Online Threat, This Email Fraud Tries To Get Email Login Details

April 18th, 2009

Beware Of This Online Threat, Email Fraud.

You would have heard of fraud emails that urge you to click and link on the email. This link would take you to a web page that loaded malware on to your computer. Our network team has recently come across another online threat perpetuated through an email. In this case, the fraudster does not request you to click a link on the email, infact there is no link on the email at all. The email tries to get your email login details the easy way. The email informs you that your web hosting company needs to update some systems related to your email. To enable this process you are requested to reply to the email mentioning your email address, the email login and the email access password! Many innocent online users would not doubt the validity of such an email, the details would then be sent to the fraudster.

Make sure that you do not fall for this online threat. Remember that you should NEVER release your email login information to anyone. Do not write down your email passwords in a place that is accessible to others. It is a good idea to change your email password every few months. If you ever doubt that the security of your email account has been compromised, change the password immediately. Please keep shaing these suggestions and tips with your friends and co-workers, we need to build a safer Internet and do this together.

New Online Fraud, The Job Offer Trap

March 14th, 2009

Beware Of Emails That Offer You A Job.

A recent online fraud is both disgusting and unfortunate. Unemployment has become rampant in many countries, the situation seems to be getting worse as the global economic situation gets weaker. Online fraudsters have taken advantage of the desperate position in which the unemployed find themselves in. An email is sent randomly and claims to contain information of a suitable job for the receiver. In many cases the source of the email claims to be from some huge multinational firm.

As is common with most email frauds, the receiver is expected to click a link for further details. The link contains malware that can compromise the security of your computer and break through your online privacy. This online fraud seems to be the worse type of online security threat. While previous online threats played on the greed of the receiver, this fraud takes advantage of the desperate and pitiable situation in which most unemployed people today find themselves in.

Please pass on this link to everyone you know. The global economic climate is bad and there seems to be no immediate relief in sight. It will be sad if information regarding this online threat is not made available to as many people as possible. Kaisilver will make every effort to warn online users regarding new threats that come up from time to time.

Collect Payments For Us, ONLINE SCAM

September 29th, 2008

This is a huge scam that has been unfolding for a couple of years now. The intensity of this online scam has recently grown for obvious reasons. Innocent people searching for part time employment, the thrill and convenience of working from home promised by the scam and ofcourse the ease with which you can make money. You need to be aware of this scam as the whole project is a fraud in most of the cases.

You get an email from a supposedly huge firm, they sell globally and specially in your part of the globe. They are so busy selling that they need someone to collect money on their behalf. The online scam then details how you can become their agent to collect payments for them. As explained by them, you provide bank details, address etc. The scammers make the sale and direct the innocent buyer (the victim) to make payment to you.  You keep a part of the payment, this is your commission the amount is tempting enough to fool many people into falling for this online scam. The remaining part of the collected funds are transferred by you to the seller (the scammer). All sounds good so far since you actually DID, make some real money in this transaction.

The plot gets worse as you move ahead. The scammer who is supposed to ship a product or offer some service to the buyer, never does his part! The money was however paid by the innocent buyer to you. The scammer already gets paid real cash by you, the amount that you sent the scammer after deducting your commission. The innocent buyer has only one proof in legal terms, the fact that he paid money to you. The legal action starts, your bank or local police gets informed of the online scam, by the innocent buyer. You were innocent to start of with but now, in the eyes of the law and the innocent buyer you are the perpetuator of an online SCAM!.

Be aware of this SCAM, if you are tricked into entering into a deal that is even slightly similar to the one mentioned above, STAY AWAY. It is almost 100% sure that it is a fraud, you will have little recourse to the law as the payment was sent to you. Pass this link to your friends and relatives. As the world economies slip lower into trouble, this online scam is poised to drag more innocent victims into its dragnet.

AntiVirXP08 Or Anti Vir XP 08 Is Not An Anti Virus Program

September 18th, 2008

If you get a screen on your computer with AntiVirXP08 as the heading, you should know that you computer is infected with malware. This program is sometimes called Anti Vir XP 08 but has nothing to do with cleaning viruses, it does the opposite. The program flashes a message saying that a number of virues (a numeric value is shown) have been detected on your computer. The AntiVirXP08 infact urges you to use your credit card and pay for a subscritpion of Anti Vir XP 08. You will get no anti virus software in return and will most probably be compromising your confidential credit card information!

The AntiVirXP08 malware affects many areas of your hard disk and also changes the registry of windows. Cleaning it is not an easy task and it is best to take the help of an expert. The program is transferred to your computer by clicking a link on a website, in an email. Some users have reported getting it from popular video, music and photo sharing websites. It is probably easier said than done but, the best thing is not to click on strange or unknown links. If you find that your computer is infected with the AntiVirXP08 malware contact a computer expert and have the problem resolved. This is all the more important if you have necessary information on the infected computer.

It is safe to presume that the AntiVirXP08 program is capable of pilfering confidential information that you enter on the infected computer. Bank logins, credit card details and other financial websites like Paypal etc should not be accessed from infected computers. The dangerous part is that this malware was written by one fraudster but is today being used by many people with bad intentions. As usual, no one has been able to track even a single bad person trying to spread the AntiVirXP08 malware. So we are going to have to learn to live with this and other online threats. Spread the word regarding the AntiVirXP08 to your friends and collegeues, send them the link to this report.

Remote Configuration Of A Router, Important Cautions

May 31st, 2008

Important Issue For Non Technical Computer Users. 
A router that is the wired type or wireless type needs to be configured. The configuration of a router can be done on a locally attached computer or you could remotely manage the router configuration through any computer connected to the network or even through the internet. If you are a technically minded computer user, this remote configuration of local configuration of the router would be easy.

But, if you know little about the technical aspects of how to configure a router remotely, the best thing would be to disable the remote management module. This is because a router that is not well configured for being managed remotely, could be accessed by anyone across the network or even across the internet. The router is in most cases a firewall too, anyone with access to the router configuration could set a configuration that compromises your online and network security.

If you would still like to remotely manage your router despite having scant technical knowledge, take the help of a trusted technically skilled person to configure the remote management module for you. Trusted because, remember that he could always keep a loophole that allows him to remotely access your router and network whenever he pleases !!!! The best thing to do would be to read the manual, jump to the section on remote management of the router and disable the function. It would be be safe to take technical help in  learning how to disable the remote management feature of your router.

Fraud Alert, Ship To Singapore, Indonesia, Africa

May 19th, 2008

This is not a new online fraud but the consistency and perseverence of the fraudsters is amazing. The emails received are quite standard, the contents have remain unchanged for the past 3 to 4 years. From the modus operandi it does appear to be a closely knit group of online crooks. It does sound strange that the long arm of the law has not yet managed to snuff the gang out of their dangerous tactics.

The email you receive in this online fraud will have a few similar features:

(a) The ‘buyers’ generally claim to be from Singapore or Indonesia. They might also say that they are from the U.S or U.K. For U.S and U.K fraud emails, the requested shipping destination for the merchandise is generally given as a destination in Africa. The writer claims to have a chain of jewelry stores in Africa that is starving for your high priced merchandise.

(b) This fraudulent email claims to have seen your wesbite and found a keen interest in your merchandise. There might also be items from your website quoted in the email. The most striking part of these email frauds is that, the item description (if mentioned in the email) is a direct ‘cut and paste’ description. The fraudster generally selects the highest priced item and then requests a quote for 15, 50 or maybe more pieces. This is what excites innocent sellers, the idea of making a huge sale seems to blind you from the underlying dangers.

(c) Another feature of this online fraud is that, the ‘buyer’ says that before making the purchase he would need confirmation of some payment mode. Visa card, AMEX or even Western Union might be touted as some of his preferred mode of payments. The money would ofcourse never be paid to the seller or be paid through a credit card that belongs to someone other than the buyer!

(d) The sender of the email almost always, uses a free email address. The email address might not be a Yahoo or Gmail or Hotmail as everyone knows about these. Remember that a thousand other websites offer free email addresses and these are preyed upon by these online fraudsters. Our network team has come across cases where non free email addresses belonging to U.S universities, reputed companies etc have also been used to perpetuate these online frauds. Such email addresses are most likely hacked or probably belong to students or staff that are a part of this online security problem.

(e) The websites most likely to be targeted include jewelry, watches, expensive electronic gadgets etc. The fraudster seems to have a liking for small sized items with a big price tag.

Remember that you will never get paid for the merchandise you ship. Even if you do get a credit card payment in advance, you will soon get a reversal request (actually a demand) from the credit card company. This is because the online fraudster rarely owns or uses his own credit card. You will be obliged to refund the payment to the credit card company and will have no claims on the expensive merchandise that you have shipped.  

It is in your interest to delete such emails and do nothing. Keep your friends and relatives informed about this fraud. No authority that we know of has been willing to track down such online fraudsters. With official power it would be quite easy to trace the receiver of the merchandise as the merchandise moves to him. The fraud in the email is glaring the moment you receive it, so tracking the merchandise and payment all the way would be no problem. Either the interest or importance of this online fraud is being ignored or underestimated.

Two Latest Frauds, Beware Of These Scams

April 27th, 2008

Our network team has warned of 2 recent online threats that you should be aware of. These are related to the earlier frauds that, promised sharing millions of dollars just to help move funds out of a country. The earlier frauds promised you a hefty share of a suddenly discovered bounty, all you had to do was to provide certain confidential bank details and part with some hard earned money for ‘processing and legal fees’. Here are the 2 new frauds:

(a) Your money is on the way: The victim receives a fraudulent email from the fraudster. The email states that despite your refusal to help in the earlier transaction (money moving fraud), the fraudster has managed to move the funds. The fraudster however feels it right to give you a small share of the funds he successfully transferred. You are then requested to contact the sender of the email. You will undoubtedly be expected to part with some confidential financial details and a few thousand dollars. You obviously get nothing in return so do not be tempted to take any action if you receive such fraudulent emails.

(b) Your check is at the courier: This is similar to (a) above but is made more tempting. The message in this email fraud says that your draft is already ready to be sent to you. All you need to pay is a few hundred dollars towards courier fees. You are requested to contact the courier who in this case, will ofcourse be a close associate of the fraudster. At times, the email claims to have come from a courier/shipping company informing you that a parcel is waiting for your clearance. Do nothing with such emails, the delete key is your best protection against becoming a victim to such an email fraud.

Online Security, The Importance Of Passwords For Online Services

March 27th, 2008

Most online services require to you login with a username and password. While the username is generally visible as you key it, the password is normally blanked out or has the asterisk sign substituted for each character of the password. For example, a password like ‘towimx44’ might appear as ” ******** ” as it is being entered. The objective of this is to make sure that people cannot see your password as you key it. However, there are a few more ways in which the confidentiality of your password could be compromised. We will discuss these issues in the subsequent paragraphs, you will become of few simple measures that could help keep your password safe.

Choosing a password: Do not use a very small password, most websites fix a minimum length for passwords. Always use a password that is at least 8 characters long, combine alphabets, digits and even special symbols if allowed. Do not use your name as a password, avoid using simple words like ‘house’, ‘eternity’ etc. Hackers have special programs that can generate almost every word in the English dictionary. Guessing conventional words is therefore not very difficult, remember to combine digits, alphabets and symbols. A password like ‘IwHyE545’, might sound tough to remember but,the secret lies in creating a password with some logic. The above password could have been created by choosing the first alphabet, of each word from this sentence, I was Hungry yesterday Evening at 5.45pm”.

Keeping passwords: Do not scribble your password near your computer, or in way that any person could identify it as a valuable password. If you must write down passwords, develop some conventions that would help keep them safe. For example, referring to our password mentioned above, ‘IwHyE545’ could be written as ‘WhYw545I’. What we have done is taken off the first character (I) in the password and placed it at the end. We have then changed the alphabets from small to big case and vice versa. While it is best not to note down passwords, millions of computer users do note them down. Never send passwords through emails, online chats etc. If you must note your password, do so in a place that is not near your computer. Also develop some sort of code that will allow you to juggle the characters of your password when you write it down.

Not the same password: Most computer users would typically access around half a dozen online services that need a username and password. If this is true with you, do not use the same password for more than one login. For example, do not use the same password for your email and online banking service. Using the same password for many services means that, you expose all the services if the password is compromised. It might not be possible to do this in certain cases. If you have a Hotmail email account and also use MSN Messenger, try to login to MSN messenger. Once logged in, you can see a link to your Hotmail email account, click it and you would be accessing your Hotmail account in a few moments. This is a bad feature, it means that you can never leave your MSN messenger even for a few minutes. If you did so, any person seated near your computer could click the Hotmail link and read your personal emails.

Change passwords periodically: It is a good idea to change your password periodically. Depending on how sensitive the information that you password protect is, change of password can be done anywhere from once a week to every month. Most of us stay alert when choosing a password for the first time, a certain degree of compacency creeps in if we have to change the password ever week or month. Some online services do not allow the same password to be repeated within a month, this is done for your security so do not fume and fret. Resist the temptation of changing to passwords that are similar to other passwords that you could be using.

Certain online services have implemented algorithms that actually check the ‘strength’ of a password that you select. So if you chose a password that is similar to your first name or last name, you get a message regarding the ‘weekness’ of the password. You should also stay alert to fraudsters who try to get your password and misuse it. It is safe to say that you should trust no one with your password, keep it confidential. Stay updated with various phishing scams that try to extract confidential username and password details. A breach of security for your online financial services account could be severe, such frauds can ruin a person or organization financially. Online financial services include, online banking, credit card accounts and even online payment facilities like Paypal and StormPay.

Online Auction Frauds, Inflating Auction Bids. Beware Of Online Auctions.

March 26th, 2008

An auction is a type of sale where the seller puts up an item for auction and invites bids, the highest bidder gets the item and needs to pay the bid amount. Online auction websites have few types of pricing options for sellers to choose from. The seller could choose to have a minimum bid auction, this means that the bidder will need to place a bid that is at least as much as the minimum bid fixed by the seller. The second type of auction pricing is a ‘no reserve price’ type, such auctions attract more bidders. In a no reserve price auction, the seller does not place any minimum starting bid, the bidder who bids the most gets the item and pays for it.

Buyers often rush to bid on online auctions assuming that, they will get some great bargains. However quite a few sellers have learnt some smart tricks. The auction is started by the seller with a very low starting price (minimum price) or, with no minimum price (no reserve auction) at all. This often means lower listing fees for the seller but, there is more to this. The seller then appoints ‘bidders’ to bid for his items and gradually push the price up. Genuine bidders will therefore be encouraged to place increasingly higher bids if they expect to win the auction. Online auction websites have some sort of checks to control such frauds but, sellers learn fast and quicky change their tricks.

This is just one type of fraud that is perpetuated on online auction websites. The bidders who suffer the most are those who bid for jewelry and gemstones. Sellers have no interest in educating buyers regarding the features and limitations of various gemstones and jewels, the instant thrill of online auctions makes this old fashioned! Low quality reject jewels and gems are hunted down by hundreds of online auction sellers. These are then dumped on online auction websites, sellers keep fingers crossed and hope for some innocent bidder to get tangled in their tricky web. You might be fine making an auction purchase for a casual jewel, but for jewels of value and jewels with meaning (wedding rings, birthstone rings, mothers rings etc) choose a custom jeweler to get the job done. A good purchase needs to be preceeded with a lot of cross communication between you and your jeweler. The 7 or 10 day period of online auctions might give you an instant thrill, might even get you something cheap, but this will always come at the expense of quality and longterm durability.

Very few fraudulent online sellers actually get caught, this link has the report of one such case. There are hundreds more who never get reported or caught. http://www.nytimes.com/2007/06/09/business/09auction.html



Paypal, Keeping Your Credit Card Safe

March 4th, 2008

There is one very clear advantage of using Paypal over using a credit card for online payments. When you utilize a credit card to pay for an online transaction, details like the credit card number, holders name and even the billing address needs to be disclosed. These details will be disclosed to every seller from whom you purchase a product of service and use a credit card to settle payment.

Opening a verified account in Paypal does require a credit card validation but, the details of your credit card remain only with Paypal. They will not be disclosed to every seller that you pay through Paypal. There are cases where you will fund a Paypal pay transaction through your credit card, even in these circumstances details of your credit card remain with Paypal.

This is one very important advantage in using Paypal to pay for your online transaction. You should ofcourse stay informed regarding the various security measures that will enable to keep your Paypal account safe.