Tag Archives: fraud

How To

Don’t fall prey to this Bitcoin phishing attack

We got the following email to our company’s main mailbox yesterday. I took a screenshot of it, so you can click on it to view it large (see below). It certainly sounds ominous, and to the layperson, enough “details” are included in the message to make them start to worry and God forbid, even consider paying the turd who sent this out.

First and foremost, I need to say that this is a templated phishing attack. In other words, it sounds personal, but no one person is being specifically targeted. The hacker who sent this out is hoping that enough people will feel guilty and scared to start paying him/her the fee, after which point he or she will keep asking for more money.

I looked at the email headers and they were “stripped”, meaning the actual routing information for this email wasn’t included, flagging this message right away as a fake. Sure, it looks like it’s coming from our email address, but the hacker is “spoofing” it, using software that makes it look as if it was sent from us, when in fact it was sent from them. I know this sounds complicated to most people, but don’t worry, read on, I’ll give you other reasons why this is all fake and I’ll tell you what you need to do to safeguard against actual occurrences of these things. You can’t eliminate the possibility of this actually happening, but you can minimize it through basic precautions and regular upkeep of your network security.

This is why it’s important to be confident in the security measures and precautions that you have implemented at home or at the office. For example, I know that:

  • I change my passwords fairly regularly and I use long, randomized passwords or passphrases. I store them in Keychain, the built-in app that comes with every Mac.
  • I have standard network security in place, such as a firewall, a router that uses NAT, and I don’t keep any ports open by themselves. Network devices can open ports, but the firewall only allows incoming traffic to those devices and only when they initiate it. This is fairly standard on all modern firewalls. I know my router doesn’t have software vulnerabilities. I know because I update its firmware whenever a new version comes out, which is something everyone should definitely do with their routers.
  • I have anti-virus software that checks my computers. I update it regularly. You should do the same. There are many options here, pick one that you like to use.
  • I use a network traffic analysis tool called Fingbox, which alerts me to unusual traffic patterns, ports and devices using my network. There are other similar devices on the market and everyone should have one of these things and should know how to use it.
  • The email account the hacker talks about isn’t hosted on our local network, it’s hosted offsite with my web hosting provider, who is in a different country and has some fairly serious security measures in place to detect the sort of behavior the hacker brags about. So even if they’ve hacked into it, that doesn’t give them access to the kind of data they’re talking about.

Making a “full dump of my disk” is a ridiculous and funny thing to say. I have about 12-16 TB of data connected to my computer at any given time. Good luck making a “full dump” of that! It would take weeks, nay months…

The hacker apparently “looked at my web traffic” and was “shocked”. “Sites for adults”, oh no… I’m not even going to gratify that accusation with a response except to say every single one of us can visit whatever sites we damn well please on the internet, but we also need to be ready to accept the consequences of those web visits. The consequences can include: the logging of your activities on the site, the activation of your webcam and surreptitious recording of your “activities” as you surf those sites, the installation of trojans, and in case you visit illegal websites, possible visits from law enforcement. Macs are less likely to be “vandalized” in these ways by bad websites, but Windows computers can easily fall prey to code attacks. Know what you’re getting into and be willing to accept the consequences.

It also helps to have something called a Privise webcam cover (it used to be called Privoo when I bought it). It’s inexpensive and is a sliding cover for the webcam, allowing you to keep prying eyes from looking at you through the webcam even if they’ve hacked into your computer.

The filthy, smelly little bug who sent the phishing message wanted payment in Bitcoin. It is of course untraceable and would force you to buy the currency in order to pay him/her. Law enforcement wouldn’t be able to trace the transaction, even if you filed a police report afterward. This is why I don’t like cryptocurrencies! Not only are they wildly speculative but the transactions are untraceable, making them perfect for modern-day highway robbers and thieves.

Don’t think for a moment that once you pay the turd his asking fee, whatever he/she’s got on you will “self-destruct automatically”. No, he’ll keep whatever he’s got and he’ll keep milking you for money — after all, you’re his cash cow now. Moo…

Like I said above, your best defense is to learn and implement basic network security measures, be confident in what you’re put in place and if you messed up, own it and accept the consequences, but never pay the hackers, you’ll only encourage them. And back up your data! That should be your #1 safety precaution against anything. Ideally, you should have one synchronous local copy (gets updated regularly), an asynchronous local copy (only gets updated 2-3 times a year) and an offsite copy (or two). If your data is important to you, back it up!

Standard
Thoughts

Watch out online…

The internet’s always been a fairly wild place with few rules to rein in offending behavior. And it’s always been a place where plenty of people were ready, willing and able to dupe you — to run a sheist on you, to phish you, to install malware on your machine, to mess with your mind, etc. 

I’ve seen an uptick in this sort of nasty stuff lately and I wanted to tell you to watch out when you’re online. Besides the typical “I’m a prince/general/president and I need your help with my inheritance” crap, my Junk Mail folders have been filled to the brim lately with:

  • Fake “DHL delivery notices” packing self-extracting malware, and
  • “Failed PayPal payments” that I should “confirm” in effect giving out my PayPal login information, or with
  • Fake “domain expiration notices” from all kinds of shady, two-bit lowlives that could lure normal people into transferring their domains from genuine registrars to these crapolas, who would then hold them for ransom and charge ever-increasing fees, or 
  • Home warranty and home protection “quotes” from places that have nothing to do with legitimate companies that handle this sort of thing, and
  • More online trash not even worth the pixels it’s getting on this display right now. 

Some of this stuff may seem innocuous. And it may even seem like nothing happens when you click on one of those attachments. Rest assured though, if it’s packing the right code for your system, you’ve just turned your computer into a “zombie” that is now under the control of some douchebag somewhere, and it’ll either be part of a “zombie farm” that launches attacks on various online properties, or it’ll be closely monitored: every keystroke logged, screen captures taken, webcam activated without your knowledge, all for the purpose of obtaining your online account information and other personal, potentially damaging information that could be used as leverage in a blackmail operation. 

Please be careful out there! Watch out for yourselves. The best advice I can give you is to use your common sense — I know it’s in short supply these days, but you have to try to use it.

If something look suspicious or you don’t recognize the other party, just delete the message. If it claimed to be from a bank or a CC company you do busines with, just pick up your phone and contact them directly, through the number that you already know works for them, in order to confirm that your account is in good standing order. Don’t just click on anything and log onto anything that might seem to be the website of your bank or the website of an online store. Be careful. 

Standard
Thoughts

Three psychics exposed as frauds

I’ve always thought and said psychics were fake, along with ghost stories. Sure, it makes life (and books) more interesting if a ghost pops up here and there, but unfortunately, when people die, they’re dead as doornails. They’re gone. Out for good. Goodbye. That’s why life is so precious. Every day must be spent carefully and cherished, because when our days are over, they’re over.

That’s why it’s great to see psychics exposed as the frauds they really are, as one BBC show did, recently. The host made up a fake story about some chocolate factory manager, printed it in a leaflet about the factory, and also put it up on the factory’s website. When the psychics were invited to the factory and asked to channel any ghosts that might be around, they all “somehow” picked up on the fictitious manager’s ghost. When they were told the ghost was fake, each did their best to cover up for their slimy behavior and slinked off camera to lick their wounds. Disgusting.

BBC 3 Bullsh!t detector exposes three mediums [via Boing Boing]

As for questions about what really happens in the afterlife, or if there is one at all, see item #26 on this page. That’s what I believe, and whether it makes sense to you or not, please note the explanation includes no ghost stories.

Standard
Reviews

Caveat Emptor: Global Internet Solutions (GISol)

Updated 11/4/2008: See FOX News expose GISOL for the crooks they really are, and watch the two people behind the scam literally run from the camera. Watch the video on YouTube or below, and read the post, as well as the numerous comments here or on this post (over 300 comments in total). My thanks go to Mike of Report-Gisol.com for doing the legwork to get these criminals on TV.

These same crooks have been calling me from private phone numbers, harassing me, and trying to intimidate me into letting them post responses on my website. They’ve tried repeatedly to post comments on this post and on my other post about them, and I refuse to let their lies go through to the live site. They need to be in jail.

This is one web hosting company you should not touch, not even with a 10-foot pole!

I signed up with them back in January of 2006, because I was attracted by their many features and low price. They were offering over 35GB of space, and unlimited bandwidth. While that last hook should have had me turning away, I fell for it. I anticipated increasing traffic to my sites, and was worried about bandwidth fees. Their many features blinded me. See the attached PDFs for the details of the hosting packages (Gisol Windows Hosting, Gisol Linux Hosting). GISol AdSure, there were signs this was a shady operation right from the start, but I ignored them. The cheesy site design should have clued me in, as well as the script, which is still running, and says there are so many more hours left until the “blowout sale” expires… As of the date of this post, that script’s been running for at least 6 months (January to June 2006).

I took the bait, and signed up. That’s when my problems started. I knew I should leave right away, but I was hooked on their Control Panel, which let me do everything easily. They were, and they still might be using the H-Sphere Control Panel, which lets one do just about everything (add/manage domains, sub-domains, DSNs, MIME types, databases, etc.) You name it, the control panel can do it. Unfortunately, that’s the ONLY thing that Gisol has which works well. Everything else is broken in one way or another.

Let me give you a few examples:

Their web servers always go down! By always, I mean always. It could be daily, it could be a few times a day. Sometimes, if you’re lucky, your sites will stay up for a few days, which is nothing short of a miracle when it comes to GISol. The funny thing is, they advertise 99.999% uptime on their site – look at the plan specs, linked above, or this beauty: Gisol Uptime Guarantee. I’m still not sure how they compute the percentage they list in the plan specs, but I think their formula automatically eliminates the downtime to the third decimal point…

Their web servers don’t store session variables. Yes, you heard me correctly! I used session variables for logins on one of my clients’ sites, including a couple of my own. I’d log in, and the site would kick me out, because I had the web pages look for the variables, and they couldn’t be found anywhere. I had to argue with their tech support for days, and finally appealed to management. They kept accusing me of being at fault, when their pathetic servers wouldn’t work right. Finally, they switched me to another one, and wonder of wonders, no more session variable problems… but of course, other problems awaited.

Their tech support is outsourced to India. Normally, I don’t really care where the tech support is located, as long as they can do their job, but when they can’t speak English, are obviously reading packaged phrases off some sheet, are rude to me, don’t solve my problems, and lay the blame on me when they’re at fault, I tend to get a little upset, and I think you would, too.

False advertising: they say they have millions of customers on their site. I doubt it. I think their real number of customers is somewhere between a few hundred and a few thousand. Why do I say that? Because:

  • They only had 1 mySQL server. Seriously. I’m not kidding. The name of that server was was mysql1, and they couldn’t move me to a new one when I asked.
  • I signed up for a Windows Hosting account, and my server’s name was win2k8. When I had problems with that, they moved me to win2k9, then win2k10.
  • I also signed up for a Linux Hosting account, and my server’s name was web16.
  • When I called Tech Support, I kept speaking to the same 3-4 technicians all the time.

I had numerous – and when I say numerous, I mean plentiful, as in plethora – database connection problems. Just about every time I tried writing to one of the mySQL databases, I’d get timeouts or connection problems, and they simply couldn’t solve them.

The user testimonials on their site are false. They have to be. I can’t imagine I’m the only one who’s had problems with them. Besides, the problems are so blatant that anyone but a blithely unaware novice would know they’ve got serious problems.

I made the mistake of buying a domain through them. When I wanted to switch to another web hosting provider, they held the domain hostage. It took several emails and phone calls to get them to release it. I kept getting bounced from one “department” to another. Welcome to Indian-style bureaucracy, right here in the States!

I cancelled my web hosting plans. On their site, they say they offer refunds any time, for any reason. That’s the biggest crock of crap I’ve ever seen. It’s now three weeks since I requested a refund, and I’ve still to get it. I spoke with their Billing “department” – and I use the term loosely. They passed me off to the Refund “department”, and told me I could call them at certain phone numbers – one was a toll-free number, and the other was a long-distance number. I called the first number, only to be disconnected right away. Then I called the second number, only to have it ring endlessly, then get disconnected. No, not even an answering machine. Finally, I wrote to their email address (refund@gisol.com). I’m still waiting for an answer. I’ve already started fraud proceedings with my credit card company.

All in all, I think I don’t exaggerate when I say you should beware of Global Internet Solutions (aka GISol). If you value your sanity and your wallet, stay far away from them!

Standard