Jump to content

Search the Community

Showing results for tags 'scams'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 5 results

  1. Scam emails have come a long way from requests for money from far-flung lonely hearts, or investment opportunities from dubious overseas princes. These days, email scammers are cannier than ever at imitating legitimate brands to trick victims. With 26 percent of U.S. adults saying they are “almost constantly” online, according to Pew Research, this is now the most likely place for identity theft to occur. Often, ID fraud can begin with the wrong click on a scam email. How can you best prep to avoid online scams? By studying the most recent ones, and learning just why they’re so effective. Here’s an overview of the latest email scams that just might fool even the most experienced web surfer, along with simple things you can do to avoid and report them. Amazon cancellation scam Amazon is the retail giant’s retail giant, and most of us are used to seeing an Amazon invoice in our inboxes. As a result, it’s a prime target for scammers hoping to convince their victims that they’ve bought or cancelled an order that never existed. If you find an email claiming to be from Amazon, but citing an order you never placed, it’s not from Amazon. You can copy-and-paste the email into a new email (or just forward it) addressed to [email protected] in order to alert the company. If you have already clicked a link or logged into your Amazon account through a suspicious email, don’t give up hope. There are simple steps you can take to remedy the damage. Amazon recommends changing your password immediately, then contacting your credit card company. See Amazon’s advice on taking action on scam Amazon emails PayPal order confirmation scam One of the best ways to reel in victims is through phishing — the security term for a scam that attempts to lure a user into freely providing their login information. And there’s no motivator like money, and the worry of losing it. So, the online payment service Paypal is a common front for a phishing attempt. The latest big wave began in December 2017, featuring email headlines claiming that Paypal “couldn’t verify your recent transactions” or that “Your payments processed cannot completed.” Click through, MalwareBytes reported at the time, and you’ll find a fake Paypal landing page. It emulated the look-and-feel of PayPal’s site, then asked unwitting victims to supply their home address and credit card information — all under the guise of a resolving a made-up payment. If you come across one of these emails, forward it to “[email protected],” keeping the email headline the same. And if you’re in doubt, don’t click the email: log into your Paypal account through a secure link to check for any changes in your account balance. You can also contact PayPal directly at 1-888-221-1161 in order to report a phishing attempt. Facebook activity scam Everyone and their grandmother is on Facebook. Sadly, grandmothers might be particularly vulnerable to this scam email. The email copies the same formatting and colors that we’ve all learned to associate with Facebook, spurring users to click through. Once they do, they may be met with a shady website a shady website attempting to sell them items — and likely download a little malware on the side. The domain of the site can be a simple giveaway. Hover your cursor over the links in the email for a preview of the real destination. Anything that’s not the official Facebook.com is a scam, every time. If you get these emails, don’t click on any links. It’s safer to simply delete the emails. Log into your Facebook account manually at Facebook.com in order to check for any real notifications. If you’ve already clicked the link, run a virus scan. If you’re worried your Facebook account has been compromised, visit Facebook’s help service. Stripe payment dispute scam This is a particularly nasty scam, because it masquerades as a disputed payment. An email claiming to be a dispute might make the small business owner frantically type in their login details — allowing the scammer to scoop up their details. The scam exploits a victim’s fear over what will happen if they don’t enter their information. The example here, from comics publisher C. Spike Trotman, uses a linked .jpg instead of actual text and a button. This directs you to a non-Stripe site asking for your information. If you hover over a link you can read the destination URL itself. Check it for misspellings, and don’t trust anything that’s not the Stripe.com domain. The service also recommends you enable two-step verification to keep your account more secure. If you have a suspicious email, forward it to the Stripe team at the Stripe contact page. Google messages scam This Google scam email sums up the typical approach. Massive corporation with widespread adaptation? Check. An authoritative claim that users “must” read their “Support Service” messages? Check. There’s even a link that users can click if they feel they’ve received the message in error — which is itself a scam link. Over the past few months — following a big Google Docs phishing attack in May 2017 — Google has been tightening security on its third-party applications in an attempt to addressing its phishing problem. But, as the example above shows, it hasn’t stopped them all. You can report the Google-impersonating phishing attempts at Google’s scam information page. How to report scam site links You can be a good online citizen by reporting scam links you come across. Here’s a quick list of the major websites that will allow you to report scammers or spammers who using their link shorteners. By getting the scammer’s original link blacklisted by a popular link shorteners, you’ll help prevent others from getting scammed. Report scam Google shortlinks at goo.gl Report sketchy Bit.ly shortcuts at bit.ly Report GoDaddy scam links at x.co Report is.gd scam links at is.gd Report Tiny scam links at tiny.c If you come across any suspicious emails that you’d like to confirm as a scam before you report, you can right-click a link in order to copy the hyperlink. You can then paste that link into this AI-powered online link checker or this online database of blacklisted links. Whatever the result, remember to stay alert and think before you click. Source
  2. Facebook announced in a blog post Tuesday that it would ban cryptocurrency advertising from the platform entirely. The company said that many ads for cryptocurrency investment opportunities, like initial coin offerings, were “not currently operating in good faith.” Facebook has a point. Take Prodeum for example, a Lithuanian cryptocurrency startup that appeared online Thursday. By Monday, it was gone. Prodeum's 12-page white paper outlined plans to build a database of fruits and vegetables on the Ethereum blockchain. That idea might sound strange, but it’s not the first of its kind. Prodeum asked investors to help raise as much as 5,400 ether—roughly $6.5 million—in an ICO. But after collecting what looks like less than the price of two Chipotle burritos, Prodeum disappeared. The company’s sparkly, professional-looking website was replaced with a single, trolling word: penis. A press release on both an NBC affiliate and a New Jersey local news site vanished, along with Prodeum’s website, Twitter account, and Telegram channel. Emails to the startup’s customer support address bounce back. It seems like Prodeum—which sounds suspiciously like the urinary-tract infection medication Prodium—was yet another cryptocurrency scam. It joins a long line. In April of last year, there was Mumbai-based OneCoin, a once-lauded blockchain startup that was discovered to be a Ponzi scheme—but not before its founders allegedly funneled at least $350 million through Germany. Then there was Confido, which disappeared after raising over $370,000. Don’t forget BitConnect, an anonymous cryptocurrency exchange that was accused of being a Ponzi scheme numerous times before it finally shut down. Not every ICO is a scam, and many cryptocurrency startups are legitimate. But the shady, largely unregulated cryptocurrency investment landscape is littered with dozens of fraudulent ventures. (They're also susceptible to hackers; more than 10 percent of the $3.7 billion raised through ICOs has been lost or stolen, according to a recent analysis from the accounting firm Ernst & Young.) Easy Money The cryptocurrency market is ripe for scammers because it’s relatively new, backed by tons of hype, and involves complicated technology. It’s easier to dupe someone into investing in your ICO in 2018 than your fake real estate business—and plenty of people have. A cryptocurrency startup only needs a swanky website and an official-looking white paper. There are also plenty of services to help streamline the process: You can automate your token sale, or have someone write fake news articles hyping up your venture. Confusion around blockchain technology also makes much of the public a potentially easy mark. Blockchains are encrypted, distributed ledgers that operate without a central authority like a bank. The ledger itself is securely stored on many computers, so it can’t be altered or hacked. The Ethereum blockchain—on which Prodeum relied—allows for more complicated applications to be built on top of it. Eth-Tweet, for example, is a decentralized microblogging service built on the Ethereum blockchain. Here’s where the ICO comes in. An initial coin offering allows you to buy some of the tokens that power a specific application. If there were a WIRED Blockchain Application for instance, users might pay one WIRED Reader Token in order to view an article. The WIRED Blockchain Application ICO would allow investors to get in on the tokens at a lower price. The idea is that later on, as demand for the application rises (and people read more articles) the price of the tokens would go up, allowing early investors to make a profit. To complicate matters further, blockchain startup founders frequently tell investors that they’re not putting their money in something akin to a traditional security, but actually into the technology itself. (It’s often unclear what that means in practice.) And some startups, like block.one—which raised over $700 million—claim the opposite, arguing that their tokens can’t actually be used for anything at all. Detecting Fool’s Gold The exact terms of an ICO are usually laid out in an accompanying white paper, which is often the only documentation that investors have to decipher whether a new startup is a solid opportunity. Plenty of ICOs raise millions of dollars in cryptocurrency without even having a working prototype of their software. Even when a demonstration is available, only savvy investors can really evaluate whether an application will be feasible. Many startups don't even write their white papers themselves: The task is outsourced to services that write the papers for them. Prodeum’s white paper, now offline, described a system involving two different types of tokens. On the surface, it looks more legitimate than many genuine ICOs, even listing four blockchain experts supposedly involved in the project. But one of the individuals listed, Petar Jandric, said on LinkedIn that he was a “victim of identity theft,” and wasn’t actually involved in Prodeum. Vytautas Kašėta‏, another expert listed, tells WIRED his name was also stolen for the project. Even genuine ICOs are subject to other kinds of scams, like those involving market manipulation. There are numerous “pump and dump” schemes for example, where groups of investors on platforms like Telegram and Discord artificially inflate a cryptocurrency’s value. If you can’t manage to manipulate the market, there’s also always hacking. The Decentralized Autonomous Organization, for example, famously raised $150 million in an ICO and then was hacked, resulting in the loss of over $50 million. Plenty of other startups have faced similar fates. The Wild West Despite walking and talking like traditional stocks, ICOs have so far largely avoided serious scrutiny from the Securities and Exchange Commission, the federal agency that regulates investment markets. Many blockchain startups are international and anonymous—which can place them out of the SEC's purview. That lack of oversight is another reason so many scams proliferate. The SEC appears to have started clamping down on cryptocurrencies, however. In December, the agency’s new cyber unit announced it had filed its first ever complaint, against the Canadian couple behind the cryptocurrency startup PlexCorps. The agency alleges that the couple swindled customers out of $15 million by unrealistically telling them they could make up to 1,354 percent returns on their investment. On Tuesday, the SEC announced it had halted one of the largest ICOs ever, for the Dallas-based startup AriseBank. The celebrity-endorsed company, which claimed to be a “decentralized bank,” falsely advertised that it could offer customers FDIC-insured banking accounts. The same day, Bloomberg reported that the US Commodity Futures sent a subpoena to Bitfinex and Tether, one of the world’s largest cryptocurrency exchanges. Facebook's ad ban, then, is just one of a series of efforts to clean up an unruly, scam-riddled system. Ultimately, blockchain scams aren’t much different from other types of investment fraud. Whether you dress it up as an ICO or a hedge fund, the grift generally works the same: Convince unassuming individuals that you can make them rich, then steal their money. While the SEC has yet to aggressively go after much of the cryptocurrency market, it does regularly file complaints against hundreds of other scams designed to rip people off. Humans have been trying to swindle each other out of money for thousands of years. The cryptocurrency is just the latest opportunity to do so. “Fraudulent scams like Ponzi schemes and sponsors who pocket investor’s money have been around for a long time. Fraudulent ICOs can be used to repackage old frauds in a new wrapper,” says Todd Kornfeld, a securities attorney at the firm Pepper Hamilton. That’s not to say that the cryptocurrencies aren’t a particularly volatile and shady thing to invest in now. A recent hoax claimed that some guy scammed his way into over $1 million by convincing people Chuck E. Cheese tokens were bitcoins. The story wasn’t true, but you can see now why it was so easily believed—the cryptocurrency marketplace is full of plenty of crazier scams. source
  3. Browser based Tech Support Scammers keep coming up with new and innovative methods to prevent users from closing their browsers. While Tech Support Scam Trojans are more difficult to remove then their browser based counterparts, browser based tech support scams are still worrying to many people who encounter them. For many who are not experienced in computers, when they see a fake browser tech support scam message, they become concerned that there is something wrong with their computer. While people are becoming more educated and realize that they are simply no more than an advertisement, tech support scammers are coming up with trickier methods to prevent a user from closing their browser. For example, while recently looking for adware bundles, I ran into a browser based tech support scam that I have not seen before. In this scam, when you move your mouse cursor over the web browser showing the scam, the mouse cursor disappears. Instead you will see a mouse cursor moving randomly over the page, which is the scammers trying to trick you into thinking your mouse is not working properly. This is illustrated in the video below. As you can see from the above video, I have full control over my mouse when outside the browser Window. You can also see a mouse cursor moving around on its own in the Window. When I move my mouse into the browser window, though, I no longer have control over the mouse cursor. This makes it difficult to close the alerts being shown and thus the browser window. Ultimately, Browser Tech Support Scams are still really easy to close. Thankfully, no matter what tricks a browser tech support scammer throws at us, there is always a simple weakness. If the browser is closed, the alert goes away with it. With that said, if you are affected by a browser tech support scam in the future, do not worry and instead simply close the process associated with your browser. To do this you should open task manager by right-clicking on the time displayed in the Windows taskbar as shown below. Then select the Task Manager option. Open Task Manager When Task Manager opens it will display a list of applications that are currently running. Look for the application that is currently showing the tech support scam and select it by left-clicking on it once. For example, in the image below I have selected the Google Chrome applications. To close the application simply click on the End task button as indicated by the blue arrow below. Task Manager Your browser should now close. When you next start the browser, if the browser prompts you to restore any previously open Windows, do not allow it to do so as this will just reopen the tech support scam site. If for some reason you continue to see these types of fake security alerts in your browser, you may be infected with adware. Article source
  4. Most of my friends and family live in Canada and I often get in touch with them so according to them the digital culture is booming like crazies in Canada these days. This lead me to do a random search about it since I'm a bit of a geek who goes after the depth of anything that catches my eye. So on a random search I came across these mind-boggling stats about internet scams in Canada and it wasn't too good for me cause not everyone of my friends and family is tech-savvy or intelligent enough to not fall victim to a scam or phishing attack. So it lead me looking for some things (tips) specifically for Canada as I'm not too sure what kind of scams are there. So far I have found this article about Canadian Internet Scams and Tips to Keep in Mind and scams via money transfer. Now need you guys in it! Cheers!
  5. If you have read the blog post about Tech Support Scammers using the Winlogon Shell registry value, you know the basics about how this one works. And if you have also read the follow-up, you know that there are a lot of variants to this one. But one infecting you with the other is both weird and awful. Let us show you what went down. Running an executable file posing as an installer for “VMC Media Player”, we were greeted by these prompts telling us we were going to be logged off— —and this site opening in our default browser: Since yolasite.com offers users the option to track visitors to their sub-domain, we suspect this site to be built to keep track of the people that installed the “software”. We have reported this site to Yola and are awaiting a reply. This sequence of events is programmed in a simple batch file that opens the site and commands the computer to shut down in 5 minutes. Once the victims log back on, they will be confronted with this fake BSOD screen: The screen’s text rambles a lot about errors and Trojans and displays the phone-number they would like you to call. It also shows a seemingly unrelated prompt to “get the product key”, which we will discuss later on, and a button labeled “Microsoft Help” that opens the site www[dot]microsoft[dot]aios[dot]us. Here you can download remote administration tools to get ”support” for a great variety of products. We have seen complaints about the people running this site and its predecessors for at least two years. The site shows a prompt that is a bit unclear about your options. The listed options are YES to “Start Support Session” or NO to “Browse Support Site”, but the buttons are labeled OK and Cancel. I tested for you, and Cancel gets rid of the pop-up. And if you allow more pop-ups and click OK a few times, you will eventually get the option to download the legitimate remote administration tool TeamViewer. And the second Tech Support Scam? Ah yes, let’s circle back to the prompt that promised us a product key. Click OK on that one, and you will see a download prompt for a file called license_key.exe. This file has been reported to Mediafire If you run this file, you may get some déjà vu feelings as you will see the “Thank you” prompt to notify that you will be logged off and visit another Yola site, this time it’s thankyou1234[dot]yolasite[dot]com using the URL shortener lnk.direct. Statistics of the URL shortener showed it was created 06/29/2016 and had 1143 visitors over the past month. The relatively good news about this repetition is that it will get rid of the fake BSOD for you because it alters the Winlogon Shell registry value yet again, only to replace it with another Tech Support Scammers lock screen however. This time one that looks a lot like some of the earlier ones. A phone number and a form requesting “a product key”: Only this time it looks like you are completely stuck without any option. The part of the form that you would expect to fill out and the “Cancel” button are both unresponsive, so most people will end up having to use Ctrl-Alt-Del to get out of this. The name of the running processes for both rounds is fatalerror(.exe). We have dubbed the second one “Product Key” as that is the name of the folder it creates in Program Files (x86). But for the benefit of the Tech Support Scammers there is an “Easter egg” hidden in this screen. If you click anywhere in the 5th line (the one starting with the words “PRODUCT KEY”) you will go to this screen- -where there is a choice of programs available that the Scammers can use to help you out of this predicament. Against a price of course. File characteristics Md5 of the VMC Media Player Setup.exe 47bb0a01ae8820b8664eda660aac312f Md5 of the license_key.exe dff38f5dfdeff1e73debef355c4ac13e Both are detected by Malwarebytes Anti-Malware. The VMC Media Player Setup.exe as Rogue.TechSupportScam. And the license_key.exe as Ransom.LockScreen. Removal guide for the VMC Media Player Tech Support Scam can be found on our forums: VMC Media Player TSS and Product Key. The domain aios[dot]us that hosts several Tech Support Scammer sites is blocked for users of Malwarebytes Anti-Malware Premium that have the Malicious Website Protection enabled. Summary In what must be an attempt to drive victims crazy enough to call one of their numbers, Tech Support Scammers replace one logon lock-screen with another. Don’t forget to save yourself the hassle and get protected. Article source
  • Create New...