Two Clever Phishing Attempts - Comments Page 1

Bob,

Thank you for the warning.

Hopefully, Adobe and other sources of PDF readers can provide some protection from the scheme.

Your final statement should be put above each computer screen:

“Don't click before engaging brain.”

Haven't been a victim, but have seen exactly what you say when looking for manuals. Also have seen the 'conduit' episode many times on friends computers when they complain how slow they are. Good article Bob. (¯`·._.·ns¢ävË·._.·´¯)®

Rings a little too close to home Bob....

Just waiting for the next phone call from our 72 year old aunt - her computer started popping up p**n whenever she opened the browser a couple of weeks ago.

She has anti-virus installed BUT it's Norton which decided it would stop during an update and has 'missing bits' - she's on dial-up and even virus definitions take hours sometimes to download.

There is another 'sligh' problem. We are in Cardiff, Wales, UK and she is in Northern California.

Luckily it's near her birthday so we're trying a Fix-it-stick that she can update at her aunt's (92 and still going strong) who she cares for most of the week. Then it's a plug in to the desktop at home and ...... maybe..... fixed.

Copuuter fixing with older relations at 6000 miles distance must be a record!

Jon

P.S. On the other hand it's what you do every day isn't it?

Bob ... Thanks, again for another very interesting article! Wow ... I was aware of "Phishing", even before I knew that it was called Phishing. Back in the late 90's, I got an email, from Regions Bank, asking about the information, for my account ... password and etc.. Bottom line ... I have NEVER had an account with Regions Bank!!! So, I knew something was very wrong and bad, with this email.

I just deleted it. After that, I read about Phishing and found out, how to look for the "telltale signs" and how to protect yourself. Mainly ... NEVER ... EVER give anyone your password or personal information, just because it "looks like" it came from your financial institution. One Phishing email, I really got curious about and used the "warning signs" to verify that it was infact a Phish. I also, sent the email on to the company, that was suppose to be getting information, from me. I felt, they needed to know, what was going on.

What really bothers me now ... The fact the PDFs are being used, to pass on "executable" codes, that can basically "infect" your PC or Laptop with malicious malware like the Conduit Search!!! Been there and done that, already in the past 3 months!!! Conduit Search is a very, very nasty malicious malware, that can be extremely hard to remove. Plus, it seems to keep on "expanding" with other malicious malware search engines, like Sweet Packs and etc..

No, I haven't been Phished by this ... I got this, from CNET's Download.com ... By, simply downloading an update to a program, where I have used CNET, many, many times before!!! I refuse to use CNET Download.com or ZNET Download.com and several other well known download websites ... Due to their recent practice of using Foistware, on their users.

Hi there, Just received a new version of an old scam. An email arrived from a good friend, saying she was stuck in Madrid after having been attacked and robbed - needed some cash urgently to pay hotel and buy flight home. Nothing new there, but get this, when we replied (carefully asking her about a fictitious friend and non-existant relative, the scammers had intercepted the reply and sent a further plea for cash. As soon as they mentioned sending funds to Western Union I knew it was a fraud. Sorry WU but every scammer in the Ivory Coast (30% of the population!) uses WU so that is a real alarm bell ringer. Just thought you might want to spread the word, our friend's address book had obviously been hacked - as my email address does not reflect my name, there was no personal greeting, but I'd bet that if I had an email like bob.rankin@something.com, they would have started Hi Bob. About time we started a cyber-vigilante group? Thanks for all your good advice over the past couple of years. Ken

I received a couple of really despicable phishing emails, supposedly from a funeral home about a recently deceased friend. Fortunately, all my friends are fine, so I marked it as SPAM and deleted it.

Bob, thank you for another great warning about internet security. I have a friend who fell victim to the FBI hoax you warned about a while back. As I recall it cost him $400 for some techies to get rid of it for him. At my/your suggestion he now uses avast and malware bytes.

I also clicked too quickly on a CNET!!!! site and ended up with the search.conduit program installed. It was a lot of digging and searching to remove everything.

Thanks for all your great advice.

Luckily I have just installed Avast on my new computer while looking for the words of an old hymn - "The Fruit Salad Chorus" After googling for the words, Avast stopped two sites I had clicked on which claimed to have the words. I wondered if McAfee, which was originally installed, would have stopped them.

For those of you worried about PDF files, Foxit Reader has a safe mode, which should protect you from any nasties.

Any time I've ever needed a manual, I've gone to Retrevo to search for and download it. As far as I know, it's a reputable site.

For all of those literature and parts searches plus opening links in emails that look suspicious or have no other information I use an old computer running Linux.
Much of the bad stuff out there does not affect Linux and if the system does get corrupted all I have to do is pop in the live cd and reinstall the OS.
The older versions of Ubuntu (up to and including 10.04lts) will run with 512mb of ram.

I fell for a Google docs scam. An email came from a friend of mine, whose own email account was hacked. There was an uploaded video from a party the previous day. It asked for login and password, which I stupidly gave because the credentials seemed okay. And it downloaded okay too, and it was the right video. When I found out she was hijacked a couple of hours later, I quickly changed my password and luckily have suffered no harm.

Thanks Bop, timely reminder!

Crumbs, is there no end to the art of these phangler blokes and the accuracy with which they cast their phlies?

Thanks again Bob!

I have encountered,"click here" to view an important document repeatedly. I've also been directed to a download to view information. These emails are from unknown sources. I've been ignoring both of these for quite some time now. They're quite persistent. So, I just "Delete." The information you provide is so helpful. I stop and think before I click. Then, I "Delete."

This is a good opportunity to warn of the fake Yahoo Mail login panel. Mine came up unexpectedly whilst emailing as "Your Session Has Timed Out" and, of course, I logged back in using my username and password. The very next day my Contact List was attacked with 50% receiving one email and the other 50% a similar one.

I checked with my login history on Yahoo to find that both attacks came from our 'Vi*gra' Canadian
phishers.

What annoyed me most was that Yahoo's computers did not take note of the fact that all my emails for the past six years had an Indonesian origin and they did not pick up on the fact that there, as clear as a bell, were two adjacent entries from Canada which should have aroused suspicion.

Of course Yahoo never replied to me when I tried to warn them of the fake login panel and, to date,
none of the forums (such as this) have highlighted this danger.

I had an appointment with a new doctor yesterday and they asked me to go to their website to get the new patient paperwork to fill out before the appointment. Once I got there and clicked on New Patient Paperwork, I was surprised to see the download for Conduit pop up. I just went to the appointment early to fill out the paperwork in the office.

I forward all phishing attempts to phishing-report@us-cert.gov and also to spam@uce.gov. Fortunately, I hardly receive any phishing emails at home, but I get quite a few at work. Plain old spam I just delete, but I believe that phishing attempts deserve to be reported. It may not do any good, especially if they originate in another country, but it makes me feel like I at least have some chance of causing these miscreants a bit of trouble.

I was getting a little suspicious of Download.CNET.Com after seeing all of the "Download" links on the same page. I won't use them again. Thanks.

Thanks again Bob. I followed your advice and switched from AVG to Avast , much better and have been using MBAM for quite a while. I wouldn't have Norton even if it was free. Had to wipe my hard drive to get it all out. Don't start me on CNET and Conduit, can't get away from it. I back up my HDD and every so often I wipe it it and reload Windows 7. Computer runs faster too and then I pick what I wanton to reload. CNET should be put out of business. I thought Tucows was trustworthy but I won't use them again either.

OK - read and noted your warning. Then a few minutes ago, my fridge stopped working. After reading this warning, I'm afraid to do what I would usually do - google my fridge's make and model to get online suggestions.
How do I do that and know my search will be a safe one? Is there a way to know? Or a safe site that has manuals?
thank you!