Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
It didn't take long. As soon as swine flu hit the headlines, enterprising scammers began setting up Web sites hoping to make a buck from frightened consumers. The Better Business Bureau has issued a warning about the proliferation of flu-related sites. One, noswineflu.com, promises information on the "20 things you need to have in your home now to prevent the swine flu from infecting your family," all for $19.95 plus shipping and handling. But the disclaimer on the site says the information isn't guaranteed to be accurate. And, consumer advocates say, the most accurate and up-to-date information on swine flu is available on a number of government Web sites -- free. The site is among more than 250 new Web sites registered with the terms swine flu in the days since the announcement of the outbreak, according to online security software company F-Secure. The BBB warned this week that not only are some of these sites possible fronts for scams, but users risk the theft of financial information or infection of computers with viruses, or could be connected to online pharmacies, spokeswoman Joan Coughlin said.
Two tech-savvy brothers hammered U.S. college students with millions of illegal spam e-mails, often using the University of Missouri’s networks in the process, according to a federal indictment unsealed Wednesday. Amir Ahmad Shah, 28, of St. Louis, and his brother, Osmaan Ahmad Shah, 25, of Columbia, used more than 8 million e-mail addresses, illegally harvested from more than 2,000 U.S. colleges and universities, to sell about $4.2 million in products to students, prosecutors in Kansas City alleged. Those products, which other vendors legally provided, included digital cameras, MP3 players, magazine subscriptions, spring break trips, pepper spray and teeth whiteners. “Nearly every college and university in the United States was impacted by this scheme,” acting U.S. Attorney Matt Whitworth said in a written statement. “These schools spent significant funds to repair the damage and to implement costly preventive measures to defend themselves against future intrusions.”
A federal grand jury in Missouri has indicted two brothers and two other people on charges related to an alleged e-mail spamming case that targeted more than 2,000 U.S. colleges and sold more than US$4.1 million worth of products to students, the U.S. Department of Justice announced. Indicted were Amir Ahmad Shah, age 28, of St. Louis; his brother, Osmaan Ahmad Shah, age 25, of Columbia, Missouri; Liu Guang Ming, a citizen of China; and Paul Zucker, age 55, of Wayne, New Jersey, the DOJ said. Also named in the indictment, unsealed Wednesday in U.S. District Court for the Western District of Missouri, was the Shahs' business, I2O. "Nearly every college and university in the United States was impacted by this scheme," Matt Whitworth, acting U.S. attorney for the Western District of Missouri, said in a statement. "Illegal hacking and e-mail spamming wreaks havoc on computer networks. These schools spent significant funds to repair the damage and to implement costly preventive measures to defend themselves against future intrusions." The Shahs allegedly developed e-mail extracting programs, which they used to illegally harvest more than 8 million student e-mail addresses from more than 2,000 colleges and universities, the DOJ said. They allegedly used this database of e-mail addresses to send targeted spam e-mails selling various products and services, including digital cameras, spring break travel offers and pepper spray, the DOJ said.
While the world is scrambling for solution in determining how to control or stop totally the proliferation of the so-called "swine-flu", spammers are taking advantage of the situation by spreading swine flu related spam and malware. Symantec Security Response has observed that malware writers joining spammers in leveraging the swine flu to reach unsuspecting computer users. While samples are extremely limited, this appears to be yet another attempt by hackers to leverage current events as lures to distribute their malware. <!--more--> Some of the most common subject lines consumers should be aware of include: - Mexico on edge as reports of swine flu cases climb - UK monitoring swine flu outbreak - UK probes '17 swine flu reports' - Global panic as swine flu spreads to Europe - US declares emergency as Mexico flu death toll rises - Probable Mexico swine flu death toll – 103: Minister - Swine flu case confirmed in Spain - Are you worried about flu outbreak? Computer users are adviced to continue observing security best practices by keeping all security and other software up-to-date and exercise caution when opening suspicious files from unknown sources.
Isn't it amazing how long it can take a Web page to load? We used to blame this on slow connections, but these days the number of add-ons, images, advertising, and links simply overwhelms the content we're after, causing what should have been a quick jaunt across the Web to turn into a weary slog. Throw in animations, embedded audio and all the nifty tricks available to a Web designer, and a "page" becomes a series of intricate, time-consuming data transactions. Connections we use but don't control -- it's an idea that is emblematic of the way the Web itself now affects us. Think of all those social networking sites, where more and more data connect us with "friends" on Facebook, fellow tweeters on Twitter, and associates we've made through services such as LinkedIn. Useful and fun in one sense, these sites also put us in the awkward position of our every action becoming a kind of public display. Who are all these people who are reading my pages, and what am I telling them? My guess is that we're breeding an uneasy sense of vulnerability. Consider the Conficker worm, which has lately occupied security mavens wondering what surprises it would deliver this spring. The worm finds its way into computers through a now-patched security hole in Windows machines, and also can sneak in through removable storage devices. Conficker is crafty in its operations, slipping into a host computer, checking for connectivity with the Internet, and deleting all traces of itself on the machine it has infested by shutting down security software. By linking up with other infected PCs, Conficker then becomes part of a vast "botnet."
A family member called last night, upset and embarrassed that his yahoo.com account was used to blast out spam to all of his contacts. A quick examination of the message headers indicated the spam was indeed sent through his yahoo.com account, and that someone had hijacked his Webmail account password. Upon closer inspection, I noticed that whoever had sent the message had also done the following: deleted the last 30 days worth of messages in the "Sent" folder; added the same message they had spammed out to his e-mail signature, so that the message would be tacked onto each subsequent e-mail he sent; and the perpetrators even signed his first name at the bottom of the message. An Internet search for the domain advertised in the spam -- easylifeing.com -- shows that spammers have advertised this site by hijacking accounts at other free Web mail providers as well, including Hotmail and Gmail. The message read: Dear Friend, New shopping new life! How are u doing these days?Yesterday I found a web of a large trading company from china,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer most competitive and reasonable price and high quality goods for our clients,so i think we you make a big profit if we do business with them.And they promise they will provide the best after-sales-service.In my opinion we can make a trial order to test that. Look forward to your early reply! [name omitted] My relative's anti-virus program gave his PC a clean bill of health, but we're still in the process of scanning it with other tools. It's not clear how the attackers are hijacking these accounts, but there are a variety of ways passwords can be stolen.
Using messages designed to exploit worries about the swine flu outbreak -- a technique known as social engineering -- spammers are trying to infect computers, steal information, and drive online pharmacy sales. Symantec (NSDQ: SYMC) on Tuesday reported that spam messages with provocative titles like "Salma Hayek caught swine flu!" and "US swine flu fears" are being widely distributed. "The [swine flu] scare has spawned a spamming frenzy, like sharks smelling blood in the water," Symantec researcher Mayur Kulkarni said in a blog post. Some of these messages contain no malware or malicious links and appear to be information harvesting campaigns. But US-CERT, a computer security group operated in conjunction with the U.S. Department of Homeland Security, on Tuesday warned that spam messages may contain links to phishing or malware sites, or malicious attachments. It's encouraging Internet users to rely on the Centers for Disease Control Web site for information about the swine flu. Marshal8e6, an e-mail security company, also said that it has seen flu-themed spam seasoned with celebrity references. It reports receiving spam containing links to online pharmacy sites sent by the Rustock botnet.
April 27, 2009 (Computerworld) Spammers have seized on the growing interest in news of a possible swine flu epidemic to hawk fake pharmaceuticals, security experts warned today. The number of spam messages with subject headings such as "First US swine flu victims!" and "Madonna caught swine flu!" has spiked today, said Dave Marcus, director of security research at McAfee Inc. And no one should be surprised. "This is the same pattern that we've seen for the last year, year and a half," said Marcus, noting that domain registrations that include "swine" in their URLs are up thirtyfold, and search strings that contain the words swine and flu are also on a major uptick. "I checked earlier today, and 'swine flu' spam was a little over 2% of all spam," said Marcus. "Compare that to yesterday, when you wouldn't have seen any." Links in the spam lead to online drug sites that Marcus characterized as "bottom-of-the-barrel feeders" that either dispense phony or adulterated medications, or simply exist to harvest credit card numbers from naive consumers. "These are the same bogus e-pharm sites that we see all the time [in spam]," Marcus said.
There's something vaguely diabolical about a form of unwanted communication named after a brand of canned, chopped pork that piggybacks on a public health scare involving a flu strain derived from swine. Yes, you guessed it: Spammers have seized upon public awareness around the Swine Flu epidemic to hawk knockoff prescription drugs. And we're not talking about flu vaccines, either. According to McAfee Avert Labs, over the weekend spammers began pumping out junk e-mail with various Swine Flu subject lines to trick people into opening the missives. McAfee says the first of those spam campaigns amounted to about 2 percent of global spam volume. Meanwhile, it appears that dozens of new Web site names with the term "swineflu" included in them were registered during the last few days. Researchers at security software maker F-Secure Corp. warn that if similar activity surrounding previous national emergencies is any indicator, scam artists may be preparing to use them in a variety of online con schemes. F-Secure on its blog notes that at least one of the sites - noswineflu.com - tries to spoof readers into purchasing a PDF called "Swine Flu Survival Guide" for $19.95. I'm sure it won't be long before purveyors of rogue anti-virus products begin using search engine optimization techniques around the term "swine flu" to drive people to sites that try to scare people into buying the worthless software.
BOSTON - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said. Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said. The worm started spreading late last year, infecting millions of computers and turning them into "slaves" that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.
