Welcome to the ICM Forum. If you have an account but have trouble logging in, or have other questions, see THIS THREAD.
500<400 (Nominations Sep 22nd)
Polls: Benelux (Results), 1944 awards (Sep 23rd), 1964 (Sep 28th), Knockout competition (Round 1)
Challenges: Silent Era, 21st Century, Japan
Film of the Week: Reindeerspotting - pako Joulumaasta, October nominations (Sep 27th)

Scams, Hoaxes, and Other Internet Phishing Expeditions

Post Reply
User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

Scams, Hoaxes, and Other Internet Phishing Expeditions

#1

Post by xianjiro » October 21st, 2018, 8:05 am

So, I was looking through my spam folder I found this gem:
NEW MESSAGE FROM CITIBANK NEW YORKShow

From: CITIBANK NEW YORK <info1@hyper.ocn.ne.jp>
Reply to: kelvinwilliams584@aol.com
User agent: Microsoft Outlook Express 6.00.2600.0000



CITIBANK INTERNATIONAL NEW YORK
DIRECTOR, FOREIGN OPERATIONS DEPARTMENT
ADDRESS: 87-11 Queens Boulevard, Elmhurst, NY 11373

OUR REF: CTBNYUS/BBU

From Desktop of Mr. kelvin Williams
DIRECTOR OF FUNDS CLEARANCE UNIT.
E-mail: kelvinwilliams584@aol.com

Attention Fund Beneficiary,

Payment Release Instruction from Federal Reserve Bank of New York

Acting on our capacity as the international correspondent bank to the International Monetary Fund Organization, this is to officially notify you that we have received a confirmation advice from the International Monetary Funds External Auditors Committee, World Bank, United Nations Organization and the Federal Reserve Bank of America respectively via International Payment Voucher Number: IMF/FRBWDC/BOA-93WB82UN567-G requesting our bank Citibank of New York, to disburse your due wining/inheritance contract payment valued at Ten Million Three Hundred Thousand United States Dollars (US$10.3M) in your favor.

In consideration of the above, you have been issued with this Exclusive Reference Identification Number (IMF/FRB-NY/9USXX10751/09)Transfer Allocation No.: FRB/X44/701LN/NYC/US, Password: 339331, Pin Code: 78569, Certificate of Merit No: 104, Release Code No: 0876; Secret Code: XXTN014. Having received these vital payment numbers, you are instantly qualified to receive and confirm your payment within the next 96hrs. As necessary clearance has been granted from the International Monetary Funds External Auditors to release the funds to you with immediate effect.

In view of this directive received from the International Monetary Funds (IMF), we have on our own part verified your payment file as directed to us, and your name is next on the list of outstanding fund beneficiaries to receive their payment at this Second quarter of year 2018. With that being done, you are required to urgently contact Citibank in New

We wish to inform you of the need for you to also re-confirm the following information before the Citibank to enable us proceed with the preliminary arrangements that will enhance the immediate release of your funds. Owing to security reasons, be clearly informed that we will not respond to any phone calls/general inquiries placed to our bank with regards to the remittance of your funds by beneficiaries as we are barred from doing so, you are therefore advised to communicate only with the accredited officer for further remittance advice.

1) Full Name;
2) Full Address;
3) Your contact telephone and fax number;
4) Your Age and Profession;
5) Copy of any valid form of your Identification;
6) Your Bank name;
7) Your Bank Address;
8) Account name and Number;
8) ABA/Routing Number;
10) Swift or Sort Code:

Thank you for your anticipated co-operation.

TREAT AS URGENT.
Mr. Kelvin Williams
DIRECTOR OF FUNDS CLEARANCE UNIT.
CITIBANK NEW YORK
----------------------------------------------------
"Thank you for your anticipated co-operation."

Gotta (l) it though it's hard to believe anyone falls for this tripe anymore - so many red flags.

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#2

Post by xianjiro » October 21st, 2018, 8:11 am

Oh, and Bill Gates is also writing to tell me he wants to give me $5 million
SpoilerShow

$5 MILLION USD DONATION FROM MR BILL GATES
Greetings You have been gifted $5 MILLION USD From Mr Bill Gates. Contact me at this email for your claim: mrbill1102@outlook.com

I hope this information meet you well as I know you will be curious to know why/how I selected you to receive a sum of $5,000,000,00 USD, our information below is 100% legitimate, please see the link below: https://en.wikipedia.org/wiki/Bill_%26_ ... Foundation

I BILL GATES and my wife decided to donate the sum of $5,000,000,00 USD to you as part of our charity project to improve the 10 lucky individuals all over the world from our $65 Billion Usd I and My Wife Mapped out to help people. We prayed and searched over the internet for assistance and i saw your profile on Microsoft email owners list and picked you. Melinda my wife and i have decided to make sure this is put on the internet for the world to see. as you could see from the webpage above,am not getting any younger and you can imagine having no much time to live. although am a Billionaire investor and we have helped some charity organizations from our Fund.

You see after taken care of the needs of our immediate family members, Before we die we decided to donate the remaining of our Billions to other individuals around the world in need, the local fire department, the red cross, Haiti, hospitals in truro where Melinda underwent her cancer treatment, and some other organizations in Asia and Europe that fight cancer, alzheimer's and diabetes and the bulk of the funds deposited with our payout bank of this charity donation. we have kept just 30% of the entire sum to our self for the remaining days because i am no longer strong am sick and am writing you from hospital computer.and me and my wife will be traveling to Germany for Treatment.

To facilitate the payment process of the funds ($5,000,000.00 USD) which have been donated solely to you, you are to send me

your full names.................
your contact address................
your personal telephone number...............
SEND YOUR ABOVE DETAILS TO mrbill1102@outlook.com


so that i can forward your payment information to you immediately. I am hoping that you will be able to use the money wisely and judiciously over there in your City. please you have to do your part to also alleviate the level of poverty in your region, help as many you can help once you have this money in your personal account because that is the only objective of donating this money to you in the first place.


Thank you for accepting our offer, we are indeed grateful You Can Google my name for more information: Mr Bill Gates or Bill & Melinda Gates Foundation

Remain Blessed

Regards
Mr Bill Gates
Wow! According to my spam folder, I'm worth over $25 million US!!! :lol:

Please! No one contact the IRS - I'm sure they'll send over agents ASAP demanding immediate payment. (D:)

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
funkybusiness
Donator
Posts: 10493
Joined: Jan 22, 2013
Contact:

#3

Post by funkybusiness » October 21st, 2018, 8:25 am

100% LEGIT HERE'S A WIKIPEDIA PAGE IF YOU DON'T BELIEVE ME

User avatar
flaiky
Posts: 1399
Joined: Feb 04, 2017
Location: London UK
Contact:

#4

Post by flaiky » October 21st, 2018, 8:30 am

Those look pretty old school, in my experience the scams are much more sophisticated these days. I fell for one about three years ago because it looked exactly like an email from iTunes, thanking me for a £30 purchase I hadn't made with small text at the bottom saying "If this was not you, click here". The site also looked exactly iTunes, so I completed all my card details. The timing was bad as I had discovered a virus on my computer just the night before, so I felt vulnerable, but immediately afterwards I was like "Wait a minute..." and saw that the url was gobbledigook (you often don't notice urls when browsing on your phone). Doh. Had to cancel my card right then and order new one. I know someone who did the exact same thing with an "HMRC email" claiming she was due a tax rebate, and I've had countless of those emails in the past 2 years - they also look scarily convincing. I even had a text last month from "HSBC" (one of the biggest banks in this country) telling me there was an unusual login with my account and I must click the link (which was designed to look much more legitimate)...I don't even have an HSBC account. How the hell did the text come up in my phone with the name "HSBC", as if it was one of my contacts?? I found that spooky. They are getting really clever.
Let the ashes fly
ICM | Letterboxd | All-time stats

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#5

Post by xianjiro » October 21st, 2018, 8:59 am

Yeah, I fell for one of these like 20 years ago. Think I was still on AOL at the time (so probably over 20 years then) and I got a message about needing my password. No idea what the wording was at the time.

About a minute after following the instructions I was like, wait ... something's not quite right here. I immediately changed my AOL password. I got lucky. Have been very suspicious ever since.

Agreed, the scams above seem pretty old, that's one reason I find it amazing (and them so funny) that anyone is going to the trouble to programme this crap to spam. Wonder how many people fall for it though. And clearly the first one is gathering data points for ID theft.

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
jvv
Donator
Posts: 8211
Joined: May 28, 2011
Location: Netherlands
Contact:

#6

Post by jvv » October 21st, 2018, 9:44 am

A scam (or should I say blackmail) that seems to be quite common at the moment is an e-mail claiming that they've hacked my webcam and have caught me masturbating (naked) to porn. If i don't pay X amount of money to some bitcoin address they will spread footage of this to all my contacts. Not very effective in my case, since I don't have a webcam, but I wonder how many people fall for it.

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#7

Post by xianjiro » October 21st, 2018, 9:46 am

none, obvs! I mean, NO ONE has ever masturbated to online porn ever, right?

lulZ

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
mightysparks
Site Admin
Posts: 29430
Joined: May 05, 2011
Location: Perth, WA, Australia
Contact:

#8

Post by mightysparks » October 21st, 2018, 9:49 am

I get a lot of those iTunes type of ones but they are usually obvious and I’ll always delete the email and open the website myself in a new browser just to make sure I don’t get led to some dodgy site. I also automatically check the URL if I’m not sure and I’ll know immediately. I’ve never fallen for one but some have come close, especially the first time you see them.
"I do not always know what I want, but I do know what I don't want." - Stanley Kubrick

iCM | IMDb | LastFM | TSZDT

Image

User avatar
AdamH
Site Admin
Posts: 12109
Joined: May 05, 2011
Contact:

#9

Post by AdamH » October 21st, 2018, 5:53 pm

jvv wrote:
October 21st, 2018, 9:44 am
A scam (or should I say blackmail) that seems to be quite common at the moment is an e-mail claiming that they've hacked my webcam and have caught me masturbating (naked) to porn. If i don't pay X amount of money to some bitcoin address they will spread footage of this to all my contacts. Not very effective in my case, since I don't have a webcam, but I wonder how many people fall for it.
Reminds me of the Black Mirror episode.

User avatar
AdamH
Site Admin
Posts: 12109
Joined: May 05, 2011
Contact:

#10

Post by AdamH » October 21st, 2018, 5:56 pm

I was scammed once but was about 15 years ago. Paid £50 for all the Bond films on Amazon (marketplace of whatever it was called back then). Never received the films. I missed the deadline to claim a refund because the seller's "relative" messaged me to say the seller was in hospital seriously ill and that I would be send the films by the relative instead.

Would never make a mistake like that now but was young at the time and new to buying stuff online.

User avatar
XxXApathy420XxX
Donator
Posts: 18862
Joined: Oct 24, 2011
Contact:

#11

Post by XxXApathy420XxX » October 21st, 2018, 5:58 pm

At my old job we once received a fax from a Nigerian prince. It is a common scamming scenario, but the fact that it came in by fax was amusing.

User avatar
bal3x
Donator
Posts: 13022
Joined: May 26, 2011
Contact:

#12

Post by bal3x » October 21st, 2018, 6:05 pm

Yeah, the one in the OP is strictly old school, even though you'd be surprised that some folks still fall for this type of scam (I've recall stories where folks actually went to Nigeria and got robbed and murdered in the woods...). Yet, there are much more sophisticated and nastier scams out there now - the way they mimic the original emails and designs is rather scary and if you don't look closely at the hyperlink you may end up with a virus quickly - indeed the best way is NOT to do ANYTHING at all. Just delete these emails. I've read stories whereby technically very savvy people (IT blog editors) got locked out of their accounts completely by scammers so this is not a joking matter, we can make fun of "idiots" until you become a victim yourself and then it's not so funny at all.

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#13

Post by xianjiro » October 21st, 2018, 6:18 pm

good advice @bal3x!

The only thing I'd add is never respond to links or phone numbers in emails, especially when either sensitive information is requested or 'urgent, response needed'. It's always better to go to a statement, the number on the back your card, etc for a phone number to make contact and verify the validity.

Are we even sure that URLs can't be masked or hijacked? I mean clearly links can look real in an email or on a webpage but will take one elsewhere. What's to keep a browser addon, malware, email script, or the like from redirecting traffic to a malicious URL? I don't see why software (especially on machines with poor security) couldn't be used to misdirect, even in the location box of a browser window. Additionally, phone browsers and apps don't always show URLs as explicitly as a desktop browser. Lots of variation, lots of chances to fall into a hole, and way too many predators with Internet access.

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
3eyes
Donator
Posts: 6775
Joined: May 17, 2011
Location: Philadelphia
Contact:

#14

Post by 3eyes » October 21st, 2018, 7:01 pm

I have gotten emails purporting to be from friends or relatives -- the subject line is usually something neutral like "Hi" and I usually write the person and tell them I think they've been hacked - if the really did email me they can say so.
:run: STILL the Gaffer!

User avatar
bal3x
Donator
Posts: 13022
Joined: May 26, 2011
Contact:

#15

Post by bal3x » October 21st, 2018, 7:07 pm

xianjiro wrote:
October 21st, 2018, 6:18 pm
good advice @bal3x!

The only thing I'd add is never respond to links or phone numbers in emails, especially when either sensitive information is requested or 'urgent, response needed'. It's always better to go to a statement, the number on the back your card, etc for a phone number to make contact and verify the validity.

Are we even sure that URLs can't be masked or hijacked? I mean clearly links can look real in an email or on a webpage but will take one elsewhere. What's to keep a browser addon, malware, email script, or the like from redirecting traffic to a malicious URL? I don't see why software (especially on machines with poor security) couldn't be used to misdirect, even in the location box of a browser window. Additionally, phone browsers and apps don't always show URLs as explicitly as a desktop browser. Lots of variation, lots of chances to fall into a hole, and way too many predators with Internet access.
Oh, yes, absolutely. Normally hyperlink is visible and they are not even https, just https, but if you are in doubt the only way to proceed is to open a given website (say, paypal) OUTSIDE of email, i.e. by going via your bookmark or just typing paypal.com and log in from there, it's really best not to click ANY links (especially finance related, e.g. bank/paypal etc.) in the mails these days. Indeed some links were masked so well that you couldn't even differentiate... I believe it was a Chrome exploit that I saw, a truly scary one, where you open a link in the browser and it looks 100% legit, but they just used another encoding system to mask the actual letters so basically you were really opening a scammer's website, but you didn't know it... that exploit should be fixed now, but I'm sure something like that will be used again.

User avatar
joachimt
Donator
Posts: 29362
Joined: Feb 16, 2012
Location: Netherlands
Contact:

#16

Post by joachimt » October 22nd, 2018, 10:26 am

jvv wrote:
October 21st, 2018, 9:44 am
A scam (or should I say blackmail) that seems to be quite common at the moment is an e-mail claiming that they've hacked my webcam and have caught me masturbating (naked) to porn. If i don't pay X amount of money to some bitcoin address they will spread footage of this to all my contacts. Not very effective in my case, since I don't have a webcam, but I wonder how many people fall for it.
Seriously, was that a hoax?! :unsure:
Fuck, could have saved me some money then. :(
SpoilerShow
:P
ICM-profile
Fergenaprido: "I find your OCD to be adorable, J"

User avatar
Knaldskalle
Moderator
Posts: 9515
Joined: May 09, 2011
Location: New Mexico, Trumpistan
Contact:

#17

Post by Knaldskalle » October 23rd, 2018, 2:14 am

One of the good things about not using social media is that all emails from Facebook, Twitter, Instagram, LinkedIn, WhatsApp and so on can go straight in the spam folder.

Back when we had Comcast as our ISP, I once received an email from Comcast warning me against phishing attempts and giving me a list of "tell tale signs" that something wasn't a legit mail. No personalized greeting was one thing and another was that the displayed URL wasn't identical to the actual URL and a third was that the domain in question wasn't a "known" domain belonging to the company in question.

A few months later I received another mail purporting to be from Comcast saying that I needed to renew my login to their online portal. The mail started "Dear Customer", the URL displayed was not identical to the URL it actually contained and the domain in question was *somethingsomething*.net and not comcast.com as you'd expect. I immediately forwarded the mail to Comcast's fraud email account so they could warn people about this obvious phishing attempt. Two days later I got a mail back from their technical dept that the email was legit. :facepalm:
Personal film goals for 2019.
ImageImageImageImage

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#18

Post by xianjiro » October 23rd, 2018, 4:57 am

Yeah, I forget who it was, but had something similar. I want to say it was a bank related but then I was directed to nothing that looked like the bank's site.

So yeah, even these big companies confuse. Some of it is that right hand v left hand thing.

Are people still getting calls from Microsoft telling them they have a virus on their computer? I got a call last week or so. With the usual heavy south Asian accent he said, "I'm calling from Microsoft's Technical..." I forget what came next since I immediately cut him off. But sometimes it can be hard to get my phone to hang up so I heard him say "This isn't a sales call." Of course it's not, it's a financial exploitation call!

I was also getting a call most mornings about the same time but the rotating through four different numbers in MInnesota, Tennessee, Washington, and Nevada. Never answered any of them. One switched to an evening time and then they all stopped. Don't even expect the numbers are legit - or it was somehow political related, as in wanting money, but I guess there's no reason they'd stop begging now. (We've already received our ballots and I dropped mine off tonight in the hopes that maybe the Republicans will stop sending me campaign literature I'll never read. Not sure if that actually happens here, but one year it seemed like the mailbox stuffing stopped within a few days of turning in my ballot. It's in their interests to stop spending money and since that information is public...)

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
maxwelldeux
Donator
Posts: 6623
Joined: Jun 07, 2016
Location: Seattle-ish, WA, USA
Contact:

#19

Post by maxwelldeux » October 23rd, 2018, 6:42 am

xianjiro wrote:
October 23rd, 2018, 4:57 am
Are people still getting calls from Microsoft telling them they have a virus on their computer? I got a call last week or so. With the usual heavy south Asian accent he said, "I'm calling from Microsoft's Technical..." I forget what came next since I immediately cut him off. But sometimes it can be hard to get my phone to hang up so I heard him say "This isn't a sales call." Of course it's not, it's a financial exploitation call!
Heh. Yeah, they are. My grandmother (with a landline) still gets them occasionally. I'm her IT department, and I'm usually able to fix her computer problems remotely. But the one time she got a virus bad enough that I couldn't fix at a distance, she listened MUCH better.

Basically, I just hammered the point that NO ONE will ever ask you for important info. And then I hammered the point of "a 5 minute task now is MUCH better than a 5 hour task in the future." I occasionally get calls along the lines of "Firefox just asked me to update - is that OK?", but I'd rather deal with those than the "I gave this nice man my credit card and SSN, because he said he needed it to put the picture of my granddaughter on my computer..." calls.


User avatar
RBG
Posts: 6126
Joined: Feb 13, 2016
Location: desert usa
Contact:

#21

Post by RBG » October 23rd, 2018, 1:53 pm

i got a call from a collection agency (a first!) saying i owe an 11,000 dollar bill to AT&T who i haven't dealt with in years. they said someone used my social security number. i called AT&T directly and apparently it was true. took forever to connect me with a fraud expert and then i got cut off but i checked all my credit ratings and this hasn't impacted me at all. i never received a bill though they insist they've been sending bills to my address. was this a scam?? i can't figure it out and haven't heard from them again. am i safe to ignore this? obvs i can't change my social. phone service is really spotty out here and i can't stay on hold for 20 mins at a time without losing the call. why would they allow someone to open multiple lines without payment? it doesn't make sense to me. everyone i talked to was south asian sure but that's not unusual. anyway it's been over a week now
icm + ltbxd

NO GODS NO MASTERS

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#22

Post by xianjiro » October 23rd, 2018, 3:24 pm

ugh, sounds horrible RBG - clearly some level of scam is involved. Does your state's Attorney General (or some other state department) have a fraud reporting line?

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
RBG
Posts: 6126
Joined: Feb 13, 2016
Location: desert usa
Contact:

#23

Post by RBG » October 23rd, 2018, 5:32 pm

i wonder if i should freeze my credit. it hasn't showed up on my reports but someone could try it again. i can freeze all three majors online for no fee. the phone is a hassle here. i don't plan on applying for a loan so i don't see how it could hurt

one weird thing is: when i accessed my credit reports, there was only one inquiry from AT&T -- on the same day i called them. where was the original inquiry?? when the supposed collection agency called, they did have my social.

lol they've made it surprisingly easy since experian itself was hacked. i recommend it if you've any doubts
icm + ltbxd

NO GODS NO MASTERS

User avatar
Knaldskalle
Moderator
Posts: 9515
Joined: May 09, 2011
Location: New Mexico, Trumpistan
Contact:

#24

Post by Knaldskalle » October 24th, 2018, 4:51 pm

You should totally freeze your credit report - and put a watch on it for identitiy theft (you may need a police report for that, which seems like the next logical step).
Personal film goals for 2019.
ImageImageImageImage

User avatar
RBG
Posts: 6126
Joined: Feb 13, 2016
Location: desert usa
Contact:

#25

Post by RBG » October 24th, 2018, 5:59 pm

i froze my credit with all three reporting agencies, it's very easy and you can do it online. i'll hold off on a police report until i hear from any of these people again. it's all rather vague but now at least they can't do any more damage. one of my credit cards was hacked twice last year; finally closed the account and opened another one
icm + ltbxd

NO GODS NO MASTERS

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#26

Post by xianjiro » June 12th, 2019, 3:12 pm

So, here's a new one (for me). Just saw an email which was made to look like Google's security alert. "A new user has logged into your account from ... Atlanta, Georgia." Eek! Right?

Nope. Funnily enough, below the graphic that looks a lot, but not exactly like, Google's pervasive security alerts, was a fairly typical spam email: "Dear YYANARBK YYANARBK, Welcome to the Enterprise Plus? membership experience. Your Enterprise Plus member number and user name is HYFYF4W. Your membership delivers ..."

Also telling is the subject line: "Suspicious connection to <account.name>@gmail.com." Usually real alerts say "Security alert for your (linked) Google Account."

Anyways, just a heads up on a new front in the global phishing expedition. Something else to be very wary of - my guess is these security alerts will mirror actual alerts at some point. I'm not certain how to protect against such if they don't get routed to your spam folder but if you have more than one account like I do, then I see the alerts in two unrelated email accounts. Seeing just the one was another tip-off.

Last, it's probably best, now that we know this, to NOT click on the links in the emails but just sign into Google directly from a browser. That's the only way to be certain the links/website aren't spoofed.

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#27

Post by xianjiro » July 16th, 2019, 5:20 am

a new type of router attack is being reported:
The modifications made to these routers redirected infected users to malicious clone websites whenever they tried to access e-banking sites for certain Brazilian banks.

...

This time around, besides hijacking users visiting Brazilian banks, the hackers were also redirecting users to phishing pages for Netflix, Google, and PayPal, to collect their credentials, according to researchers at Ixia.

...

According to Avast researchers David Jursa and Alexej Savčin, most Brazilian users are having their home routers hacked while visiting sports and movie streaming sites, or adult portals.

On these sites, malicious ads (malvertising) run special code inside users' browsers to search and detect the IP address of a home router, the router's model. When they detect the router's IP and model, the malicious ads then use a list of default usernames and passwords to log into users' devices, without their knowledge.

...

If the attacks are successful, additional malicious code relayed through the malicious ads will modify the default DNS settings on the victims' routers, replacing the DNS server IP addresses routers receive from the upstream ISPs with the IP addresses of DNS servers managed by the hackers.

The next time the users' smartphone or computer connects to the router, it will receive the malicious DNS server IP addresses, and this way, funnel all DNS requests through the attacker's servers, allowing them to hijack and redirect traffic to malicious clones.
- source

(D:) YIKES! (D:)

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

User avatar
xianjiro
Donator
Posts: 6539
Joined: Jun 17, 2015
Location: Kakistani Left Coast
Contact:

#28

Post by xianjiro » July 17th, 2019, 12:52 am

And there's another form of scam. It's called "brushing".
Here’s how they work: A third-party seller on Amazon will get the name and address of a consumer. They will purchase an item that they will then send to that person, claiming it’s a gift. Amazon’s policy allows the individual who purchases a gift to leave a review for that item, so the third-party seller will leave a fake review after the item ships. The review is listed as a “verified buyer” review, meaning that it’s supposed to have more authority because it’s from someone who actually bought and theoretically used the product.

...

In the event a consumer does receive an unsolicited package, they should notify the retailer immediately, said Monique Becenti, product and channel specialist at SiteLock, an cybersecurity firm. When contacting Amazon or another retailer, Becenti advised going directly to the company’s website to find their contact information rather than relying on information from an email, in case the e-mail in question is also part of a scam.
- source/full article

Listen, Daddy. Teacher says, 'every time a car alarm bleeps, into heaven a demon sneaks.'
sol can find me here

Post Reply