Tag Archives: FBI

What to do about DNSChanger

It’s a long, long story. It starts with the arrest in November 2011 of six Estonian cybercriminals who managed to infect millions of computers with malicious software known as DNSChanger.

This malware would compromise search results, direct infected PCs to rogue websites, compromise antivirus software and insert rogue advertisements into legitimate pages. These guys made a load of money before they were nabbed.

However, even after the arrests, plenty of computers remained infected. The FBI set up temporary servers for infected PCs, but those will be coming down on July 9, 2012. In other words, if your computer or router is infected, you won’t be able to connect to the Internet, starting Monday.

(“Five Years” by David Bowie just popped into my head, but in this case, you’ve got about three days.)

The first thing you need to do is check to see of your machine is infected. The DNSChanger Working Group provides a list of sites that check your computer here. If it says you’re good to go, no additional action is required.

However, if you get a red light, you’ll have to fix your computer. The DCWG provides instructions here, along with links to tools that specifically remove the malware, but you may need to take your PC to a professional computer repair shop.

I’ve heard that about 70,000 computers are still infected (this one’s clean!), so it’s not as if the entire Internet is going to die on Monday (as some of the jumpier news sources have implied), but you still don’t want to find yourself unable to connect and cut off from solutions to the infection.

IC3 annual report for 2011 released

The Internet Crime Complaint Center (IC3), a collaborative effort between the National White Collar Crime Center (NW3C) and the FBI, has released its 2011 Internet Crime Report. You can view or download the document here (this requires a PDF reader…if you don’t have one, I recommend Foxit).

It can be somewhat dry reading (fancy title page notwithstanding), but it includes some interesting data. The number of complaints received by the IC3 topped 300,000 for the third year running, a 3.4% increase over 2010 (but still down from the peak in 2009).

Work-at-home scams continue to be one of the top fraud types reported, though FBI impersonation scams brought in large numbers as well. I have some questions about this statistic, though: is the ratio of FBI impersonation fraud to other types reported to the IC3 genuinely reflective of their overall ratio “in the wild” (that is, including examples not reported), or is the incidence of this particular type of fraud being reported much higher than for other types because, if you get an FBI impersonation fraud email and you know it’s a scam, if you run a Google search on the scam, it’s going to direct you to the IC3 or FBI websites, where you’re asked to report it to the IC3?

I may be splitting statistical hairs here, but I’ve got an email address that gets just about every spam, scam and 419 email in the world (lucky me, eh?), and I’ve only seen one or two actual FBI impersonation messages over the past few years. Work-at-home schemes, on the other hand, simply run riot in my spam folder.

In any case, it’s a good overview of what schemes are currently most active, and at a mere 26 pages, it’s nowhere near as dull as most government documents.

Haiti Earthquake Scams: another preemptive strike.

I haven’t seen any specific scams of this type yet, so think of this as one of those “you know it’s going to happen, so be prepared” moments: The FBI is already warning consumers about possible Haiti Earthquake Scams. Le sigh.

Here’s the deal—if you get an unsolicited (you didn’t request it) email requesting donations for victims of the recent Haitian earthquake, or if someone contacts you via social networks (Twitter, Facebook, MySpace, etc.) asking for help, just don’t respond. The odds that it is a scam are just too high to risk it.

If you are approached by a charity you believe is legitimate, ask lots of questions. If they’re honest, they won’t mind providing information. However, I still wouldn’t donate to these requests, either.

If you really want to help, contact an organization you already know and trust, and donate without them asking you first. Make sure you’ve got the name of the organization correct before you act—scam charities sometimes change one small word in the name of a well-known charity in an attempt to confuse people.

There is a long list of organizations involved in relief efforts here, from MSNBC. I’m not familiar with most of these, and I’m not endorsing any one in particular or vouching for what they do.

We are in an age where every natural disaster, every new government action and every new technology is immediately assimilated by criminals looking for easy money. If you want to help out in Haiti, contact your favorite charity today. Don’t wait for someone to ask.

Fraud/Malware Alert: Intelligence Bulletin No. 267

Here is some text from a fraudulent email that’s been popping up lately:

INTELLIGENCE BULLETIN No. 267
Title: New Patterns in Al-Qaeda Financing
Date: August 15, 2009
THREAT LEVEL: YELLOW (ELEVATED)

THE INTELLIGENCE BULLETIN PROVIDES LAW ENFORCEMENT AND OTHER PUBLIC SAFETOFFICIALS WITH SITUATIONAL AWARENESS CONCERNING INTERNATIONAL AND DOMESIC TERRORIST GROUPS AND TACTICS.

HANDLING NOTICE: Recipients are reminded that FBI Intelligence Bulletins =ontain sensitive terrorism and counterterrorism information meant for us= primarily within the law enforcement community. Such bulletins are not =o be released either in written or oral form to the media, the general p=blic, or other personnel who do not have a valid ?eed-to-know?with=ut prior approval from an authorized FBI official, as such release could jeopardize national security

All the spelling errors and odd characters are exactly as they appear in the message.

Do I even need to tell you this one is fraudulent?

If so, it is.

Furthermore, the message often contains a file named “bulletin.exe.” If you open this file, it will install malicious software on your computer, which can lead to serious problems (like fraud and identity theft).

The FBI does not email official reports, nor does it send unsolicited email messages. If a document is confidential, they’re going to keep it that way.

Whenever you get an email message you weren’t expecting, from someone you don’t know, use extreme caution when dealing with it. My advice is to not even open unsolicited messages, and delete them right away. However, at the very least, never click on links or open attachments in emails unless you already know what the file (or link) is, why it’s being sent to you, and who sent it.

Fraud Alert: The Internet Crime Complaint Center (IC3) warns of new fraudulent email

United States Attorney General Eric Holder’s name is being used in a new fraudulent email currently making the rounds. Below is an excerpt from the IC3 Intelligence Note:

The current spam alleges that the Department of Homeland Security and the Federal Bureau of Investigation were informed the e-mail recipient is allegedly involved in money laundering and terrorist-related activities. To avoid legal prosecution, the recipient must obtain a certificate from the Economic Financial Crimes Commission (EFCC) Chairman at a cost of $370. The spam provides the name of the EFCC Chairman and an e-mail address from which the recipient can obtain the required certificate.

The full text of the Note further explains that the government does not use email to contact people in this way. I would also add that the FBI and the DHS are not going to let people suspected of terrorism or money laundering buy their way out of trouble for $370.

Not even the FBI Director is above falling for a phishing scam

I spend a lot of time on this site repeating (explicitly or implicitly) these two ideas:

  1. You can take steps to vastly reduce your chances of becoming a victim of fraud or identity theft
  2. That said, nobody is ever 100% safe, and nobody is “too smart” to walk right into a scam

The following is an excerpt from a recent speech by FBI Director Robert S. Mueller, III:

Most of us assume we will not be targets of cyber crime. We are not as careful as we know we should be.  Let me give you an example.

Not long ago, the head one of our nation’s domestic agencies received an e-mail purporting to be from his bank. It looked perfectly legitimate, and asked him to verify some information. He started to follow the instructions, but then realized this might not be such a good idea.

It turned out that he was just a few clicks away from falling into a classic Internet “phishing” scam—“phishing” with a “P-H.” This is someone who spends a good deal of his professional life warning others about the perils of cyber crime. Yet he barely caught himself in time.

He definitely should have known better. I can say this with certainty, because it was me.

After changing all our passwords, I tried to pass the incident off to my wife as a “teachable moment.” To which she replied: “It is not my teachable moment. However, it is our money. No more Internet banking for you!”

If I didn’t dislike vapid clichés like “it really makes you think” so much, I’d probably say that right now. I mean, it would be funny (but not ha-ha funny) enough if someone like myself fell for a phishing email, but the FBI Director?

I think the Soup Nazi-esque “no online banking for you!” response is extreme, although I can see how a high-profile figure like Mueller could have his reasons beyond just his own personal finances for going offline—namely, his very credibility.

For the rest of us, though, online banking and bill payment is still very safe, as long as you’re informed when it comes to the dangers. If you get an email that appears to be from a financial institution, don’t click on any links within that message. Go directly to that bank, credit union or credit card company’s website by typing the URL manually, or by running a search on Google, and log in from there. Of course, if it’s from an institution you don’t even have a relationship with, you’re pretty safe in assuming it’s phony.

The full text of Mueller’s speech is an interesting read, if you have a few minutes, by the way.