Pre & Post RV Facts

Scam Alert Reminder of Email Scams to Be Aware of and Tips to Prevent them

9/19/2015

I am very diligent in keeping my computer secure and have a Top Notch Security Guy (Straight Talkin Mike) who handles my Computer Security, HOWEVER, he can NOT handle me clicking on BAD SCAM EMAILS - Only I can do that. I wanted to share that in the last 2 months I almost let my guard down and clicked on 2 emails that would have taken over my computer and possibly my identity. As my business is on-line I can't afford to lose anything.

Below is some information that may help you too. With Christmas coming up, it only gets worse.

I recd this email last night that looks pretty legitimate - purchase at Sears store where I live for $359.00 - since I was not at the store and dont go there very often I knew it was not us - so I was not sure whether someone was scamming me OR maybe they set up an account in my name and charged this. Mainly because my Business was a victim of Identity Theft (that is a whole story in itself) under the email address they sent to me. A good way to tell if your emails are scam is below

#1 NEVER CLICK ON ANY LINKS. CALL THEM DIRECTLY

#2 If you take your mouse and HOVER over one of the links and it is not who it is coming from IT IS A SCAM. In my case, since it was coming from Sears it should have been SEARS.COM
In the case below it is SEASR.RSYS4.NET Guys that is Russia
It is a total scam. Delete the email and do not click on anything.

This is a good video to watch for other ways to tell if they are scams but does not include my example above.

Scam Detectors

Receipt invoice scam
How the scam works:

(with video below) You receive an e-mail from a big chain store that you purchase groceries from on a regular basis (eg. Walmart, Superstore, etc). “We are now happy to offer online your last receipt. Please find it attached to this e-mail. Thank you for shopping with us”.

Most likely the attachment will be a Zip. file, that will contain a virus, keystroke logger, or malware. Look at the domain name of the sender’s e-mail. Is it the store’s name.com or does it have extra letters and numbers (bestbuy.com or bestbuy529a5.com)?

Wtach the video below to see en explanation of this scam, as featured in the news.

Receipts Sent by Email Scam Video Below
How to avoid:

Never open attachments from unknown senders.

Make your friends and family aware of this scam by sharing it.

Dont fall for email scams

Published on Apr 14, 2014
Phishing emails try to get you to click on links that take you to fake websites - or open attachments that will do bad things. Look out for the telltale signs of a scam email.

Lastly I have several Books on Computer Security but love the Computer Security for Dummies, ID theft for Dummies..... If you are interested, here is a link for some books.

Amazon Book Link for Computer Security

Hope that helps someone out there NOT lose everything on their computer.

Have an incredible day

Five Travel Scams Of The Week

7/20/2014

Five Travel Scams Of The Week

Posted by Stu Sjouwerman on Mon, Jul 14, 2014 @ 11:33 AM

It's summer and a lot of people are on the road, but some of your employees are always traveling for business, and often these are management-level people with access to lots of confidential data.

These days, you can’t travel on either business or vacation and let your electronic guard down. Here are a few popular scams they need to watch out for. Send this to all employees that might benefit and and protect your network at the same time:

1) Fake Free Wi-Fi Network that you find when you look for access to your business account. It has the hotel's name, but the scammers are listening in on the (company confidential) traffic. Verify with the hotel before logon on "free Hotel Wi-Fi".

2) Fake Software Update where a traveler attempting to set up a hotel internet connection sees an "Update-popup" for a popular software product. Click on it and malware installs. Always update laptops before you leave and never update while you travel.

3) Pizza Delivery Scam where you find a flyer slipped under your hotel door. When you call to order, they take your card data but never deliver because the flyer was a scam. Get food recommendations from the concierge!

4) An ATM Security Team is warning about new ATM skimmers that are almost impossible to detect with the naked eye. Thanks to a slimmed-down profile, the devices sit within the throat of an ATM card slot, capturing data when a traveler slides their card inside. A spy camera then tapes the customer as they enter their PIN number on the keypad. Especially when on the road, COVER YOUR HAND WHEN TYPING IN THE PIN!

5) Late Night Hotel Front Desk Call where you get a call alerting you there is a problem with your credit card and please verify the number. Except it's a scammer who now has your number or perhaps just skimmed your card at the ATM and needs some more info to make a fake duplicate card so they can grab the maximum cash. Especially when you travel, never give out credit card information if you did not initiate the call!

http://blog.knowbe4.com/bid/391662/Five-Travel-Scams-Of-The-Week

The IQD TeamWords of WarningAnatomy of Con Men Tiers and More

3/5/2013

The IQD Team....Straight Talkin Mike

Words of Warning ~~ The Anatomy of Con Men, Tiers, and so much more

641-715-3900 Pin 354332# 7 Minutes
July 17, 2012 or
http://download3.freeconferencepro.com/rec/1264699943-20120718214725-25252525.wav

641-715-3900 Pin 180911# 15 minutes
July 19, 2012 or

http://download3.freeconferencepro.com/rec/1264699943-20120720225847-52523698.wav

Spokeo~~Instructions on How to Remove Your Information

3/3/2013

SPOKEO
Instructions on How to Remove Your Information

http://www.spokeo.com/

Enter Name OR Phone # or email address (don't forget to check your cell, your home, etc)

IF it shows up....click on the link address at the top of the page and copy it

Go to the bottom of the page and Click on Privacy or click here http://www.spokeo.com/privacy

Scroll to the bottom of the page and insert the url you copied

Then enter your email address (make sure it is NOT your main email address or this will just happen again)

Then enter Code

Click on Remove Listing

Go to your email for further instructions....you must click on the link to finish the process

ABOUT SPOKEO

Spokeo is a leading people search engine. We aggregate vast quantities of public data and organize the information into attractive and easy-to-follow profiles.

You can search for anyone using: Unlike other people search sites, Spokeo merges “real life” information (address, email address, marital status, etc.) with social network data (Facebook profiles, Twitter feeds, etc.) providing you with a profile that is among the most comprehensive profiles available on the Web.

Spokeo was founded in 2006 by Harrison Tang and a couple of his classmates at Stanford University. Working out of their parents’ basement, they developed a technology to better keep up with their friends online. Spokeo has since grown to become a leading solution to America’s connectivity needs. Our mission is to help people find, learn about, and connect with others more easily than ever.

Spokeo Privacy – Get the Scoop from the Source
http://www.spokeo.com/blog/2011/01/spokeo-privacy-get-scoop-from-source/

Bank Packages Warning~~Mr Bentley

7/3/2012

Thanks to several of you who forwarded this to us.....We thought is was good enough to post as an additional warning

PLEASE READ.......

I have replaced our normal chat comments today with this post – an excellent read and thanks Mr. Bentley!!

I left this warning in the Blog one more day – IT’S THAT IMPORTANT!! Be very careful about who you allow to have your personal information. It will be out in open (soon) as to who are the main actors at the core of these “bank package schemes” are – it’s not the Guru’s you know and love – it’s possible they are being DUPED as well (best case). You will be furious when the truth comes out.

I have been hearing about, “Bank Deals” for months and months. Every “deal” I’ve checked out, was a hoax. I know bankers and bank procedures pretty well. I have 9 bank accounts with 4 different banks. I have been in business for myself most of my life and currently own two businesses. The bank Presidents I speak to say, “we won’t know anything in the local banks, until the final button is pushed”. Even the Regional Banks do not know for sure because this thing has changed so many times. They are sick and tired of the questions and have quit giving out any information.

A few “whales” have negotiated some fringe benefits or side deals based on the movement of additional large Commercial Loans or other hefty deposits, financing projects, etc. in conjunction with their exchange, but he’s going to get the same “exchange rate” as any other client at that bank. What do you think would happen if one “minnow” like you or me, ratted a bank out for giving a “whale” a better International Currency Exchange Rate than us common folk?

I just happened to be in Tampa at the time all the Wells Fargo “Yuppies” were there getting training on the Da La Rue machines and “currency exchange” procedures” so I know for a fact, they were there. They didn’t send all those people there for milk, some fig newtons and a fire-side pep rally on housing foreclosures….but nothing came about. Why? because they are on the same merry-go-round we are on. Its the “Pump-go-round” at the “Misconception Circus”. They thought is was about to happen and perhaps it really was set to happen. Just like the other 50 times it should have happened this year….and didn’t).

I was asked the other day, “are you keeping up with all the bank deals?” I said, “I sure am”! ” I want to make certain I don’t go to any of them!” I think the latest deal out there reads something like….”call us, give us your info so you will be the first to cash in at a rate no one else will get”. That’s B.S.! (B.S. is a Baptist term for…”Better Sleep-on-it”) .

Take a time out and ask your common sense to sit with you for a moment and just talk. (You know, like you used to before he left about a year ago for parts unknown). Give someone your name, address, and other vital information probably including how much Dinar you have….and they will put you on their list. Really? What list? the “priority list of scam targets”? You might as well send them your Dinar to hold for you while you are out getting that bullseye tattooed on your forehead!

I’m not saying that everyone offering a “Bank Deal” is crooked. Or that there may not be some type of legitimate, “deal” of some sort for a group. But I DO NOT BELIEVE that banks have the luxury of offering the next person in line a different exchange rate that the man with the suitcase in front of him. There may be fringe benefits based on the length of time the deposits must remain in the bank, etc. But, I believe the actual “exchange rate” must be the same.

We have been told that here are some pretty heavy hitters that have already been “taken” and some who were very close to being taken in scams represented as a, “bank deal”. Some are still shaking from the experience.
Lets just check the list of things that would have to happen….

* First, you need to find someone you know and trust personally, who’s integrity is beyond question, and that you would be willing to trust with your entire estate. (there are some out there, but ya gotta look hard).

* Next: he needs to have an “in” with a banker that you don’t have and cannot get.

* Then: that banker needs to have the same compassionate heart and pure motive that your friend has and is willing to work on something special, just for you.

* Next: The Banker has to have an “in” in Upper Management who is willing to risk his/her job to leak info the branch grunts on the front line..

* And: Upper Management has to have an “in” somewhere where information is totally accurate so they can make a deal for the future that they can commit to and live with…by-the-way, where the heck is that place?

* Finally, ask yourself… am I really that lucky?

I don’t want to be a wet blanket but - C’MON people!! You need to start thinking or you are going to be poorer than you were before this thing ever started.

Don’t share any information about yourself, your plans or the amount of Dinar you have. DO YOUR OWN RESEARCH, make your deal and live with it. that is not to say, don’t get help from professional’s when the time comes, Just quit depending on someone else to make your initial deal(s) for you. You were smart enough to invest in this, be smart enough to protect it. Then, get tax and investment counsel from the people you can now afford to hire! Make your own deal. Tailor it to your specific needs

Unfortunately, the ones who will get hurt the worst on this “exchange” are the same ones that have never researched a thing. They just read, complain, listen to CC’s and comment on those that do. And when they get hurt, they will blame the lousy advise and incorrect information they got in the “Chat rooms, blogs and Guru’s”.

I quit giving out advise on the Dinar a couple years ago when it suddenly dawned on me that I was setting myself up as a “professional Dinar advisor”. BUT JUST FOR YOU GUYS, I WILL COME OUT OF THAT CLOSET ONE MORE TIME AND GIVE YOU THE BEST ADVISE YOU WILL EVER GET – GUARANTEED! … Don’t take too much advice!!!
…even mine!

Mr. Bentley
Footnote: Mr. Bentley is a close personal friend with significant banking, currency and overseas contacts. He is “the real McCoy” – unlike some of the other “enigmas” out there.

Straight Talkin Mike~~Cyber bank robbers attempt billion-dollar heist, targeting your money

6/27/2012

MORE FROM STRAIGHT TALKIN MIKE...

Cyber bank robbers attempt billion-dollar heist, targeting your money

By John R. Quain

Personal Tech

Published June 26, 2012

FoxNews.com

The next Internet billionaires won’t be pushing social-networking apps. They’ll be breaking into your bank accounts.

An organized global cyber crimewave has been underway for months, according to a report released today from security firms McAfee and Guardian Analytics, attacking banks in Columbia, Germany, Italy, the Netherlands, the United Kingdom and the U.S.

A total of roughly $78 million was successfully siphoned out of bank accounts, according to researchers, with a potential total of $2 billion attempted. (Banks are understandably loathe to reveal losses and due to additional security concerns have not been identified.)

Analysts at the firms report that these thefts represent a new generation of attacks running off of hijacked servers that can be frequently changed to avoid detection and completely automated so that thousands of customer accounts can be broken into without even raising the owners’ suspicion.

By adapting two types of malware designed to steal passwords — known as Zeus and SpyEye — hackers can now invisibly record login information and add additional requests for information on what appear to be valid online banking pages. They can even intercept secondary, one-time only passwords, and then put the user on hold while they login and transfer funds to criminal accounts. After the transfer is complete, the software can even post false balances so that the victim is unaware of the theft until it is too late.

What is different about these new attacks is their high level of automation. It allows organized cyberattacks that can drain just a few dollars from multiple accounts without any intervention by the crooks. Furthermore, according to McAfee, the criminals look for large account balances — hence the researchers dubbed the crime spree “Operation High Roller.” In at least one case, the criminals made off with $130,000 from a single account.

The moral of this latest cyberscare story is that you cannot rely on your bank or financial institution to protect your money. In many cases, the financial institution’s profits are sufficiently high and the investment in additional computer security measures considered too expensive to prevent many of these attacks. As some analysts have told me, it’s considered part of the cost of doing business. Just make sure it isn’t your cost of doing business online.

First, you have to run some sort of anti-virus software. There are free basic versions out there from the likes of Avast, AVG, and BitDefender. Many of these monitor new threats and will warn you about suspicious Web pages.

Second, never, ever, ever open a link in an “official” e-mail message you receive. This is the primary way criminals lead thousands of users astray every day. If you get a message from your bank, open a separate browser and type in the URL that you usually use. It’s the only way to avoid being led astray.

Third, update your software: in particular the Web browser you’re using and Sun’s Java and Adobe’s Reader software (for opening PDFs). These programs are the favorite targets of hackers and new exploits are uncovered every week. Keeping them updated can often prevent so-called iFrame hacks that may compromise legitimate Web sites and secretly install malware on your computer. So instead of watching that Tree Girl video, check for updates whenever you have a spare moment

The computer security threats are clearly endemic, prompting the head of Britain’s spy agency, Jonathan Evans of MI5, to coincidentally come out this week to warn that the level of cyber attacks is now “astonishing.” Evans warned that the scale of such threats has now reached “industrial-scale” proportions.

So it’s no longer a matter of paranoia to check your software and Web surfing habits. It’s a matter of common sense.

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/06/cyber-bank-robbers-attempt-billion-dollar-heist-targeting-your-money1.html

Straight Talkin MikeAlertFraud Ring In Hacking Attack On 60 Banks

6/27/2012

From Straight Talkin Mike....ALERT

Fraud Ring In Hacking Attack On 60 Banks

Some 60m euro is stolen from bank accounts in a massive cyber raid, after fraudsters raid dozens of banks around the world.

7:16am UK, Wednesday 27 June 2012 Video: McAfee: Biggest Cyber Bank Robbery In History

By Pete Norman, Sky News Online

Sixty million euro has been stolen from bank accounts in a massive cyber bank raid after fraudsters raided dozens of financial institutions around the world.

According to a joint report by software security firm McAfee and Guardian Analytics, more than 60 firms have suffered from what it has called an "insider level of understanding".

"The fraudsters' objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research - Operation High Roller," the report said.

"If all of the attempted fraud campaigns were as successful as the Netherlands example we describe in this report, the total attempted fraud could be as high as 2bn euro (£1.6bn)."

The automated malicious software programme was discovered to use servers to process thousands of attempted thefts from both commercial firms and private individuals.

The stolen money was then sent to so-called mule accounts in caches of a few hundreds and 100,000 euro (£80,000) at a time.

Credit unions, large multinational banks and regional banks have all been attacked.

Sky News defence and security editor Sam Kiley said: "It does include British financial institutions and has jumped over to North America and South America.

"What they have done differently from routine attacks is that they have got into the bank servers and constructed software that is automated.

"It can get around some of the mechanisms that alert the banking system to abnormal activity."

The details of the global fraud come just a day after the MI5 boss warned of the new cyber security threat to UK business.

McAfee researchers have been able to track the global fraud, which still continues, across countries and continents.

"They have identified 60 different servers, many of them in Russia, and they have identified one alone that has been used to steal 60m euro," Kiley said.

"There are dozens of servers still grinding away at this fraud – in effect stealing money."

http://www.thestraighttalkexpress.com/1/post/2012/06/-fraud-ring-in-hacking-attack-on-60-banks.html

SOURCE

Straight Talkin Mike~~LinkedIn users targeted in phishing scam after hack

6/7/2012

7 June 2012

LinkedIn users targeted in phishing scam after hack

Convincingly-designed emails like these have been sent to LinkedIn users

LinkedIn users have been targeted by email scams after hackers leaked more than six million user passwords online.

Emails designed to look like they were sent by the social-network website asked users to "confirm" their email address by clicking a link.

However, the link took unsuspecting recipients to a site selling counterfeit drugs.

Dating website e-Harmony has also admitted that a "small fraction" of its users' passwords have been leaked.

Approximately 1.5 million passwords from the US-based relationship site were posted online, reported Ars Technica.

The company said on its blog that it had reset the passwords of the affected users, who would receive an email with instructions on how to set new passwords.

On Wednesday it was revealed that 6.4 million passwords from LinkedIn had been posted on a Russian web forum, along with a message encouraging other hackers to help decrypt the "hashed" data.

Affected LinkedIn users have been told they will receive instructions in an email - but not with a link - on how to change their details.

HOW TO CHANGE YOUR LINKEDIN PASSWORD

Security experts have advised users to change their passwords on LinkedIn. Here's how: First, visit www.linkedin.com, and log in with your details

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," said LinkedIn director Vicente Silveira, confirming that a breach had occurred.

He added: "These members will also receive an email from LinkedIn with instructions on how to reset their passwords.

"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords."

However, Ant Allen, from analyst firm Gartner, said LinkedIn must do more to inform their members about the situation.

"I'd really like to see a clearer statement from them on their front page," he told the BBC.

"A statement that they were taking steps to minimise the risks of passwords being exposed in the future and the risks to users if passwords were exposed would do a lot to reassure people. Simply saying, 'we need you to reset your password as a security precaution' is not enough."

Final tally 'higher' Security analyst Imperva said it believed the breach was larger than had been acknowledged, as the list did not duplicate individual passwords, even though many were likely to have been used by more than one user.

"The list doesn't reveal how many times a password was used by the consumers," the company said.

"This means that a single entry in this list can be used by more than one person. For reference, in the [social network] RockYou hack the 5,000 most popular passwords were used by a share of 20% of the users. We believe that to be the case here as well, another indicator that the breach size exceeds 6.5m."

The password breach came just hours after the company admitted it had updated its mobile apps due to a privacy flaw.

In a blog post, Skycure Security said the the mobile app was sending unencrypted calendar entries to LinkedIn servers without users' knowledge.

In response LinkedIn said it would "no longer send data from the meeting notes section of your calendar".

Source

Straight Talk Express~~Identity Theft~Here’s How Your Identity Will Be Stolen: The Top 10 ScamsI

4/28/2012

Identity Theft

Here’s How Your Identity Will Be Stolen: The Top 10 Scams

By Martha C. White | April 5, 2012

ID Theft

From Straight Talkin Mike
Source

http://moneyland.time.com/2012/04/17/10-ways-youre-going-to-get-your-identity-stolen/#1-phishing#ixzz1tLJE1xqR

FAKE CHECKS~~Scams & Frauds Tests & Prevention

4/22/2012

Another Great Site to Check about Scams and Frauds and How to Prevent you from being taken...

FAKE CHECKS.ORG

Scams

Foreign Business Offers
Love Losses
Overpayments
Rental Schemes
Sudden Riches
Work-at-Home

http://www.fakechecks.org/prevention.html

Take the Fraud Tests

http://www.fakechecks.org/fraudtest.html

FAQ'S

What is a fake check scam?
What are the warning signs?
What are the most common types of fake check scams?
How do I know if it’s true that I’ve been selected for a cash grant?
How can I tell if it’s a legitimate mystery shopper opportunity?
How can I tell if a check or money order is counterfeit?
How do the scammers find victims?
If I can get the cash, doesn't that mean the check or money order is good?
Why can’t my bank, credit union, or check cashing service tell if the check or money order is good?

Why do the scammers want cash to be sent using a money transfer service?
How much could I lose in a fake check scam?
How can I prevent becoming a victim?
What if I deposited or cashed the check or money order but haven’t sent the cash yet?
What if I have already sent the cash?
What are law enforcement agencies doing?
What are the Web sites that scammers use to find victims doing?
What are financial institutions and money transfer and delivery services doing?
What are legitimate sweepstakes companies doing?
What can I do?
What are some other popular scams?

http://www.fakechecks.org/prevention-faqs09.html

Tips On Avoiding Fraudulent Charitable Contribution Schemes

4/22/2012

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)

March 11, 2011

Tips On Avoiding Fraudulent Charitable Contribution Schemes

Recently several natural disasters, including tornadoes, floods, and earthquakes, have devastated lives and property. In the wake of these events that have caused emotional distress and great monetary loss to numerous victims, individuals across the nation often feel a desire to help these victims, frequently through monetary donations.

These disasters prompt individuals with criminal intent to solicit contributions purportedly for a charitable organization or a good cause. Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:

Do not respond to unsolicited (SPAM) e-mail.
Be skeptical of individuals representing themselves as officials soliciting via e-mail for donations.
Do not click on links contained within an unsolicited e-mail.
Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf.
Validate the legitimacy of the organization by directly accessing the recognized charity or aid organization's website rather than following an alleged link to the site.
Attempt to verify the legitimacy of the non-profit status of the organization by using various Internet-based resources, which also may assist in confirming the actual existence of the organization.
Do not provide personal or financial information to anyone who solicits contributions: providing such information may compromise your identity and make you vulnerable to identity theft.

To obtain more information on charitable contribution schemes and other types of online schemes, visit www.LooksTooGoodToBeTrue.com.

If you believe you have been a victim of a charity related scheme, contact the National Center for Disaster Fraud by telephone at (866) 720-5721, or by fax at (225) 334-4707, or by e-mail at disaster@leo.gov.1 You can also report suspicious e-mail solicitations or fraudulent websites to the Internet Crime Complaint Center at www.IC3.gov.

1 National Center for Disaster Fraud (NCDF) was originally established by the Department of Justice to investigate, prosecute, and deter fraud in the wake of Hurricane Katrina. Its mission has expanded to include suspected fraud from any natural or man-made disaster. More than 20 federal agencies, including the FBI, participate in the NCDF, allowing it to act as a centralized clearinghouse of information related to relief fraud.

http://www.ic3.gov/media/2011/110311.aspx

Straight Talkin MikeLooks too good to be TrueFraud Risk Assessment Tests

4/21/2012

Looks too good to be True~~Fraud Risk Assessment Tests
Are you about to be a victim of Fraud?

Looks Too Good to Be True Website:
http://www.lookstoogoodtobetrue.com/about.aspx

TAKE OUR TESTS

Many people aren't sure if they have been or are about to be become a victim of fraud. Take the following risk assessment tests and see if you are a potential victim:

Is your computer Protected?
Is You Child at Risk on Line?
Are you protecting your identity?
Are you safe from Financial Fraud Opportunities?
Are you an unwitting accomplice in Crime?
Are you at Risk to be Scammed Through an Internet Auction?
Authentic or Counterfeit?
Are you the Lucky winner in a sweepstakes or Lottery?

CLICK BELOW FOR TESTS
http://www.lookstoogoodtobetrue.com/tests.aspx

http://www.thestraighttalkexpress.com/1/post/2012/04/looks-too-good-to-be-truefraud-risk-assessment-testsare-you-about-to-be-a-victim-of-fraud.html

Straight Talkin Mike Post~~Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

4/21/2012

Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)

January 20, 2012

Joint FBI and DHS Public Service Announcement: Best Practices For Recovery From the Malicious Erasure of Files

Cyber criminals can damage their victim's computer systems and data by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. By wiping, or "zeroing out," the hard disk drives, which overwrites good data with zeros or other characters, the criminals effectively erase or alter all existing data, greatly impeding restoration. This sort of criminal activity makes it difficult to determine whether criminals merely accessed the network, stole information, or altered network access and configuration files. Completing network restoration efforts and business damage assessments may also be hampered.

The FBI and DHS encourage businesses and individuals to employ mitigation strategies and best practices such as:

Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
Regularly mirror and maintain an image of critical system files.
Encrypt and secure sensitive information.
Use strong passwords, implement a schedule for changing passwords frequently, and do not reuse passwords for multiple accounts.
Enable network monitoring and logging where feasible.
Be aware of social engineering tactics aimed at obtaining sensitive information.
Securely eliminate sensitive files and data from hard drives when no longer needed or required.
The US-CERT Web page at www.us-cert.gov hosts a wide range of tips, best practices, and threat information for business and home users.

To receive the latest information about cyber schemes, please visit the FBI Web site and sign up for e-mail alerts by clicking on one of the red envelopes.

If you have been a victim of cyber crime, please file a report with the Internet Crime Complaint Center at www.IC3.gov.

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/joint-fbi-and-dhs-public-service-announcement-best-practices-for-recovery-from-the-malicious-erasure-of-files.html

Straight Talkin Mike Post~~U.S. Law Firms Continue to be the Target of a Counterfeit Check Scheme

4/21/2012

Intelligence Note

Prepared by the Internet Crime Complaint Center (IC3)
March 12, 2012

U.S. Law Firms Continue to be the Target of a Counterfeit Check Scheme

The IC3 continues to receive reports of counterfeit check schemes targeting U.S. law firms. The scammers contact lawyers via e-mail, claiming to be overseas and requesting legal representation in collecting a debt from third parties located in the U.S. The law firms receive a retainer agreement and a check payable to the law firm. The firm is instructed to deposit the check, take out retainer fees, and wire the remaining funds to banks in China, Korea, Ireland, or Canada. After the funds are wired overseas, the checks are determined to be counterfeit.

In a slight variation of the scheme's execution, the victim law firm receives an e-mail from what appears to be an attorney located in another state requesting assistance for a client. The client needs aid in collecting a debt from a company located in the victim law firm's state. In some cases, the name of the referring attorney and the debtor company used in the e-mail were verified as legitimate entities and were being used as part of the scheme. The law firm receives a signed retainer agreement and a check made payable to the law firm from the alleged debtor. The client instructs the law firm to deposit the check and to wire the funds, minus all fees, to an overseas bank account. The law firm discovers after the funds are wired the check is counterfeit.

Law firms should use caution when engaging in transactions with parties who are handling their business solely via e-mail, particularly those parties claiming to reside overseas. Attorneys who agree to represent a client in circumstances similar to those described above should consider incorporating a provision into their retainer agreement that allows the attorney to hold funds received from a debtor for a sufficient period of time to verify the validity of the check.

If you have been a victim of an internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at www.IC3.gov.

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/-us-law-firms-continue-to-be-the-target-of-a-counterfeit-check-scheme.html

Straight Talkin Mike~~FRAUD ALERT INVOLVING E-MAIL INTRUSIONS TO FACILITATE WIRE TRANSFERS OVERSEAS

4/21/2012

FRAUD ALERT INVOLVING E-MAIL INTRUSIONS TO FACILITATE WIRE TRANSFERS OVERSEAS
Jan. 20, 2012

SOURCE

http://www.thestraighttalkexpress.com/1/post/2012/04/fraud-alert-involving-e-mail-intrusions-to-facilitate-wire-transfers-overseas.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts April 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts April 20, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Investment Scam The IC3 continues to receive complaints involving subjects who have obtained the names and social security numbers of individuals for illegal purposes. Subjects use the information to defraud the U.S. government by electronically submitting a fraudulent tax return for a hefty refund. The prevalence of such complaints mirrors the recent surge in tax fraud cases involving identity theft.

Investment fraud is another scheme with an Internal Revenue Service (IRS) nexus, on which the IC3 has received complaints. Subjects are incorporating the use of bogus IRS documents to perpetrate this scheme. One example of how subjects are using bogus IRS documents to commit investment fraud and steal victims' identities is by the subjects posing as a tax consulting firm. The subjects engage potential victims via telephone and attempt to convince them to sell their underperforming shares in a company. The potential victim is advised to sell their corporate shares, applicable taxes must be paid. Some of the victims were also advised they had to buy other certain shares with their profit. Documents such as share certificates and invoices for federal and state taxes were exchanged via e-mail. After the funds were wired, the subjects became unresponsive to the victim’s inquiries. An open source search also revealed multiple complaints concerning this scheme. It is unknown at this time how the subjects obtained knowledge that the victims actually owned underperforming stocks.

The loss amounts tend to be much higher with investment fraud complaints than in regular identity theft complaints.

Blackhole Exploit Kit 1.2.3 Released Blackhole is currently the most widely purchased exploit pack in the underground market. An exploit pack is a software toolkit that is injected into malicious and/or compromised websites, allowing the attacker to push a variety of exploits targeting vulnerabilities of popular applications like Java and Flash.

On March 25, 2012, the Blackhole Exploit Kit 1.2.3 was released. This kit included the latest critical vulnerability in Java, allowing the bypassing of Java's sandbox environment. Java's sandbox is designed to provide security for downloading and running Java applications, while preventing them access to the hard drive or network. New malware samples appearing in the wild have been highly successful at exploiting this flaw. It is estimated at least 60% of Java users have not yet patched against this latest flaw, CVE-2012-0507.

The table below illustrates the number of vulnerabilities loaded by type and the overall percentage: Exploits Loads Percent of total Java Array 14,982 82.94
PDF LIBTIFF 1,960 10.85
PDF ALL 681 3.77
HCP 173 0.96
MDAC 141 0.78
Flash 126 0.70

Termination of Your Certified Public Accountant (CPA) License Spam Campaign Containing Malware Recently, unsolicited e-mails titled "[BULK] Termination of your CPA license" have been sent to numerous IC3 e-mail accounts. One example of the many e-mail addresses used was support@aicpa.org. The IC3 has also received complaints reporting this spam campaign.

The e-mails were purportedly from The American Institute of Certified Public Accountants concerning a complaint filed against the recipient for filing fraudulent tax refunds for their clients. A link was provided for the recipient to view the complaint. Recipients were advised to provide feedback within a specific period of time and threatened with possible termination of their accountant licenses if they failed to do so.

Analysis conducted by an IC3 Information Technology Specialist found the e-mails were pushing out a Blackhole exploit kit containing a Trojan redirector. It was also determined that the IP addresses used in this campaign have been involved in large volumes of DDoS activity from the same botnet and appear to have originated from Brazil.

Want to Get Paid to Drive Your Own Car? Several complainants reported a scam to the IC3 involving the advertising of a company's logo on their personal vehicle while they go about their normal daily routine. Although legitimate offers exist, those scammed reported to the IC3 that initial contact with the subject was mostly through online ad postings. The posting offered an easy way to earn extra income by allowing businesses to advertise their logo on the complainant's personal vehicle through a vinyl decal or "auto wrap." The fraudsters were using company names such as Coca Cola, Monster Energy drink, Carlsberg beer, Heineken Co., and Red Bull.

Individuals were advised they would be paid an average of $400-$600 per week in exchange for driving around with vinyl advertising signs wrapped around their vehicle. Those interested in participating were asked to provide their contact information and vehicle details. They were promised an up-front payment, which would be sent by check or money order.

The employment offer was, of course, entirely bogus. Those who fell for the scam received a check or money order for more than the promised amount. They were directed to cash it and wire the difference to a third party, who was supposed to be the graphics designer to pay for the cost of the design. The checks and money orders turned out to counterfeit and the criminals, once again, were able to convert fraudulent checks and money orders into untraceable cash, leaving the victim responsible for the bank's losses.

Online Property Rental Scenarios The IC3 continues to receive complaints regarding rental property scams from victims and real estate agencies. Several real estate agencies reported that their listings are being duplicated to perpetrate fraudulent online postings. These postings have been damaging to their companies reputations. These complaints make it evident that there are many who capitalize on people are looking to rent property and attempt to take advantage of those individuals, especially when they are in pressing situations in which they need to find a residence within a short amount of time.

Below are some scenarios of the scheme recently reported to the IC3:

A fraudster posted rental property online. When the prospective renter inquired about the property via e-mail, the fraudster requested detailed personal information, as well as a security deposit of $1000 to hold the home. Payment, in the form of a money order, was requested because of the "online scams." After the deposit was received, the fraudster claimed that he mailed the keys and lease agreement for a hard copy to be signed. Later, the victim received an e-mail from an individual posing as the fraudster's "lawyer" stating a hold had been placed on the package containing the key until the full amount of the first and last month's rent is paid. The victim realized it was a scam after they contacted the realtor who advised the home had been foreclosed.
Another victim also responded via e-mail to an online post advertising a house for rent. The victim was asked to submit an online credit report. The fraudster then provided a link in his e-mail, allowing the victim’s credit report information to be directly accessible to him.
A complainant had inquired about a condo rental advertised online. The complainant was advised to go to the condo and call the fraudster so he could meet her with the keys. Upon placing the call, no one answered. Later, the fraudster provided the complainant an excuse for not being available and requested the deposit be made through an online payment service. After the deposit was made, the complainant realized it was a scam and contacted the online payment service. Upon an investigation, the receiver of the deposit advised they had been defrauded as well and was only acting as the "pay agent" for the true fraudster.
SOURCE http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-complaint-centers-ic3-scam-alerts-april-2012.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts March 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts March 27, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends and new twists to previously-existing cyber scams.

Fraudulent Utility Bill E-mail The IC3 has received over 40 complaints since May 2011 reporting the receipt of an unsolicited e-mail purportedly from a specified utility company. The e-mail stated the recipient had a new bill which needed to be paid, and the bill was attached to the e-mail. The recipient was instructed to click on the attachment to view their bill. The attachment contained a zip file with a computer virus.

The e-mail concluded by stating the recipient received the e-mail message, because he/she receives e-bills from this utility company. Many of the recipients are located in areas of the United States that do not use this utility company as their electric provider.

Businesses Targeted With E-mail Purportedly from the Better Business Bureau (BBB) The IC3 has received several complaints from businesses regarding an e-mail, purportedly from the BBB, which states the BBB has received a complaint from a customer regarding their business. The recipient is asked to review the complaint attached to the e-mail and respond to the BBB. The file attached to the e-mail contains a virus.

In one complaint received by the IC3, a business claimed their computer was infected with a virus after opening the attachment in the e-mail they received. As a result, the business lost nearly $100,000 when fraudsters successfully wired money from the company's bank account after the virus enabled them to capture passwords and other important banking information.

The BBB posted the following alert on December 7, 2011.
http://www.bbb.org/us/article/alert-malicious-complaint-email-claiming-its-from-bbb-30916

ALERT Malicious Complaint E-mail Claiming It's From BBB Better Business Bureau is issuing an urgent SCAM alert cautioning businesses and consumers about an email that looks like it is from BBB, with the subject line "Complaint from your customers." This e-mail is fraudulent; ignore its contents and delete it immediately. If you have already clicked on a link in the e-mail, run a full virus scan of your computer.

The e-mails have return addresses that BBB does not use (one example is riskmanager@bbb.org) and it is signed with the address of the Council of Better Business Bureaus, the national office of the BBB system. The e-mail contains a link to a non-BBB web site. Do NOT click on the link.

BBB is working with law enforcement to determine its source and stop the fraudulent campaign.

This is what the email looks like:

Moving Company Scams The IC3 continues to receive complaints regarding moving company scams. The complaints received at the IC3 do not appear to be linked to each other. There are many individuals who take advantage of those posting moving services on-line, receive an estimate for the service, and hire the company. Scams include the company showing up, and the estimate suddenly doubles or additional fees are added; the counterfeit check scheme, where the victim is selling an item on-line, and the buyer claims a moving company has been hired to pick up the merchandise, and the buyer pays for the merchandise with a check written for more than the price of the merchandise; and after loading and driving away with the customer’s property, the moving company later calls to inform the customer they must pay more if they want to see their belongings again, basically holding the property hostage. Often, even after paying the additional costs, deliveries were late and many of the customers’ items were damaged or missing. Those who refused to pay the additional cost were told they would not receive a refund or their belongings.

Browser Bot Infection What happens when your web browser becomes the "bot?" A look at a current Trojan infection campaign similar to the infamous Zeus malware makes open source web browser users a bit nervous.

The open source browser can now function like a bot and accept commands. It can process the content of the current page where it is located, redirect the user, halt the loading of particular pages, steal passwords, run executables, and even kill itself. Unfortunately, the kill function is a bit excessive and deletes critical system files, which in turn prevents users from logging in properly.

The way it builds the malicious code into the open source browser is notable, because it uses the design of the browser against itself. In the past, researchers have seen threats create malicious extensions. Users would have to disable that particular add-on, which would eradicate the threat. For this particular piece of malware, this is not the case. Since it is a component, it does not appear as an add-on in the browser's Add-ons Manager in the same manner other extensions and plugins appear. Furthermore, due to the design of the open source browser, the Trojan will be reinstalled every time the browser establishes a connection to the Internet.

HTML Attachments Used to Spread Malware In the last month, security researchers have observed several large spam campaigns with malicious HTML attachments. A 2007 botnet is believed to be behind the spike in these attacks. Traditionally, HTML-based attachments were used for phishing attacks to entice HTML victim to the desired spoofed web page. This current attack vector uses the HTML attachment with malicious javascript to redirect victims to the exploit kit. The exploit kit will then scan the target machine for vulnerabilities that can be exploited to install an information-stealing Trojan.

Source http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-centerscam-alerts-march-2012.html

Straight Talkin Mike Post~~Internet Crime Scam Alerts Feb 2012

4/21/2012

Internet Crime Complaint Center's (IC3)
Scam Alerts February 17, 2012

This report, which is based upon information from law enforcement and complaints submitted to the IC3, details recent cyber crime trends, new twists to previously-existing cyber scams, and announcements.

Mystery Shopper Scam To Evaluate Wire Transfer Services The IC3 has recently received over 250 complaints reporting a new twist to the online employment scam. The scam involves individuals who responded to online ads or were contacted via e-mail as a result of their resume being posted on job websites. The perpetrator posed as a research company and requested participants to complete a paid survey regarding services provided at wire transfer locations to improve the effectiveness of the company's money-transfer services.

Complainants were hired and then mailed a cashier's check or money order. They received instructions to cash the check/money order at their local bank, keep a portion as payment, and wire the remaining amount via wire transfer to a designated recipient. Victims were then asked to immediately e-mail their employer with the transfer number, amount wired, recipient's name and address, and the name of the wire transfer location evaluated. Upon sending the information, victims received a questionnaire form regarding their overall wire transfer experience to complete and return. Those who did not promptly follow through with the instructions received threatening e-mails stating if they did not respond within 24 hours, their information would be forwarded to the FBI and they could face 25 years in jail.

Shortly after the transactions, victims were informed by their banks that the checks were counterfeit and were held responsible for reimbursing their banks. Most victims owed their bank over $2,500.

Spam Referencing U.S. Military Members And Gaddafi Criminals continue to explore new avenues to lure victims, most recently by claiming to be a US military contractor, who was performing reconstruction work in Libya. Fraudsters sent unsolicited e-mails claiming that several metal boxes were found in cellars of high-rise buildings built and occupied by Muammar Gaddafi. Each box purportedly contained large sums of money, in addition to guns, armor, bullets, and drugs. The e-mails requested the recipient’s assistance with transferring the money out of Libya. The fraudsters also told the e-mail recipients that they were expected to receive, secure, and protect the boxes until the overseas assignment elapsed and promised the victims a 30 percent profit.

Often times in online scams, once communication with the fraudsters begins, they will request personal information, including but not limited to bank account details, claiming funds are needed to cover various expenses.

Be wary of any unsolicited e-mail, especially those requesting personal information or soliciting the submission of money for any reason. Unsolicited e-mails should not be opened, as they often contain viruses or other malicious software.

Pox Party Online Advertisements Recently, the IC3 received a complaint from an individual reporting an advertisement on a social media site that offered ways to obtain "natural immunity" from the chickenpox by sharing lollipops licked by children infected with the virus. Parents have been known to take their child to a "Pox Party" as an alternative to vaccinating children from varicella, otherwise known as chickenpox, but sending virus-covered lollipops through the mail is against Federal law.

One individual posted a message stating "fresh batch of pox in Nashville shipping of suckers, spit, and Q-tips available tomorrow 50 dollars."

As a disclaimer, the social media site posted the following notice on their page:

"This page has never condoned the mailing of infectious diseases. For our members: The mailing of infectious items, such as lollipops, rags, etc, is a federal offense. This page is not private and can been seen by members and non members alike. You may post on the page that you have the pox and are willing to share in YOUR AREA but please keep your specifics in private messages between members. Again, this page can be seen by anyone and mailing is a federal offense. We are all intelligent adults but these guidelines will help protect your privacy." According to the Center for Disease Control's (CDC) website, www.cdc.gov, chickenpox is spread in the air when an infected person coughs or sneezes. It can also be spread by touching or breathing in the virus particles that come from the chickenpox blisters. The CDC also discourages chickenpox parties because the disease can be serious. Dangerous diseases like hepatitis A and strep can be transmitted via saliva according to the CDC's website. Therefore, not only is the contaminated candy not likely to provide exposure to chickenpox, it could expose children to an entirely different disease.

Source

http://www.thestraighttalkexpress.com/1/post/2012/04/internet-crime-centerscam-alerts-february-2012.html

Straight Talkin Mike Security Blog

Straight Talkin Mike Post~~INTERNET CRIME COMPLAINT CENTER

4/21/2012

Thanks to Jose from Puerto Rico who shared this great site all about Internet Scam & Crimes. Info on where to report them, how to prevent them, and monthly listings of New Internet Scams and Fraud.

INTERNET CRIME COMPLAINT CENTER (IC3)
(an FBI and the National White Collar Crime Center (NW3C), funded in part by the Bureau of Justice)

INTERNET CRIME COMPLAINT CENTER
Source

INTERNET CRIME SCHEMES

Source
Straight Talkin Mike Computer Security Blog

Categories