Spam is everywhere online. An estimated 14.5-billion messages categorized as spam are sent every day. It’s not just your email inbox that’s being bombarded either. Comment sections, social media and even text messages are also being hit. A post at the All Spammed Up blog writes that we only have ourselves to blame for this barrage of spam.
Electronic spam is an umbrella term that refers to any unsolicited, mass message usually used for advertising purposes. It’s the online equivalent of junk mail addressed to ‘Resident’. Recently, it’s also been adapted to spread malware. The reason it exists and is expanding is that it works. Those who are sending out spam messages are finding it to be a worthwhile endeavor and a profitable one. The key to stopping it is for users to get smarter and stop falling for it.
In Email and Texts
Messages pour into your email every day and most of them are caught by a filter and placed in the spam folder. Still, some spam gets through to your inbox. Your phone even receives spam text messages, although not nearly as many as your email sees. The reaction of most people is to delete the obvious spam, but it keeps coming because there are those that don’t. You can’t control what other people do, but you can control how often you give out your contact information. If you want to stop spam from coming to your phone, stop giving out your phone number so indiscriminately. If you want to stop, or at least decrease spam email, be more careful who you give your address to. For any site you feel is questionable, use an alternate email instead of your primary address.
On Social Media
Spam on social media is a slightly different animal. The spam often comes from seemingly legitimate accounts of friends that have been hijacked. There are also dedicated phony accounts whose sole purpose is to send out spam and malicious links. Sites like Twitter and Facebook do take down phony accounts when they find them. If users stop clicking on these links, those spam accounts would disappear. To keep accounts from being hijacked, users need to surf safer. Accounts can be hacked in a number of ways, but usually it stems from clicking a bad link or downloading malware.
In Comment Sections
The comment sections of blogs, news sites and social media sites like YouTube and Instagram are often home to spam messages. They’re easy to distinguish from legitimate comments because they usually don’t have anything to do with the page their commenting on and almost always include a link. But, they use social engineering to entice users into following the link. Common tactics are promising high paying, work from home jobs, or cheap electronics. Most users know better, but follow the link to find out for sure whether it’s a legitimate offer. Blog and website owners usually delete these spam comments when they see them, but the spammers often combat this by including a compliment of the site and playing of the owner’s ego.
If no one fell for these spam messages, spammers would stop using these tactics, but probably evolve into something else. The keys for avoiding spam is to surf safely, have a trusted spam filter in place on email, resist offers that are too good to be true and generally be wary of links.
Geek Rescue offers protection from spam and malicious websites with out Safety Net program. We also clean and fix computers that are infected with malware. Call us at 918-369-4335 or stop by one of our convenient locations today.
Everyone has heard warnings about the dangers of spam. The term ‘spam’ is pretty general, however. The best way to stay protected from it is to understand what it looks like and avoid it.
A post on the All Spammed Up blog breaks down the different types of spam and the tell-tale signs of each.
Legitimate
Not all types of spam are malicious in nature. Some emails that end up in your spam filter are examples of overzealous marketing. They’re usually from a trusted company that you’ve given your email address to at one time or another. There’s a reason they’ve been marked as spam, however. That’s either because their marketing messages come far too often, or they offer little to no value. Whether these are arriving in your inbox or spam folder, you’ll probably want to unsubscribe.
Commercial
This type of spam isn’t from reputable companies but is hocking some sort of product. Usually it’s supplements, education or financial services. They’re sent out in bulk and not personalized to a single user. Usually, you’ll even be able to tell that there’s a long list of email addresses listed as recipients. These are sent out by individuals who get money each time someone clicks the links in the emails or signs up for the products offered. The products are worthless, if they exist at all. If one of these arrives in your inbox, mark it as spam and move on.
Phishing
This type of spam email attempts to steal information from users. Many have malware attached to them, or direct you to a malicious website that will download malware to your machine. They use social engineering to convince you to give up information like account log-ins and passwords. There are more specific attempts called spear phishing, that target small groups of people in order to obtain specific information. These types of attacks will appear to know a great deal about you. In order to avoid these scams, it’s a good idea not to follow links provided in emails and never download attachments unless you are expecting them from a trusted source.
Spoofing
This is similar to phishing and can even be combined with a phishing scam. An email arrives claiming to be from a legitimate source that you have an account with, like Facebook, Verizon or even a credit card company. It usually tells you there’s a problem with your account and you need to log-in by following the link provided. This link will take you to a different site where your log-in information will be recorded and used to hack your account. Again, don’t follow links provided in emails. If you want to check out the legitimacy of an email, go to the source’s site directly, or call them. Also, check the sender’s email address. A representative of Facebook, for example, will have an email ending in @Facebook.com. Many of these scammers have email addresses like FacebookHelp@ccvs.com.
Knowing what to look for is key to avoiding email scams. Improving the security on your email and your computer are also important.
For help bolstering your cyber security, either at home or at the office, contact Geek Rescue at 918-369-4335.
Spam and other malicious email threats are a steadily growing problem, but some recent headlines suggest that spam email is actually on the decline. In a post on the All Spammed Up blog, the author notes that these headlines are inaccurate due to a flaw in their researching methods.
One reports claims that 68-percent of all email traffic in August was unsolicited, or spam, emails. That still looks like a daunting number, but it’s actually a decrease of more than 3-percent from previous months. These numbers aren’t wrong, but they only take into account spam emails that are caught by spam filters. As any experienced email user knows, there are still plenty of other threats that end up in their inbox.
In actuality, phishing scams went up by 10-times since August of 2012 and emails containing malicious attachments were 2.5 times higher. These threats are even more dangerous because they’re able to by-pass many spam filters and appear with trusted messages in the inbox.
Rather than email becoming safer, the true message is that spam is getting smarter. Hackers study the way typical spam filters work, then design their malicious emails to get around them. This will prompt an update to spam filters, which will be countered by a change in hackers tactics and on and on.
The other issue with claims that spam is on the decline is that it ignores spam outside of email. SMS spam sent to users’ smartphones is becoming more of a problem. Spam messages over social media like Facebook and Twitter has been a successful endeavor for hackers and is reportedly up 355-percent in the first half of 2013. These new threats don’t show that email is being forgotten by criminals, but instead shows that email is not the only target.
Spam and other malicious attacks are a profitable business so cyber criminals won’t be slowing down their efforts any time soon. For help improving the security on your computer, smartphone, tablet or other device, contact Geek Rescue.
When there’s a major event that captures the attention of the media, you can bet that a related scam will be developed quickly. The royal baby’s birth was one of the latest historic events to be taken advantage of by cyber criminals. As Anand Muralidharan reports at the Symantec blog, spam emails related to the government shutdown is the current threat.
You may be curious to know how the government shutdown can be misappropriated for use by spammers. The answer is that it requires some creativity. The spam emails that have been reported so far have claimed to offer vehicles at half-price for the duration of the shutdown. The emails bear no markings from car manufacturers or car lots, but offer a link to follow for half-priced 2013 model cars and trucks.
Many of these emails are able to slip past spam filters. This may be in part due to their changing email header, or subject.
“Get half-off our autos for each day the US Govt is shut down”
“Get half off MSRP on new autos for each day of govt. shutdown”
These email subjects, or something similar, should alert you that the message is spam and the link will likely take you to a malicious website.
That no official brand logo or company name is used makes these emails much easier to spot and avoid. This likely won’t be the only government shutdown related scam appearing in your inbox, however. And the longer the shutdown lasts, the more opportunities for scams.
Being aware that scams like this are out there makes you less likely to become a victim. Always be cautious of unsolicited emails from untrusted senders.
If you’d like to upgrade your spam filters, or improve the overall security on your computer, call Geek Rescue at 918-369-4335.
A botnet is a way for cyber criminals to use your computer to perform tasks like sending spam emails, spreading malware and other fraudulent uses. Infected computers will be able to communicate and form an entire network of zombie machines, which are all under the control of hackers.
Tom Espiner, of the BBC, reports that security company Symantec recently disabled 500-thousand infected computers that were acting as part of a botnet. The ZeroAccess botnoet, used for advertising and online currency fraud, was previously made up of 1.9-million machines.
The ZeroAccess botnet uses people’s computers to execute click fraud. Online advertisements generate income for websites that host them based on how many users click on them. This botnet used zombie machines to generate false clicks, which made them money.
By disabling 500-thousand of the infected machines, the hackers will lose about a quarter of their income. However, the identity and location of these criminals is unknown so experts warn that they’ll be working to restore their numbers quickly.
Symantec initially stepped in to take down the ZeroAccess botnet when it noticed an updated form of the Trojan program, which ZeroAccess installs on infected machines, being distributed. This malware made it more difficult to disrupt the botnet’s communications. Symantec felt they needed to act now, before updated malware made it impossible to disable any infected computers.
Perhaps the most troubling part of a botnet is that most users won’t know their computer is being used by a third-party. Infected computers will experience a decrease in performance. Your computer will be slower because a portion of its resources are being used as part of the botnet.
It’s also a good idea to check the sent messages folder in your email. If there are messages that you didn’t write being sent from your email address, you’ve got a problem and may be part of a botnet.
If you’re experiencing computer trouble or want to upgrade your cyber security, contact Geek Rescue at 918-369-4335.
Craigslist has long been known not only as a legitimate online marketplace, but also a potentially dangerous hub of scams and hackers. A report posted on the Symantec blog alerts that a current scam is harvesting phone numbers from Craigslist ads and texting them spam links.
The actual scam has nothing to do with Craigslist, but that seems to be where the hackers are getting phone numbers. From there, they send a text containing a link. However, the link won’t work on a smartphone.
Instead, users are prompted to use their PC and arrive at a page prompting them to install “GIMP Viewer”, which is legitimate open source software. If the user agrees, they aren’t taken to the actual GIMP site. Instead, they are taken to a fake site where GIMP software is installed with a number of other programs.
Hackers make money each time these additional programs are downloaded. For now, it doesn’t appear that any malware is included in the scam, but it could easily become part of it if criminals decide the current scam isn’t lucrative enough.
To avoid any similar scams, be wary of text messages from unknown sources. You certainly shouldn’t be agreeing to download anything to your phone or PC unless it comes from a trusted source. A link in an unsolicited text message would not be a trusted source.
To protect your smartphone and PC from future malware infections, contact Geek Rescue at 918-369-4335.
If you’ve used Twitter, you’ve likely encountered Twitter spam. There are unfortunately a large number of profiles whose sole purpose is to send out messages with URLs that are phishing sites or infect your machines with malware. Twitter has taken steps to rid their users of this spam nuisance, but spammers now have new tactics that are more difficult to deal with.
Kit Eaton, of Fast Company, reports that the latest spam technique involves Twitter’s lists. Twitter overcame their initial spam issue by adding a “Report Spam” button for users to use when they encountered an obviously malicious tweet or profile. Overcoming list spam is more complicated.
When your Twitter profile is added to a list by another user, you receive a notification. Lately, users have been seeing list add notifications from spammers masquerading as reputable companies. Accounts trading on the names of Paypal or Facebook appear to have added your Twitter handle to a new list. The idea behind this scheme is that users will have questions about this action and want to know more.
Naturally, you’ll click on the name of the account that’s just added you and you’ll arrive at a barren Twitter profile. No profile picture, only a few tweets sent and almost no followers. Their bio will contain a URL, however. Don’t click it. The urge might be to follow the link and find out what this strange Twitter profile is all about, but the URL points to a malicious website. This could be a phishing scam or a website designed to infect your device with malware.
Twitter has yet to announce a plan to deal with this latest spam threat. You can avoid any problems, however, by being suspicious. Understand what a spam Twitter profile looks like and don’t click any links in their bio or tweets.
If you find that you computer or mobile device has been infected with malware, bring it to Geek Rescue. We rid any device of viruses and malware. Come by or call us at 918-369-4335.
A new form of malware attack on Android phones has security experts on the look-out. This form of scareware infects your computer through a phishing email and malicious link.
Chris Brook, of ThreatPost, reports that the emails will appear to be from the United States Postal Service.
The message informs you that the USPS was unable to deliver your package because the postal code contains an error. You’re then prompted to print a label. When you follow the “Print The Label” link included in the email, a malicious Android Package File, or .apk, is downloaded to your device.
This particular scam seems poorly constructed. After all, most of us know when we’ve sent a package recently and understand that printing a label for a package that isn’t in our possession wouldn’t do much good. However, there are plenty of users who will click the link to try to gain more information, even if they haven’t sent a package in months. Hackers play on our curiosity and even thin attacks like this one will claim victims.
This form of malware has been used before. Security experts note that a previous scam using it in a scam that asks users to pay a subscription fee to keep their devices clear of malware. What’s noteworthy is the way the malware is being distributed. Cyber criminals are adjusting to the number of users who access their email on their Android devices and are attempting to exploit that fact.
This malware is reportedly even capable of intercepting both incoming and outgoing calls. It also is capable of changing file names to look more innocent. Instead of a suspicious .apk file, it will appear as a .zip file with a tantalizing name like vacationphotos.zip.
Android users should go into the settings on their device and disable the option to “allow installation of apps from unknown sources”. Users will also be able to enable a “Verify Apps” option, which will warn them before any potentially malicious app is downloaded.
These two options help keep your device safe, but you’ll also want dedicated security apps as well. To upgrade the security on any of your devices, or to rid them of existing infections, come by or contact Geek Rescue at 918-369-4335.
Apple plans to announce their newest models of the iPhone on September 10, which has millions eager to see their newest offering. Among those millions are cyber criminals looking to take advantage of the latest trend.
As Merianne Polintan writes for TrendMicro, phishing emails promising free, new iPhones have already begun to show up in some users inboxes. Most of these early occurrences were spotted in SouthEast Asia, but users in the US should also be on the lookout.
The iPhone phishing email looks like it’s sent to you from the Apple Store. The message tells you that your email has won in a drawing and you’re entitled to a new iPhone 5S. You’re then asked to log in at the link provided to claim your prize.
If you look closely at these emails, you’ll notice the tell-tale signs of a scam. For example, there are a number of spelling or grammatical errors. You’ll also likely find that although the sender is identified as “Apple Store”, the actual email address is probably not “@Apple.com”.
So, unfortunately, you didn’t win a new iPhone. By avoiding this scam, however, you will at least keep your identity from being stolen.
To improve the spam filter on your email or improve the security on any of your devices, contact Geek Rescue at 918-369-4335. We keep you safe from malware, viruses, phishing scams and spam emails.
Explore more infographics like this one on the web’s largest information design community – Visually.
Phishing scams are producing some unbelievable statistics. 500-million phishing emails are sent every day. 250 computers are hacked each minute. These statistics are why it’s important to protect yourself not only with the latest security software, but also with an understanding of how to avoid the scams.
Phishing emails are attempts to gain access to your accounts or steal some information a hacker deems valuable. They often appear to be from reputable businesses and will ask you to respond with your account information or personal identifiable information. The best thing to do is not respond. Mark the email as spam and delete it.
Many phishing emails will end up in your spam folder. So, the first step in avoiding these scams is to trust your spam folder. Unless you find an email you were expecting to receive in the spam folder, it’s best to leave them alone. Even emails from your contacts could be malicious. There are numerous cases of an individual’s email being hacked and a malicious email being sent to their entire address book.
If a phishing email does end up in your inbox, be aware of the sender’s usual behavior. For example, your bank probably only sends out emails for specific reasons and never asks for your account information over email. If you receive a message that seems out of the ordinary from a company you do business with, it’s always better to call them to find out what’s going on. Be sure to look up the number for yourself also. Many times, a false number will be included in the phishing email.
Links and attachments are a popular way to attempt to infect your computer with malware, which then allows hackers to gain access to your accounts. Be wary of any links and attachments sent to you from unknown sources. If you’re expecting a file to be sent to you by a friend or coworker, it’s probably safe. But, if someone you don’t know sends you an email with an attachment, or even a friend sends you a link you don’t recognize, it’s better not to open them.
For help keeping phishing scams out of your inbox, call Geek Rescue at 918-369-4335. We offer state of the art spam filters and the latest in security software to keep you safe.
