Wednesday, August 14, 2013

Scams, scams everywhere


It's the scam season. Well, actually scams are always going around. Facebook is pretty popular to spread those scams, for example the Gina Lisa Facebook scam and the scam to have Facebook in a different color.

There's one recently that caught my attention:

"This is incredible"




















Basically what happened here is that someone on Facebook clicked on the wrong link, and the event got automatically created. Consequently, all of his/her friends were invited to the event as well.

Of the 4 pages that showed up in the search results (there are many more), ~500 people clicked on the bit.ly links. Which is not very much, considering how many people got the invite. Most of the comments on the events were "What is this?", so this means most people realised it's fake.

The CNN logo is being (mis)used, probably to make it look more legit. When you click on the link, you get redirected through affiliates but eventually you land on the following page:


"Dr. Oz Miracle Diet"




















Websites:
hxxp://consumerhealthnews9.org  - URLvoid Report
hxxp://consumerhealthnews6.com   - URLvoid Report

When clicking on any of the links on those sites, you get redirect to:
hxxp://ww90.thorizo.net  - URLvoid Report

More affiliates, more links to click on. The title for this blog post could also have been "affiliates, affiliates everywhere". 



Removal

If it seems that you have created the event, simply go to the event page, click the "wheel" icon and choose "Cancel Event":

Cancel the event















Be sure to also check your Apps, it's possible you allowed a malicious app to post & create things on your behalf:

Check your Apps












If you were invited to the event, simply ignore the message. You can also report the event as scam or spam by clicking on the Report button on the left of the event:

Report the event






















Conclusion


To keep it short and simple:
don't fall for these types of spam/scam, most of the times it's pretty obvious it's fake.

If in doubt, send your friend on Facebook (or if someone sent you the link) via PM if he or she knows what this is about.

You can also use a linkscanner to verify the integrity of a link on either http://www.urlvoid.com or https://www.virustotal.com/

To get some information on a bit.ly (or other URL shortener services) link, you can use any of the following websites:
- http://www.getlinkinfo.com/
- http://longurl.org/
- http://www.longurlplease.com/ (includes Firefox extension)

To report a malicious bit.ly link use:
http://bitly.com/a/report_spam

Wednesday, August 7, 2013

Malware Puzzle


A malware (crossword) puzzle you say? Yes! Why not?


I've made a puzzle about malware (and security) related keywords. It comes in .PNG format, .DOCX and .PDF. You can print it and fill it in and @ me on Twitter: @bartblaze . (or leave a comment)
 


I consider the difficulty of the puzzle quite easy, but here are some breadcrumbs:
  •  I only mean a synonym when it's explicitly mentioned
  •  Across is horizontal, down means vertical
  •  The last letter of (2) down is the first letter of (9) down
  •  I must note I made a small error, (5) down is "disaster" when it should have been "doubt" (FUD). So  just fill in disaster there. 
  •  Don't think about it too long (it's not far-fetched)

To make it more fun you can:

  • Set a time limit to solve the puzzle as I did (10 minutes)
  • Prohibit the use of internet

There's no prize, it's just for fun. Enjoy!



Click to enlarge


.PNG: http://imgur.com/q6MOHlf
.DOCX: http://www.mediafire.com/?bj886m0oh6sq4d2
.PDF: http://www.mediafire.com/?flp27zeh1zuu4xm