To Protect Yourself from Common Scams, Do This

FIRST:

Be Very Careful with Cashier’s Checks!

Secret Shopper Bogus Check

These are extremely easy to forge on pre-printed forms available anywhere like Staples, Office Max, etc. All the criminal needs is a laser printer.

NEVER send money to someone who has sent you a cashier’s check until you have verified with your bank that it has cleared. If the check is bogus, you can also be arrested for passing fraudulent documents. This is a rare occurrence, but it has happened and probably will happen again.

SECOND:

Do Not Use Money Transfer Services with Unknown Persons

Generic_MoneyPak_Front

We’re talking here about Western Union, MoneyGram, and Green Dot MoneyPak cards, or anything else like it.

If you send money to a criminal with Western Union or a similar service, it’s gone. You can’t get it back. If a criminal asks you to buy a Green Dot MoneyPak card and send him/her the PIN, do not do it. Your money will be gone, and you won’t get it back.

These services irresponsibly enable fraudsters all over the world to perpetrate their scams on vulnerable or unwitting people. They should be regulated in much the same was as pawn shops.

THIRD:

Do not believe everything you read on the internet, or in your email box.

Scams are rampant. Criminals all around the world want your money, and they will stop at virtually nothing to get it. An example received just yesterday.

FOURTH:

Do not click on links in emails.

If you’re curious about a link in an email, type the address in your URL box directly, like this:

walmart1

If you click on a link directly in the email, you may be redirected to a bogus site:

redirect

In this example, the link that looks like it will go to a legitimate Walmart site is actually taking you to a questionable internet marketing website that is being used by criminals.

FIFTH:

Do not click on attachments in emails unless you know who sent them.

mail

This email looks like it has attached a .PDF file. However, any attachment can be deceptive. TXT files, DOC or DOCX files, PDF files, XLS or XLSX files, and many others – all can actually be .EXE files in disguise.

If you do not know who is sending you an attachment, never click on it.

SIXTH:

Never pay money to collect a prize.

This just goes without saying. You can’t win a lottery or sweepstakes you didn’t enter. Legitimate lotteries or sweepstakes, and there are precious few of these, will never ask you for up-front money to collect a prize. Again, never send money to a stranger hoping to get a large payout. If you do, you are being robbed.

SEVENTH:

There is no Nigerian prince or government official who wants you to help get money out of the country.

nigerians

This is the “419” fraud, so named for the section of the Nigerian legal code that makes this sort of scam illegal. None of the above schemes will work if people avoid sending money to strangers using Western Union or MoneyGram or other methods. This also applies to “reshipping work” or “lonely hearts” scams. At some point, all of them will ask you to send money somewhere. Don’t Do It!

There are more ways to get scammed and one post can’t cover them all, but if everyone would follow these few simple steps, the incidence of fraud would decrease dramatically. Protect your loved ones. Educate them, or watch over their finances. Be careful out there.

The Old Wolf has spoken.

Notice to Appear in Court (Scam/Malware)

bigstock-Malicious-malware-warning-mess-41722204-1024x819

(Thanks to Techsrus for the image)

My cubicle neighbor (at the job we just both got laid off from yesterday, but that’s another story) showed me a couple of emails he had gotten in his Gmail account – each sported the header “Notice to Appear in Court.”  I told him they were probably scam threat letters and hoping to extort money.

I got one myself today, and decided to explore it a little further.

—————-

From: “Notice to Appear in Court” <customerssupport231@kaiserarbitrationlawyers.com>
To: <redacted>

Subject: Notice to appear in court SN8157

Notice to appear in court,

Hereby you are notified that you have been scheduled to appear for your hearing that will take place in the court of Detroit in April 03, 2014 at 11:30 am.You are kindly asked to prepare and bring the documents relating to the case to court on the specified date.The copy of the court notice is attached to this letter. Please, read it thoroughly.
Note: The case may be heard by the judge in your absence if you do not come.Yours very truly,
SAMPSON Hays
Clerk of court
—————————–
Attached was a file called “Notice_to_Appear_TY4769.zip”
Unpack this zip folder and you find a file called “Court Notice.exe”. That file lasted less than one second on my desktop, as Microsoft Security Essentials immediately quarantined it. The .exe file contained a Trojan Downloader named Win32/Kuluoz.D, which Microsoft describes as follows:
Win32/Kuluoz is a trojan that tries to steal passwords that are stored in certain applications and sensitive files from your PC. This trojan could also download other malware to your PC, like other variants of Win32/Kuluoz and Win32/Sirefef, and variants of rogue security software likeWin32/FakeSysdef and Win32/Winwebsec. This threat tries to hack your email accounts and file transfer programs.
In other words, really nasty stuff.
This is a perfect example of why you should do the following things on your computer to practice safe computing:

1. Always display file extensions. This option is turned off by default by Microsoft on its newer operating systems, which in my opinion is a dangerous and foolhardy idea. This means that instead of seeing “Notice_to_Appear_TY4769.zip” and “Court Notice.exe”, you would only see “Notice_to_Appear_TY4769” and “Court Notice.” To fix this, follow the procedure below for your operating system:

To show or hide file name extensions (Windows 7)

  1. Open Folder Options by clicking the Start button Picture of the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

  2. Click the View tab, and then, under Advanced settings, do one of the following:

    • To show file name extensions, clear the Hide extensions for known file types check box, and then click OK.

    • To hide file name extensions, select the Hide extensions for known file types check box, and then click OK.

Example

To show or hide file name extensions (Windows 8)

  • Open Windows Explorer and go to “View” and then click the Options button > Change folder and search options
  • Scroll to “Hide extensions for file types is known”
  • Uncheck it and click OK.

To show or hide file name extensions (Windows XP)

  • Double Click on My Computer.
  • Click on Tools > Folder Options… in the menus.
  • Click on the View tab.
  • Remove the check from Hide extensions for known file types.
  • Click the OK button.

2) Make sure you have robust malware detection software installed. AVG Free, Microsoft Security Essentials, and Kaspersky are all good options. The first two are free, the third reasonably priced and somewhat more robust than the other two.

3) ☞ NEVER ☜ open attachments from unknown senders, especially a file that contains “.exe” anywhere in its name.

(Did I make that emphatic enough? I’d make it blink if I could.)

A lot of folks are savvy enough to spot this as a scam in an instant, but this particular email is official-looking enough to scare a lot of vulnerable computer users; the scammers don’t care if you actually appear anywhere – they just want you to open that never-to-be-sufficiently-damned attachment. If you are technically savvy and you have loved ones, either elderly or otherwise vulnerable, watch out for them. Educate them. You don’t want them becoming victims of scams or nefarious behavior like botnets.

This has been an Old Wolf public service announcement.

The Old Phishing Hole

Thieves want your information and your money. They’ll take it any way they can get it. Eastern Europe is a hotbed of cyber-crime but, sensing the opportunity for profit, other nations are getting into the act, and the same old techniques resurface.

Here’s a typical phishing scam email which landed in my inbox today. Protect yourself, be aware, exercise safe computing, and warn your loved ones. This stands to be repeated often and loudly.


From: service@chase.com<gpwtnf@admin.net>
To: admin@chase.com

Subject: NOTICE ID : DXEUWSPLNT

Dear Chase Bank Customer
It has come to our attention that your Chase Bank account information needs to be
updated as part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. If you could please take 5-10 minutes
out of your online experience and update your personal records you will not run into
any future problems with the online service.
To update your Chase records click on the following link:
http://secureaccess.chase.glchzprjo.%5BLink Obfuscated]-wi.com/chs/chk/index.php?email_login=comcast.net/
Thank you for your patience in this matter.
Sincerely,
Ammy Smith,
Chase Bank Security Departament.
Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.
Copyright 2012, CHASE BANK SERVICE, INC. All Rights Reserved.

NICHMOKENLWJJFLDBVSKYXRCHQRWEFILLLKYSO


Right. First off, look at anything that’s green in the email above. These are red flags.

1) Garbage text. Any email that contains strings of junk or random English words strung together is trying to thwart Bayesian spam filtering. It’s a complex algorithgm that is employed by service providers and email clients to try to keep Spam from ever getting to you.

2) Mis-spellings. While human error is possible, most legitimate companies (especially large financial institutions like Chase) are pretty careful about the quality of messages they send out. Bad English, strange punctuation, odd collocations and mis-spellings are all red flags for fraudulent activity (which includes most spam, by the way).

3) Garbage or misdirected links. Just because a web address has the word “Chase” in it doesn’t mean that it’s from Chase. URL’s that contain alphabet soup are to be regarded very suspiciously. Never click on links from an email, especially if the word “money” or “finances” enters into the equation. If you have an account with Wells Fargo, for example, go directly to wellsfargo.com with your browser.

As it turns out, the link above redirects you to this URL:

http://[Link Removed].endoftheinternet.org/chs/chk/index1.php
?source=chase&customer=CrazvSTcCtTvoOIhYiLNI1bplxauXFAqWAQijzkM

(I obfuscated the link to make sure nobody actually clicks on this and goes there.) If you did, what you would see is this:

It looks very, very authentic – except for that garbage URL. In fact, the scammers copied the actual http://chase.com website exactly. If you enter your UserID and password, bingo! You’ve just given Russian cyber-criminals access to all your accounts.

Again: Never click on links inside an email. Always type addresses directly into your browser window to make sure you’re going to the real company’s website.

These particular drones aren’t through with you yet, though. If you enter your information (I put in some really insulting stuff which I can’t repeat here), you’ll be taken to this URL:

http://%5BLink Removed].chaseonline.chase.com.crazvstccttvooihyilni1bplxauxfaqwaqijzkm.
csqifywdn.endoftheinternet.org/chs/chk/email.php

which gives you this page:

So these scumsuckers not only want your financial data, they want access to your email account as well, so they can scam all your friends and send messages from your account.

If you’re aware of these antics, they seem pretty transparent. Unfortunately, a huge percentage of our population is working with computers and the Internet at a “cookbook” level, without any more than a superficial understanding of what they are doing. There’s no judgement around that – it’s great that they’re learning new skills. But if you have loved ones, especially elderly family members who fall into that category, please make sure they are watched over and educated.

Practice Safe Computing

1) Be afraid of any email that includes the words

  • “Verify your account.”
  • “Update your account.”
  • “During regular account maintenance…”
  • “Failure to update your records will result in account suspension.”

or similar things. Legitimate organizations will never ask for your ID or sensitive information by email or telephone

2) Do not click on links inside an email. Always go directly to your financial institution’s website from your browser.

3)Never send sensitive information to anyone in an email. Even if it’s legitimate, emails can be intercepted and read by the bad guys.

Be careful out there, it’s a jungle.

The Old Wolf has spoken.