Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Outlook Verification Alerts – Dear New Outlook Account User

Maybe I should have titled today’s article “A Poisonous PDF”

Kind of strange, Hotmail, oops!, excuse me, Outlook.com, did not flag this email as spam..

outlook_pdf_scam

You should know, by now (halfway through 2013), that scuzbucket sleazeball “hackers” send us emails trying to trick us into clicking links to dangerous websites, or download a virus, and further know that PDF format attachments can be “poisoned” to contain a virus.

So, you should be very leery of any email with a “paperclip” (an “attachment”). And if that email comes unexpectedly, doubly so. And if that email comes from a stranger, or claims to come from a business organization (such as Delta airlines, Pay Pal, Microsoft, or UPS, for example) delete it, unopened. Don;t even glance at it. (Since 2007, curiosity, when on the Web, kills the cat.)

Other “red flags” (besides the paperclip)

Even though this particular attack (and yes, this is an “attack” on me) purports to be from “Outlook Verification Alerts”, the Sender field is someone’s name (in my case, “Ingila Hollqvist”, though that is probably randomly generated). And their email address is (showing as) something other than “outlook.com” or “microsoft.com”.

And of course, there’s the Engrish.

*     *     *

Now I know that you would never open such an email attachment as this one here. But I guaranty some folks will.

Today’s quote:Just when I think I have learned the way to live, life changes.” ~ Hugh Prather

Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

August 1, 2013 Posted by | advice, cyber crime, e-mail, hackers, Internet, Internet scam, security, tech | , , , , , | Leave a comment

statement.exe

*New* Infected Attachment Scam Returns

Once again your Inbox is a dangerous place…

Subject: funds wired into your account are stolen
From: investigation@fdic.gov

Dear bank account owner,

Funds wired into your account are stolen from innocent account holders through Identity Theft. Please check your account statement (the statement is attached to this letter) and contact your bank account manager.

Federal Deposit Insurance Corporation

poison_attach

POP QUIZ: What’s wrong with this picture? (multiple choice)
a: It came on a Sunday, and the Gov’t doesn’t work on Sundays.
b: There’s no such thing as “innocent” account holders.
c: dot exe’s are “executables” (aka “scripts” and “programs”) and make things happen on machines.. maybe bad things.

Answer: C

Folks, this is a really old attack method, and it preys upon the fact that people (“users” in Geek-speak) are unobservant (won’t notice the .exe) and uneducated (don’t know what an .exe is).

Sadly, those two ideas are pretty close to Fact, and reality hasn’t changed. And so someone is trying this old trick again. The attachment “statement.exe” is a “downloader virus“.
Open the attachment and be “pwn3d“.

Today’s free link(s):
* Top 10 things you should do to your computer–updated
* Internet and System Security – Common Sense Tips

Today’s free link, Part II: I don’t want you to think that I’m a boring and all-business geek, so today’s link is the place to get started building your digital music collection … for free. The music department at download.com is an entirely free collection of music of all genres. Check it out. Have fun, and relax … it’s completely legal, and doesn’t use any of that questionable “file sharing”. (Ahem)

Today’s free download: Is it a game? Is it a typing tutor? 10 Finger BreakOut is a real arcade game, in which you are escaping from invaders, shooting and trying to hit balls, but don’t worry, by playing 10 Finger BreakOut you sure will be learning to type. Improve your typing skills with this free typing tutor – typing game.

Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. jaanix post to jaanix.

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

Share this post :

August 2, 2010 Posted by | computers, Internet, Internet scam, PC, security, spam and junk mail, tech | , , , , , , | Leave a comment

Facebook Password Reset Confirmation! Your Support.

E-mail Attachment Delivers Virus – Old Tricks Die Hard

I got another e-mail from “Facebook support”. This one tells me that my password has been reset, and my new password is contained in the attached Zip file.
[update: I just got two more. This time from “Facebook Networks”, and “Facebook Messages”.]

“Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
Your Facebook.”

Facebook_zip

According to Sophos, the malware inside the .zip is: Malware: Mal/TibsPk-A

Virus Spyware

“About this threat:

Mal/TibsPk-A is a malicious program that contains highly obfuscated code that has been encrypted and compressed. This program typically arrives in the form of a hoax email with an accompanying file attachment.

This program tends to:

Short version: open it and you’re thoroughly hosed.
Sophos continues..

“Fake package delivery or password reset messages trick users

This week, Mal/TibsPk-A arrived as an email attachment in a variety of ways. A typical email containing this malware can be one of the following formats:

Subject: Facebook Password Reset Confirmation! Customer Support.
Attached file: Facebook_password_<random characters>.zip
Subject: DHL Office. Please get your parcel
Attached file: DHL_Label_<random characters>.zip
Subject: Amazon Shop! Your order has been paid! Parcel NR.5014.
Attached file: Postal_label_&ltrandom characters>.zip”

two more attacks same day

two more attacks - same day

I cannot stress enough to you, Dear Reader, that cybercrime is a bigger industry than the illegal drug trade, and they are stealing billions every year. Why not? All it takes is one wrong click!

Don’t be a victim. Exercise “paranoid common sense” when online. This is just one “for instance”.. sent to tens, maybe hundreds, of thousands of e-mail addresses (I never have signed up for Facebook).
Oh, .. and visiting here regularly can help.

Unrelated: Do you like free software? Own a laptop? See my current software license giveaway: Software License Giveaway Drawing. Entering is easy.

Copyright 2007-2010 © Tech Paul. All Rights Reserved. jaanix post to jaanix.

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

Share this post :

March 24, 2010 Posted by | cyber crime, hackers, Internet, Internet scam, News, security, spam and junk mail | , , , , , , , , , , , , , , , | Leave a comment

Security Alert: Don’t Open PDF Files

New Year, New Attacks Against Adobe

Adobe Zero-Day Flaw Under Attack – Crooks are once again sending e-mails with attachments exploiting the “zero-day” hole in Adobe Reader and Acrobat to install malware on targeted machines. The attacks start with a malicious PDF file that contains the PoisonIvy Trojan, which allows an attacker to gain remote control over an infected PC.

Adobe says it will release an update on January 12th.

To read the full story, please click here.

Today’s free downloads: If you are a bit tired of Adobe, and all of it’s vulnerabilities (tops the charts year after year, after all), I’m afraid there’s not much you can do about Flash Player (for watching YouTube videos, for example) except to remove it and do without videos (and.. animated ads). But you don’t need Reader to open PDF files. I suggest uninstalling Reader and installing some other “reader”.. such as the lightweight (and portable) Sumatra PDF, or the popular Foxit Reader, or PDF-XCHANGE Viewer (also an editor).

Copyright 2007-9 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

January 7, 2010 Posted by | computers, cyber crime, Internet, security | , , , , , , , | 2 Comments

The Paperclip As A Weapon?

sucker_clip

I think the attachment “paperclip” symbol might sometimes be better referred to as the “sucker clip”. Simply opening this e-mail (or having my Preferences set to include a Preview Pane [usually the default]) would’ve told the cybercriminals of my valid e-mail address, and put me on a global.. um.. “likely to fall for a scam” list. (Please see Security tip– turn off the preview pane)

May 11, 2009 Posted by | advice, Internet, Internet scam, security | , , , , , , , , | Leave a comment

Poisoned E-mail From Amazon

Transaction Notice Has Virus Attachment

Cybercriminals have started using an old trick with a new twist — sending spam e-mails purporting to be from a real company regarding a “recent transaction” (or shipment). The e-mail has an attachment claiming to be a summary, receipt, or ‘required’ form.amazon-dot-com

Of course, the attachment is a virus, and “opening” it infects your computer.
(Many security experts would have told you this method was obsolete and no longer being used..)

In this most recent wave of spam attack, the company being spoofed is Amazon.com. It reads:
Your transaction has been processed by WorldPay, on behalf of Amazon Inc.
The invoice file is attached to this message.
This is not a tax receipt.
We processed your payment.
Amazon Inc has received your order,
and will inform you about delivery.
Sincerely,
Amazon Team

This confirmation only indicates that your transaction has been processed successfully.
It does not indicate that your order has been accepted.
It is the responsibility of Amazon Inc to confirm that
your order has been accepted, and to deliver any goods or services you have ordered.

Remember folks, your clicking bypasses your security, so resist your curiousness. Never click the links in unexpected/unsolicited email. Best yet, don’t even open them.

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

April 25, 2009 Posted by | advice, cyber crime, e-mail, hackers, Internet scam, security, spam and junk mail, tech | , , , , , , , , , , , , , , , | Leave a comment

How can I open a ".odt" ?

Q: Paul, How can I open a “.odt” ?

A: As I discussed in this article, Cannot open attachment…help!, when you run across a file that Windows does not recognize, and doesn’t know how to open, it is due to the fact that some program was used to create the file that you don’t have.

In this case that program was OpenWriter– the word processor in the free OpenOffice Suite.

Basically, when this happens, you have three options:
* Ask your sender to resend the file, only this time ‘Save As’ it to a more common file type. (such as .doc, or .rtf, or even .txt)
* Install the program on your machine yourself.
* Look for “viewer”, or “converter” tool.

I like the first choice myself (and I’m not always so polite in my phrasing), but most of you will probably prefer the third. (This comes up at least once a week for PowerPoint slideshows!)

A free document viewer for all common word processing formats can be found here.

A free file type converter (all types of ‘media’) can be found here.

.. and for the 600,000th time.. the PowerPoint Viewer is here.

[note: when you come across a ‘dot xyz‘ that you’ve never heard of before and have no idea what might of created it.. go to FILExt.com. There you will be able to look it up.]

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

 

November 10, 2008 Posted by | advice, computers, file system, how to, PC, software, tech, troubleshooting | , , , , , , , , , , , , , , , | 3 Comments

« Previous Entries