Beware of Facebook Chat-Jacking Scams

How would you like it if someone was pretending to be you, so that they could rip off your friends? Yesterday, Keith warned us about the Photoshop scam at Facebook, I’ve decided to fill you in on some of the details about this type of  Facebook scam.  So what is Chat-Jacking and why should you care?

What is Chat-Jacking?

While in Facebook, you might get a message from a friend that goes something like this:

New Phishing Attacks on Indian Bank Customers

A major phishing attack has been launched against Indian banking customers by the administrator of a hitherto unknown organization called the Indian Bank Association (IBA). The administratorof this organization has sent out a warningagainst money laundering and its evil and in pretty strong language, urges you to update your records on your bank. The administrator has also kindly given you links to all the major Indian banks’ websites.
Very neat, isn’t it?


As you can see from this screenshot, none of the Web of Trust icons are colored in the friendly safegreen color. The grayed out circle with a question mark indicates that the link is an unknown site that has not been marked down or up by the community. Which probably means that they are recent sites. In the context of a banking site, that means unsafe.


Clicking on any of the links in that email sends you to a page of a domain named’.


ICICI bank’s original page has a high rating in WOT.


Something is very phishy about this. Ignore and mark as spam any email you get from admin [at] iba [dot] com.

[Thanks to Sathya ]

Is Cyberdefender a Scam?

no-go-ico On March 24, 2010, lawyers representing the Cyberdefender Corporation issued a ‘take-down’ notice to Allen Harkleroad. The take-down notice claims that Allen published false and potentially defamatory articlesabout their product and sales practices.

The Contenders:

Cyberdefender is advertised as an easy solution for PCs that are running slow or are infected with spyware or adware. You may have seen the television advertisements for and Visits to both of those websites will prompt you to install Cyberdefender software. It looks like Cyberdefender is the owner of both of those sites.

Allen Harkleroad is a well known consumer advocate, who has taken on some pretty big names in business, such as Dell, AMD, ATI, UPS and FedEx, to name a few.

The Contention:

Allen claims that Cyberdefender is a scam and has posted several articles in his websites, supporting those claims. Here’s one of them:

Beware of and Same Scam, Same Company

Here is a copy of the legal take-down notice from Cyberdefender’s lawyers:

CyberDefender Corp, MyCleanPC, DoubleMySpeed and Catanese and Wells

At one point, Allen says that he:

I installed the MyCleanPC software on a fully patched Windows XP machine that I rarely used just to see what happen. Other than installing software I use nothing else had been installed and no software had been uninstalled on the machine. It does have anti virus software on it. The CyberDefender software found over 3,000errors on a machine that runs perfectly fine, never had software uninstalled and rarely was on the Internet.

I’ve heard others claim that Cyberdefender isn’t worth the asking price. I decided to try it myself. I used Microsoft Virtual PC, with a copy of the IE6 test virtual machine. This allows me to run a clean, new, fully patched copy of Windows XP. It doesn’t have anything installed on it, not even an anti-virus program. The advantage to using a virtual machine is that I don’t have to worry about messing up a real computer.

Below, I have created a short slide show, which gives the results of my simple test.

Go here if you can’t see the embedded slideshow.


Let the buyer beware. If I see over 300 errors reported on a clean PC, I have serious doubts and would never buy the software.   What do you think about DoubleMySpeed and MyCleanPC? Would you buy them?

Twitviewer Another Twitter Worm On The Prowl

Yes we all want to know who is visiting our profile pages, however don’t yet fall for that trap in the form of Twitviewer which claims to show you which users have visited your profile.

Twitter has already sent out a notice to users to change their passwords if they have used that service.


To add to that advisory we also would like to say that, DO NOT use twitter services that ask for your username and password, twitter has a very easy to use OAuth API which can easily allow you to use any application without sharing your passwords.

Open Office Suite Scam

While doing my research for the post series for the Best Free Microsoft Office Alternatives, I came across several options and alternatives, however a scam website called MS Open Office Suite ( caught my attention too.


The website does not look fishy on the first look, however on closer scrutinization I saw that this website, which also ranked high for popular search terms, is actually a really good scam to make money quickly and sell a free and open source product to unsuspecting users.

Continue reading Open Office Suite Scam