bogus site that tells you to download a newer version of Flash, which turns out to be Troj/Dloadr-BPL. This virus then lets hackers take over your computer to spread spam and malware. Basically, criminals are using Facebook because they think users are more likely to visit a link if a friend tells them to. The solution? Don't click it, or better yet, stop using those annoying Facebook Wall programs anyway. Be particularly wary of videos posted by people who don't usually send videos (at least to you).
Zlob
Beginning in 2005, the Zlob Trojan has been infecting computers by convincing users they need to download a codec to view a spam or porn video. The Trojan then reroutes your Internet traffic through a hacker's server. The end result is a computer that shuts down randomly and reboots with confusing text messages. The newest variation of Zlob actually works on your Wi-Fi router by running through a list of default username and password combos, which many users never bother to change. In addition to the usual anti-virus and trusted downloading advice, this time make sure to change your router's security settings and passwords on a regular basis. It's that easy.
Mebroot
Starting around the last new year, the Mebroot virus began infiltrating computers' master boot records, the part of the hard drive that loads the operating system, by installing itself from untrusted Web sites. The virus installs keyloggers that are triggered when the infected computer is used to visit any of 900 financial sites, stealing usernames and passwords any time they're typed (and thus eventually stealing your money or identity). Unfortunately, his rootkit hides from most virus protection software, but you can visit GMER to get software that scans and deletes this menace.
As you are reading this, there are hackers and viruses infecting computers and stealing data. Don't let this happen to you. Your data and the data of your customers is valuable and should never fall into the wrong hands.
If you suspect that any of your office computers may be infected, call WebAddo at 770-217-7350 as soon as possible for a Technology Appraisal.
Tuesday, August 25, 2009
How to Use Blogging and Social Networking to Attract More Business
Just what is a blog? In simple terms, a blog is a web site where you write stuff on an ongoing basis. New stuff shows up at the top, so your visitors can read what's new. Then they comment on it or link to it or email you. Small businesses have now figured out that social networking and blogging will help them make more sales and connect with more clients. It is surprising that more small businesses have not already jumped on the bandwagon to get the word out about their business and what they do.
It is the perfect way to market, especially if you are on a budget. Real estate agents, handymen, and insurance agents are all incorporating social networking and blogging into their marketing plans.Blogging allows you to open up a conversation with people who want to learn more about your services. They can read your posts and then leave comments to give you feedback on each topic you write about. If your industry has made some recent changes, your blog is the best place to let people know.
Be sure to use your keywords, including the city you do business in, in the titles of your blog posts. Search engines will also reward you for posting regularly to your blog.
Facebook is one way to connect with prospects and clients in a more personal way. You can import your blog into your homepage on Facebook, giving greater exposure to all of your posts and other information. You can also create a group or a page on Facebook, where prospects can connect with you on an even more personal basis. You can provide advice, discount coupons, and anything else that your clientele may want from you. You are the expert, and it is another way for you to position yourself as an expert in your field to attract new clients.
Twitter is another social networking site that is proving to be good for small businesses. You can include the name of your business and a link back to your company blog or website. In your bio be sure to tell people where you are located if you do business in a specific geographical area. Send a tweet a couple of times a day to let people know what aspect of your business you are engaged in at that time, and use a service like tweet later to send automatic tweets every time you post to your blog.
The idea is for all of this to be less time consuming so that you can focus more time and energy on your business, while still marketing yourself on the Internet. If you need help learning how to do all of these things, or with online writing in general, you can find free weekly teleseminars that will teach you how to blog and use social networking to increase your visibility, credibility and income by visiting http://www.EbookWritingandMarketingSecrets.com. You can also sign up for a free blog at www.blogger.com.
Visit us at http://webaddo.blogspot.com to view our technology blog. We will strive to keep you up to date with virus alerts, technology updates and any other tech related news that may affect you and your business. For questions about online technology or business technology in general, contact WebAddo anytime at 770-217-7350.
It is the perfect way to market, especially if you are on a budget. Real estate agents, handymen, and insurance agents are all incorporating social networking and blogging into their marketing plans.Blogging allows you to open up a conversation with people who want to learn more about your services. They can read your posts and then leave comments to give you feedback on each topic you write about. If your industry has made some recent changes, your blog is the best place to let people know.
Be sure to use your keywords, including the city you do business in, in the titles of your blog posts. Search engines will also reward you for posting regularly to your blog.
Facebook is one way to connect with prospects and clients in a more personal way. You can import your blog into your homepage on Facebook, giving greater exposure to all of your posts and other information. You can also create a group or a page on Facebook, where prospects can connect with you on an even more personal basis. You can provide advice, discount coupons, and anything else that your clientele may want from you. You are the expert, and it is another way for you to position yourself as an expert in your field to attract new clients.
Twitter is another social networking site that is proving to be good for small businesses. You can include the name of your business and a link back to your company blog or website. In your bio be sure to tell people where you are located if you do business in a specific geographical area. Send a tweet a couple of times a day to let people know what aspect of your business you are engaged in at that time, and use a service like tweet later to send automatic tweets every time you post to your blog.
The idea is for all of this to be less time consuming so that you can focus more time and energy on your business, while still marketing yourself on the Internet. If you need help learning how to do all of these things, or with online writing in general, you can find free weekly teleseminars that will teach you how to blog and use social networking to increase your visibility, credibility and income by visiting http://www.EbookWritingandMarketingSecrets.com. You can also sign up for a free blog at www.blogger.com.
Visit us at http://webaddo.blogspot.com to view our technology blog. We will strive to keep you up to date with virus alerts, technology updates and any other tech related news that may affect you and your business. For questions about online technology or business technology in general, contact WebAddo anytime at 770-217-7350.
Thursday, August 6, 2009
Are you ready for Windows 7?
According to Microsoft, Windows 7 is the easiest, fastest, and most engaging version of Windows yet. Based on our experience with Vista, that remains to be seen. Here is what the experts are saying:
If you installed Vista on your PC within the first month of its release, there was a solid chance your computer ran like crap, or your gadgets didn't work, since drivers weren't available yet. That's not how it shakes down with Windows 7. The hardware requirements for Windows 7 are basically the same as they are for Vista, the first time ever a release of Windows hasn't required significantly more horsepower than the previous one. And it runs better on that hardware, or at least feels like it does. Basically, Windows 7 was clearly designed to fix nearly every bad thing anyone said about Vista.
Microsoft has even corrected the pricing spike that Vista introduced. A full version of Windows 7 Home Premium is $200, down from $260, and if you were lucky, you could've pre-ordered an upgrade version for $50. (Microsoft says that deal has sold out, but we wouldn't be shocked to find it re-upped in the near future, possibly even as we head toward the October 22 launch.) So yes, most of the early Vista problems—performance, compatibility and price, to an extent—will likely not be early Windows 7 problems.
We will keep you up to date on any and all breaking Windows 7 news.
If you installed Vista on your PC within the first month of its release, there was a solid chance your computer ran like crap, or your gadgets didn't work, since drivers weren't available yet. That's not how it shakes down with Windows 7. The hardware requirements for Windows 7 are basically the same as they are for Vista, the first time ever a release of Windows hasn't required significantly more horsepower than the previous one. And it runs better on that hardware, or at least feels like it does. Basically, Windows 7 was clearly designed to fix nearly every bad thing anyone said about Vista.
Microsoft has even corrected the pricing spike that Vista introduced. A full version of Windows 7 Home Premium is $200, down from $260, and if you were lucky, you could've pre-ordered an upgrade version for $50. (Microsoft says that deal has sold out, but we wouldn't be shocked to find it re-upped in the near future, possibly even as we head toward the October 22 launch.) So yes, most of the early Vista problems—performance, compatibility and price, to an extent—will likely not be early Windows 7 problems.
We will keep you up to date on any and all breaking Windows 7 news.
Subscribe to:
Posts (Atom)
