Not going to Twittertrain.net, just a Phishing attempt!!

So you want to have even more followers, but you don’t know how to do it?   I’ve talked about Getting more followers and tips and tricks to get the people you want.  Now let’s talk about this to a point.

There seems to be automatic post going out with:

“OMG WOW Im getting 100s of followers a day, Check out this site: http://twittertrain.net”

Now going to the site and giving out your password is always a bad idea.   It seems to some people think it is easy to get followers but those who have built up your followers will know just how hard it is sometimes to get more.

I would be willing to guess this is a phishing attempt to get passwords and twitter names for later on.   Some would guess this will just become another way the spammers will use this to spread Scareware.  I am thinking they want to get your password and save it for later use like this or others where they can get more people to click links and buy there fake products.

Twitter and the Acai Berry Spammers

Well According to Sopho’s There seems to have been some hacking going on for the Acai Berry spam. Some of the messages were:

It seems to be a random http://random.CN domain but we’ve talked about this in the past.  Sopho’s isn’t sure how this happen but I have a suspicion that it was a Phishing attack done on the facebook users recent weeks that have the hackers going to other social sites and trying those passwords.

Although I agree with Sopho’s on making sure not to have a dictionary word, I also think users should take care of all your online accounts.   As most people will become aware of is most users use only one password for all their accounts online or only have 3 different passwords for 20 different sites.  This is something that needs to change and you can do that with Roboform to keep your passwords safe and also to make sure they can’t guessed.

If you have been compromised on t witter and only use one password, you can bet all you other accounts have been compromised as well.  You should change your passwords as soon as possible.   You should also make sure in the future not to be tricked into giving out your password which is called Phishing, in which a site with a different url is made to look like Twitter, Facebook, and Myspace log in page.

New Facebook Phishing campaign!

According to Sans Internet Storm,  They have seen some signs of a new Phishing campaign like the Look at this Phishing campaign that went through a few weeks ago.  At the time of writing that report they weren’t being resolved they now are being resolved making you look like you are logging into Facebook:

Sites that are hosting these are in Belgium and are Redbuddy.be, Redfriend.be, and picoband.be.     If you recieve this with these urls you best thing you can do is just to delete them.   Some people have said it is using the term “look at this” I am unsure as to is or not but you can usually tell because of the the URL and if it isn’t Http://www.facebook.com or Https://www.facebook.com then you aren’t logging into Facebook but are logging into a fake site.

We’ve talked about why criminals want to use your account and why they need to get your passwords.  I know they want to take control of your account for one reason or another but that is where the Facebook users need to keep watch on the URLS being displayed when you log into Facebook.    If you did that then you are one step ahead of the nefarious criminals and can be at peace.  Just like the Look at this campaign if you did visit those sites and given out your password it is strongly recommended to reset your password.

Upgrading to Twitter Pro — ztrx.net Phishing attempt in the wild!!

I just got this alert from a friend of mine and I thought I would share it with you.  It looks like there is a new phishing attempt going on with websites try fool it’s users into going http://ztrx.net and From the looks of it. It looks like this:

The message some users got were:

Upgrade to Twitter Pro – Visit http://bit.ly/[CENSORED] to upgrade your account

It seems that if you get this message on your account you should report it to @Spam and let them know. If you happen to get given out your password it is strongly recommended that you reset your password to prevent any further unauthorize access to your accounts. You should change your password as soon as possible. This is the first attempt they have tried this this weekend so be on the look out for more phishing attempts.

Facebook and Twitter Phishing going on today!

According to Techcrunch we have one phishing site ground around peoples inboxes on facebook with it say “Check areps.at”.  You go to the site and you will think your at the facebook login but your not.  I wouldn’t suggest going to any of these sites, it has been reported by Phishtank.

Some of the sites to avoid today are : “nutpic.at, bests.at, areps.at, kirgo.at” each site will make you think your at facebook but this is what most will call a Phishing scam.  Some other things to avoid are some Twitter phshing going on today as well.

According to Trend Micro there is one where the url looks like it is a twitter url but isn’t (tvviter[dot]com).  The site is what people would call a typosquatting site.   This makes people think they are on twitter but aren’t.   If you go to these to sites and have given out your passowrd, it is strongly recommended that your reset them:

Facebook password reset page

Twitter password Reset Page

If you would like to know more about what phsihing is please check out my blog for more information.  Don’t forget to check out the forums for more information on this or just to talk about anything on your mind.

When not to post #twitterpornnames

I’ve heard others call this a scam:

Now Although I know PCworld has made everyone paranoid that this is a scam.  I want to remind people that it was probably just a for fun.   According to Graham Cluely’s blog, He points out why you shouldn’t tell people the important information.

I see no evidence this was done to gather your information but Pcworld has sent out the warnings and made people think this was a scam, or a Phishing attack.  Although this could be used to get the information needed for your Gmail or other accounts.

I do recommend deleting those tweets and reminding people that you are the only ones that can prevent identity theft.  Trend Micro talks about this very detail about the subject but again they don’t think this was conceived as a phishing attempt.   I’ll let you decide but remember tweeting that it is a scam will only keep it on the trends, your best advice is just go on with your life and tell everyone to delete that sensitive information.

It is looking like a Phish to me Niggabook

This site looks to be another phishing attempt, a poor one at best. I go there and it seems that you get the Facebook Login screen. According to:

If it isn’t showing Http://www.Facebook.com or Https://www.facebook.com then it probably is a a phish site.   If you’ve did use your password with this site, I’d strongly suggest changing it.   If I find out more I’ll let you know.   I know that the site is from Godaddy but if this was done by accident or not I do not know.   I don’t make the Name up Niggabook.com is the site and until more things become clear, steer clear of the site for the time being.   When I find out more, you’ll be the first to know!!

Facebook malware sending people to junglemix.in Phishing!

It looks like this is the newest phishing attempt for the Facebook community.  According to Sans, there is malware trying to send out messages to go to “junglemix.in”.  I visited the site and it redirects me to “http://fblight.com/”.   This is a phishing site because you can see from the address bar.   As of writing this post, it has been flagged by Phishtank that this is a phishing site.  I am glad people are reporting these types of sites to prevent people from getting there account stolen.

Find out the other phishing attempts that have been talked about, keep yourself safe.  Also this is a good time to install some free Anti-virus or Free Firewall software to help protect your computer from Malware.

Another Facebook Phishing going on again! (fbaction.net)

(Click image to enlarge it)

It looks like site fbaction.net (Don’t go there) is a phishing site for people today.  It looks like it would send out an Email with the Title being “hello’” and a link to this website.  This is being sent from people friends and should not login to Facebook through this site.  Remember the other Phishing sites that happen with Facebook.

Someone is wanting your password to either spam others or to use it for other nefarious means.   For the time being anyone sending your a link should be sent through facebook and you will examine them one at a time.   You should not got this site.

Some other things you can do if you have done this is to reset your password.  You could also change it manually but you might not be able to use your current password because the Nefarious person has changed the password.  This will allow you to change the password without the current password.   You should also consider using a good Password Manager, this will help you identify a fake Facebook site really easily.

Hijacked Accounts being used to spam

I just read this from Security Fix and Thought I should talk about it some to better help people fix this:

Dear Friend,

New shopping new life!

How are u doing these days?Yesterday I found a web of a large trading company from china,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer most competitive and reasonable price and high quality goods for our clients,so i think we you make a big profit if we do business with them.And they promise they will provide the best after-sales-service.In my opinion we can make a trial order to test that.

Look forward to your early reply!

According to Security, they are advertising the Easylifeing.com domain and have compromised GMAIL and Yahoo Mail.  This resembles the ones that happen to some other Accounts.   Check Yahoo article and the Hotmail Article for other example of compromised accounts.

Hotmail accounts get compromised!!

I received an email on a list and wanted to warn people:

Dear friend,
i would like to introduce a good company who trades mainly in electornic products. Now the company is under sales promotion, all the products are sold nearly at its cost. They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you! It is realy a good chance for shopping.just grasp the opportunity,Now or never!
The web address: http://www.nekcn.com

Seems this is being sent from Hotmail accounts. There are a number of ways someone could be getting a hold of your email address. According to Microsoft forums this seems to delete your email contacts and also send out this in the same time. This seems to be a new spam campaign for this one company. I would guess someone bought advertising from this company and the advertiser is doing some really unmoral things.

The Seriousness of the Twitter Vulnerability?

The main question is how much do you want to know about this?  Yes I am talking about a Vulnerability that could risk your twitter account or even yet inject malious software into the computer.

We’ve seen that there have been twitter phishing in the past, and Facebook phishing have made people wonder out much do we depend on Twitter.

Lance James and Eric Wastl have provide Proof of Concept for this vulnerability, according to Information Weekly:

James cautions that XSS vulnerabilities should be taken seriously because they can reach beyond Web pages. “A lot of people think XSS is limited to the Web,” he said. If there’s another vulnerability in the victim’s browser, the Twitter flaw could be used to launch additional malicious code, he explained.

As you can see there is more to this problem then meets the eye.  For one using the URL redirects could be one way this could be used.  No telling what other vulnerabilities lay for the client side twitter programs.   Twitter has a long way to go to be security minded, and yet Twitter hasn’t said what they will do to fix this problem.

TINYURL being used by scammers and hackers — How to prevent it!!

With Phishing attempts going on with the TINYURL redirect website, I thought I would show you how you could prevent from going to a site you don’t want. Tinyurl.com has a great little feature, although it is a feature based on your cookies. It however will help prevent you from going to a site that you don’t know anything that about. It’s called the Preview Feature, and is available to any user who wants to use it.

As you can see if you enable it and you go to a click on a tinyurl, you will see this:

http://tinyurl.com/6t7ukk

As you can see, if you click any TINYURL links you will automatically be told where that link is redirecting you to. This however only works with there being a cookie left behind in your system to let tell Tinyurl that is has to show the link first. So if you clean your cookies out from time to time, you will need to enable it every time after you clean the browser cookies. This will help prevent you from being phished because you will be able to tell if it is the right site in the first place. If not then you don’t have to visit that site. This should be enabled on all Short URL Sites, I hope they make it a mandatory for any site that redirects. This would help stop phishing and scammers because they can’t hide behind unknown url. Only time will tell though, these sites are always going to have problems but this would solve so many problems.

Phishing sites pop up for IRS!

Well, this just came to light with The Spywareguide blog. I’ve seen some activity about Where’s my refund lately and I thought I tell you how to make sure you’re on the right site. If you’re expecting a refund check the OFFICIAL SITE. The Official Site is http://www.irs.gov and nothing else. If you want to find out about some of the most common Phishing attempts check out the Phishing advice from the IRS.

The Spyware Guide blog talks about sites that looks to be IRS but are actually just phishing for information.  Some of the ones they talk about are:

gicrisis.org/data/refundtax/SearchTAXERR.php

irs-2009.com/refund/refunds.html

collectrefund-irs.com/refund/refunds.html

cimaonline.ca/application/Internal/Revenue/Service/pas.php?certegy_vm=trueportlet_change_1_actionOverrideFchaseonlineFchangeFprocessDetails_windowLabel_portlet_process_pageLabel_page_process

jklabs.cz/phpayv2/admin/import/.secure/www.irs.gov/get-refund/refunds.php?Where_is_my_refund&Get_Refund

Although this list will most likely change this is just starting for people who filed there income tax. Some things to Remember are:

You can generally access information about your refund 72 hours after IRS acknowledges receipt of your e-filed return, or three to four weeks after mailing a paper return

Via IRS.GOV

Looks Like Monster.com and UsaJobs.gov was Hacked : Change your PW!!

As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken, including Monster user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. The information accessed does not include resumes. Monster does not generally collect – and the accessed information does not include – sensitive data such as social security numbers or personal financial data.

As a further precaution, we want to remind you that an email address could be used to target “phishing” emails. Monster will never send an unsolicited email asking you to confirm your username and password, nor will Monster ask you to download any software, “tool” or “access agreement” in order to use your Monster account.
[Via Monster.com]

UsaJobs.Gov is a partner with Monster.com so You should think about changing your Password.    They Also think this will be used for Phishing, if you have any doubts to the authenticity of email.  I’d suggest doing a google search on the company or name of the person who emailed you that way you can be well informaed before you do decide how you will handle it.   Also Remember most times if they ask you download software, it is probably Malware and should be scanned by your Anti-virus software.

Spammers defies Bill Gates ‘magic Solution’

Sopho’s published statistics and I thought I would talk about it here.   Bill Gates promised to have a Magic Solution 5 Years ago.   Sophos Also provide a Chart of the Dirty Dozen:

Sopho’s also is claiming that “US retains its crown as spam king“.    I don’t think so because of the the Other 32.4%.   The US can’t be the main culprit to spam.    So What was this ‘Magic Solution’ that they promised 5 years ago?

Microsoft has two techniques in mind for solving the spam issue, both based on the premise of changing the economics of email to place a greater burden on the sender.

[Via CBR]

Microsoft did have some good ideas but they wouldn’t work for right now because the first part of the ‘magic Solution’ was to add  mathmatical question to each and every email we sent out.   I know that this wasn’t going to work because hackers have already created a systems to get around the captcha verification.

Old phish becomes new again

According to some reports, this phishing has started up again and is now changed a little web address and when you go to the site it looks like:

If you sign into this website with your twitter account information, it sends out a Direct message with these links in them rosalierebyb.blogspot.com redirects to http://twittyblog.access-logins.com/login and the only way you can fix this is to CHANGE YOUR PASSWORD.

I’d also suggest getting a password manager so if you use just one password for all accounts you will easily be able to change them and make the passwords much harder to hack. You do not want your passwords stolen do yo? I suggest Roboform it works really well with password management.

Does your DNS still have flaws?

Late the week, I’ve had some concern with the DNS flaws with my ISP.  So I’ve change to another DNS.  So I went and did a test at:

Doxpara

So what does this mean when it says I might be at risk?

Very simple, your DNS provider is not randomizing the ports.  I’ll get to that in a bit.

What is DNS?

The DNS is like a big Phonebook to where you tell it who you want to call, in this case go, and it finds the numbers and takes you there.  It’s like telling a cab driver where you want to visit, just like telling the cab driver to come to my site.  When you enter http://www.tech-linkblog.com into your browser, your telling DNS to go fetch the ip and direct your connection to this site.

So how can I fix this flaw?

Simple, You will need to direct yourself to OpenDNS.  Has Fixed the flaw to help protect you.  How do you use it?  You will tell your system to direct all the DNS queries through that then your ISP DNS.

I must verify my Gmail account! (That’s a laugh)

Dear Member,
Account Alert

VERIFY YOUR GMAIL ACCOUNT NOW TO AVOID CLOSE !!!
GMAIL lettering
Dear Member,
This message is from gmail message center to all gmail free account owners and premium account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused gmail account to create more space for new accounts.

To prevent your account from closing, you will have to verify it below so that we will know that it’s a present used account.

CONFIRM YOUR IDENTITY. VERIFY YOUR FREE GMAIL ACCOUNT NOW !!!

Gmail! ID:…………………….

Password:……………………

Your Birthday:……………..

Your Country or Territory:………..
Enter the letter from the Security Image :……… Registration Verification Code

Warning!!! Account owner that refuses to update his or her account before two weeks of receiving this warning will lose his or her account permanently.

Sincerely,
Gmail Team

This actually got through the spam filter. I did some checking with Google and here are the results if anyone else gets the email:

• Google Groups
• About Phishing in Google
• A variation to this email
  

I must verify my Gmail account! (That’s a laugh)

Dear Member,
Account Alert

VERIFY YOUR GMAIL ACCOUNT NOW TO AVOID CLOSE !!!
GMAIL lettering
Dear Member,
This message is from gmail message center to all gmail free account owners and premium account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused gmail account to create more space for new accounts.

To prevent your account from closing, you will have to verify it below so that we will know that it’s a present used account.

CONFIRM YOUR IDENTITY. VERIFY YOUR FREE GMAIL ACCOUNT NOW !!!

Gmail! ID:…………………….

Password:……………………

Your Birthday:……………..

Your Country or Territory:………..
Enter the letter from the Security Image :……… Registration Verification Code

Warning!!! Account owner that refuses to update his or her account before two weeks of receiving this warning will lose his or her account permanently.

Sincerely,
Gmail Team

This actually got through the spam filter. I did some checking with Google and here are the results if anyone else gets the email: