Pre & Post RV Facts

The IQD TeamWords of WarningAnatomy of Con Men Tiers and More

3/5/2013

The IQD Team....Straight Talkin Mike

Words of Warning ~~ The Anatomy of Con Men, Tiers, and so much more

641-715-3900 Pin 354332# 7 Minutes
July 17, 2012 or
http://download3.freeconferencepro.com/rec/1264699943-20120718214725-25252525.wav

641-715-3900 Pin 180911# 15 minutes
July 19, 2012 or

http://download3.freeconferencepro.com/rec/1264699943-20120720225847-52523698.wav

FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped

5/14/2012

The Federal Bureau of Investigation is warning travelers to be on the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.

FBI: Beware Of Malware Installed Via Hotel Networks The Federal Bureau of Investigation is warning travelers to be in the lookout for fake software updates booby trapped with malware that are being pushed through hotel internet connections.

The Seal of the United States Federal Bureau of Investigation. (Photo credit: Wikipedia)

According to the FBI, there has been an increase in instances of travelers’ notebooks being infected with malicious software while using hotel internet connections. While attempting to set up the internet connection in the room, some users have been presented with a pop-up notifying them of an update a widely-used software product.

Accepting the update resulted in malicious software being installed on the notebook.

The FBI’s Internet Crime Complaint Center (ISC3) has offered up some good advice for travelers, including:

Carry out all software updates before traveling.
Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor.
Download software updates direct from the vendor’s website.

In addition to this, I would recommend that all important information — including, but not limited to, emails, documents, IMs and web logins — is sent over secure HTTP or a VPN.

This advisory from the FBI follows a report by Bloomberg which claims that Chinese hackers have stolen private data from as many as 760 firms by hacking into the iBahn broadband and entertainment service offered to guests of hotel chains such as Marriott International Inc.

Firms compromised in this attack are believed to include Research in Motion Ltd. and Boston Scientific Corp., as well as some of the largest corporations and niche innovators in sectors such as aerospace, semiconductors, pharmaceuticals and biotechnology.

By breaking into iBahn’s networks, hackers may have had access to millions of confidential e-mails, even encrypted ones.

Last month, software engineer Justin Watt noticed during a stay at a Marriott International hotel in the U.S. that code was being injected into websites visited via the hotel WiFi in order to push third-party advertisement to users. According to an official statement from Marriott International, this was done “unbeknownst to the hotel”.

While the advertisements served were harmless, it can’t be reassuring to visitors to find that Marriott International didn’t know what was going on with its own network.

SOURCE

THANKS VW

Straight Talkin MikeLooks too good to be TrueFraud Risk Assessment Tests

4/21/2012

Looks too good to be True~~Fraud Risk Assessment Tests
Are you about to be a victim of Fraud?

Looks Too Good to Be True Website:
http://www.lookstoogoodtobetrue.com/about.aspx

TAKE OUR TESTS

Many people aren't sure if they have been or are about to be become a victim of fraud. Take the following risk assessment tests and see if you are a potential victim:

Is your computer Protected?
Is You Child at Risk on Line?
Are you protecting your identity?
Are you safe from Financial Fraud Opportunities?
Are you an unwitting accomplice in Crime?
Are you at Risk to be Scammed Through an Internet Auction?
Authentic or Counterfeit?
Are you the Lucky winner in a sweepstakes or Lottery?

CLICK BELOW FOR TESTS
http://www.lookstoogoodtobetrue.com/tests.aspx

http://www.thestraighttalkexpress.com/1/post/2012/04/looks-too-good-to-be-truefraud-risk-assessment-testsare-you-about-to-be-a-victim-of-fraud.html

Straight Talkin Mike Post~~Internet Crime Prevention Tips

4/21/2012

Internet Crime Prevention Tips

Source

http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-prevention-tips.html

Straight Talkin Mike Post~~Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

4/21/2012

Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)

January 20, 2012

Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

Cyber criminals can damage their victim's computer systems and data by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. By wiping, or "zeroing out," the hard disk drives, which overwrites good data with zeros or other characters, the criminals effectively erase or alter all existing data, greatly impeding restoration. This sort of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Completing network restoration efforts and business damage assessments may also be hampered.

The FBI and DHS encourage businesses and individuals to employ mitigation strategies and best practices such as:

Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
Regularly mirror and maintain an image of critical system files.
Encrypt and secure sensitive information.
Use strong passwords, implement a schedule for changing passwords frequently, and do not reuse passwords for multiple accounts.
Enable network monitoring and logging where feasible.
Be aware of social engineering tactics aimed at obtaining sensitive information.
Securely eliminate sensitive files and data from hard drives when no longer needed or required.
The US-CERT Web page at www.us-cert.gov hosts a wide range of tips, best practices, and threat information for business and home users.

To receive the latest information about cyber schemes, please visit the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes.

If you have been a victim of cyber crime, please file a report with the Internet Crime Complaint Center at www.IC3.gov.

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/joint-fbi-and-dhs-public-service-announcement-best-practices-for-recovery-from-the-malicious-erasure-of-files.html

Straight Talkin Mike Post~~U.S. Law Firms Continue to be the Target of a Counterfeit Check Scheme

4/21/2012

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)
March 12, 2012

U.S. Law Firms Continue to be the Target of a Counterfeit Check Scheme

The IC3 continues to receive reports of counterfeit check schemes targeting U.S. law firms. The scammers contact lawyers via e-mail, claiming to be overseas and requesting legal representation in collecting a debt from third parties located in the U.S. The law firms receive a retainer agreement and a check payable to the law firm. The firm is instructed to deposit the check, take out retainer fees, and wire the remaining funds to banks in China, Korea, Ireland, or Canada. After the funds are wired overseas, the checks are determined to be counterfeit.

In a slight variation of the scheme's execution, the victim law firm receives an e-mail from what appears to be an attorney located in another state requesting assistance for a client. The client needs aid in collecting a debt from a company located in the victim law firm's state. In some cases, the name of the referring attorney and the debtor company used in the e-mail were verified as legitimate entities and were being used as part of the scheme. The law firm receives a signed retainer agreement and a check made payable to the law firm from the alleged debtor. The client instructs the law firm to deposit the check and to wire the funds, minus all fees, to an overseas bank account. The law firm discovers after the funds are wired the check is counterfeit.

Law firms should use caution when engaging in transactions with parties who are handling their business solely via e-mail, particularly those parties claiming to reside overseas. Attorneys who agree to represent a client in circumstances similar to those described above should consider incorporating a provision into their retainer agreement that allows the attorney to hold funds received from a debtor for a sufficient period of time to verify the validity of the check.

If you have been a victim of an internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/-us-law-firms-continue-to-be-the-target-of-a-counterfeit-check-scheme.html

Straight Talkin Mike~~FRAUD ALERT INVOLVING E-MAIL INTRUSIONS TO FACILITATE WIRE TRANSFERS OVERSEAS

4/21/2012

FRAUD ALERT INVOLVING E-MAIL INTRUSIONS TO FACILITATE WIRE TRANSFERS OVERSEAS
Jan. 20, 2012

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/fraud-alert-involving-e-mail-intrusions-to-facilitate-wire-transfers-overseas.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts April 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts April 20, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Investment Scam The IC3 continues to receive complaints involving subjects who have obtained the names and social security numbers of individuals for illegal purposes. Subjects use the information to defraud the U.S. government by electronically submitting a fraudulent tax return for a hefty refund. The prevalence of such complaints mirrors the recent surge in tax fraud cases involving identity theft.

Investment fraud is another scheme with an Internal Revenue Service (IRS) nexus, on which the IC3 has received complaints. Subjects are incorporating the use of bogus IRS documents to perpetrate this scheme. One example of how subjects are using bogus IRS documents to commit investment fraud and steal victims' identities is by the subjects posing as a tax consulting firm. The subjects engage potential victims via telephone and attempt to convince them to sell their underperforming shares in a company. The potential victim is advised to sell their corporate shares, applicable taxes must be paid. Some of the victims were also advised they had to buy other certain shares with their profit. Documents such as share certificates and invoices for federal and state taxes were exchanged via e-mail. After the funds were wired, the subjects became unresponsive to the victim’s inquiries. An open source search also revealed multiple complaints concerning this scheme. It is unknown at this time how the subjects obtained knowledge that the victims actually owned underperforming stocks.

The loss amounts tend to be much higher with investment fraud complaints than in regular identity theft complaints.

Blackhole Exploit Kit 1.2.3 Released Blackhole is currently the most widely purchased exploit pack in the underground market. An exploit pack is a software toolkit that is injected into malicious and/or compromised websites, allowing the attacker to push a variety of exploits targeting vulnerabilities of popular applications like Java and Flash.

On March 25, 2012, the Blackhole Exploit Kit 1.2.3 was released. This kit included the latest critical vulnerability in Java, allowing the bypassing of Java's sandbox environment. Java's sandbox is designed to provide security for downloading and running Java applications, while preventing them access to the hard drive or network. New malware samples appearing in the wild have been highly successful at exploiting this flaw. It is estimated at least 60% of Java users have not yet patched against this latest flaw, CVE-2012-0507.

The table below illustrates the number of vulnerabilities loaded by type and the overall percentage: Exploits Loads Percent of total Java Array 14,982 82.94
PDF LIBTIFF 1,960 10.85
PDF ALL 681 3.77
HCP 173 0.96
MDAC 141 0.78
Flash 126 0.70

Termination of Your Certified Public Accountant (CPA) License Spam Campaign Containing Malware Recently, unsolicited e-mails titled "[BULK] Termination of your CPA license" have been sent to numerous IC3 e-mail accounts. One example of the many e-mail addresses used was support@aicpa.org. The IC3 has also received complaints reporting this spam campaign.

The e-mails were purportedly from The American Institute of Certified Public Accountants concerning a complaint filed against the recipient for filing fraudulent tax refunds for their clients. A link was provided for the recipient to view the complaint. Recipients were advised to provide feedback within a specific period of time and threatened with possible termination of their accountant licenses if they failed to do so.

Analysis conducted by an IC3 Information Technology Specialist found the e-mails were pushing out a Blackhole exploit kit containing a Trojan redirector. It was also determined that the IP addresses used in this campaign have been involved in large volumes of DDoS activity from the same botnet and appear to have originated from Brazil.

Want to Get Paid to Drive Your Own Car? Several complainants reported a scam to the IC3 involving the advertising of a company's logo on their personal vehicle while they go about their normal daily routine. Although legitimate offers exist, those scammed reported to the IC3 that initial contact with the subject was mostly through online ad postings. The posting offered an easy way to earn extra income by allowing businesses to advertise their logo on the complainant's personal vehicle through a vinyl decal or "auto wrap." The fraudsters were using company names such as Coca Cola, Monster Energy drink, Carlsberg beer, Heineken Co., and Red Bull.

Individuals were advised they would be paid an average of $400-$600 per week in exchange for driving around with vinyl advertising signs wrapped around their vehicle. Those interested in participating were asked to provide their contact information and vehicle details. They were promised an up-front payment, which would be sent by check or money order.

The employment offer was, of course, entirely bogus. Those who fell for the scam received a check or money order for more than the promised amount. They were directed to cash it and wire the difference to a third party, who was supposed to be the graphics designer to pay for the cost of the design. The checks and money orders turned out to counterfeit and the criminals, once again, were able to convert fraudulent checks and money orders into untraceable cash, leaving the victim responsible for the bank's losses.

Online Property Rental Scenarios The IC3 continues to receive complaints regarding rental property scams from victims and real estate agencies. Several real estate agencies reported that their listings are being duplicated to perpetrate fraudulent online postings. These postings have been damaging to their companies reputations. These complaints make it evident that there are many who capitalize on people are looking to rent property and attempt to take advantage of those individuals, especially when they are in pressing situations in which they need to find a residence within a short amount of time.

Below are some scenarios of the scheme recently reported to the IC3:

A fraudster posted rental property online. When the prospective renter inquired about the property via e-mail, the fraudster requested detailed personal information, as well as a security deposit of $1000 to hold the home. Payment, in the form of a money order, was requested because of the "online scams." After the deposit was received, the fraudster claimed that he mailed the keys and lease agreement for a hard copy to be signed. Later, the victim received an e-mail from an individual posing as the fraudster's "lawyer" stating a hold had been placed on the package containing the key until the full amount of the first and last month's rent is paid. The victim realized it was a scam after they contacted the realtor who advised the home had been foreclosed.
Another victim also responded via e-mail to an online post advertising a house for rent. The victim was asked to submit an online credit report. The fraudster then provided a link in his e-mail, allowing the victim’s credit report information to be directly accessible to him.
A complainant had inquired about a condo rental advertised online. The complainant was advised to go to the condo and call the fraudster so he could meet her with the keys. Upon placing the call, no one answered. Later, the fraudster provided the complainant an excuse for not being available and requested the deposit be made through an online payment service. After the deposit was made, the complainant realized it was a scam and contacted the online payment service. Upon an investigation, the receiver of the deposit advised they had been defrauded as well and was only acting as the "pay agent" for the true fraudster.
SOURCE http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-complaint-centers-ic3-scam-alerts-april-2012.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts March 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts March 27, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends and new twists to previously-existing cyber scams.

Fraudulent Utility Bill E-mail The IC3 has received over 40 complaints since May 2011 reporting the receipt of an unsolicited e-mail purportedly from a specified utility company. The e-mail stated the recipient had a new bill which needed to be paid, and the bill was attached to the e-mail. The recipient was instructed to click on the attachment to view their bill. The attachment contained a zip file with a computer virus.

The e-mail concluded by stating the recipient received the e-mail message, because he/she receives e-bills from this utility company. Many of the recipients are located in areas of the United States that do not use this utility company as their electric provider.

Businesses Targeted With E-mail Purportedly from the Better Business Bureau (BBB) The IC3 has received several complaints from businesses regarding an e-mail, purportedly from the BBB, which states the BBB has received a complaint from a customer regarding their business. The recipient is asked to review the complaint attached to the e-mail and respond to the BBB. The file attached to the e-mail contains a virus.

In one complaint received by the IC3, a business claimed their computer was infected with a virus after opening the attachment in the e-mail they received. As a result, the business lost nearly $100,000 when fraudsters successfully wired money from the company's bank account after the virus enabled them to capture passwords and other important banking information.

The BBB posted the following alert on December 7, 2011.
http://www.bbb.org/us/article/alert-malicious-complaint-email-claiming-its-from-bbb-30916

ALERT Malicious Complaint E-mail Claiming It's From BBB Better Business Bureau is issuing an urgent SCAM alert cautioning businesses and consumers about an email that looks like it is from BBB, with the subject line "Complaint from your customers." This e-mail is fraudulent; ignore its contents and delete it immediately. If you have already clicked on a link in the e-mail, run a full virus scan of your computer.

The e-mails have return addresses that BBB does not use (one example is riskmanager@bbb.org) and it is signed with the address of the Council of Better Business Bureaus, the national office of the BBB system. The e-mail contains a link to a non-BBB web site. Do NOT click on the link.

BBB is working with law enforcement to determine its source and stop the fraudulent campaign.

This is what the email looks like:

Moving Company Scams The IC3 continues to receive complaints regarding moving company scams. The complaints received at the IC3 do not appear to be linked to each other. There are many individuals who take advantage of those posting moving services on-line, receive an estimate for the service, and hire the company. Scams include the company showing up, and the estimate suddenly doubles or additional fees are added; the counterfeit check scheme, where the victim is selling an item on-line, and the buyer claims a moving company has been hired to pick up the merchandise, and the buyer pays for the merchandise with a check written for more than the price of the merchandise; and after loading and driving away with the customer’s property, the moving company later calls to inform the customer they must pay more if they want to see their belongings again, basically holding the property hostage. Often, even after paying the additional costs, deliveries were late and many of the customers’ items were damaged or missing. Those who refused to pay the additional cost were told they would not receive a refund or their belongings.

Browser Bot Infection What happens when your web browser becomes the "bot?" A look at a current Trojan infection campaign similar to the infamous Zeus malware makes open source web browser users a bit nervous.

The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself. Unfortunately, the kill function is a bit excessive and deletes critical system files, which in turn prevents users from logging in properly.

The way it builds the malicious code into the open source browser is notable, because it uses the design of the browser against itself. In the past, researchers have seen threats create malicious extensions. Users would have to disable that particular add-on, which would eradicate the threat. For this particular piece of malware, this is not the case. Since it is a component, it does not appear as an add-on in the browser's Add-ons Manager in the same manner other extensions and plugins appear. Furthermore, due to the design of the open source browser, the Trojan will be reinstalled every time the browser establishes a connection to the Internet.

HTML Attachments Used to Spread Malware In the last month, security researchers have observed several large spam campaigns with malicious HTML attachments. A 2007 botnet is believed to be behind the spike in these attacks. Traditionally, HTML-based attachments were used for phishing attacks to entice HTML victim to the desired spoofed web page. This current attack vector uses the HTML attachment with malicious javascript to redirect victims to the exploit kit. The exploit kit will then scan the target machine for vulnerabilities that can be exploited to install an information-stealing Trojan.

Source http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-centerscam-alerts-march-2012.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts Feb 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts February 17, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Mystery Shopper Scam To Evaluate Wire Transfer Services The IC3 has recently received over 250 complaints reporting a new twist to the online employment scam. The scam involves individuals who responded to online ads or were contacted via e-mail as a result of their resume being posted on job websites. The perpetrator posed as a research company and requested participants to complete a paid survey regarding services provided at wire transfer locations to improve the effectiveness of the company's money-transfer services.

Complainants were hired and then mailed a cashier's check or money order. They received instructions to cash the check/money order at their local bank, keep a portion as payment, and wire the remaining amount via wire transfer to a designated recipient. Victims were then asked to immediately e-mail their employer with the transfer number, amount wired, recipient's name and address, and the name of the wire transfer location evaluated. Upon sending the information, victims received a questionnaire form regarding their overall wire transfer experience to complete and return. Those who did not promptly follow through with the instructions received threatening e-mails stating if they did not respond within 24 hours, their information would be forwarded to the FBI and they could face 25 years in jail.

Shortly after the transactions, victims were informed by their banks that the checks were counterfeit and were held responsible for reimbursing their banks. Most victims owed their bank over $2,500.

Spam Referencing U.S. Military Members And Gaddafi Criminals continue to explore new avenues to lure victims, most recently by claiming to be a US military contractor, who was performing reconstruction work in Libya. Fraudsters sent unsolicited e-mails claiming that several metal boxes were found in cellars of high-rise buildings built and occupied by Muammar Gaddafi. Each box purportedly contained large sums of money, in addition to guns, armor, bullets, and drugs. The e-mails requested the recipient’s assistance with transferring the money out of Libya. The fraudsters also told the e-mail recipients that they were expected to receive, secure, and protect the boxes until the overseas assignment elapsed and promised the victims a 30 percent profit.

Often times in online scams, once communication with the fraudsters begins, they will request personal information, including but not limited to bank account details, claiming funds are needed to cover various expenses.

Be wary of any unsolicited e-mail, especially those requesting personal information or soliciting the submission of money for any reason. Unsolicited e-mails should not be opened, as they often contain viruses or other malicious software.

Pox Party Online Advertisements Recently, the IC3 received a complaint from an individual reporting an advertisement on a social media site that offered ways to obtain "natural immunity" from the chickenpox by sharing lollipops licked by children infected with the virus. Parents have been known to take their child to a "Pox Party" as an alternative to vaccinating children from varicella, otherwise known as chickenpox, but sending virus-covered lollipops through the mail is against Federal law.

One individual posted a message stating "fresh batch of pox in Nashville shipping of suckers, spit, and Q-tips available tomorrow 50 dollars."

As a disclaimer, the social media site posted the following notice on their page:

"This page has never condoned the mailing of infectious diseases. For our members: The mailing of infectious items, such as lollipops, rags, etc, is a federal offense. This page is not private and can been seen by members and non members alike. You may post on the page that you have the pox and are willing to share in YOUR AREA but please keep your specifics in private messages between members. Again, this page can be seen by anyone and mailing is a federal offense. We are all intelligent adults but these guidelines will help protect your privacy." According to the Center for Disease Control's (CDC) website, www.cdc.gov, chickenpox is spread in the air when an infected person coughs or sneezes. It can also be spread by touching or breathing in the virus particles that come from the chickenpox blisters. The CDC also discourages chickenpox parties because the disease can be serious. Dangerous diseases like hepatitis A and strep can be transmitted via saliva according to the CDC's website. Therefore, not only is the contaminated candy not likely to provide exposure to chickenpox, it could expose children to an entirely different disease.

Source

http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-centerscam-alerts-february-2012.html

Straight Talkin Mike Security Blog

Straight Talkin Mike Post~~INTERNET CRIME COMPLAINT CENTER

4/21/2012

Thanks to Jose from Puerto Rico who shared this great site all about Internet Scam & Crimes. Info on where to report them, how to prevent them, and monthly listings of New Internet Scams and Fraud.

INTERNET CRIME COMPLAINT CENTER (IC3)
(an FBI and the National White Collar Crime Center (NW3C), funded in part by the Bureau of Justice)

INTERNET CRIME COMPLAINT CENTER
Source

INTERNET CRIME SCHEMES

Source
Straight Talkin Mike Computer Security Blog