• Tag Archives scam
  • E-Payment Alert Notification From Another US Bank – Customer phishing scam

    A slightly unusual phishing scam today

    https://i2.wp.com/myonlinesecurity.co.uk/wp-content/uploads/2016/12/scam_warning1.gif?fit=300%2C300&ssl=1

    The original email is nothing special and has a blank body and a PDF attachment. The PDF has a link to https://kamzink.com/redirect-new-alert-logon/redirect.htm which redirects you to ( or should redirect you to ) https://rattanhospital.co.in/new-usbank-security-update/usbank.com.online.logon/home  However this site only works in Firefox using Noscript when I block scripts from  omtrdc.net. ( which looks like an Adobe Marketing cloud analytics script)  Allowing scripts from that site display a blank page for me in all browsers.  I assume the phishers made a mistake and that script will only work on the genuine website so is  unable to display the page. This shows the error in just copy & pasting an entire website homepage  & just changing a few links on it.  Anyway, anything the phishers do wrong is a step in the right direction to protect users.

    Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.

    The original email looks like this It will NEVER be a genuine email from your bank  any other company so don’t ever click the link in the email. If you do it will lead you to a website that looks at first glance like the genuine usbank website but you can clearly see in the address bar, that it is fake. Some versions of this and similar phishes will ask you fill in the html ( webpage) form that comes attached to the email.

    From: US BANK <unitedbankpayment.alert@communication.com>>

    Date: Wed 28/12/2016 08:15

    Subject: E-Payment Alert Notification From Another US Bank Customer

    Attachment: US_Bank_Payment_2_.pdf

    Body content:  Blank / Empty

    Following the link sends you to a site looking identical to the genuine usbank.com website ( with the above provisos)

    All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Or whether it is a straight forward attempt, like this one, to steal your personal, bank, credit card or email and social networking log in details. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened.


  • PayPal “Unauthorized Credit Card Payment” Phish

    A fake PayPal email, addressed “Dear PayPal”, with an attachment to fill in? What could possibly go wrong?

    Fake mail

    The email reads as follows:

    Dear PayPal user,

    We recently received a report of unauthorized credit card payment attempt associated with this account. To protect you against any further unauthorised payment attempts, we’ve limited access to your PayPal account.
    Please take a minute to review the details below and what steps you need to take to remove the limits.

    ———————————–
    Details of disputed transaction
    ———————————–
    Case ID Number: PP-001-546-712-049
    ———————————–
    What to do next
    ———————————–

    Please download the form attached to this email and open it in a web browser.
    Once opened, you will be provided with steps to restore your account access.
    We appreciate your understanding as we work to ensure your account safety.

    ———————————–
    Due dates
    ———————————–
    Please get back to us as soon as possible.
    ———————————–
    Other details
    ———————————–
    There are no other details for this transaction at this time.

    Yours sincerely,
    PayPal

    Just like the spam from mid-February, this one comes with a zipped attachment:

    Case ID Number PP-001-546-712-049

    with a .html file inside called…well, you can probably guess what it’s called:

    Case ID Number PP-001-546-712-049.html

    html attachment

    The form asks for:

    Email address, full name, PayPal password, DOB, billing address / town, county, postcode, home phone, credit / debit card number, expiry date, security code and sort code.

     

    Of course, you shouldn’t fill this in or hit the “Send” button – just delete the attachment and send the mail to the spam folder.

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM


  • Facebook ‘Watch naked video of friends’ Malware scam infects 2 million users

    Facebook Watch naked video of friends

    We have seen a lot of Facebook malware and virus infections spreading through friends list, and this time a new clickjacking scam campaign is going viral on Facebook.

    Hackers spam Facebook timeline with a friend’s picture and “See (Friend)’s naked video,” or “(Friend Name’s) Private Video.”

    The Picture appears to be uploaded by a friend and definitely, you might want to see some of your Facebook friends naked, But Beware! If you get curious and click, you will be redirected to a malicious website reports that your Flash Player is not working properly and needs to be re-installed.

    But in actuality it will install a malware in your system and once approved, several disguised thing can happen to you. It further installs a malicious browser extension to spread the scam and steal users’ photos.

    Facebook 'Watch naked video of friends' malware scam infects 2 million people

    When the link is clicked, users are sent to a very realistic-looking mockup of a YouTube page, where the hackers will try to immediately install the Malware Trojan.” 

    So, Don’t Click it! According to the report, 2 million Facebook users are already infected with the same malware campaign and unknowingly flood their friend’s timeline will same campaign. Clicking on the message will automatically publish the same link on the victims Facebook wall potentially allowing friends to click on it.

    Malware often takes advantage of the fact that you trust your friends. So, keep an eye on the links and messages from your friends, and if in doubt, ask them they actually sent you something or not.

    The recent malware attacks are just a few examples of the dangers of using the social network Facebook. Stay safe by keeping your browser up-to-date and install operating system updates when they are released. Please ensure you share this news with your Facebook friends to make all of them aware of it.

     

    Complete Online Computer news and Repair

    WWW.CCREPAIRSERVICES.COM