You are here: Home / Scams

Retro-spamming techniques and the rise of spam in 2009

December 6, 2009 By Paul (Founder, WorkAtHomeTruth) Leave a Comment

According to the Official Google Enterprise Blog:

Last quarter we reported on the trend toward larger message sizes, measured in bytes. The trend has continued into this quarter, making 2009 a year of resurgence in old techniques such as image spam and payload viruses. When considering the spam bytes processed per user, growth has been steep in 2009, with Q3’09 rates up 123% from Q3’08.”

For anyone who’s wondered why spammers consider to spam, consider this from the Google report:

“The majority (55%) of these viruses are messages like the one you see below, a fake notice of underreported income from the IRS (which the IRS distributed an alert on earlier this week). Another large contingent (33%) have come in the form of fake package tracking attachments, which were already on the rise in Q2. You might think a spoofed IRS notice or package tracking email is obviously spam, and wonder who would fall for it and actually click on the attachment.

However, at these volumes, it takes only a tiny fraction of the recipients being fooled for the spammers to add hundreds of computers to their botnets every day.”

Click here to read the full report at the Official Google Enterprise Blog.

Filed Under: Scams Tagged With: , , , , , ,

Dennis Yu and ShoeMoney succeed in taking people’s eyes off the ball.

December 6, 2009 By Paul (Founder, WorkAtHomeTruth) 1 Comment

They couldn’t have planned it any better. When questions came up about Dennis Yu and Shoemoney and what kinds of activity they were engaging in on Facebook, a post by ShoeMoney about Dennis Yu succeeded magnificently in taking people’s eyes off the ball.  People have stopped thinking about the substance of what Dennis Yu was alleging and offering and instead continue to write about Dennis Yu and Shoemoney.

I fell for the trap at first, too, until Michael Webster who runs http://www.bizop.ca pointed out the fact potential significance of information Dennis Yu was willing to share.

Now, what Dennis Yu has shared publicly to date about shady Facebook tactics has been pretty mundane, but he did at one time offer to provide more interesting details privately.

Well, let’s get back to the substance.

Even though it’s still pretty basic, Bob Sullivan at MSNBC wrote a great article here on June 2, 2009 giving the framework that scammers operate out of and gives insight into scamming on FaceBook has been so successful.

At the time of article, Sullivan notes that FaceBook had one practice that is amazingly disturbing from a security standpoint:

“Worse yet, some of the techniques Facebook employs fly directly in the face of accepted security practices.  Facebook regularly sends e-mail to users with links in the message.  “To follow the comment thread, follow the link below,” reads a typical note.  Clicking on the link then prompts users to log in.”

What’s most amazing about this, is the scammers don’t need to use the slightly more sophisticated technique of gaining control of FaceBook accounts via stealing users’ cookies.

Admittedly, the information Dennis Yu covered in his TechCrunch article involves more sophisticated scamming than what Bob Sullivan covered, but what you may NOT realized is there is yet another level of potential scamming on FaceBook that is significantly more sophisticated than what either Bob Sullivan or Dennis Yu discuss…

For example, DarkNet.org.uk announced “FBController – the ultimate utility to control FaceBook accounts) on 5/12/2009 and noted this impressive feat of the creator(s):

“There are many APIs available to write apps and 3rd party Tools for FB in Java, Perl, .NET, etc….FBConTroller was entirely written without knowing any of Facebook’s Dev API’s.”

I couldn’t determine if FBController was ever successfully used to scam FaceBook members, and according to this CNET article:

“Facebook spokesman Barry Schnitt said the company is aware of the tool and that it does not impact the firm’s ability to detect potentially malicious behavior.”

The creator of FBController, Azim Poonawala (QuakerDoomer) stated, “His intention in creating FBController was not to allow control of multiple accounts, although “it can definitely be misused by bad guys to achieve that since it is free.”

However, it’s still interesting to note that one security expert identified a security weakness that could be used to steal cookies  “which dictates that browsers must allow subdomains (think www.google.com) to set and read cookies for their parent (google.com). The specification also states that if a cookie for a subdomain doesn’t already exist, the browser should use the cookie belonging to the parent instead.” – geeks can read this about RC2965.

Not long after that, Dan Goodin, the author of that article wrote another article in titled “Major IE8 flaw makes ‘safe’ sites unsafe” in which he stated “The latest version of Microsoft’s Internet Explorer browser contains a bug that can enable serious security attacks against websites that are otherwise safe.”

What might be the ultimate wake-up call to the dangers of FaceBook and other social networks is the fact that according to this article in The Guardian “Mikko Hyppönen, who regularly works with Scotland Yard, the FBI, the US National Security Agency and Interpol” refuses to use FaceBook.

Recent FaceBook scams and vulnerabilities:

Related:

Filed Under: Scams Tagged With: , , , , , , , , ,

Scammers using my name?

November 17, 2009 By Paul (Founder, WorkAtHomeTruth) 3 Comments

I just got a very disturbing unsubscribe message that stated:

“Please don’t send me anymore emails.  Why?  I just learned that Paul is involved in a scam  business that is cheating those of us who have trusted and believed in him. Too bad.  I’m disappointed.”

Obviously this isn’t true and obviously it’s alarming.

It appears that one of the email addresses used in the scam was Mystery.shopper@sify.com although there may be others. Emails from http://mail.sify.com/ - which is an Indian email provider seem to be commonly used in these scams as you can see here:

Scams Using Sify.com Email Addresses

Scams Using Sify.com Email Addresses

In fact one commenter in this discussion stated:

“A complaint to abuse at sifycorp.com bounced today with something “Over
quota”… After abuse at sify.com seems not to accept complaints via
Gmail since months. They did before, and ever so often I even received
feedback that they terminated accounts of Nigerian spammers.”

It appears I’m in good company though, because the SAME sort of thing happened at the great site WhyDoWork as discussed here:

Beware of Data Entry Scammers Pretending to Work Here

Matt from WhyDoWork cautioned, “As we are probably the largest legitimate work at home job search engine on the web, it can be easy to believe the posting. I’m glad five people came forward to let us know of the scam. I’m hoping no one got taken in by it.”

If you are aware of any scammers or scam that is using my name or the WorkAtHomeTruth site name please let me know about it here.

Thank you.

Filed Under: Scams
« Older Posts