Help Wanted: No Qualifications Necessary

[wenwilder]

A recent event in a neighboring town has set my spurs a-fire. This event sparked a letter to the local editor, which he has once again chosen to ignore. (We are not the best of friends, truth be told.) So, I got to thinking. Scary I know, but bear with me here.

I, of course, will keep bugging my local editor. Just because I enjoy it ;) but... I will go a few steps further. Partially because it is for a friend, and partially because I truly love a challenge.

Anyway, the event..... an old friend of mine is currently in jail because of the 419 scam. While I am sure she had her reasons for believing in her actions, I also believe the fault lies in the publics education. (or lack there of)

When it comes to online scams, spams, phishings and frauds no one knows it all. I was very very shocked to see an article, in my local paper, that mentioned computer, internet, online, or email. Let alone an article including all of the above. If it is not about cows, corn, or cowboys.... oh, and local sports, it generally doesn't get front page notice. Oops...

Now, before I continue ranting about the local paper, on to my thoughts.

I am putting together a list of websites that consumers, newbies and oldbies, can visit for information on virus's and scams. I will be sending the information to the editor and another old friend who just happens to be a senator ;) But.... I am not going to stop there. My dad once told me that if you only do things half-a**ed you risk losing your favorite cheek ;)

I will also add the information to my web site, post flyers locally, mail and email it to Governors and Senators and Representatives. Anyone I can pester I will be more than happy to pester ;)

Here's where you come in :) I need input! I can not read everything on the internet. I can not search a million different phrases and decide which sites are useful and which ones are not. I do not know all of the best sites to confirm a scam, etc. But I can ask all of you.

I want to put together a comprehensible list of:

Sites that list possible and/or existing scams, etc. such as: Scambusters and Snopes.

Sites you can report scams, fraud, etc. to, such as: Spamcop and FTC.

If you know of a new scam that isn't widely known, that information would be fantastic! Anything to do with virus's would be great too.

I know there are places we all go because we trust the information they provide. I am looking for those places.

While my goal is to educate my local community. Once the information is gathered and organized it will be available for anyone and everyone who wants it.

Whether my friend was right or wrong in what she chose to do, doesn't matter. We all wish people were more educated about virus's etc. well, .... I'm tired of wishing. Unfortunately it took it happening in my back yard to get me to that point. I am hoping, with your help, I can prevent it from happening again.

Are you up for it?

[voodooboy]

OK Sweetheart,

Here you go.

For Virus's:
Virus Info:
http://securityresponse.symantec.com/
Removal tools:
http://securityresponse.symantec.com...ools.list.html

Scams and hoaxes:
Two of the best resources I have found:
http://www.scambusters.org
http://www.sophos.com/virusinfo/hoaxes/

Hope this helps. You will have to share with us what your friend did; when you have time.

Best of luck. Let me know if you need anything else.

[ldyguique]

Wen --

I've only recently gotten into NewsAggregators/newsfeeds. I'd pretty much depended on Google news and some "news alerts" from them on certain topics; however, I've really increased my "pinpoint" accuracy on current issues by using RSSReader --

I've also added a couple of newsfeeds to my site: anchoragetechsupport.com/newsfeeds -- a work in progress.

However, I track the 3 following links in my NewsReader:

http://securitytracker.com/
http://www.securityfocus.com/
http://www.scamsafe.com/scamsafe/

(They seem to pull all of the US-Certs, plus I get those sent to me in email -- but the Government isn't really up to speed or as current as I'd like.)

This is the one that I've added to my website:

http://www.millersmiles.co.uk/

Additionally, under my "Security" category, I track:

The Internet Storm Center for viruses, worms, etc. They ARE the most current on a minute-by-minute basis.

While I also track CNET News, InfoWorld, etc., I've found that the above links give me the broadest coverage for "all" things that I classify as "Scourge(s) of the Internet."

My goal is to switch over to a CMS program, away from a static webpage format and have all my of newsfeeds "automatically" introduced onto my website; however, being a newbie and all, that goal will likely have to wait until the fall. And, what is decipherable to me in a complex website isn't necessarily to the average user whom I want to support; so, I may run both in parallel for awhile.

I run a forum AND a "Scourge Alert" on my homepage and on my Virus Alert page -- and update any/all as quickly as I see something growing in importance. While I don't have a readership as yet for my site, I'm developing habits that will hold me in good stead for the future when I do.

[mikmik]

http://www.dslreports.com/overview?v=p

http://www.cexx.org/

Just wait, wen, i will get my bookmarks from before

http://www.viruslist.com/eng/

Virus, or hoax?

http://www.bchra.org/TipsTricks/Spyware-2.htm

You do have the 'biggie'?
I think you referenced this one before, wen, yes?
http://hoaxbusters.org/

[wenwilder]

Fantastic information!! Thank you!

I'm learning something in all of this - definitions are a dime a dozen, but not all of them make any sense.

There is ALOT of information out there, but coming to the experts of wpw ;) and a few other choice places was definately the best idea.

I hope I can get more people to help out. Whether it is with sites they trust, definitions, suggestions, volunteering to help....anything would be appreciated.

Scott, my friend is currently in jail because of a 419 scam. She's a mother of four, works full-time, and her and her husband have been struggling for sometime to make ends meet. Her reasons weren't greed, she simply wanted a better life for her family. Something many of us can associate with.

Maybe I won't "save the world" with this information, but if I can help one person then I have done more than just complain. And all the hours and research that will go into this will be worth it. ;)

Now, back to work :)

I have a list of topics, but... I feel like there are some missing. My list:

Virus's
Hoaxes
Scams
Phishing
Spoofing

What am I forgetting or are there any others I need to add?

[mikmik]

Identity Theft is the biggest problem right now, wen.
So is computer highjacking.
I am really trying to get my data retrieved and I have a whole pile of security sites that are full of 'how to's' for people to recognize when they are in trouble.

One method that is a biggie, is the use of 'BHOs", or Browser Helper Objects. These are also known as 'plug-in's', and the common ones are Macromedia flash player, and various toolbars, such as the Google and Alexa add-ons.

What happens is that many, many people are fooled into installing "Hotbar", and this is the worst spyware installer going. The 'spyware' is serruptitiously installed to the client machine, and transmits information from the client hard drive to clandestine destinations, and can be used for all manor of purposes.

The most illegal method right now, is through highjacking the clients browser and redirecting to a malicious webpage. At said page, keyloggers and other software are installed, as well as FTP and server programs that run hidden in the background, unknown to the user.
The entire browser window can be spoofed. This is done through the use of javascript.

What happens is that the browser - let's say 'Internet Explorer' - that the computer user sees on their moniter, is a 'virtual' image, and is not the real picture of what is really going on. So while it looks like the user is at one site, and all is normal, the computer - via the real IE - is at another address (IP or URL) and is feeding all the passwords and credit card info to someone for obvious uses.

Another bigtime problem, is through IM and P2P (Kazaa). Highjacking software is spread unknowingly between users of these, and is the sort of thing I am just trying to recover from.

It is EXTREMELY sophisticated.

All these are EXTREMELY sophisticated, wen. They are scary!!!!

I had a server transmitting on EIGHT channels using dialers and an installed server and router.
Now get this: I was getting an entirely spoofed desktop. I was seeing only what the software wanted me to see.

So, it is beyond belief what is going on,wen.
It is happenning on 38 to 60 percent of computers right now without people knowing about it.
Their computers are being used for Dedicated Denial os Service attacks, and to spread SPAM and trojans/virusses/worms the whole time they are on the internet.

Look at the link light on your NIC port, where the internet cable plugs into your computer. If the lights are both on while you are not doing anything to visit websites, just static on one page, then you have a problem.

I will try to get an article written next week. I have offers of help editting one, and I have been talking with Sophos Security, and AV.

I will PM you, ok? I have a LOT of important stuff here. I have to get to some clients, but I am putting some effort into this now.

I admire what you are doing, wen. I have been concentrating myself on this type of thing for a while now because so many of my friends here in Kelowna were always getting into trouble, and I have from day one set out to provide help to everyone: I just am real bad at getting a proper website up :O)))

I mean it, everyone, I just had the living ** scared out of me this last three weeks, it is bad.

Get all updates, and use several online scans to check your computer regularily.
And don't always believe what you are seeing. Check your NIC for suspicious activity.

[simonm]

Hi Wen (love the latest avatar)

I've done the same thing both for my local community website, see: http://www.lenham.net/onlinescams.htm also the link to the DTI's anti scam page from the home page of www.lenham.net.

And at work where I post regular emails to all staff warning them of the latest scams and to be wary of any get rich quick schemes, unsolicited emails and phone calls. The problem is that too many people seem to believe the advice of complete strangers rather than friends or colleagues who care!

[littletexas]

Don't forget these!:
http://urbanlegends.about.com/librar...m?PM=n2100601c
(url)http://urbanlegends.about.com/cs/virushoaxesaz/index.htm(/url)
(url)http://urbanlegends.about.com/library/blhoax.htm(/url)

[stitchit]

I have exported products to South Africa in the past and it can be a testy effort but usually worth the effort.

Lately I got a request from quite an interesting lady based in Texas or so she claimed.

I was to send a fairly large shipment to her store address in Nigeria. Once the first order had been completed and she trusted me she is going to place another order 50 times larger.

She was requesting the amount for shipping and as soon as she received the info she was going to fax me her credit card details in order to pay for the order and I was to ship asap. She sends the Nigerian address and a phone number. Sounds good up to this point.

Then she says she is doing this as a payback to someone who helped her when she needed it in the past. Still sounds good up to this point.

Before I can even answer she e-mails again and she requests that I purchase four expensive Sony cell phones and to ship them with the order as an extra gift. I was not to invoice her for the phones and she indicated she was going to pay me an extra $300 via credit card of course for my efforts plus the costs of the phones.

The fact that she wanted me to ship to Nigeria versus Texas plus the cell phone story along with her generosity got me pondering the situation so I surfed Nigeria.

Ah huh! Most of the address was bogus as was the telephone number. I informed her that the telephone number wasn't working. Her reply was it must be a temporary problem and to ship - ship - ship!! She was all hot to give me a credit card number to pay for my trouble.

Well having been well instructed by the credit card co. years ago I smelled a rat! Either the credit card number she had was stolen or she would have intructed the credit card co. that she had cancelled the order and wanted a refund.

Had I fallen for her line I might have got my shipment back some day or insurance would have paid for the loss. The phones which she requested not to be invoiced for would have been lost for good.

BTW, while surfing Nigeria I found cell phones were a hot choice for thieves.

I haven't responded to her request and I hope she is holding her breath.

Fred

[thusmann]

Dont forget about the Secret Service website:

http://www.secretservice.gov/alert419.shtml