Anti-Phishing Phil

December 23, 2008 - Leave a Response

Anti-Phishing PhilAnti-Phishing Phil is a Flash game that can test your skills at looking at URL sites. It’s cute (think Nemo) and it’s easy. This was initially created by Carnegie Mellon University, but somehow it’s on Wombat Security’s website now. If you’re new to the Phishing game, this is a great way to learn.  I know there is a large majority of people who are still learning how to use the internet (i.e. my parents).  Take a minute of your time and learn to play!

Anti-Phishing Phil


Phishing Scam attacks MobileMe

August 12, 2008 - Leave a Response

.Mac, the service that Apple replaced with MobileMe was just attacked with phishing scams.  The email looks like an official communication from Apple regarding MobileMe, the company’s subscription service that provides users with a personal e-mail address, Web hosting, file sharing capabilities, and online data synchronization between Macs, iPhones, and other devices. The e-mail states: “We were unable to process your most recent payment. Did you recently change your bank, phone number or credit card?” Users are then invited to click on a link to enter that information—but that link opens a Web page in your browser that does not appear to be affiliated with Apple or MobileMe (the other links in the e-mail do point to pages on Apple’s official Web site).

It is supposedly tracked back through a Gmail account but who it belongs to is a mystery.  This is nothing new.  Phishers are usually one step ahead.

U.S. Indicts 11 in Largest U.S. Identity Theft Case

August 5, 2008 - Leave a Response

I am a news junkie.  I always have to watch the news daily on my television.  It’s been a habit of mine for as long as I can remember.  I remember months back when I heard about The T.J. Maxx hacking scandal.  Basically, a hacker would sit in the parking lot of the business and wirelessly hack into the store’s network and download all the credit card information.  How it was done was unknown.  It could be that they might have had an IT security employee on the inside.  We will have to wait until the story unravels.

The defendants tapped the computer networks of TJ Maxx, Marshalls, BJ’s Wholesale Club Inc., Barnes & Noble Inc. bookstores, Sports Authority, Boston Market Corp., OfficeMax Inc., Dave & Buster’s restaurants, DSW Inc. shoe stores and Forever 21, the government said today.  The cost of the identity-theft scheme to citizens may total billions of dollars, Mukasey said. Some people may not learn they’ve been victims “for months or years,” he added.

Indictments by federal grand juries in Boston and San Diego charged three U.S. residents and defendants from other countries including Estonia, Ukraine and China with identity theft, fraud and conspiracy, the Justice Department said in a statement.

They allegedly hacked into retailers’ data systems by driving around the stores with a laptop, kept the information in personal computers in the U.S. and eastern Europe and converted some of it into ready-to-use bank cards, according to federal prosecutors.

TJ Maxx had to pay approximately $65 million to Visa and Mastercard to help cover the expenses because they “lacked the proper security”.  This incident, of course, is a huge blow because not only were the retailers scratching their heads on how it was done, but it could have been prevented if they put more “locks” on the already chained virtual door.

The best way to solve this problem is to be a VERY AWARE consumer.  We can’t tell you enough to check your credit card statements online — perhaps daily and call your credit card company when you see something suspicious and then close your account if more than 1 transactions have looked a tad bit scandalous.  Once they have your credit card number. they can easily get more money out of it bit-by-bit.  Also, try not to use your debit cards in retail stores.  They also keep those #s too and make faux credit cards out of them.  When that $10,000 is gone from your checking account and you don’t have any money to pay your mortgage, you could be in some serious trouble until all the paperwork is resolved with the banks and having them issue your money back (and that’s the question of WHEN!).

So be cautious – don’t use debit for retailers shops, check your credit cards online (try not to wait for the monthly paper statements that come through the mail) and call your banker as soon as you see some strange activity.

A Professional Felon

July 22, 2008 - Leave a Response

Does this guy look like a felon to you?

Turns out that Larry Mendte, a KYW Anchor in Philadelphia, was jealous over his co-anchor, Alycia Lane’s, popularity and salary. He hacked into her email account and leaked some “ill-gotten personal information” to Philadelphia Daily News. He has confessed that he had hacked into it hundreds of times.

Hacking into someone’s email account is a felony. Let that be a fair warning to everyone out there.

You think this is something most high schoolers would do but you’re wrong – adults do it too – even the most professional ones who are in the public eye. I think he watched The Net, one too many times.

Churchgoing Con Artist Arrested

July 21, 2008 - Leave a Response

Source: Benton Courier

It appears that someone put too much trust into a fellow Churchgoer. Here’s the story in short – Scammer meets Faithful at Church, asks Faithful to collect a package for him – but Faithful gets nosey – finds all these Money Grams & fake checks and calls the cops. Scammer gets arrested.

“She told officers that she knew Faulkner from church and that he had asked to use her family’s address to send a package to help an orphanage in Africa. The woman and her husband also were told not to open the package when it arrived and to contact him. When the package arrived, the woman said it felt like it might contain bundles of money and she decided to open it. She found that it contained several money orders. The police report said the package contained 100 Money Gram orders for $910;144 Western Union money orders for $460; 99 American Express money orders for $500; 35 Municipal Credit Union checks for $2,900; 30 Woodforest National Bank checks for $7,200; 154 Walmart Money Gram money orders for $970 and 30 Municipal Credit Union checks written for $25,000, $20,000, $15,000 and $3,700. Police said the total of all the items amounted to $2,859,336.”

What’s wrong with this story?
1) The scammer asked someone from Church to help him commit a crime?
2) The scammer actually went to Church??
3) That someone from Church thought the package contained money so she opened it – even when told not to??


The Scambaiter

July 18, 2008 - Leave a Response

I found this website the other day and I was LMAO, ROFL, or RTTBRBIAPIMP (Ran To The Bathroom Because I Almost Peed In My Pants).  OK – I made that one up.  But The ScamBaiter website is hee-larious!  On their home page is a corney song/video that they amateurishly made – and inside, you will see pix of the overseas scammers (some really explicit so fair warning – it’s NSFW!). The people who gathered these pictures responded to their emails and wrote, “If you really are real – please send me a photo with you doing ______________.”  Here is a picture of things you will see on this site:

And their “passports” – WOW – awesome photoshopping skillz!

Yes, it’s mean and degrading but hearing crazy stories about people being scammed is also sad.