Saturday, November 19, 2016

The 12 Online Scams of Christmas

by Merlin Benningfield, Managing Partner - Fast Rhino, LLC


On the first day of Christmas my scammer cheated me with a $300 Fee.

As we approach the holidays, more and more scams emerge in person, through snail mail and online. For as long as people continue to fall for their scams, the perpetrators will continue to set their traps to take advantage of the uninformed.

On the second day of Christmas my scammer cheated me with Fraudulent Support and a $300 fee.
One of the most common online scams to which we see people fall victim, is fraudulent support.  These scammers will trick you into thinking there is something wrong with your computer and then they attempt to gain remote access to your system. This type of scam can happen if you receive a phone call, if you call a technical support number but you don't realize the number belongs to a criminal organization (there are a growing number of these imposters), or if you get some sort of notification on your computer screen that suggests you call some phone number. As a rule, do not let anyone remote onto your computer unless you have a personal relationship with them. Do not enter any codes into your computer at the behest of anyone you do not know.


On the third day of Christmas my scammer cheated me with Fake FedEx Tracking, Fraudulent support and a $300 fee.
Shipping carriers like FedEx, UPS and USPS report a 15%-20% increase in the number of packages that are sent during the holiday season.  The bad guys take advantage of this by sending out emails which mimic these carriers and try to trick you into clicking on links or attachments to find out the status of a late or missing "shipment".  These scams are quite effective because they place pressure on the emotions and curiosity of the recipient.

On the fourth day of Christmas my scammer cheated me with Key Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.
Key loggers are tiny programs that can be installed on your system without your knowledge. They are designed to record keys strokes as you type into your keyboard and then send this information to an anxious criminal just waiting to get your logins, passwords, credit card numbers, etc.  A good malware and rootkit scanner can help keep this type of threat off your system. In addition, we recommend you implement safe computing practices to help avoid contracting these sorts of infections in the first place. 

On the fifth day of Christmas my scammer cheated me with Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.
Thieves will stop at nothing to steal something of value and what better way than to mislead you into believing there is a virus or some other threat on your computer? For a fee, you can buy the necessary software to clean up your system… however the software is actually malicious in nature. Question any program that states it can fix all your computer's problems. There are way too many "snake-oil" programs out there that will actually do more harm than good to your computer.  


On the sixth day of Christmas my scammer cheated me with Phony Look-A-Like Web Sites, Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.
Your printer doesn’t work.  You do a web search for “printer support” or you might even add the manufacturer’s name to your query.  Up pops a whole list of sites to chooses from, each claiming to offer help for your printer.  Many of these support sites can pose as the official manufacturer’s web site. And these “Look-A-Like” sites usually provide a toll free number to call, which can also add to the deception. Needless to say, this "Look-a-Like" site belongs to a scammer.

On the seventh day of Christmas my scammer cheated me with Social Engineering, Phony Look-A-Like Web Sites, Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.

Social Engineering is the psychological manipulation of people in order to trick them into performing actions or divulging confidential information. It relies on human interaction, however, when mixed with technology, it can become even easier to pull off. These con artists can take advantage of people who may not be familiar with the specific ins-and-outs of technology; and let’s be honest, considering how fast technology is moving, it can be a bit confusing sometimes. Remember that if it sounds too good to be true or if it seems suspicious, stop and ask someone else before proceeding. It could save you a lot of trouble and money in the long run.

On the eighth day of Christmas my scammer cheated me with Evil Ransomware, Social Engineering, Phony Look-A-Like Web Sites, Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.
Personally, I believe that there is a special place in Hades for the people behind today's Ransomware. Get infected with this and watch all your files become instantly inaccessible with military-grade encryption. At this point, even the use of a super computer running for a decade cannot decrypt your files. The data kidnapper then simply provides a ransom note demanding hundreds or even thousands of dollars before providing you with the decryption key.  Your best bet is to keep your data backed up and disconnect your external drive when it is not in use. 

On the ninth day of Christmas my scammer cheated me with Corrupt Malvertising,
Evil Ransomware, Social Engineering,
Phony Look-A-Like Web Sites, Rogue Anti-virus,
Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.

Malvertising occurs when crooks hide exploits and malware inside of legitimate-looking ads that can be submitted to major online advertising networks. Malvertising can be in the form of pop-ups, drive-by downloads, embedded content, etc. We've seen a growing number of malvertising results with clients who are using web sites with rotational ads delivered by companies like Ad Choices. We highly recommend either using a script blocker or an ad blocker to avoid the pitfalls associated with these ad networks that do not properly vet their advertisers.

On the tenth day of Christmas my scammer cheated me with Tricky E-mail Phishing, Corrupt Malvertising, Evil Ransomware, Social Engineering, Phony Look-A-Like Web Sites, Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support and a $300 fee.
Phishing scams basically imitate popular social web sites, auction sites, banks or other financial institutions claiming that the user needs to verify their username and password. The scam basically attempts to capture your credentials or other identifying information. These emails and their related web sites look and feel almost identical to the legitimate entity, which is why it is such a successful con. Always question any emails that ask for identifying information. Legitimate companies do not practice these policies of asking for account information via e-mail.

On the eleventh day of Christmas my scammer cheated me with Intimidating Scareware,
Tricky E-mail Phishing, Corrupt Malvertising,
Evil Ransomware, Social Engineering, Phony Look-A-Like Web Sites, Rogue Anti-virus,
Key-Logging Malware, Fake FedEx Tracking,
Fraudulent Support and a $300 fee.

Common types of scareware can imitate notices from such government agencies as the FBI, CIA, Department of Justice, etc.. Traditional scams of this type have claimed that the user has downloaded illegal materials and that to avoid jail time, the user should pay “fines” via Bitcoin, which is a form of electronic currency and keeps the receiving party anonymous, which works out perfectly for these cybercriminals.

On the twelfth day of Christmas my scammer cheated me with Scripts That Attack My Browser, Intimidating Scareware, Tricky E-mail Phishing, Corrupt Malvertising, Evil Ransomware, Social Engineering, Phony Look-A-Like Web Sites, Rogue Anti-virus, Key-Logging Malware, Fake FedEx Tracking, Fraudulent Support, and a $300 fee.
Although the majority of web developers use script languages for good, unfortunately there are some developers who take advantage of the script capabilities and use it for evil purposes. Script attacks are the number one way to get infected just by visiting web sites. A script blocker is a primary component of safe computing practices.

Wednesday, October 5, 2016

Online Scams Go Into Overdrive

by Merlin Benningfield, Managing Partner - Fast Rhino, LLC
 
Most all of us have heard of the "Windows telephone scam" where cold callers pose as computer support technicians in order to gain remote access to your computer and then demand payment for useless "services". They use various tactics to intimidate and confuse in an effort to extract as much money as possible from their victims.  Even though we still get several calls a month from people who fall victim to this trick, the majority of people are waking up to this type of scam…. but are they really?

The traditional scam is simply being packaged in additional ways:



Look-A-Like Sites
Your printer doesn’t work, so you do a web search for “printer support” or you might even add the manufacturer’s name to your query.  Up pops a whole list of sites to choose from, each claiming to offer help for your printer. 

Many of these support sites pose as the official manufacturer’s web site. And these “Look-A-Like” sites usually provide a toll free number to call, which can also add to the deception.

You click on a link and call the number and the person on the other end answers with a very official sounding introduction. “Thank you for calling Epson Support, how may I help you?”  So far, you think you’ve reached the right number, but these people are about to take you for a ride.

Keep in mind that this doesn’t just include printer support.  We’ve had clients tell us that they’ve made the mistake of calling various “fake” companies for all kinds of support, be it AOL, Microsoft, routers, modems, Gmail, Office, etc…  and the fact that our client initiated the phone call somehow reassured them that it wasn’t a scam. Unfortunately, the results turn out the same. Once they remote on to your system, they'll begin the process of trying to extract money from you and they'll stop at nothing, including using your computer as ransom to get it.



Redirects & Script-Based Attacks
What we once knew as an innocent "information superhighway" has since turned into a minefield. The bad guys are uploading dangerous scripts to both hacked and natively grown web sites. Surprising as it may sound, using an unprotected browser to visit a web page can be all it takes to get infected.
You don't need to accept anything or download anything; By simply landing on an infected web page, your browser can get redirected to another site (without your knowledge) which then begins scanning your computer for any known vulnerabilities in your software or your operating system.  If it finds an opening, it can potentially attack your system and infect it.  This is the primary reason we recommend script blockers like No Script and ScriptSafe.

Malvertising
Malvertising occurs when crooks hide exploits and malware inside of ads. Malvertising can be in the form of pop-ups, drive-by downloads, redirects, embedded content, etc. Malvertising can also simply instruct the user to perform an action that can be detrimental to their system, like calling a support number or downloading an infected file.

To put things in perspective, imagine for a moment that you are on your way to Phoenix, driving up Interstate 10. The speed limit is 75 so you're moving along at a pretty good clip. Up ahead, you can see a billboard on the right.  As it gets within reading range, you notice what it says... "There's something wrong with your engine. Jump out of your car right now!" Now many of you may have snickered a bit when reading this because most of us are smart enough not to jump out of a moving car. But, put us behind a computer and it seems our good judgment is nowhere to be found. For some reason, when the billboard is on a computer, people have a higher tendency to believe whatever instructions they are given.  

The best remedy is to question everything.  Just because you saw it on the Internet does not make it legitimate.