go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: security news and commentary

Go to Homepage [0], contents or to navigation menu



Name doesn’t match, theres no deal

In the below comment form I just saw, although you’ve seen this before, the names don’t match.


Below is the result of your feedback form. It was submitted by
() on Sunday, May 03, 2020 at 17:01:44

Name: Elijah
phone: 02.47.98.76.96
contact_method: both E-mail and phone
bug: no
additional_bug_info: Hello

First, I would just like to say that I hope that you, your colleagues and loved ones are all healthy and well during these challenging times.

I think you have a great website, however I feel that you lack engaging videos to promote your products.

We offer customised animated videos at pricing you probably haven’t seen before. Please check us out at https://bit.ly/3bLCbFT

We are running a promotion for the next 24 hours.

Best wishes,

Ian
comment_or_question: Hello

First, I would just like to say that I hope that you, your colleagues and loved ones are all healthy and well during these challenging times.

I think you have a great website, however I feel that you lack engaging videos to promote your products.

We offer customised animated videos at pricing you probably haven’t seen before. Please check us out at https://bit.ly/3bLCbFT

We are running a promotion for the next 24 hours.

Best wishes,

Ian

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 89.187.178.239


What deal for what videos? I didn’t ask for any emails about any videos. This doesn’t even make sense and you fill out the bug reporting aspect of this as well as the comment aspect?

I should start blocking everyone who can’t fill out the forms correctly. No IP lookups, just flat out blocking through something called an IP deny manager. I hate the idea of blocking, as that can be circumvented, but fighting Spam like this needs to start somewhere. I’ve already killed one contact form, I should need to kill another one or two or three? Then nobody will contact us and thats not what the network is for. I’m curious on how people deal with these, especially now that we can’t go anywhere in some places. Do you block things like these at the IP level? We already know the forms email addresses could be forged anyway so blocking by email isn’t the question, and some form processors allow for that. I’d say I could do that, but I don’t like the idea because it can easily gotten around.

Comments (2)

Another type of extortion attempt? I am not laughing, nor am I convinced

I’ve gotten two of these emails, one at jaredrimer.net and the other at whitecanetravel.com on the 28th. I want people to see this, and tell me if I’m correct. Do you all think this is an extortion attempt? I do, as bugs legitimently coming to me I fix. If I’ve been hacked, I want to know about it so I can fix it. If I can’t, I can get the assistance. You be the judge.

Here is the first form.


Below is the result of your feedback form. It was submitted by
() on Thursday, April 30, 2020 at 01:08:41

Name: Leticia
phone: 479 9456
contact_method: phone
bug: no
additional_bug_info: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.jaredrimer.net and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1HGxLfhnMzPEzWD7YeBwtWUGj3E2Q2YJKE

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I donâ t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, thereâ s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, donâ t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.
comment_or_question: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.jaredrimer.net and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.jaredrimer.net was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1HGxLfhnMzPEzWD7YeBwtWUGj3E2Q2YJKE

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I donâ t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, thereâ s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, donâ t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
REMOTE_ADDR: 92.223.89.5


Thats nice. You clain you hacked white cane travel and extracted data, but there is no data to be had. jaredrimer.net has no data to be had either, unless you hacked my word press database. If thats the case, you’ll have a lot of spam accounts plus a few legit accounts. WCT does not have any stored data, and any forms that come come via email. I hope you people have fun with whatever you had.

Here’s WCT’s email.
<


Below is the result of your feedback form. It was submitted by
() on Tuesday, April 28, 2020 at 09:12:45

name: Adam
phone: 04.35.62.75.78
method: Both E-Mail and Phone
to: First Available
bug: No
additional_bug_info: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.whitecanetravel.com and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.whitecanetravel.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I don_t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there_s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don_t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.
comment_or_question: PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!

We have hacked your website http://www.whitecanetravel.com and extracted your databases.

How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.

What does this mean?

We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site http://www.whitecanetravel.com was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.

How do I stop this?

We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).

Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):

1Bs6CYDuHy1UGLr5ccz2UxRNcPGpeAa7tz

Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!

How do I get Bitcoins?

You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you to start with http://coinmama.com for buying bitcoins with credit/debit cards or http://localbitcoins.com for other type of payments.

What if I don_t pay?

If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there_s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.

This is not a hoax, do not reply to this email, don_t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!

Please note that Bitcoin is anonymous and no one will find out that you have complied.

HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:59.0) Gecko/20100101 Firefox/59.0
REMOTE_ADDR: 92.223.89.5


Do you all think this network is stupid? If there is a legitiment bug, I need to know, I’m not scared by my reputation because you fill out the comment form in the bug reporting form trying to scare me. You say not to contact you, but I bet the addresses in both forms I provided are fake. I know the phone numbers provided are definitely fake, so I surmise this is fake. Have fun with whatever data you have, because bugs that come to me get fixed. It is a blatent targeted attempt to extort money, and I want people to see this. I need every dime of my money right now, and I know other people do too. Have fun trying to extort me, because I have things under control. Enjoy!

Comments Off on Another type of extortion attempt? I am not laughing, nor am I convinced

Nigerian 419 scam takes advantage of the Corona Virus pandemic

I should probably not be surprised while catching up on Phishlabs and their continuing coverage of lures that can take advantage of people during the Covid pandemic.

Nigerian letter frauds combine the threat of impersonation fraud with a variation of an advance fee scheme in which a letter mailed, or e-mailed, from Nigeria offers the recipient the “opportunity” to share in a percentage of millions of dollars that the author—a self-proclaimed government official—is trying to transfer illegally out of Nigeria. The recipient is encouraged to send information to the author, such as blank letterhead stationery, bank name and account numbers, and other identifying information using a fax number given in the letter or return e-mail address provided in the message. The scheme relies on convincing a willing victim, who has demonstrated a “propensity for larceny” by responding to the invitation, to send money to the author of the letter in Nigeria in several installments of increasing amounts for a variety of reasons.

FBI: Nigerian Letter or “419” Fraud

Accessed April 13, 2020: 14:15 PT

While these are the common schemes quoted above, Phishlabs is reporting that they have now updated this very successful tactic for the modern pandemic.

Its not like people have anything else to do but get swept in to these types of things, and I’ve seen this type of thing sent to my email.

One of them contacted me through twitter, asking me to email them.

I did, thinking maybe it was a penpal relationship like they used to do via the mail or letterbox.

Boy, was I wrong. After sending an email, I got greeted with this type of scam.

In the following example, I’ve eliminated the point of contact, but left the letter in tact for you to see how this works. There are very different forms of this, and this is just one. I did respond saying I couldn’t help them and explained to them what this was. Never heard from them again!


Hello, my darling

Please with due respect and in the name of God.
First, thank you; in line with the message I sent to you, I am more than happy in your reply to my email. How is everything there in your country, I believe that you are in good health, and the atmosphere there in your country is very nice today? Mine is a little bit warm over here in Dakar Senegal.

My name is (claribel Abdel) am from Libya in North Africa, I am (23 years old), but age does not matter in a real relationship, I’m from (Libya), 5.2 feet tall, fair complexion in single (never married) and am currently residing here in Dakar as a result of the war that happened in my country that I had escaped to this country Senegal were’m under refugee camp.

My late father Major General (Abdel Fattah YOUNES). My late father He held the rank of Major General and the post of Minister of the Interior, but resigned on February 22, 2011 to desert the rebel civil war in Libya. My father was killed by members of an anti-Gaddafi military on 28 July 2011. When the rebels anti-Gaddafi military troupe attacked our house one early morning killing my parents. Also my mother was six months pregnant and she was a university professor before his death, it is only me that is alive now because I am the only child of my parents, and I managed to make my way with the help of UN to Senegal, where I am leaving now as a refugee. It was on a morning attack early by militant groups killed two members of my family my mother and father in a cold blood, also my mother was six months pregnant.

Now, as I’m talking to you, I am the only living person in my family, and I managed to make my way to this country (Senegal), where I’m going now as a refugee under the care of Rev. Father John Simon, who is the priest (Catholic Church Saint-Louis Roman (Senegal) here in the field, he has been very good to me since I came here but I am not living with him rather I live in the women because the camp have two hostels one for men and one for women.

Please do not be offended by this message that comes from me, please, it’s just that I do not know what else to do because my situation here as a refugee is giving me great concern, therefore, I would like you to consider my situation as an orphan, and be kind to me, as I’m putting all my trust in you with fear, although I do not know who you are before, but I believe that with God all things are possible and you can not me betray in the end.

I have communicated to you because of my difficult situation here in this refugee camp, Its just like one staying in the prison and I hope by Gods grace I will come here soon.
I do not have any relatives now whom I can go to, all my relatives ran away in the middle of the war the only person I have now is Reverend Father John simon, who is our guardian here in this refugee camp, he has been very fun for all the bodies in the camp, but we’re not living with him rather we are leaving the hostel, which is divided into two sections, one for men and the other for females.
Father Rev Tel number is (+221 780177232) if you call, please tell him you want to talk to me Miss.claribel Abdel, Libya he will send for me in the hostel to come and talk to you. Here in this camp I’m sending e-mail through the office computer of the church at the far office Rev. Because As a refugee here we do not have any right or privilege to anything be it money, phone, computer, or whatever because it is against the law of this country. I want to go back to my studies because I only attended my first year before the tragic incident that lead to me being in this bad situation. I was there when I saw my mother killed with six months of pregnancy.

Please listen to this – (because it’s a secret, it is not known about it except me and you know it)

I have the death certificate of my late father here with me, I’ll send you later, because when he was alive he deposited some amount of money in a leading bank in Europe which he used my name as the relative closest, the total amount is US $ 9.5m (nine million five hundred thousand US dollars). So I will like you to help me transfer this money to your account and from it you can send some money for me to get my traveling documents and air ticket to come to know him in his country. I kept this secret to people in the camp here the only person that knows about it is you and me.

For your own information, I want you to see the news about the killing of my late father, story by BBC World News http://www.bbc.co.uk/news/world-africa-14336122 So I like you to keep it to yourself as a secret and not tell anyone because I’m afraid of losing my life and the money if people know about it.

Remember I am giving you all this information due to the trust i deposed on you. I like honest people and understanding, true and people who have vision, and God fearing person worker. My favorite language is English and I speak very fluent English.

I can trust you as a true friend?

Meanwhile I would like you to call me, like I said, I have much to tell you ..
Have a nice day and think about my condition here
Attached here is my pictures for you,

Awaiting to hear from you soonest
Thanks and remain blessed.
with love. Lovely your claribel


Don’t be fooled! I told this person I couldn’t help them and have never heard from them again. They were the ones who sent me a message after I looked at their profile and it looked OK there. This is unfortunate I got this back in November, and I am not interested in wiring money to get it. You can donate money through my web site or even through paying me for services. I didn’t win millions, and I don’t even know who this is.

COVID-19 Phishing Update: Nigerian Prince Lures Evolve with Crisis is the article. There is a link to other samples, but I did want to post this one because of how prevelent it is today. I’m not saying the others are not, but I’ve seen this one, so this is what I want to talk about in this post.

Seen the 419 scam in this light? Lets discuss it! The comment boards await you.

Comments Off on Nigerian 419 scam takes advantage of the Corona Virus pandemic

Microsoft sending email account problems? Better check that URL!

In the following example I’m describing, it leads to a web site which I do not want you to visit.

I’ve gotten now a second email from Microsoft.

Here is the latest one:


Unusual Sign-in activity

We detected something unusual about a recent sign-in to Microsoft account

Sign-in details

Country/region: Unted State
IP address: 107.170.166.118
Platform: Mac OS
Browser: Chrome

Please go your recent activity page to let us know whether or not this was you . If this wasn’t you. we’ll help you secure your account. we’ll trust similar activity in the future.

Review recent activity

The Microsoft Security Essentials
Microsoft Team office Center
all rights reserved © 2020


The view account information leads to http://office365-online.myvnc.com/cutomer/portal/ Don’t go here!

Firefox reports:


Deceptive site ahead

Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards.

Advisory provided by Google Safe Browsing.


I was curious, as the email address apparently said or a similar address, but we know that this can’t be the case.

The email does look very authentic, and this is what will get people. As someone who is curious on what the trend is, I only click to look, nothing more. Having Firefox on your side is great, as they may see this and mark it bad as Google does, through their safe browsing feature. Thats awesome, Google!

Make sure to check your links.This email and another one came to us through our contact at menvi.org’s email address.

Here are the headers:


imap://menvi-webmaster%40menvi%:143/fetch%3EUID%3E.INBOX%3E43967
Return-Path: <>
Received: from cp1-benor.nocwest.net
by cp1-benor.nocwest.net with LMTP
id Nbd7Bi3Yh159JwAAIyXCCQ
(envelope-from <>); Fri, 03 Apr 2020 20:43:25 -0400
Return-path: <>
Envelope-to:
Delivery-date: Fri, 03 Apr 2020 20:43:25 -0400
Received: from static.26.106.130.94.clients.your-server.de ([94.130.106.26]:33651 helo=thindra1.info)
by cp1-benor.nocwest.net with esmtp (Exim 4.93)
id 1jKWuB-0002bW-1m
for ; Fri, 03 Apr 2020 20:43:25 -0400
Subject: Microsoft account unusual sign-in activity
From: Microsoft account teamno-reply@microsoft.com
Reply-to: no-reply@microsoft.com
To:
Content-Type: text/html; charset=us-ascii; boundary=CMF8FBR06Z2XNQEBJOR4.1200369.CMF8FBR06Z2XNQEBJOR4


Nice going guys, wanna try something I’ve not seen? Problems with an account that is a forwarder and on the proper server that is working isn’t going to fool me or my team any.

Comments Off on Microsoft sending email account problems? Better check that URL!

Zoom is filled with problems, two in Mac and one potential in windows

If Zoom didn’t have enough problems, this article I’m going to link to indicates that you can have problems with the Zoom client for Mac. Zoom Bombing is when someone takes control of your meeting and does stuff that you’re not wanting. to happen. This is more to do with video conferencing and the different sharing aspects, so we may not have anything to worry about.

With the two Mac issues which can happen anywhere, I’m hopeful that the company will address and fix these vulnerabilities as a company in this space should do. The article Zoom’s Privacy Problems Snowball as Two Zero Days Uncovered should be read so you’re aware of it and take the necessary precautions as you see fit.

Comments Off on Zoom is filled with problems, two in Mac and one potential in windows

Webinar on covid19 from a guy that should be giving this talk

Mikko Hypponen is the chief researcher at F-secure. This is going to be given on the first of April looking like Evening US time. I’m going to attend and see what he has to say. CYBER SECURITY AND COVID-19 is the page, please sign up if you can. I’ll try to tape this for future podcasting.

Comments Off on Webinar on covid19 from a guy that should be giving this talk

Posting on a forum for credit card info: lets teach our kids

I’ve been trying to come up with a way for me to talk about something I saw on a forum, without making it sound like it is one of the worst things you can do.

While it isn’t advisable to be posting questions asking for different types of info, I want to be caucious at the fact that there are people here that may not know better and do something that could harm them.

We’ve all done it, posted something somewhere we shouldn’t have. Its a possibility that I did this, even in my adult years, so I’m going to harp on myself as well as part of this post.

One of the things in today’s internet we need to be aware of are sites called Dark Web sites. Sadly, the Dark Web and the Deep Web can be used interchangeably according to Wikipedia’s lookup on dark web.

Some of the things that can go on in the dark or deep web is credit card selling. Also, tons of personal information is sold in the dark or deep web. With that, what I saw was posted in a forum in the application Dice World, which would be considered the clear web, or the vast majority of the visible Internet.

I’ve talked about Dice World problems before with good news included. The latest bad thing was this post talking about cheating as it relates to games which would include Dice World. We’ve also talked about dice world in our podcasts like podcast 326 and podcast 341 just to name two of them.

I’m not going to talk about this on my podcast, but I want to highlight with this post that the information about asking for information can go on any type of forum or mailing list, and this should not be taken just from the forum on Dice World.

Someone posted on the forum for someone to give them access to a credit card because they could not pay for more space on their icloud. The person in question indicated that they were under the age of 18. I’m not going to mention the age, nor the user name because I do not remember the user name off hand, and the age would not be appropriate to disclose in case it is wrong.

I can tell you that I’ve never seen this type of thing, and responses indicated that people should not give them any information. I was caucious and said that you should only do this with people you trust, not from an open threat such as this.

Mistakes can happen, no matter what the platform is. We’ve talked about software stuff before and now the phishing attacks with the Corona Virus. I’ve also talked about scammers targeting the blind but I don’t feel that this was necessarily the case.

I feel that the report I was given was pretty genuine, this may have been a child. who didn’t know any better, and education is appropriate. If I were able to moderate this, I would educate them about the fact that this is not necessarily a good idea, and that their parent or legal guardian should be responsible for their spending. I know that my stuff is paid for in this way, although I do pay for other things as well.

I’ve made mistakes on mailing lists, and was talked to, so I’m not singling any person out when I say that this person should’ve been blocked. I would definitely hope that once the post was removed by Dice World, immediate communication comensed by Email or messaging through the application to explain that this was not a good thing to do.

We should teach the young, not give them harsh punishments. As it were, the account was created the very day that I saw the post. In part, “I don’t normally do this, but …” and it was followed by the request.

My blog tries to cator to everyone, so if the person effected was to read this, I’d love to talk to you about the Internet so you understand what is happening now especially since things are changing in this world.

Do you know anyone who may be doing this? Do teach them, lets not give them a hard time. They aren’t criminals, yet. Look at the intent and determine whether or not a harsh punishment is necessary.

Comments Off on Posting on a forum for credit card info: lets teach our kids

What is this? This is another scam … as the domain doesn’t exist?

OK, I saw this in my email. They’re saying that the site listed in the IP unblock request form is not posting how we’re not doing anything to protect our members of the public.

First of all, the sites along my network are open to the public at large, and do not serve any pbulic people coming in to buy, unless I’m unaware of it.

Due to the nature of the issues, if they didn’t receive notice, its because they probably don’t live here in the area?

I know sites are posting notices, but it is not important for general info like any of my sites are to post notices.

Check this out.

On another note, the domain doesn’t exist!


Below is the result of your feedback form. It was submitted by

() on Wednesday, March 18, 2020 at 15:00:47

name: Cassie Buzzard
phone: 077 4527 1363
user: Cassie Buzzard
domain: bccsc.net
how_did_you_get_blocked:
Hello,

I have not received an update regarding measures you’re taking to combat COVID-19. I hope to hear that you are following all recently released guidelines and taking every precaution to protect our community?

Please reference the CDC’s emergency page (https://emergency.cdc.gov) and please consider completing a “Coronavirus Precautions and Pandemic Planning” course (http://pandemicplanning.info).

Without strict measures and an educated community, the virus will increase exponentially throughout the (global) population, as it’s already doing!

Stay safe,
Cassie
other_comments:
Hello,

I have not received an update regarding measures you’re taking to combat COVID-19. I hope to hear that you are following all recently released guidelines and taking every precaution to protect our community?

Please reference the CDC’s emergency page (https://emergency.cdc.gov) and please consider completing a “Coronavirus Precautions and Pandemic Planning” course (http://pandemicplanning.info).

Without strict measures and an educated community, the virus will increase exponentially throughout the (global) population, as it’s already doing!

Stay safe,

Cassie

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36 115Browser/8.6.2
REMOTE_ADDR: 162.245.222.236


Please do not waste my time sending this to this network as clearly its spam. I know the phone number is fake and so is the domain. If there is a place I should be forwarding this, please let me know. This is why the world is scared because of messages through contact forms like mine.

Take this as your notice. I’m not interested in spewing notices that are not welcome, and if my members of my site are interested, they can contact me through my sites and ask specific questions.

Comments Off on What is this? This is another scam … as the domain doesn’t exist?

Working from home? Better look at this

AA20-073A: Enterprise VPN Security has been sent to me, and it is a bulletine put out by the government. This document covers the potential for people to work from home because of this unpresented disease that has come across the world. Alert (AA20-073A) Enterprise VPN Security is the article linked here, and it has some great tips if you are concerned.

This does not cover anything from CDC and other things that you can get from other places on how to protect yourself, but this does provide information when it comes to securing yourself while working from home and what Phishers may do to try and steal passwords.

While we continue to learn more about this dangerous virus, lets make sure that the security is not taken along with us.

Comments Off on Working from home? Better look at this

IS TLS 1.0 and 1.1 really ready to go?

Livewire says yes, and articles out there have more

The last several days on Livewire have been quite interesting. Last week, I experienced a technical issue which has since been resolved. On top of that, I was notified that the site was upgraded to only work on 1.2 or higher TLS connections. Sans News Bites talks about this in one of their segments and this blog post entitled: It’s the Boot for TLS 1.0 and TLS 1.1 is one post and it comes from Mozilla themselves.

After the technical issues were resolved in live wire, someone recently reported running Windows 8, Firefox, and Jaws 16.

  • Windows 8, to my knowledge is not getting any updates
  • Firefox may be old, and unable to understand the TLS infrastructure
  • Jaws 16 isn’t supported with bug fixes
  • Chrome can’t run on 8

In the next podcast, I talk about Live Wire a little bit, what it is, the basics on the LTN (Livewire Telephone Network) and that while I did have an issue, it was my own doing.

The person behind Live Wire understands the security well, and I believe more sites will be moving toward this aspect. I said this before reading this article, and this is Sans News Bites from February 11, 2020. If I had the chance to read this before that discussion, I’d be more up to date!

Browsers negotiate to the highest common denominator which can mask the presence of less secure connection options. Make sure you’re regularly scanning the encryption settings on your web servers to ensure older, less secure connections are disabled, or monitored and documented where enabled. Monitoring may show the need to support older less secure operating systems and browsers may not be as significant as thought, or worth the risk.

Livewire is the first site to my knowledge to have taken this step, and I believe we’ll have more.

There are other articles around the web that covers this, and I’m running 73 of firefox now and have no trouble with connecting to Livewire since my own technical issue was resolved.

Comments Off on IS TLS 1.0 and 1.1 really ready to go?

Phishlab’s webinar was very informative

Hello folks, i hope you were able to get to today’s webinar from Phishlabs. If you missed it, This blog post had details.

They covered quite a number of things, including some of the scams I’ve seen including the romance scams. This blog post for example covers technical support scams, and as that article covers, it isn’t just your typical scam where you call a number for a problem. The scammer will lock your files, than have you covered by you calling a number to get help.

This blog post talks about how the romance scam talks to other people in the blind community like what has happened to me with various podcast and blog posts on people asking me for gift cards and money.

When I’ve encountered these folks, I told them that I did not have the money, and if they wanted a relationship, calling me would be best so we can see where it goes. None of them ever called!

This blog post was posted when I saw the article on why social media is increasingly abused for Phishing and scam type behavior.

This blog post is a podcast announcement and the podcast can be made available. I believe I talk about one such scammer here and what they were trying to do to me. Millitary people asking for money in itunes gift cards?

I’m sure you can find more if you search for scam on the blog, or scammers. Books talking about scams are emntioned, and much more!

I’d love to get this webinar out to the public, but this is Phishlabs webinar, so time needs to be given to allow people who signed up at first dibs.

I’ll see if I can get a recording of this, as I had, but not sure if the other copy will be the better one to use.

Thanks for reading, and make it a great day!

Comments Off on Phishlab’s webinar was very informative

Scammers hitting the blind, same as my talks earlier

Dice World has been talked about on my podcast as well as it being demoed in various aspects throughout the podcast. I’ve been recently looking at the forums that have now been added, and it looks like the scammers are now targeting the blind.

On podcasts prior, I’ve talked about multiple people who have added me to twitter and have asked for my Hangouts. After getting me on Hangouts, they insist on either having me pay to get them here to see me, asking for gift cards, or even money.

One of these people I said that I couldn’t pay for anything, and that they’re a scammer. They were rude saying that I shouldn’t mess with their business and that their lawyer would contact me. I told them that I would tell them everything, and yet, still no lawyer. Its a business to scam people out of money and try to get people to have a so-called relationship with no voice or video communication?

While I’ve been on dice world for a number of years, it saddens me that the blind community is now being targeted with people who are doing this type of thing. I’ve not encountered them on my own through that platform, but the developer is encouraging players to report this to them by email.

Podcast 289 which is available upon request if you can’t find it through RSS, talks about one such person who followed me on twitter. As someone who has been on the Internet for quite a number of years, before some, I’ve read plenty of articles and even some books about what these people can do. This Blog Post talking about Scam me if you can is one such book, and I’m sure there are others.

Since this is a blog talking about all sorts of things, I want people to know what I’m seeing. If you think that scams like this could happen on a gaming platform like Diceworld, this article talking about employment scams may be a reminder that it isn’t just the above mention we should be talking about or even this tech support article where scammers will go after your hard earned files and even try to have you pay money to supposedly fix the problem they will or have already started.

Think thats all we have to deal with? > Phone Phishing, Data Breaches, and Banking Scams is something else, and you can search this blog for more.

The fact that the scammers, one of whom is changing their name from male to female, is coming over to a platform like Diceworld, means nothing. This is sad! Some of the people on this type of platform don’t know a whole lot about these people, and they can fall for whatever they ask, and question it afterword or even while communicating with them.

This is a sad state of affairs. I’m saddened that these people have nothing else to do with their lives. I think some of these people are very employable and can use their skills for good instead of getting money out of a community that relies on money to survive.

This is not going to go away any time soon, and if you search scam on this blog, you’ll find lot of articles besides the ones I’m linking here in this post. Use your gut. Its there to tell you if something is not right. Follow what it says. There’s a community out there who are bringing it up, and asking questions, and thats great! Keep it up!

If I can be of help, please feel free to reach out. I’m just an email, imessage, phone call, or text message away!

Comments Off on Scammers hitting the blind, same as my talks earlier

Security Now, podcast 750

Security Now, released podcast 750. Twit.tv’s sn page and the RSS for you here.

Below, find the stories talked about.


SN 750: The Crypto CurveBall
?Tuesday, ?January ?21, ?2020, ??6:41:14 PM
This Week’s Stories:

  • iPhones join Android in being a Google account security key.
  • How much “substantive assistance” did Apple provide in the Pensacola investigation?
  • A brand new serious Internet Explorer 0-day
  • Giving Windows an additional Edge
  • FBI says nation-state actors breached a US city government and a US financial entity by exploiting Pulse Secure VPN servers.
  • Critical new Windows Remote Desktop Gateway (RD Gateway) remote code execution vulnerability
  • SQRL for Drupal
  • Microsoft issues security update to fix “CurveBall” vulnerability
    Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Comments Off on Security Now, podcast 750

Use WordPress database? Better update it!

We do not use this plug in on the blog, but saw this article via Twitter called: This WordPress vulnerability could let hackers hijack your entire site and it talks about a plug in called word press database. It allows someone to manage the database, but the vulnerability makes the entire web site disappear if the hacker wanted. Read the entire article on this one, it sounds pretty serious enough.

Comments Off on Use WordPress database? Better update it!

Trend Micro’s January webinar

This month, Trend Micro will go through the predictions of 2020.

• What threats your organization needs to prepare for in the coming year.
• How to pitch your focus towards what issues matter most to you.
• How protections can be put in place to mitigate the risks these predictions may bring.

John Clay will be hosting this, Here’s a link to sign up and just fill in your info. It may have mine, just overwrite it with yours to sign up.

I’ll do my best to tape this webinar and get it out there. I’ve not forgotten the webinar I said I’d cover, it’ll be coming. Hope to have you join me!

Comments Off on Trend Micro’s January webinar

Security Now from last week

I started doing this last year, and now I’ll try again. Here are the notations of Security Now!

Here is their RSS feed and here is the web page if you wish.


SN 749: Windows 7 – R. I. P.
?Tuesday, ?January ?14, ?2020, ??7:18:33 PMGo to full article
This Week’s Stories:

  • Windows 7 support dies today, but 1 in 7 PCs are still running it
  • Cablehaunt- the remote exploit with the catchy logo that works on ALL cable modems
  • US government still wants backdoor access to iPhones
  • CheckRain iPhone jailbreak keeps getting better
  • How Apple scans your photos for evidence of child abuse
  • The sim swapping threat
  • Anatomy/timeline of the exploitation of an unpatched VPN bug
  • And speaking of patching right away… patch your Firefox browser right now!
    Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.


Hope this finds some interest on people.

Comments Off on Security Now from last week

Yahoo forcing random password resets … am I the only one supporting someone having trouble?

This is more of a curiosity thing than anything else, but I have a hunch from what I’m told that this has been going on for a number of years now.

The service AT&T has email service. When we started with this service it was known as SBC Yahoo! Through the years, some have gotten straight att.net addresses although the web site is a dot com for everything else.

In this world, we’ve got many types of people with varying degrees of capability in the technology world. We also know that Yahoo! email has been breached and that came to light three years after the fact.

When you authenticate as an SBC Yahoo! customer using mail, you go to the Yahoo! mail web site.

The authentication is your full email address I.E. which belongs to me. It also asks for your password, which is the account password for that address.

Here’s the problem. I was able to switch the account to a different interface two weeks or so ago. But for awhile now, ATT Yahoo! account holders need to reset their password every two weeks.

My grandmother has had an SBC Yahoo account for a number of years, and has never experienced this until recently. I never experienced it, although I don’t use my SBC address anymore, in favor of my accounts on my domain and my gmail. I understand this has been going on for a couple of years now, and enough is enough! The National Institute of Standards and Technology (NIST) folks changed the guidelines where passwords are not needing to be changed as often, as long as there is not a valid reason for the passwords to be reset.

My grandmother is older than most on this blog, reads facebook, comments on things, plays games, checks email, and does some shopping on amazon for things she needs. Nobody except ATT Yahoo! services have prompted her to change her password.

Here is my hunch based on what I know:

  • passwords may not be as secure as they should
  • company never sent email to my knowledge about said policy
  • too much time was spent on hold trying to get the issue resolved and
  • frustration as to why no email can be accessed and wondering why the account was locked out.

I’ve never seen any of this behavior with any company before. Unless there was a valid reason, I’ve never changed my password, even after all of these breaches. The fact my biological data is potentially out there now, its game over for me! I know this, and I’ve been working hard to make sure I don’t use the same password everywhere and thats why I have Lastpass, the last password you’ll ever need.

I’m thinking that this is targeted because of the potential weakness of the passwords given to me, yet my password may not be all that secure over there anyhow. I’m thinking it may be the same password i use somewhere else.

So ATT, what gives? Why are you making an elderly person who has no knowledge of why and what to do about the issue if you don’t tell them in writing or email or phone?

If this issue persists, I’ll have no choice but to help her either set up a gmail, or even set up an address on the domain purchased for her and hosted through me. Then, I’ll either have to show her that web mail, or set it up through Tunderbird.

For someone who has so much in the way of notifying people and companies, I’m not going to be impressed with having to have her do all of this, and I can hopefully have mail forwarded to the new address in the meantime, but this is enough! Was it the weak passwords? You can check the hashes without knowing the password, and if you notice its weak, reach out! There is no need to make someone change their password every two weaks without probable cause. I know nobody else who is going through this experience, and I’ve not been tipped off to any articles saying there is a problem of this scope.

If anyone else is experiencing this, I’d love to hear from you. Please get in touch!

Comments (2)

Bard express throws errors, fixes in the works

Hello all,

I just saw the following from BARD support today. For those who use the BARD express and have it installed currently, you aren’t effected. Any new users may receive a waring about it being from an unknown publisher.

This is because the certificate expired on December 2nd. NLS is going to precure a new cert and will release an update soon.

Here is the official email notice from NLS directly.


Hello List Subscribers,

The software that certifies BARD Express as “safe to install” expired on Monday, December 2, 2019. The expiration of this certificate does not affect current
users. It does, however, impact patrons who install BARD Express 1.2.4.72 on or after December 2, as they will be warned that the software is from an unknown
publisher. The software is safe to install.

NLS expects to procure a new software certificate in the coming weeks, at which point an update to BARD Express will be released, and users will no longer
receive this warning.

We apologize for any inconvenience.

The BARD Support Team


NLS should be ashamed of themselves letting the cert expire and not replacing it on a timely manner. It is too dangerous today to have software that is not signed as required now. I hope the fix comes sooner than later.

While this is specialized, we have to hold all companies that provide software responsible to fix their software whether its an expiring cert, or if it is a bug that effects functionality.

This can’t be good practice, and NLS is run by the government so I don’t expect any better.

If I hear any news, I’ll be sure to pass it along.

Comments Off on Bard express throws errors, fixes in the works

NCSAM: Have you read Kevin Mitnick’s books?

I’ve read Kevin Mitnick’s books, three out of the 4 are on BARD. Nice to see him writing again!

Recently I got really board and wanted to see what Kevin Mitnick was up to. I then Started this book entitled The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data and I read the first chapter as a free sample. This book is not available on BARD, however, it is available on Bookshare. I decided to buy the book here at Amazon, and when I did, it updated itself with some 2019 notes in regards to the various breaches that have been notable since the beginning of the year.

About the Book

Kevin Mitnick, the world’s most famous hacker, teaches you easy cloaking and countermeasures for citizens and consumers in the age of Big Brother and Big
Data.

Like it or not, your every move is being watched and analyzed. Consumers’ identities are being stolen, and a person’s every step is being tracked and stored.
What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge – and he teaches you “the art of invisibility”.
Mitnick is the world’s most famous – and formerly the most wanted – computer hacker. He has hacked in to some of the country’s most powerful and seemingly
impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded
as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.

In The Art of Invisibility Mitnick provides both online and real-life tactics and inexpensive methods to protect you and your family, in easy step-by-step
instructions. He even talks about more advanced “elite” techniques, which, if used properly, can maximize your privacy. Invisibility isn’t just for superheroes
– privacy is a power you deserve and need in this modern age.

If you’ve never read anything by this hacker turned security professional, then I highly recommend that you start with Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker which is on BARD and is also available on Bookshare. I actually started this book through Learning Ally, formerly Recording for the Blind and Dyslexic.

Abpout the book

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies-and however
fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through
cyberspace, always three steps ahead and labeled unstoppable. But for Kevin, hacking wasn’t just about technological feats-it was an old fashioned confidence
game that required guile and deception to trick the unwitting out of valuable information.

Driven by a powerful urge to accomplish the impossible, Mitnick bypassed security systems and blazed into major organizations including Motorola, Sun Microsystems,
and Pacific Bell. But as the FBI’s net began to tighten, Kevin went on the run, engaging in an increasingly sophisticated cat-and-mouse game that led through
false identities, a host of cities, plenty of close shaves, and to an ultimate showdown with the feds, who would stop at nothing to bring him down.

Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escape and a portrait of a visionary whose creativity, skills, and
persistence forced the authorities to rethink the way they pursued him, inspiring ripples that brought permanent changes in the way people and companies
protect their most sensitive information.

I thoroughly enjoyed this book, and thought I would see if there was anything else. The first book in this article I’m writing now, was not known to me, although it may have been recommended to me through my reading of Scotts book Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home Kindle Edition which I only found here and on Amazon. BARD does not have any of Scott’s books, and with the advancement of hacking, the blind and disabled reader must learn how to protect themselves. These books are not difficult, technical, and with Scotts book, was very short chapters.

In my recommendations after downloading Scotts book, I found something that really caught my eye and I’m also reading as well. How I can read two books at the same time, I don’t know. The book is by Paul R. Wilson. The Art of the Con: How to Think Like a Real Hustler and Avoid Being Scammed 1st Edition, Kindle Edition is the name of the book. This guy, in short chapters, talks about cons and scams that have gone on for many years. Some of these are still successful today!

About the Book

A sucker is still born every minute. In this modern and interconnected world, con-men are lurking everywhere – it’s never been easier for them to dupe
us, take from us, and infiltrate our lives.  

One of the world’s leading and celebrated experts on con-games takes the reader through the history of cons, how they’ve been updated to the modern age,
how they work, how to spot them, and how to protect yourself from being the victim of one.

R. Paul Wilson is a con-man who works for the other side – our side. He has spent a lifetime learning, performing, studying, and teaching about the ins
and outs of the con world in order to open up our eyes to the dangers lurking about us – and to show us how not to get taken. Paul has never made a living
as a con-man, profiting off of marks – he has used his expertise throughout his life to help people avoid cons.

In this fascinating book, Paul takes the reader through the history and developments of the con game, what elements from the past are based on basic human
psychology and have stood the test of time, what has been updated for the modern era and how it’s getting used in the computer age, the structure of how
these cons work, and – most importantly – how to recognize one, protect yourself and your loved ones, and avoid becoming just another sucker.

I’m not sure if this book is available on BARD or Bookshare, but you can look.

About BARD and Bookshare

BARD is the Braille and Audio Reading Download service by the National Library Service in the United States. This service is available to international patrons, but only if they initially live in the United States and are traveling internationally for some reason.

Bookshare is a paid service, although with the NLS partnership, they’re offering free accounts for those of us who have NLS memberships. You can get books in multiple formats including daisy, aduio mp3 (TTS) and braille files.

In this NCSAM month, I’m hoping that these books are a symbol of something that people should read, and get interested in. As I’ve discussed, we can’t do it alone, and the email scams and cons will only trick you if you don’t know what to look for.

Other Books you can find on Bard

I’ve read all of these books, and forgot about the other two. The following are books that BARD has on Kevin Mitnick, that are authored by him. There is one about Kevin’s takedown written by another author, but I’m not going to put that book here.

Note, that for this blog, I’m putting the DB number for reference and nothing else.

  • Ghost in the wires: my adventures as the world’s most wanted hacker DB74947
  • The art of deception: controlling the human element of security DB56450
  • The art of intrusion: the real stories behind the exploits of hackers, intruders, & deceivers DB60593

Have you read the linked books? What about the others not linked but are listed? What have you thought? Please discuss it in the comments! I look forward in reading what you’ve got to say.

Comments Off on NCSAM: Have you read Kevin Mitnick’s books?

NCSAM: scam or not? You Decide

NCSAM: looks like a scam or Phish, can you tell?

Hello folks,

In the following exercise, I’m going to give you the beginning of two forms. One of which came through the IP Unblock form for my customers, and the other that came from MENVI. In both instances, they filled out the bug reporting yes, and the comments section.

Out of curious instincts, I went to the link separately and there is a picture, I didn’t go any further to identify it or anything.

Can you tell if this is a scam?

Below is the result of your feedback form. It was submitted by
(
)
on Saturday, October 19, 2019 at 17:15:48
—————————————————————————
Name: Hellen[BqdeqwhVinejonuQ,2,5]
phone: 82919675993
contact_method: both E-mail and phone
bug: no
additional_bug_info: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

The next one was sent overnight.

Below is the result of your feedback form. It was submitted by
(
)
on Sunday, October 20, 2019 at 03:32:03
—————————————————————————
name: HellenInjex
City_State_Province: Avarua
country: Cook Islands
Phone: 81797884724
contactmethod: Please use both E-mail and telephone to contact me
contact: Please have Jared Rimer: (MENVI webmaster) to contact me
reporting_bug: No, I’m not reporting a bug with the web site at this time
reporting_bug_Yes: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

Both messages look exactly the same. Both are pleading for money, and I believe there are two different bitcoin wallet addresses.

REMOTE_ADDR: 92.63.100.62 is on MENVI’s and REMOTE_ADDR: 188.120.249.122 is on the IP unblock request form.

My hunch is that this is part of the Nigerian 419 scam, begging for money but with a different purpose. The purpose is to help a little girl but now I got curious. As I write this, I ran Jaws picture smart on the photo on the URL. It says:

Caption is a little boy wearing a hat.

I’m unaware of NVDA having a picture smart option, but Jaws now tells me through this technology that it is a boy, not a girl. Very clever they are. The fact they say they want money by a certain time frame before its too late is also a telltale sign of a problem.

This network has a donations page found both on the blog pages and our main web site. In no way are we begging for money on any page, and in no way are we saying to donate by a certain time point.

While we would like people to donate to the network to offset costs of running it, and to help offset the independent artist project of playing independent music from around the world, there is no urgency. I have mentioned it on my shows, and on my show notes, but I don’t make it a habit either. Its just the way it is, and the way it must be so that we do not get flagged as a potential target.

This network also does not solicit any type of donations by email like this even though we’d love to get some money as described above.

I believe the goal of the email is entitled Phishing but it is targeted phishing for money. Its a bate to part with your money, the term of which you could look up and correct me if I’m wrong.

I don’t claim to know the exact terms correctly, because I get confused of what they are, but I know two things.

  • I do not have a bit coin wallet.
  • I do not know how to buy bitcoin, and if I did, I’d be using the money for my own purposes, I.E. buying things, or sending it to paypal for spending later.

I think we can utalize this as a point of learning to show people what types of things are being sent today.

Have you seen these and determined that it was no good? If you’ve been bitten, what did you think of this one that could have made you pause to think … “This can’t be right.”

Lets discuss this!

Comments Off on NCSAM: scam or not? You Decide

Older Posts »

go to sections menu


navigation menu

go to sections menu