Public Service, Don't Get S**mmed.
Dec 4, 2014 13:56:48 #
A word of warning I received about s**mmers:
Rob here with Patriot Privacy and the Self-Reliance Institute.
I dont know about you, but at this time of year I feel more rushed than usual.
Im anxious to get as much accomplished as possible before celebrating the holidays with family and friends.
So while its the best time of year in many ways, it can be a bit stressful.
S**m artists know were all a bit rushed right now and they also know that the holidays mean the busiest time of year for ecommerce. They know that more people than ever before are ordering gifts online.
So, theyve combined those two facts and created the Order Confirmation S**m.
Heres a bit of what cybersecurity guru Brian Krebs has to say about how the Order Confirmation S**m works.
If you receive an email this holiday season asking you to confirm an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.
Seasonal s**ms like these are a perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that its easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25.
In Krebs warning, Be Wary of Order Confirmation Emails, he includes replicas of Order Confirmation S**m emails purporting to be from Costco, Target, Home Depot and Walmart. Its worth taking a look at those to get a concrete idea of how realistic they can appear. Krebs goes on to state:
According to Malcovery, a company that closely tracks email-based malware attacks, these phony order confirmation spam campaigns began around Thanksgiving, and use both booby-trapped links and attached files in a bid to infect recipients Windows PCs with the malware that powers the Asprox spam botnet.
Asprox is a nasty Trojan that harvests email credentials and other passwords from infected machines, turns the host into a zombie for relaying junk email and perpetuates additional Asprox malware attacks. Asprox also deploys a scanning module that forces hacked PCs to scan websites for vulnerabilities that can be used to hack the sites and foist malware on visitors to that site.
Malcovery notes that the Asprox spam emails use a variety of subject lines, including Acknowledgment of Order, Order Confirmation, Order Status, Thank you for buying from [insert merchant name here], and a Thank you for your order.
So, what should you do?
Its fairly straight-forward.
If you receive an email from a recognized brand that references an issue with an online or in-store order and you think it might be legitimate, do not click the embedded links or attachment. Instead, open up a Web browser and visit the merchant site in question. Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the t***saction information that can be used to look up the order status at the merchants Web site.
Please share this information with your friends and family. Id like to get this warning out to as many folks as possible. By sharing it with your loved ones we can spread the word and keep folks protected from this s**m.
I h**e s**m artists. And I really h**e s**m artists that try to take advantage of Christmas or any other holiday!
If you have thoughts or questions, email me at Rob@SelfRely.com
Be safe, secure and free!
Rob Douglas Former Washington DC Private Detective and Certified Identity Theft Risk Management Specialist
Freedom Writers Publishing
1815 Central Park Dr. #358
Steamboat Springs, CO 80487
Be sure to forward this message to your friends who are concerned with
self-reliance, privacy & government spying and encourage them to watch
our video presentation by clicking here!
Rob here with Patriot Privacy and the Self-Reliance Institute.
I dont know about you, but at this time of year I feel more rushed than usual.
Im anxious to get as much accomplished as possible before celebrating the holidays with family and friends.
So while its the best time of year in many ways, it can be a bit stressful.
S**m artists know were all a bit rushed right now and they also know that the holidays mean the busiest time of year for ecommerce. They know that more people than ever before are ordering gifts online.
So, theyve combined those two facts and created the Order Confirmation S**m.
Heres a bit of what cybersecurity guru Brian Krebs has to say about how the Order Confirmation S**m works.
If you receive an email this holiday season asking you to confirm an online e-commerce order or package shipment, please resist the urge to click the included link or attachment: Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities.
Seasonal s**ms like these are a perennial scourge of the holidays, mainly because the methods they employ are reliably successful. Crooks understand that its easier to catch would-be victims off-guard during the holidays. This goes even for people who generally know better than to click on links and attachments in emails that spoof trusted brands and retailers, because this is a time of year when many people are intensely focused on making sure their online orders arrive before Dec. 25.
In Krebs warning, Be Wary of Order Confirmation Emails, he includes replicas of Order Confirmation S**m emails purporting to be from Costco, Target, Home Depot and Walmart. Its worth taking a look at those to get a concrete idea of how realistic they can appear. Krebs goes on to state:
According to Malcovery, a company that closely tracks email-based malware attacks, these phony order confirmation spam campaigns began around Thanksgiving, and use both booby-trapped links and attached files in a bid to infect recipients Windows PCs with the malware that powers the Asprox spam botnet.
Asprox is a nasty Trojan that harvests email credentials and other passwords from infected machines, turns the host into a zombie for relaying junk email and perpetuates additional Asprox malware attacks. Asprox also deploys a scanning module that forces hacked PCs to scan websites for vulnerabilities that can be used to hack the sites and foist malware on visitors to that site.
Malcovery notes that the Asprox spam emails use a variety of subject lines, including Acknowledgment of Order, Order Confirmation, Order Status, Thank you for buying from [insert merchant name here], and a Thank you for your order.
So, what should you do?
Its fairly straight-forward.
If you receive an email from a recognized brand that references an issue with an online or in-store order and you think it might be legitimate, do not click the embedded links or attachment. Instead, open up a Web browser and visit the merchant site in question. Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the t***saction information that can be used to look up the order status at the merchants Web site.
Please share this information with your friends and family. Id like to get this warning out to as many folks as possible. By sharing it with your loved ones we can spread the word and keep folks protected from this s**m.
I h**e s**m artists. And I really h**e s**m artists that try to take advantage of Christmas or any other holiday!
If you have thoughts or questions, email me at Rob@SelfRely.com
Be safe, secure and free!
Rob Douglas Former Washington DC Private Detective and Certified Identity Theft Risk Management Specialist
Freedom Writers Publishing
1815 Central Park Dr. #358
Steamboat Springs, CO 80487
Be sure to forward this message to your friends who are concerned with
self-reliance, privacy & government spying and encourage them to watch
our video presentation by clicking here!
Dec 4, 2014 14:26:56 #
skott
Loc: Bama
Loki wrote:
A word of warning I received about s**mmers: br b... (show quote)
Thanks, Loki.
You should also use a credit card to place orders as opposed to a debit card. For your debit card, you are liable for all they steal. With a credit card there are actual limits for liability.
Dec 4, 2014 16:22:43 #
skott wrote:
Thanks, Loki.
You should also use a credit card to place orders as opposed to a debit card. For your debit card, you are liable for all they steal. With a credit card there are actual limits for liability.
You should also use a credit card to place orders as opposed to a debit card. For your debit card, you are liable for all they steal. With a credit card there are actual limits for liability.
I disagree with a lot of people here, but I h**e these damn thieves that try to take advantage of people who either don't know better, or are so preoccupied they miss it.
Dec 5, 2014 09:34:58 #
skott
Loc: Bama
Loki wrote:
I disagree with a lot of people here, but I h**e these damn thieves that try to take advantage of people who either don't know better, or are so preoccupied they miss it.
Me too, there isn't hardly anything worse than a thief.
Dec 5, 2014 09:48:47 #
skott wrote:
Me too, there isn't hardly anything worse than a thief.
My late Mother-in-Law, may she RIP, was the most gullible human in the damn world. She kept us busy extricating her from the s**ms she fell for.
Dec 5, 2014 09:55:09 #
skott
Loc: Bama
Loki wrote:
My late Mother-in-Law, may she RIP, was the most gullible human in the damn world. She kept us busy extricating her from the s**ms she fell for.
I've seen many older people fall for the s**ms, but younger people do to. Those are the criminals we really need to be putting away.
Dec 5, 2014 10:13:00 #
skott wrote:
I've seen many older people fall for the s**ms, but younger people do to. Those are the criminals we really need to be putting away.
I had a call last night from some guy with a Hindu Accent. Caller ID said it was from New York. He claimed to be a Dell Representative who had discovered a "v***s" on my computer. I told him my computer is still under warranty, I was calling Dell to verify, and then referring it to the FBI. He hung up.
Dec 5, 2014 10:14:12 #
skott
Loc: Bama
Loki wrote:
I had a call last night from some guy with a Hindu Accent. Caller ID said it was from New York. He claimed to be a Dell Representative who had discovered a "v***s" on my computer. I told him my computer is still under warranty, I was calling Dell to verify, and then referring it to the FBI. He hung up.
I had the same thing from "microsoft." My computer was locked down, but I got a friend to fix it.
Dec 5, 2014 10:23:37 #
skott wrote:
I had the same thing from "microsoft." My computer was locked down, but I got a friend to fix it.
Goddamn thieves.
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.