Exids IT Solutions

…How Phishing Works: An example of an email phishing scam from Chase Bank

As promised yesterday, I have uploaded my video with an example of a real life phishing scam that explains exactly how an email phishing scam works.  Click here to watch it now!

I received this phishing email in my Hotmail account which is weird since these types of emails are usually caught. The email appeared to be from support@chase.com.  When I opened it I recognized that it was a phishing scam that was enticing me to update my account information with chaseonline because I, or someone else had tried to access my account 3 times unsuccessfully.

This video explores the three elements of bait a phishing scam uses and how CyberCriminals end up walking away with all of your personal and financial information with the simple click of a button.

I have written more information on phishing here if you would like to read it, or you could check out the tips section of the PCsecurutySecrets website to see how to avoid phishing scams.

Popularity: 1% [?]

I have been working on a video that shows you EXACTLY how a phishing scam works.

Stay tuned, I will post the video on how a phishing scam steals your personal information.  It will feature a phishing scheme related to chase bank…

-Chris

Popularity: 1% [?]

…eBay scams and scammers can be identified before it’s too late

I’m sure some of you have been victim of an eBay unpaid item scam, or at least heard of such an incident.  This is where you sell an item on eBay to someone and they never pay you; they seem to disappear off the face of the earth.  The good thing about this scam is that you can usually re-list for free and it doesn’t cost you anything.

But what happens when you buy something on eBay and you think something fishy is going on?

I friend asked me the other night about what she should do about an auction she won on eBay for a $1200 laptop.  This was one of her first times buying something that cost this much and she didn’t want to become another eBay / PayPal fraud statistic.

I asked her a bit about who she was buying the laptop from and we determined that the seller would have to be crazy to try to rip her off.  I started thinking about this conversation and realized that there are probably quite a few people out there asking the same types of questions so I created this list of tips on how to avoid eBay / PayPal fraud:

1. Try buying from sellers with a lot of feedback that have high positive feedback ratings. 
2. Look into the seller’s sales history to see if they have had positive feedback on similar items to what you are purchasing.  Some sellers will “disclaim” themselves from knowing anything about the product which can be bad if you are sold a defective product.  Buying for sellers with a history in the product category ensures they know what they are selling.
3. Check to see how much they have sold previous items on auction for.  If they have sold fairly expensive items, and they have good feedback on the transactions then you can feel more confident you are dealing with a legitimate seller.
4. Find out the ratings of people who have purchased from the seller.  If the purchasers have large number of feedbacks, and a high positive feedback rating you can assume these individuals also have a lot to lose by dealing with untrustworthy sellers.
5. See if the seller is verified in PayPal before sending them money.  If they are serious sellers on eBay, they should have a PayPal account, even if they don’t use it for processing transactions.
6. Use credit cards for payments.  eBay / PayPal fraud comes in many different flavors and using a credit card ensures that your credit card company will pick up the tab if you are ripped off or scammed.  If the seller refuses to accept a credit card or PayPal, tell them you will pay the fees (if that is what they are worried about).  If they still refuse investigate why – if PayPal has closed their account there might be a reason.

Sign up for the PCsecuritysecrets Newsletter  for more information on eBay PayPal fraud, and how to identify eBay scams and scammers before it’s too late

Popularity: 1% [?]

I just couldn’t contain my laughter when I saw this video. There’s just something about his innocent, inquisitive eyes that say “What a neat feature!” It’s too bad he missed the memo about the new CD-ROM drives installed earlier in the week – hey – It could happen!

Download Video Here

Popularity: 1% [?]

…Google patches it quickly

A 14 year old has discovered a flaw in the Gmail email service that has caused a bit of a stir in the security community yesterday.  He discovered this flaw by sending an email from his yahoo account to his Gmail account with a piece of JavaScript code in the subject line. 

He states in his blog ”Apparently JavaScript will run if it is within the preview of the message,”.  This would mean that if you put the code into the subject line or the first few lines of the body of the email the code would run because the code was “visible” in message preview mode. 

He elaborates further by stating that this problem does not occur when a message is constructed and sent from one Gmail account to another because Gmail filters out the code when you send the message.

Google confirmed the flaw in an email to security companies shortly after the flaw was patched – approximately 3 hours after the blog posting went up.

Popularity: 1% [?]

..March annouced as “Fraud Prevention Month” by the FTC

The FTC met today to officially launch March as “Fraud Prevention Month”.

Fraud Prevention Month if a combined effort internationally to create awareness of the dangers of fraud and how to recognize and deal with it.

It’s great to finally see that many different federal governments recognize that the issue of fraud is so much more than a local, isolated problem.  The days of collecting credit card slips from dumpsters are becoming obsolete due to the sheer numbers of people shopping online – criminals are now turning to devious new methods to gather information.

Cybercrime, internet fraud, and cyber fraud numbers have been climbing dramatically as more and more people connect their PC’s to the internet.  It’s just a matter of time before we see credit card companies making individuals more responsible for their actions.  Because of this, I encourage everyone to be proactive in knowing about the latest scams and fraud technologies criminals are using, it’s the only sure fire way to avoid being a victim of fraud. Read the rest of this entry »

Popularity: 1% [?]

…And what you need to know to protect your PC

There’s hundreds of things you need to do to keep your PC secure, but everything you do revolves around 4 critical things:

1)  Install a Firewall

You NEED a firewall.  I recommend using a hardware firewall (more commonly known as a router) to keep your PC secure from Internet attacks.  If you are using a router, and more than one computer connects to the Internet through it, you will also want to have software firewalls installed on all the computers that are part of this network.  You do this because if one of your other computers in the same network becomes compromised, you will still be able to protect your PC from internal intrusions with a software firewall.

For more information on firewalls, what they are, and how to use them, visit the PC Security Secrets Security Firewall Guide

2)  Do Your Windows Updates

With more and more computers connecting to the internet every day, the need for these computers to be up to date with the latest patches is critical.  Windows updates are patches that fix security holes and other problems in Windows that cause instability and vulnerabilities for hackers to attack.

For more information on Windows Update, visit the PC Security Secrets Windows Update Guide

3)  Install and Update Anti-Virus Software

The need for anti-virus software should go without saying – most people know if they do not use anti-virus it’s just a matter of time before their computer is compromised.  Antivirus software should not be used as an “Aftermath” fix, instead, it should be used as a preventative measure, informing you in advance that a file looks like a virus before it’s too late.

For more information on Anti-Virus Software and where you can find totally free antivirus programs, visit the PC Security Secrets Anti-Virus Software Guide

4)  Use up-to-date Anti-Spyware Software

Similar to anti-virus software, anti-spyware software’s purpose is to detect and remove malicious software typically missed by anti-virus software.  There are two types of anti-spyware applications available on the market – real time scanners which are always running and trying to prevent spyware infections, and post infection scanners which are designed to remove spyware from a system when it has been infected.

For more information on Anti-Spyware Software and where you can find totally free, and freeware anti-spyware programs, visit the PC Security Secrets Anti-Spyware Software Guide

Popularity: 1% [?]

…But will they catch anything - at all? 

AOL has announced today that they have filed suit against 3 different identity theft rings, pursuing damages totaling over 18 Million dollars against the notorious “phishers”.

The suits were filed in Virginia under a new “Anti-Phishing” law implemented last July.  Apparently, the lawsuits also have reference to federal law pertaining to trademark and antispam rules.

The Anti-Phishing Working Group has claimed to have found more than 50,000 phishing sites in 2005, which is being used by AOL to re-enforce the need to bring down phishers before the problem gets any worse.

Filing suit against these groups and tracking them down us quite different.  It’s not known where exactly all of these groups reside; it has been suggested that they may consists of members in the US and reaching as far as Germany and Romania.

Is this attempt to “catch” these phishers just a waste of time?  In many security experts, the answer differs.  Some believe that while the perpetrators may not be captured, the act of filing such a high profile suit may make individuals partaking in phishing scams think twice.  On the other hand, it could drive the industry further underground, forcing criminals to devise much more complex and devious methods of stealing personal information.

For more information on what phishing is, please read this post about Phishing and how to avoid it.

Popularity: 1% [?]