Ars Technica did an experiment by sending a unique link. They monitored their server logs and found that someone (or some system) at Microsoft accessed the link. In less technical terms, this is proof that that Microsoft have full access to your Skype messages. Details of the experiment are here.

Also, another company called H-Online recently did a similar experiment and came to the same conclusion.

This isn’t a risk for most people, it’s just something to be mindful of. Especially if your work requires privacy.

They tested 10.9 million searches on both search engines and found that:

• Google included 272 websites that were infected with malware
• Bing included 1285 websites that were infected with malware

This is bad. If you’re searching for something, both Google and Bing test every website and hide any website that have been infected. This protects you from clicking on a website with malware. They found that Google is better at filtering infected sites. So if you want the best security possible, do your searches in Google. Full details here.

Other tips I can add are:

• Use Google’s Chrome browser. It’s fairly good at blocking malware and resisting hacks
• Keep your computer updates (e.g. run Windows Update frequently)
• use a good antivirus program
• be cautious what you click on
• don’t believe everything you read in Facebook, emails, Twitter, etc

Below is a screenshot of the hoax,

As always, be wary of any free offers. And very ware of things you read on Facebook, a lot of it is false. Always copy and paste things into Google and do a search, you’ll quickly be able to tell if something is true or a hoax.

But it’s still a little disturbing that they do this. HTTPS web traffic is commonly assumed to be encrypted and safe. And it’s probably OK to trust Nokia since they made the phone and its browser anyway. But the fact that they kept how it works a secret is a little unsettling.

Detailed information can be found here and here.

Any if you’re confused by all of the above, it just means that on some older Nokia phones, all web pages go through Nokia’s servers, even “secure” pages. In theory they could one day read or store these pages and you wouldn’t know. If you’re not comfortable with this change phones.

Skype used to be secure, encrypting data before being sent across a P2P network. Now we see that some authorities have a way to eavesdrop.

So just keep in mind that if you value privacy you shouldn’t be using the networks shown above. It’s also a good time to remind you that SMSs are often recorded for the same reasons.

More details here.

It’s a scam. It’s easy for scammers to fake an email, complete with Apple’s logo and their email address. If you hand over any details your credit card will highly likely be sold off and used for fraudulent transactions. And that $9 – you’ll never see it again.

The email looks like:

Dear Apple Customer,Apple is rewarding its long-term customers.

Your loyalty for our products made you eligible for buying an Apple Discount Card.

With this only 9 AU$ Discount Card you will have 100 AU$ credit at any Australian Apple Store or on http://www.apple.com/au/ .

To acquire your Apple Discount Card please download and complete the attached form.100 AU$ Credit Bonus

(You will receive your Apple Discount Card via e-mail in the following 24 hours after your payment has been made.)

Once again, this email does not come from Apple – it’s a scam. You should never trust unsolicited emails (or phone calls or door knockers).

How could anyone fall for this?

Sadly, there are people who think “what if it’s true, I don’t want to miss out”. The same scam would work with any high profile company or product. Be wary and let others know.

In the past few days an investigation of PC manufacturers in China has found that some PCs came with some nasty malware already installed. Investigators bought 20 computers from different manufacturers and suppliers and found 4 were infected.

The manufacturer isn’t to blame here – the malware was installed by other parties along the supply chain. A supply chain includes delivery companies, companies that rebrand generic devices, distributors and shops. There are many opportunities to infect a computer these days – even before you turn it on.

In this investigation the malware was part of the Nitol botnet, which keeps installing more malware once the computer is connected to the internet. This makes it especially hard to clean. And it does things including turning on the computer’s camera and recording keystrokes (and recording passwords you type in).

So what should you do?

Install a good antivirus package from day one. This generally costs a bit of money but it isn’t much compared to the cost of the PC. Most computers come with a trial version of antivirus software – you can use this or go buy something else.

You should also run Windows Update as soon as you connect the computer to the internet.

There’s more information on the investigation here.

Facebook allows 3rd party “apps” to use your data for various things. Like collecting your friends’ birthdays to remind you of them, or sharing your game updates with everyone. But it’s not always clear what personal information is collected or shared. Secure.Me’s new App Advisor tool tells you, in plain English.

It comes out on Wednesday and installs as a browser plugin. It supports Firefox, Chrome, and Safari. (If you’re still using IE I highly recommend installing Chrome).

How does Secure.Met App Advisor work?

It starts working when you load Facebook on your PC (so it won’t work on your iPhone). It then notices what Facebook Apps you’ve added to your account. This part is great, because most people don’t know what Facebook Apps they’ve added, or won’t remember what they added 2 years ago.

Then it looks up each app in their database, and tells you what they know about the app.

I think it’s brilliant. It gives you independent advice about Facebook apps, when you need it, and without having to really do anything.

When it launches on Wednesday I’ll update this post with more information.

• The scammer places an ad on Craiglist, looking for a photographer to photograph an event. The ad is appealing, offering an easy job and high pay.
• A real photographer responds and they engage in a quick negotiation and get things going.
• The scammer sends the photographer a cheque as pre-payment. The cheque is for more than the agreed value (overpay). The cheque is counterfeit.
• The photographer banks the cheque.
• The photographer makes out a new cheque to return the balance and posts the new cheque to the scammer.
• The bank tells the photographer that the cheque bounced. By then it’s too late.

Below is an example email of this scam:

Hello ,

Thanks for the quick response and I’m sorry if my message came in late , i have been busy with other arrangements and i hope you understand .Its really nice reading from you and im glad to hear that you are available for my wedding .

I want you to know that this is a inside wedding and the order of events will mail to you a week before the wedding day but the order events is likely to be pictures first, then the wedding ceremony , and then the reception but let me discuss this with my lady because is our wedding so our two has to make the decision together . I hope you understand my point of view.

I want you to know that we will be taking formal pictures so i will like you to recommend 45minutes or an hour set aside for taking formal pictures because we have large family from both my side and the bride side and friends /co-workers we will want to take pictures with . So it will be easier if we can take the pictures before the ceremony because it will be more relaxed with fewer time constraints and would like you to set up a great “first look” shot of me looking at my bride for the first time on the wedding day.

the wedding date is ##th of sept 2012

Basically we need your service starting from 12pm to 6pm .

We are expecting 250 guests i.e 200 adults and 50 children .

And also there will be a table place set for you at the reception , so you don’t need to bring your own food but it will be nice if you can just give me an hint of what kind of food you want us to arrange for you i.e if you are vegetarian or eat all kind of foods .

Further more , there will be special important parts/people at the ceremony or reception that i would want you to take a picture of .I will send the list of the important parts/people to you a week before the wedding day and i want you to know that my wedding is a sleek modern wedding .

I need you to get back to me with your charges and i will be paying you upfront , I just called my uncle who will be in charge of your service fees he told me that your payment will be paid to you via certified check so he has asked me to ask for your full name and physical address with zip code that you want the payment to be send to so as for me to secure your service for my wedding party.

I’m currently on working on off shore and im using impaired device ,so therefore i can only send message via internet or send you an sms from my pinger ..

I will send you the venue address once you agree to everything i stated above and also waiting for the details to issue on the check…

Will be expecting to read back from you with the details I have asked for thanks so much and God bless.

Regards,
CENSORED NAME

And here’s a photo of the the actual counterfeit cheque:

What can we learn from this? Maybe not to return any money until the cheque clears. And to be vigilant of similar scams. If you know any event photographers you might want to let them know about the scam. There’s more information here.

User’s passwords are safe at the moment but there’s no way to know how long it could take to crack them. It could be hours or years, it really depends how well they were encrypted.

If you have a Blizzard Battle.net account you should change your password now. And if you’re reused the password on other websites you should change those as well.

If you purchase a ticket using their ticket vending machines and pay by credit card, the machine issues a receipt. The receipt shows the credit card owner’s full name, the card’s expiry date, and more than the last 4 digits of the card. All of these things are considered security risk. Anyone finding the receipt can use the information on it to commit credit card fraud.

If this applies to you, don’t use a credit card to purchase tickets until the issue is resolved. I can’t verify it but apparently you can’t avoid printing a receipt. Hopefully all of these issues will be resolved soon.

And for everyone, it’s worth highlighting that you should always pay attention to credit card receipts. They should never show your name, your card’s expiry date, or more than the last 4 digits of the card. You can’t assume that the payment terminal you use is perfect, as shown above.

And you should be careful how you dispose of credit card receipts. Recently there’s been a lot of publicity over a hacked iCloud account –  the hackers used the owner’s last four digits of his credit card to gain access to various accounts.

If you use Melbourne’s Myki system and pay with a credit card or have ideas on credit card receipts please leave a comment below, I’d like to hear more.

MS-CHAP v2 is an authentication protocol used to secure VPNs and some wireless networks. It’s commonly used with PPTP VPNs and sometimes with WPA2 wireless networks. For the past few years it was considered secure as long as it’s used with a strong password (a complicated password).

Today some researchers at a security conference demonstrated how to crack it in one day. They demonstrated that they can decrypt all data sent across the VPN or over WiFi.

So if you’re setting up a network and come across the MS-CHAP v2 setting, remember that as of today it’s no longer secure. It’s not even slightly secure, or better than nothing. If someone wants to view your encrypted VPN or WiFi traffic and you use MS-CHAP v2 then they can, with very little effort. Full details on cracking MS-CHAP v2 are here.

Why didn’t Yahoo! use better securty?

Reports say that hackers used a SQL injection attack to steal the list, a common way to hack into web sites. There are many ways of storing passwords on a server and Yahoo! didn’t use the most advanced and secure method. So the passwords were easily converted to plain text. In short, Yahoo!’s programmers got lazy, their security wasn’t good enough.

What can we learn from Yahoo!’s mistakes?

• Yahoo’s problem is also your problem. Don’t ignore security alerts like this.
• If you work in software development, don’t be lazy. Block all kinds of SQL injection attacks. And don’t store passwords in plain text, or MD5 hashes, or other simple hashes.
• Everyone should use good passwords, mixed with numbers and made-up words.
• You should not reuse a password on other sites.

Update (16 July 2012):

Yahoo! has confirmed the breach and has fixed up the source of the problem. In their words, “We have… now fixed this vulnerability, deployed additional security measures for affected Yahoo! users, enhanced our underlying security controls and are in the process of notifying affected users”.

You should still change your password.

This new procedure can also be invoked manually, if you suspect your computer might be infected. The link is http://on.fb.me/infectedMSE, and you’ll need to enter your password. Note: when entering passwords, always look at the address bar at the top of your browser and make sure it’s genuine – in this case, it needs to have facebook.com/ in the address.

If your account is temporarily locked because malware was detected or because you manually started the procedure, you won’t be able to unlock the account until you finish the virus scan.

This is all for Windows. OS X users will have a slightly different procedure.

There are more details on Facebook’s web site.

Dear Formspring user,
For security reasons, we have disabled your password and ask that you reset it. When you log back into Formspring, you will be prompted to change your password.
Thank you for taking the time to reset your password.
The Formspring Team

If Google’s system detects unusual attempts to access an account, they now show a warning on the top of the Gmail screen. They’re calling it a state sponsored attack. It doesn’t mean your account has been hacked, only that it’s the target of an attack.

If you ever see this, you’ll be advised to change your password (make it a strong password), and to enable two step verification – this will use your mobile phone as an additional way of protecting your account.

Some security researchers have been analysing this app and have discovered that when using the calendar feature it sends data to LinkedIn’s servers. It sends all of your calendar events, without explicitly asking for your permission.

This is considered a privacy risk. If you use the LinkedIn app on iOS, turn off the feature.

You should expect LinkedIn to make a statement about this issue, and eventually resolve it. I’ll post any updates here as they happen.

Update 7 Jun 2012:

LinkedIn have responded to these privacy concerns – you can read their comments here. Basically they confirm the privacy issues and justify it. They’ve also made changes to their iOS app to address the issue, the updated version is 5.0.3.

And at the same time someone in Russia claims to have hacked LinkedIn’s servers and has a list of over 6 million hashed password. A hashed password means they can’t read your password yet but given enough time it can be found. This incident is unconfirmed by LinkedIn, but it would be a good time to change your account password.

The following email is a scam. It’s made to look like a serious IT request but it’s really a trick to get your account details.

Help Desk

Attention Account User,

Scheduled Maintenance & Upgrade

Your account is in the process of being upgraded to a newest of Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along with IMAP Support for mobile devices that Support IMAP to enhance your usage.

To ensure that your account is not intermittently disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:

* User name:

* Password:

This will prompt the upgrade of your account.

Failure to acknowledge receipt of this notification, might result to a temporal deactivation of your account from our database.

Your account shall remain active upon your confirmation of your login details.

We do apologize for any inconvenience caused.

Help Desk

© Copyright 2012, All Rights Reserved.

In one case a lady sent over $100,000. And in nearby Erskineville a woman was tricked into sending $275,000 to a con artist in England.

The scam begins with an ad on an online dating website, targeting asian women in Sydney. They describe themselves as wealthy bankers or businessmen. They send photos, stolen from other websites on the internet. They lure their victim along for up to six months, gaining their trust, and eventually start asking for money.

These scams happen all over the world. Please help raise awareness by talking about this issue with people you know.

Note: because I used the words “online dating”, Google has placed ads on this page with links to online dating websites. Some people who post ads on these sites are not genuine, use your own judgement here.

The figure comes from a report by McAfee. They also report that malware for Macs are becoming less common, and malware for Android are becoming more common.  You can read more details here, it’s pretty grim.

Some tips to avoid being a victim:

• Use a good antivirus product on your computer. Paid ones are usually better. Keep it updated
• Use Google Chrome
• Don’t click on every link you see in Facebook, Twitter, etc.
• Sometimes people’s accounts get hacked, so something they wrote online might not really be from them
• Don’t believe every sensational headline you see
• Don’t believe every alarming email you receive, especially emails that sound urgent and have poor spelling and grammar
• Use common sense (why would a stranger in an African country want to give you millions of dollars, or did you really enter the Spanish lottery?)
• Use Google to check if something you read is true

A new study of 1100 banking customers found that 1234 and birth dates make up a large percentage of PINS. This means if your wallet is stolen, a thief can find your birth date from your license or other ID, take your ATM card and guess your PIN. And it will work for 1 in 18 stolen wallets (or 1 in 11 for some banks). They’re good odds for thieves.

The study suggests that banks issue a random PIN instead of letting you set one yourself. I think it’s a good idea. Here’s the full document.

The GSM system (used by most phone companies) has a test mode built in. A recent demonstration by a university showed that anyone can access this test mode and request the location of any phone, if they have the right skills and equipment. The equipment doesn’t cost very much, and the skills can be shared on the internet.

Mobile phones use base towers to handle the communication. The phone network needs to keep track of which towers are closest to you. And by using triangulation, an approximate position can be calculated.

Here is the research paper by University of Minnesota explaining how they tracked phones: Location Leaks on the GSM Air Interface.

What can you do?

Nothing. Law enforcement organisations have always had access to your phone’s location. Hackers now have it as well. If you need to keep your location private then don’t carry a mobile phone. You could also keep it turned off until you need it, but as soon as you turn it on the cell network will know your location.

Spam comments are very vague. Instead of discussing your content, it says something very generic, such as “your website is great”. E.g.

naturally like your web-site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I to find it very bothersome to inform the reality nevertheless I will surely come again again.

There is nothing useful in this comment, and it could apply to anyone’s website. So obviously it was sent to every website they could find hoping someone clicks on their link.

Another place to look is the sender’s URL. Some website software such as WordPress allow commenters to include their URL (their web page). Look at it closely, if it says something like paydayloansonlinecash.com then it’s spam – they’re trying to make money off your site.

If you see something claiming to help you remove the Timeline feature in Facebook, it’s likely a scam. It starts with someone claiming to have instructions on removing Timeline. If you click on the link, spam is added to your Facebook profile. Another variation asks your Facebook friends to provide their details to the scammers. 

Some variations of the “Remove Timeline” scams are a little more complicated, and install software on your computer. To cover up the fact that it isn’t really helping you it says that it will take up to 24 hrs to take effect. This is just a trick.

If you see a scam like this on Facebook, ignore it, or click on the “Report App” button on the left menu – this will alert Facebook staff about the scam app (this is only visible on Facebook Apps).

At the moment there is no official way to remove the Timeline feature – I’ll update this post if this changes.

If you look closely you’ll see many spelling and grammatical errors. Also, the email was not sent from the FBI – you can see this in your inbox if you place the mouse pointer over the sender.

The emails is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Sir,

We the Federal Bureau of Investigations (FBI) Washington, DC in conjunction with some other relevant Investigation Agencies in the United states of America and right now in West Africa, headed by Wayne Mitchell (RPO), we understand that your fund has not yet been transferred to you do to an Outrageous Conduct.

We have to let you know the truth because we know that you have gone far in trying to get this fund and you must have paid some amounts of monies to persons you are not supposed to give out a dime to. Through our Global Networking Investigation, we discover that your fund (Sixteen Million United States Dollars $16,000,000.00 including the accrued interest is among the funds ON HOLD in West Africa (Ghana) do to one or two reasons which you have not been told.

As the Executive Director, Federal Bureau of Investigation FBI and a Principal Officer, We strongly know that the people you have been dealing with are not going to tell you the truth because they are all Criminals. You are hereby advised to stop every communication with any Office and feel free to explain to this Bureau why your fund is not yet released to you.

As a matter of fact, we do not have enough time to waste since we have consumed much time in going through your Payment files to ensure that these Funds are genuine and legit. On this Effect, this instruction requires urgent attention because the release of your fund is due.

We awaiting for your urgent response,

Sincerely,

Robert Muller III
FBI Director Headquarters

If you reply to the email they’ll make their story even more complicated and start asking for your bank account details. Their reply is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Kind Attn:

This is to bring to your notice that we have received your mail today.

We understand that your fund has not yet been transferred to you do to an Outrageous Government Conduct which you have not been told. What a mess? though the FBI expertise and the investigation teams has officially instructed the holding bank to release your long awaited fund valued the sum of Sixteen Million United States Dollars $16,000,000.00 to you with immediate and effect.

The financial expertise and the investigation team has resolved to the fact that the fund is genuine therefore you have to stop every communication with any Office and feel free to contact the holding/ paying bank with your banking details through the below contacts information for your fund to be release to you:

MERCHANT BANK GHANA LTD
Contact Person: Managing Director
Email: merban@accountant.com
Phone: +233-247630112
Fax: +233-303403381

Do this and let us know if there’s anything you do not understood so that we can give you further instructions to back you up for this claim.

Sincerely,

Mr. Robert Muller III.

If you see this email, mark it as spam, or delete it.

The email says,

Hello. Your email is sending spam messages! If you don’t stop sending spam, we will be impelled to sue you! We’ve attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!

The subject is one of

• You are sending ad messages
• We are going to sue you
• This is the final warning
• We’ve sent you a copy of a complaint
• A message from our security service

If you see an email like this don’t click on the attachment. Delete the email. The attachment is a trojan that then installs viruses every time you reboot the PC.

The email says:

Australian Taxation Office informs you about the changes in the rules of submitting tax report.

Please, read about the changes to Click Here.

Important to know
We do not offer cashier services for tax payments or refunds. For further information on how to pay your taxes, see How to pay.
(http://www.ato.gov.au/content.asp?doc=/content/33696.htm) 

We are kindly asking you to keep to rules and terms of tax report submission to avoid penalty. 

Best regards,

Andrew Nichols
Australian Taxation Office

If you see this email, don’t click on the links. Delete it.

How can you be sure if it’s real or a scam?

Place the mouse pointer over the links, but don’t click. You should see the real address popup. If it looks dodgy then it’s probably a scam. See this screenshot,

This type of scam email is common. Always use this trick to judge if the email is legitimate or a scam.

This screenshot was captured from the US National Archives’ signup page (click here then click on New User). It asks for a challenge question and challenge answer, in case you forget your password. The problem here is one of the questions, “What is your preferred internet password?“.

Why would you give someone this information?

Challenge questions and answers are a way to recover lost passwords. Unfortunately this information is often not encrypted – it’s less secure. So whatever you set for your challenge question and answer is sometimes vulnerable to hacking. Also, the questions are often things that other people can easily find out about you, like your pet’s name. This is why I don’t like them.

Poll:

According to  Norton’s Cybercrime 2011 report, criminals stole US$114b worth of money using the internet. This is a serious problem. Think about where all that money came from? Who do you know that had stolen from their bank account, credit card, or other cases of fraud?

Here’s a breakdown the US$114b:

• USA: $32b (74 million victims)
• China: $25b
• Brazil: $15b
• India: $4b

Facebook have published a security guide and it’s quite good. It covers topics like recognising scams, recognising hacked accounts and how to use SSL connections. All good stuff! For example,

The common scams offer prizes like free  virtual objects. Other lures claim that your account has been suspended and provide a link for you to remedy the problem.

If you use Facebook at all I recommend reading through the guide. I also strongly suggest you print it out and lend it to your friends and family – people who might not be able to do their own research on security.

The more people understand security on Facebook the better it will be for everyone. Click here for A Guide to Facebook Security.

• Foursquare
• Facebook Places
• Bing and Google have their location sharing systems

It’s a popular thing to do. But have you ever had a good think about the pros and cons of doing this?

Pros:

• You receive an email telling you that a hotel has incorrectly charged your credit card
• The email also says that you should fill out an attached form for a refund (i.e. open an attachment and get some money)
• The attachment installs a fake antivirus program
• The fake antivirus program asks you to pay money to clean your PC (even though there’s really nothing wrong with it)

Hotel Renaissance Chicago made wrong transaction

Hotel Westin St. Francis made wrong transaction

Wrong transaction from your credit card in Woodrun V Townhomes

At the moment it only detects one strain of malware, but since it’s transparent and non intrusive it’s a good thing. Also, this is only relevant to Windows.

So if you see this message, your PC is probably infected with malware. Google suggests some steps to remove it, and you should really buy and install an antivirus program to prevent further problems.

Details of the scam:

a salesperson wearing a jacket bearing the logo of a telco is going from door to door in Hobart telling customers that they can only get on the NBN with that particular telco. The alleged salesperson also made errors about broadband speeds, and was unfamiliar with the local area

So there you go, if someone tries to sell you something to do with the NBN, get it in writing and do some research. Details here.

What VirusBarrier does:

• it can scan email attachments – but it’s not automatic, you need to go into VirusBarrier and tell it which email attachment to scan (and only one at a time)
• it can scan files on DropBox

What VirusBarrier does not do:

• it does not scan all files or apps on the iPhone. It can’t because of Apple’s sandbox model.
• it does not do automatic scans
• it does not do scheduled scans
• it does not scan apps

“BREAKING NEWS–Leaked Video of Casey Anthony CONFESSING to Lawyer!”, don’t believe the hype. Please. Don’t say I didn’t warn you

If you see this don’t click on it, it’s a scam.  If you click and try to watch the video it accesses your Facebook profile and spams all of your friends. It then takes you to an online survey that makes someone else money. Then your friends will also have the scam posted from their own Facebook accounts, spreading the scam down the network.

If you see this message on Facebook let them know it’s a scam. Don’t click on it.

Enable video calls

This scam installs a malicious app in your Facebook account that reads through your profile and spams all of your friends. The malicious app then sends them to an online survey that has nothing to do with Facebook.

Facebook does have a video feature but you don’t need to click on someone’s post and enable a Facebook app to enable it. So why would one of your friends post a link to malware? They probably don’t know, malware has a way of using people’s Facebook accounts to advertise itself.

If you see a message like the one in the post above, let your friend know it’s a scam.

The right way to use Facebook video is by opening up the chat window then clicking on the icon of a video camera,

I will follow back if you follow me

There’s a link at the end of the message that goes to a web page. On this page are two signup options, one free and a paid one called VIP.

The free one asks for your  Twitter username and password. It then asks prompts Twitter to grant you access to your account. You should not enter these details into any untrusted service.

Once they have your account password they send spam using your Twitter account, sending them to this same web site.

The VIP service is just as bad. It asks for your credit card details and Twitter account details, promising hundreds of Twitter followers. People who fall for this also end up sending spam from their own account, with the added risk of losing money.

Please help stop this scam by letting people know about it.

1. 1234
2. 0000
3. 2580 (a vertical row)
4. 1111
5. 5555
6. 5683 (spells LOVE)
7. 0852 (a vertical row)
8. 2222
9. 1212
10. 1998

This list represents 15% of all PINS (that’s too high). Years starting with 199 were also found to be common. And PINS starting with 1 are also very common.

The information here is relevant to other devices as well, basically anything that uses a 4 digit PIN typed into a keypad.

If you use any of these codes to lock something you consider important you should change it now.

Can I speak to the user of the computer?

Then the caller started explaining he’s from Windows. I hung up, frustrated, because it’s a scam. Never believe anything like this from an unsolicited caller. Talking to other people it’s evident the scam involves the caller gaining remote access to your computer, installing spyware, then invoicing you for their time.

Have you received phone calls like this? Care to share your experience?

Update: List of phones numbers these calls have come from:

• 00496075278802 [UK]
• 760 429 2887 [USA]
• 760-429-2887 [USA]

• a video of disgraced former International Monetary Fund Managing Director Dominique Strauss-Kahn and a hotel maid
• an X-rated video of celebrities Rihanna and Hayden Panettiere

These videos are not actual videos, but are links to a website that installs malware. Note that it affects both Windows and Mac computers. On Windows, the malware tells people to install a new version of Adobe Flash Player, but instead installs a fake antivirus program. On a Mac the malware brings up a fake security warning and asks people to install a fake “fix” to the problem. In both cases the malware then wreaks havoc with the computer, shows pornographic images, and asks the user to pay money to stop it happening. After (real) money is paid the malware remains. So overall it’s quite a nasty bit of work.

If you come across anything like this in Facebook please let the person who posted it know it’s malicious. The sooner they remove the post the less damage it will do.

• bit.ly
• tiny.cc
• fb.me

The list is endless. You can even make your own service, which is exactly what spammers are now doing.

Spam messages are now being posted on Twitter with these new URL shorteners and it’s difficult to filter them out. E.g. URLs that begin with

• www.srtu.in/

The best thing you can do is to use a modern web browser that does some URL scanning, such as Chrome, Opera, or IE9 (older versions of IE are vulnerable). Also buy and install a good virus scanner.

More information about URL shorteners here.

Congratulations! You have won One Million Euro on orange mobile promotion; send your names and Mobile No. via email to; orange [at] citynew [.] com

Please don’t respond to this message. It’s part of a scam. Just delete it.

Updated 15 Oct 2012:

Another couple of SMS’s that are also scams:

Your Mobile# has won 1 MILLION POUNDS in NOKIA/FREELOTTO Ref No:NK672 for claim Email us (NAME/COUNTRY/NUMBER/EMAIL) to nokiaglobal@<removed>

and

Transaction no: 4224 Your mobile number has won 720,000.00 pounds in the ongoing freelotto bonanza for claim email: frlo1214@<removed>

If you have more of these post them in the comments below. Remember that they’re scams, don’t reply to the message.

CLICK HERE to see the status udpate that got a girl expelled from school!!

or

OMG… This GIRL KILLED Herself After HER DAD Posted This ON Her WALL!

or

OMG! Look What this Kid did to his School after being Expelled! After this 11 year old child was expelled from his school he went beserk

Anyone curious enough to click on the link is taken to a page that “looks like” Facebook, but isn’t Facebook. Then two things happen:

1. You’re asked to “Like” the page, which adds the scam to your own Facebook wall. This is how the scam spreads.
2. You’re also asked to fill in a survey. This is how the scammer is making money. They’re being paid by a marketing company to fill in these surveys.

And that’s it. There’s no interesting video or article. It’s just a viral scam – it spreads because it sounds interesting.

So if you come across this, don’t click on the links, and let the person who posted it know about the scam.

Thanks to DBM for writing in and letting me know about it. I’m sure that by letting others know about scams we can all help reduce them.

Remember, Skype does not email you and me with links to download. Skype will update itself.

NEW VERSION OF SKYPE 2011 IS RELEASED

Dear Skype Users,

To start New Year 2011 with new features, options and improvements, we’ve just released the new version of Skype Software.

<link removed for security reasons>

New in this version :

* Up to 5-way group video call.
* Redesigned calling experience.
* Improved video snapshots gallery.
* Improved browser plugins performance on some websites.
* Reduced false positives on browser plugin phone number recognition.
* New presence icons.
* Improved handling of calling attempts made when the user has run out of credit.
* Improved access to sharing functionality  

To check and download the latest version , go to :

<link removed for security reasons>

Start downloading the update right now and let us know what you think about it.

We’re working on making Skype better all the time !

Talk soon,

The people at Skype

====================== PROTECT YOUR PASSWORD ===========================
Skype or Skype Staff will NEVER ask you for your password via email. The only place you are asked for your password is when you sign in to the Skype application or our website.

If you see the above email, delete it or mark it as spam.

The email says:

ADOBE ACROBAT READER 2011 UPDATE NOTIFICATION

This is to remind that a new version of Adobe Acrobat Reader 2011 with enhanced features for viewing, creating, editing, printing and internet-sharing PDF documents has been released.

To check and download the latest version , go to :

<link removed for security reasons>

Start downloading the update right now and let us know what you think about it.

We’re working on making Adobe Acrobat Reader better all the time !

Thanks and best regards,

Adobe Support

© 2011 Adobe Systems Incorporated. All rights reserved.
Adobe Systems Incorporated |343 Preston Street | Ottawa | ON | K1S 1N4 | Canada |

Remember, if you see this email just delete it, or mark it as spam.

Update: There’s now another version of this email, it too is a scam. The email looks like:

Adobe is pleased to announce that a new version of Acrobat PDF Reader was released today with new features, options and improvements.
<link removed for security>
What’s new in this version :
* Read, search, and share PDF files. * Convert to PDF. * Export and edit PDF files * Add rich media to PDF files * Combine files from multiple applications * Increase productivity and process consistency * Streamline document reviews * Collect data with fillable PDF forms * Protect PDF files and content * Comply with PDF and accessibility standards
To get more and upgrade to this version, go to  :
<link removed for security>
Start downloading the update right now and let us know what you think about it.
We’re working on making Adobe Acrobat Reader better all the time !
Talk soon,
The people at Adobe
Copyright © 2011 Adobe Systems Incorporated. All rights reserved.

The virus is reported to now be on over 150,000 phones. This is quite serious. There are also two strains of the virus now, indicating that people are working on making things worse for everyone.

This virus is called HongTouTou. It was discovered in an app called Dynamic Footprint Wallpaper, hosted on an app store in China. More information here.

How can a phone get a virus?

Android phones are smartphones, meaning the phone is actually a computer. And like any other computer you can download and install programs onto it, commonly called Apps.

Now the philosophy behind Android phones is that it’s less regulated than other phones, such as Apple’s iPhone, and you’re free to install any app you want. Even ones that contain viruses.

With Android phones you have a choice where to download your apps from. And unfortunately this included untrusted sources where people can add viruses to apps. It’s all very similar to Windows PCs and the popular viruses from a few years ago.

What about iPhones and other phones?

This particular virus only affects Android, not any other phones.

How to avoid HongTouTou?

For now the best thing to do is to only use app stores you trust. Don’t rush into downloading an app just because it’s popular or cool, read up on it first.

The fake email looks like this:

Dear Customers,

Adobe is pleased to announce new version upgrades for Adobe Acrobat 2010.

http:// www.adobe-new-software.com

Advanced features include:

- Collaborate across borders

- Create rich, polished PDF files from any application that prints

- Ensure visual fidelity

- Encrypt and share PDF files more securely

- Use the standard for document archival and exchange

To upgrade and enhance your work productivity today, go to:

http://www.adobe-new-software.com

If you have any question please contact us at: support@adobe-new-software.com

Best regards,

Michael Lobenberg

Adobe Acrobat

Copy rights © Adobe Acrobat 2010 – All Rights Reserved

Website: http:// www.adobe-new-software.com

Dear Customers, Adobe is pleased to announce new version upgrades for Adobe Acrobat 2010.
http:// www.adobe-new-software.com Advanced features include:
- Collaborate across borders- Create rich, polished PDF files from any application that prints- Ensure visual fidelity- Encrypt and share PDF files more securely- Use the standard for document archival and exchange To upgrade and enhance your work productivity today, go to:
http://www.adobe-new-software.com  If you have any question please contact us at: support@adobe-new-software.com Best regards, Michael Lobenberg Adobe AcrobatCopy rights © Adobe Acrobat 2010 – All Rights Reserved Website: http:// www.adobe-new-software.com

Adobe does not send out emails like this. Acrobat Reader can update itself by showing a small window with update information (and you should update it as soon as updates are released). You should not have to visit a web site to download Acrobat updates.

Below is the email, with personal details and all of the malicious links removed:

Dear …,

Thank you for scheduling your recent credit card payment online. Your ($USD) $117.00 payment will post to your credit card account (CREDIT CARD) on 08/06/2010.

Now that you’re making your payment online, are you aware of all the convenient ways you can manage your account online?

Just log on to www.chase.com/creditcards today. Using the "I’d like to…" links for your credit card account, you can access more than a dozen features, including links to:
See statements – Choose to stop receiving paper statements, and see up to six years of your statements online.
See automatic payments – Set up monthly payments to be made automatically.
Transfer a balance – Transfer a balance to your credit card account.
Go to Personalized Alerts – Schedule Alerts to remind you of key account activity.
You can also see past payments you’ve made online by logging on to www.chase.com/creditcards and clicking "See/cancel payments" under "I’d like to …"

If you have questions, please call the Customer Service number on the back of your credit card.

Thanks again for using online payments.

Sincerely,
Cardmember Services

Never trust emails like this, especially if you don’t have an account with the company.

A useful trick to spot these scams is:

• Identify which company the email claims to be from. In this case, it’s a company called Chase.
• Place your mouse pointer over a link, but don’t click.
• Look at the bottom of your screen, you should see the real link it points to. (You need to be using a modern web browser for this to work).
• If the addresses don’t match then it’s likely a scam.

E.g., the email above talks a lot about chase.com. This is a real company in USA. When I place my mouse pointer over the link, my browser says it goes somewhere different. The addresses don’t match, this is a scam. See the picture on the right.

Google Chrome has an excellent system that warns of dangerous web sites. When you click on a link to a dangerous (malicious) site, hopefully it will give you a large red warning page.

Now someone has been using this to trick people into thinking the website is malicious. It also asks you to download something called “Google Chrome secure updates” – this is bad, you shouldn’t have to install anything.

Here is the fake warning message (click to enlarge):

The popup message says:

This web page has been blocked based on your security preferences. Click ‘OK’ to download and install Google Chrome secure updates.

And here is the real warning message:

So never trust web sites that ask you to download anything, and if in doubt search Google for more information.