Subscribe in a readerFacebook Un Named App
Here’s a combined hoax and malware. Let’s start from the beginning.
People have been posting notes on Facebook about something called “un named app”. It tells you to remove something from Facebook. It’s a hoax. Don’t believe what it says, don’t follow the instructions, and don’t pass it on.
Below are some quotes of the hoax:
ALERT >>>>> Has your facebook been running slow lately? Go to “Settings” and select “application settings”, change the dropdown box to “added to profile”. If you see one in there called “un named app” delete it… It’s an internal spybot. Pass it on
this is real.. i checked and found this app and deleted it… hopefully, my facebook will run better now.
Cannot believe how much quicker mine is running after doing this….
I don’t have this app on my Facebook account but if you do, don’t worry. It’s a normal part of Facebook and you shouldn’t delete it.
Now the second part of this hoax is a real trojan. If you go to Google and search for “facebook unnamed app” you’ll see quite a few results. Some of these results are fake antivirus programs.
A fake antivirus program is actually a trojan. It pretends to scan your PC and quietly installs malware in the background. It goes under the name of Security Tool, it has a fancy detection screen and everything. But it’s definitely bad.
The rule of thumb is that if a web page tells you that your PC might be infected, don’t trust it. Go and get your own antivirus program, not something that pops up on your screen (see here for a good free antivirus program).
There’s a lot to learn here. Basically, be careful who you trust. These days scammers have to trick you into installing malware and they’re good at it (it’s called social engineering).
Fake ATO Emails
More fake ATO emails are being sent in Australia. If you receive an email about your “taxe refund” keep in mind that it’s a scam. The real ATO would never misspell tax.
Clicking on the link in the email takes the reader to an exact copy of the real ATO website. The address is clearly wrong,
- Fake address: www.a-imbn . org
- Real address: ato.gov.au (all Australian government web sites must end with .gov.au)
If you’re in Australia please let others know of this scam.
Fake Haiti Donation Email
There’s a fake email being circulated in the UK asking for donations to help with the recent earthquake in Haiti. The email claims to be from the Red Cross but it’s really just a scam.
This is what the email looks like:
The British Red Cross Society
British Red Cross
UK Office
44 Moorfields
London EC2Y 9ALMAKE YOUR DONATIONS NOW
=====================Dear reader,
A devastating earthquake measuring 7.3 on the Richter scale struck Haiti on 12 January 2010 sending the Haitian Capital Port-Au-Prince into chaos, killing hundreds and affecting thousands more. Please give what you can today to help thousands of people there in desperate need of humanitarian assistance.
Relief aid workers from the Red Cross have already been arriving at the Haitian capital with relief materials.
Donations have been grouped into two cartegories:
1: Group A (£250 British Pounds to £1,000 British Pounds
2: Group B (£1,000 British Pounds and above)Donations are to be made payable immediately via WESTERN UNION MONEY TRANSFER immediately and directly to our donations accounts liason officer as RECEIVER’S name:
DONATIONS ACCOUNT LIASON OFFICER:
LOCATION: 44 Moorfields, London EC2Y 9ALPlease provide us via return email the following informations below as they appear on the Western Union Money Transfer slip;
1. Name and Address of Sender
2. Exact Amount Sent ***
3. MTCN ***NOTE: At British Red Cross we are committed to protecting your privacy as a STANDARD practice. We will not share your information unless you have previously indicated that you are happy for us to do so.
Hope to receive your donations soon as thousands need your help.
Please send return email with donations details to
Yours Sincerely,
For and on behalf of The British Red Cross Society
The email has a few spelling and grammatical errors. They unnecessarily capitalise a few words. Both of these things are unprofessional and would not be done by a serious organisation. Also, they want money sent to Western Union! Any legitimate organisation would have a professional method of accepting money. All these things should make you suspicious of the email.
If you see this email remember that it’s a scam. And there’s no doubt that there’ll be dozens more emails with similar Haiti scams. If you want to donate to help with humanitarian efforts then find an official (and recognised) charity organisation and donate to them. Don’t click on links in emails that you receive.
Also be aware that scammers will use every event that makes the news as an excuse to send these type of emails. When celebrities die they send out similar emails, asking for money or asking you to click on a link (that goes to a malicious site). They never stop sending out these emails.
Fake banking App For Android
Android is a system used by some smartphones (similar to iPhone or Windows Mobile, but made by Google). Like other smartphones you can install apps on Android.
One Android app that showed up recently is a free banking app. It looks like it supports US banks. But instead of logging into your bank it sends your online banking details to a scammer. Then it won’t be long until someone steals money from your bank account.
Google has been notified of this malicious app and they have removed it. But for some people it may be too late.
There’s a lesson to be learnt here. Smartphones are cool, installing apps on them is cool. But we shouldn’t let our guard down and trust everything to them. Know what you’re installing, know who wrote the software, and how it stores and sends your login details.
As more people buy smartphone scams are only going to become more common.
Another Adwords Scam
I just received the following email. It’s a scam made to look like Google Adwords, however the web site was registered just a few hours ago to somebody else.
If you go to this site and enter your Google account details you’re actually letting a stranger (hacker) know your account details. It’s a scam.
———————————————
This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
Message id:388520237785520
———————————————Hello,
You have a new text alert from adwords
Please use the link below to login:
http://www.adwlordls.com/Selects/Login/static/index.html?ref=56105007342
Advertise your business on Google
Best regards, Google AdWords Customer Team © 2009
———————————————
This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
Message id:847914946168909
———————————————
So if you see this email or one like it, delete it. Google did not send this email.
Google Work From Home Scam
This link was posted on Facebook – it’s a scam. It says that Google is hiring people to work from home, no experience is necessary, and the article goes on and on about how good it is.
Below is an extract from the scam site:
Breaking News: Google Now Hiring People To Work From Home
If you live in America and you have been wanting to work from home, you might be in luck. Google has now released a new "Work From Home Program" that will allow Americans to work for the titan from the comfort of their own homes.
To thousands of Americans this means that they will soon have a safe and bright future working for one of the fastest growing companies in the world.
…
What you need: A Computer, an Internet Connection and the desire to make a living working from home. No special skills are required other than knowing how to use a computer and navigate the internet.
…
Google will send out your checks weekly. Or you can start to have them wire directly into your checking account. (Your first checks will be about $750 to $1,500 a week. Then it goes up from there. Depends on how many links you posted online.)
Like most scams, you don’t need any experience, you can work from home, and you can make $1500 a week so easily. It’s all too good to be true!
The fake article is hosted on a site called ValuePromotions.
If someone were gullible enough to sign up they’ll be asked to pay US$2 to get started. But instead of paying $2 they’ll be charged US$80 a month directly from their bank account.
There are so many scams similar to this one. They all feature the same principle – a promise of free or easy money. Always do research on articles like this (use Google) and have a sceptic mind – if it’s too good to be true it’s probably a scam.
Facebook Password Reset
The following email contains a virus, it was not sent by Facebook:
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
Thanks,
The Facebook Team
If you see this email just delete it. Don’t click on the attached file.
A Sophisticated Way To Steal Money
Here’s an example of a very sophisticated piece of malware designed to steal money. It was discovered recently in Germany and was used to steal €300,000 in 3 weeks. Here’s how it works:
- You visit a web page that has been hacked. It’s an ordinary web page (such as a news site), nothing looks out of the ordinary.
- A trojan is installed on your computer without your knowledge. It sits there on your PC waiting and watching.
- You log onto your internet banking site. Everything still looks normal.
- The trojan detects that you’ve logged into an internet banking site and it makes a transaction, transferring money from your account to the account of a money mule (more on this later).
- When you look at your bank statement online, the trojan captures the network data and changes it to hide the transaction it made. The numbers it shows on the screen have been altered.
Step 5 is the sophisticated part of this attack. Normally you’d notice if money was transferred from your bank account without your approval, but the trojan hides this by showing you a fake statement on your screen. If you can’t see the money being taken from your account the criminals have more time to keep making withdrawals.
The amount of money it steals is different each time so that the bank’s anti-fraud detectors don’t see the pattern of theft.
More details here on this attack works.
So what’s a money mule?
Stealing money from people’s bank accounts is a big business. Criminals not only write sophisticated malware to carry out the transactions, they also recruit money mules to launder the money.
They place ads online offering jobs to desperate people. These jobs require no experience and you work from home (sound familiar?). People who sign up to these jobs receive money in their bank accounts, then they have to transfer it to someone else’s account. They do this willingly and are paid for it, but they usually don’t know that it’s part of a criminal organisation.
This is how the criminals receive their stolen money and cover their tracks. It’s a form of money laundering and is illegal. And to avoid a pattern detection they usually only use these money mules twice.
Here’s an example of a money mule job ad.
Lessons Learnt:
- Always use an antivirus program that not only scans your PC for malware, but also checks every web page you go to. Good antivirus programs cost money and it’s a good investment to protect your online security.
- Only use internet banking from a PC you trust.
- Always update your PC with the latest patches. For example, tomorrow there’ll be a large Windows update, you should install this as soon as possible (after you make a backup).
- Don’t trust job ads that promise the world for little to no effort.
World Business Guide – Scam
I received the email shown below, Googled it and saw that it’s a scam. Unfortunately I also found that quite a lot of people have fallen for this scam so I’ll explain how it works.
Firstly they send out the email shown, it offers to list your business on a register. Their email mentions the word “free” several times and they never mention a price – but it’s misleading, they’re actually offering a paid service. It’s called deceptive marketing and it’s illegal in most countries.
Then if you sign up to list your business they send an invoice for approx €995 (quite a bit of money).
Now this is when the stress begins for most victims. If you ignore their invoice they start sending a stream of nasty letters threatening legal action. Based on what I’ve read in forums it seems that they’re empty threats (see for yourself here).
So please do a bit of research on any unsolicited marketing offers you might receive. Search on Google, even if you think it’s a free offer.
The email that they sent is:
Ladies and Gentlemen.
In order to have your company inserted in the registry of World Businesses for 2009/2010 edition, please print, complete and submit the enclosed
form (PDF file) to the following address:WORLD BUSINESS GUIDE
P.O. Box 2021
3500 GA Utrecht
The Netherlandsemail: register@wbgtoday.net
FAX: +31 20 524 8107Updating is free of charge!
If you are not the intended recipient, please submit an email to
unsubscribe@wbgtoday.net
Your request shall be dealt with accordingly.
And the attachment that they sent looks like this:
If you see this email just delete it.
-
-
Stats