MSN Worm

There’s another bit of malware spreading through MSN’s messaging network (MSN Messenger and Live Messenger), known as the IRCBOT-RB Trojan, also called a worm because of how it spreads.

It works by showing people a message with links to pictures on MySpace and Facebook. It includes messages such as "Wanna see my pictures before i send em to facebook?". Clicking on the link takes the user to a web page with malicious code.

This particular worm/trojan changes the message into different languages, depending where the user is located.

Once infected a user’s machine waits for instructions from the malware author and will let them control the machine at will.

Heath Ledger Malware

As always whenever something becomes popular with the media dozens of malware sites appear overnight promising to have interesting articles. Instead they link to malicious code that can end up being installed on your computer.

In short, if you search for Heath Ledger and end up at a website asking you to install “A new version of ActiveX Object” close your web browser immediately.

A good anti-virus package will filter malicious web sites and help protect you.

Symbian Phones

There’s a new worm (malicious code) going around infecting mobile phones that use the Symbian system (see below for a list of phones). There are two variants called the Beselo.A and Beselo.B worms.

It gets transmitted by Bluetooth or by MMS so you can’t really avoid receiving it. It consists of two parts:

• An attachment with an interesting name, such as beauty.jpg, sex.mp3, or love.rm
• A text message asking you to “install” the attachment to view it

With MMS messages it’s not necessary to “install” anything to view a picture or to play an audio attachment. What’s really happening is there’s no picture or audio file attached, it’s a malicious program. The wording of the message is just a trick to install the worm (a technique known as social engineering). If it were really a picture you’d be able to see it without installing anything, and likewise for audio attachments.

If you receive a message asking you to install something and it promises to show you a picture or play an audio file, say no. Delete the message.

F-Secure make an antivirus package specifically for phones that use Symbian, and that would detect the file. But common sense and the explanation above should be sufficient to avoid it.

Below are some of today’s popular phones that use Symbian S60. If your phone is on this list then it’s vulnerable to this attack.

• LG – JoY
• Nokia – 3250, 5500 Sport, 5700, 6110 Navigator, 6260, 6290, 6600, 6630, 6680, 6682, E50, E51, E60, E61, E61i, E65, E70, E90, N70, N72, N73, N75, N76, N80, N81, N90, N91, N92, N93i, N93, N95, N95 8GB, N82, N81 8GB, 6120, N77
• Nokia (discontinued) – 6681, 6670, 3230, 7610, 3650, 3600, 3660, 3620, 7650, N-Gage, 6620
• Panasonic – X800, X700
• Samsung – SGH-D720, SGH-D730, SGH-i450, SGH-i520, SGH-i550, SGH-i560
• Sendo – X
• Siemens – SX1

A New Skype Vulnerability

Skype, the popular internet phone software, has a new vulnerability with the way it handles video links. There aren’t any reported exploits yet but as always it’s only a matter of time.

Skype is susceptible to this vulnerability if all of the following happen:

• Your computer uses Windows
• You use Skype version 3.6.0.244 or older (versions 3.5 and 3.6)
• You do a video search from within Skype
• The search takes you to a page that’s been hacked

The damage from this is still unproven but it’s fair to say that if someone can write the required malicious code they could use it to any effect they like (such as installing spyware on your computer or taking over its control).

Skype has responded with disabling adding new videos to their Dailymotion gallery. This will slow down the chance of an exploit spreading. And Skype will release a new version soon to fix the vulnerability.

Skype’s report is located here.

World of Warcraft Scam

There’s another scam targeting World of Warcraft players. It starts with an email claiming that the recipient’s World of Warcraft account has been suspended. There’s a long explanation and a link to a website.

The website asks for a username and password. It then passes on the username and password to whoever wrote the email, it’s not a legitimate service.

This is called phishing. It works by tricking people into typing in their credentials onto a fake site.

These days good anti-virus packages can filter for these sites. You should also pay careful attention to the web page address. Read this explanation on how to identify false addresses (URLs).

Digital Picture Frames with malware

Now you also have to be careful when you buy digital picture frames. There have been numerous reports of some of these devices being infected with a virus. When you put in a photo memory card it installs a trojan onto the card. Then later, if you put the card into your computer it can install the trojan onto the computer.

It then tries to stop any anti-virus system the computer may have and then starts stealing passwords. Pretty serious stuff.

And it seems the digital picture frames came from the factory with this already installed. No one had tampered with the devices beforehand.  This has been happening to quite a few digital gadgets such as MP3 players.

A good anti-virus system will detect this and prevent itself to be disabled, so if you haven’t already done so invest in one. And if you come across such a device have a chat to the store you bought it from, it’s possible they have no idea it’s happening.

Update (26 Jan 08): Best Buy were selling these devices with the brand name Insignia. They’ve just realised and have taken the off the shelf and are trying to contact customers who bought them.

Is it safe to give out your bank account number?

No, it’s not safe to give everyone your bank account details.

Jeremy Clarkson of Top Gear fame believed that all people could do with his bank account number is put money into his account. He was so sure he published the details in a newspaper.

Soon after he found £500 missing from his bank account, someone had set up a direct debit from his account and donated it to a charity called Diabetes UK.

Lesson? Don’t give out your bank account details to just anyone. In fact, give out as little personal details as possible. There are so many people in the world looking for opportunities to commit fraud and to take your money, usually using what’s called identity theft.

Sometimes you have no choice, e.g. you want to sell someone an item and you want them to deposit money in your account. It’s difficult to completely avoid these situations, but keep the information as private as possible.

Read about the incident here, it’s amusing.

Photo Gallery Downloads

This isn’t a new trick but scammers still try it. An email is sent telling the story of a tragic accident that’s happened (e.g. a nuclear meltdown in some city). There’s a link to a website with photos. It seems interesting except you’re asked to download a plugin (or codec) to view the photos.

You don’t need any plugins or codecs to view photos. And more importantly, the story about a nuclear meltdown or whatever other large disaster they think of is most probably false.

Be very cautious of anything that asks you to download a plugin or codec. It’s almost always not worth the effort and it’s almost always malware of some sort.

Valentine’s Day Malware Reminder

As with every festive event Valentine’s Day brings a whole new wave of malware. Emails are already being sent around the internet carrying dangerous attachments. While the subject keeps changing, the more common attachments seen so far are:

• withlove.exe
• with_love.exe
• Greeting card.exe
• love_me.exe
• porno_03.exe
• valsday.exe

Never open attachments that end with .exe. Unless you’ve specifically asked someone to send you a file with that exact name, it’s almost certainly malware. Delete it.

• About

  Read the latest articles shown on the left, and use the options below to search for past articles. FraudO.com is committed to educating all users on the dangers of the internet and how to avoid them.

• Email Subscription

  Enter your email address:

  Delivered by FeedBurner

• Sponsored Ads:

  • Anastasia International Scam

• Recently Written

  • Emails That Ask You To Run An Attachment
  • Fake Virus Scan
  • Smileworld Scam
  • Infected Samsung S8500 Wave SmartPhones
  • Facebook Password Reset (Virus)
  • Free $1000 Ikea Gift Card Scam
  • Phishing emails from Skype
  • Passwords Compromised on JIRA, Bugzilla & Confluence
  • Admin update
  • McAfee Stinger
  • Another Scam Job
  • ICS Monitoring Team
  • Facebook Groups And Toolbars
  • An Interview with a Nigerian Internet Scammer
  • Fake CUA Email

• Categories

  • Admin
  • Antivirus
  • Backups
  • Fraud
  • General
  • hoax
  • Identity Theft
  • Malware
  • News/Media
  • Phishing
  • Privacy
  • Scams
  • Security
  • Software
  • Statistics
  • Uncategorized

• Archived Articles

  Select Month July 2010  (2) June 2010  (2) April 2010  (5) March 2010  (3) February 2010  (5) January 2010  (11) December 2009  (1) November 2009  (2) October 2009  (4) September 2009  (10) August 2009  (9) July 2009  (7) June 2009  (20) May 2009  (15) April 2009  (12) March 2009  (10) February 2009  (14) January 2009  (10) December 2008  (10) November 2008  (3) October 2008  (7) September 2008  (5) August 2008  (11) July 2008  (17) June 2008  (8) May 2008  (17) April 2008  (23) March 2008  (22) February 2008  (20) January 2008  (31) December 2007  (17) November 2007  (21) October 2007  (11) September 2007  (5)

• Affiliates

• Spam Blocked

  33,007 spam comments blocked by
  Akismet

• Stats