Scams

Sitting in an airport you rarely frequent, you grab your laptop and snap out a couple e-mails to send, and look, there’s a free WiFi hotspot. Bang, you connect and send, and are off on your way. What you don’t know is the free WiFi may come with a price: your login credentials and network

…It’s a 419 (Advance Fee Fraud) message, of course. Stripped of the pseudo-governmental flim-flam, the core of the message is that they want you to forward them this…

The US Department of Justice’s announcement yesterday of the takedown of the command and  control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.  This particular botnet,

Here’s a little information from ESET’s point of view about the Coreflood botnet, whose C&C (Command and Control) servers were taken down yesterday by the Department of Justice. The Coreflood bot is detected by ESET products as Win32/Afcore and has been active since the early years of the last decade (certainly since 2001), though our

I’ve added some commentary and resources on the Japan earthquake/tsunami disasters to an independent blog I maintain that specializes in hoaxes, scams and so forth, but here are a few of the same resources that aren’t already included in my recent blogs here on the topic: Analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html Guy Bruneau at Internet

My colleague Urban Schrott, from ESET Ireland, wrote a nice feature article for our monthly ThreatSense report (which should be available shortly on the Threat Center page at http://www.eset.com/threat-center) on seasonal scams. As the scam season is starting to get into full swing, we thought it might be good to give it a wider audience here.

What a touching email. Mercy saw my profile and wants to know more about me. She even tells me “please don’t forget that distance or color does not mean any thing,but love matters a lot”. What a sweet sentiment. Now I’ll show you the email and I think you’ll see what’s wrong with this picture.

…a piece at Discovery News about 5 Unexpected Threats of Online Social Networking…

[UPDATE #1 at 12:15PM:  Added more information about location of earthquake and prior scams. AG] We have just heard about the early September 4 (Saturday morning) earthquake near Christchurch, New Zealand, currently estimated at a Richter magnitude of 7.4. Our New Zealand distributor in Auckland is unaffected, but communications with the area are difficult. As with

You have to be a real cool cat to get into the Cambridge Who’s Who registry. A few months ago I received a spam message from whoswhopublication@gmail.com.  A legitimate Who’s Who organization is very unlikely to be using a Gmail address and they wouldn’t have sent the email to AskESET. Here’s the email: You were

I received an email today that was funny to me, but not to someone who is unsuspecting. I’ll let you read it. —–Original Message—– From: Ann Price [mailto:ann.price@topspot-promotions.net] Sent: Thursday, August 12, 2010 7:14 AM To: AskESET Subject: Placing advertisements on blog.eset.com Greetings, Topspot-Promotions, an established advertising company, would like to pay you for placing

A couple of months ago I posted a blog while flying at about 30,000 feet. That was a first for me and today I have a new first. I’m writing and posting a blog from the jury waiting room as I wait to see if I’ll be a juror. Of course, this reminded me of

I was greeted with the most charming email this morning. A young lady is so impressed with me that she wants to share our heart’s desires. Take a look… she sent it in two languages to make sure I would understand her. Ahh, but then I checked out who the email was sent to… It

I received the following email recently: Greetings, Please forgive me for the unofficial way of reaching you via email Contacting you is the only option left to me due to the doctors report on my deteriorating health condition which raised a lot of worries regarding some amount of money i secured in Iraq. For you

David Harley sent me a link to an article about a scam I wasn’t familiar with. I wouldn’t really call it a scam, it is more a diversionary and blocking tactic after a victim’s account has been compromised, but it may be an indicator of an attack. According to Wired (http://www.wired.com/threatlevel/2010/05/telephony-dos), what happens is that

I recently received a summons for Jury duty. The date I was supposed to appear on coincides with a date I am scheduled to be out of the country. In Seattle they really put computers to good use. I was able to go online and reschedule the date of my jury duty. What caught my

SANS posted a story at the Internet Storm Center a couple of days ago that they were seeing fake email from the IRS. (Even I don’t have time to read everything on the Internet relating to current information security issues.) The emails described try to kid the victim that they’ve under-reported or failed to report

Engineers are really smart people who often know how to make something with no real world effectiveness work really well without effect. In a glaring example of marketing hype, very limited effectiveness, and a lesson in teaching users to fall for phishing attacks, Pavni Diwanji, Engineering Director at Google published a blog post http://googleonlinesecurity.blogspot.com/2010/03/detecting-suspicious-account-activity.html The

Back on the 22nd of February, I wrote an entry on this blog called “Does Anybody Know WHOIS Out There?”. This entry was about the very slack or even non-existent verification of identification information (sheesh, try saying THAT with a few beers under your belt!) provided by individuals and organizations registering domain names on the

The Apple iPad is the current gadget du jour amongst the digerati and has been seeing strong presales, with estimates as high as 150,000 units on the first day.  With such attention in the media and the blogosphere, it is no wonder that both legitimate businesses and scammers have taken to using it as bait