Scam

I was just looking at Facebook to check for spam and scams when I found this: I’ve blurred out a few things for privacy, and, most crucially, safety. The point of this post is the domain name. The spaces around the dot and the zero in “C0M” are just as they were in the original spam message. If spammers are going to the trouble to obfuscate their messages, it seems to show that Facebook’s spam filters are having some effect. Malformed links mean that you have to make an serious effort to actually go and visit the spammer site. And consequently, if someone’s going to go through all that trouble, they’re more likely to buy into whatever scam is at the other end. Click on the link, and you immediately get redirected, even though you won’t notice: ...

I ran into a few strange IMs over the weekend. When I was not shoveling out my driveway from the 15 inches of snow that covered it I was logged into Facebook telling people about it…. It was then that I started receiving some VERY interesting IMs from a friend extolling the virtues of a clean colon (yep – you read that right): ...

Just a quick note – the sudden death of Hollywood celebrity Brittany Murphy last Sunday (BBC report here) has prompted a spike in searches on the subject – and of course, an SEO attack. Users who click on a poisoned search result link will be redirected to a website that will display a scare message trying to panic users into downloading rogue AV software: Screenshots of the rogue AV: ...

ProtectPC’s is a nasty rogue antivirus program, or phony security software, used to scam people out of their money. If your PC is infected with ProtectPC’s you should remove it immediately. ProtecPC’s poses a serious security risk for all PC users. Symptoms of a ProtecPC infection can include: Web Browser redirecting spontaneously System scans that result in reports showing multiple infections Pop-Ups and system alerts stating the PC is infected Programs being shut down or unable to open Click Here to learn how to remove these kind of malware. ...

Malware Defense is a rogue security program, designed to look like legitimate security software. If Malware Defense has been installed on your PC more than likely you did not intentionally download it, it just appeared one day. Malware Defense usually infects a computer system with help from malicious advertising or a trojan found on a shady website. Malware Defense usually infects unsuspecting users PC’s without permission. Malware Defense is a scam, do not buy this software, it should be removed from infected computers immediately. ...

System Adware Scanner 2010 is phony security software, made to look and act like legitimate security software. System Adware Scanner 2010 is a potentially very dangerous PC infection that should be removed from infected systems immediately. System Adware Scanner 2010 usually uses false security warnings and alerts to frighten people into buying the software. System Adware Scan 2010 will run system scans and report numerous infections to the user, which are false. System Adware Scanner 2010 will then request payment to remove the supposed infections. ...

Data Doctor 2010, an encryption trojan via our old “friends” iframedollars. It encrypts the files on your hard drive very rapidly if you’re unfortunate enough to be victimized by it. It arrives through drive by downloads from malicious web sites. It’s also packaged with other malware. The victim receives a message that the system is shutting down due to “Unrecognized disk driver command.” ...

Earlier in 2009, the Microsoft privacy homepage became the target of rogue security software developers looking to make a fast buck. The developers of the rogue security application known as “Privacy Center” even went so far as to include a link to Microsoft to trick users into thinking the rogue is a Microsoft product. Trojan:Win32/PrivacyCenter is a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. ...

Another Clone of WiniGuard family, SysDefence! went live about 3 hours ago. They’re flying off the conveyor belt today. The GUI is identical to TheDefend except the name.

Starting at ~3:20pm GMT today, Canadian Pharmacy spammers began using attached MP3 files as the call-to-action for their latest campaign. The message had no subject, no “text” body content, just an attached “audio/mpeg” file with a random lower case file name. Upon playing the attached mp3 file, you find out why I called it the “call-to-action”. A robotic sounding woman’s voice reads off the URL they would like recipients to browse to (letter by letter), with porn-like moaning as background noise. I guess they are going for the often used spam tactic of tying ED pills (Viagra, Cialis, etc..) to porn star-like performance in bed. ...