|
it was just a matter of time... paypal, ebay, banks, all are scamulated to look legit, only to end up in a bad way... of course, i love the angry projection/plasma tv buyer/seller who threatens you from "ebay" if you don't respond right away.
i'm just waiting for the associate assistant under vice secretary of oil affairs in nigeria to contact me... i could be in for some big bucks!!!
;)
Originally posted 68 months ago.
(permalink)
Rippie: Contra Censura! edited this topic 68 months ago.
|
|
It takes you to a page which is a poor copy of a Flickr Photo Page. No photo actually loads and there doesn't seem to be anything malign on the page, but, it does look as if you are visiting Flickr without having signed in and there is a copy of the Flickr sign in link so I presume they are trying to capture Flickr/Yahoo IDs and passwords.
Entering the following into your Host Files will permanently block this Polish hackers site:
127.0.0.1 www.cyper.netiro.pl/
Originally posted 68 months ago.
(permalink)
Canopus Archives edited this topic 68 months ago.
|
|
|
Update:
The site seems to download and install the Tarma Trojan into HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer
C:\Documents and Settings\All Users\Application Data\Tarma Installer\
where it tries to connect to the Internet. When connected with a server it waits new orders to spy on the user.
Spy Bot Search and Destroy gets rid of it.
Posted 68 months ago.
(permalink)
|
 |
AmandaEmily [deleted] says:
Its to install spyware, not a password phishing scam, there's a 1x1 iframe at the bottom of the page linking to a site in the Russian IP net range that does the install (using a mac, so I can look without problems)
national.auscert.org.au/render.html?it=6907
Originally posted 68 months ago.
(permalink)
AmandaEmily edited this topic 68 months ago.
|
|
I just received this in my inbox, so it's still making the rounds. What clued me in is it came to an email account that has no ties to Flickr whatsoever.
Originally posted 68 months ago.
(permalink)
Brenda Anderson edited this topic 68 months ago.
|
|
In other words, it's propagating into ISP email servers now. Just one more out of dozens that I recieve every day. I suspect that anyone who owns a domain name is hit with tons of them, both on the domain account and one's ISP e-mail address.
Posted 68 months ago.
(permalink)
|
|
Making Notes [deleted] says:
My wife and I currently admin 6 domains and very rarely get any such spam. You just need to turn on the spam protection and most junk is filtered out. Not all, but a lot is blocked correctly.
Posted 68 months ago.
(permalink)
|
|
carwax (if you see Kay) [deleted] says:
thanks to all...i haven't gotten hit yet, but i figure it's only a matter of time.
Posted 68 months ago.
(permalink)
|
|
softbank is a Japanese mobile phone company, that has just taken over ownership of the vodaphone service in Japan.
Posted 68 months ago.
(permalink)
|
|
|
Softbank has nothing to do with the hack attempt, it's just part of the route the mail took and possibly an open relay has been exploited.
Originally posted 68 months ago.
(permalink)
Canopus Archives edited this topic 68 months ago.
|
|
Actually, it's more likely someone's PC that's been infected with some trojan or another; open relays don't account for much spam these days, it's predominantly infected PCs on broadband connections. The hostname certainly looks like an automatically-assigned sort of name, and bbtec.net appears to be a broadband provider associated with or owned by softbank.
What we really need to stop spam is effective abuse-reporting procedures at the ISP level. People will learn pretty quickly to keep their machines clean if their broadband is cut off because they're being used to send spam.
Originally posted 68 months ago.
(permalink)
matt edited this topic 68 months ago.
|
|
But surely everybody on Flickr has a good collection protection tools installed on their PC to keep these nasties at bay?
I get about 100 spams a day which are caught by my spam catcher and they include virus infected files and phishing expeditions galore. And that's just the first layer of protection, which is provided by my ISP at server level. I have other local protection devices. And a knowledge of the evil way of hackers so that I keep a weather eye open for unwanted visitors. The price of freedom (from hackers) is eternal vigilance.
Posted 68 months ago.
(permalink)
|
|
|
The spammers seem to be getting more sophisicated. During the past few months e-mails have gotten through my filters which shouldn't have, somehow they have figured out a way of by passing them. The spam filtering only catches about 90 perfect of them.
I don't download my e-mail. But I still don't like looking at headers that obviously come from spammers or malicious parties. Some of it looks scary.
E-mail programs shouldn't have next buttons. Some people get too complacent and just keep hitting that button and infect themselves.
Some ISPs are now checking outgoing e-mails for viruses. They are also setting limits on how many recipients can recieve a single e-mail. The latter may cause problems to some legitimate users, but in such cases they could always set up an e-mail group, such as they have on Yahoo. The problems of Internet security needs to be handled by all parties involved, from the software people, to the user, to the ISPs.
I have all of the tools that one should have to keep my computer as free as possible from attack, but I do not fool myself into believing that nothing could ever possibly happen. New viruses, trojans, and worms are invented every day. It is concievable that something could bypass all of the protections we have. Though I don't quite understand how they could send outbound packets through a firewall. Maybe they use the program they came in on.
The Jefferson quote is appropos. Indeed we always have to be vigiliant, these days in more ways then ever.
Posted 68 months ago.
(permalink)
|
|
I have been turning these sites over to the powers that be (banks-paypal-ebay) for over a year now and yes they keep popping up. I agree a good virus suite helps a ton. Never ever follow any link in any email instead go thru your normal link to your bank or paypal or whatever. most banks and online services already have this information on their homepages.. Email links should be avoided..
Posted 68 months ago.
(permalink)
|
|
|
Unfortunately, even legitimate e-mails from banks, ISPs and other usual phished services contain links. Someday, phishers will change their technique (if they haven't already) and send mundane e-mails with links to the phished site. These companies should realize that by using links in their e-mails they are encouraging careless behavior on the parts of users. The next e-mail from Citibank may be a phishing attempt, and will be clicked on absent-mindedly by the user who just got a newsletter with links from them.
The latest versions of both Firefox and Internet Explorer contain anti-phishing elements. IE7, as I understand it, is only available to those using XP (and Vista, of course) Even Firefox 2 will not run on older systems. So not everyone will benefit from these protections. Simiularly, most other internet security tools also require more recent OSs and hardware.
Posted 68 months ago.
(permalink)
|
|
Making Notes [deleted] says:
Microsoft has stopped supporting Windows 98 and Windows Me, so you will get no bug fixes for those operating systems. There comes a point where you can't support every possible configuration, particularly when you consider the age of Windows 98.
I do understand why forcing people to use a very high spec PC running the very latest version of Windows is asking a bit too much, but by supporting people on very low spec PCs and very old versions of Windows, the experience for those users will not be very good. This is not so much a fault of the software companies, but an issue with technology having a limited lifespan. When you consider the minimum spec for a typical software package that you install on your PC, you'll find that old configurations are being phased out.
To Windows users I would not recommend using anything other than Windows 2000 or Windows XP (Pro or Home, it doesn't matter) unless the PC does not have access to the Internet. Going online with any earlier versions of Windows is just a recipe for disaster, particularly when you consider how many people fall victim to security exploits that get patched (say, in XP). Using a system to access the Internet when the operation system has known security issues that will never get patched is a really bad idea.
The best use for a slow PC is to install Linux on it, but I know most people won't try this option as it's too different to what they know.
Posted 68 months ago.
(permalink)
|
|
|
lisanne001 Pro User says:
Unfortunately, even legitimate e-mails from banks, ISPs and other usual phished services contain links. All banks, credit card companies and similar financial organizations here in the UK say that they never request users to tell them account details etc over the internet. So if you are asked for these bits of vital information it must be a scam. I don't know about other countries but it would surprise me if they didn't have the same rule.
Posted 68 months ago.
(permalink)
|
|
My version of this spam came to my email address that is not published on flickr. That has me wondering...
Being the accommodating sort of chap that I am, I clicked on "reply" and was only alerted to the problem when I saw that not just the return address but also the return signature were different from the incoming. Laverne signed the incoming, while the version I saw on the reply screen was signed by Ursula. How did they do that? Why?
Since I "replied", neither NOD32 nor Prevx1have seen any sign of suspicious activity on my system. Puzzling.
Posted 68 months ago.
(permalink)
|
|
|
All banks, credit card companies and similar financial organizations here in the UK say that they never request users to tell them account details etc over the internet.
That is correct, also one should not receive an email from ones bank unless it is a reply to one that you sent them so any other correspondence should come via ordinary snail mail. If your bank or other financial service doesn't do this then it is best to change them and tell them why you are doing so.
Posted 68 months ago.
(permalink)
|
|
|
matt:
Actually, it's more likely someone's PC that's been infected with some trojan or another; open relays don't account for much spam these days, it's predominantly infected PCs on broadband connections.
You've got to be kidding! I submit all spams to SpamCop and I observe in the spams after parsing them through SpamCop a great deal of open relays are being reported, it is very common. Yes, there are a lot of infected PCs, but, they too are directed to use open relays often.
Posted 68 months ago.
(permalink)
|
|
I echo what Canopus Archives said about open relays. When I take the time to parse spam through SpamCop, more than 90% involves an open relay.
As an aside, I don't report all spam to SpamCop, as I receive more than 5,000 spammed messages per day. Accordingly I utilize server-based spam management, along with extensive spam filtering (and a robust email application). Currently about 25 or so spam messages make it through per day. Periodically I'll adjust filters to reduce those 25 to zero -- and await the next new batch :)
one should not receive an email from ones bank unless it is a reply to one that you sent them so any other correspondence should come via ordinary snail mail.
One minor point on email from one's bank ... I do receive daily email "alerts" from my bank (balances, etc.) and also credit card companies, however each of those "alerts" has a separate, unique email address. Separate addresses enable precise filtering, as well as the ability to immediately spot an email address that may have become compromised. (Of course, I have subscribed to all of these "alert" notifications.)
Sometimes I'll find myself annoyed at the amount of time the spam management takes -- other times I enjoy the freedom that comes as the result of routine maintenance :)
Originally posted 68 months ago.
(permalink)
Pixel Wrangler edited this topic 68 months ago.
|
|
|
@matt
What we really need to stop spam is effective abuse-reporting procedures at the ISP level. People will learn pretty quickly to keep their machines clean if their broadband is cut off because they're being used to send spam.
Do you think China-based ISPs will respond by terminating accounts / connections of spammers?
Posted 68 months ago.
(permalink)
|
|
|
Do you think China-based ISPs will respond by terminating accounts / connections of spammers?
Are you saying an American or British ISP would, in contrast? If so, the amount of spam I get from comcast's network in the US would beg to differ. What does an ISP being in China have to do with anything?
Posted 68 months ago.
(permalink)
|
|
|
China is arguably the global spam haven, with more than two million spam URLs hosted there. China's ISPs blatantly advertise their hosting servers as "bullet-proof" and all but ignore any and all complaints. The notion of China cutting off a spammer's broadband connection is not one I can imagine.
While USA Federal legislation (CANSPAM) is just about worthless, individual states (especially California) have been successful in obtaining multi-million dollar fines against US spammers, and industry leaders such as AOL, Microsoft, Verizon and Sprint have recovered additional multi-million dollar damages against US spammers in civil actions.
These same upstream providers are wayyyy more responsive in cutting off downstream hosts that harbor spam clients.
That said, the US is still home to the majority of the planet's spammers ... but the hosting has changed. (another variant of US "outsourcing"? :- ) US-based spam-ISPs used to spew more than 40% of the global spam. That figure has now fallen to less than 25%, while China, on the other hand, has surpassed the US, now contributing more than 25% of the world's spam -- and climbing.
---
As regards Comcast ... they suck. That said, in my experience most of the spammed Comcast headers I see are forged. (But they still suck.)
And UK-based ISP's ... they aren't even on my radar! (relative to spam.)
What I do have some awareness of is the seriousness and effectiveness of both the UK and German governments with regard to internet fraud (of any flavor). (Other EU governments may be as strict -- I just don't have the awareness of them.)
Originally posted 68 months ago.
(permalink)
Pixel Wrangler edited this topic 68 months ago.
|
Would you like to comment?
Sign up for a free account, or sign in (if you're already a member).
|
FlickrCentral /
Discuss
Feed – Subscribe to FlickrCentral discussion threads
