Malicious PDF Email Attachments
Wednesday, October 31, 2007

Many inboxes, including my own, have been hit with emails that carry a malicious PDF attachment. The attachments carry a PDF file expolit that can download a malicious .exe file to the compromised computer. This .exe file can in turn download other malware files.

The site hosting the malware files has now been taken down. However, users should be very cautious of opening unsolicited PDF attachments (or any unsolicited attachments, for that matter).

Users should also update their installations of Adobe Reader as soon as possible.

The email arrive with a variety of subject lines including:
* Balance Report
* Your balance report
* Personal Balance Report
* Your credit points
* Your credit report
* Your Credit File
* Personal Financial Statement
* Personal Credit Points

More Information:
Attack of the PDFs
Exploit:W32/AdobeReader.K

An example:

Subject: Balance Report
Please review your Balance report.

Attachment name:
report.2007......pdf

posted by Brett Christensen @ 7:46 AM, ,


Pet Adoption Scam
Tuesday, October 16, 2007

Those clever little scammers are constantly coming up with new ways to separate the gullible from their hard-earned dollars.

In the example discussed here, the scammer poses as an evangelist who needs to give away his beloved puppies because he has been transferred to the UK on a mission.

Thus, claims the message, he is looking for a "God-fearing" person to adopt the pups for free.

Of course, anybody foolish enough to express interest in the giveaway would become a prime target for identity theft and might also be tricked into sending money to the scammer.

Most likely, the scammer would request a goodly amount of personal information, ostensibly to check that the applicant could provide a suitable home for the animals. Over time, the scammer may well gain enough personal information to allow him to steal his victim's identity. The scammer would also be likely to invent a series of excuses, such as unexpected vet bills, transport fees or quarantine expenses, as to why the victim needed to send money to ensure delivery of the pups.

It hardly needs to be said that puppies described are nothing more than figments of this slimly scammer's imagination.

An example of the email:


MY NAMES ARE EVANGELIST JOHN LARRY FROM THE DENVER SEMINARY IN THE UNITED STATES. I AND MY DARLING WIFE WERE RECENTLY TRANSFERRED ON A HUMANITARIAN MISSION TO THE UNITED KINGDOM AND WE CAME ALONG WITH OUR BEAUTIFUL PUPPIES WHICH INCLUDES THE YORKIE, ENGLISH BULLDOG AND MALTESE BREED.CONTRARY TO WHAT WE EXPECTED,WE NOTICED THAT THE WEATHER OVER THERE IS TOO HARSE FOR THE PUPPIES.

DUE TO THIS SITUATION COUPLED WITH OUR NEW BUSY ASSIGNMENT,AND WE HAVE NOT BEEN ABLE TO TAKE GOOD CARE OF THEM THE WAY WE USED TO WHEN WE WERE IN THE UNITED STATES,THEREFORE, WE NEED A GOD FEARING PERSON TO ADOPT ONE OR MORE OF OUR BABIES BACK HOME TO THE UNITED STATES WHERE THEY WILL BE GIVEN LOTS OF TLC(TENDER LOVING CARE).THE PERSON WILL ADOPT OUR PUPS FOR FREE BUT WILL ONLY PAY FOR SHIPPING COST TO HIS NEAREST AIRPORT. WE ARE NOT AFTER MONEY BUT ARE VERY CONCERNED ABOUT THE PETS' WELFARE AND HEALTH CONDITIONS,THAT IS WHY WE ARE GIVING THEM AWAY FOR FREE.

IF YOU FEEL YOU ARE QUALIFIED TO DO THIS AND YOU HAVE A CLEAN AND COMFORTABLE HOME FOR THEM, THEN SEND A RESPONSE TO GOODS_WAREHOUSE2000@YAHOO.COM AND WE WILL EMAIL YOU PICTURES AND MORE INFORMATION ON THE PETS, NOTE THAT ALL THE PETS ARE VERY HEALTHY AND VET CHECKED.

I HOPE TO READ FROM YOU.
REGARDS,
EVANGELIST JOHN LARRY.
Phone : Removed
UNITED KINGDOM.

posted by Brett Christensen @ 1:50 PM, ,


Online Safety Lesson for Shannon

An email that outlines the dangers of cyberstalking for children has now been circulating for a number of years. The message tells the story of young Shannon, who inadvertently reveals a dangerous amount of personal information about herself while chatting online with "GoTo123", a person she believes is a teenager from another state. "GoTo123" is able to collect enough information to locate Shannon and follow her home. Luckily, "GoTo123" turns out to be a police officer who uses this frightening turn of events as a means of teaching young Shannon a valuable lesson.

The scenario outlined in this email certainly illustrates how vulnerable youngsters can be to online predators. However, it should be noted that the story does not describe a real event and was never intended to do so.

In fact, the article was written some years ago by two concerned Christians as a way of illustrating the potential dangers of online communication for young people. On the web page where the original article was published, the authors explained:

The story you just read was not true. Yet it could have happened; it was based on true information given out to me by kids on line. It could easily happen to the teens that chat so freely with strangers. While it is not meant to frighten you, it is a lesson in being safe.This message is for boys as well as girls. They have been victims of predators on line too.

An example of the message:

MYSPACE: A Must Read for All

EVERYONE NEEDS TO READ ALL OF THIS and HAVE CHILDREN READ IT TOO!

After tossing her books on the sofa, she decided to grab a snack and get on-line. She logged on under her screen name ByAngel213. She checked her Buddy List and saw GoTo123 was on. She sent him an instant message:

ByAngel213:
Hi. I'm glad you are on! I thought someone was following me home today. It was really weird!

GoTo123:
LOL You watch too much TV. Why would someone be following you?
Don't you live in a safe neighborhood?

ByAngel213:
Of course I do. LOL I guess it was my imagination cuz' I didn't see anybody when I looked out.

GoTo123:
Unless you gave your name out on-line. You haven't done that have you?

ByAngel213:
Of course not. I'm not stupid you know.

GoTo123:
Did you have a softball game after school today?

ByAngel213:
Yes and we won!!

GoTo123:
That's great! Who did you play?

ByAngel213:
We played the Hornets. LOL. Their uniforms are so gross! They look like bees. LOL

GoTo123:
What is your team called?

ByAngel213:
We are the Canton Cats. We have tiger paws on our uniforms. They are really cool.

GoTo1 23:
Did you pitch?

ByAngel213:
No I play second base. I got to go. My homework has to be done before my parents get home. I don't want them mad at me. Bye!

GoTo123:
Catch you later. Bye

Meanwhile.......GoTo123 went to the member menu and began to search for her profile. When it came up, he highlighted it and printed it out. He took out a pen and began to write down what he knew about Angel so far.

Her name: Shannon
Birthday: Jan. 3, 1985
Age: 13
State where she lived: North Carolina

Hobbies: softball, chorus, skating and going to the mall. Besides this information, he knew she lived in Canton because she had just told him. He knew she stayed by herself until 6:30 p.m. every afternoon until her parents came home from work. He knew she played softball on Thursday afternoons on the school team, and the team was named the Canton Cats. Her favorite number 7 was printed on her jersey. He knew she was in the eighth grade at the Canton Junior High School . She had told him all this in the conversations they had on- line. He had enough information to find her now.

Shannon didn't tell her parents about the incident on the way home from the ballpark that day. She didn't want them to make a scene and stop her from walking home from the softball games. Parents were always overreacting and hers were the worst. It made her wish she was not an only child. Maybe if she had brothers and sisters, her parents wouldn't be so overprotective.

By Thursday, Shannon had forgotten about the footsteps following her.

Her game was in full swing when suddenly she felt someone staring at her. It was then that the memory came back. She glanced up from her second base position to see a man watching her closely.

He was leaning against the fence behind first base and he smiled when she looked at him. He didn't look scary and she quickly dismissed the sudden fear she had felt.

After the game, he sat on a bleacher while she talked to the coach. She noticed his smile once again as she walked past him. He nodded and she smiled back. He noticed her name on the back of her shirt. He knew he had found her.

Quietly, he walked a safe distance behind her. It was only a few blocks to Shannon 's home, and once he saw where she lived he quickly returned to the park to get his car.

Now he had to wait. He decided to get a bite to eat until the time came to go to Shannon 's house. He drove to a fast food restaurant and sat there until time to make his move.

Shannon was in her room later that evening when she heard voices in the living room.

"Shannon, come here," her father called. He sounded upset and she couldn't imagine why. She went into the room to see the man from the ballpark sitting on the sofa.

"Sit down," her father began, "this man has just told us a most interesting story about you."

Shannon sat back. How could he tell her parents anything? She had never seen him before today!

"Do you know who I am, Shannon ?" the man asked.

"No," Shannon answered.

"I am a police officer and your online friend, GoTo123."

Shannon was stunned. "That's impossible! GoTo is a kid my age! He's 14. And he lives in Michigan !"

The man smiled. "I know I told you all that, but it wasn't true. You see, Shannon , there are people on-line who pretend to be kids; I was one of them. But while others do it to injure kids and hurt them, I belong to a group of parents who do it to protect kids from predators. I came here to find you to teach you how dangerous it is to talk to people on-line. You told me enough about yourself to make it easy for me to find you. You named the school you went to, the name of your ball team and the position you played. The number and name on your jersey just made finding you a breeze."

Shannon was stunned. "You mean you don't live in Michigan ?"

He laughed. "No, I live in Raleigh . It made you feel safe to think I was so far away, didn't it?"

She nodded.

"I had a friend whose daughter was like you. Only she wasn't as lucky. The guy found her and murdered her while she was home alone. Kids are taught not to tell anyone when they are alone, yet they do it all the time on-line. The wrong people trick you into giving out information a little here and there on-line. Before you know it, you have told them enough for them to find you without even realizing you have done it. I hope you've learned a lesson from this and won't do it again. Tell others about this so they will be safe too?"

"It's a promise!"

posted by Brett Christensen @ 1:48 PM, ,


The Direct Approach
Friday, October 5, 2007

When corresponding with potential victims, scammers often go to great lengths to disguise their real motive - that is, separating the gullible from their money.

Sometimes, however, they apparently opt for the direct approach and just come right out and ask the recipients of their messages to send money. In the example shown below, the scammer claims that he is stuck in Nigeria under difficult circumstances after losing his money and travel papers. He asks if the recipient can "lend" him some money so that he can return home. He promises to pay the money back on his return. It hardly needs to be said that anyone foolish enough to send money will never see a cent of it again.

It seems incredible that anybody would actually fall for such a transparent scam attempt. However, people all over the world still fall for Nigerian and Lottery scams every day. And there are bound to be at least a few kind-hearted but gullible individuals who will become victims of even direct, "send me money" style scams like the one below.

After all, the scammer responsible probably distributed many thousands of identical copies of the message to all corners of the planet. If only one out of all those thousands of recipients was fooled into sending money, then the exercise would have been worthwhile for the scammer. His overheads are likely to be quite minimal, so netting even one victim will give the scammer his undeserved payday.

An example:

How are you doing today? I am sorry i didn't inform you about my traveling to Africa for a program called "Empowering Youth to Fight Racism, HIV/AIDS, Poverty and Lack of Education, the program is taking place in three major countries in Africa which is Ghana, South Africa and Nigeria. It as been a very sad and bad moment for me, the present condition that i found myself is very hard for me to explain.

I am really stranded in Nigeria because I forgot my little bag in the Taxi where my money, passport, documents and other valuable things were kept on my way to the Hotel am staying, I am facing a hard time here because i have no money on me. I am now owning a hotel bill of $ 1550 and they wanted me to pay the bill soon else they will have to seize my bag and hand me over to the Hotel Management., I need this help from you urgently to help me back home, I need you to help me with the hotel bill and i will also need $1600 to feed and help myself back home so please can you help me with a sum of $3500 to sort out my problems here? I need this help so much and on time because i am in a terrible and tight situation here, I don't even have money to feed myself for a day which means i had been starving so please understand how urgent i needed your help.

I am sending you this e-mail from the city Library and I only have 30 min, I will appreciate what so ever you can afford to send me for now and I promise to pay back your money as soon as i return home so please let me know on time so that i can forward you the details you need to transfer the money through Money Gram or Western Union.

Joseph Gerada

posted by Brett Christensen @ 2:54 PM, ,