We have been seeing a lot of Facebook Scams these days, however, it looks like Twitter is also being attacked by users with a lot of scam messages. Unlike Facebook most of the Twitter scam messages spread through direct messages and are usually phishing attacks.

A new direct message scam is spreading on Twitter right now with a direct message:

You seen what this person is saying about you? [link] terrible things..

The above message comes from someone you might know and follow on Twitter and looks pretty real. If  you click on the URL accompanied in the message, you will be taken to a webpage which is designed to look like Twitter and asked you enter your username and password.

Please DO NOT enter you username and password since the scammers will then gain access to your account username and password. If you do enter your username and password into the phishing page, the scammers will then redirect you to Twitter and ask permission to install an app which will then send out the rogue message as a direct message to all your followers and continue spreading the phishing attack.

Most modern browsers like Google Chrome and Firefox will detect the URL as a phishing website so you might be better off upgrading to a secure browser.

To avoid phishing attacks, always look at the URL to see whether you are entering your password on the site itself and not some masked URL which is made to look like the original site. Additionally, you should also periodically check the apps you have given access to in your Twitter account and remove unwanted apps. Learn how to remove apps or revoke app permissions in Twitter.

Of late, scammers have grown smarter when it comes to conning people on the Internet. Several scammers have begun to use Word documents as attachments while sending out scam emails. However, they haven’t stopped there and are now using Antivirus companies to scam PayPal users.

A flurry of emails are being sent out by scammers with subject lines like “Receipt for your payment to AVG” or “Receipt for your payment to Symantec” or “Receipt for your payment to Norton“accompanied by a PayPal receipt which looks very genuine (see image below).

The email in question looks very genuine and the scammer asks you to confirm the payment and also includes a “Cancel Transaction” link. This would definitely make many people click on the link because they might not have made the purchase in the first place. Clicking on the link will take the users to a website which is similar to that of PayPal.

The website in question will ask you for your username and password. However, DO NOT enter it. For testing purposes, I entered a fake username and password and it allowed me to access my false account. It then went on to tell me that my account is limited and that I need to enter my credit card, social security, banking and billing information.

This scam looks to be pretty widespread because not only is it farming your PayPal username and password but it is also stealing your credit card information, social security and banking information.

There are several ways in which you can protect yourself from such scammers like turning on the Anti-phishing feature in Gmail to know when emails from PayPal are genuine. You should also always have a good Antivirus and Anti-spyware or Anti-malware running on your system. You can find tons of free Antivirus software which you can download and use immediately. You can also read our earlier guide to Protect Yourself from Internet Threats.

You can be assured Techie-Buzz is 100% real. You can see it right here and there is little motivation for anyone to create a fake website reporting news in technology. Not so in the retail market it seems.

This week, the Metropolitan police have shut down over 2,000 online stores. This is an effort to stop the sales of counterfeit goods and the   outright stealing from consumers who pay for what they think is a great deal, only to never receive those goods. This is the biggest police action on fraudulent websites since early 2010 when over 1800 were taken offline.

Just like those fake Apple stores that popped up in China, these websites seek to appear to sell big brands, but in fact either sell fake goods, or worse, no goods at all! Consumers are attracted to the store as they pose as an outlet or discounted version of the brand. Nike, Tiffany, UGG, and GHD have been targeted according to the Metropolitan police e-crimes unit. Most of these sites have been set up for no reason than to collect
your banking details or use your credit card elsewhere; so it’s a good time of year to be cautious when shopping for deals online, especially since it’s holiday season.

Image courtesy: research.zscaler.com

It seems that shutting these websites down is no straightforward task either, law enforcement agencies are working with domain registrars to cease the websites from trading and try locate the people responsible.

As a Techie-Buzz reader, you’ll be experienced at buying things from websites, but during the holiday season, when spending is at its highest, perhaps we’re all a little more susceptible to buying from a new site with a great deal?

Police are advising the use of only 1 credit card, with a smaller limit for your online transactions which sounds like good, practical advice. In addition we may want to consider the reputation and credentials of any new shopping site.

It may sound like obvious advice in this day and age, but it seems that the online fraudsters are getting better every year. The fake Apple stores in China, which we all thought to be a laughable concept, were in fact incredibly detailed in their creation right down to the customer service help badges. Fake websites will have the same strategy, they know what the hallmarks of trust are   certifications, visa symbols, privacy
policies and so on. So it may be worth a second look and a little research elsewhere when using new retail websites this holiday season!
About the Author:

Kathryn writes for www.discounts.ca – they specialize in coupons for consumers in Canada.

Nigerian 419 scams are nothing new. In fact, these scams even pre-date the Internet era and were originally carried out through snail mail. Most of us are probably all too familiar with these scam mails that promise to give away millions. Sadly, there are still many unfortunate gullible souls who fall for these advance fee fraud schemes.

Typical Nigerian 419 scam mails pretend to be from some African prince, diplomat, or gold/diamond seller. Even though the pretence varies, the basic plot is always the same. The person emailing you has amassed a huge fortune and is currently in a tricky situation. He needs your help to save his fortune, and in return, he is willing to offer you a significant share. 419eater has a nice collection of Nigerian scam mails. Knock yourself out, if you have nothing better to do right now.

Although there are still naive individuals who fall for Nigerian scams, the increase in general awareness has made the job of scammers tougher. The reduction in hit ratio has forced them to become more creative. Here’s a shining example of a rather smartly written Nigerian scam mail.

You are the LUCKY one!
Compliments of the day to you!!!

Our names are Dave and Angela Dawes..This email is to inform you that last month october,We won one of Britain’s biggest lottery of 101 million Pounds. This is so much to spend,therefore We have decided to donate to the less priviledged and charity projects all over the world. We also want to make atleast 20 people millionaires like us. It will interest you to know that your email was picked alongside other 9 email addresses by our lawyer as a lucky individual for a cash dontaion of 1 million pounds from us.
We know this may sound like a joke or a hoax but please have no doubt as this is 100% real. Get back to us immediately via our email address below for details on how to get your donation.

To verify,please see our interview by visiting the web pages below.

http://www.telegraph.co.uk/news/newstopics/howaboutthat/8820740/101m-lottery-jackpot-winners-Dave-and-Angela-Dawes-to-give-millions-to-friends-and-family.html

Good luck,
Dave and Angela Dawes
Email: dave.angela44@att.net

This mail managed to sneak past Gmail’s spam filters into my inbox. Even though the mail has horrible grammar and spelling throughout, it’s possibly the most convincing Nigerian scam that I have come across. It leverages a real news story, and even links to a newspaper article. Dave and Angela Dawes really did win £101m in last month’s EuroMillion lottery, and they really are planning on giving away a million pounds to twenty family members and friends. Of course, the devil is in the details. The Dawes aren’t silly enough to give away their fortune to random strangers.

Beware of a new scam making its way around Facebook masquerading as a service that helps people find FREE government grants. In the picture below, you will see what appeared on my Facebook feed. It plays on several themes. One, is people’s dismay with the government as it states, “finally the Gov is helping their people!” Second, the poor economy is a great motivator for people to fall for these kind of schemes.

Right away you should notice that there are some things wrong with this picture. What legitimate business says “Gov” instead of government? The other thing to note is the web address it points to, “just9u.com”. That is a very random domain name. Usually that is a sure sign that this is not a legitimate offer.

If you are one of the unlucky ones who click this link, you will be taken to a website outside of Facebook. In the picture below, you can see a copy of what this website looks like. As you can see, it appears to be a news report. It attempts to build credibility by adding logos of several recognizable news agencies. Beware of these type of schemes. Take a look at the two areas highlighted in red below. First, notice the name of the website. It says “dailynetnewstoday.com”. Strange, didn’t the link above say “just9u.com”? Also whenever you mouse over any link the bottom of the webpage shows the link “dailynetnews.com/agrant/grants.php”. It seems odd that putting your mouse over CNN’s logo would show that link don’t you think? Go with your gut on this. IT IS A SCAM!

If you click anywhere on the page picture above, you will be taken to another website where you can fill out a form. The website is “grantassist.com”. For a fee, they claim they can help you get all the government grants that you are entitled to. In reality, they are out to take you money and charge your credit card fraudulently. I did a little homework on these guys. They are a company based in Nevada.  I found they had an “F” rating on the Better Business Bureau’s website. These people had 131 complaints against them.

These type of businesses skirt the law and fly under the radar to do their dirty schemes. You have to be careful and look for the signs of scams. Do they use well known logos that don’t link to the actual logo’s site, such as CNN? Do the URL’s have strange names that don’t make much sense? Does the site ask you for money or prevent you from clicking the close button? These are all signs of scams. Don’t fall for this stuff and don’t help it spread. If you see this type of post on Facebook, please warn your friends not to click it. I hope this article will help prevent some future mistakes.

A fake email that was sent earlier in the year 1999 is still being circulated, and that is quite surprising to know. This fake email that I received today indicated that Microsoft in collaboration with AOL is making an effort to make sure that Internet Explorer remains the most widely used web browser. For this, Bill Gates is rewarding cash prize for every user who forwards the email to their friends.

Here’s what it states -

Dear Friends,

Please do not take this for a junk letter. Bill Gates is sharing his fortune. If you ignore this you will repent later. Microsoft and AOL are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and AOL are running an e-mail beta test.

When you forward this e-mail to friends, Microsoft can and will track it (if you are a Microsoft Windows user) for a two week time period. For every person that you forward this e-mail to, Microsoft will pay you $245.00, for every person that you sent it to that forwards it on, Microsoft will pay you $243.00 and for every third person that receives it, you will be paid $241.00.

Within two weeks, Microsoft will contact you for your address and then send you a cheque.

I was literally laughing out loud when I read this email. It’s funny to know that people believe in such stupid emails and forward them to their friends.

Consider this assumption- If you happen to send this email to 100 recipients, then according to the message you would be rewarded $24,500. Now each of your friends forwards it to another 50 friends. That is, 50 * 100 = 5000 additional friends.

Therefore, 5000 * $243 = $1.215 million. These 5000 (other) friends forward it to their friends i.e., third person. So, 5000 * 50 = 250,000 third set of friends. Therefore, 250,000 * $241 = $60.25 million.

The total: $24,500 + $1.215 million + $60.25 million  = 61.4895 million USD

Microsoft hasn’t lost its mind to give away $61 million to someone for just forwarding a stupid email! One must have been really jobless while creating this email, and people were even more jobless while forwarding it.

It is known that this email has been circulating in one form or another since 1999. The names of the companies and reward involved, has periodically changed. Microsoft and AOL aren’t running a tracked “email beta test”, and aren’t paying anyone. In May 12, 1999, Microsoft posted a message on their website stating that the following email is a hoax and did not originate from Microsoft.

This is what Bill Gates had to say:

Even more annoying than spam, in some respects, are hoaxes. I’m acutely aware of this because my name was recently attached to a hoax email message that was widely distributed.

People embellished the fraudulent email over time, as it was forwarded from electronic mailbox to electronic mailbox, but an early version read this way:

“My name is Bill Gates. I have just written up an e-mail tracing program that traces everyone to whom this message is forwarded to. I am experimenting with this and I need your help. Forward this to everyone you know and if it reaches 1000 people everyone on the list will receive $1000 at my expense. Enjoy. Your friend, Bill Gates.”

The bogus message was widely forwarded, which surely led to some disappointment from people who hoped to receive $1,000 for passing along what was essentially a chain letter.

Henceforth, please make sure that you’ve verified emails like this, before sending it to your friends. Please follow Techie Buzz on Facebook to stay updated on scams and hoax messages that are spreading on the Internet.

The Indian Grand Prix Formula One race will kick off on October 20, 2011 at Buddh International Circuit located in Greater Noida, Uttar Pradesh. This is the first ever F1 race that is taking place in India, and youngsters are all ready to empty their pockets to watch the F1 race live in Noida.

With just one month to go, the event has caught a lot of attention in the media, especially in the online social media. Cyber criminals are sure to take advantage of this buzz that is being created, and may send out scam messages claiming that you have won a free ticket to watch the F1 race.

One such message, reported by an Indian commercial broadcasting television network stated that Hemant Mehta Agarwal received an SMS which said that the F1 organizers have selected him as a lucky winner to watch the game. However, he discovered that the message was fraud when he called back to the number to claim his reward.

Another message received by a user indicated – “You have won a free Formula-1 ticket in the India Grand prix mobile draw promo. To claim your prize, send your name and address via mail to formula1racing@live.co.uk.”

It is common that such messages are sent across by scammers to try their luck in earning some money. There are scam messages which ask users to enter credit card or bank details in order to claim the reward. Vivek Vohra, a Delhi-based cyber-crime expert states that – “During big events like this, such spam messages are circulated, taking advantage of people’s curiosity. There are various promotions going on related to Formula-1. We suggest enthusiast buy tickets from authentic sources. Attacking users via mobile is something new here and it is yet to attract many more potential targets,”.

Such messages are mainly targeted via SMS. The second most popular medium is Facebook. Although there aren’t any scams reported yet, but we’re expecting that they will start to appear sometime next month. Scams and hoax messages on Facebook spread like wildfire. I recommend you to go through Guide to Facebook Security, which will definitely help you tackle scam messages. The document is available for free and you can  download  a copy of it from the  Facebook Security Page.

Please remember that there are no F1 ticket giveaways. However, there are certain contests which are running, but are from reputed brands. Make sure that you don’t fall for this trap, and verify the contest details before taking part in it.

Fake anti-virus scams have been doing rounds for quite some time now. Hackers had previously used mediums, such as emails, websites etc. to carry out these scams. Now they have found another medium Skype.

Graham Cluley of Sophos has posted a video showing off the scam attempt in action. The MO is that of a common phishing attack, relying on inducing  a sense of predicament  on the victim. The automated call warns the victim that his/her computer is not protected and gives a link to follow in order to activate your computer protection’.

Following that link will take you to a web page that pretends to scan your computer. Not surprisingly, it will find some issues and will recommend you to buy their anti-virus software worth $19.95.

Image Credit: Naked Security

Obviously, when you get this kind of call, just disconnect it and don’t visit the websites that they mention.

Also, always use a reputed anti-virus, and more importantly make sure that it is fully updated. There’s no point in using an outdated antivirus. My recommendation   for a good AV would be Microsoft Security Essentials as it is free and light on resources. But you can of course use other known anti-virus software, such as AVG and Avast.

Twitter users are being hit by a new phishing attack where affected users are sending DMs to their friends, which contain links to fake website that looks exactly like the Twitter login page.

If you receive a direct message on Twitter that says, “haha the look on your face in this pix is priceless! [LINK], DO NOT click on it. Clicking on the link will take you to a fake Twitter login page, where you will be asked to re-enter your username and password.

After clicking the link, notice the URL in the address bar of your browser. If a user provides the log-in credentials, the credential will be sent to the attackers, after which they will full control over the user’s account and can retweet the phishing message from that account.

There are a dozen of scams and phishing attacks that occur on Facebook and Twitter every day. We constantly report attacks like this, so that it helps users stay cautioned about it. Recently, another fake message that was spreading on Twitter stated Pics of Osama Bin Laden Are Finally Released

I suggest you to avoid clicking on the link and alert your followers about the attack. If you have accidently clicked on the link  and entered your login details, then change the password of your Twitter and all other accounts immediately. Also, contact your followers to avoid the message and ask them to change their account password as well.

To learn how you can avoid falling victim to a phishing scam and keeping your Twitter account secure, please read Twitter’s official guide to Keeping Your Account Secure. Here are some tips that will help you protect your Twitter account -

• Use a strong password.
• Watch out for suspicious links, and always make sure you’re on Twitter.com before you enter your login information.
• Use HTTPS for improved security.
• Don’t give your username and password out to untrusted third-parties, especially those promising to get you followers or make you money.
• Make sure your computer and operating system is up-to-date with the most recent patches, upgrades, and anti-virus software.

Sophos’ Graham Cluley explains a simple way of creating a complex hard-to-guess password – and how you should never use the same password on different sensitive websites.

A new scam is making its way around the Facebook realm. The scam tries to feed on people’s curiosity by placing a post on people’s wall that reads, “HaHa… I would hate to be this person. Talk about embarrassing!!! Can you believe they posted that on their Facebook?” Below you will see a picture of what the scam looks like. It will appear in your feed as if one of your friends posted it. Don’t fall for it!

If you click on the link it will take you to a website that basically attempts to steal your Facebook credentials. See the picture below. Notice that the website presents itself as Facebook wanting you to login. If you do this they will steal your credentials and use your Facebook account to spread further havoc. In the picture below, you will notice the URL highlighted at the top. Notice it says, “futurejobstodayb.com/b1/b1us/”. This is not Facebook. That is a sure fire sign that this is a SCAM!

If you have fallen victim to such a scam, immediately change your Facebook password. To do this open Facebook, go to “Account”, then “Account Settings”, and then find the line that says “password”. There will be an “edit” link which is where you go to change your password.

There are many ways you can identify and avoid Facebook scams. Read through the articles in our Social Media section listed at the top of this web page. Be aware of oddities. For instance, if you have a friend that seldom posts gossip or doesn’t look at porn, be aware when a gossipy or pornographic link shows up on their wall. Also notice the URL of the link they want you to click. If the website name seems real strange and random, you might consider asking your friend if they meant to post that link, and if it is OK.

I hope this helps prevent some future problems for you. Please share this link with a friend and, as always, I love to hear your comments and feedback.