Be Aware of Hurricane Irene Phishing Scams

 

Emailing is a powerful and convenient tool to use when communicating. Unfortunately, cyber criminals and scammers use emails as a means of luring potential victims. Their main goal is to trick people into divulging sensitive information.

Reports of phishing scams and malware campaigns that relate to topics that are of high interest to the news media or United States Government, like Hurricane Irene, tend to increase.
Cyber criminals masquerade as trustworthy entities and use phishing in an attempt to acquire your usernames, passwords, and credit card details.

Social networks are the prime target of phishing.

It is critical that you exercise caution in handling your emails even if an email appears to originate from a trusted source. Be especially cautious of the attachments and hyperlinks related to Hurricane Irene.

The United States Computer Emergency Readiness Team (US-CERT) encourages everyone to follow preventive measures to provide protection from phishing scams and malware campaigns. The following is a few guidelines to help you in being safe:

• Don’t follow unsolicited web links that are in email messages
• Make sure you have an up-to-date antivirus program running on your computer
• Be cautious of email attachments
• Report any phishing to US-CERT by sending them an email: phishing-report@us-cert.gov

 

Protecting yourself from email scams is an ongoing process and requires us to be aware of the potential of online predators and the tactics they use. This is why the US-CERT reminds us tobe vigilant for potential cyber attacks and activity of individuals who are seeking to capitalize on the interest of Hurricane Irene.

It’s also important to be aware that phishing attacks that appear to come from charities and organizations may, in fact be a cyber scammer. These attackers often take advantage of major political elections, holidays, economic concerns, health scares and epidemics, and natural disaster.

Above all, do NOT provide personal information about yourself or organization.

Do NOT include your entire birth date, phone number, and address on emails or social networks.

Change your passwords periodically to avoid being hacked.
It’s unfortunate, but it’s reality. There are criminals on the Internet just like there are unlawful people in our cities and surrounding areas where we live.

Protect yourself, your family, and your business from scams that come in the form of emails. Take the advice of professionals who are looking out for your best interest.

 

Source from: (http://technorati.com)

 

For Expert & trusted Services

Call us @  1-855-787-7886  or

Email us at  “support@tecmend.com”,

Our Expert will get in touch with you shortly.

Pay Us After Resolution

Visit: http://www.tecmend.com

 

 

HOW WINDOWS TECH SUPPORT SCAMMERS WALKED RIGHT INTO A TRAP SET BY THE FEDS

Sometimes scammers are just as likely to fall for a good con as anyone else.

As we’ve written on numerous occasions, scammers have made an estimated tens of millions of dollars by tricking computer users into thinking their PCs are infected. The scammers cold call people, tell them that harmless error messages in the Windows Event Viewer are actually signs of a major problem, and then convince them to install a remote desktop program that gives the scammer access to their computer. The scammers pretend to fix the computer and charge its owner for the unnecessary and imaginary service. The same tricks can be used to steal users’ passwords and private information.

Commonly used remote desktop programs include TeamViewer and LogMeIn, the latter of which posts a warning telling customers to beware of “malicious third parties posing as LogMeIn.”

After our most recent story on this topic, we heard from the makers of a remote desktop tool calledSupremo, another program used by scammers.

“For us it’s really frustrating,” Digital Marketing Manager Davide Costantini of the Italy-based Nanosystems told Ars via e-mail. “Non-tech-savvy users are the weakest target and they easily misunderstand that we’re not affiliated with the scammers. They write us e-mails asking for refunds (the scammers make them pay for the support) or looking for further support.”

“The scammers use Supremo as a tool to get control of remote computers and steal passwords and other relevant information,” he also said. “Of course the user of the host PC has to authorize the inbound connection in order to allow the remote control. But the scammers convince him that he needs assistance. Usually they tell the victim they’re calling from Microsoft and that they have problems with the Windows license or that they have malware in the PC.”

One victim took to Nanosystems’ Facebook page to say, “i don’t appreciate you calling and telling me my event logs were viruses!! SHAME ON YOU! I will NOT download your software!!”

“Sir, I’ve been hacked this morning with one of your remote control programs,” one e-mail to the company read. “Is there any way that I could reverse it or make sure that the people who hacked me do not have access to my computer? They have access to everything on my computer—banking and passwords. They gave me your e-mail address as a reference.”

“i signed up with you paid you and now can not get a hold of you,” another irate victim wrote.

Supremo is a fairly new product; the final version was released in September of this year after two years of development and beta testing. It’s free for personal use and requires a subscription for commercial use. It has about 172,000 users, having built up a large following during the public beta, Costantini said. Nanosystems also makes backup software and other IT products.

Legal action is no cure-all

The Federal Trade Commission last year charged 14 corporate defendants and 17 individuals with perpetrating these types of scams, and it won a temporary restraining order to freeze $188,000 worth of assets and shut down their operations. But many other scammers continue their nefarious ways.

NanoSystems hasn’t taken legal action, as that would be “expensive and we know it would be really difficult to reach the scammers,” Costantini said. “We would prefer to prevent their activity with technical solutions.” Nanosystems doesn’t record its users’ IP addresses, “for privacy and legal compliance reasons,” which also limits its ability to identify cyber criminals, he said.

Costantini says he replies to every message from victims. The company also added an alert that pops up on its remote access software. It reads: “Note: by starting the Supremo connection you are allowing the remote control of your computer/server. Don’t allow unknown people to get control of your machine. Nanosystems and Microsoft don’t contact individuals offering paid support services. If someone called you for this reason he’s probably a fraudster.”

The company prefers not to put a “scary message” in its software, “but we were forced,” Costantini said. “I hope this measure will reduce their activity.”

 

Source From: (http://arstechnica.com)

 

For Expert & trusted Services

Call us @  1-855-787-7886  or

Email us at  “support@tecmend.com”,

Our Expert will get in touch with you shortly.

Pay Us After Resolution

Visit: http://www.tecmend.com

 

I fell for a Craigslist job scam

I wish I’d seen the red flags, but unemployment made me desperate enough to take a risk I now regret

 

 

 

 

A professor once told a class at my university that “all of society is playing itself out on Craigslist.” He was right, it’s all there: the things we value and no longer want, the spaces we live in, our mating calls. There’s the Good Samaritan who posts an ad seeking the owner of a diamond ring he found. There’s also the con artist taking advantage of a few million desperate job seekers. Unfortunately, that’s what I found.

I had recently graduated college when Craigslist began to consume my life. I was 28, old enough to remember the joy of sitting in my kitchen with a pen and a cup of coffee, circling help wanted ads in an old-fashioned newspaper. But I don’t need to tell you that Craigslist is way better than print classifieds ever were. It’s free, it’s instant, it’s hyper-local. Still, Craigslist does require a certain amount of street smarts; it can be a landmine of check fraud Trojan horses, fake website switcheroos and other gray-area opportunities. This isn’t news, of course. So while you wouldn’t want your grandmother using Craigslist, for fear she’d wire her identity to a Nigerian prince, those of us who’ve grown up with the seediness of the Web realize it’s no big deal. We know what to avoid on the Internet, the same way we know to avoid a dark alley on an unfamiliar street. Well, I thought I knew, anyway.

It was about four days after graduation that I realized I was heading toward disaster. Without my student financial aid money coming in, I wouldn’t be able to pay my bills with my joke of a part-time job. If I paid my upcoming rent, I wouldn’t even have gas money to get to that job. My degree offered few prospects in the city where I live, and breaking my apartment lease to move somewhere else would cost thousands. As panic set in, I abandoned the dream of starting a career and set out to simply stay afloat.

I was picky at first. I responded only to ads for parking lot attendants and busboys and landscapers. After a week, I responded to everything. I even took two days of work holding a sign at a busy intersection to promote an Indian lunch truck. I grinned when the boss handed me a total of $60 for those two days, but I’m pretty sure I was just high on exhaust fumes.

The Bureau of Labor and Statistics reported the unemployment rate in Tampa, Fla., at an even 10 percent that month. It certainly seemed worse than that, because even the most terrible jobs on Craigslist filled fast. I answered an ad looking for someone to deliver a pet cat to a town an hour away for $30. When I called, an exasperated cat owner told me she’d already hired someone, and turned down at least 40 other hopefuls in the hour since she’d put up the ad.

I was at my part-time job one evening scouring Craigslist and weeding out the usual dead ends. Potential scams were any vague listing that included phrases like “work from home,” “make over $1500 in first week” or  “own your own business cleaning chimneys” (not a joke). That night I responded to a normal-sounding ad for a “part time data entry person to help with a temporary computer project.”

When I got an email back the next day, it was a long, detailed response about how I could make $30 an hour signing up for “offers.” There were immediate red flags: It involved working from home and making a lot of money for doing little. Another bad sign was that the job described in the email was nothing like the one described in the original ad — a classic bait and switch.

But there were differences too. For one, the email wasn’t written in the weird, incomprehensible grammar that spam usually comes in. The writer, Aaron, made an assuring reference to the fact that I probably thought it was a scam. Most perplexing of all, Aaron offered to call me on the phone to prove he was legit.

I don’t trust anyone. I think it started on Christmas Eve when I was 5 and noticed that Santa Claus had a curl of black hair sticking out of his hat, much like Uncle Tony’s hair. For four more years I sucked it up and played the game, pretending to buy their excuse that Uncle Tony’s “on the toilet,” but I decided that once I grew up, I wasn’t going to be anyone’s sucker ever again. I closed Aaron’s email and planned to forget about it.

But I could not.

Even as I scrolled through other job listings on Craigslist that day, my mind kept returning to Aaron’s email, particularly the last line: “Worst case – it’s not for you and you wasted 10 minutes.  Best case – you make $600 extra per month at your leisure.”

Hoping for a dose of reality, I forwarded the email to my one friend more untrusting and cynical than I was — a New Yorker. Her opinion was that even though she was “99 percent sure” it was a scam, it couldn’t hurt to go one step further and just talk to Aaron. Coming from her, that was a ringing endorsement.

I started thinking. Surely, out of the billions of pop-ups and banners and emails floating around the Internet, touting things like free iPads and male enhancements and getting paid to take surveys, at least one out of all of them had to be grounded in a shred of truth, right? Couldn’t I have stumbled upon the one easy-money offer on the entire Internet that was for real? Wouldn’t I be a genius when my leap of faith paid off, and all those skeptics who deleted Aaron’s email missed out? Didn’t I want to avoid the shame and the shouting when the rent came due and I had to tell my girlfriend I didn’t have it?

I wrote Aaron and he called me from an unblocked Wayne County, Mich., number. He sounded young and all-American. We chatted about fantasy football, and how his team sucked. Then he explained the job. Just register on a website and give them his referral number. Then use the links on that site to sign up for trial offers of services like the Disney Movie Club, and Netflix and Creditreport.com. The trials would cost between $1 and $5, which I’d pay with my own debit card. I’d get it back soon. The idea here was that some loophole had been discovered in these companies’ marketing campaigns, and we would be the beneficiaries. Every time I signed up for five trials Aaron was going to deposit $50 in my PayPal account. Aaron made his money by referring people like me. “Call me any time you need help,” he said, soothing my nervousness.

So I went for it. I must have signed up for 15 trials that first day, determined not only to make money at it, but more money than anyone else. The week went on, and the referral site started to update my account with little green check marks next to the verified offers I’d completed, just like Aaron said. Those check marks made my heart pound. Every one of them meant $10 in my pocket.

Once I’d had about $100 worth of offers “go green” I messaged Aaron for my payment. He told me I had to verify my identity by sending in a snapshot of my driver’s license with any sensitive info blacked out, and then he’d pay me on Friday, when he paid all of his people at once. I sent the photo and waited.

Friday came and went. No payment. I wrote to Aaron. No response. I tried to find Aaron on Instant Messenger where we’d talked before. He wasn’t logged on. He was always logged on. I called the Michigan number. The user I was trying to reach was “not currently available.” It was a prepaid phone with no minutes left.

“Aaron” had cut me off.  He was never going to pay me, or any of the other people I imagined he’d hooked in. Of course, this realization didn’t stop me from continuing to email him every day for the next week anyway. First politely, in case there’d been some sort of honest mistake, then by screaming at him in all caps that I wanted my money “NOW!” Neither technique got any response. My money and my precious time were gone. Aaron was gone. I was a sucker holding a laptop like a bottle of snake oil.

Mysterious charges started showing up on my bank statement. It may not sound like a big deal, but calling to cancel my debit card was an especially low moment in my life. I tried to direct my anger at the scam artist, but I could not. I was too ashamed, and too angry with myself. I wasn’t supposed to fall for an obvious Internet scam. I was smart, and young, and had grown up using the Internet. I told no one.

Like the professor said, all of society is playing itself out on Craigslist. Scammers know there are people like me out there — people whose desperation pushes them to a point where they take risks they might not otherwise. But in a broader sense, scams work because of an even more powerful emotion: hope.

When I visit Craigslist each day, I see so much more than jobs and futons and apartments. I see hope. Sometimes it’s hope in the form of a position that could launch my career; sometimes it’s just a catering gig that could pay my overdue phone bill. Sometimes it’s just an offer that was too good to be true: hope that the slow, difficult climb to making ends meet could move at the speed of broadband.

 

Ource from:  (http://www.salon.com)

 

For Expert & trusted Services

Call us @  1-855-787-7886  or

Email us at  “support@tecmend.com”,

Our Expert will get in touch with you shortly.

Pay Us After Resolution

Visit: http://www.tecmend.com

 

 

On the Net, a scam of a most scholarly kind

First came the spam emails professing faith in the recipient and requesting the safekeeping of millions of dollars that the sender, located in some distant land, had fortuitously chanced up. Many “lucky” recipients walked into the trap only to lose money.

The scamsters then moved on to hacking the email accounts of individuals and sending distress emails to all their contacts seeking money. In the past few years, as awareness spread of ‘419 scams’ — named after the numbered section of the Nigerian Criminal Code dealing with fraud — the pitches have become ever more focused and sophisticated. The latest — and arguably the most insidious — form: Open Access “journals.”

Unlike subscription-based journals like, say, Nature, Econometrica or the American Journal of International Law, Open Access (OA) journals are freely accessible online. The business model revolves around the author-pay mode — where researchers pay for publishing their work.

This model has become an academic game-changer in the last decade. With the number of genuine OA titles proliferating by the day, and even reputed publishing houses like the Nature Publishing Group jumping on the bandwagon, keeping track of the new additions has become extremely difficult, particularly by scholars in developing countries. The author-pay mode, the number of titles, and the average developing country researcher’s inexperience in scholarly communication have provided the perfect milieu for electronic ‘dons’ to make a killing.

Modus operandi

Their modus operandi is to send mails to researchers and scientists soliciting manuscripts but never mentioning the processing fee charged per “article” published. Many of the bogus “journal” websites do not mention the charges. When they do, they are anywhere between $100 and $1,800. But some journals, like ‘Academy Publish’, offer a “discount” up to 75 per cent. “We currently offer a 75 per cent discount to all invitees,” the journal website states. The ‘Asian Journal of Mathematical Sciences’ charges $250 per manuscript. But it offers a bait: “If you do not have funds to pay such fees, you [sic] will have an opportunity to waive each fee up to 50 per cent. We do not want fees to prevent the publication of worthy work.”

If keeping the processing fee low is one way of enticing researchers, all fake journals, as a rule, promise quick processing time. With some publishers offering up to 200 journals, they ensure that a variety of titles covering every imaginable area of specialisation is available. Interestingly, only some of these titles have any “papers” listed and even these cover very different fields from medicine to physics to chemistry in one “issue.” Most of these ‘journals’ would not have progressed beyond the third volume. For instance, the Discovery group of publications has many “titles,” but only Discovery Science has about half a dozen “papers,” all from authors based in India.

Speaking to The Hindu, one of the authors from a reputed institution in Coimbatore, Tamil Nadu, expressed complete ignorance about the status of a ‘journal’ he had contributed an article to. So what prompted him to choose this ‘journal’? “I got an email from them asking me to consider sending my paper. I also saw other papers published by authors based in India”.

While many titles do not have editors listed on the websites, a few others carry the names of respected researchers from reputed institutions. “I get e-mails from the predators’ victims. Some have been named as members of editorial boards without their knowledge or permission,” writes Jeffrey Beall, inNature. Prof Beall is Scholarly Initiatives Librarian at the University of Colorado, Denver and regularly updates his blog Scholarly Open Access (http://scholarlyoa.com/individual-journals/) with exhaustive posts on several issues pertaining to predatory publishing.

Unaware

Prof. Natarajan Muthusamy, Associate Professor of Internal Medicine and the Ohio State University Medical Center has been named as the Editor-in-Chief of a journal from the OMICS Publishing Group,Journal of Postgenomics: Drug & Biomarker Development. “I am not aware that I am Editor-in-Chief [of this journal]. I do not recall having committed to this job,” he told The Hindu in an email.

Aside from soliciting scholarly papers, emails requesting scientists to become reviewers, editors and editors-in-chief are not uncommon. “I receive at least two mails a week soliciting papers; also to become a reviewer,” says Dr. Soumya Swaminathan, Director of the Chennai-based National Institute for Research in Tuberculosis. Dr. V.D. Ramanathan, who recently retired as a senior scientist from the same institute, has the same story to tell. “I get three to four mails a week. Some solicit by sending personalised mails where they cite my papers published in reputed journals.”

“They want others to work for free, and they want to make money off the good reputations of honest researchers,” Prof. Beall explains.

How to spot a fake

So how can researchers inexperienced in scientific publishing identify a fake journal? The first stop should be Prof. Beall’s blog where exhaustive lists (http://scholarlyoa.com/publishers/ andhttp://scholarlyoa.com/individual-journals/) of counterfeits have been listed out. The lists are a product of research done assiduously since 2009, first by following up on email solicitations and then based on tip-offs by scholars. “[They can] consult my list. Discuss with senior colleagues or mentors [to know] which are the best journals,” he told The Hindu.

Caution

Email solicitations are sent out by most, if not all, of the OA publishers. Hence that criterion alone should not be used for determining the status of a journal. Aside from the list of fake journals, all researchers should make it a point to read the exhaustive criteria listed out by Prof. Beall in his August 4 post (http://scholarlyoa.com/2012/08/04/criteria-for-determining-predatory-open-access-publishers/) to separate the wheat from the chaff.

Even if one were to accidentally chance upon these fakes, the websites replete with grammatical mistakes should serve as a giveaway. Many will have at least one blank dropdown box.

Some have titles that are a near replica of genuine ones. For instance, Springer’s Journal of Cloud Computing and the fake one from IBIMA Publishing are one and the same, except that Springer’s has a subtitle, which does not show up in Google’s search results.

At times even a glance at some of the websites should be sufficient to identify a bogus. For instance, the home page of Antarctic Journals group, which has twinkling stars as the background and titles presented in garish colours, should serve as a warning.

But some are too close to the original. Elixir Online Journal published from India is one such instance. “It [Elixir] closely copies the Elsevier logo, and its papers copy the Elsevier layout. The journal’s goal is to look as legitimate as possible in order to get authors to submit papers and submit the author fees,” Prof Beall notes. “While it may contain some quality articles by those authors who have been fooled, I recommend that readers remain sceptical of the ‘journal’s content.”

The benchmark

But Scientific Research Publishing (SCRIP) takes the cake for imitation. Apart from correctly assigning and using DOI (Digital Object Identifier), it contains some quality “papers.” “Because the publisher is so successful at making its web presence seem legitimate, it has attracted some quality article submissions. Nevertheless, it is really little more than a vanity press,” he writes.

The ominous part is the wilful use of such “journals” to publish low-quality work or manuscripts that have been rejected by genuine publishers. A young researcher can use this medium to increase his publication list. The publish-or-perish atmosphere exerts tremendous pressure on senior researchers. This forces some to resort to unethical practices like plagiarism, data falsification and fabrication.

Will these fake journals become a most sort-after destination by such scientists? “I think predatory publishers have the potential to do irreparable harm to scholarly communication. Because many of these publishers do not have an honest peer review, articles that represent pseudo-science are being accepted and read,” Prof. Beall warns.

David Knutson, spokesperson for the Public Library of Science (PLoS), a leading OA group, says the problem is not with open access. “There is no evidence that … quality of peer review is worse for OA vs toll access journals,” he writes in an email to The Hindu. “There are many bogus publishers and bogus journals. Some of them are subscription, some of them are ‘free’ funded by commercial interests, and some of them are OA. The dodgy OA ones are pretty easy to spot. The dodgy subscriptions ones are somewhat less so in many cases because they exist within ‘trustworthy’ publishers.”

With no organisation or system in place to check the entry of counterfeits, the onus is on researchers to decide the reliability of what they read, and where to publish their work.

Source from:  (http://www.thehindu.com)

TECH TIP TUESDAY: ONLINE HOLIDAY SHOPPERS BEWARE OF EMAIL SCAMS

 

Online Shoppers: Beware of Shipping Email Scams!

Scammers are taking advantage of the holiday shopping season using fake email shipping notifications resembling those of FedEx, UPS and the United States Postal Service. During this cyber shopping month, don’t let a scam fool you into opening a virus on your computer.

How the Scam Works

You receive an email message that appears to be a shipping notification for a package. You’ve been doing your holiday shopping online, so you figure it must be something you’ve ordered. Out of curiosity, you open the email and attachment. When you click on the file, you find that it isn’t a tracking notification at all. It’s really a virus that will download to your computer. Typically, these viruses phish for personal and banking information on your machine. But, the FBI has recently warned about the resurgence of a type of virus called “ransomware.” Once downloaded, this virus will lock your computer and urge you to pay a ransom to the responsible scammer. Like all scams, this one has many variations. Scammers have posed as FedEx, UPS, USPS and even big online retailers, like Amazon. They also vary the content of the emails. A common version of this scam is a fake delivery failure notification. Scammers claim the attached virus is the receipt you need to collect your package from the local office.

Tips to Avoid Email Scams

You can detect common email scams by following these tips:

Don’t believe what you see. Scammers make emails appear to come from a reputable source. Just because it looks like an “@ups.com” address does not mean it is safe.
Be wary of unexpected emails that contain links or attachments. As always, do not click on links or open the files in unfamiliar emails.
Beware of pop-ups. Some pop-ups are designed to look like they’ve originated from your computer. If you see a pop-up that looks like anti-virus software and warns of a problem that needs to be fixed with an extreme level of urgency, it may be a scam.
Watch for poor grammar and spelling. Scam emails often are riddled with typos.
Scam emails try to get you to act before you think by creating a sense of urgency, using phrases such as “immediate action is necessary”. Don’t fall for it.

Note: FedEx and UPS are BBB Accredited Businesses.

Source from: (http://www.technologyxperts.com)

 

For Expert & trusted Services

Call us @  1-855-787-7886  or

Email us at  “support@tecmend.com”,

Our Expert will get in touch with you shortly.

Pay Us After Resolution

Visit: http://www.tecmend.com