Scam posts

Post-Purchase Scams Coming Under Fire From Senate

by Terrence O'Brien (RSS feed) — Nov 19th 2009 at 8:35AM

We're sure that you've all experienced the annoying post-purchase push to get you to subscribe to, sign up for, or buy something after hitting the check-out button at your (not so) friendly online retailer. Well, those often shady offers for rebates and big discounts are now the subject of a Senate Commerce Committee investigation.

These post-purchase scams often subscribe you to discount or rewards clubs without your knowledge. After confirming a purchase, you're often presented with a series of pop-ups promising $10 off, or cash back. Often, those screens only offer one obvious way to exit, and clicking on it quietly passes your billing information on to another site. And you'll be none-the-wiser until three months down the road, when you see an unidentified charge on your card that turns out to be a "membership fee" paid to a "rewards club." The worst part of such scams is that they're often included in the check-out processes of many major Web retailers -- including Barnes & Noble, 1800flowers, Buy.com, Expedia, and Fandango.

The investigation produced a report titled "Aggressive Sales Tactics on the Internet and Their Impact on American Consumers," unveiled by the Committee Chairman John D. Rockefeller this week. "The companies we are investigating have figured out very clever ways to manipulate consumers' buying habits," Senator Rockefeller said in a statement introducing the report. The report names three companies -- Affinion, Vertrue, and Webloyalty -- that have collectively earned $1.4 billion through these misleading tactics and through their enlisted partner sites, 88 of which have earned more than $1 million apiece. The notoriously shady Classmates.com alone netted more than $70 million in profit. You can see the full list of these sketchy sites above in the "Post Transaction Marketing Wall-of-Shame," assembled by TechCrunch.

Senator Rockefeller said in the hearing, "[This] Committee needs to start thinking about the legislative steps we can take to end these practices." Fortunately, the public shame of the investigation and the threat of government action seems to have pushed some of the companies to preemptively change their practices.

You can find out more by reading the staff report here (Warning: PDF), and by checking out the incredibly thorough analysis at Ars Technica here. [From: U.S. Senate Committee on Commerce, Science, and Transportation, TechCrunch, and Ars Technica, via: Huffington Post]

Tags: government, investigation, post purchase scams, post transaction marketing, PostPurchaseScams, PostTransactionMarketing, privacy, scam, Scams

Web

Spam Gangs Make Millions by Targeting Swine Flu Fears

by Terrence O'Brien (RSS feed) — Nov 16th 2009 at 4:00PM

Usually when we're getting spammed and scammed by fake online pharmacies, we're being offered steep discounts on Viagra. But Russian gangs are turning their attention from 79-percent Pfizer discounts to offers for Tamiflu, the antiviral medication used to combat both the seasonal and swine flu.

Security firm Sophos claims to have intercepted hundreds of millions of fake flu-related spam mails and Web sites. The trend is particularly worrisome, since despite low infection rates and even lower mortality rates, H1N1 (or swine flu) still inspires panic in much of the population. The gangs are preying on these fears by operating sites with seemingly legitimate brand names, like "Canadian Pharmacy," according to Reuters. The sites sell counterfeit drugs to gullible customers, but Sophos also worries that those sales are part of a larger scam that may put consumers' credit card and personal information in jeopardy.

Tags: flu, H1N1, medical, scam, Scams, spam, swine flu, SwineFlu, Tamiflu, top

Web, Social Networking

Spam Spreading on Twitter via Direct Messages -- Again

by Caleb Johnson (RSS feed) — Nov 12th 2009 at 1:35PM

Not to sound like a broken record, but there's a lot of spam on Twitter. Let us illustrate. If the Internet were high school, Twitter would be voted "Most Likely to be Spammed." So, it was no surprise when Mashable reported that a number of users have recently been flooded with spam via direct messages. A quick search on the micro-blogging site proves that people are pretty upset about it, too. There's still not a lot of details on the scam, but you should be on the lookout for any suspicious messages from people you don't recognize. For example, if you receive a message from a half-naked girl asking you about a quiz, don't click the link! We know that sounds obvious, but apparently some people are falling for the scam. After all, it takes hacked accounts to continue spreading the spam.

So what do you do if you become a victim? First, change your password right away. While Mashable has reported this wave of spam to Twitter, it's probably not a bad idea for you to report it to the site, too. Last, don't feel ashamed if your account gets hacked. Remember, this isn't the first time the Twitterverse has been plagued by spam, and we're sure it won't be the last, either. [From: Mashable]

Tags: scam, security, socialnetworking, spam, top, trends, twitter, web

Web, Social Networking

Twitter Hit by Another Direct Message Phishing Scam

by Caleb Johnson (RSS feed) — Oct 29th 2009 at 11:01AM

It seems like every day that a new phishing scam hits Twitter, and Wednesday was no different. According to CNET News, Twitter warned its users to be on the lookout for a phishing scam that attacks via direct messages. "[If] you've received a strange (direct message), and it takes you to a Twitter log-in page, don't do it!," Twitter warned in a post.

Of course, this isn't the first scam that disguises itself in a direct message. But this message attempts to fool you by posing as a dear friend. According to Sophos, the message reads: "hi. this you on here?" and is followed by a link to the phishing site. The link, if clicked, redirects you to a fake Twitter log-in page, where the phishers intend to steal your user name and password. If you enter both, you'll see a faux over-capacity page that's supposed to make the scam seem more real. When Sophos logged in to the false page, it was directed to the over-capacity page, and then to a blog by someone called NetMeg99. It's unclear as to whether or not that blog is part of the scam, too.

Tags: microblogging, password, phishing, scam, security, socialnetworking, top, twitter, web

Web, Social Networking

Fake Facebook 'Password Reset' E-Mails Hiding Malware

by Terrence O'Brien (RSS feed) — Oct 27th 2009 at 3:57PM

Facebook's good name is being leveraged for yet another brutal round of malware dispersal. The trojan, Bredolab, is being distributed via e-mails with the subject line "Facebook Password Reset Confirmation". The message generally reads:

Hey (insert username),
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team

The attachment, a .zip file, will have the name "Facebook_Password_" followed by a short sequence of random numbers and letters. Inside, there is an identically named file, except that it's an .exe (or executable) file instead of an archive. Run that file and you'll be kick-starting a torrent of malware downloads, including a fake anti-spyware program. Bredolab is able to hide by injecting its own code into existing Windows components, and by automatically shutting down if it detects another program (such as an anti-virus package) investigating its activities.

Tags: bredolab, facebook, malware, scam, security, spam, top, trojan

Web

FDA Warns of Faux Swine Flu Products on the Web

by Caleb Johnson (RSS feed) — Oct 23rd 2009 at 3:00PM

Back a few months ago, swine flu scams and misinformation plagued Twitter accounts. While the hysteria surrounding the disease has calmed somewhat, there are still foul folks out there trying to make a quick buck by capitalizing on fear. According to Newsvine, the Food and Drug Administration (FDA) has discovered and warned creators of more than 140 products that falsely claim to combat H1N1, or swine flu, as it's more commonly called.

These items include sprays that supposedly sterilize surfaces and even the air, dietary supplements that say they boost the immune system, and most disturbing, fake Tamiflu -- one of two drugs recommended for treating swine flu, and also requires a prescription. FDA sites say that new fraudulent Web sites crop up every day, while vaccine shipments continue to be delayed and Tamiflu is prescribed only to the sickest patients.

Tags: disease, drugs, fda, fraud, h1n1, health, medicine, scam, swine flu, SwineFlu, top, trends, web

Web, Social Networking

Twitter Lets Users Fight Back as Phishing Scams Spread

by Terrence O'Brien (RSS feed) — Oct 15th 2009 at 6:34AM

As Phishing Scams Proliferate Twitter Fights Back

The pool of phishing scams on Twitter is seemingly bottomless. Every time we turn around, there is a new one popping up, or an old one reemerging, or some other unfortunate development that sends us rushing to the presses only to give users the same advice over and over again: Don't click on that link.

The most recent scam comes in the form of a direct message declaring "you're on this vid!" followed by a link. Click the link and you'll be led to a page that looks an awful lot like the login page for Twitter. But don't be fooled. Check that address bar and you'll quickly see that you are not, in fact, on Twitter. If you make the mistake of trying to log into the fake page, your account will be hijacked and used to send the same message to all of your followers.

Tags: phishing, scam, security, spam, top, twitter

Web

FBI Busts Up Worldwide Phishing Ring

by Terrence O'Brien (RSS feed) — Oct 9th 2009 at 6:28AM

The FBI has busted up a major spam and bank fraud ring that spanned from coast to coast, and even had ties to Egypt. Fifty-three suspects in Los Angeles, Las Vegas, and Charlotte, North Carolina have been indicted, with dozens of them already in police custody. An additional 47 Egyptian suspects have been named, and authorities there are working to apprehend them now.

The scam centered around phishing spam e-mails, in which the crooks posed as representatives from a bank and asked the victims to update their personal information by following a link. If targets followed the link, they were taken to a bogus banking site that harvested their personal and banking account information. The 100 criminals, working in concert, immediately withdrew money from their victims' accounts, transferring their spoils to fraudulent accounts.

Tags: crime, fraud, identity theft, IdentityTheft, phishing, scam, top

Web

After Phishing Attempt, Wife Bans FBI Head From Online Banking

by Caleb Johnson (RSS feed) — Oct 8th 2009 at 12:35PM

Don't feel bad if you've recently fallen for an e-mail scam. They're not always easy to identify. Just ask FBI Director Robert Mueller. Mueller received an e-mail from his bank asking him to verify some account information. After entering said information, Mueller says he realized that the e-mail was part of a phishing scam. According to CNET News, he immediately changed his passwords and breathed a sigh of relief.

The FBI chief avoided the wrath of phishers, but not his wife (video after the break). She nixed online banking in their household and said, "It is our money. No more Internet banking for you!" During a speech Wednesday in California, Mueller said that he'd tried to explain to his wife, promising that he'd learned his lesson and calling the near slip-up a "teachable moment." He was taught a lesson, alright, and one he should have learned long ago, at that. "If Mama ain't happy, ain't nobody happy." [From: CNET News]

Tags: banks, expire-images:2010-10-8, fbi, hack, money, online banking, OnlineBanking, phishing, scam, web

Web, Social Networking

FBI Issues Warning Over Friendly Facebook Scams

by Terrence O'Brien (RSS feed) — Oct 6th 2009 at 7:23PM

The disturbing evolution of the 419 scam from e-mails from Nigerian princes to hijacked Facebook accounts is raising serious alarms within law enforcement circles. We originally reported this new tactic in January, but users still haven't caught on. Just last month a Missouri woman was taken for $4,000 by a scammer posing as a friend on Facebook, and the 'Today Show' recently aired a segment about Sister Erma, a nun, whose Facebook was hijacked and used to dupe her friend Debbie Peterson in to handing over $3,000.

The scam starts with spam messages that contain malcious links. People careless enough to click on these links, like the previously mentioned CooooL Video and FBAction messages, are either led to fake Facebook log in pages that steal your e-mail and password, or are infected with a keylogger that captures all of your usernames and passwords across several different sites. Once the scammers have collected this information they begin sending messages to friends and family of the hijacked account claiming to be in trouble -- in most cases stuck traveling abroad. The messages claim that the person has lost his or her wallet or been mugged and needs a loan (of several thousand dollars) to pay off hotel bills.

Tags: 419, facebook, fbi, ic3, scam, security, top

Web, Social Networking

Facebook Hit by Fake Profile Scam

by Terrence O'Brien (RSS feed) — Oct 2nd 2009 at 4:10PM

Facebook has been beset by its share of scams, hacks, and attacks. The latest breach of security though is particularly worrisome, with fake profiles containing a link to a supposed home video flooding the site. If you click through, you'll be greeted with a piece of malware posing as an anti-virus program that tries to trick you into handing over credit card information to buy fake security software.

What makes this scam unique is that rather than using hijacked accounts, the malware is spreading through software-generated profiles. The existence of these fake accounts, completely identical outside of the name, indicates that hackers have figured out a way to defeat the Captcha system that is meant to keep bots out.

Tags: facebook, malware, scam, Scams, security, top

Web

Malware Robs Your Bank Account and Then Covers Its Tracks

by Caleb Johnson (RSS feed) — Sep 30th 2009 at 2:18PM

You might want to keep a closer eye on those bank statements. Hackers have developed a sophisticated and scary program that quickly alters online bank statements in order to hide exactly how much money cyber-crooks have been siphoning from the account.

According to Wired, the malware, called URLZone, infects a computer when the user visits a compromised site, or a site set up by hackers. Then, the program steals the user's bank account log-in information and begins draining funds that it then sends to other designated accounts. However, the victim doesn't realize the money is missing because the program rewrites the text in the html code. So, when the browser displays the page, it looks like either no money has been stolen or just a small amount has been transferred.

Tags: banks, browser, hack, malware, money, online, scam, security, top, web

Web, Social Networking

Twitter an Easy Target for Scammers, Security Experts Say

by Caleb Johnson (RSS feed) — Sep 29th 2009 at 3:28PM

Twitter scam stories are pretty easy to ignore these days; after all, they've become commonplace. Unsurprisingly, security experts say this trend isn't going away anytime soon, especially with the holidays just around the corner. According to USA Today, attacks that targeted trending topics and scams that were spread via direct messages swamped the site last week.

The scams continue to plague the micro-blogging site because it's simple to create a fairly anonymous account, tweets instantly appear all across the Web, and links frequently appear in shortened form, making it hard to know the link's true destination. Gerry Egan, director of Symantec's security response team, says it's not Twitter's fault. "This is simply another case where malicious attackers are using neutral technology as a means to their deceptive ends," he told USA Today.

Tags: scam, security, social networking, SocialNetworking, spam, top, twitter, url-shortener

Web

Hackers Steal Half a Million Dollars Using Direct Deposit

by Terrence O'Brien (RSS feed) — Sep 25th 2009 at 4:01PM

We always say that the best defense against cyber-security threats is a little due diligence. If you watch out for warning signs, most major breaches are avoidable. That advice applies not only to individual PC users, but to businesses, as well, and to banks, most importantly. Unfortunately, just like regular users, many banks and businesses fail to carefully guard their systems.

Hackers used this lack of careful observation to their advantage when they withdrew $588,000 in one week from the account of a small, family-owned, construction company called Patco. According to the New York Times, the cash was withdrawn from an account with People's United Bank, or Ocean Bank of Delaware, that was reserved for payroll purposes. The hackers exploited the ACH (Automated Clearing House) Network, which is used for direct deposits, to make faulty payments to accounts, causing the bank to draw on Patco's line of credit to cover the $223,237 in overdrafts.

Tags: bank, crime, hackers, scam, security, top

Web, Social Networking

New Twitter Worm Hijacks Your Account via Direct Message

by Caleb Johnson (RSS feed) — Sep 24th 2009 at 12:21PM

Another day, another Twitter worm. The latest worm (or Tworm, if you please) to hit the micro-blogging site is even sneakier and more dangerous than others we've warned you about. That's because it's being spread via direct messages (DM) from users you know, not random spam accounts.

Let's keep it simple. If you receive a DM with the link pictured above, don't click on it. Delete the message immediately. According to Mashable, this link will direct you to a fake (but apparently pretty believable) log-in page, where, if you enter your account information, the worm will infect your account and set about infecting others by sending the link. If you already clicked on the link and your account has been hacked, simply change your password and report the problem to Twitter. Mashable says that Twitter is aware of and is handling the problem. As usual, avoid any suspicious links, even if they're from friends. [From: Mashable]

Tags: hack, microblogging, password, scam, top, twitter, worms

Most Emailed Stories

Editors' Picks

Deals of the Day

http://xml.channel.aol.com/xmlpublisher/fetch.v2.xml?option=expand_relative_urls&dataUrlNodes=uiConfig,feedConfig,entry&id=758444&pid=758443&uts=1256672453

http://cdn.channel.aol.com/cs_feed_v1_6/csfeedwrapper.swf

'Black Friday' Deals to Watch For

Getty Images

Black Friday' Deals to Watch For

Traditionalists might balk, but the holiday shopping season is already underway. Skeptical? Head to your local department store and you'll be inundated by Christmas trees and ornaments. Bargain hunters, though, know that the real deals are more than a month away.

Black Friday, traditionally, is when retailers truly slash prices. Early birds can save hundreds, if not thousands, of dollars off of their holiday bills. Switched.com checked with a few elves, who gave a sneak peek at what you can expect deal-wise this year.

Blu-ray Players and Movies: Blu-ray is shaping up to be the biggest door buster of this year's Black Friday. de Grandpre expects at least one retailer will offer a Blu-ray player for just $49. Look for bargains on Blu-ray films as well, with last year's hit titles (such as "Iron Man") to fall as low as $5.

Laptops: With the proliferation of Netbooks this year, it's never been easier to find affordable portable computing, but Dan de Grandpre, CEO of DealNews.com says it will get even cheaper on Black Friday. Look for well-equipped Netbooks to sell for $199 – and basic 15" laptops to go for as little as $249.

HDTVs (Pretty big): The holidays are typically the best time to buy a new TV – and Black Friday is the time to do it. If you're looking for a normal sized set, you're in luck. Piper Jaffrey analyst Mitch Kaiser says he expects to see 32-inch LCD sets for as low as $299. GottaDeal.com is estimating 37-inch plasma and LCD sets will fall to $399 or less.

HDTVs (Really big): Need something bigger? How about a 46-47 inch LCD set for $599 – a 25 percent savings? Or a 52-inch LCD for $999? Dealnews says you can expect both. Plasma deals will be a little harder to come by, but a 50-inch set should run roughly $899.

HD Camcorders: You've wanted to shoot your child's school play in HD for a while, but haven't been able to spring for the pricey camcorder. This might be the year. Low-end, flash-based 720p models could drop as low as $60 (though you won't be able to zoom with those). Expect a high quality 1080p HD camcorder for $349.

GPS: While navigation systems have dramatically expanded their reach this year – even making it onto the iPhone – there's still a market for car-based systems. Dealnews predicts you'll be able to find a no-name entry-level system for $49, while a Garmin or Tom-Tom brand will be as low as $69.

Digital Picture Frames: Showcasing your digital pictures consistently gets cheaper. This year, skip the 7-inch screens and focus on the 8- or 9-inch ones, which should be available on Black Friday for as little as $30.

Monitors: Computer monitors might not be the sexiest of gifts, but they're usually welcomed with open arms – and they'll be cheap this year. Name brand 22-inch LCD models may go for as low as $99, while 24-inch models will drop below $150.

Memory: Don't know anyone who needs a monitor? External hard drives are always popular, since they're an easy way to back-up data. Dealnews expects a 1TB drive to fall as low as $49 this year. Gottadeal is looking for 8GB flash drives to hit $15.

Latest Reviews from CNET.com

CNET provides the latest tech news, unbiased reviews, videos, podcasts, software, and downloads, making tech products easy to find, understand and use.

Top Product Reviews

Home Audio Reviews
9.0 out of 10
Definitive Technology BPX
Works great with Dolby Pro Logic and Dolby Digital. Full Review
9.0 out of 10
Denon AVR-4306 (black)
Incredibly well-featured 7.1-channel receiver; excellent sound quality; three HDMI inputs; converts analog video to HDMI output; upconverts analog video to 720p/1080i HD resolution; iPod and USB MP3 player connectivity; Internet radio and MP3/WMA streaming audio via built-in Ethernet port; XM Satellite Radio compatible; touch-screen remote; multizone, multisource operation; browser-based control via home network; accurate autocalibration routine. Full Review
8.8 out of 10
KEF KHT3005 (black)
The KEF KHT-3005 is one compact, beautifully designed speaker package with solid aluminum satellites that feature unique driver technology to produce incredible clarity. Meanwhile, the equally astounding dual 10-inch, 250-watt powered subwoofer delivers ultradeep bass. Full Review
Cell Phone Reviews

8.7 out of 10
SignalBoost Mobile Professional Amplifier Kit
The Mobile Professional Amplifier delivers a powerful signal boost to your cell phone. Also, it offers a compact design and easy setup. Full Review
8.6 out of 10
Wi-Ex zBoost YX510-PCS-CEL cell phone signal extender
The Wi-Ex zBoost YX510-PCS-CEL significantly boosts your cell phone reception and is easy to operate. Also, it uses a wireless connection to your phone. Full Review
8.3 out of 10
LG VX6000 (Verizon Wireless)
Compact and stylish; impressive battery life; solid audio quality; sharp color screen; built-in camera; USB ready; affordable. Full Review
Digital Camera Reviews

9.3 out of 10
Canon EOS 1D Mark III
Extremely fast, 10-megapixel continuous shooting; very low noise; highly customizable; well-designed body with weather sealing; 3-inch LCD; abundant optional accessories. Full Review
9.3 out of 10
Nikon D3 (body only)
Full-frame sensor; well designed, pro-level weather-sealed body; very low noise, even at extremely high ISOs; fast. Full Review
9.0 out of 10
Canon EOS-1Ds Mark III
Very low noise, high quality images; 21.1 megapixels; live view shooting; pro-level build-quality and performance. Full Review
Desktop Reviews

8.9 out of 10
Velocity Micro Edge Z30 (Intel Core i7)
Best value among midrange gaming PCs; Velocity Micro's consistently high build quality; compact case makes few sacrifices; second graphics card slot previously uncommon at this price. Full Review
8.5 out of 10
Apple iMac (24-inch, 2.8GHz)
A minor specification update results in some significant performance gains; graphics upgrade an option on this 24-inch model; sleek, polished design didn't receive an update, but we won't start clamoring for a new design until the current one is at least 12 months old. Full Review
8.4 out of 10
Velocity Raptor Signature Edition Gaming PC
One of the fastest PCs we've tested; a PCI Express RAID card helps media encoding performance; typically immaculate Velocity Micro assembly; strong, three-year warranty. Full Review