Twitter is good fun for millions -- and a commercial opportunity akin to email for people who want to market their products and services, including, of course, Twitter spammers.
Since some people eventually accumulate many thousands of followers, they have a ready audience for whatever they're trying to sell -- whether it's an opinion or a birdhouse. (Some celebrities and politicians have over a million followers.)
Hardly surprising then that the mushrooming growth of this social networking site has given birth to a number of Twitter scams.
Here are the main types of Twitter scams:
1. "Easy-money, work-from-home" schemes
With this Twitter scam, firms claim they can show you how you can make money by promoting other people's products to them.
They charge a modest sign-up fee, typically a couple of dollars, but when you pay (with your credit card) you're also signing up for a recurring monthly membership fee of around $40 for ongoing tips.
Now, there are many legitimate membership sites that charge recurring monthly fees. However, what makes these Twitter scams is that the membership explanation is either completely hidden or non-existent -- and it's almost impossible to cancel and get your money back.
Needless to say, the only people making money from this scheme is the Twitter scam artist.
For more on phony work-from-home schemes, check out these articles:
Top 10 Work At Home and Home Based Business Scams
Work At Home Jobs: How to Avoid Getting Scammed
2. Promises of thousands of instant followers
Whether you want lots of followers out of personal vanity or to plug misguidedly into the Twitter scam outlined above, you might be tempted to sign up for a service that offers to deliver thousands of followers literally overnight.
They claim to be able to do this by identifying other Twitter users who automatically follow anyone who follows them.
Some even claim they have built up databases of people according to their interests, so you can be sure you are targeting the right people with your "tweets."
Well, they may or may not be able to do all of these things but they're really no different from people who sell email addresses to spammers.
They charge for the service, of course, and if you buy, you could end up being accused of trying to send Twitter spam and be banned from Twitter.
3. The Twitter phishing scam
Well, what did you expect? Anyplace where there's a chance of netting someone's personal details is a haven for phishing -- the technique of fooling people into disclosing things like passwords, Social Security numbers and other confidential information.
Twitter phishing scammers have a number of different tricks for doing this but they mostly boil down to the same fatal step -- getting you to click a link that takes you to what appears to be a Twitter sign-on page where you give them your password.
Once they have that, they can pretend they're you and use your account for evil purposes -- like spreading more Twitter spam or infecting other people's computers.
One sneaky Twitter scammer invited followers to make up a username using their answers to three common sign-on secret questions, "just for fun."
For example, your first pet's name, your mother's maiden name and your first car, might yield: TrixieDoeTBird.
Scores of people responded, giving this Twitter scammer a possible route to hacking into their various online accounts by answering their secret question to get a new password!
Read more about phishing in this Scambusters article: Phishing Scams: How You Can Protect Yourself.
4. Spreading viruses and spyware
This Twitter scam is in full swing, using tempting messages like "Just saw this photo of you" followed by a link that, when you click it, takes you to a site that uploads malware onto your computer.
Sometimes, by exploiting the phishing technique outlined above, the message may seem to come from one of your regular followers, perhaps even a friend or relative. In reality, their Twitter account has been hijacked.
There are some clever variations of this Twitter scam. For instance, one site offered a program that, when installed, supposedly would tell you who had been checking out your Twitter profile.
It did nothing of the sort. Instead, it installed spyware.
5. Other money-making Twitter scams
Twitter scammers have developed lots more cunning ideas that try to fool you into parting with your hard-earned cash, some of them variations of scams we've seen many times before in other guises.
For instance, you may get a message from someone you know claiming to be in trouble and asking you to wire cash. In fact, their Twitter account has been hijacked by a scammer.
Or, you may have been tweeting about a product you want to buy, when you get a "direct-message" tweet from someone who claims to work for the manufacturer or retailer and offers to sell you one at a bargain price. Of course, they want your credit card number.
Then there's the tweet that tells you you've won a cell phone. You just have to send them your existing number so it can be transferred to the new device. In fact, you're signing up for a monthly astrology service charged to your phone account.
By the time you read this, some other Twitter scam merchant will probably have come up with another ruse to try to relieve you of information or money.
Friday, September 25, 2009
Wednesday, September 23, 2009
Clampi Virus Targets Users at Banks and Credit Card Sites
Keeping up with the latest Web security threats is a daunting task, because viruses and trojans emerge, evolve, and spread at an alarming rate. While some infections like Nine Ball, Conficker, and Gumblar have hit the scene and immediately become the scourge of the cyber security world, others take their time -- quietly infiltrating more and more computers before revealing the true depth of the danger they pose.
One such slow grower is Clampi, a trojan that made its debut as early as 2007 (depending on who you ask) but is only now raising hairs outside professional security circles. Clampi primarily spreads via malicious sites designed to dispense malware, but it's also been spotted on legitimate sites that have been hacked to host malicious links and ads. Using these methods, Clampi has infected as many as half a million computers, Joe Stewart, of SecureWorks, told a crowd at the Black Hat Security Conference in July, USA Today reports.
Once installed on a PC, the trojan quietly waits for you to visit a credit card or banking Web site. When it detects you're on one of the roughly 4,600 financial Web sites it's trained to watch, it records your username and password, and feeds that information back to the criminals. Clampi can even watch for network login information, allowing it to spread quickly through networked PCs (e.g., those in an office). In fact, it seems that businesses have been the primary target of Clampi so far.
According to the Times Online, in July, an auto parts shop in Georgia was robbed of $75,000 when criminals stole online banking information using Clampi. The trojan was also used to infiltrate computers for a public school district in Oklahoma and submit $150,000 in fake payroll payments.
Part of what makes Clampi so worrisome is the sheer breadth of its reach. Most trojans of its kind only watch about 30 different financial sites, Stewart told Network World. Clampi, on the other hand, watches over 150 times as many. Additionally, the coders of the malware have closely guarded their creation, wrapping it in heavy encryption. That tactic has so far kept security experts from identifying all of the sites being watched by it.
As usual, the best defense starts with good browsing habits. Also, make sure to have an up-to-date anti-virus package installed and a quality firewall set up. The Telegraph also suggests making all online purchases with a pre-paid credit card, in order to limit the damage in the event your computer does become infected.
If you are unsure if your company network is safe, please contact WebAddo at 770-217-7350 as soon as possible. Security measures can be implemented that will ensure the privacy and security of your sensitive data and information.
Thursday, September 17, 2009
Fan Check Facebook Virus
We’ve received tips about a Facebook application called Fan Check; reports say this application is actually a virus, and should be avoided at all costs. We’ve dug a bit deeper, however, and it seems more likely that the rumor about Fan Check (even if the actual virus exists, which we’ve found no proof of) has been used to lead users to various malware and spyware ridden sites.
This alleged virus has only been described on a couple of blogs, but we’ve found no reports about it on sites of security firms such as McAfee or Symantec.
The virus supposedly acts in the following way: if you try to access a Facebook application located at apps.facebook.com/fancheck/ (previously called StalkerCheck), you’ll get this message:
“FanCheck is adding new features and new capacity. This could take a few days. Please become a fan, and we’ll send you an update when we’re back online”.
According to sources, merely becoming a fan will “infect” your Facebook account, which is highly unlikely. All other reports about the virus seem to be created by spammers themselves. Google lists the phrase “facebook fan check virus” as a popular trend, but there lies the problem; if you actually try to search for this phrase, you’ll be bombarded by sites containing malware.
We believe that this is merely a two part hoax: on one hand, you have a defunct application that allegedly lets you see who’s been visiting your Facebook profile – which cannot work due to Facebook’s policies, and all applications claiming to do so are scams. On the other, spammers and malicious hackers are feeding the rumors around this application to lead people to search for a solution, and getting their computers infected by malware in return.
In any case, this is what you should do: stay away from Fan Check application – or any other Facebook application that hints at being able to tell you who’s been visiting your profile. Furthermore, don’t search for the “Fan Check Facebook virus,” as it is most likely a hoax.
This alleged virus has only been described on a couple of blogs, but we’ve found no reports about it on sites of security firms such as McAfee or Symantec.
The virus supposedly acts in the following way: if you try to access a Facebook application located at apps.facebook.com/fancheck/ (previously called StalkerCheck), you’ll get this message:
“FanCheck is adding new features and new capacity. This could take a few days. Please become a fan, and we’ll send you an update when we’re back online”.
According to sources, merely becoming a fan will “infect” your Facebook account, which is highly unlikely. All other reports about the virus seem to be created by spammers themselves. Google lists the phrase “facebook fan check virus” as a popular trend, but there lies the problem; if you actually try to search for this phrase, you’ll be bombarded by sites containing malware.
We believe that this is merely a two part hoax: on one hand, you have a defunct application that allegedly lets you see who’s been visiting your Facebook profile – which cannot work due to Facebook’s policies, and all applications claiming to do so are scams. On the other, spammers and malicious hackers are feeding the rumors around this application to lead people to search for a solution, and getting their computers infected by malware in return.
In any case, this is what you should do: stay away from Fan Check application – or any other Facebook application that hints at being able to tell you who’s been visiting your profile. Furthermore, don’t search for the “Fan Check Facebook virus,” as it is most likely a hoax.
Thursday, September 3, 2009
"Life is Beautiful" Virus
It seems like everyday a new virus is released int cyberspace. However, many of these alerts that we receive are false. For instance, many of you may have recently received the following email:
Be Extremely Careful especibally if using internet mail such as Yahoo, Hotmail,Gmail,AOL and so on. bThis information arrived this morning direct from both Microsoft and Norton.Please send it to everybody you know who has access to the Internet. You may receive an apparently harmless email with a Power Point presentation 'Life is beautiful.' If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES , and delete it immediately ... If you open this file, a message will appear on your screen saying: 'It is too late now, your life is no longer beautiful.' Subsequently you will LOSE EVERYTHING IN YOUR PC and the person who sent it to you will gain access to your name, e-mail and password. This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it.The virus has been created by a hacker who calls himself 'life owner.' PLEASE SEND A COPY OF THIS EMAIL TO ALL YOUR FRIENDS and ask them to PASS IT ON IMMEDIATELY
This is a hoax. There is no such virus. So before following the email's instructions and forwarding this to 10,000 of your closest friends and family, please visit http://www.snopes.com/computer/virus/virus.asp to make sure that the threat is legit.
Be Extremely Careful especibally if using internet mail such as Yahoo, Hotmail,Gmail,AOL and so on. bThis information arrived this morning direct from both Microsoft and Norton.Please send it to everybody you know who has access to the Internet. You may receive an apparently harmless email with a Power Point presentation 'Life is beautiful.' If you receive it DO NOT OPEN THE FILE UNDER ANY CIRCUMSTANCES , and delete it immediately ... If you open this file, a message will appear on your screen saying: 'It is too late now, your life is no longer beautiful.' Subsequently you will LOSE EVERYTHING IN YOUR PC and the person who sent it to you will gain access to your name, e-mail and password. This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the antivirus software's are not capable of destroying it.The virus has been created by a hacker who calls himself 'life owner.' PLEASE SEND A COPY OF THIS EMAIL TO ALL YOUR FRIENDS and ask them to PASS IT ON IMMEDIATELY
This is a hoax. There is no such virus. So before following the email's instructions and forwarding this to 10,000 of your closest friends and family, please visit http://www.snopes.com/computer/virus/virus.asp to make sure that the threat is legit.
Tuesday, September 1, 2009
The Worst Computer Viruses -Part I
As more computer users become wise to viruses, the criminals behind them are often a few steps ahead. Some malware infects your computer without you ever realizing it and then can truly mess up your life. Others arrive as a result of user mistakes, then do their dirty work undetected. We've got the scoop on 12 of the most devious and crafty viruses currently out there, including information on how they can harm you and tips on how to protect yourself against them. Here are a few:
The Storm Worm
This virus is one of the nastiest and most prolific out there. It's a backdoor Trojan - malicious software disguised as a harmless program - that is spread to PCs via fake news and holiday greeting card e-mails. Once infected, your computer becomes part of a botnet, a network of computers running and spreading the malware at an alarmingly fast rate -- so essentially your computer not only slows down, but also serves as a perpetrator of the crime. How to protect yourself? Don't open any files in e-mails from people you don't know, turn on your e-mail program's spam prevention tool, and make sure your virus protection software is up-to-date.
Mal/Hupig-D
Mal/Hupig-D runs in the background of Windows and steals your passwords, credit card information, and the like. Virus scanners look for it now, but rely on your common sense first and don't click on suspicious e-mails. If you're worried that your computer might be infected with it, don't enter your passwords or credit card information until you get it looked at by a computer professional.
OSX/Hovdy-A
Sorry, Mac users, but you're in danger too. This Trojan affects computers using Mac OS X 10.4 or 10.5, and lets the bad guys use your Apple Remote Desktop agent for a host of disturbing activities. The virus can be used to monitor your keystrokes, transmit passwords, turn on file sharing, take screenshots, and, creepiest of all, take pictures with the built-in iSight camera -- all unbeknownst to you! It's spread through downloads that you have to agree to, so if you stay sharp, avoid sketchy utilities, and keep your anti-virus protection current, you'll be fine.
The Facebook Trojan, aka Troj/Dloadr-BPL
Facebook users have probably seen it happen - a friend posts a link to a Web site on other people's walls, urging them to see a funny video or find out who has a crush on them. Just as with spam e-mails, the link takes you to a bogus site that tells you to download a newer version of Flash, which turns out to be Troj/Dloadr-BPL. This virus then lets hackers take over your computer to spread spam and malware. Basically, criminals are using Facebook because they think users are more likely to visit a link if a friend tells them to. The solution? Don't click it, or better yet, stop using those annoying Facebook Wall programs anyway. Be particularly wary of videos posted by people who don't usually send videos (at least to you).
Zlob
Beginning in 2005, the Zlob Trojan has been infecting computers by convincing users they need to download a codec to view a spam or porn video. The Trojan then reroutes your Internet traffic through a hacker's server. The end result is a computer that shuts down randomly and reboots with confusing text messages. The newest variation of Zlob actually works on your Wi-Fi router by running through a list of default username and password combos, which many users never bother to change. In addition to the usual anti-virus and trusted downloading advice, this time make sure to change your router's security settings and passwords on a regular basis. It's that easy.
Mebroot
Starting around the last new year, the Mebroot virus began infiltrating computers' master boot records, the part of the hard drive that loads the operating system, by installing itself from untrusted Web sites. The virus installs keyloggers that are triggered when the infected computer is used to visit any of 900 financial sites, stealing usernames and passwords any time they're typed (and thus eventually stealing your money or identity). Unfortunately, his rootkit hides from most virus protection software, but you can visit GMER to get software that scans and deletes this menace.
As you are reading this, there are hackers and viruses infecting computers and stealing data. Don't let this happen to you. Your data and the data of your customers is valuable and should never fall into the wrong hands.
If you suspect that any of your office computers may be infected, call WebAddo at 770-217-7350 as soon as possible for a Technology Appraisal.
The Storm Worm
This virus is one of the nastiest and most prolific out there. It's a backdoor Trojan - malicious software disguised as a harmless program - that is spread to PCs via fake news and holiday greeting card e-mails. Once infected, your computer becomes part of a botnet, a network of computers running and spreading the malware at an alarmingly fast rate -- so essentially your computer not only slows down, but also serves as a perpetrator of the crime. How to protect yourself? Don't open any files in e-mails from people you don't know, turn on your e-mail program's spam prevention tool, and make sure your virus protection software is up-to-date.
Mal/Hupig-D
Mal/Hupig-D runs in the background of Windows and steals your passwords, credit card information, and the like. Virus scanners look for it now, but rely on your common sense first and don't click on suspicious e-mails. If you're worried that your computer might be infected with it, don't enter your passwords or credit card information until you get it looked at by a computer professional.
OSX/Hovdy-A
Sorry, Mac users, but you're in danger too. This Trojan affects computers using Mac OS X 10.4 or 10.5, and lets the bad guys use your Apple Remote Desktop agent for a host of disturbing activities. The virus can be used to monitor your keystrokes, transmit passwords, turn on file sharing, take screenshots, and, creepiest of all, take pictures with the built-in iSight camera -- all unbeknownst to you! It's spread through downloads that you have to agree to, so if you stay sharp, avoid sketchy utilities, and keep your anti-virus protection current, you'll be fine.
The Facebook Trojan, aka Troj/Dloadr-BPL
Facebook users have probably seen it happen - a friend posts a link to a Web site on other people's walls, urging them to see a funny video or find out who has a crush on them. Just as with spam e-mails, the link takes you to a bogus site that tells you to download a newer version of Flash, which turns out to be Troj/Dloadr-BPL. This virus then lets hackers take over your computer to spread spam and malware. Basically, criminals are using Facebook because they think users are more likely to visit a link if a friend tells them to. The solution? Don't click it, or better yet, stop using those annoying Facebook Wall programs anyway. Be particularly wary of videos posted by people who don't usually send videos (at least to you).
Zlob
Beginning in 2005, the Zlob Trojan has been infecting computers by convincing users they need to download a codec to view a spam or porn video. The Trojan then reroutes your Internet traffic through a hacker's server. The end result is a computer that shuts down randomly and reboots with confusing text messages. The newest variation of Zlob actually works on your Wi-Fi router by running through a list of default username and password combos, which many users never bother to change. In addition to the usual anti-virus and trusted downloading advice, this time make sure to change your router's security settings and passwords on a regular basis. It's that easy.
Mebroot
Starting around the last new year, the Mebroot virus began infiltrating computers' master boot records, the part of the hard drive that loads the operating system, by installing itself from untrusted Web sites. The virus installs keyloggers that are triggered when the infected computer is used to visit any of 900 financial sites, stealing usernames and passwords any time they're typed (and thus eventually stealing your money or identity). Unfortunately, his rootkit hides from most virus protection software, but you can visit GMER to get software that scans and deletes this menace.
As you are reading this, there are hackers and viruses infecting computers and stealing data. Don't let this happen to you. Your data and the data of your customers is valuable and should never fall into the wrong hands.
If you suspect that any of your office computers may be infected, call WebAddo at 770-217-7350 as soon as possible for a Technology Appraisal.
Subscribe to:
Posts (Atom)
