Domain Listings: Another Scam

For a while now, people have been receiving deceptive solicitations from a company called “Domain LIstings, PO Box 19607, Las Vegas, NV 89132-0607.” I got one just last week.

You can see the letter they send out below:

domain1domain2

The letter is designed to think that you have to pay to re-register your domain, but this outfit is nothing more than an American version of the “World Business List” – offering worthless services for an outrageous fee.

Please note that these bottom-feeders offer you virtually nothing that Google doesn’t do for free. Their “directory” will not give you a whit of exposure. They offer 24/7/365 exposure, which is exactly what you get when Google and the other search engines crawl your site.

Customer reviews at Yelp, just as an example.

If you get one of these letters, it’s not an invoice. Just throw it away, and stay away from these scum-eaters.

The Old Wolf has spoken.

Alan Alda: Prognosticator

The following words were offered by Alan Alda in 2001, at the graduation of a friend’s daughter. Alda was referring to a piece written by a Chicago newspaper columnist named Mary Schmich, which was virally circulated on the Internet but erroneously attributed to Kurt Vonnegut.

And that’s what makes this Internet event a great image for the age in which we live. There are probably just as many lies going around now as ever before, but these days they’re traveling at the speed of light. There are just as many people who want to fool you into thinking they’ve got it all figured out for you, but now you don’t have nearly as much time to think it over.

And with the help of an engine for repetition that works on a scale unheard of in the past, the lies stick. People are still sending around the talk, thinking it was written by Vonnegut. I was sent a copy just last week.

It’s a delightful piece of writing. But if it’s presented as if it were by someone other than the person who wrote it, it steals that person’s good name and gives itself a certain credibility before it has a chance to earn it honestly. So, as good as it is, it’s a cheat. At least in the way it’s offered to us.

So, you may be thinking, big deal. It’s just a few good jokes. But think about it… It could be selling you anything. It could be a cult religion that could separate you from friends and family, or a quack medicine that could lead you paralyzed, or bogus political information that cause you to elect a numbskull to the presidency.

God forbid.¹

These are great words with regards to the internet and its impact on the dissemination of information – both genuine and bogus – but eerily prescient in view of the political developments of recent years. For what it’s worth, the entire book is a wonderful, human, and relevant read.

The Old Wolf has spoken.


¹ Alan Alda, Things I Overheard While Talking to Myself (New York: Random House, 2007), 121.

Never call 888-710-4402

If your computer running Chrome suddenly locks up and you get these display screens:

Scam1

Scam2do NOT under any circumstances call the number shown (888-710-4402). You’ll be connected to scammers in India who will tell you all sorts of incomprehensible things about your machine and ask you to let them connect with your computer.

Look at how bad the English is – practically incomprehensible. This is NOT the number for Microsoft Technical Support. These folks are liars, criminals, and all-round Very Bad People. Allow these drones to access your machine and you’re likely to end up with all your files encrypted by ransomware, or have your machine turned into part of a spamming robot network, or have your financial data stolen, or something equally insidious.

Kill Chrome using the Task Manager and re-launch. These exploits are usually encountered when malicious code is run from an ad somewhere on a page you visited, and is usually not the fault of the page itself.

Be safe out there.

The Old Wolf has spoken.

WOT: (Web of Trust) – A valuable extension

I’ve mentioned WOT in a number of my previous posts, but I thought I’d give it a bit more exposure, given the amount of scams, fake news websites, and general internet douchebaggery that is so prevalent right now.

Web of Trust is a FREE extension that adds a small circle after any clickable link on your computer to let you know how trustworthy that site is. Here’s an example – recently I was trying to remove a hijacker that redirected me to Spectrum’s search service when an unknown URL was encountered:

WOT

Notice that the circles can be green, yellow, and red – just like  stoplight. That’s your first clue – but it pays to drill down for more information as I mention below. Green is generally trustworthy, yellow is questionable, and red is downright dangerous. A gray circle with a question mark means there is no information (yet) about the site in question.

Some dangerous websites will be flagged by Google directly (Click image to enlarge)

Google1

If you have a paid version of Malwarebytes, known malware websites will be automatically blocked:
Malwarebytes

But if neither one of these help, WOT will give you a warning for red-circle links that looks like this (Click image to enlarge):

WOT1

You’ll notice that you get a summary of ratings and reasons why the website is not trusted.

In addition, search engine results can be previewed simply by hovering your mouse over the colored circle:

WOT2

and then you can follow the “click to view details” link to get a full page of information about the website.

WOT3

As with anything that is crowdsourced, one needs to be cautious. A tool like this could be used to give bad ratings to a website by an unethical competitor, so look at the dates of the reviews and get an overall feel for the page in question. In general, though, I’ve found that this tool tends to be self-correcting, so if one person rates a site untrustworthy for malware, and five other more recent users give reasons why it’s safe, I feel pretty confident that the first review is either spurious or outdated.

If you want to rate websites yourself, you can create a free account, log in, and provide details of your experience.

In addition to protecting you from viruses or other malware, WOT can be very useful for verifying whether news sites are reliable or not.

An example: Today on Facebook I saw a link to a story that there was a second shooter in Las Vegas:

Facebook

That yellow circle told me right off that this story is questionable. Hovering over the warning gave me this:

WOT4

And a subsequent search on Google for yournewswire.com confirmed that this is a notorious clickbait, inflammatory, fake-news website:

Founded by Sean Adl-Tabatabai and Sinclair Treadway in 2014. It has published fake stories, such as “claims that the Queen had threatened to abdicate if the UK voted against Brexit” (Wikipedia)

It pays to be safe, and it pays to be careful. This little extension works well with Window 10 and earlier versions (I’ve tried it on XP and 7 both), it’s free, and it provides a wealth of information about internet dangers. I highly recommend it.

The Old Wolf has spoken.

The scammers don’t give up

scam1

The “Microsoft Customer Support” scam: Today’s number is 866-587-7384.

Your screen locks up. You can’t close your browser. You can’t go back. A computerized voice starts talking to you about pornographic malware. A warning message tells you your data is being stolen. You are given a phone number to call for help removing the malware.

Do NOT call this number. It has nothing to do with Microsoft. The page you are seeing is a malicious script that has been loaded from a website that you visited, probably from a banner ad or something else that the page owner is unaware of, and is designed to scare you. If you follow the steps the “support agent” gives you, he or she will have you  give them total control of your system. From there, anything can happen and none of it will be good.

In the event that you went through this process with an “agent,” it will be critical for you to run an anti-malware program such as Malwarebytes (I don’t work for them), or have your computer cleaned by a professional, before you do anything else.

Be careful out there.

The Old Wolf has spoken.

Microsoft, stop resetting my program defaults in Windows 10.

reset

Dear Microsoft,

  • I don’t give a rat’s south-40 whether or not an app caused a problem. Handle it with an error message, if you must. Or a recommendation.
  • I’ve been to “program defaults” and I have specified what program I want to handle given file types.
  • You have NO RIGHT to change those back just because you want me to use your own (often substandard) applications.
  • Stop doing this. I configure my computer to my own needs, not yours. This is beyond ignorant, beyond arrogant, beyond anything reasonable or normal. It is stupid and maddening. Just STOP IT.

cactus

No love,

The Old Wolf

Hard Drive Safety Delete Will Start in Five Minutes

Executive Summary: There is no “hard drive safety delete.” Your machine is not infected. You have been redirected to a malicious web page. Calling “support” will connect you to someone in India who wants to install malware on your computer. Don’t do it.

deleteDelete 2

Just posting this with a sample screen so that anyone who searches for the Zeus virus infection might see it.

A full description of this scam can be found at a previous entry.

Do NOT call 844-813-1552 to ask for support. Be very careful out there.

The Old Wolf has spoken.

Your Computer Has Been Blocked! (PS – no, it hasn’t)

scam

If you get a screen like this while doing something like trying to log in to Facebook or something else, usually as a result of clicking on a link after a web search, you are being scammed.

Typically your browser locks up – you can’t go back, you can’t navigate to anything else, and you even can’t close the window. Instructions tell you to call Microsoft support because your system is infected with spyware and viruses.

It hasn’t.

If you call the number (877-382-9050), a friendly person (in India, Pakistan, or somewhere else) will answer. THESE ARE NOT MICROSOFT SUPPORT CONSULTANTS. THEY ARE SCAMMERS AND CRIMINALS. They will ask you some questions about your system, and have you do the following things:

  • Press the windows+R keys to open the “Run” box
  • Type in ” iexplore http://www.go2patch.com ” and hit enter
  • Type in the access code that they give you
  • Press the “Connect” button and then allow the program to run

If you do this, you have just given full access of your system to criminals who will steal valuable information, download real spyware or malware, or turn your computer into part of a botnet to send out spam.

This is just another incarnation of the “Zeus Virus” scam – same technique, different remote connection software.

If this happens to you, hit Ctrl-Alt-Del and open the Task Manager. End the browser task from there, whatever you’re running (IE, Edge, Chrome, Firefox, NCSA Mosaic, etc.)

What do you do if you have already allowed access? According to “Slim,” a registered user at 800Notes.com,

Since the scammers accessed the computer, they probably did one or more of the following:
• Disabled the anti-virus software
• Added nasty malware to the computer
• Copied the Contact List (so they can spam/email your soon-to-be ex-friends)
• Copied any financial data or passwords they could find
• Compromised your ID on Facebook or other social site(s), and perhaps on shopping sites.
• “Zombied” the computer, so it would respond to THEIR commands sent via internet
• Deleted some important files
• Asked for money to repair the damage they caused

What can you do immediately after such an attack?

1.  Pull the cables on the computer, or otherwise disable it, so it cannot access the internet.
2.  Change ALL  passwords stored on the computer.
3.  Run FULL malware scans on the computer, in “SAFE” mode!
4.  Change the passwords again, particularly if the malware scans showed anything.
5.  Inform your bank and credit card companies.
6.  Sign up for credit monitoring, and check the status frequently
7.  Backup non-executable personal, data files to an external storage device.  (Executable files might be infected).
8.  You may have to bring the computer to a local repair shop, and tell them the story.
9.  Tell friends what happened, so they can be aware of strange emails from you.
10.  Connect to the internet only AFTER all the above have been done.
11.  Change the passwords on all online accounts.  Even better – access a “safe”, uninfected  computer, and change your online account passwords RIGHT NOW.

Be careful out there – don’t help the bad guys mess up your machine.

The Old Wolf has spoken.

Here’s to the crazy ones – and to the creators of the campaign.

Recently I posted this image over at Facebook:

77e93b96856f2692806beb5c95fa0b7f

At once I began to get pushback on the source, so I thought I’d do a bit of digging – and what I found was interesting.

One thing is certain – the quote was part of Apple’s “Think Different” campaign. There were two versions of the commercial, one voice-overed by Steve Jobs himself (this one never aired):

And the one that actually hit the airwaves, with Richard Dreyfuss as the narrator:

But who actually wrote the text?

Not Jack Kerouac: “Sometimes attributed to Kerouac on the internet, perhaps because it evokes his famous quote from On the Road: “The only people for me are the mad ones, the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn, like fabulous yellow roman candles exploding like spiders across the stars and in the middle you see the blue centerlight pop and everybody goes “Awww!” ” (Wikiquote)

Not John Chapman, aka “Johnny Appleseed“: If you look closely at the Text Edit icon in Apple’s OS X, you’ll see the the quote there in the form of a letter to “Kate” from “John Appleseed.”

Text Edit

This has led some to attribute the quote to Chapman himself, which is just all wrong – the language is never something that the historical Johnny Appleseed would have used; on a side note of interest, this article at the Smithsonian suggests that Chapman was planting apples for hard liquor, not for eating.

“Apple cider provided those on the frontier with a safe, stable source of drink, and in a time and place where water could be full of dangerous bacteria, cider could be imbibed without worry.”

So who is the John Appleseed referred to in the icon, and who is Kate?

Not John Appleseed, the shadowy “Apple Insider:” This article at Techradar gives the background on who John Appleseed was – a Cupertino-based software developer who had developed Apple II software under his own name. When Apple’s CEO Mike Markkula (also a coder) developed some Apple II software under the pseudonym John Appleseed, the real Appleseed didn’t sue – he launched a campaign to meet Steve Jobs, as described in the article. Ultimately Appleseed’s image and name became the face of the iPhone and other products, although he was never really an “Apple Insider.”

5a104893d7f8b30ae52b64e25a6fa545-1200-80

Unfortunately for him, Jobs died, Apple evolved, and his usefulness as a mascot came to an end. As for Kate? Best guess is that she’s an open source text editor in KDE in the linux operating system. It is possible that during his time of interfacing with Steve Jobs, some of Appleseed’s ideas may have insinuated them into Jobs’ consciousness to have an impact later.

Yes, it was Rob Siltanen and Lee Clow (and a few others): Rob Siltanen chronicled the real genesis of the campaign’s text in an article at Forbes (caution: Forbes now makes you whitelist their site if you have AdBlock Plus installed, which I happen to think is a scummy move – but there it is.) Siltanen and Lee Clow were employed by the TBWA/Chiat/Day advertising agency that were shooting to get Apple’s business for a new campaign. The whole article is a fascinating first-person look at how the campaign was designed, pitched, and won.

Some of the original thoughts behind the text in question came from these quotes from “Dead Poet’s Society,” among others:

“We must constantly look at things in a different way. Just when you think you know something, you must look at it in a different way. Even though it may seem silly or wrong, you must try. Dare to strike out and find new ground.”

“Despite what anyone might tell you, words and ideas can change the world.”

“We don’t read and write poetry because it’s cute. We read and write poetry because we are members of the human race. And the human race is filled with passion. Poetry, beauty, love, romance. These are what we stay alive for. The powerful play goes on and you may contribute a verse. What will your verse be?”

So even though the text was really a collaborative effort, at the end Lee Clow made sure that Steve Jobs’ name was included in the credits on the campaign. As a result, I’m going with “Correct Attribution by Association” on the authorship of the quote.

The Old Wolf has spoken.

Marketing by terror

I’ve mentioned Android webjacking before, but here’s another example. Things like this are not usually “viruses” on your handheld device, but rather malicious code embedded in a legitimate website by unscrupulous advertisers.

screenshot_2017-02-16-11-04-16

 

First, this exploit makes your phone buzz like a hornet that’s just been pinched in a vise, and locks your browser. No going back. Second, vulgar sites? No, actually this popped up when I was trying to leave a comment at retailcomic.com. I trust the site not to hide exploits like this on purpose.

 

screenshot_2017-02-16-11-04-35

The claims on these “warnings,” along with being written in questionable English, are absolute lies: “If the problem can not be resolved immediately , the viruses will spy your phone, and destroy your SIM card, delete all your contacts.”

Now I’m just following the trail to see who’s behind this.

screenshot_2017-02-16-11-04-49

Looks like someone is hawking an app (surprise, surprise):

screenshot_2017-02-16-11-05-09

A comment at the app’s site complained, and the developer responded; notice the salutation “Dear,” usually seen on Nigerian scam emails but certainly a red flag that the app developer is not a native English speaker.

 

Screenshot_2017-02-16-11-05-51.png

Despite the apology and denial of malicious intent, I would be very suspicious of apps that are advertised in this way.

Be careful out there.

The Old Wolf has spoken.