Hotmail and Yahoo Email ScamYou may receive an email that appears to come from Hotmail, Windows Live, or Yahoo and claims that you must reply within 48 hours or your email account will be closed.
The message states that they are having 'congestion' problems due to anonymous registrations and so they need to delete some accounts to deal with this problem.
To prevent your email account being closed, you are instructed to reply to the email and provide your username and password. Some emails ask for additional information.
This email is not from Hotmail, Windows Live or Yahoo. It is a phishing email scam designed to steal your account login details. If you reply, you will be handing over your email account to the scammers for them to do as they wish.
One of the scammers main uses of these email accounts is to gain access to the contact list. Once they have the contact list they can send emails to those contacts on the list,and it will appear to come from the account owner.
A common strategy is for the scammers to send an email to the contact list [which will be in the account holder's name], stating they are stuck in an overseas country, or had an accident in an overseas country, and they need money to be sent to them.
Some of the recipients will likely believe it and send money because it will come from the original account holder's account with their email signature etc.
The real owner of the email account is unlikely to know that this is happening.
Although the scammers can use different reasons to get you to send your login details [such as the email account exceeding its storage limit, or increased security changes or system upgrade] the result is always the same – they want you to send your login details.
Be cautious of any messages asking for login details as they are almost always a scam.
Anti Virus Software ScamsWhile browsing the Internet, you may receive pop-up security warnings that state that your computer is infected with numerous viruses.
These pop-ups [known as scareware] look authentic and may even display what appears to be real-time anti-virus scanning of your hard drive. The scareware will show a list of reputable software icons; however, you cannot click a link to go to the actual site to review or see the recommendations.
The scareware is intimidating to most users and extremely aggressive in its attempt to lure you into purchasing the rogue software that will allegedly remove the viruses from your computer.
Once the pop-up appears it cannot be easily closed by clicking "close" or the "X" button. If you click on the pop-up to purchase the software, a form is provided that collects payment information and you are charged for the bogus product.
In some instances, whether you click on the pop-up or not, the scareware can install malicious code onto your computer.
Downloading the software can result in viruses, Trojans and/or key loggers being installed on your computer.
The assertive tactics of the scareware has caused significant losses to users and the FBI has an estimated loss to victims in excess of $150 million.
Be cautious — cyber criminals use easy to remember names and associate them with known applications. Beware of pop-ups that are offering a variation of recognized security software. It is recommended that you research the exact name of the software being offered.
Take precautions to ensure your operating system is updated and security software is current.
If you receive these anti-virus pop-ups, it is recommended you close the browser or shut the system down. It is suggested that you run a full, anti-virus scan whenever the computer is turned back on.
Festive Season Scam Alert
With the festive season
approaching, the Federal Bureau of Investigation [FBI] is reminding people
that cyber criminals continue to aggressively create new ways to steal money
and personal information. Scammers use many techniques to fool you including
fraudulent auction sales, reshipping merchandise purchased with a stolen
credit card, and sale of fraudulent or stolen gift cards through auction
sites at a discounted price.
Internet criminals post classified
ads or auctions for products they do not have. If you receive an auction
product from a merchant or retail store, rather than directly from the
auction seller, the item may have been purchased with someone else's stolen
credit card number. Contact the merchant to verify the account used to pay
for the item actually belongs to you.
Be careful about purchasing gift
cards from auction sites or through classified ads. If you need a gift card,
it is safest to purchase it directly from the merchant or another authorized
retail store. If the gift card merchant discovers the card you received from
another source or auction was initially obtained fraudulently, the merchant
will deactivate the gift card number and it will not be honored for
Be wary of e-mails or text messages
you receive indicating a problem or question regarding your financial
accounts. In this scam, you are directed to follow a link or call the number
provided in the message to update your account or correct the problem. The
link actually directs you to a fraudulent Web site or message that appears
legitimate where any personal information you provide, such as account
number and PIN, will be stolen.
Here are some tips you can use to
avoid becoming a victim of cyber fraud:
Email Account Deactivation Warning, and Facebook Password Reset
The Email Account Deactivation Warning email advises you that your email account has been deactivated due to unusual activity being detected.
The email instructs you to extract and run an attached "mailbox utility", supposedly in order to restore your email service.
The email however is not from your ISP or hosting company and the attachment does not contain a mailbox utility. In fact, if you open the attachment, it will install a copy of the Mal/EncPk-LP Trojan on your computer.
The email messages use fake sender addresses to make it look like they originate from your service provider [if your email address was email@example.com, the malware email will arrive with an address like firstname.lastname@example.org and will also end with a line such as "best regards, provider.com technical support"].
This is done to trick more people into opening the email by trying to look legitimate.
The Facebook Password Reset Confirmation email states that your password has been changed as a security measure, and that your new password is in the attached document.
The goal of the email is to get you to open the document to read your new password, and if you do this, you will in fact be launching a copy of the Bredolab Trojan. Once installed, this Trojan is able to download and install other malware components such as key loggers and password stealers and allow Internet criminals to control your computer from the other side of the world.
If you receive an email like this or the one above, don't open any attachments or click on any links in the message. It is quite easy for criminals to make it appear that an email is legitimate by using fake "from" addresses, disguised links, and logos or other graphics stolen from the genuine company's website.
Remember You will never be sent any new passwords in an attachment.
Be aware that the Bredolab Trojan is also distributed via emails that include fake shipping confirmation messages and messages supposedly confirming the order of goods bought online.