Internet scams

Welcome to Wondercafe2!

A community where we discuss, share, and have some fun together. Join today and become a part of it!

Mendalla

Happy headbanging ape!!
Pronouns
He/Him/His
There's a whole raft of them, but the granddaddy of them all is the "419" scam (in fact, it predates the Internet, having begun as a mail and fax scam). You know, those emails that promise you millions from the fortune of some guy that's stranded in an overseas bank waiting to be unlocked if you just send them X dollars. Modern Rogue, one of my current favorite Youtube channels, did a piece on them this past week that I'll post as a reminder that they have not gone away even if they aren't a major news story anymore.


And there is, of course, a raft of others. Mrs. M got a very authentic looking "spear phishing" message purporting to be from Amazon recently. Your order has shipped, open attached PDF for information was the gist of it.

Problem: (aside from the fact that we have no open orders with Amazon) Amazon doesn't send PDF attachments on acknowledgements and other order-related email. In fact, because of how the computer she was using was configured, I could see that there was a ".htm" extension hidden behind the ".pdf" extension. An htm file would be able to carry some kind of malicious code written in JavaScript or similar. Likely, if you opened it, it would drop some kind of malware that would send private information (passwords, etc.) to the scammer or lock up your computer until you pay a ransom (called, appropriately, ransomware).

So, the rules of the game remain (I have been telling staff at work this forever) that if you have any reason to doubt the provenance of an email whatsoever, delete the sucker. Unknown sender? Nuke it. Weird attachment? Nuke it. Regarding an account or order that you never set up? Nuke it. Unexpected email purporting to be from someone you know? Contact them directly to confirm it and then nuke it if not confirmed.

Also, if you get email purporting to be from your bank or other agency asking you to follow a link and enter your credentials? Don't do it. Go directly to the agency's website and login that way. No reputable organization should be asking for your credentials that way. Similarly, if you get a password change notice from an account that you know you did not request a change for, go directly to that site (ie. don't use any links in the message) and change your password asap, then delete the message.

I'm sure I will think of more as time goes on and others may have tips and stories of their own to add. Given the importance of the subject to those of us who dwell on the Internet a lot, I'm stickying this.
 
It's tax season so the so called "Canada Revenue" calls will probably be in full force to tell you that you owe huge amounts of money or you're going to go to jail.
 
It's tax season so the so called "Canada Revenue" calls will probably be in full force to tell you that you owe huge amounts of money or you're going to go to jail.

They had fun with this last year when a scammer called one of the RCMP non-emergency lines. Businesses get hit with scams like this all the time because they're much juicier targets but these scammers were a bit distraught when they were told what RCMP stands for.


I think my favorite is the "Microsoft Support Line" that ocassionally calls. It's hilarious to hear them collapse when you tell them you aren't running Windoze.
 
A couple of weeks ago I got the typical message from my bank saying that my accounts had been compromised and I needed to sign in again at the link provided, etc., etc. As per usual, it was given away by some bad grammar (although in this case it was only one word that a lot of people might miss.) Otherwise it seemed quite convincing. What was different about it was that it wasn't an email, it was a text message. I called my bank and reported it and they said that, yes, for several months now scammers have been using text messaging.
 
For Rogers service for any scamming texts.......push right on the message until forward comes up. Click forward and then type 7726. This reports the activity to Rogers,
 
A couple of weeks ago I got the typical message from my bank saying that my accounts had been compromised and I needed to sign in again at the link provided, etc., etc. As per usual, it was given away by some bad grammar (although in this case it was only one word that a lot of people might miss.) Otherwise it seemed quite convincing. What was different about it was that it wasn't an email, it was a text message. I called my bank and reported it and they said that, yes, for several months now scammers have been using text messaging.

Haven't had any text spam or scams in a while but I've certainly seen them. Telus has been pretty good about dealing with the odd ones we get, though (my company has a corporate contract with them).
 
Forget scams. There is a major new outbreak of the type of malware known as "ransomware" happening.

http://www.msn.com/en-ca/news/world/ransomware-attacks-reported-worldwide/ar-BBB48eX?li=AAggNb9

Short version: Ransomware encrypts your data to prevent you from using it, then demands you pay the creator (usually using some electronic currency like Bitcoin) to have it decrypted. Best defenses are to be careful about what websites you use (e.g. don't click on popups claiming to be security alerts), be wary of attachments and links in email, and keep a regular backup of your files (e.g. keep a copy on your local computer and a second copy on a cloud like Google Drive or Dropbox).
 
Saw an item on tonight's news of a huge ransomware hack - shut down some hospitals in the UK I think, and businesses elsewhere. Good advice you're giving re doing back-ups ... note to self! I'm am seriously remiss in doing this!!
 
Saw an item on tonight's news of a huge ransomware hack - shut down some hospitals in the UK I think, and businesses elsewhere. Good advice you're giving re doing back-ups ... note to self! I'm am seriously remiss in doing this!!

That's the story linked in my post.
 
Probably the first best thing you can do is always install your updates (particularly security updates) as soon as they become available.
 
Probably the first best thing you can do is always install your updates (particularly security updates) as soon as they become available.

Oh God please, yes. Yesterday would have been a garden variety malware incident if a certain patch from March had been widely applied.

I also heard, though I have not confirmed it, that some of those NHS trusts that were hit in the UK were still using Windows XP.

Let me give one piece of advice that I urge you to take if it applies to you:

If you still use XP, get rid of it. Nuke it from orbit, kill it with fire, or whatever meme you like, but get yourself on to at least Windows 7. XP is now completely out of support, including for security updates. Using it is like a painting a bullseye on your back with a sign that says " go ahead and f*** with my life."

To be clear, I do have one virtual machine at work running XP to support an archaic piece of crap program that we can't seem to get rid of, but that VM is not connected to the Internet and pretty much runs in its own little universe where no one can harm it and vice versa.
 
Any NT servers out there? lol

We're all Server 2012 R2 or higher now. Haven't had an NT server under my watch in many years now. The home care company we sold a few years back had one but it was just for file services and I think the new owner ditched it.
 
They're baaaack!

New malware but same MO and same vulnerabilities:

Cyberattack hits computer servers across the globe

To be blunt, anyone who is getting hit by this wasn't paying attention last time. I don't wish malice on anyone or want to suggest they "had it coming", but if you're not keeping on top of security, this is what happens. Cause and effect, consequences.

See my posts upthread. I'm not going to repeat those rants.
 
I saw this in the article -
upload_2017-6-27_16-22-29.png
And I thought - could we be so lucky as to have all those damn duct cleaning callers wiped out??
 
Thanks for the notice Mendalla. Did you happen to see the documentary "Zero Days" re the stuxnet virus that the US & Israel put out to hopefully disable Iranian nuclear facilities? I think it's available on youtube.
 
I saw this in the article -
And I thought - could we be so lucky as to have all those damn duct cleaning callers wiped out??

Hmmm. A ransomware worm that only targets call centres. The thought intrigues. And I have a computer science major in the family...:D:cool:

Thanks for the notice Mendalla. Did you happen to see the documentary "Zero Days" re the stuxnet virus that the US & Israel put out to hopefully disable Iranian nuclear facilities? I think it's available on youtube.

Haven't seen that but I read quite a bit about it in the IT press when it happened. Idiots. How could you not realize something like that could boomerang on your own networks?

Even this new one and WannaCry are based on code stolen from the NSA. Talk about being shot with your own gun.:rolleyes:
 
Back
Top