PC CyberTekThe cyberspace visitor’s information center

There are a lot of fake Pay Pal e-mails going around but I don’t think I’ve mentioned them before so I am now.

The practice of trying to trick someone into giving out their personal information, such as bank account, social security number, even your name and address, is called phishing. The goal of phishing is identity theft.

I received this e-mail last night. First lets, take a look at the e-mail itself and then I will point out some items of interest and common techniques used by phishers. And finally, what you can do to help in the fight against phishers.
Read the rest of this entry »

Phishing scams seem to keep on rolling. Recently I have been seeing a lot of them that claim to be survey companies. They aren’t too hard to spot. The e-mail address that they supposedly come from, may be a legit survey company.  In the body they will ask you to register by filling in all your information like name, address, phone number etc. and send it to and email address that is in the body of the e-mail. This is what makes it so easy to spot. The e-mail address they want you to send your “registration” info to is different than the one listed in the header and usually a variation of it. For example, I got one that said it was from register@surveys.com in the e-mail’s header, yet they wanted you to send your registration information to surveys@gmail.com or @yahoo.com or some other address. If these were legit, they wouldn’t have you register by e-mailing your information and to an address that’s different from where it supposedly came from. I don’t think any of them would have you e-mail them your information at all, you would register on a website. So far I have seen 6 variations of this in about a week. I wouldn’t be surprised if they actually set up websites with registration forms next. Just to be safe, I would never send identity related information to anyone no matter what they claim they need it for,  unless you expected the e-mail in the first place. Remember, just because an e-mail says it’s from someone, this can be spoofed to say anything.

I’m sure you have all seen this before. Your surfing along, when all of a sudden, you get a pop-up that alerts you that your computer is infected! YIKES! What to do!??! Ah, you can just download a “free” program that will fix it for you. I’d hope you already know, this is a scam. It’s one of two things. You can either download a legit program that will scan your computer, tell you how badly infected it is and you can purchase a full version of the program to remove all your “infections.” Just in case your not really infected, these programs will increase your infection count by adding your cookies to the list. Pretty good way to jack up the numbers, but I wouldn’t call cookies an infection. And I sure don’t have to buy any program to remove them. The other thing that could happen, and probably will is, you will download a program that will then install it’s own addware. Turns out they have a name for this stuff now, and that name is Scareware.

Turns out many people are still falling for this scam. I had to clean my parents computer up, from one of these. Try doing it over VNC, and you may have your patience tested like I did. Anyways, the old folks aren’t the only ones falling for this, and now their is a new variation. Spware Protect 2009, is the new breed of scareware. Not only does it con you by getting you to install it, it actually does damage to get you to “purchase” it for $49.99 and install a trojan downloader. Meanwhile it increases the pop ups telling you how infected your computer is. So you order the program with your credit card and guess what, you just gave them your credit card number, no hacking needed. A local electronics store, with the initials RS, got hit by it and from what I could get out of them, sounds like the whole corp has been infected through their network.

Since I first found out about this last week, I’ve found out that it’s now also being installed by the conficker virus. At first I was thinking, wouldn’t people be suspicious if there was a new piece of software, on their computer? I sure as hell would. Then I started thinking about it, in a corporate situation. Some poor schmuck, in accounting or where ever, could think it was installed by their IT Dept. So the keylogger installed would run until the computer crashed. The one good thing is, the domain that was selling Spyware Protect 2009 is gone. Keep an eye out for variations with new names and the same or slightly modified interface.

-Your friendly neighborhood PC Cybertek

Here’s a couple more phishing scams I came across today. The first one is another paypal scam. Here’s a screen capture from my gmail account. As you can see by the big red box warning you that this is a scam. That was added by gmail and obviously isn’t in the original e-mail.

The second one is supposed to be from Wells Fargo. It tells you that you have to update your information and that you will only have limited access until you do so.

As always, never respond or click on any links in e-mails that ask you to update any banking or personnel information

Looks like the phishermen are at it again. There must be plenty of phish in the internet sea. However, you don’t have to be one of the phish attracted by their lures.

Phishing is what they call those e-mails that attempt to trick you into giving up personal information, usually financial, which is then used to steal your identity and rape your bank account and or credit cards.

The latest one, I have seen, is using some old tricks but with new bait. The e-mail appears to come from Google’s Adsense program. It warns you that you will not receive any more payments, unless you update your information. Which you can do with the link provided in said e-mail.

To the average user, everything might look ok at first glance. However, if you try to reply to the e-mail, it will bounce back. If you click on the Google AdSense link that is provided, you will most likely end up at a domain that has google and adsense in it. But on closer inspection you will see there is more to the domain, like a .tw or other domain. Don’t be fooled by how the page looks like the real thing.

So if you get one of these e-mails, don’t click on it. And if you do have a Google Adsense or any other account, that you have received an e-mail informing you that it needs updating, never click on the link in the e-mail. It’s very easy to forge a link in any e-mail and is common in phishing scams. Type the address directly into your browser, or use google or some other search engine to find it for you.

Stay tuned for an article on how to spot phishing scams.