Tag: MSNBC

Ransomware: It’s a fake virus scanner, only more violent.

Posted on

Last September, I wrote about fake virus scan pop-ups that you sometimes encounter while using a web browser, sometimes known as “scareware.”

What I didn’t cover was a class of malicious software known as “ransomware,” the fake virus scanner’s more violent cousin. The difference?

  • Scareware: tries to trick you into purchasing useless software and probably installs spyware, adware and other malware.
  • Ransomware: poses as a virus scanner, but locks up your computer and forces you to purchase useless software to unlock your computer. Also likely installs a bunch of other malware, in addition to the fact that you’ve just given criminals your credit card number.

It’s kind of the difference between a con artist and a mugger, I guess.

There’s no real way to tell offhand whether a fake virus scan pop-up window is scareware or ransomware. It doesn’t really matter—you don’t want it either way. The same rules for prevention apply in both cases.

Both start the same way: you visit a website and a window pops up that tells you your computer is infected with a virus. The pop-up almost always has an “OK” and a “Cancel” button. Do not click on either of these, because they both install the malware.

You can click on the “X” in the upper-right corner of the window, but I don’t even like to do that. I use “CTRL-ALT-DEL” to force the browser to close. I think the Mac version of “CTRL-ALT-DEL” is “Command-Option-Escape.”

After I’ve shut down the browser, I run a virus scan and a spyware scan. It’s sort of a pain and it takes a while, but too many people value convenience over security, and they end up paying for it. There are very few instances in which it’s not possible to find something else to do while your virus scanner runs. You don’t have to be on the Internet 24/7, you know.

Now, I’m not one to tell anybody what brand of web browser to use, but I will say one thing on the topic: since I switched from Internet Explorer to Firefox with the NoScript plug-in, I haven’t had a single scareware window pop up. I’m not telling you what to do. I’m just sayin’.

Also, I know it costs money, but you cannot afford not to do it: install some good antivirus software, keep it updated and keep your subscription current. Norton, McAfee, Kaspersky; I don’t care which one you use, just use something. No, it’s not super cheap, but if you’d rather shell out $79 to unlock ransomware than spend $69 on actual protection…well, in that case I think there’s just something the matter with you.

Finally, for an extra level of protection, install the excellent (and free!) Spybot Search & Destroy. Yes, right now. There is one annoying thing about this software, though, and it’s Microsoft’s fault: in Windows Vista and Windows 7, in order to run S&D properly, you can’t just click on the icon. You have to right-click the icon and select “Run as administrator.” You won’t be able to actually remove anything if you skip this step.

There’s a recent story about ransomware at MSNBC, with a video that shows the malware in action (and actually shows you how to unlock it with hacked registration codes).

Fraudulent advertisements: anybody can do it!

Posted on

Here is a list of things that literally anyone can do:

  1. Run an advertisement in the classified section of the newspaper
  2. Start a website
  3. Send an email message
  4. Tape a poster or sign to a telephone pole

This is an important fact to remember when you’re considering whether or not to call a phone number or give your name and other personal information out over the Internet.

I was reminded of this when I heard that the U.S. Postal Service jobs scam I wrote about just the other day had showed up in one of the newspapers here in Northwest Indiana. An employee here at REGIONAL called the number, just to see if it was the same rip-off I posted about. She told me, “The first thing out of her mouth was, ‘It’s $129.95. Will that be credit or debit?'”

There is no vetting process in the classifieds. Newspapers do not check out alleged businesses before running their ads. I could call them up right now and, as long as I paid for it, run an ad that said, “Build your own flying saucer out of household materials! Capable of inter-planetary travel. Seats 4 adults. Plans only $99.95” and they would run it (just like they would also run one that said, “Be a secret shopper! $483/day!”). They just don’t have the resources to verify the claims of every advertiser.

The Internet is the same way, only worse. Anybody can create a website, and make it look very slick and professional. There is absolutely no physical barrier to lying on a website, or setting up a fake business that just steals money or personal information.

Heck, I could say this site is “as seen on MSNBC,” even though it hasn’t been. Yet.

Actually, when you link to a CNN.com article, as I’ve done a few times, a link to your article shows up at the bottom of their page in the “From the Blogs” section. So I could say the Fraud Prevention Unit is “as seen on CNN,” right?

Right?

Okay, fine. I’ll have to wait for my Larry King interview. Or maybe an hour-long special! Or…

Hit these links

Posted on

Let’s take a break from the Identity Theft Myths series today, and instead look at some other topics from other places on the web.

“Is Facebook becoming Phishingbook?” explores a social media scam that seems to be growing lately. Summary: if you’re Facebook friend tells you they’ve been mugged in London and need you to wire money, don’t.

Excellent advice from Craigslist. There is a lot of fraud happening through this popular site. Summary: only buy/sell locally, and never wire money. Ever.

“10 Ways to Avoid Sneaky Work-at-home Scams” is exactly what it sounds like. Summary: the economy is weak and these scams are only going to become more common.

“Beware of Cash For Clunkers Scams.” I’ve covered this here before, but the Eastern Michigan BBB has some more information on the topic. Summary: CARS works by taking your heap, junker or jalopy (or “hoopty,” in the parlance of our times) to a dealer and trading it. There is no pre-registration or anything.

We’ll return to the Identity Theft Myths next Monday. Until then, have fun.