Help Wanted: No Qualifications Necessary

[wenwilder]

A recent event in a neighboring town has set my spurs a-fire. This event sparked a letter to the local editor, which he has once again chosen to ignore. (We are not the best of friends, truth be told.) So, I got to thinking. Scary I know, but bear with me here.

I, of course, will keep bugging my local editor. Just because I enjoy it ;) but... I will go a few steps further. Partially because it is for a friend, and partially because I truly love a challenge.

Anyway, the event..... an old friend of mine is currently in jail because of the 419 scam. While I am sure she had her reasons for believing in her actions, I also believe the fault lies in the publics education. (or lack there of)

When it comes to online scams, spams, phishings and frauds no one knows it all. I was very very shocked to see an article, in my local paper, that mentioned computer, internet, online, or email. Let alone an article including all of the above. If it is not about cows, corn, or cowboys.... oh, and local sports, it generally doesn't get front page notice. Oops...

Now, before I continue ranting about the local paper, on to my thoughts.

I am putting together a list of websites that consumers, newbies and oldbies, can visit for information on virus's and scams. I will be sending the information to the editor and another old friend who just happens to be a senator ;) But.... I am not going to stop there. My dad once told me that if you only do things half-a**ed you risk losing your favorite cheek ;)

I will also add the information to my web site, post flyers locally, mail and email it to Governors and Senators and Representatives. Anyone I can pester I will be more than happy to pester ;)

Here's where you come in :) I need input! I can not read everything on the internet. I can not search a million different phrases and decide which sites are useful and which ones are not. I do not know all of the best sites to confirm a scam, etc. But I can ask all of you.

I want to put together a comprehensible list of:

Sites that list possible and/or existing scams, etc. such as: Scambusters and Snopes.

Sites you can report scams, fraud, etc. to, such as: Spamcop and FTC.

If you know of a new scam that isn't widely known, that information would be fantastic! Anything to do with virus's would be great too.

I know there are places we all go because we trust the information they provide. I am looking for those places.

While my goal is to educate my local community. Once the information is gathered and organized it will be available for anyone and everyone who wants it.

Whether my friend was right or wrong in what she chose to do, doesn't matter. We all wish people were more educated about virus's etc. well, .... I'm tired of wishing. Unfortunately it took it happening in my back yard to get me to that point. I am hoping, with your help, I can prevent it from happening again.

Are you up for it?

[voodooboy]

OK Sweetheart,

Here you go.

For Virus's:
Virus Info:
http://securityresponse.symantec.com/
Removal tools:
http://securityresponse.symantec.com...ools.list.html

Scams and hoaxes:
Two of the best resources I have found:
http://www.scambusters.org
http://www.sophos.com/virusinfo/hoaxes/

Hope this helps. You will have to share with us what your friend did; when you have time.

Best of luck. Let me know if you need anything else.

[ldyguique]

Wen --

I've only recently gotten into NewsAggregators/newsfeeds. I'd pretty much depended on Google news and some "news alerts" from them on certain topics; however, I've really increased my "pinpoint" accuracy on current issues by using RSSReader --

I've also added a couple of newsfeeds to my site: anchoragetechsupport.com/newsfeeds -- a work in progress.

However, I track the 3 following links in my NewsReader:

http://securitytracker.com/
http://www.securityfocus.com/
http://www.scamsafe.com/scamsafe/

(They seem to pull all of the US-Certs, plus I get those sent to me in email -- but the Government isn't really up to speed or as current as I'd like.)

This is the one that I've added to my website:

http://www.millersmiles.co.uk/

Additionally, under my "Security" category, I track:

The Internet Storm Center for viruses, worms, etc. They ARE the most current on a minute-by-minute basis.

While I also track CNET News, InfoWorld, etc., I've found that the above links give me the broadest coverage for "all" things that I classify as "Scourge(s) of the Internet."

My goal is to switch over to a CMS program, away from a static webpage format and have all my of newsfeeds "automatically" introduced onto my website; however, being a newbie and all, that goal will likely have to wait until the fall. And, what is decipherable to me in a complex website isn't necessarily to the average user whom I want to support; so, I may run both in parallel for awhile.

I run a forum AND a "Scourge Alert" on my homepage and on my Virus Alert page -- and update any/all as quickly as I see something growing in importance. While I don't have a readership as yet for my site, I'm developing habits that will hold me in good stead for the future when I do.

[mikmik]

http://www.dslreports.com/overview?v=p

http://www.cexx.org/

Just wait, wen, i will get my bookmarks from before

http://www.viruslist.com/eng/

Virus, or hoax?

http://www.bchra.org/TipsTricks/Spyware-2.htm

You do have the 'biggie'?
I think you referenced this one before, wen, yes?
http://hoaxbusters.org/

[wenwilder]

Fantastic information!! Thank you!

I'm learning something in all of this - definitions are a dime a dozen, but not all of them make any sense.

There is ALOT of information out there, but coming to the experts of wpw ;) and a few other choice places was definately the best idea.

I hope I can get more people to help out. Whether it is with sites they trust, definitions, suggestions, volunteering to help....anything would be appreciated.

Scott, my friend is currently in jail because of a 419 scam. She's a mother of four, works full-time, and her and her husband have been struggling for sometime to make ends meet. Her reasons weren't greed, she simply wanted a better life for her family. Something many of us can associate with.

Maybe I won't "save the world" with this information, but if I can help one person then I have done more than just complain. And all the hours and research that will go into this will be worth it. ;)

Now, back to work :)

I have a list of topics, but... I feel like there are some missing. My list:

Virus's
Hoaxes
Scams
Phishing
Spoofing

What am I forgetting or are there any others I need to add?

[mikmik]

Identity Theft is the biggest problem right now, wen.
So is computer highjacking.
I am really trying to get my data retrieved and I have a whole pile of security sites that are full of 'how to's' for people to recognize when they are in trouble.

One method that is a biggie, is the use of 'BHOs", or Browser Helper Objects. These are also known as 'plug-in's', and the common ones are Macromedia flash player, and various toolbars, such as the Google and Alexa add-ons.

What happens is that many, many people are fooled into installing "Hotbar", and this is the worst spyware installer going. The 'spyware' is serruptitiously installed to the client machine, and transmits information from the client hard drive to clandestine destinations, and can be used for all manor of purposes.

The most illegal method right now, is through highjacking the clients browser and redirecting to a malicious webpage. At said page, keyloggers and other software are installed, as well as FTP and server programs that run hidden in the background, unknown to the user.
The entire browser window can be spoofed. This is done through the use of javascript.

What happens is that the browser - let's say 'Internet Explorer' - that the computer user sees on their moniter, is a 'virtual' image, and is not the real picture of what is really going on. So while it looks like the user is at one site, and all is normal, the computer - via the real IE - is at another address (IP or URL) and is feeding all the passwords and credit card info to someone for obvious uses.

Another bigtime problem, is through IM and P2P (Kazaa). Highjacking software is spread unknowingly between users of these, and is the sort of thing I am just trying to recover from.

It is EXTREMELY sophisticated.

All these are EXTREMELY sophisticated, wen. They are scary!!!!

I had a server transmitting on EIGHT channels using dialers and an installed server and router.
Now get this: I was getting an entirely spoofed desktop. I was seeing only what the software wanted me to see.

So, it is beyond belief what is going on,wen.
It is happenning on 38 to 60 percent of computers right now without people knowing about it.
Their computers are being used for Dedicated Denial os Service attacks, and to spread SPAM and trojans/virusses/worms the whole time they are on the internet.

Look at the link light on your NIC port, where the internet cable plugs into your computer. If the lights are both on while you are not doing anything to visit websites, just static on one page, then you have a problem.

I will try to get an article written next week. I have offers of help editting one, and I have been talking with Sophos Security, and AV.

I will PM you, ok? I have a LOT of important stuff here. I have to get to some clients, but I am putting some effort into this now.

I admire what you are doing, wen. I have been concentrating myself on this type of thing for a while now because so many of my friends here in Kelowna were always getting into trouble, and I have from day one set out to provide help to everyone: I just am real bad at getting a proper website up :O)))

I mean it, everyone, I just had the living ** scared out of me this last three weeks, it is bad.

Get all updates, and use several online scans to check your computer regularily.
And don't always believe what you are seeing. Check your NIC for suspicious activity.

[simonm]

Hi Wen (love the latest avatar)

I've done the same thing both for my local community website, see: http://www.lenham.net/onlinescams.htm also the link to the DTI's anti scam page from the home page of www.lenham.net.

And at work where I post regular emails to all staff warning them of the latest scams and to be wary of any get rich quick schemes, unsolicited emails and phone calls. The problem is that too many people seem to believe the advice of complete strangers rather than friends or colleagues who care!

[littletexas]

Don't forget these!:
http://urbanlegends.about.com/librar...m?PM=n2100601c
(url)http://urbanlegends.about.com/cs/virushoaxesaz/index.htm(/url)
(url)http://urbanlegends.about.com/library/blhoax.htm(/url)

[stitchit]

I have exported products to South Africa in the past and it can be a testy effort but usually worth the effort.

Lately I got a request from quite an interesting lady based in Texas or so she claimed.

I was to send a fairly large shipment to her store address in Nigeria. Once the first order had been completed and she trusted me she is going to place another order 50 times larger.

She was requesting the amount for shipping and as soon as she received the info she was going to fax me her credit card details in order to pay for the order and I was to ship asap. She sends the Nigerian address and a phone number. Sounds good up to this point.

Then she says she is doing this as a payback to someone who helped her when she needed it in the past. Still sounds good up to this point.

Before I can even answer she e-mails again and she requests that I purchase four expensive Sony cell phones and to ship them with the order as an extra gift. I was not to invoice her for the phones and she indicated she was going to pay me an extra $300 via credit card of course for my efforts plus the costs of the phones.

The fact that she wanted me to ship to Nigeria versus Texas plus the cell phone story along with her generosity got me pondering the situation so I surfed Nigeria.

Ah huh! Most of the address was bogus as was the telephone number. I informed her that the telephone number wasn't working. Her reply was it must be a temporary problem and to ship - ship - ship!! She was all hot to give me a credit card number to pay for my trouble.

Well having been well instructed by the credit card co. years ago I smelled a rat! Either the credit card number she had was stolen or she would have intructed the credit card co. that she had cancelled the order and wanted a refund.

Had I fallen for her line I might have got my shipment back some day or insurance would have paid for the loss. The phones which she requested not to be invoiced for would have been lost for good.

BTW, while surfing Nigeria I found cell phones were a hot choice for thieves.

I haven't responded to her request and I hope she is holding her breath.

Fred

[thusmann]

Dont forget about the Secret Service website:

http://www.secretservice.gov/alert419.shtml

[bbbuffalo]

Just curious (and I won't bother you if you prefer not to answer) but why is your friend in jail for being a victim of a scam?

[xmx]

I have a couple of sites I can suggest you.

http://www.fraudwatchinternational.com
They list many online frauds and give useful suggestions

http://www.theregister.co.uk/security/
They inform about all the viruses, the phishing and scams around.

[paulhiles]

Report spam and network abuse
AbuseButler
View report on the top 40 entries in the past 7 days

Anti-phishing organisation
Antiphishing.org
How not to get "Hooked" by a Phishing scam

[elysian]

Odd.. the first forum subject I headed to in here I posted something on a scam I uncovered just this week. And here you have a whole thread on it. I think I like this place :)

Anyway, all of this makes me think of the good old days when I didn't have to open all my mail on the Mac. Not to say that viruses can't attack a Mac- but very few of them do in relation to windows.
And I long for the good old days when I didn't have to set the pc's to run spy-killers, ad-smackers, trojan-smiters, etc etc ad nauseum once every few days.

I have no idea how anyone new to the net can protect themselves these days. Even large companies such as AOL impregnate thier software with spyware- and do not inform you on download. How are newbies to know- without informative forums such as this one? There is hardly anything worse than people who lie, scam and steal from pure greed. I am realy getting disgusted with the amount of it online.

Thanks for starting this thread- the posted links are good ones, I have been to many of them.

[deltatrend]

I have an issue with Spamcop. I sent out an email to registered users, and several were rejected because their ISPs are using Spamcop. On further investigation, I found that people can just send a report to Spamcop and any mail from that IP is rejected. In other words, one of the hosting companies I use regularly has been completly blacklisted by Spamcop because one of the companies emailing from there has been reported for Spam.

I don't think this kind of blanket blacklisting serves anybody's purpose, so I would leave them off your list.

[acornwebworks]

Quote:

Originally Posted by bbbuffalo

Just curious (and I won't bother you if you prefer not to answer) but why is your friend in jail for being a victim of a scam?

Sorry, Wen. You’re still my hero, but I was wondering the same thing.

*****

I regularly teach classes on recognizing scams, avoiding viruses, and so forth. And, when area VR agencies have clients who are interested in signing on with an Internet business, I get contacted and asked, “is this a scam”? I didn’t start out to ‘become an expert’, and wouldn’t particularly classify myself as one, but I find the subject fascinating, so ended up being pretty darned knowledgeable.

What I found interesting about this thread is seeing the ‘red flags’ that the posters themselves didn’t seem to recognize. (Stitchit’s post was full of them, for example, but even Wen’s posts contain things I would use as examples of ‘red flags’.)

But I wrote because I’d like to make a suggestion to Wen.

I understand that you want to ‘do something’. It seems you hope that your list of resources will ‘educate your local community’.

** “I am putting together a list of websites that consumers, newbies and oldbies, can visit for information…”

**” I will also add the information to my web site, post flyers locally, mail and email it to Governors and Senators and Representatives.”

So you’re hoping that coming up with yet another list of resources for people to learn about scams will somehow make a difference to folks like your friend. And yet the Internet is full of such resources. And they didn’t help your friend.

All those politicians you mentioned already know about these things…heck, not only are there laws against Internet scams, but the Secret Service has an office in Lagos, Nigeria. And they didn’t help your friend.

Your conclusion as to why your friend got caught up in the 419 scam, besides her being desperate, is that there is a lack of public education about scams. I would argue that there is a lack of *effective* public education about scams, and your proposed activity doesn't change that. I would also argue that saving just one person from a scam is not worth all your intended efforts, because it makes far more sense to be more effective with the same amount of effort and save more people.

I know what my experience has shown me the primary reasons are:

1) It doesn’t occur to people to check to see if something is a scam, because it never crossed their minds it's a scam
2) The person is desperate
3) The person thinks “hey, who knows…it *could* be true…it can't hurt".
4) The person is confident they can't be fooled, so they don't bother checking.

Your plan as presented won't protect any of those folks, not even in your town. You need to hit all those people upside of the head somehow.

So you know what I think you should do? Start a poster campaign.

Start it locally. Consider expanding it nationally.

But I don’t mean a poster campaign with a focus of sending people to your anti-scam website. I mean a poster campaign that could work for people who never, ever check a scam website…like your friend.

Put the posters everywhere. Every telephone pole. Every store window. If the message is right, you will have a major impact on people who might never have associated "scam" with something they might even be considering right now.

And I think *this* is what you should be asking this forum to help you with…coming up with Bash Them In The Head posters. Because that's what I'm thinking needs to be done for effective public education regarding scams.

My poster offering regarding the 419 scam?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PEOPLE HAVE BEEN MURDERED!

Nigerians do not want to give you millions.
ALL those emails are written by con artists.
They stole over $200 million last year alone.
If you try to get your money back, they kill you.

For more info: (website)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If your friend had seen one of those posters, do you think she might have had second thoughts before getting caught up in that scam? I would bet more than one person would think twice :-)

Kendall

[Luckenbach]

Good idea, Wen,
Remember the pyramid schemes and selling the Brooklyn Bridge? You don't see many of those anymore, seems most people know about them. Now if only everyone knew about the 419 and other scams!

I have a classified section on my website, so my users get fake buy offers from scammers all the time. For each classified I send a warning in the confirmation email with a link to this page,
http://www.sailingtexas.com/chumor4.html
which has an example of when some theif tried to scam me and I played along (and a picture of the actual bogus check they sent me), and a link to several more examples of this scam. It's different from the 419 scam, and people still fall for it.

During the time I was playing along with them I found out that while based overseas, these people have associates here in the states. They wanted to send a messenger with the bogus check instead of mailing it, so he could pick up the cash in person! Needless to say I did not want to meet this person.

Luckenbach