Cant Keep Quiet!

On December 29, 2006 I tired to leave a comment on a friend’s blog. The comment was denied because my IP was a spammer.

A visit to a site that lists IPs that have been flagged for spamming confirmed that my IP had been flagged.

WTF!

I spent the next few hours before I went to see Lewis Black trying to track down any trojan or other program that someone could be using to send out that crap from my IP.

I found. . . nothing.

I scanned my computer for exploits…everything was clean.

I scanned my computer for AnalogX (an open proxy that cannot be made secure)… not on my computer.

Wingate? Same results. Squid? Same results.

I ran Netsky, MyDoom, and Beagle removal tools. All three worms were not found on my computer.

I ran WebDefender (anti-virus program from Microsoft), clean.

I ran SpyBot Search & Destroy and found a bunch of tracking cookies but not much else.

I paid for and downloaded Ad-Aware SE Plus and ran that program. If found a lot of suspicious possibilities mostly associated with IE.
More »« Less

Have you noticed that you’re getting more junk e-mail lately? More spam is getting past your filters offering to sell V1úgra (Viagra) or stocks? If so, you’re not alone.

According to U.S. email security company Postini 7 billion spam e-mails have been sent worldwide so far this month. That’s nearly 3 times the number sent in June (2.5 billion). The company expects the amount to go even higher as we get closer to Christmas.

The rise is due in part to a computer program called “Stration” can hijack your home computer. This “Trojan horse” program will then force your computer to send out the e-mails for the spammers. These “Trojan horse” type programs allow gangs of spammers to create “zombie networks” or “botnets” which can literally link hundreds of thousands of computers without their owners being aware of the problem. This allows spammers to send millions of spam e-mails with anonymity.

Creating laws against spammers doesn’t work. The laws are specific to a state or country and have little effect on spammers working far away from their victims.

The only thing that will work is for people to stop buying from spammers.

The spammers have a lot of incentive to continue sending their e-mails. It costs them next to nothing to send millions of e-mails. If even a handful of people fall into their trap the spammer has made a profit.

As a result, as anti-spam filters become more sophisticated so do spammers. Instead of getting a message about Viagra, a red-flag for anti-spam filters, you’ll get a message for V1u gra which slips through the filters. Another tactic is to send the spam message in a graphic which is harder for the filters to scan.

So what can you do?

Make sure you have an up-to-date anti-virus program installed on your computer. Make sure you keep it up to date since new Trojan horse programs are being created all the time.

Never reveal financial details to a website due to an e-mail asking you to “update your records.” If you get an e-mail from what looks like your bank or any other reputable organization asking for this information it is a scam.

Never, ever, respond to spam e-mails. As long as the spammers can find even a handful of people to reply to their tricks, they will keep sending their garbage out.

Palm Beach County’s elections supervisor received a complaint back in February that Ann Coulter voted in the wrong precinct for a Palm Beach Town Council election on February 7th. On March 27th the Elections Office sent Coulter a letter asking her to clarify her address. The letter included the warning that she could “face the possibility of her voter registration being rescinded.” Coulter didn’t respond so three additional letters were sent to Coulter and her attorney.

To date, neither Coulter nor her attorney have supplied the requested information.

Coulter’s attorney did send a letter to Arthur Anderson, the Elections’ Supervisor, stating that the attorney would discuss the matter in person or on the phone only. The attorney also complained that information about the case had been given to the media. Anderson’s reply was that the situation had to be discussed in writing.

Because Coulter has not responded to attempts to clarify her legal residence, Anderson has said that her case will probably be turned over to prosecutors by Friday. If Coulter is found guilty of knowingly voting in the wrong precinct (i.e. fraud) she could be sentenced to up to 5 years in prison.

If you think that the Elections’ Supervisor isn’t treating Coulter fairly by not allowing her attorney to discuss the case in person or on the phone, he’s actually treating Coulter as he would treat any person that has had a similar complaint filed against them.

Personally, the fact that she won’t reply to this request speaks louder about the validity of her address. But then again, I’ve always thought the nasty witch was a fraud.

Obviously these cretins catch some people with these scams or they wouldn’t keep trying them. I just wish they would stop sending them to me.

Typically when I get e-mail from a bank I know it’s fraud and I delete it immediately. I belong to a credit union, therefore no bank has a reason to get in touch with me about my account. This latest one, however, claimed to be from the National Credit Union Administration, an independent federal agency that charters and supervises federal credit unions.

The first thing that tipped me off was the request for me to click on a link and verify my account information. That’s the oldest trick in the phishers’ book so there’s no way I’m falling for that. Then I checked the e-mail address. Instead of being a .gov like any government group it was a .com.

Then I looked up the National Credit Union Administration’s site and saw a box on the upper right with the words “Internet/E-mail Fraud Alert.” When I clicked on the link I read this:

Recently, there have been multiple e-mail fraud attempts, known as “Phishing”, that were initiated via e-mail sent to both the general public and to some credit union members that appeared to be from NCUA. This false e-mail asked for the recipient to click on a link to verify their credit union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN, along with other personal information.

NCUA does not ask credit unions members for such personal information. Anyone who receives an e-mail that purports to be from NCUA and asks for account information should consider it to be a fraudulent attempt to obtain their personal account data for an illegal purpose and should not follow the instructions in the e-mail.

If you responded to such an e-mail and provided any confidential account information, please notify your credit union immediately of the scheme. You should also change your account’s PIN, and take any additional action recommended by your credit union to protect your account.

If you feel that you have received a fraudulent phishing e-mail purportedly from NCUA please forward the entire e-mail message to Phishing@ncua.gov

Additionally, you can file formal complaints concerning any suspected fraudulent e-mail with the Internet Fraud Complaint Center (IFCC) at ncua@ic3.gov. The IFCC is a partnership between the Federal Bureau of Investigation, and the National White Collar Crime Center.

Of course, it just confirmed what I already knew.

I don’t think this can be said enough. Never believe any e-mail that claims to be a banking institution and needs your account information. They are just trying to steal your money and your identity. If no one fell for these tricks, these cretins would stop sending out these phisihing attempts.

When I got home today an envelope awaited me that said

Response of Record Must Be Filed

Return at Once

I opened it and inside I found this letter

Sworn to secrecy? Because I won something? Since when?

Those were my first thoughts upon opening this letter. I hadn’t even read the rest and already alarms were sounding in my head.

At the bottom of the letter I saw

Yep, I’d found it. The catch! I only needed to send Las Vegas Actionable Award Program $20 to get my money. Like that was going to happen!

Then I read a little more closely.

LVAAP is a service offered to our customers that provides information on available sweepstakes that are open to the public for entry. Subscribers are solely responsible for investigating, viewing, and complying with any and all rules, restrictions, requirements, or provisions set forth in all sweepstakes.

Ah, now I see. I give them $20 and they give me a list of sweepstakes I could enter. Hell, I just Googled the word sweepstakes and got 50,300,000 results in .20 seconds. That doesn’t included the Sponsored Links.

If you get something like this in the mail throw it away. They’re hoping that you won’t read the small print, but will instead send them $20 for your supposed millions. If you do read the small print, they are hoping that you won’t know that you can do a search on Google and get the same information they will send you.

When ever you get anything in the mail (snail or e-mail) that looks too good to be true look it over very carefully. The vast majority of offerings that look to good to be true are fraud. Personally, I think they all are fraud.

If you get a letter saying you’ve won something but need to send in money for processing. . . it’s a fraud.

If someone calls you at home and says you have won something and they just need your bank account information to pay a processing fee before they send it to you DON’T! Not only is this a fraud, these people are stealing your identity.
A little suspicion can be healthy. At least for your bank account.