Tag Archive | Scam

Battle.net Account Verification Email Spam Continues, More Users Compromised

More spam is lighting up for Battle.net account users, Diablo, and World of Warcraft members. The latest spam update is below, where once again, the spammers are using a fake email account (diablo@email.com) as the sender, and stating that you are trying to sell your Battle.net account and need to verify it so it will not be suspended.

However, the link it gives looks real, however, it is fake.

Greetings!   It has come to our attention that you are trying to sell your personal World of Warcraft account(s). As you may not be aware of, this conflicts with the EULA and Terms of Agreement. If this proves to be true, your account can and will be disabled. It will be ongoing for further investigation by Blizzard Entertainment's employees. If you wish to not get your account suspended you should immediately verify your account ownership.   You can confirm that you are the original owner of the account to this secure website with:   hxxps://www.battle.net/account/support/password-verify.html  If you ignore this mail your account can and will be closed permanently. Once we verify your account, we will reply to your e-mail informing you that we have dropped the investigation.   Regards,   Account Administration Team World of Warcraft , Blizzard Entertainment 2012

Here are the technical details:

Return-path (email address the email actually came from): ab[at]vlrpc.com

IP address: 112.65.228.185 belonging to an unknown/private user (WHOIS states the IP master’s name: yanling ruanof) China Unicom, a telecommunications company governed by The People’s Republic of China. They seem to either ignore abuse reports, or do not know much about their users’ activities. We know a private user sent this spam, because the message header clearly states the application used to send the email: Microsoft Outlook Express 6.00.2900.5512.

Known blacklisting: Spamhaus.org (listed as “Illegal 3rd party exploits, including proxies, worms and trojan exploits”), abuseat.org, barracudacentral.org, uceprotect.net

Now, it’s believed that the recent spam outbreak (like the one above, for example) is a result of the latest Blizzard lawsuit. However, spam like this has happened before (also look in the comments for a user who posted about Diablo 3 spam).

The only thing to best protect against spam is having an anti-spam program. Please visit the vendor below for more information.

Caretaker Antispam download link

Advertisements

Video “OMG I just hate Rihanna…” Facebook scam spreading

Messages are spreading between Facebook users, claiming that members of the social network have lost all respect for popular songstress Rihanna after watching a video.

However, if you’re careless enough to click on the link you will find yourself lured into a survey scam that attempts to earn affiliate cash for fraudsters.

A typical message trying to tempt users into falling for the scam looks like this:

If you were fooled into participating in this scam remove the message from your newsfeed, and delete any messages you may have inadvertently shared with your friends. That way at least you are no longer spreading it with your online chums. You can also report the link as spam – hopefully if enough people do it, Facebook will begin to stop the scam from spreading.

Rihanna Facebook scam

Read more on Naked Security

 

Prevent scams like this and other social network scams/issues:

Get the review of Malwarebytes’ Anti-Malware

October is National Cyber Security Awareness Month

NCSAM official image (Department of Homeland Security)

Cyber security awareness is so important, and we’re going to display a few things you should be aware of this month, for you to try to make capable changes to your personal or business security perspective. You will notice some of the information below is linked to different posts here on the blog. This should help you understand each topic better! Please don’t be afraid to use each of the links below to learn more about protecting your system(s).

  • Email is one of the biggest attack methods. Since users are still highly dependent on email, it is so critical that email systems get fixed. Spam can be so cunning that it may disguise itself as your friend, someone you trust, or a bank. The main target in these spam attacks is phishing, which will allow an attacker to trick you into doing something or giving away personally identifiable information.The goal is to also download malware on to your computer, which can be used to take control of your computer and steal much more personal information. Some emails may claim to be a legitimate organization sending you an attachment, but it’s purpose is to distributed malware on your computer. It is best to secure email systems against spam. This can be done using a variety of products whether hardware or software. Make sure to secure your system(s) with the latest spam fighting utilities. Also, securing Outlook or Windows Live Mail is beneficial.
  • Instant Messaging still seems to be a vector for malware attacks. Just when people drop their guard about IM security, a new band of threats affects users. Most IM attacks come in the form of spam, a message from an apparent trusted friend, or a phishing attempt/scam from a legitimate looking company. A lot of the time, when the message appears from a trusted friend, it usually means that person’s IM account or email account has been hacked and the attacker has mined the email addresses or IM addresses in order to send you these attacks. It is important to have a good Internet Security product that protects against IM attacks along with network defense.
  • Exploits are the most common cause of infections on computers these days. Many of the exploits have been caused by out-of-date Java plugins or Adobe Flash Player plugins (or even fake Flash Player), among other types of plugins for your browser. Other exploits come in the form of advertisements that are catered to your interests, by the use of tracking cookies, which when you click on the ads it can lead to a site that will immediately download malware and attempt to take control of your computer.Those are just a couple of examples of why you need Internet Security protection as declared just above in the explanation for IM security. Also, having a second-opinion malware scanner can make sure that things don’t get missed, giving you maximum protection. Working on a defense-in-depth strategy for your computer can be a great way to avoid exploits.
  • Downloading and installing untrusted software products is a good way to get infected with viruses, spyware, and other threats and malware. Using tools such as Web-of-Trust for your browsers is a key idea in managing whether a site is safe. Also, reading reviews for the product you are getting ready to download and purchase will help you make an informed decision. It is important to have Total Internet Security protection, as stated above in IM security. Please refer to the “Internet Security product” link for more information on securing your system(s) with protection mechanisms.

There are many more vectors of cyber security problems. It is important to use the methods described above as well to secure your system(s) from attacks from cybercriminals.

Summary of mitigating most attacks:

LifeLock

Miley Cyrus sex tape scam details

Unbelievable? Another social engineering attempt. Here is a source on the non-existent Miley Cyrus sex tape:

Facebook scammers are using the promise of a non-existent Miley Cyrus sex tape to lure users into giving up temporary access to their accounts. Once inside, scammers run a script to create automatic posts that tag friends and propagate the scam.

Here, again, we are dealing with the well-known, if not utterly obsolete, “copy/paste code” method whereby the scammer aims to steal the victim’s Facebook authentication token. This grants the scammer temporary access to the targeted Facebook account, including the victim’s list of friends.[HOTforSecurity]

 

Protect against these types of scams:

 
US - avast! New Version 7 Products Generic

Beware of fake Adobe Flash Player plugin update ads

Only need to say a few words here… do not click on these ads, as they are potential exploits leading to malware/viruses:

Protect yourself from ads automatically with Kaspersky Products:

Kaspersky Lab US E-Store

Click here to access the Kaspersky E-Store

%d bloggers like this: