Monthly Archives: November 2011
With Cyber Monday, the “official” start of the online holiday shopping frenzy now just a fond memory, online shoppers should remember to be vigilant about any email messages they receive relative to their shopping extravaganza..
Pretty much everyone is in a hurry to get their online holiday shopping done and shipped. During the next few days and weeks you may see what appears to be an email from UPS saying “package not delivered,” and please click on a link to get the issue resolved. Don’t just blindly follow these instructions. Chances are the email is a fake, intended to infect your computer with a virus..
The scam is designed to prey on online shoppers who are worried about the timely delivery of their purchases. The emails look and feel like they are coming from legitimate shipping outlets such as UPS but in fact, the emails either have virus infected zip files attached to them or they direct recipients to infected sites through the clickable links embedded in the HTML content..
In the email screen capture shown, there’s one big clue in the message that indicates it’s a fake: “We were not able to delivery the post package“ reads the “mish-mashed” sentence in the message..
There have been a number of variants in this campaign (some with attachments, some with no attachments and bad links), all of them personalized to the recipient, and sent from an ever-changing list of fake UPS employees or the generic ‘UPS Customer Services.’.
UPS itself is quite aware of scammers using its corporate name to spread malware or take advantage of unsuspecting users who might be willing to hand over credit card or other information to cyber criminals. The company recognizes it as a “continuing global issue,” and has a Web page devoted to fraud protection that’s definitely worth checking out if you ship or receive packages using the service..
The company “may send official notification messages,” a UPS spokesperson has said, but there are — and this is important — “rarely attachments.”.
If you get such an email, you can forward it directly to UPS at: email@example.com..
“You should not open attachments and should delete the email after forwarding,” UPS advises. The company continues to work with local and national authorities as well as participate in a cyberspace fraud task force. It’s a continuing challenge..
No matter how eager shoppers are for their shiny new purchases to arrive, they should take the time to check the original shipping confirmation that comes directly from the online vendor where the purchase was made. In addition, rather than clicking on embedded links in an email, shoppers should go directly to the shipping site and plug in the tracking number.
Over the last few days, Facebook users have been experiencing a flood of links, videos, and images depicting pornography, violence, and a myriad of unseemly images. Facebook confirmed the problem, in short, stating it was hit by a coordinated spam attack leveraging a browser vulnerability.
Some members of the social network are complaining about violent and/or pornographic pictures showing up in their News Feeds without their knowledge. Others are being told by their friends that they are sending requests to click on links to videos, sending out bogus chat messages, or writing mass messages and tagged photos leading people to believe they are in the link.
“Protecting the people who use Facebook from spam and malicious content is a top priority for us, and we are always working to improve our systems to isolate and remove material that violates our terms,” a Facebook spokesperson said in a statement. “Recently, we experienced a coordinated spam attack that exploited a browser vulnerability. Our efforts have drastically limited the damage caused by this attack, and we are now in the process of investigating to identify those responsible.”
“Our engineers have been working diligently on this self-XSS vulnerability in the browser. We’ve built enforcement mechanisms to quickly shut down the malicious Pages and accounts that attempt to exploit it. We have also been putting those affected through educational checkpoints so they know how to protect themselves. We’ve put in place backend measures to reduce the rate of these attacks and will continue to iterate on our defenses to find new ways to protect people.”
Users are outraged, and as is typical with Facebook members, many are already threatening to close their accounts. That being said, it’s still not known how many of the site’s 800 million active users are affected.
Think you may have a Facebook virus or your account has been hacked? Here are three things you should try: change your password, remove suspicious apps, and perform a virus scan.
Change your Facebook password
It’s possible your Facebook woes are coming from the result of a phishing scam. Someone may have created a fake website that looks like Facebook or another online service you visit and tricked you into logging in. Their goal was to steal your password and other account credentials, and they may have succeeded.
In this case, you should change your password on Facebook. :
If changing your password fixes your Facebook problems, you should change your password for all your other services too, especially if you use the same password for them as you previously used on Facebook. If this doesn’t fix the problem, try the next step.
Remove unwanted Facebook apps
It’s possible your Facebook problems are coming from a rogue app that you accidentally installed or were tricked into installing. Every Facebook app has certain permissions to your account. Some of these permissions you can modify, while others you cannot.
Your best bet is to remove all the Facebook apps you find suspicious. If you don’t know how to do so, there are guides on Facebook itself.
If cleaning out your apps fixes your Facebook problems, tell your friends they should do the same (chances are the app asked your friends to install it as well). If this doesn’t fix the problem, try the next step.
Get some security software and run a virus scan
It’s possible the problems are coming from some sort of malware, be it a keylogger, a trojan, or some other type of virus. Even if you think your computer is clean, it can’t hurt to check.
The aforementioned security programs are for Windows. If you have a Mac, try using the antivirus from Sophos.
After running the virus scan, clean out whatever the program detects.