Scams

email cybercriminal

Invoice Redirection Fraud is where cybercriminals trick the customer into transferring money into the cybercriminal bank account instead of the true seller.

To do this, the cybercriminal need access to either the customer or seller's email account. This is easily done when email password lists bought from the darkweb.

Unfortunately, people often use the same password for their email as they do on other websites. When these websites get hacked, the email and password combination gets sold to cybercriminals... and they then have access your email to carry out this scam.

Cybercriminals can also carry out Invoice Redirection Fraud from sniffing the network and intercepting unencrypted and non-authenticated emails - but that is getting harder to do these day. 

Once the cybercriminal is in your email box, they read the incoming emails and wait for discussion or an actual incoming invoice. The cybercriminal then intercepts the invoice and changes the bank details.

The modified invoice will look exactly like the legitament invoice sent via the seller... only with the Bank Deatils altered. 

 

Another, less convincing way, for Invoice Redirection Fraud is if the cybercriminal gets information (like staff names and emails) from public social media and websites, and makes up a mock invoice. This invoice will probably not look like the real invoice issued by the real seller. The cybercriminal will then email that to you via a similar email (not the actual seller's email). But really... you would need to be a bit stupid these days to fall for this.

 

You can stop this happening to you if...

  • Don't use your email password for other websites or services. 

  • Use GMail and the GMail apps for scam and phishing warnings. Also Gmail is secure with authenication and encryption. (Avoid using insecure bigpond, tpg and iinet emails).

  • Store all banking details in your Netbank's address book. If banking details have changed ... call the supplier to confirm the change.. it is likely this scam. (Don't email... you will provbably get a reply from the cybercriminal).

 

Identity CrookThere have been some Facebook Fake Profile scams this week. This scam particularly works if you have made your Friends public. See below for hiding your Friends and protecting yourself (and your friends) from this scam.

What Happens?

The impostor will first create a new Facebook profile and copy your photo and name. They will then look at your public friend list and will request to become friends with your friends.

Your Friends will normally think it is you, although they may be a bit puzzled why you are not already a friend.

Once befriended - the impostor will strike up a chat and run the scam. The scam is usually about some grant money available, or some sort of other bogus benefit. There will be a small application fee - and this is where the impostor makes the cash. 

This scam is particularly ghastly because it is your dear friends that get scammed - thinking they are communicating with you. Once found out, your friends will often de-friend the real you - and you will be left with your online reputation in tatters!

Catch a fishAnd this happens without your account being hacked! It doesn't matter if you change passwords. These impostors are working from an entirely different account that has your name and copied pictures.

So what do you do?  Read on...

How to Report a Fake Profile?

  1. Go to the impostor profile
  2. Click facebook imposterpng on the cover photo and select Report
  3. Follow the on-screen instructions

For more info from Facebook, read this... https://www.facebook.com/help/174210519303259

 Facebook Friends

To Make your Friends Private...

You will probably need to find a computer and jump online to www.facebook.com do this.

Step One: Login and go to your own profile. Its the link up the top of Facebook with your name and profile picture.

Step Two: Click on the Friends tab...

Friends Privacy3

Step Three: Click on the pencil option to get into the Friends settings.

Friends Privacy2

Step Four: Change your privacy settings so that only your Friends can see your friends.

Friends Privacy

Domain renewal scams are becoming increasingly common in Australia.

When OrganicWebs registers the domain, we use our office address to help screen out some of these scams. But the scammers can find your address usually from the contact page of your website and will send mail to you directly.

This is a scam from Domain Register Pty Ltd, who send what appears to be an invoice for a domain renewal. This invoice is generally for a domain which is similar to your existing one, eg if you own domain.com.au, they've sent you an invoice for domain.net.au

They hide the following in the fineprint: 

domain register scam snippet

The fineprint reads "This is an invitation to register, disregard this letter if you are not the proprietor or if you do not wish to register.", which is in very small grey text on a grey background. The cost of registering the domain is far higher than nearly every registrar in Australia, meaning you will end up paying significantly more for a domain that you don't need.

domain register scam

If you are an OrganicWebs customer and you receive a Domain Renewal invoice from a third party (other than OrganicWebs), don't pay it. Instead, get in touch with one of our support crew to confirm its authenticity.

scamalaert

We are getting bombed by companies selling Facebook likes lately, particularly from a group called SuperbSocial.

If you value your business Facebook page and reputation - don't buy likes. These systems often work by hijacking other people's Facebook pages to "like" yours.

The catch is - when these people start getting your news feeds - they get very angry with YOU!

  • If you participate in this scheme, expect negative business reviews and negative comments from people who have been hijacked to like your page.

  • Paying a 3rd party for likes only funds their unethical practices (like buying a stolen watch or goods).

  • 40 genuine likes is far better than 1040 of fake likes.

  • These practices are against Facebook policies - your page could be banned.

  • Don't lie to your customers about your popularly. Be honest.

  • You cannot evaluate your Marketing strategy if the Like statistics are fake. It becomes impossible to optimise your efforts and returns on advertising expenditure.

  • You can tell when business buy likes - there is very little feedback from followers. With 1000 likes, you would expect at least 100 people to be talking about it, and at least 10 comments.

If you want to boost likes on your page - consider Facebook Marketing and Google Adwords. We are also available for ethical online marketing if you need a specialist.

Here is a copy of a particular scam letter...

"Hello, my name is Morty Goldman;

I just stumbled upon your site - www.organicwebs.com.au - I'm sorry to write in such an odd manner, I thought to call you but I didn't want to take up your time. What I have to say may be of great interest to you. Did you know that an overwhelming majority of businesses, organizations and celebrities buy likes and followers? What, you thought your competitor's likes and followers are organic and naturally gained? Ha ha. Just recently Gangman Style  reached a record 2 billion views. Now imagine the scale of Gangnam Style's popularity being applied to your business! This is exactly how I deliver results to my clients - and I assure you that you'll be overwhelmingly pleased with the outcome."

xp-antivirus

XP Antivirus is a fake antivirus software. The program is the virus (well actually its Malware) - and they take money from unsuspecting users to remove it.

You you have this program installed on your PC - remove it immediately. It contains trojan virus tha

Once installed it is difficult to remove.

But there are some excellent antispy programs out there that will do the trick.

Our favorite for getting rid of these nasties is SUPERAntispyware. You can download it for Free at www.superantispyware.com.

When you download SUPERAntispyware, install it and do a full scan of your system.

You'll probably need to reboot and rescan a few times to be sure.

Once your system is cleaned - we recommend AVG antivirus.

If you are a victim of Yahoo Search or MyWebSearch taking over your PC in Firefox, here is the fix to restore it back to Google...

  1. Type about:config in Firefox location bar and press Enter
  2. Type keyword in Filter textbox and you will see the preference keyword.URL.
  3. Right-click on keyword.URL and select "Reset"

To remove the AVG toolbar in Firefox...

  1. In the Firefox menu: Tools > Add-ons > Disable AVG Security Toolbar.
  2. Restart Firefox.

Check for any recently installed programs in the Windows Control Panel and uninstall them if they look suspect.

Avoiding the AVG Search Settings when Upgrading

When AVG installs it shows a screen with two tickboxes to install the AVG marketing toolbar and to change your default search engine. At this point you need to untick those boxes. Its easy to miss - and most people just blindly click continue.

In Firefox you can uninstall the AVG Tool bar - through Tools/Add-ons/Extensions as mentioned above. But keep the AVG Safe Search enabled - as this is the bit that screens the sites.

Complaints

This page is offered in the hope it may help some people out there on the web from one user to another. We get as anyoyed with these poor marketing practices as much as you. I don't know why they still engage in it - it only build a hatred and bad reputation for their own companies.

BottomupWebs is certainly not responsible for the actions of AVG, Yahoo, MyWebSearch or any other third party Software provider.

So for complaints, contact the Software providers directly and give them an earfull! {jcomments off}

antivirus-2009
pro-antispyware-2009

 

Antivirus 2009 and ProAntispyware 2009 are fake antivirus software. The program is the virus (well actually its Malware) - and they take money from unsuspecting users to remove it.

You you have this program installed on your PC - remove it immediately. It contains trojan virus tha

Once installed it is difficult to remove.

But there are some excellent antispy programs out there that will do the trick.

Our favorite for getting rid of these nasties is SUPERAntispyware. You can download it for Free at www.superantispyware.com.

When you download SUPERAntispyware, install it and do a full scan of your system.

You'll probably need to reboot and rescan a few times to be sure.

Once your system is cleaned - we recommend AVG antivirus.


Update 2010.

Here is another Antivirus scam. This fake antivirus is installed by a trojan.

ave-scare-message

Tips for removal:

  • http://www.malwarehelp.org/ave-exe-a-multiple-rogues-in-one-trojan-fakerean-2010.html
  • http://www.myantispyware.com/2010/03/19/how-to-remove-ave-exe-malware/