With 500+ million people, 500= millions scams are bound to happen. Another one sleazy scam is now underway and it involves showing people "Really cool Facebook revolving images".
The messages is spreading virally and I had to delete around 9 messages from my wall recently. The scam looks to be spreading virally. As always do not click on this link and delete it from your wall if you see it.
P.S. I visited the site in question to see what it had to offer, but it is just a parked page, so nothing to write home about here. Safe Facebooking.
Update: Looks like this scam is spreading differently now. Users are now writing on other people’s walls with the text "Checkout 360 rotate effect on images. MUST SEE http://revolvingimages.info/fb/"
Ok, I am not tired of unearthing these Facebook scams, including some Pedophile scams unearthed by Clif, but they just don’t go away. A new Facebook scam is now underway, where users are enticed to use a feature to find out who visited their profiles, Orkut anyone?
As enticing as this feature sounds, it is practically impossible to know such kind of information using apps thanks to the restrictions Facebook has put in. So first of all such apps are a farce, and secondly, they are only interested in luring people into clicking on the link you share and then fooling you into sharing it with your friends too.
These kinds of attacks have been very popular on Facebook to spread links that do nothing. Of course most of these scams do little damage, but it spreads virally thanks to the number of users who use Facebook. The newest scam has a link with the text “Check Who Viewed YoUr Fbook Profile – An Easy App to Check Who Viewed YoUr FaceBook Profile. It Really Words So don’t Wait Check Out Now!”
For the record, the screenshot above is filled with references to I am malware site.
Once again, a simple advice to people who use Facebook. Everything that glitters is not gold, likewise, everything with a link and enticing text on Facebook is not real, so stay away from clicking it.
WordPress is an open community and practically anyone can develop plugins or themes for it. However, there are several shady plugins for WordPress out there which you might as well stay away from.
One such plugin is called BlogPress SEO, which promises users hundreds of backlinks once you install it. However, don’t fall for it, it is a trap and will expose your login information to the developer of the plugin and will allow them to automatically login to your blog.
There are couple of blog posts from Yoast and Mtekk which expose the big problems with this plugin. First of all, this plugin stealthily emails your admin email address to the author of the plugin. The second and bigger problem is that, the plugin has a function which allows the plugin author to bypass the WordPress login.
Yes, you read it right, the plugin first emails your admin email to the author and then allows him to login to your WordPress admin without a password. Scary right.
If you have installed the BlogPress SEO plugin, you have to do two things. First of, deactivate the plugin ASAP. Secondly, change your admin email address. Changing your password will do no good. Thirdly, only install plugins which are available in the WordPress repository as they are safe.
Facebook and scams go hand in hand. No matter what you do, you are never safe from one. A new fake Like scam has erupted on Facebook, and though it is not nasty, it shows how scammers can pawn Facebook users and make them like links without their consent.
Take for example this new scam with an enticing link and a video titled "0MG! This GUY must be St0ned to Death for doing this to a GIRL!". Just for the record, there is no video and this link is just a scam which disguises a Facebook like button as a different button. As you can see above, 3 of my friends liked this link. If you visit the site in question, you will see an interface as seen in the image below.
The site uses an interface similar to Facebook and also sports false copyrights. In case you thought that was bad, your entire intention of clicking on that link was to watch the video. However, there is no sign of any video at all. The "Continue" button in this page is actually a "Fake Facebook Like button", which has been manipulated using some styling. Clicking on it will stealthily like the website and take you back to your profile.
Once again, some scams are easy to fall prey to. Though they are not 100% avoidable, the best you can do is to visit your Facebook profile page after you have clicked on a link if you find it dicey. If you find any unwanted updates or likes, delete them immediately. In my case, my test account showed that I liked the website after I clicked on the button (see screenshot above).
For the record about 221, 572 people have felt to the scam while I wrote this post. Don’t be one of them. Also help your friends by liking this website instead .
Facebook has it’s own set of problems with privacy and scams alike, however, if you have been receiving emails about winning a iPhone 4 from Facebook, it is a scam.
If you receive an email which says "Hello, you won a iPhone 4G from Facebook", stay away from it. It is a scam and will not get you anywhere close to that device. The big problem with this scam is that it uses a familiar look and feel and is really very enticing to click on.
However, clicking on it will ensure that you are scammed. Malwarebytes blocks the website on my PC, so you should ensure to use a similar security software for your own PC. If you don’t have any, take a look at some of the Free Antivirus available or visit our Online Security section to learn how to protect your PC.
As if the Facebook outage today was not enough, Facebook is also under attack from several clickjacking scams. The new Clickjacking scam is quickly spreading where users see updates from friends which contain some enticing text with a link.
Clicking on the link take the user to a legitimate Fan page where they are then asked to complete a security check, which is of course bogus. After a few clicks, a button is displayed, clicking on which takes the user to another site which is a scam website.
The scam which is spreading with the terms "Five things every girl does before she meets her boyfriend – LOL" among others is enticing to click on, however, stay away from it. The scam will redirect you to a website which will then ask you to take a survey along with posting updates to your Facebook account.
The scam will also automatically make you a fan of their page. From the looks of it, over 86000 people have already been scammed and this number continues to grow at a very healthy rate (2000 in about 5-7 minutes).
On a side note, Twitter was also affected today with a bout of IQ Test DM Spam.
Back in July, we reported that several iTunes accounts were compromised by hackers who went on to make fraudulent purchases on the user’s behalf. Although Apple clamped down on the hackers, and promised security improvements after widespread criticism from bloggers, hackers seem to have one-upped them once again.
TechCrunch is reporting that another large-scale iTunes scam is underway, and several iTunes account holders have already lost thousands of dollars. The problem seems to be due to a security hole in iTunes accounts linked to PayPal. One affected user, Joey Bruce tweeted, “Someone hacked my iTunes/PayPal acct and drained everything from my bank account. Life is kicking me in the balls while I’m down”.
Given iTunes’ abysmal security track record, we strongly recommend against permanently storing any financial information (i.e. linking with your credit card or PayPal). PayPal is aware of the issue; however, none of the involved parties have issued a statement.
In related news, 12 people have been charged with fraud and money laundering offences related to iTunes. Apparently, this gang uploaded tracks to Amazon and iTunes and used stolen credit cards to purchase them.
Quite recently one of my friends wrote a weird message on my Facebook wall. It said that he had made some dollars in a day and got paid thanks to a site called cashreport.org.
Now that in itself is not fishy, but the same friend also wrote on several other people’s wall citing different amounts of money he made all credited to the website cashreport.org. The screenshots above are from two different profiles.
When I went out and checked my friends profile, he was busy writing the same thing on several other people’s wall as you can see in the screenshot above. Though I am not sure how exactly this message was sent out or what my friend did prior to sending out those messages, I am pretty sure that this is a spam message that might be spreading over Facebook.
I have sent out a note to my friend to ask him whether he visited any website or granted access to any app earlier today. However, keep away from this site, though it is not flagged as dangerous there are few users who have marked it as a scam or phishing on McAffe. The whois record for this site also says that it was registered on June 12, 2010 which is why there are very scarce reports about it.
Please be aware of what link you are clicking or what application you are allowing access to your data on Facebook. Do spread this message to your friends to keep away from this site.
Gmail has been revamping its contact manager and UI, however, in another part of the world, China to be specific, Gmail users are being scammed by hackers into giving away their usernames and passwords.
According to reports from Fast Company, for the past few weeks, several Gmail users are being redirected to a phishing site as seen in the screenshot above (courtesy FC) when they access Gmail.com. This also happens when they access Gmail through the Google toolbar.
This is not the first time that Google has had a problem in China, earlier this year, some high profile Gmail accounts were hacked, leading Google to stop their search service in China and threaten a complete pullout from China. However, Google did not pullout of China and renewed their operating license last month.
The current redirection of the Gmail domain to a phishing site definitely looks like a DNS hack which might not have propagated fully, which is why only few users are being redirected to the phishing website. However, Google might have definitely rectified the issue by now, but this goes on to show that Google definitely is on receiving end in China.
Update: A Google Spokesperson Jay Nancarrow reached out to us to clarify about the issue Gmail users are facing in China, the statement is embedded below.
This phishing attempt is not unique to Gmail and should not be misconstrued. As always, users should be careful about where they share their personal information, and should avoid clicking through warnings about suspicious sites. We encourage Gmail users to visit https://mail.google.com directly
He also adds that this is on background and not for attribution, but the same IP address hosting the fake Gmail URL has hosted phishing pages for other popular online services in the past. Screenshots indicate that this URL was being flagged by our Safe Browsing tool as a suspicious site, which would have warned users before viewing the page.
India is popular for its call centers and no matter how crappy the Indian-American accent is it gets the job done. However, now, Indian call centers are doing more than getting the job done. They are reverse engineering their jobs to their personal advantage and this forms an excellent ground to run call-centre scams.
Consider this scenario. A person from India calls you telling that he is from Microsoft and quotes your correct address, phone number and name. Next, he goes on to say that Microsoft has released a fix for some problem and you need to download certain “Windows Event Viewer” software. This software is either a backdoor or, after this sequence, you are asked to pay up £185. Has this ever happened to you?
The Guardian is investigating into this and has figured out that the call center in question is located in Kolkata and has connections with a person from Kota in Rajasthan.
Microsoft has obviously denied making any such calls and having any tie-ups with any such call centers. The age group, which falls victim to this generally, includes the elderly and those people who are not involved and updated about such scams. More information will be revealed as the investigation proceeds.