The Computer Wizard’s Blog

News, Updates, and Timely Information from The Computer Wizard

Dell Confirms Switch to Google’s Chrome OS

June 21st, 2010 by wizard No comments »

Dell will use Google’s Chrome OS on upcoming devices.

Dell confirmed in an interview Monday that the company is currently in talks with Google about using the upcoming Chrome OS on its laptops.

The news comes after Dell put the smack-down on Microsoft last week, promoting its Ubuntu Linux-based products as more secure than those using Windows 7. Now Dell is seeking to use another alternative, turning to Google’s upcoming Linux-based OS scheduled for release later this year.

Details on the deal weren’t all that forthcoming, however there was indication that devices are currently in development, and that the relationship would last between two and three years.

“There are going to be unique innovations coming up in the marketplace in two, three years, with a new form of computing, we want to be on that forefront,” said Amit Midha, Dell’s president for Greater China and South Asia. “So with Chrome or Android or anything like that we want to be one of the leaders.”

Earlier reports indicate that Dell development was previously confirmed by reference within the Chrome OS code itself. HP and Acer were also listed, indicating that these three manufacturers could have Chrome-installed devices ready for consumers by the end of the year.

No comments »

Posted in Information, News, Uncategorized

Tags: Amit Midha Chrome OS Dell Google's Chrome OS Security Windows 7

Windows 7 Running On JooJoo Tablet

June 17th, 2010 by wizard No comments »

The JooJoo wasn’t exactly a hot device when it launched. It was expensive and all it did was surf the web. Unsurprisingly, not many people were willing to fork out $500 for a device that packs a browser and not much else. It’s unfortunate, because the device is actually rather sexy looking, but there just wasn’t enough going on to tempt people. But what if it ran Windows 7?

A member of the JooJoo forums, darkdavy, has hacked his JooJoo to run Windows 7. He admits that it’s running quite hot at the moment but the touchscreen capabilities are in full working order and the battery is lasting up to four hours on one charge. Darkdavy says everything is working fine save for the accelerometers. However, this is easily solved by using display rotation. Engadget points out that other members of the forums have successfully installed Windows 7 Home and Windows Embedded Compact 7 on the Linux-based tablet.

Check out the video below or head on over to the JooJoo forums to see the orignal post for youreself.

No comments »

Posted in Uncategorized

Verizon’s Droid 2 Specs Leaked

June 14th, 2010 by wizard No comments »

The Motorola Droid caused quite a stir with its super-manly commercials and eventual launch. The device sold incredibly well and now it looks like there’s a Droid 2 heading to Verizon in the near future.

The first pictures of the Droid 2 appeared online last night showing a few tweaks and changes but maintaining the same overall design of the first Droid handset. The only real change seems to be the keyboard, which lacks the D-pad of the origianl Droid and sports a slightly spongier looking keyboard.

Droid Life, which was the first to post the images, says the Droid 2 is more about internal changes than external changes. The device is said to pack a 3.7-inch screen, a 750MHz OMAP CPU, WiFi tethering, 8GB of internal storage along with an 8GB SD card, a 5-megapixel camera and a new version of Motoblur. Droid Life reports that the device will ship with Android 2.1 but we’re pretty close to 2.2 so with any luck, the Droid 2 can add that to its resume.

Toms Hardware

No comments »

Posted in Uncategorized

Windows 7 SP1 Beta Coming Soon

June 7th, 2010 by wizard No comments »

Microsoft said that Windows 7 SP1 Beta will launch in July.

During TechEd North America 2010 in New Orleans, Microsoft Server and Tools Division president Bob Muglia said during his keynote speech that a public beta of Windows 7 and Windows Server 2008 R2’s Service Pack 1 will be available by the end of July. An actual calendar date was not specified.

The final release is expected to hit both platforms sometime in Q4 2010, however it will not include any new features that are specific to Windows 7. “For Windows 7, SP1 will simply be the combination of updates already available through Windows Update and additional hotfixes based on feedback by our customers and partners,” reads the official Windows Blog.

However Windows Server 2008 R2 will receive an updated Remote Desktop client designed to work with RemoteFX–this feature enables a local-like desktop environment over the network. Dynamic Memory will also be another added feature, enabling Windows Server Hyper-V to “dynamically allocate more or less memory to each VM as needed, provided a more scalable and better performing VDI environment.”

If Microsoft does indeed launch SP1 by the end of the year, downgrade rights from Windows 7 to Windows XP will end upon its release, months earlier than the original late April 2011 deadline. The company previously said that downgrade rights would be canceled in April or when SP1 goes public, whichever comes first.

Toms Hardware.

No comments »

Posted in Uncategorized

New research reveals troubling security issues for iPhones

June 1st, 2010 by wizard No comments »

Though Apple has added additional data security features to the iPhone with every iteration of the OS—including encrypting files on-device for the iPhone 3GS—vulnerabilities still exist. These issues are of particular concern to enterprise users, since sensitive corporate data may exist on any given employee’s mobile device. A new vulnerability revealed by security researcher Bernd Marienfeldt, however, shows that all someone needs to get at that data is the latest version of Ubuntu.

Noted iPhone data forensics expert Jonathan Zdziarskidemonstrated last year that common hacking tools could remove the data protection features that Apple added with iPhone OS 3.x and the iPhone 3GS. He told Ars that there are ways to get around both the on-device encryption as well as the encrypted backups that can be saved via iTunes. “The only benefit hardware encryption [as implemented] is that it makes wipes faster, by just dropping the [encryption] key,” he said. But even the remote wipe feature can be thwarted by removing a device’s SIM card.

Marienfeldt’s research revealed that standard hacking or jailbreaking tools aren’t even needed to get at the data. The latest version of Ubuntu (10.04) will auto mount the flash storage in an iPhone, allowing access to all of the information contained within. Files can be accessed even if a pin code is set.

Zdziarski warned that the way encryption worked on the iPhone could be exploited in this way if a tool allowed the iPhone’s file system to be mounted. “The [iPhone OS] kernel decrypts it for you when you ask for files, so you get the decrypted copy,” he told Ars last summer.

Here you can see the entire filesystem of an iPhone 3GS with PIN code lock displayed under Ubuntu 10.04.

Image credit: Bernd Marienfeldt

Marienfeldt verified that only the DCIM folder, where images and videos are stored, is accessible on Mac OS X, Windows, and Linux—even older versions of Ubuntu. However, Lucid Lynx will, when set to auto mount USB-based devices, expose the entire filesystem of any iPhone. “This data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents,” Marienfeldt wrote on his blog.

He has shared his findings with Apple, and engineers were able to verify the problem. “Apple could reproduce the described serious issue and believes [it understands] why this can happen but cannot provide timing or further details on the release of a fix,” Marienfeldt said.

Of course, knowing that pretty much anyone with Ubuntu installed can get at all of your data is troubling. Marienfeldt noted that this problem is quite serious for enterprise users, especially since companies “rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with a PIN code based authentication in place to unlock it.” This is probably true; Steve Jobs recently noted during the iPhone OS 4.0 preview that 80 percent of Fortune 100 companies have employees using iPhones as a work-related mobile device.

AT&T also said that 40 percent of iPhones are now sold to enterprise users. “When the iPhone came out, what most people heard in the first year from ‘07 to ‘08 was oh my God, it’s not BlackBerry secure; this is not going to work on the enterprise space,” AT&T Business Solutions CEO Ron Spears said recently during the Barclays Capital Communications, Media and Technology Conference. “And by the time the 3G came out in ‘08 they had solved about 80 percent of the security issues. By the time the 3GS came out last summer, most CIOs will tell you today they have very few issues around the security that they need provided.”

However, this latest example shows that Apple has some work ahead of it to beef up security for its mobile platform. Apple has promised more robust encryption options for iPhone OS 4.0, including giving developers an API to encrypt their applications’ data separately. If these new options rely on the same encryption system as current iPhones, though, that won’t be enough. Marienfeldt recommends that Apple employ a more robust full disk encryption method, one that requires the PIN code to be entered before the filesystem will mount on any OS.

By Chris Foresman – arstechnica.com

No comments »

Posted in Uncategorized

The IPad: It’s All About The Apps nothing more nothing less

May 31st, 2010 by wizard No comments »

Apple has done it again. Claiming innovation and launched the next game-changer? Or maybe not.

Many view the iPad as an entirely new platform, while others view it as just another version of the iPhone or iPod Touch. There is an intrigue within the gadget and geek world around this new tool. As a game enthusiast and regular old geek, I look at this exciting piece of hardware as a new medium for the delivery of everything from innovative gaming experiences to interactive books to novel takes on productivity software, all on one incredibly well-designed device.

Apps that once didn’t really feel at home on the iPhone “Scrabble” for instance, work well on the iPad. All due to the glorious larger screen size, which has taken it from “just another iPhone” to a new platform and social device. Movies can be watched by multiple viewers, great times and memories of fun with the family.

The huge, high-res screen makes a suitable game board replacement, and there’s no need to pack up the pieces after you’re done. Two players can play Flight Control HD across from each other on the same device. It makes real, live social gaming fun again.

There are rumors that Apple may be working on larger iPads for the future. If the company makes them the size of a typical game board, Parker Brothers and Milton Bradley had better watch out. It is much easier to play Monopoly digitally — the banker doesn’t have to do any math.

While iPhone users witnessed the development of some truly revolutionary games, developers will need to be even more creative on the iPad to steal back the lion’s share of user time spent interacting with these other functions.

At the end of the day, the iPad will be all about the apps, and there will likely be some revolutionary games among them. Thinking back to the early days of iPhone app development, it was clear that developers didn’t hit their stride for several months, if not a year. It won’t take as long for iPad apps to take off. And when they do, sit back and enjoy the show — because that’s when the real potential of this device will become clear.

No comments »

Posted in Uncategorized

McAfee Security Software Rebooting PCs

April 22nd, 2010 by wizard No comments »

Computers worldwide suddenly went into simultaneous rebooting loops as a result of a legitimate Windows file being mis-identified as a virus. According to McAfee, a software update posted at 9 a.m. Eastern time on April 21, 2010 is the culprit, affecting corporate users of McAfee’s security software around the world.

Hospitals, schools and government offices were impacted by the glitch, causing a third of the hospitals in Rhode Island to curtail non-trauma ER and elective surgery treatment until the problem was resolved.

McAfee spokesmen said it appears consumer versions of their products were not affected by the update.

Instructions for restoring the quarantined files can be found here.

McAfee has released a SuperDAT remediation Tool to restore the svchost.exe file quarantined during this debacle.

Article: False positive detection of w32/wecorl.a in 5958 DAT (for Corporate/Business users) – VirusScan Enterprise

Download the tool and follow these instructions to recover your OS.

No comments »

Posted in Bad Things in General, News, Tech Tips, URGENT

Tags: 5958 DAT 5958DAT mcafee mcafee reboot mcafee update reboot loop SuperDAT Remediation Tool svchost.exe VirusScan Enterprise w32/wecorl.a

Legacy Windows Support to be Abandoned

April 11th, 2010 by wizard No comments »

For those of you running versions of Microsoft Windows without (what Micro$oft considers to be) current service packs, you are about to be disowned by the Behemoth from Redmond. Just thought you might want to know.

The versions included in this swift kick to the curb are:

Windows XP with service pack 2 (support ends July 13, 2010, along with Windows 2000 Maintenance and Support)
Windows Vista with no service packs (support ends April 13, 2010)
Microsoft seems to have “a thing” about the 13th of the month…
This means you will no longer be able to receive monthly updates, service packs and security fixes from M$oft.

So no problem, you say, I’ll just go download the updates, right? Sure, if you like to live dangerously. Read the blog entries on service pack 3 for XP regarding the risks. Any service pack for Vista is a double-edged sword. Since Vista is by far the most unstable and unpredictable OS ever released, doing anything at all to it is riddled with risks. While Vista should have all the service packs you can find for it, the time to install them is ridiculous (about 5 hours for Vista on any given HP machine for reasons we don’t understand) and you can wind up with a machine that is in a reboot / repair loop forever.

Service Pack 3 for XP has caused no end of headaches for some people. It’s a zero-benefit service pack in our estimation, simply bundling a wad of updates into an SP and shoving a modified version down the pipe to end users labeled a Critical Update. You are far better off to install it from a disk rather than a download (look for our article on this).

If you are going to install a service pack, BACK UP YOUR DATA FIRST. Do NOT use Vista Backup to do this (read our blog entry on this as well). Copy what you need to an external drive manually or download the recommended backup software listed on our Good Things / Bad Things page.

Keep in mind, you NEED the Security Updates for Windows. You do need to resolve this issue in a timely manner to remain safe.

No comments »

Posted in Information, News, Recommendations, URGENT

Tags: end of support Microsoft security updates service pack Support Vista Windows XP

Chuck Norris Says Change Your Router Password… or He’ll Kick Your Butt

March 30th, 2010 by wizard 1 comment »

Recently, a new botnet (group of devices working together to attack or distribute infections to other systems) was discovered infecting everyday routers as well as enterprise routers worldwide. This cleverly crafted infestation attacks even Linus-based devices. Egads! How is this possible? Isn’t Linux immune to infection?

Not if you don’t change the default username and password combination your system shipped with, it’s not. This is how the Chuck Norris infection attacks a system – buy guessing common username / password combinations it has in it’s database. Incredibly simple, as most people don’t change the login security on their routers. Most don’t even change the SSID (name that’s broadcast by your router) which makes it really easy to guess the security login if you have even rudimentary knowledge of popular routers.

Windows-based computers are inherently insecure. Almost all viruses are engineered to attack Windows systems, as they constitute the largest percentage of computers worldwide. That being said, it is a lot easier to infect any device if you can bypass it’s login security. This is what makes the Chuck Norris infection to clever. It is OS-independent.

So if you’re infected, what do you do?

Reboot your router? Since Chuck Norris is memory resident and doesn’t alter any code – or actually “infect” your router, just reboot it. Not sure how? Just pull the plug. Wait a couple of minutes and plug the power back in. You’re now un-infected?

Want to stay that way – and keep from being hacked by every neighbor kid with a laptop?

This infection also exploits a known vulnerability in D-Link routers. If you have one, check for updates to your router and install them.
Login to your router as administrator. Find your router documentation if you don’t know how
(whoever setup your router should have provided you with this information – we do.)
Change the SSID on your router to something that does NOT give away your name, location or street address.
Change the administrator user name and password for your router
WRITE THIS DOWN SOMEWHERE!
Reboot your router.
Reconfigure all your wireless devices to talk to the new SSID.
You’re secure.

1 comment »

Posted in Bad Things in General, Information, Malware, Viruses and Bugs Galore, News, Recommendations, Tech Tips

Tags: botnet chuck norris cisco d-link dlink infection linksys linux netgear router Windows

Email Scams

March 26th, 2010 by wizard No comments »

It has been one of our goals for some time to post details about the constant barrage of email scams (phishing scams) for some time and with the arrival of today’s ACCOUNT SUSPENSION (allegedly from Yahoo) message, this seemed like an opportune time to start. Your first clue that these are bogus comes from hovering (NOT CLICKING) your mouse cursor over whatever link they tell you to click on and looking at the bottom bar in your email client (or web browser if you use webmail) to see where it will take you if you do click on it.

NOTE: Everything posted here is a SCAM. You will find NO legitimate emails in this post.

More Obvious NOTE: No financial institution is likely to email you in an attempt to clear up a problem or update your information. Same for Microsoft. The Beast From Redmond doesn’t know who you are – or care. Likewise for the IRS. They do NOT use email and certainly wouldn’t contact you this way regarding a “refund”. Neither will PayPal. Simply delete any emails that come from these sources. CALL the institution if you’re even remotely considering the message to have some merit (it won’t).

March 26, 2010: Notification of Limited Account Access RXI033 The latest PayPal scheme to steal your login information shows up in the usual guise of making sure your account is “secure” and requiring you to “login” to your account to do it. Needless to say, this is a scam. The obvious key to the lack of validity in this email is the return address: service@paypay.com. Read it carefully. It is not going to PayPAL.com, but rather PayPAY.com.

Additionally, the actual address of the active links in the message is not a legitimate PayPal address. It looks like it’s going to PayPal at first glance, but closer inspection reveals it is actually going to: http://www.paypal.com.nuryag910ud7.127ey27cdbom3vzbkp3w10.com/cgi-bin/webscr/?login-dispatch&login_email=(your address here)&ref=pp&login-processing=ok (nuryag910ud7.127ey27cdbom3vzbkp3w10.com)

eMail body:

Hello The Computer Wizard, (interesting that the email address this went to was NOT related to The Computer Wizard)

As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.

We requested information from you for the following reason:

A recent review of your account determined that we require some additional information from you in order to provide you with secure service.

Case ID Number: PP-280-903-612

This is a second reminder to log in to PayPal ( goes to http://www.paypal.com.nuryag910ud7.127ey27cdbom3vzbkp3w10.com/cgi-bin/webscr/?login-dispatch&login_email=(your address here)&ref=pp&login-processing=ok) as soon as possible. Once you log in, you will be provided with steps to restore your account access.

Be sure to log in securely by using the following link:

Click here to login and restore your account access ( goes to http://www.paypal.com.nuryag910ud7.127ey27cdbom3vzbkp3w10.com/cgi-bin/webscr/?login-dispatch&login_email=(your address here)&ref=pp&login-processing=ok)

Once you log in, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

In accordance with PayPal’s User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to log in to your PayPal account as soon as possible to help avoid this.

To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking “Contact Us”.

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

Thanks,

PayPal Account Review Department

Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link in the top right corner of any PayPal page.

—————————————————————-

PayPal Email ID PP522

January 25, 2010: It was only a matter of time until a fake Facebook email surfaced in an attempt to steal your login information – and today’s winner is the Facebook Update Tool message.

In an obvious ploy to steal your Facebook credentials, this email purports to be an account updater. Nothing could be further from the truth. And, in fact, if you are foolish enough to click on the “Update” button, you are redirected to:

http://www.facebook.com.gertfdq.com.hn/usersdirectory/LoginFacebook.php?ref=871216485528618679494298679138550271194839826803287528092&email=mo.shafroth@shafroth.com

Now look at this carefully. First of all, you’ll notice that it starts our with www.facebook.com, so it initially looks OK… but continue reading.
The REAL domain in use is gertfdq.com.hn (notorious Phishing scam site, hosted on an illegal botnet)
Notice the email address embedded at the end? This is the address in the TO: portion of the email header. It’s NOT your email address is it?

Here’s a screenshot of this pest just for reference:

Facebook Update Tool screenshot

November 30, 2009: So your Sears Card account is in trouble – and who wouldn’t immediately want to rectify this problem? That’s what today’s winners of the Scam ‘O the Day award think. Read on:

[Start of email header]

Sears Card <searsciti@citibank.com>

To:	wph
Cc:
Date:	Monday, November 30, 2009 02:32 pm
Subject:	Sears Account Information
Message-ID:	<20091130143224.40D434957AB8139A@citibank.com>
Received:	(qmail 945 invoked by uid 78); 30 Nov 2009 19:29:54 -0000
Received:	from unknown (HELO cloudmark1) (10.49.16.94) by 0 with SMTP; 30 Nov 2009 19:29:54 -0000
Return-Path:	<searsciti@citibank.com>
Received:	from [201.14.69.226] ([201.14.69.226:34922] helo=mail.viacruz.com.br) by cm-mr19 (envelope-from <searsciti@citibank.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP id 5F/46-02272-23D141B4; Mon, 30 Nov 2009 14:29:54 -0500
Received:	by mail.viacruz.com.br (Postfix, from userid 107) id 9677E92E188; Mon, 30 Nov 2009 15:21:52 -0400 (AMT)
X-Spam-Checker-Version:	SpamAssassin 3.2.4 (2008-01-01) on mail.vcs
X-Spam-Level:
X-Spam-Status:	No, score=-0.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_50, HTML_MESSAGE,MIME_HTML_ONLY autolearn=no version=3.2.4, No
Received:	from citibank.com (216.215.180.250.nw.nuvox.net [216.215.180.250]) by mail.viacruz.com.br (Postfix) with ESMTPA id 8626A68529 for <wph>; Mon, 30 Nov 2009 15:10:52 -0400 (AMT)
MIME-Version:	1.0
Content-Type:	text/html; charset=”iso-8859-1″
Content-Transfer-Encoding:	quoted-printable
X-unconfigured-debian-site-MailScanner:	Found to be clean, Not scanned: please contact your Internet E-Mail Service Provider for details
X-unconfigured-debian-site-MailScanner-From:	searsciti@citibank.com

[End of email header]

Subject: Sears Account Information

Please log-in to your Sears Card account.
Your Internet Banking Account may be locked.

Please identify yourself by visiting our Online Banking service:

Sears Card ONLINE
(actually goes to www.basecc.co.kr/fla/a.html)

–
Esta mensagem foi verificada pelo sistema de antivírus e
acredita-se estar livre de perigo.

November 7, 2009: Who wouldn’t want to win 2.5 Million Dollars? Right? What are the odds? Zero, actually. Today’s email scam comes from cyberlottery.com.:

Re: You Have won a cash prize of $2.500,000.00

[Start of email header]

From – Sat Nov 7 06:16:09 2009

X-Account-Key: account2

X-UIDL: 1257596037.22070.mail30

X-Mozilla-Status: 0011

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Received: (qmail 22067 invoked by uid 78); 7 Nov 2009 12:13:56 -0000

Received: from unknown (HELO cloudmark1) (10.49.16.81)

by 0 with SMTP; 7 Nov 2009 12:13:56 -0000

Return-Path: <info@cyberlottery.com>

Received: from [200.41.10.106] ([200.41.10.106:30228] helo=emelgur.com.ec)

by cm-mr6 (envelope-from <info@cyberlottery.com>)

(ecelerity 2.2.2.41 r(31179/31189)) with ESMTP

id C5/52-12760-48465FA4; Sat, 07 Nov 2009 07:13:56 -0500

Received: from emelgur.com.ec (localhost.localdomain [127.0.0.1])

by emelgur.com.ec (8.12.10/8.12.10) with ESMTP id nA7D63hH030002;

Sat, 7 Nov 2009 08:06:04 -0500

Received: (from apache@localhost)

by emelgur.com.ec (8.12.10/8.12.10/Submit) id nA7D5742029532;

Sat, 7 Nov 2009 13:05:07 GMT

X-Authentication-Warning: emelgur.com.ec: apache set sender to info@cyberlottery.com using -f

Received: from 82.128.68.20

(SquirrelMail authenticated user emelgur)

by emelgur.com.ec with HTTP;

Sat, 7 Nov 2009 13:05:07 -0000 (GMT)

Message-ID: <63076.82.128.68.20.1257599107.squirrel@emelgur.com.ec>

Date: Sat, 7 Nov 2009 13:05:07 -0000 (GMT)

Subject: Re:You Have won a cash prize of $2,500,000.00

From: “Mrs. Sandra Edward” <info@cyberlottery.com>

Reply-To: cyberlottery23@yahoo.com.hk

Bcc:

User-Agent: SquirrelMail/1.4.0-1

MIME-Version: 1.0

Content-Type: text/plain;charset=iso-8859-1

X-Priority: 3

Importance: Normal

[end of header]

AWARD WINNING NOTICE

Ref No.17/9424/1403

Batch No.448/1309731

Ticket/Series No.UQ673489

Amount Won: $2,500,000.00 USD

This is to formally inform and congratulate you on the result of the online cyber lotto which was conducted from an

exclusive list of 1,000.000 email addresses of individual and corporate bodies selected

by an advanced automated random computer ballot system from the internet. Your e-mail address emerged as a winner in

the category “A” with the following information enclosed.

You are therefore to receive a cash prize of $2,500,000.00. (Two Million Five Hundred Thousand United States Dollars)

To file in for the processing of your prize winnings, you are advised to contact our Certified and Accredited claims

agent for category “A” winners with the information below:

*************************************

Mr. Brad Brisson

Email:cyberlottery23@yahoo.com.hk

Telephone number : +234(0)8053 102427

http://www.lotto.nl/web/show

*************************************

You are advice to provide him with the following information and a copy of your international passport or driver’s

license via email attachment or by fax for vetting process which is a standard practice just to

ensure that we are dealing with the right individual.

Full Names:______________

Address:_________________

Age:_____________________

Country:_________________

Occupation:_______________

Telephone:________________

Sex:______________________

NOTE: Ensure to quote your Reference Numbers in all your communication with your claims agent. All winnings must be

Claimed not later than seven working days, thereafter unclaimed funds would be included in the

next stake.

Sincerely,

Mrs. Sandra Edward

Lottery Coordinator.

http://www.lotto.nl/web/show

October 28, 2009: Banking scams have been around for some time. We can be deluged with these from time to time from various local banking institutions claiming to have suspended your account, requiring you to login and straighten out the problem. Of course, this is a scam, because no legitimate financial institution would contact you this way to resolve a problem. Just today, we received NINE of these into different email accounts on our various domains:

From:	LegacyTexas Bank <accounts@legacytexasbank.com>

To:
Cc:
Date:	Wednesday, October 28, 2009 08:26 am
Subject:	LegacyTexas Bank temporarily suspended your account.
Message-ID:	<C2.69.05716.67838EA4@cm-mr18>
Received:	(qmail 25737 invoked by uid 78); 28 Oct 2009 12:26:31 -0000
Delivered-To:	TCW
Received:	(qmail 25735 invoked by uid 78); 28 Oct 2009 12:26:31 -0000
Received:	from unknown (HELO cloudmark1) (10.49.16.93) by 0 with SMTP; 28 Oct 2009 12:26:31 -0000
Return-Path:	<accounts@legacytexasbank.com>
Received:	from [62.103.159.130] ([62.103.159.130:46620] helo=europlanetservers.gr) by cm-mr18 (envelope-from <accounts@legacytexasbank.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP id C2/69-05716-67838EA4; Wed, 28 Oct 2009 08:26:31 -0400
Received:	(qmail 18393 invoked from network); 28 Oct 2009 14:26:29 +0200
Received:	from unknown (HELO User) (69.198.63.58) by ns1.europlanetservers.gr with SMTP; 28 Oct 2009 14:26:22 +0200
MIME-Version:	1.0
Content-Type:	text/html; charset=”Windows-1251″
Content-Transfer-Encoding:	7bit
X-Priority:	1
X-MSMail-Priority:	High
X-Mailer:	Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE:	Produced By Microsoft MimeOLE V6.00.2600.0000

Dear Customer,

LegacyTexas Bank temporarily suspended your account.
Reason: Billing failure.
We need you to complete an account update so we can unlock your account.

To start the update process follow the link below :

https://www.legacytexasbank.com/personal-banking
(actually goes to: http://crm.q-evo.com/modules/HelpDesk/images/update.htm)

Once you have completed the process, we will send you an email notifying
that your account is available again. After that you can access your account at
any time.

The information provided will be treated in confidence and stored in our secure database.
If you fail to provide required information your account will be automatically
deleted from Capital One database.
(Notice the inconsistency here: This is allegedly from Legacy Bank, yet refers to a Capitol One account)

October 27, 2009: Today’s banking scam comes (ostensibly) from FDIC:

From:	FDIC <noreply@fdic.gov>

To:	TCW
Cc:
Date:	Tuesday, October 27, 2009 10:18 am
Subject:	you need to check your Bank Deposit Insurance Coverage
Message-ID:	<000d01ca5710$66d7ea80$6400a8c0@damnationhduz>
Received:	(qmail 9467 invoked by uid 78); 27 Oct 2009 14:19:14 -0000
Received:	from unknown (HELO cloudmark1) (10.49.16.91) by 0 with SMTP; 27 Oct 2009 14:19:14 -0000
Return-Path:	<damnationhduz@redcoatpublishing.com>
Received:	from [92.228.218.43] ([92.228.218.43:1435] helo=g228218043.adsl.alicedsl.de) by cm-mr16 (envelope-from <damnationhduz@redcoatpublishing.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP id 40/0C-04885-16107EA4; Tue, 27 Oct 2009 10:19:14 -0400
Received:	from 92.228.218.43 by mail2.redcoatpublishing.com; Tue, 27 Oct 2009 15:18:49 +0100
MIME-Version:	1.0
Content-Type:	multipart/alternative; boundary=”—-=_NextPart_000_0006_01CA5710.66D7EA80″
X-Mailer:	Microsoft Office Outlook, Build 11.0.5510
Thread-Index:	Aca6QG6YQNSXD3D8WYRVW8J4HL1SX7==
X-MimeOLE:	Produced By Microsoft MimeOLE V6.00.2800.1158

You have received this message because you are a holder of a FDIC-insured bank account.
Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets.

You need to visit the official FDIC website and perform the following steps to check your Deposit Insurance Coverage:

Visit FDIC website: http://www.fdic.gov/bankinsured/failed/personalfile/holder.php?email=(your email address here) &id=11400326282655464830497816725880303974
(actually goes to: http://www.fdic.gov.pouikib.eu/bankinsured/failed/personalfile/holder.php?email=(your email address here) &id=11400326282655464830497816725880303974)
Download and open your personal FDIC Insurance File to check your Deposit Insurance Coverage

Federal Deposit Insurance Corporation

October 25, 2009: Today’s fun email scam comes allegedly from DHL. The atrocious spelling and grammatical errors should be enough to clue in those of us who actually can tell the difference (as good a reason as any to pay attention in school), but the BIG RED FLAG should be: are you actually expecting a DHL shipment? And even if you are… Be very suspicious of any email like this. Better yet, NEVER open an attachment in any email that was not preceded by an email or phone call from someone you know, advising you it was going to arrive. Observe all the bogus email addresses and domain names in the message header. NONE of these have anything to do with DHL. Just looking through the header of any email should tell you whether it is legit or not.

From:	Manager Patrica Ball <parcel@dhl-usa.com>
	[ add to contacts ]
To:	TCW
Cc:
Date:	Sunday, October 25, 2009 11:37 am
Subject:	DHL delivery service. Get your parcel NR.202768
Message-ID:	<000d01ca5589$1fad1dc0$6400a8c0@liberalizedjlt6>
Received:	(qmail 29781 invoked by uid 78); 25 Oct 2009 15:38:02 -0000
Received:	from unknown (HELO cloudmark1) (10.49.16.91) by 0 with SMTP; 25 Oct 2009 15:38:02 -0000
Return-Path:	<liberalizedjlt6@housingfind.com>
Received:	from [82.134.95.10] ([82.134.95.10:1362] helo=10.82-134-95.bkkb.no) by cm-mr16 (envelope-from <liberalizedjlt6@housingfind.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP id 2D/98-04885-9D074EA4; Sun, 25 Oct 2009 11:38:02 -0400
Received:	from 82.134.95.10 by dev.null; Sun, 25 Oct 2009 16:37:56 +0100
MIME-Version:	1.0
Content-Type:	multipart/mixed; boundary=”—-=_NextPart_000_0006_01CA5589.1FAD1DC0″
X-Priority:	3
X-MSMail-Priority:	Normal
X-Mailer:	Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE:	Produced By Microsoft MimeOLE V5.50.4522.1200

Hello!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly!

Attention!
The shipping label is attached to this e-mail.
Please print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox.

Thank you,
DHL Express Services.

Attached is the following file (obviously an infection): DHL_print_label_2b2ca.zip (30KB)

October 6, 2009: The newest and most expensive email scan is being perpetrated via conventional email as well as Facebook account email. The premise is simple. You receive an email ostensibly from a family member or close friend claiming to be in a faraway country and, having lost their wallet, purse or luggage, find themselves stranded and in need of emergency funds to pay hotel bills, airfare, etc. And who wouldn’t jump at the chance to help a close friend in need, right? This is exactly what the thieves are counting on.

The way this happens is very clever. The criminals send an innocuous-looking email with an attachment that is supposed to be a cute cartoon, joke, news item or other bit of entertainment that actually houses a virus, that when opened, installs a keylogger on your computer. Everything you type into your computer after that point is immediately communicated to the person who sent you the email. Now they know your email account login and can send emails to all your contacts “from you”. Also, they know the login to your bank accounts, credit card accounts, etc. – anywhere you’ve logged into since the infection was unleashed on your computer. how can you protect yourself?

First, don’t open ANY attachments unless you know exactly what they are. If someone you know sends you an email with an attachment, CALL THEM and ask what it is before you open it.
Second, Use AVG as your security tool, configured per our recommendations and you will be much safer.
Third, if someone sends you an email saying they are stranded and in need of money, CALL THEM to see if this is true. Call their friends and relatives to verify their location if you cannot reach them.
Fourth, and most important: Trust No One. Be suspicious of everything you see, hear and are told on the Internet or via email. One of our favorite sayings applies here: “Just because I’m paranoid doesn’t mean they’re not out to get me.”

Here’s the latest Google Adwords phishing scam directly from today’s mail:

Subject: Account Notice From: Google Adwords

Dear Google Adwords customer,

Your account has expired. You must renew it immediately or your account will be closed.

If you intend to use this service in the future, you must take action at once!

To continue click here, login to your Adwords account and follow the steps.
(http://online-adwords-google.com/) – not a legit Google address

Thank you for using Google Adwords

Google Customer Service DEP.

Please do not reply to this email. This mailbox is not monitored and you will not receive a response.

Message header:
From – Thu Oct 1 06:41:32 2009
X-Account-Key: account2
X-UIDL: 1254397000.7794.mail69
X-Mozilla-Status: 1001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Received: (qmail 7791 invoked by uid 78); 1 Oct 2009 11:36:40 -0000
Received: from unknown (HELO ns-mr16.netsolmail.com) (205.178.146.50)
by 0 with SMTP; 1 Oct 2009 11:36:40 -0000
Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.124])
by ns-mr16.netsolmail.com (8.13.6/8.13.6) with ESMTP id n91BaeEY012415
for <TCW>; Thu, 1 Oct 2009 07:36:40 -0400
Received: from jbhnet.net ([72.43.255.228]) by hrndva-omta02.mail.rr.com
with ESMTP
id <20091001113640264.KAWH6389@hrndva-omta02.mail.rr.com>
for <TCW>;
Thu, 1 Oct 2009 11:36:40 +0000
Received: from localhost.localdomain (u15198697.onlinehome-server.com [82.165.183.101])
(authenticated user barb@jbhnet.net)
by jbhnet.net (mail.jbhnet.net [127.0.0.1])
(MDaemon.PRO.v6.8.5.R)
with ESMTP id 37-md50000000674.tmp
for <TCW>; Thu, 01 Oct 2009 07:37:49 -0400
From: “Google Adwords”<noreply@adwords.l.google.com>
To: <TCW>
Subject: Account Notice
Content-type: text/html; charset=us-ascii
X-Authenticated-Sender: barb@jbhnet.net
X-Spam-Processed: mail.jbhnet.net, Thu, 01 Oct 2009 07:37:49 -0400
(not processed: message from valid local sender)
X-MDRemoteIP: 82.165.183.101
X-Return-Path: barb@jbhnet.net
X-MDaemon-Deliver-To: TCW
Date: Thu, 1 Oct 2009 11:36:40 +0000
Message-Id: <20091001113640264.KAWH6389@hrndva-omta02.mail.rr.com>

(notice it is really <allegedly> sent by barb@jbhnet.net via a Roadrunner account <mail.rr.com> – clearly NOT from Google)

Subject: ACCOUNT SUSPENSION From: YAHOO MARKETING SERVICES

Dear Member,

Your Yahoo Marketing account has expired. You must renew it immediately or your account will be closed. If you intend to use this service in the future, you must take action at once!

To continue click here, login to your Yahoo Marketing account and follow the steps.
(Goes to: marketingsolutions.yahoo.apotterscall.com/ )

Thank you for using Yahoo Marketing!

Yahoo Marketing Services DEP.

Please do not reply to this email. This mailbox is not monitored and you will not receive a respons.
(Note misspelled last word)

No comments »

Posted in Bad Things in General, Information, News, Recommendations

Tags: Add new tag banking scam dhl scam email scam Facebook fdic scam paypal scam phishing phishing scam scam sears account