Mastodon

Scam

A 24-post collection

Facebook fantasies: Press Like and type the number 1 and see what happens to the image!

I’ve seen a few of these going around now, usually with different photos with some sort of mystique: The implied promise is of something interesting happening once you’ve clicked the like button and typed the number 1. There was one with an attractive girl and a square superimposed over her shoulder doing the rounds a little while ago too. I’ve seen others where the instructions are more explicit in terms of words or phrases to type. Here’s a good question: what usually happens when you like...

Cold call virus scams are still alive and well

Regular readers of this blog would have seen sagas such as Anatomy of a virus call centre scam [https://www.troyhunt.com/2011/10/anatomy-of-virus-call-centre-scam.html], Scamming the scammers – catching the virus call centre scammers red-handed [https://www.troyhunt.com/2012/02/scamming-scammers-catching-virus-call.html] and my personal favourite, “Type www.” – “Ok, w-w-w-d-o-t”; antagonising call centre scammers [https://www.troyhunt.com/2012/04/type-www-ok-w-w-w-d-o-t-antagonising.html]. That...

Please login to your Facebook account: the execution of a data mining scam

So someone sends you a link to the latest Gangnam parody / cat meme / man jumping on frozen pool video and the link looks something like this: http://bit.ly/10PMelv Nothing unusual about this, every second link shared these days uses a bit.ly or t.co (or comparable) URL shortener. Because you have an insatiable desire to participate in the latest social phenomenon, you click through and see this: There’s also nothing unusual about Facebook asking you for credentials, let’s log in. Aw c’mon,...

Podcasting with SC magazine: The anatomy of a Facebook gift card scam

This week’s post on Disassembling the Woolworths Facebook scam [https://www.troyhunt.com/2012/11/disassembling-woolworths-facebook-scam.html] has had a pretty good run. In part, I suspect this is due to the approaching holiday shopping season and in part because I know this scam is really doing the rounds and being seen by a lot of people. Yesterday I had a chat with Dan Kaplan from Secure Computing Magazine [http://www.scmagazine.com/podcast-the-anatomy-of-a-facebook-gift-card-scam/article/269...

Disassembling the Woolworths Facebook scam

Who wants free stuff? C’mon, everybody wants a free lunch, right? Yes, yes they do and that’s precisely the trigger used in scams like this one. Recently I wrote about the mechanics of another Facebook scam [https://www.troyhunt.com/2012/10/she-did-what-in-school-mechanics-of.html] where the “bait” was photos of a salacious school girl. Many people – including female friends and my mother in law – readily fell for that one. This one takes quite a different and rather cunning approach which chai...

She did WHAT in school?! The mechanics of a Facebook worm

I’ll admit to some amusement when I see friends liking pages such as this: I’ll admit to even more amusement when they’re mature adults (of either gender) or as seen recently, when they’re my mother in law. Of course when confronted about their salacious ways they’ll always swear black and blue that they never “liked” the link. Except they did, they just didn’t know it. What you’re seeing here is a Facebook “worm” or in other words a script which replicates itself. Someone sees it, clicks th...

Virus scams, social engineering, victim’s stories and community awareness

As many readers and followers will know, I’ve had a bit of fun with scammers [https://www.troyhunt.com/2012/04/type-www-ok-w-w-w-d-o-t-antagonising.html] in the past. Remember those guys who call you up while you’re sitting down for dinner and tell you your computer has all sorts of nasties in it? Yeah, those guys. The blog posts I’ve made have been part of the story and inevitably the one most people are familiar with, but there are a few other things happening which I think some of you would...

Cold call scammed again – but this time, it’s local

It happened again. After 6pm, unlisted number, foreign accent. I’ve heard this before [https://www.troyhunt.com/2012/04/type-www-ok-w-w-w-d-o-t-antagonising.html]. And again before that [https://www.troyhunt.com/2012/02/scamming-scammers-catching-virus-call.html]. And again before that too [https://www.troyhunt.com/2011/10/anatomy-of-virus-call-centre-scam.html]. And again a bunch of other times where I either didn’t record it, came on a bit strong or, uh, tried to teach them some new words they...

!!16 TIPS FOR RUNNING A SUCCESFULL PHISHING SCAM!

Phishing scams are getting tougher to pull off these days. All those damn email client and browser defences are getting in the way of hardworking phishermen and women going about their daily business. But – dear phisherpeople – you’re also not doing yourselves any favours when it comes to crafting a veneer of decency and honesty in your communications, in fact I propose that you’re missing a significant number of opportunities by neglecting some basics. So let me share some insight, if you will...

How LogMeIn is enabling scammers to profit

There’s a pattern in the following stills from various scammer videos, see if you can spot it. Here’s one run by Comantra I captured back in Feb [http://www.youtube.com/watch?v=kjKjyMKj3n4&feature=player_detailpage#t=2403s]: And here’s another one [http://www.youtube.com/watch?v=nhqxOFH2rmI&feature=player_detailpage#t=713s] from when an unknown scammer called me in late April: Now here’s one from Noah Magram [http://www.youtube.com/watch?v=jb69H7l0vJA&feature=player_detailpage#t=20s] wh...