“Firewall Update Notification”
May 13, 2007 on 10:28 am | In Information, Spam | 7 CommentsI just received a fraudulent e-mail from overseas today with the subject of “Firewall Update Notification.” As you will see, the social engineering techniques used in this e-mail make it appear sincere and legitimate; which is how these online con artists write their messages to entice victims into their deadly webs. The body of the e-mail (with all the links changed for your protection) reads as follows:
Firewall Gold Message Center: You may need to update your Firewall security settings as soon as possible:
Press here to update your Firewall security settings or read below for more information: http://Fraudulent website
There is a high possibility that your PC’s Firewall security settings may become exploited by malicious websites without your knowledge. This could easily lead to the following attacks on your PC’s hard drive:
- Unwanted Virus Downloads
- Uncontrollable Trojan horse attacks
- The running of unwanted script programs
- The installation of malicious spyware
If your PC is not protected correctly then these attacks could allow hackers to track your movements across the Internet. It also means that your information, ranging from passwords to credit card numbers, can be stored by sites that you visit. A successful hacker could examine this information and extract it, setting the stage for identity theft, credit card fraud, or worse.
Press here for more information on how to make certain you are protected: http://Fraudulent website
Some unknown or untrusted websites use script programs to change your home page, modify your web history, display advertisements, disable your back button, or redirect you to different websites without your consent. Such scripts have also been recently used by Russian hackers to silently install viruses on end-user’s computers.
One way to protect your PC is to download this new FIREWALL software program.
Press here to run the Firewall system scan now:
http://Fraudulent website
If you feel that you are receiving this email in error or are not interested in receiving future “FIREWALLGOLD” offers please go to this page: http://Fraudulent website or contact us via regular mail at:
Firewall Gold Promotions
100 E. San Marcos Blvd
San Marcos, CA 92069
Please refer all questions, opinions or additional feedback to promediaadvertising@gmail.com
or write to:
ProMedia Advertising
7282 55th Avenue E
Bradenton, FL 34203
To remove your email from our database or unsubscribe
http://Fraudulent website
I did a DSN lookup for the originating IP Address of this e-mail and the search returned the following information:
IP address: 60.49.99.198
Reverse DNS: tm.net.my.
Reverse DNS authenticity: [Could be forged: hostname tm.net.my. does not exist]
ASN: 4788
ASN Name: TMNET-AS-AP (TM Net, Internet Service Provider)
IP range connectivity: 2
Registrar (per ASN): APNIC
Country (per IP registrar): MY [Malaysia]
Country Currency: MYR [Malaysia Ringgits]
Country IP Range: 60.48.0.0 to 60.51.255.255
Country fraud profile: High
City (per outside source): Batu Pahat, Johor
Country (per outside source): MY [Malaysia]
Private (internal) IP? No
IP address registrar: whois.apnic.net
Known Proxy? No
As you can see in the body of the e-mail, the contact information shows California and Florida addresses; however, this e-mail comes from Malaysia. The DNS search results also indicate that this IP Address could be forged, since the “tm.net.my” domain does not exist. There were numerous links throughout the e-mail that were likely malicious and could have downloaded backdoor Trojans, keyloggers, Rootkits, or other harmful code to your computer. In fact, the attacks they were warning about are probably the same attacks that would have occurred when someone clicked the links…imagine that!
If you do not know how to find this information, our eBook “Home Network Security” will guide you through the steps that were used to discover this information. Download your copy from our products page today at http://www.pc-armor.com/products.asp and learn how to discover fraudulent e-mails BEFORE opening them and infecting your computer.
Finally, the DNS search results gave me a range of IP address for Malaysia and since I never receive anything legitimate from Malaysia, I added the 60.48.0.0 to 60.51.255.255 Country IP Range to the list of “Banned” IP addresses in my firewall rules; thus, preventing my computer from connecting to any site within that range in the future.
Fraudulent e-mails are increasingly filling up inboxes every day…awareness and knowing how to protect yourself are tools to help you keep your computer safe from intruders. Our eBook, “Home Network Security” will show you many settings to change in Windows 2000/XP and offer numerous techniques to avoid becoming a victim.
Tired of Spam filling your Inbox?
February 16, 2007 on 5:36 pm | In Spam | 2 CommentsDepending on the source, anywhere from 60% to 90% of all e-mail these days is unsolicited spam. Many of these message have malicious code embedded deep within the images of the e-mail and can be considered dangerous.
There is new technology to help you combat spam and one of them is Spam Arrest. This is a very affordable subscription service that allows you to define who you wish to receive e-mail from; but also allows you to verify that legitimate email did not accidentally get deleted.
It is very user friendly and you can download a free trial from their website at:
If you want to cut down on spam, check out their tutorial and see just how easy and affordable this service is.
Another New Spam E-mail is Making the Rounds
February 8, 2007 on 6:14 pm | In Spam | No CommentsI had three spam e-mails in my “Inbox” today and each one of them had a subject of “Re: info (number)”, where the numbers are random. For example, one subject was “Re: info 604”; another was “Re: info 48“; and the other was “Re: info 719”
The body of all three e-mails was exactly the same, which was:
Hi,
Vizagra 1,80
Cizalis 3,00
Lezvitra 3,35
http://www.printerym*l.com
Warning: Remove “*” in the above link
I checked the origination of the e-mails and they came from Seoul, Korea; Taipei City, Taiwan; and Calcutta, India.
Obviously these e-mails are not legitimate and if you find them in your “Inbox”…you’re best bet would be not to open them; instead, simply delete them.
It’s better to be safe than sorry!
Entries and comments feeds. Valid XHTML and CSS. ^Top^ Powered by WordPress with jd-nebula-3c theme design by John Doe.