Jump to content
New Members Read more... ×

Search the Community

Showing results for tags 'Phone'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 62 results

  1. PEORIA — A Peoria resident complained to police after his phone was stolen while planning to buy drugs with his "government check." On Thursday, a 62-year-old North Valley man called police to relate a misbegotten series of events. On Monday, he received his "government check" for $700 and immediately "went to buy drugs," according to a Peoria police report. He went back to his apartment to smoke crack cocaine, during which time he heard a rap at the door, the report stated. At first, he ignored the knocking, then decided to answer the door "because he likes to have company," the report said. The visitor was an acquaintance, who then joined the resident in smoking crack, the report stated. The visitor said he knew where to get more crack, if the resident could provide $60. As the resident pulled out his wad of bills, the visitor snatched the cash and tried to flee, the report stated. However, the resident grabbed the visitor, put him in a leg lock and got the money back, the report stated. However, during the tussle, the visitor whacked the resident several times and somehow got hold of his cellphone before managing to break free and run away, the report stated. The resident does not know anything about the visitor except that his name is Chris and he lives in Chicago. Asked why he waited three days to call police about the theft, the resident said he had been busy smoking crack. Source
  2. Our systems have detected unusual traffic from your computer network. I bookmarked this page and now I get this every time I open it. Why does this happen? Edit: Chrome (Phone) screenshot 👇
  3. When using Nsane Light/Dark theme (on Desktop), there is nothing listed under nsane.down menu...all I see is a black strip. An image in a post (spoiler) seems to be coming out of the post area. It is so on Desktop as well as Phone (screenshot below)...strange! There's someone anonymously viewing my to-be-created topic...stranger!! - screenshot See..that's me after Signing Out, under WHO'S ONLINE list Error code: EX1040 - screenshot Horizontal scrollbar! (on Desktop and Phone) - screenshot New replies notifications - GIF NaN (on Phone) - screenshot Found 4 errors in text?! reacted to a post in a topic screenshot BOM (Byte Order Mark) characters?!
  4. Contacts Phone Dialer: drupe Pro v3.017.0012X-Rel [Unlocked] Requirements: 4.1+ Overview: Forget about traditional dialers and phonebook apps! We bring your contacts and communication apps together to one place, that’s accessible from all your screens. Wish to contact a friend? Dial or just text anyone? Just swipe the contact to the app you've chosen and get in touch! Simple. New: Now with a built-in call recorder! ★★★Featured by TNW , Forbes, Android police, AndroidPIT , NYT and more ★★★ App menus are in: Deutsch, English, Español, Français, Italiano, Nederlands, Português, Português (Brasil), Pусский, Türkçe, norsk, український, עברית , العربية, हिन्दी, 日本語, 한국어. Additional languages are coming soon. ★ Contact with just one swipe - Using drupe, you can dial, text or creatively reach anyone on your contact list, using your preferred communication app, with just one swipe. ★ Smart dialer - NEW! Cross app dialing has now made super fast and easy ★ A built-in call recorder - NEW! Record incoming or outgoing calls whenever you wish! ★ Always around - Yes, drupe is within your reach whenever you need it. Don’t worry, we made sure it’s seamless. ★ Organize your address book / Phonebook - It’s about time we’ve had some help with organizing our address book and solving the duplicate Google contacts issues. No more phone book mess... ★ Start all your communication apps from one place – Once we know who we want to contact, we have plenty of apps to choose from. drupe makes it much easier to decide which one to use, and to quickly start the interaction. Dialer, WhatsApp, SMS, Facebook Messenger, Skype, telephone… are all in, and there are more. ★ Communicate with groups– You can either create new groups or import existing ones, but this time enjoy WhatsApp, dial the group for conference calls, send group emails or even create group calendar invites, with just one swipe. Same group across all apps… ★ Unified “recent” feed – Finally you can track your recent communication log, with all your contacts, in one place, call log, SMS, WhatsApp, Facebook Messenger and more. ★ Contact based reminders – Set contact based reminders, time or context related. Never forget to get back! ★ Missed calls manager – Easily get back to your missed calls via call, SMS, whatsapp or else. Snooze missed calls for later or set relevant reminders ★ Integrated call blocker – Block any caller or number whether unknown, spam, scams or telemarketers Bits and Bytes: ❄ A new way to interact with your contacts – unified swipe for all interactions ❄ Includes a true cross app dialer with T9 and dual SIM support ❄ Contact based reminders ❄ A built-in call recorder overlay ❄ Missed calls manager ❄ A unified recent communications log – calls, SMS, messaging and more ❄ An automatic, customizable favorites list ❄ A semi-transparent trigger icon is always with you – activated with one swipe to access your dialer or contacts ❄ Works Seamlessly with your native Android functions: Call, SMS, Calendar, Email & More. ❄ Integrated with: WhatsApp, Facebook, Skype, Tango & many more ❄ Choose from a bunch of amazing themes and customize your drupe looks ❄ Easy search- Reach all your contacts from the main screen. Search also through typing numbers in the dialer. ❄ Customize your favorites and communication apps by preference ❄ Get help with updating relevant contact info – smart search for your friends in Skype, Facebook and more WHAT'S NEW: The new drupe call screen is here! Replace your old dialer with an advanced call screen! One swipe to reject a call, message, snooze & more. Supported from Android 6.0 and above. This app has no advertisements More Info: https://play.google.com/store/apps/details?id=mobi.drupe.app Download Instructions: PRO features unlocked https://uploadocean.com http://turbobit.net
  5. Nova Launcher Prime APK V5.5.3 Cracked [Unlocked] Nova Launcher Prime The highly customizable, performance driven, home screen replacement Accept no substitues! Nova Launcher is the original and most polished customizable launcher for modern Android Features Ok, Google – Use Google Search’s hotword right from the home screen, just say the words Ok, Google. Color Theme – Set the highlight accent color for the launcher Also individual Color controls for labels, folders, unread count badges, drawer tabs and background Icon Themes – Find thousands of icon themes for Nova Launcher on the Play Store Subgrid positioning – Much greater control than standard launchers, Nova Launcher allows you to snap icons or widgets half way through the desktop grid cells Customize App Drawer – Custom tabs, Vertical or Horizontal scrolling, Custom effects Infinite scroll – Never far from your favorite page, loop through the desktop or drawer continously Backup/Restore – Sophisticated backup/restore system allowing you to backup your desktop layout and launcher settings Scrollable Dock – Create multiple docks and scroll between them Widgets in dock – Place any widget in your dock, such as a 4×1 music player widget Import Layout – No need to rebuild your desktop from scratch, Nova Launcher can import from most popular launchers. Including the one that came with your phone. Fast – Nova Launcher is highly optimized to do it’s work quickly and quietly, keeping the animations smooth and letting you use your phone as fast as you can move your fingers. Unlock the following extras with Nova Launcher Prime Gestures – Swipe, pinch, double tap and more on the home screen to open your favorite apps Unread Counts – Never miss a message. Unread count badges for Hangouts, SMS, Gmail and more using the Tesla Unread plugin Custom Drawer Groups – Create new tabs or folders in the app drawer Hide Apps – Keep a clean app drawer by hiding never used apps Icon Swipes – Set custom actions for swiping on app shortcuts or folders More scroll effects – Such as Wipe, Accordion, and Throw What’s New?(5.5.3 + 5.0.8) Pixel Style Launcher Improved Transition Dynamic Icons that pulls badges from notification content Backport of Android 7.1 and many more! Option to disable dynamic icons Dots! Android O style notification badges Google Now Integration! Swipe Right Internal Changes Adaptive Icons like Oreo How to install it? Uninstall previous version of Nova Launcher apk & Tesla Unread Plugin Install all of the apks given in the archive. Launch Nova Launcher Enjoy! Download Nova_Launcher-Prime-5.5.3-Final.apk (link corrected)
  6. I am looking for a phone dialer app that allows me to control phone calls of my android phone via my laptop using Wi-Fi. I know apps that does the same using Bluetooth. But I want the app that does it over Wi-Fi.
  7. A photo of a person's eye taken at a medium distance is more than enough to trick a Samsung Galaxy S8 smartphone, according to researchers from the Chaos Computer Club (CCC). Samsung added the iris scanner authentication feature with the release of the Galaxy Note 7 model, launched last year, but the feature was hardly used as the company was forced to recall Galaxy Note 7 handsets due to faulty batteries that kept catching fire out of the blue. Arguably, it's with the company's latest line of flagship products where this feature will be really tested and used by most of its customers. Camera, printer, glue, and a contact lens Launched on March 29, the Galaxy S8 model is Samsung's most advanced product to date, featuring multiple biometrics authentication systems on top of the classic pattern and PIN locking systems. This includes a fingerprint scanner, a facial recognition system, and an iris scanner. According to research published today, it took a CCC researcher less than two months to breake the latter. Named Jan “Starbug” Krissler, this CCC researcher realized that by taking a photo of a phone owner's face, an attacker with physical access to the device would be able to unlock the phone just by printing the photo on paper and flashing it in front of the phone's front camera. But there's a trick to the attack. Modern iris scanners (and facial recognition systems) are programmed to use image depth in order to distinguish between (2D) photos and a human's real (3D) eye. Krissler bypassed this hurdle by gluing a contact lens on top of the image depicting the eye. This created a round surface on top of the iris photo, which was more than enough to trick the phone. Use a Samsung printer for best results (How ironic!) To get the best results, Krissler recommends that users take photos using a camera's night-shot mode, as it captures iris details better for individuals with darker eye colors. Ironically, Krissler also said he achieved the best results when he printed the iris photos using a Samsung laser printer. According to the researcher, "a good digital camera with 200mm-lens at a distance of up to five meters is sufficient to capture suitably good pictures to fool iris recognition systems." Samsung Pay wallet technology in danger The attack is worrisome on different levels. First off, Samsung announced the iris scanner feature would also be used to approve payments sent via Samsung Pay. The attack announced today not only endangers data stored on the phone but also funds stored in the user's Samsung Pay wallet. Second, many users that opt to use the iris scanners are inherently in danger because photos of someone's iris — or face for that matter — are incredibly easy to come by in today's age when everybody shares high-quality photos on a regular basis. For now, experts from the Chaos Computer Club recommend that users continue to use classic PIN-based authentication systems. Below is a video showing a step-by-step guide to how the iris scanner bypass works. Researcher has a history of hacking biometrics The researcher behind this attack has a long history of hacking biometrics systems. Krissler is the same person that two years ago had successfully bypassed the biometric security of Apple's Touch ID (fingerprint authentication) system. In the same year, the researcher also bypassed Panasonic's Authenticam BM-ET200 iris recognition technology, using nothing more than images he obtained off Google Image Search. In late 2014, Krissler achieved his biggest hack after he created a clone thumbprint of the German Defense Minister just by photographing her hand at a press conference. Earlier this year, Spanish phone expert MarcianoTech bypassed the Galaxy S8 facial recognition system two days after Samsung launched the phone. MarcianoTech bypassed the facial recognition scanner by using a photo of his face stored on another smartphone. If someone finds a way to bypass the Samsung Galaxy S8 fingerprint scanner in the following weeks, Samsung should just scrape its entire biometrics authentication systems and start from scratch for its next smartphone flagship series. Source
  8. Almost all recent OnePlus smartphones are vulnerable to attacks that can downgrade the phone's operating system and expose the device to previously patched security flaws. Mobile security expert Roee Hay of Aleph Research discovered the vulnerabilities and reported the problems to OnePlus in January, but the company failed to address any of the issues. According to Hay, the vulnerabilities affect OnePlus models such as X, 2, 3, and 3T, running both OxygenOS and HydrogenOS, which are custom versions of the Android OS running on OnePlus phones. Attack is possible because of OTA update process via HTTP Hay says that an attacker can launch an attack and hijack the phone's Over-The-Air (OTA) update process, which is susceptible to man-in-the-middle (MitM) attacks because it's handled via HTTP instead of HTTPS. The researcher says that even if OnePlus OTA update packages are signed to prevent the installation from unauthorized locations, they aren't verified based on version or timestamp. This slip-up allowed Hay to install an older version of the OxygenOS or HydrogenOS, downgrading the phone to a previous OS version that was susceptible to previously patched security flaws. The video below shows Hay performing the OS downgrade attack. In addition, Hay also discovered that an attacker could also install OxygenOS on devices designed to support HydrogenOS, the precursor of OxygenOS. In some cases, installing the superior OS on an older product would lead to crashes or a permanent denial of service. Last but not least, Hay also installed another version of the Android ROM boot-up package on different OnePlus devices. For example, the OnePlus X ROM on a OnePlus One device and vice versa, causing again, a denial of service state due to hardware incompatibilities. Physical access attack is also possible Besides these scenarios that rely on performing a MitM attack on the OTA update, the Aleph Research expert discovered that an attacker with physical access to the device could also reboot the phone into Recovery Mode and sideload the OTA package that way. Unlike the MitM attack that was universal, this second attack vector only worked on OnePlus 3 and 3T models, and where the Secure Start-up feature is disabled. This is the second time Hay has taken the hammer to OnePlus security. Back in March, the researcher published another piece of research that showed how an attacker could hijack OnePlus 3 and 3T models with a malicious charger. Videos of those previous vulnerabilities being exploited — which OnePlus developers patched — are available below. Source
  9. A JavaScript file secretly loaded without your knowledge on a site, or app you load on your mobile device, can access data from various sensors and collect information needed to guess the passwords or PIN a user is entering on his device. This novel attack technique was discovered and explored by a team of scientists from the University of Newcastle in the UK, who say the script can collect data from around 25 sensors, which together, allow an attacker to infer what the user types on his device. Not all sensors are restricted by OS permissions The attack is successful because mobile operating systems do not restrict applications, such as browsers, from accessing all these sensors. The current built-in permissions model asks users to grant an app access to sensors such as GPS, camera, or microphone, but not to data from the phone's accelerometer, gyroscope, proximity, NFC, and rotation sensors. Due to lowering costs, these sensors are now becoming a common feature in modern smartphones, but mobile operating systems are lagging behind. Attack relies on malicious JavaScript code The four-man research team wrote a JavaScript file called PINlogger.js which accesses these ungoverned sensors and logs sensor usage data. If the user allows the browser or a tainted app to run in the background of his phone, while using another app, the PINlogger.js script will continue to collect sensor data. If at any point the user enters PINs or passwords, PINlogger.js records the data and sends it to an attacker's server. The more sensors the phone is equipped with, the more data the attacker has at his disposal to deduce what the user has typed. "It’s a bit like doing a jigsaw – the more pieces you put together the easier it is to see the picture," says Dr. Siamak Shahandashti, a Senior Research Associate in the School of Computing Science and one of the researchers that worked on the study. Attackers can guess PINs with a high degree of accuracy Just by listening to motion and orientation sensor streams, which do not require special permissions to access, researchers said that an artificial neural network they've trained was able to crack four-digit numerical PINs on the first try with a 74% accuracy based on the data logged from 50 user devices. The accuracy grew to 86% and 94% when the neural network was allowed a second and third try, respectively. Further, the algorithm coould also be adapted to handle full alpha-numerical characters. According to researchers, the entire point of their research was to raise awareness to the vast number of smartphone sensors which applications can access, and for which mobile OS vendors haven't yet included in their standard permissions model. Some browser vendors have implemented fixes The research team has also filed bug reports with several browser vendors. Following the team's reports, starting with Firefox 46 (April 2016), Mozilla has restricted JavaScript access to motion and orientation sensors to only top-level documents and same-origin iframes. Similarly, starting with iOS 9.3 (March 2016), Apple implemented a similar restriction for Safari. The issue remains unresolved in Chrome. In the future, researchers would like to see mitigations solutions at the OS level, rather than applications. The full research paper was published today in the International Journal of Information Security, and is entitled "Stealing PINs via mobile sensors: actual risk versus user perception." At the top of this article there is a video of PINlogger.js collecting sensor data from an iOS device. Source
  10. Even before its official launch, smartphone experts are criticizing Samsung Galaxy S8 phones after one of their colleagues managed to bypass the facial recognition feature that ships with these phones by flashing a photo of himself in front of the phone. In terms of bypass techniques, facial recognition systems getting fooled by photos is as bad as it gets, right there with storing passwords in cleartext. The flaw was spotted by Spanish phone expert MarcianoTech, who was testing the device at its official launch, at the Unpacked event that took place yesterday in New York, USA. The phones expert was actually live on Periscope when he first tricked the S8 with a photo of himself, shown via another device. The YouTube video above shows just the S8 facial recognition bypass. Samsung launched the S8 with many new security features, such as an iris scanner and a fingerprint sensor. MarcianoTech didn't attempt to fool the iris scanner with a photo of his eye but expect such tests in the following days. Experts believe the same flaw affects the S8+ model. As said before, tricking a face recognition feature with a photo is a big no-no, as this is the first thing developers of biometrics software makers test. If a facial recognition feature can accurately distinguish between individuals, the next test is usually the one for image depth, as not be fooled by 2D images. Source
  11. A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams. Current versions of Crusaders are installed on victims' computers via software bundles. Users usually download a free application, whose installer also adds Crusader. The adware takes the form of a Chrome extension, Firefox add-on, and Internet Explorer Browser Helper Object. Because it's delivered as a browser extension, Crusader is in the privileged position of listening and modifying the user's entire Internet traffic. All the malicious actions Crusader takes are detailed in a configuration file the adware downloads after it infects each user, and at every boot-up. The config file is retrieved following an HTTP request at: http://demo1.geniesoftsystem.com/Crusader/index.php/api/getdetails?data={%22id%22:%221%22,%22keyword%22:%22antivirus%22,%22count%22:%225%22,%22country%22:%22[country]%22} Based on Bleeping Computer's tests, the only country this server returns a configuration file is for India. The content of the configuration file also makes us believe Crusader is still in development because many options contained the words "demo" and appeared to be placeholder settings. Below, we'll go over Crusader's config file, one block at a time. The above block shows that Crusader has the ability to change the browser's homepage and default search engine settings to the crook's provided URL. Currently, both values are google.co.in, the official URL of Google India. "data": { "userid": "1", "default_search_url": "https:\/\/www.google.co.in", "default_homepage": "https:\/\/www.google.co.in", "default_setting_status": "true", "popup_status": "true", "popunder_status": "", "textdisplayads_status": "true", "searchmarketing_status": "true", "urlredirection_status": "true", "broadredirection_status": "true", "banner_status": "true", "banner_replacement_status": "true", "popupOverlay_status": "true", "catfishbanner_status": "true", "object_browser_status": "true", "search_text": "antivirus", "splitwindow_status": "true", "youtube": [ ], Other settings reveal that Crusader was conceived with intentions to show popup ads, popunder ads, insert banner ads on top of other websites, replace existing page banners, and redirect users to specific URLs. Each of these features can be turned on or off, based on the latest configuration file crooks upload to their C&C server. The config snippet below directs Crusader to display a pop-up containing the configured site when a user searches for a particular keyword. In this example, if a user searches for "quickbook support" it will open a popup that displays www.preranatechnologies.net, why if you search for "free movies" it displays www.esolvz.net. "keywordlist": { "popup_compaign_name1": "Quickbook Campaign", "popup_includekeyword1": "quickbook support", "popup_url1": "www.preranatechnologies.net", "popup_exclude_url1": "", "popup_browser1": "Internet_Explorer,Chrome,Firefox", "popup_exclude_macadd1": "", "popup_frequency_date1": "02\/01\/2023", "popup_filter_ip1": "0", "popup_compaign_name2": "demo", "popup_includekeyword2": "free movies", "popup_url2": "www.esolvz.net", "popup_exclude_url2": "", "popup_browser2": "Internet_Explorer,Chrome,Firefox", "popup_exclude_macadd2": "", "popup_frequency_date2": "02\/20\/2018", "popup_filter_ip2": "0" }, More campaigns could be added in this block, to show more popups, advertising other sites, all depending on the list of preconfigured keywords. The below config snippet directs Crusader to open a new unfocused window (popunder ad) for amazingdeals.online/daily_deals/, every type the user navigates to amazon.co.uk. "popunderlist": { "popunder_include_url1": "amazon.co.uk", "popunder_url1": "http:\/\/amazingdeals.online\/daily_deals\/", "popunder_exclude_url1": "", "popunder_compaign_name1": "demo", "popunder_browser1": "Internet_Explorer,Chrome,Firefox" }, The next block is currently empty, but we presume it's a feature to insert or replace ads in Google or Bing search results themselves or to convert text on a page into clickable advertisements. "TextDisplayaddslist": [ ], Now, this is the most interesting block, because the settings above tell the adware to snoop on search queries and replace the contact number for various security products. "searchMarketinglist": { "antivirus_keyword1": "dell support number", "antivirus_contact1": "8622009987", "antivirus_exclude_macadd1": "", "antivirus_browser1": "Internet_Explorer,Chrome,Firefox", "antivirus_filter_ip1": "0", "antivirus_keyword2": "norton support number", "antivirus_contact2": "9143109610", "antivirus_exclude_macadd2": "", "antivirus_browser2": "Internet_Explorer,Chrome,Firefox", "antivirus_filter_ip2": "0" }, Currently, the adware will replace the phone number returned in search results for Dell and Norton whenever the user searches for "dell support number" or "norton support number." We presume more options could be added to target other antivirus vendors. This is both a self-defense mechanism and a marketing tool. If users detect something wrong with their browser and looks up the support number in Google, intsead of the legitimate number being displayed, Crusader will rewrite the text and display a different number. When a user calls this number they will be redirected to a tech support call center, where an operator disguising themselves as representative for those two companies might sell him services or products he doesn't need. This code block tells the Crusader adware to redirect all search queries for "hotel goa" to Hilton.com. In the future, expect links with affiliate IDs in this section, as the crook could earn a nice profit by driving traffic to certain websites. "redirectionlist": { "urlredirection_compaign_name1": "demo", "urlredirection_current_url1": "hotel goa", "urlredirection_target_url1": "www.hilton.com", "urlredirection_frequency_time1": "150 views", "urlredirection_exclude_macadd1": "", "urlredirection_frequency_date1": "2\/20\/2018", "urlredirection_filter_ip1": "0" }, Currently empty, we presume this is another URL redirection system that also hijacks search results. The term "broad," might imply this is a more generic en-masse URL redirection mechanism. "broadredirectionlist": [ ], This block tells Crusader to replace banner ads with the crook's own. Currently, this block loads a generic banner that links to Facebook. "bannerreplacement_list": { "replace_compaign_name1": "demo", "replace_url1": "https:\/\/www.facebook.com\/", "banner_name1": "BR00036", "sponsor_type1": "facebook", "replace_banner1": "http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/banners\/aerojetobj_1487159946_1487911841.jpg", "exclude_macadd1": "", "banner_replacement_frequency_date1": "2\/20\/2018", "banner_replacement_filter_ip1": "0" }, We haven't seen this feature in action, but we presume it's another keyword search hijacking feature. "splitwindow_list": { "Advertisement_compaign_name1": "demo", "Advertisement_URL1": "http:\/\/preranatechnologies.net\/", "Your_Keyword1": "vicidial", "Search_Engine1": "Google,Yahoo,Bing", "split_window_frequency_date1": "2\/20\/18", "split_window_filter_ip1": "0" }, The code below is used to show popup ads when users visit a certain website, in this case, wow.com. The banners show a fake antivirus alert and are obvious lures for tricking users in calling tech support scammers. "popupoverlaylist": { "overlay_compaign_name1": "demo", "overlay_include_url1": "http:\/\/www.wow.com\/", "banner_name1": "P0002", "overlay_banner1": "http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/banners\/file-system-warning (US1)_1487948400.gif", "overlay_frequency_date1": "2\/20\/2018", "overlay_compaign_name2": "demo", "overlay_include_url2": "www.cyboscan.com", "banner_name2": "P0004", "overlay_banner2": "http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/banners\/file-system-warning-(US2)_1487955020.gif", "overlay_frequency_date2": "2\/20\/2018", "overlay_compaign_name3": "demo", "overlay_include_url3": "www.facebook.com", "banner_name3": "P0005", "overlay_banner3": "http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/banners\/file-system-warning-(AU)_1489010023.gif", "overlay_frequency_date3": "2\/20\/2018" }, You can see an example of an injected ad below. These last two blocks in the configuration file are for injecting floating banners on top of other sites, at the bottom of the browser window. "catfishbannerlist": { "cat_compaign_name1": "demo", "cat_url1": "www.bing.com", "banner_name1": "C0002", "cat_frequency_time1": "150 views", "cat_banner1": "< body >< center >< a href=\"http:\/\/www.yahoo.com\" target=\"blank\">< img src=\"http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/download3.jpg\" border=\"0\" height=\"89\" width=\"727\"\/>< \/a>< \/center>", "catfish_frequency_date1": "2\/20\/2018", "cat_filter_ip1": "0" }, "bannerinjection": { "banner_compaign_name1": "demo", "banner_url1": "www.ask.com", "banner_header1": "< body>< center>< a href=\"\" target=\"blank\">< img src=\"http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/82e85b2a94b3d4371b42189b9d69eb05.jpg\" border=\"0\" height=\"89\" width=\"727\"\/>< \/a>< \/center>", "banner_footer1": "< body>< center>< a href=\"\" target=\"blank\">< img src=\"http:\/\/demo1.geniesoftsystem.com\/Crusader\/uploads\/ithaca-nightlife-night-life-astro-image-1001.jpg\" border=\"0\" height=\"89\" width=\"727\"\/>< \/a>< \/center>", "banner_name1": "B0002", "banner_excludemacadd1": "", "banner_frequency_date1": "2\/20\/2018", "banner_filter_ip1": "0" } The config file currently shows these banners on top of the Ask.com and Bing homepages, but they could be overlaid, in theory, on top of any website. At this point Crusader appears to be in a testing mode, but if it is currently live or becomes live, you can use this guide to remove Crusader from your system. Article source
  12. If you’ve ever noticed that your phone’s battery goes from 60% to 50% in a matter of minutes, only to remain on 50% for what seems like ages, it probably means the battery needs to be calibrated. Why Your Phone’s Battery Percentage Becomes Inaccurate This is a problem that occurs in most battery-powered electronics these days, so this process should work on iPhone, Android, and even tablets or laptops (almost all of which use lithium ion batteries). While it’s really not that big of a problem, it can be a bit annoying when your phone says you have 25% battery left, only to look again and see that it’s nearly dying. The reason for this is simple. Batteries naturally degrade over time, and their capacity slowly decreases. But your phone isn’t always great at measuring that—if your battery has degraded to 95% of its original capacity, your phone might still report that as 95% full, instead of 100% full (the “new normal”). Calibrating your battery can fix this. How to Calibrate Your Phone’s Battery Luckily, calibrating your smartphone’s battery is an easy task—it just takes a bit of time and patience. First, let your phone drain completely to the point where it shuts itself off. You can confirm that the battery is completely dead by trying to turn it on—you’ll usually be greeted with a dead battery icon before the phone shuts off again after a few seconds. Next, without turning it back on, plug your phone into the charger and let it charge up to 100%, leaving the phone off the entire time it’s charging. Some people suggest leaving it on the charger for an extra hour or so, just to make sure the battery gets all the juice it can, but that’s completely up to you and not extremely necessary. After that, turn your phone on and wait for it to boot up. Once it gets to the home screen, confirm that the battery meter shows 100%, then unplug it from the charger. Once unplugged, the battery is now calibrated and you can begin to use your phone again like normal. How Often Should You Calibrate Your Battery? There’s really no official rule on how often you should calibrate your phone’s battery. And technically, you don’t really need to do it at all if you don’t care how accurate the percentage is, especially if you’re vigilant about keeping the battery charged up anyway. If you want the most accurate battery stats, you’ll probably want to calibrate the battery every two to three months. Again, you can go longer if you want (I only do it every six months or so), just know that your battery percentage may be a little off. Battery Calibration Doesn’t Make the Battery Last Longer You may see other articles discussing how calibrating your battery can prolong its lifespan, or improve battery life. But long story short: it doesn’t. In fact, the best way to keep your battery healthy is to perform shallow discharges, not run it down to zero regularly—which is why you should probably only calibrate it every few months or so. However, according to Battery University, there’s no apparent harm to calibrating your phone’s battery, and it’s recommended that you do so from time to time. Article source
  13. The man who developed a bot that frustrates and annoys robocallers is planning to take on the infamous Windows support scam callers head-on. Roger Anderson last year debuted his Jolly Roger bot, a system that intercepts robocalls and puts the caller into a never-ending loop of pre-recorded phrases designed to waste their time. Anderson built the system as a way to protect his own landlines from annoying telemarketers and it worked so well that he later expanded it into a service for both consumers and businesses. Users can send telemarketing calls to the Jolly Roger bot and listen in while it chats inanely with the caller. Now, Anderson is targeting the huge business that is the Windows fake support scam. This one takes a variety of forms, often with a pre-recorded message informing the victim that technicians have detected that his computer has a virus and that he will be connected to a Windows support specialist to help fix it. The callers have no affiliation with Microsoft and no way of detecting any malware on a target’s machine. It’s just a scare tactic to intimidate victims into paying a fee to remove the nonexistent malware, and sometimes the scammers get victims to install other unwanted apps on their PCs, as well. “I’m calling it a ‘Broadside’ campaign against Windows Support and the fake IRS.” Anderson plans to turn the tables on these scammers and unleash his bots on their call centers. “I’m getting ready for a major initiative to shut down Windows Support. It’s like wack-a-mole, but I’m getting close to going nuclear on them. As fast as you can report fake ‘you have a virus call this number now’ messages to me, I will be able to hit them with thousands of calls from bots,” Anderson said in a post Tuesday. “It’s like when the pirate ship turns ‘broadside’ on an enemy in order to attack with all cannons simultaneously. I’m calling it a ‘Broadside’ campaign against Windows Support and the fake IRS.” The Windows support scam is an old one, much like the fake IRS phone scams that have been victimizing consumers for several years. They typically involve large call centers and multiple layers of workers making the calls, transferring victims, and setting up new schemes. Anderson has posted several example recordings of the Windows scammers hitting his Jolly Roger bot and becoming increasingly agitated. Anderson said he’s still working out the details of how the operation will work and is hesitant to reveal too much about it. He said he did a test run recently and called a specific scammer’s number several hundred times via 20 separate lines and the scammers turned off the target number quickly. “I do not want to expose too much about what I’m doing because obviously it can be used for mischief or malice. This is likely why Microsoft or Apple don’t do anything about this. It will take a pirate,” Anderson said via email. Article source
  14. straycat19

    Apowersoft Phone Manager Pro Free

    A couple years ago there was a promo giveaway. This one is different. By giving them a five star rating on Google Play and sending them a screenshot, they will get you a Pro license free. Just go to the following page and look for the following. It is easy to find. How to get free registration code? 1.Go to Google Play to rate Apowersoft Phone Manager 5 stars. 2.Take a screenshot of your 5 star review and send it to us via Online Form, we will send you free registration code soon. https://www.apowersoft.com/store/phone-manager.html
  15. This is new giveaway & expire in 16 hours from now. https://www.apowersoft.com/phone-manager Just share & get your key from below link https://www.apowersoft.com/promotion NO NEED TO GIVE 5 STAR RATING & SEND SCREEN SHOT
  16. Hacker Steals 900 GB of Cellebrite Data This is part of an ongoing Motherboard series on the proliferation of phone cracking technology, the people behind it, and who is buying it. Follow along here. The hackers have been hacked. Motherboard has obtained 900 GB of data related to Cellebrite, one of the most popular companies in the mobile phone hacking industry. The cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products. The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies. Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone. Cellebrite is popular with US federal and state law enforcement, and, according to the hacked data, possibly also with authoritarian regimes such as Russia, the United Arab Emirates, and Turkey. The data appears to have been taken, at least in part, from servers related to Cellebrite's website. The cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company's my.cellebrite domain. This section of the site is used by customers to, among other things, access new software versions. Motherboard verified the email addresses in the cache by attempting to create accounts on Cellebrite's customer login portal. In the majority of cases, this was not possible because the email address was already in use. A customer included in the data confirmed some of their details. The dump also contains what appears to be evidence files from seized mobile phones, and logs from Cellebrite devices. According to the hacker, and judging by timestamps on some of the files, some of the data may have been pulled from Cellebrite servers last year. “Cellebrite recently experienced unauthorized access to an external web server,” the company said in a statement on Thursday after Motherboard informed it of the breach. “The company is conducting an investigation to determine the extent of the breach. The impacted server included a legacy database backup of my.Cellebrite, the company’s end user license management system. The company had previously migrated to a new user accounts system. Presently, it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system,” the statement continues. Cellebrite advised customers to change their passwords as a precaution, and added that it is working with relevant authorities to assist in their investigation. Access to Cellebrite's systems has been traded among a select few in IRC chat rooms, according to the hacker. “To be honest, had it not been for the recent stance taken by Western governments no one would have known but us,” the hacker told Motherboard. The hacker expressed disdain for recent changes in surveillance legislation. In 2014 a hacker calling themselves “PhineasFisher” publicly released 40GB of data from surveillance company Gamma International. Gamma makes intrusion software that can remotely switch on a target's webcam, siphon off their emails, and much more. The following year, PhineasFisher targeted Italian company Hacking Team, and published a trove of emails and other internal documents from the company. Although the terms of this Cellebrite breach are somewhat different—the hacker has not dumped the files online for anyone to download—similarities seem to remain, especially in the hacker's vigilante motivation. The hacker, however, remained vague as to the true extent of what they had done to Cellebrite's systems. “I can't say too much about what has been done,” the hacker told Motherboard. “It's one thing to slap them, it's a very different thing to take pictures of [their] balls hanging out.” Source
  17. I recently got a Huawei Y6 Pro phone (Android 5.1.1) and decided to root it but I couldn't root it. tried more than 10 rooting programs on Computer (Kingo Root, iroot, Vroot, one-click root, wondershare mobile manager, Root genius, framaroot etc etc.) using APK on phone (Kingo root, Vroot, iroot etc etc.) ALL of them failed to root this phone! TWRP doesn't support it as well, the device not listed on their support page. there is also no custom rom for it but that's not the case here since i just wanna root it not replace the rom. most of the error messages i got are: this device not supported, this device is not vulnerable to the exploits in this app etc. any thoughts?
  18. 50 Phone Wallpapers (all 1440x2560, no watermarks) DOWNLOAD : https://imgur.com/gallery/C3pQs
  19. In a major decision back in 2014, the Supreme Court finally ruled that police need a warrant to search someone’s cellphone when making an arrest. That case, Riley v. California, was a major privacy victory. Now, it's being interpreted by a federal court in Illinois to mean that even opening a phone to look at the screen qualifies as a “search” and requires a warrant. The Illinois case involves a sting operation that ensnared Demontae Bell, an alleged drug dealer accused of illegal possession of an AK-47 assault rifle. An officer testified that while interrogating Bell he pulled out a confiscated flip phone and opened it, revealing a picture of the rifle, which Bell had set as his home screen's wallpaper. That was then used as grounds for a warrant to search Bell's phone for metadata about when and where the photo was taken. The officer claimed he opened the phone in order to turn it off. But on Wednesday, the judge ruled police have no right to open a suspect's phone and look at the screen without first getting a warrant, even if it's just to turn it off, since the Riley case clearly established doing so is a “search” under the Fourth Amendment. “Officer Sinks' opening of Bell's cell phone exceeded a 'cursory inspection' because he exposed to view concealed portions of the object—i.e., the screen,” wrote Judge James E. Shahid. “Because Officer Sinks had to manipulate the phone to view the picture on the screen, that picture was by definition not in 'plain view'.” That suggests that even if your device isn't locked with a passcode, a cop wouldn't be allowed to turn on the screen and look for incriminating notifications or messages without a search warrant. The Supreme Court did say there are “exigent circumstances” for allowing warrantless searches, however, including imminent threats to officer safety (checking if there's a razor blade concealed in the phone's case, for example) and preventing destruction of evidence (preventing the phone from receiving a remote wiping command). “Yet neither the government's response, nor the warrant affidavit, asserted that the officer in this case opened Bell's cell phone out of concern for officer safety or preservation of evidence,” Judge Shahid wrote. Thus, “The search of Bell's cell phone violated the Fourth Amendment prohibition against unreasonable searches and seizures.” Nevertheless, the judge denied Bell's motion to suppress evidence from the illegal search, reasoning that based on other testimony given about Bell's illegal rifle, “the photo would have ultimately been discovered.” source
  20. Microsoft Lumia DENIM​ Update Last night I decided to do an update to my Lumia 630, to my surprise the long awaited DENIM Update was finally here in preparation for the Windows 10 Upgrade... Many details are covered at the link mentioned above but one which I am quite happy about is the fact that now on Windows Phones.. We have the ability to create a personal WiFi Hotspot. This interests me a great deal as I will no longer have to buy another SIM Card and pay a data plan for my tablet.. Owning the phone for the first few months made me quite jealous and perturbed at the fact that iPhone users had this capability right on the phone natively and yet Microsoft did not. Many attempts at ​connecting virtual Wifi Routers.. Proxy connections and fake apps which did not do as advertised later I gave up with no hope.. Now I am a happy Wind​ows Phone owner.
  21. Anonymous is testing Airchat, a free communications tool for the world that uses only radio waves Lulz Labs Online hacktivist collective Anonymous has announced that it is working on a new tool called Airchat which could allow people to communicate without the need for a phone or an internet connection - using radio waves instead. Anonymous, the amorphous group best known for attacking high profile targets like Sony and the CIA in recent years, said on the Lulz Labs project's Github page: "Airchat is a free communication tool [that] doesn't need internet infrastructure [or] a cell phone network. Instead it relies on any available radio link or device capable of transmitting audio." The idea is that people all over the world, including those in rural areas and developing countries, will one day be able to communicate for free without the need for a mobile phone network, phone line or internet access. While the project is workable at the moment, it is simply a proof of concept at this stage and Anonymous has revealed Airchat in the hope to get more people involved in developing the technology as well as raising funds. Interactive chess Despite the Airchat system being highly involved and too complex for most people in its current form, Anonymous says it has so far used it to play interactive chess games with people at 180 miles away; share pictures and even established encrypted low bandwidth digital voice chats. In order to get Airchat to work, you will need to have a handheld radio transceiver, a laptop running either Windows, Mac OS X or Linux, and be able to install and run several pieces of complex software. Anonymous says that a cheap radio transmitter costs as little as $40 (£23.80) meaning the system should be affordable to most people or communities. However because the system isn't working with a specific make or model of transmitter, connecting them to your laptop is a little tricky as there is no standard connector on these devices. Decode "Almost every single home in this world has a common AM and/or FM radio. In cases where not everyone is able to get [a] cheap radio transceiver, [they can] at least be able to decode packets being transmitted via a pirate FM station" Anonymous said. Video The video above shows the Airchat tool in use, evening managing to pull up Twitter search results for the keyword "Ukraine". While it is clearly not as fast and graphically rich as a standard internet browser, for someone looking to get crucial information fast, it could prove a vital tool. Anonymous says that Airchat has numerous use cases other than preventing government agencies like the NSA from spying on citizens, ranging from people living in countries where the internet has been shut down or censored, such as Twitter being banned in Turkey or the telecommunications network being shut down in Crimea by Russian forces. NGOs and medical teams working in Africa or disaster zones who need to coordinate aid efforts or explorers at expedition basecamps who want to communicate from rural areas or with rescue teams would also find the solution useful. Connecting the world This is not the first time that Anonymous has tried to create free communications to connect the world. Since the Arab Springs began in 2010, Anonymous has opened up communication channels in countries when they have been closed, creating internet access points and producing "care packages" that include information about everything from first aid to how to access dial-up internet, for example, in Syria in 2012. The hacktivist collective has also worked together with the dissident group Telecomix to help activists access banned websites in Bahrain, Egypt, Libya, Jordan, and Zimbabwe. Source
  22. Seed Phone offers a unique way to converge multiple devices using a single smartphone A computer engineering student from the University of Cape Town has come up with a unique way to transform a smartphone into anything from a laptop to a games console. In an effort to eliminate the disjointed experience of using multiple devices across different platforms, Nick Rout developed Seed - a range of laptop, tablet, TV and console hub prototypes capable of converging around a single smartphone. "While our devices are individually really capable, using them together is quite disjointed," Rout tells IBTimes UK. "These devices all have different operating systems. An app might work on one and not another, your files are often scattered across them in an unorganised fashion and settings/preferences differ from device to device." A multi-faceted approach Having previously relied upon an ad hoc solution of cloud services and portable storage, Rout decided to transform his current smartphone - a Google Nexus 4 - into a range of devices that he designed. A 3D render of the Seed concept. A 3D Prited prototype of the Seed Phone. The Seed Phone magnetically docked into the Tablet. The Seed Phone docked into the laptop prototype. The Seed Phone docked in the TV/ games console hub. Inserting the cylindrical magnets into the Nexus 4 case. In developing prototypes that locally synchronised all of a user's data into one multipurpose device, Rout also sought to overcome a number of other tech-related problems that modern devices encounter. The ones he identified with the most included poor battery performance, the high cost of owning a whole set of devices and the ever-growing concern of data security. For it to work, Rout needs an operating system that can handle convergent user-interface switching. Fortunately, the Ubuntu OS will be offering this exact functionality in the very near future. "This multi-faceted approach aims to unify the disparate user experience one encounters when hopping from mobile to desktop to tablet and back again," writes Joey-Elijah Sneddon, editor of OMGUbuntu. The success of Seed will therefore likely depend heavily on the success of this new operating system, unless a significant contender - like Apple or Microsoft - moves into the space. Growing the idea The cost of development has so far come straight out of the student's own pocket but Rout is currently in talks with a number of potential investors. A crowd-funding campaign is also expected in the near future. "My hope is that it would reach consumers within six months to a year of development," Rout says. While products like the Motorola Atrix and the Asus Padfone have previously experimented with portions of what Seed would offer, none has yet achieved widespread commercial success. Could Seed be any different? Rout seems to think so. "The devices only offered convergence between two form factors and the docks they created were too expensive. Seed aims to change all of this." Source
  23. I've been thinking, with all the revelations coming out about the NSA spying on all of us, maybe we've been going about reacting the wrong way. I mean, we all seem to fall somewhere on the spectrum of being upset about this, from the more mildly uncomfortable but resigning folks that are okay with the spying to those more militant about privacy. What if we're all just pissed that we aren't the ones getting to do all this sweet, sweet surveillance on everyone we know. Well, that's all changed, thanks to the makers of the mSpy software, which allows you to gift smart phones preinstalled with their software to those you care about most and then play NSA on them to your heart's content. Starting today, the company is also selling phones preloaded with the software, making it simple for users without any tech savvy to start surveillance right out of the box. The phone package is available with the HTC One, Nexus 5, Samsung Galaxy S4 and iPhone 5s, at varying cost; for example, the Samsung Galaxy S4 costs $300; the subscription for the preloaded software costs another $199 for a year. [From the moment the software is installed], the phone records everything that happens on the device and sends the details to a remote website. Every call is recorded, every keystroke logged, every email seen, every SMS chat or photograph monitored. Count me as someone who is suddenly even more glad than ever that I'm out of the dating world. On the other hand, I suppose it'll be weird for any of us married folks to get smart phones as gifts from now on as well. Oh well, down the surveillance hatch, I say! The NSA spies on us, we spy on each other, and the important thing to remember is that the makers of this software, which advertises to buyers that their targets "won't find out", are the most innocent of innocents here. The phone's proclaimed target markets are employers and parents who have the legal authority to watch what their children do on their smart phones. Company founder Andrei Shimanovich knows others may use his products in illegal ways, but says it is not his responsibility. "It is the same question with the gun producer," says Shimanovich, a Belarus native who recently moved to New York. "If you go out and buy a gun and go shoot someone, no one will go after the gun producer. People who shoot someone will be responsible for this. Same thing for mSpy. We just provide the services which can solve certain tasks regarding parents and teenagers." And creepy bastards, estranged lovers, stalkers, or anyone else who might be able to surreptitiously sneak this software onto the phones of whomever they're targeting. While it's completely true that we ought not blame the tool-maker for the way the tool is used, that doesn't discount the level of creepy in this software. Gone, apparently, are the days when parents raised their children to be responsible and then loosed them on the world to make a few mistakes and grow up better because of it. Gone are the days when employers made it a point to hire staff that they trusted. The NSA has paved the way for a whole new level of Orwellian acceptance, where the only difference between government surveillance and that we do ourselves is that our personal spying might actually be effective, since it will be more targeted. Prepare yourselves, people, for when the news media first gets hold of some stalker who commits a violent act and is found to have employed this software, because the backlash against it is going to be insane Source
  24. Here’s an elaborate scam I’ve seen reported a few times in the UK in the past few months. (Some of these wrinkles would actually work in the US, but Chip and PIN is much less used there, which may account for the lack of exactly corresponding reports there.) I was actually holding back on blogging about it as I’ve been unable to confirm some of the details, but some fraud along these lines certainly seems to be taking place. (There are other scams and malware delivery messages that could be described as courier scams – for instance, those where a malicious attachment is passed off as information about a delivery that a courier is unable to deliver – but that’s a whole difference kettle of phish/vish.) The essence of the scam as it has been reported is this: the scammer calls you posing as the anti-fraud department of your bank (or as a police officer) and tells you that suspicious activity has been detected on your bank card. It’s not that unusual for your bank to ring out of the blue to ask you to verify a transaction, but what (reportedly) happens next is quite different. It's not me, It's you If your bank (or anyone else ‘official’) does ring you unexpectedly, you should bear in mind that it’s more important for you to be able to verify their identity than vice versa. After all, they have your telephone number. The reports say that sometimes the scammer pre-empts that thought by suggesting that you ring the number on the back of your bank card to confirm, but that they don’t put the phone down at their end, so that you’re still connected to the number that they called from. (This allows time for transferring legitimate calls between extensions, for instance.) I guess that the victims don’t insist that the caller puts the phone down, wait for the dial tone, realize that they’re not actually able to call out, or worry about not getting a ringing tone before they hear someone speaking on the ‘new’ number. On the other hand, I can think of at least one technically unsophisticated way round that, so if you’re feeling really paranoid, you could ring a completely unconnected number and see if you get a response from ‘your bank’ or ‘PC 49’ rather than the real holder of that number. In fact, the line shouldn’t remain open indefinitely if only one party hangs up, and in any case the scammer will not to want to tie his phone up longer than he needs to: things to do, other people to scam… It might, however, take several minutes for the line to clear automatically, though I’ve seen estimates for how long it takes ranging from five to 12 minutes. If you’re checking a number someone’s given you like this, it’s worth using a different line (if available) or a mobile phone. According to a NatWest description of this scam, the scammer may give you a different number. Of course, if someone just says ‘ring the following number’ they could be directing you absolutely anywhere. If they suggest ringing a verifiable number, however, clearly they could be using the same technique for keeping the line open. In this instance of a different scam, all the scammer needs to do is stay on the line to convince the victim that his phone has been temporarily disconnected. PINs and needles The scammer may ask you for full details of your account and ask you to enter your PIN. First of all, the bank doesn’t need full details in order to verify who you are. Any bank worth your custom may well ask for something like the 2nd, 4th and last letters of your ‘special word’, and slightly dubious old favourites like your mother’s maiden name, and even the last four digits of your card number, and all that has some potential value to a scammer, if combined with information gleaned in other ways. But your bank already knows your account details, and doesn’t need info like the card security code (the magic three digits on the back of the card) in this context. The only reason anyone would ask you for all that information is for fraudulent purposes. We’ll get back to that in a minute. As for keying in your PIN, there is no legitimate reason why your bank should ask for it. They already have access to that information, and they certainly don’t need it to cancel the card or to activate the new one: the point is that if you do key it in, the scammer can see what it is on his own phone display. (If they were sure your card had been used illegitimately, they’d almost certainly have cancelled or blocked it before they even talked to you.) Your account number tells them which bank you’re with, even if you haven’t told them already. Did they tell you which bank they were at the beginning of the call, or did you assume that they were genuine and let slip the information as the call proceeded? Unfortunately, there are quite a few other ways in which they might have already known which company you bank with or whether you have an XYZ credit card. However it’s more common for scam calls to be made more or less randomly, with the scammer relying on getting the information he needs from you and the telephone directory. Sending the lads round The next stage, according to the alerts I’ve seen, is that the scammer tells you he will come round or send a courier to collect your ‘compromised’ card. This is a dead giveaway: it would be a very expensive way for a bank to deal with a compromise: they could simply cancel your card without needing any information from you. They might, of course, want you to return it by post. If they send you a new card, they might want you to verify it by phone. The chances of their coming round personally or sending a courier to take the old card and give you a new one are tiny. That’s a very expensive way of doing business, and frankly, I suspect that most banks don’t care about most of their customers enough to give you such instant service. Actually, I’m surprised that it’s economical for scammers to pay for a courier, but apparently it is. I suppose if he gets to that point, he’s reasonably sure he’s going to get the card. It seems to be carried out exclusively by people who are geographically (fairly) close to the victim: this probably works well for the scammer, since many people are nowadays less likely to believe everything they’re told by someone with a ‘foreign’ accent, due to the prevalence of West African and Indian telephone (and other) scams. All cut up about it A variation I’ve seen reported here is that the scammer advises you to cut up the card before you hand it over, but subsequently tapes it back together to use in an ATM. I’m not sure how reliably a sellotaped bank card works in an ATM, (certainly if it’s been cut into several pieces, as it should be if you want to render it unusable) but it could certainly be used to get or confirm information about the card that hadn’t already been captured over the phone and use that information to clone the card or use it over the internet or some other form “Card Not Present” (CNP) fraud. So here’s a possible reason why they might want all that information about your account even though they’ll get most of it anyway once you hand over the card: it’s really not difficult to take a bank card blank and add all the information that they have given you so that it looks like a genuine replacement card. Of course, it won’t actually work. Even if the scammer is able to clone your card accurately from the information you give him, he certainly doesn’t want you to have access to the account he’s about to plunder. Variations on a rip-off An alert from the Metropolitan Police (London’s ‘Met’) reports some variations: The scammer wants you to withdraw lots of money from your bank and take it home as part of a ‘police investigation’, perhaps into a corrupt employee. At some point they will want to take the money off you so as to put it back into the banking system. Which may well be the case, but it will be the scammer’s account that it goes into, not yours, and they certainly won’t have marked the bank notes. Helping a police investigation is the last thing they’re thinking about.Another variation is to ask you to purchase ‘an expensive watch or other expensive items’ and hand that/those over. I’m not sure how that works, but no doubt there is some convincing reason presented by the scammer.Points to remember Banks don’t usually do home visits.A compromised bank card can simply be cancelled: the bank probably doesn’t need it at all, and certainly won’t treat collecting it as a matter of urgency.Your bank doesn’t need all your account data to authenticate your identity, and won’t ask for your PIN. Banks use different authentication criteria for internet banking, telephone banking, ATM access and counter transactions.The police don’t offer a card replacement service, and they aren’t likely to ask you to help with an undercover operation. They won’t ask for your PIN either.Legitimate, honest couriers and taxi services can be used for dishonest purposes.When you put your phone down, it doesn’t mean the line is immediately cleared. This may be changed at some point because of the ways in which this feature can be misused, but the system does have legitimate advantages: for instance, if the phone is put down on 999 call, it allows the operator to trace the call (for instance, where the caller has disconnected under duress). I can’t say if the same is true with 911 calls.The scam has been referred to by some resources as a vishing scam, which is fair enough. However, it’s only one type of vishing (Voice over IP or VoIP phishing), not an alternative term. Sometimes a phishing message will include a number to call rather than a web link, and of course that’s no more to be trusted than an unsolicited URL. My thanks to Martin Overton, Richard Clayton and the Anti-Phishing Working Group for help in researching this issue. Source
×