Taken by Scammers (Updated 8/1/24)

July 30, 2024

11:53 am

Comments Off on Taken by Scammers (Updated 8/1/24)

What you might already know…

I’ve outlined some popular scams, there are many variations to each of these, but this will give you a general idea. It’s a short article, but an important one. I want to keep you (and your company safe) in this life of technology you can’t trust anything or anyone even if you think it’s legit. I outline ways to check and verify. Please read the complete article.

When the internet was barely a thing Microsoft had the attitude of “Full Trust” Then as people and countries began taking advantage of unsuspecting people, Microsoft changed their stance to “Zero Trust”. We must adopt that policy too so we’re not prey for bad people.

They work in groups

There are groups in multi-level office buildings with dozens of workstations like a call center except these people have one goal to separate people/companies from their money.

A Popular Scam

This involves a person receiving an email for a charge for a purchase. It could be something at a big box store or something online. You contact the number in the email and tell the person you didn’t make the purchase and they admit that you are entitled to a refund and are willing to put the money back in your bank and ask if they can connect remotely to your computer. You want your money so you agree, they install a couple of applications and tell you that because of security you have to enter the information from your keyboard. You enter some information and when it comes to the amount they trick you into putting in more than the amount of the original refund (by adding a zero to the amount). Then they tell you that you made a mistake and need to go to your bank’s website to see where the money went. You login to your bank’s website and when you’re looking at the account balance page they blank the screen and quickly make a local copy of your account balances, when it reappears it’s the copy that they falsified showing the overpayment. They then ask you to go to your bank and get cash for the overage to send to them. Think you’d spot this right off? Surprisingly, these guys are good at what they do and many, many people go to their banks and send the money.

Electronic Funds Scam/ACH and Wire Transfers

This one takes some research on the part of the scammer. I’ve seen this in a couple of varieties but the core parts of this are the same. You may be anticipating doing a wire transfer (ACH payment) and are waiting for the information to give to your bank to make the transfer you receive the email with the wire instructions and make the transfer and find out later they never got the money. In another version, your customer tells you they paid your invoice via wire transfer from your email instructions (except you didn’t send any instructions). An email “From” or “To” address (as we see it) can be impersonated. It’s an internal header that routes the emails not the part we see. As a result, we think the email is legit and the information is good.

I’ll keep it simple, you be diligent, make this company policy

Company Email Policy

There will be no financial information contained in an email and if such an email is received that appears to ask, report, or otherwise give money, bank information, or any financial transactional information it should never be acted upon as fact and must be verified with all parties from known good sources. NEVER rely on just an email for verification in any monetary transaction.

I absolutely hate to hear these stories, but I want you to be safe, and as much time and effort it takes to keep you safe I’ll tirelessly do that job and with your help to not trust any email until you verify it. We can together make a difference in keeping each other safe. Thank you for reading.

Sextortion Bitcoin scam

by Dale

January 21, 2020

3:47 pm

Comments Off on Sextortion Bitcoin scam

Rants

Computer, data breached, download, Security Settings, SPAM

Popular Scam Makes 2020 Return

Another aggravating email that is making its rounds. You get an email which may include recent pictures of places or people you were with. It then goes on to tell you that if you don’t pay a certain amount by a certain day these (and other pictures) will be uploaded to porn websites and be emailed to all your contacts to harm your credibility. But if you act fast and pay $$ to a certain bitcoin account by creating another email address and sending $, you will be spared the embarrassment.

Several Different Flavors

This same scam may come in different subjects. Breached password, etc. Here’s a sample of what it may look like:

I am well aware [REDACTED] is your pass words. Lets get right to point. Neither anyone has paid me to investigate you. You may not know me and you are probably thinking why you’re getting this e-mail?

actually, i installed a software on the adult videos (pornographic material) web-site and do you know what, you visited this website to have fun (you know what i mean). While you were viewing videos, your web browser began working as a Remote Desktop that has a keylogger which gave me accessibility to your display and also cam. Just after that, my software gathered every one of your contacts from your Messenger, Facebook, as well as email . after that i created a double video. 1st part displays the video you were viewing (you’ve got a nice taste haha), and next part shows the recording of your cam, yeah its you.

You have not one but two choices. Shall we read up on these options in aspects:

First alternative is to just ignore this message. in such a case, i am going to send out your actual video to every single one of your personal contacts and think regarding the awkwardness you will definitely get. and definitely if you happen to be in a loving relationship, how it would affect?

Number 2 solution is to pay me $889. Lets name it as a donation. in this situation, i most certainly will asap remove your video footage. You could carry on daily life like this never occurred and you surely will never hear back again from me.

You’ll make the payment through Bi‌tco‌in (if you don’t know this, search for ‘how to buy b‌itcoi‌n’ in Google).

B‌T‌C‌ ad‌dre‌ss to send to: [REDACTED]

[CaSe sensitive, copy & paste it]

if you are wondering about going to the law enforcement officials, well, this message can not be traced back to me. I have dealt with my actions. i am also not attempting to demand a huge amount, i would like to be compensated. within this%} emaiQUNdkpeC [SIC] if i do not receive the ‌bi‌tco‌in‌, i will send your video recording to all of your contacts including family members, coworkers, and so forth. Having said that, if i receive the payment, i will erase the recording immediately. If you really want proof, reply Yup then i will send out your video to your 9 friends. This is a non-negotiable offer, so don’t waste mine time and yours by replying to this e mail.

Very Sneaky

These people pray on you getting upset, excited, and then paying them money. Instead of an actual threat, they make one up to make money. People have even died because of scams like this. Please share this email with anyone that has an email account. This may save a life.

How did they get any of my information?

As we see in the news, many data breaches have occurred in places we do business (Target, Equifax, etc.) and these cowards use that information, locate our social media accounts, gather information, then use it in this scam to get money.

What can I do?

If you receive an email like this, report it if you can. Otherwise, just delete it. It’s a scam. If you need help and want some resources to help better protect your network, email and company infrastructure give me a call I offer flat rate pricing that can not only save you some IT dollars, but help from these scam emails getting to your inbox.

We all have one, I’ll show you mine

by Dale

December 21, 2019

5:32 pm

Comments Off on We all have one, I’ll show you mine

Raves, Technology

data breached, Network, protect information, Security Settings, SPAM, Wireless Networking

Much like opinions or certain body parts

In today’s modern infrastructure we all have a router, let’s see what we can find out.

Backstory

I’m always thinking of ways to keep ransomware away from my customers and while I was pondering this article I thought why not ask my router some questions. Since that’s the first place our outside internet connection comes from.

The Interview

ME:
Hey, Router what do you do for me?

ROUTER: I take your single internet connection and share it among your devices so everyone can have internet access.

ME:
Since you’re my first link to the outside world why don’t you do more to protect me? Wouldn’t that make sense and save me from having a million things about security to remember?

ROUTER: That does sound logical, but I’ve been a loyal member of your infrastructure for years. Remember? I was there back in 2015 when the power was out. I was lonely, but when it was over, I was there. How about in 2013 when we first met? You were so happy to have WiFi and me an “all-in-one router”, we loved each other.

ME:
Sure, I remember some good times. But, criminals have gotten smarter and I must have modern protection to keep up with modern threats, so how about protecting me better?

ROUTER: I’m doing my best here, it’s not easy keeping a steady flow, keeping the data conversations going to the right device. You don’t need anything else, we’re family.

ME:
Let’s face it, you don’t have the right skills. I need a modern solution to keep up with modern threats.

ROUTER: Could we Talk about something else, I really don’t understand what you’re talking about. Besides, I have other things to do right now.

Even the router agrees, it cannot protect us in the modern workplace. We need much better protection.

So, I researched. Here’s the thought process…

My considerations:

Easy to manage
Provides immediate protection
Provides ongoing protection
Is easy for customers to obtain, and has a great ROI

Product Comparison — Comparison List (click to download)

My choice

I chose WatchGuard because they not only check all the boxes but allow customers to obtain the device and pay monthly for service protection and subscription. This allows customers to get the right device at a reduced cost that could otherwise be cost-prohibitive. Plus, ongoing protection is included (one of the most important parts of ongoing protection). Skip keeping the subscription active and that could leave you inadvertently unprotected.

Besides, WatchGuard devices come in a variety of solutions. This means a device can be uniquely configured specifically for customers’ network needs.

Layers of protection

We need Unified Threat Management for modern threats and layered protection. My job is offering the best solutions for keeping your business continuity protected.

Call me and let’s replace your router with a firewall

Want more information? Give me a call. I’m always happy to help. 972.571.4808