Over 1 million tech questions and answers.

Us-cert Warns Public Of Fraudulent Phishing Email

Q: Us-cert Warns Public Of Fraudulent Phishing Email

US-CERT is aware of a recent surge in fraudulent phishing e-mail messages. The messages, claiming to be from the United States National Medical Association, contain a...link that, when followed, will direct the user to a malicious website. These messages are not from any United States government agency...us-cert.gov

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Us-cert Warns Public Of Fraudulent Phishing Email

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 70.4

If you are using a Microsoft IE 6,7 or 8 browser please read this as it is very IMPORTANT

Source BBC News channel
BBC News - German government warns against using MS Explorer
Steve

A:German Government warns public not to use IE 6, 7 & 8

Must be embarrassing for MS, eh? I had thought that IE8 had cured all former issues with the previous versions....even though I don't use it myself. Perhaps I was mistaken.

Read other 4 answers
RELEVANCY SCORE 67.2

Recently received emails from supposedly Yahoo & Citi which look fraudulent. In addition to forwarding the bogus emails I also want to copy & paste the headers of these bogus emails. How do I do this?
I use Win. XP, IE8 & OE6 on a Dell E-1505 Laptop. Thanks, John
 

A:Solved: Copy & paste email header of fraudulent email

Read other 7 answers
RELEVANCY SCORE 63.2

Company A doing engineering business with Company B. In the process, emails are exchanged on technical matters & also matters related to accounts.
Company A MD requests for payments from Company B MD for providing services. The Company B MD agrees to the claim of Company A but says that some part payment is already made. Unfortunately the MD has expired. His sons are saying that no payments are due from their company & that these emails are fraudulent & not sent by their company.
We want to know in legal aspects,
a) if emails correspondence are considered legal?
b) if Company B says the emails are fraud, is it not that the onus to prove them fraud is on that company only?
c) Are there judgements given by any Honourable courts in similar cases & can you pls give the references?

I shall be highly grateful to you for your valuable guidance & prompt response.
 

A:onus to prove that email is fraudulent is on whom

Hi,
It sounds very complicated but you could help by saying where in the world this is taking place in case there's an expert on company/contract law reading this.
I'm sure the law would vary between - for instance - the UK and Canada.
 

Read other 2 answers
RELEVANCY SCORE 58.8

FBI warns on Tsunami Relief Scams by emailbe careful of email requesting donationsI wanted to share that my thoughts and prayers are with all affected. With this being perhaps the greatest disaster in our lifetime, we all were impacted. I would encourage our members to give to mainstream organizations from the heart. I wish I didn't have to share the following security warning, but please also be careful with email messages requesting donations I've personally recieved a couple of emails to donate to "a relief fund" that appeared to be fradulent. To prevent this issue, do not respond to any email request for donations. Instead it's better that you initiate the transaction through secure browser technology. Give locally and to the main trusted agencies, (like some of our moderators and members feature in the signature lines). This is the worst type of scam and perhaps many of you have heard the media reporting on it. Thus, as I'd like to see contributions go to work in the best possible way, I thought this awareness is important. FBI warning on EMAIL scams related to Tsunami

Read other answers
RELEVANCY SCORE 54.4

A Phishing Email is masquerading as a Microsoft security patch..
Recipients a urged to visit a spoof website which mimics Microsoft's update Centre.
If you click on you start to downlod a Trojan and are advised to download a file..plugandplayfix.exe.
The email is headed "Critical Update for plug and play devices Ms05-4791k

http://www.websense.com
 

A:Phishing Email..

Thanks for the heads up.........
 

Read other 1 answers
RELEVANCY SCORE 54.4

Hi, I got an email from paypal with the subject "update your account". When I point to the link in the email and compare it to what is listed in the bottom bar they don't even come close to matching. I googled the address in the bottom bar and 3 sites came up about phishing. Is there anywhere to report this to? I did email everyone on my list not to click on the link.Sorry if this is the wrong forum.Edit: Moved from Virus, Trojan, Spyware, and Malware Removal Logs forum.

A:Phishing email

You could report it here:http://www.us-cert.gov/nav/report_phishing.html

Read other 1 answers
RELEVANCY SCORE 54.4

Today I received the following email reportedly from HP.  Now I did indeed recently purchase a HP Care Pack for my laptop, but the fact that they were asking for specific information about my computer, serial number, product number, etc made me very suspicious.  I have deleated my personal information included in the email for privacy reasons.I did not respond or click on anything in the email.... Congratulations on your HP Care Pack purchase   Hello Cheryl, Congratulations on your purchase of HP Care Pack Service.We would like to inform you that we are aware that you have purchased a bundled unit with the care pack.  Since the serial number is not yet generated we would kindly request you to get back to us once  you receive the unit with the serial number of the HP product to have the care pack registered.(The fields that are marked with a * are mandatory) Owner Name: Cheryl M******Full Physical Address: **********Telephone Number: *** *** ****E-mail: ca*********@yahoo.com (Please provide us the Exact Serial Number & Product Number as a variation would lead to irregularities) *Hardware Serial Number:*Hardware Prod Number:*Hardware Purchase Date:*Care Pack Serial Number: HP Direct Order Number: H372*******Care Pack Product Description: HP *******Care Pack Purchase Date: 11/28/2016   Our exclusive services will help keep all your HP products up and running, Should you experience a problem or co... Read more

A:Possible Phishing Email

Looks legitimate to me. You will only know the serial number/product number after the laptop is built and shipped to you. The Care Pack will be registered to your specific hardware id. If you feel better speaking to someone the number in the email-1(877) 232-8009- is indeed the Care Pack line.

Read other 1 answers
RELEVANCY SCORE 53.6

I received an email with no text but a single link which I did not open. It went CC: to all my contacts.
Where is this coming from? I'm into forums, Facebook, Twitter etc and have several mail services.
Is it likely to recur?
Probably very malicious if clicked?
I have Norton Antivirus installed.

Any help would be much appreciated.
Ken
 

A:Phishing email went to all my contacts HELP pls

This happened to my son yesterday as I received an email from him with the subject area having his name there also; so I opened and clicked on it without thinking twice and Avast stopped it from opening immediately. I then noticed it was sent to all of his contacts. I informed him of this and he ran all of his scans with out a hitch. He changed his email password and all has been fine since then. Not sure how this one happened??? I did check the origin of the email via the Header and it originated from Brazil.

Good tool to keep handy

http://www.iptrackeronline.com/email-header-analysis.php
 

Read other 2 answers
RELEVANCY SCORE 53.6

Hi

I've had two occasions in the last couple of weeks where a message has been sent from my email address on my home PC to about a dozen of my contacts with an obvious phishing link on it. Some of those contacts are work addresses - who I have never emailed from my home PC - and some I'm pretty sure I've never emailed although I do recognise who they are (lovefilm, google checkout). The message also appears in my inbox and the from box identifies it as being sent from - me !!!

The only thing I could think of was that for the first time in months I've used Skype twice in the last two weeks and while last nights random email definitely happened while I was using Skype, the first instance I can only say might have happened last time I used Skype two weeks ago (I dleted the email the first time this happened).

The message last night was (and please don't click on the link):

Hello friend!
is everything ok
This is an interesting read hxxp://kierek.home.pl/profile/24WayneDoyle/
see you soon
I've already done a bit of browsing and read that there has been an issue with phishing on Skype and have removed the file shared.xml from my Skype folders. I've also run virus checkers in normal and safe mode and found nothing.

Does this situation sound familiar to anyone ??? Is it even a Skype related problem or am I being attacked from elsewhere ???

Thanks for any advice anyone can offer.

DD
 

A:Phishing email virus ???

I don't know whether Skype is responsible, but this does sound like you've got something. Please follow the instructions in this thread to provide information about your computer to a trained malware helper.
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html

I've asked for this thread to be moved to the dedicated malware removal forum.
 

Read other 1 answers
RELEVANCY SCORE 53.6

Do not get tricked into responding to an email supposedly from Bancorpsouth!

Consumer Alert!
A fraudulent e-mail has been sent to BancorpSouth customers. It purports to be from BancorpSouth, but it is not. Its intent is to get you to enter sensitive information about your account and to then use this information to commit fraud.

BancorpSouth will NEVER email you requesting you to verify / update information about your account such as PIN numbers, card numbers, SSN, etc...

To ensure a legitimate and safe sign on, always enter www.bancorpsouth.com in your browser.

If you have received an email like this, please contact customer service at 888-797-7711.
 

Read other answers
RELEVANCY SCORE 53.6

[Image ignored]
Your Apple ID was just used to download Camfrog PRO 6.99$ from the App Store on a computer or device that had not previously been associated with that Apple ID.
This download was initiated from Morocco.
If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.
If you did not initiate this download, we recommend that you go to iforgot.apple.com [links to 'http://www.tastefinders.com/'] to change your password, then see Apple ID: Security and your Apple ID [links to '] for further assistance.
Regards,
Apple
[Image ignored]
TM and Copyright ý 2014 Apple Inc. 31-33, rue Sainte Zithe, L-2763 Luxembourg.
All rights reserved [links to https://www.apple.com/uk/legal/] / Keep Informed [links to www.apple.com/enews/subscribe/] / Privacy Policy [links to https://www.apple.com/uk/privacy/] / My Apple ID [links to https://appleid.apple.com/cgi-bin/WebObjects/MyInfo]
[Image ignored]923554342
Return-Path: [email protected]
Delivered-To: [email protected]
Date: Thu, 30 Apr 2015 04:51:57 +0200
Message-Id:
To: [email protected]
Subject: Your receipt No.610434296540951
MIME-Version: 1.0
Content-type: text/html; charset:utf-8
Content-Transfer-Encoding: base64
From: [email protected]

A:Phishing Ransomware email

Tricky buggers... social engineering at its finest.

Read other 14 answers
RELEVANCY SCORE 53.2

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz, Intel64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 3963 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1853 Mb
Hard Drives: C: Total - 142858 MB, Free - 78511 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: Microsoft Security Essentials, Updated and Enabled

Why does the following matter? I received an email yesterday with an attachment. It was meant to seem to be from the government so I would open it. It seemed a like a new and ingenious form of phishing. It took me 30 minutes or more to find an authority that would let me forward it to them.
After forwarding it I deleted it from my email client (Win. Mail) inbox and deleted items folder then went to the server and deleted it there. Afterwards I noticed I forgot to remove the sent items and deleted them as well. Nothing seemed different from then til I shutdown.
So this morning, this happens and it has me wondering if that email was still able to download something onto my machine.
After booting up and plugging in my network cable and a window opened offering to help me set up “the” network which was numbered 3. I ignored it and closed it as my network has been setup for years.
Only afterwards did it occur to me this was odd and I opened network and sharing center. The network I am connected with is “Ne... Read more

Read other answers
RELEVANCY SCORE 53.2

I received an email from the below email address, and i think it is a scam! How do I know if it is scam/phishing?
What should I do?

from: YouTube <[email protected]>
to: (my real name) <(my email address)>
date: Sun, Dec 31, 2017 at 5:15 PM
subject: Have Win Apple iPhone 8 Plus Visit : - t.co/IDCZEz76Dm has made you a moderator on YouTube
mailed-by: youtube-subscriptions.bounces.google.com
signed-by: youtube.com
security: Standard encryption (TLS) Learn more


Hey (MY REAL NAME),

Lucky you! Have Win Apple iPhone 8 Plus Visit : - t.co/IDCZEz76Dm has made you a moderator on their channel. As a moderator, you can now remove unwanted comments from videos posted on that channel. Comments you remove will be sent to the creator for their review.

View channel

Find out more about moderating comments in the YouTube Help Center.
Thanks,

The YouTube Team

Help center ? Email options ? Report spam
©2017 YouTube, LLC 901 Cherry Ave, San Bruno, CA 94066, USA

above is the exact email i received now and how do they know my real name?
 

A:How to identify a phishing or scam email?

That t.co make me think that something is off even if the email really is from YouTube.

Have you signed up for a YouTube account?
 

Read other 2 answers
RELEVANCY SCORE 53.2

I have a question about the mechanism of an email to deliver a phishing and URL redirection attack.
Note: the following links/urls are reported by me so they are nonfunctional anymore to be safe.

1. Today I received an email from "my bank" informing I had my account blocked.

2. There's a link embedded in the text of the message like this:

Code:
http://www.banorte.com/portal/personas/home.web
3. When I hover the mouse over the link, I can see down below in the browser the real url:

Code:
http://www.uniformesbordados.com.mx/karen/Logos%20Vida%20Nocturna%20200x200/03bhy.html
4. Next, if I click on the link it redirects to:

Code:
http://baainoirtee-14121.gotdns.ch
Question:
Does the uniformesbordados.com.mx domain is compromised?
If so, the Hosting service, in this case Servnet Mexico, SA de CV, has already a compromised infrastructure or something?

http://whois.domaintools.com/uniformesbordados.com.mx

Actually www.uniformesbordados.com.mx is a working domain and legit owned by a company in Mexico.
 

Read other answers
RELEVANCY SCORE 53.2

Received an email on the 12th, from [email protected] warning of automatic renewal of xbox live gold account. Opening 2 links resulted in a 404, but the billing link was blocked by edge:

and the same link in FF resulted in

Copying and pasting the link from FF went to the same link in edge
I have an ancient xbox account but I do not use xbox live. It is possible a child has enabled a reoccurring gold account with this email, but payment info I'm unaware of. Looks suspicious.

A:possible xbox live phishing email

It's a legit URL.. seems like Edge has some Certificate issue

Read other 3 answers
RELEVANCY SCORE 53.2

I clicked on a phishing email link, java program started. I have Kaspersky 2013 and it did block the program but it seemed the program already started.

HEUR:Trojan.Script.Generic Deleted 10/23/2012 11:16:20 AM C:\Users\Cablestarman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UCNIQOSQ\ index[1].htm
HEUR:Exploit.Java.CVE-2012-4681.gen Inactive 10/23/2012 11:15:52 AM http://188.165.4.220/links/ showed-clearest-about.php
Exploit.JS.Pdfka.ggc Inactive 10/23/2012 11:15:52 AM http://188.165.4.220/links/showed-c...ic=05330b360a3333350307&avfu=02000200020002// data0002

I ran a full system scan with Spybot, Malwarebytes, SUPERAntiSpyware, and Kaspersky 2013. The pc froze before Kaspersky finished the full scan and came up with Bad Image error message C:\windows\sysWOW64\ not sure the full path, went too quickly - did not get a BSOD. Pc rebooted. Just want to clean up this virus.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:27:28 PM, on 10/23/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Users\Cablestarman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cablestarman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cablestarman\AppData\Local\Google\Chrome\Application\chrome.ex... Read more

Read other answers
RELEVANCY SCORE 52.8

I received an email in my "spam" folder, but when I first read it I wasn't sure if it was really spam or not, although I had never heard of "Ecobill" before. The link given is a phishing link.Tracking link: (REDACTED)The email itself comes from the server: omta05.emeryville.ca.mail.comcast.netComplete email is shown below:Dear Comcast Customer,We are upgrading the Comcast XFINITY and Ecobill services. As the primary contact, you must renew yourComcast Ecobill enrollment as soon as possible or it will be canceled and your Comcast account will be limited.Sign-in using the link below so we can renew your membership. Please save this e-mail for your records.RENEW YOUR Ecobill service enrollment now:<phishing link deleted>Sincerely,Comcast CablePlease do not reply to this e-mail as we are not able to respond to messages sent to this address.Copyright 2011. Comcast. All other trademarks are properties of their respective owners.Comcast respects your privacy. For a complete description of our privacy policy, click here .Comcast CorporationOne Comcast Center1701 John F. Kennedy BoulevardPhiladelphia, PA 19103-2838

A:Very real looking Comcast phishing email circulating

Standard rule of thumb: If a company email doesn't address you by name, delete it.

Read other 4 answers
RELEVANCY SCORE 52.8

The newest phishing spam: “Security Alert!!!”
Fake phishing email impersonating Avast warns of 5 deadly trojans. 

For details, see https://blog.avast.com/the-newest-phishing-spam-security-alert

Read other answers
RELEVANCY SCORE 52.8

Seems like a zero hour threat, widespread here in the UK. I received this at 1159am today. Ocado is a very popular online shopping delivery service based here in UK.
Already been confirmed as a threat
 
Am trying to post a snipped copy of the email, but having difficulties uploading
 
http://sanesecurity.blogspot.co.uk/2015/10/your-receipt-for-todays-ocado-delivery.html

A:19.10.2015 Email Phishing Scam/malware UK

robby501, Would you be able and allowed to post the headers of the email using bbcode such as the example below? hello world!This code is written by using the following in the source code view.[code=auto:0]hello world![/code]

Read other 3 answers
RELEVANCY SCORE 52.8

PhishingEmails.com: exposing email phishing scamsI?ve been working on this project for the last few weeks regarding phishing scams. You may have noticed that I publish some on this blog every now and again, and they deserved to have a place of their own. So here it is: http://www.phishingemails.com/Malware DiariesCheersKarstenHansen

Read other answers
RELEVANCY SCORE 52

This one is well crafted and always remember NEVER SEND A PASSWORD thru EMAIL. Gmail Phishing Scam - Never send password in emailhttp://www.seroundtable.com/archives/000878.htmlLast night I received a gmail email from Gmail Team with the subject, "More Gmail invites." I found this email very weird. It continued to read "The Gmail Team is proud to announce that we are offering Gmail free invitation packages to the existing Gmail account holders. By now you probably know the key ways in which Gmail differs from traditional webmail services. Searching instead of filing. A free gigabyte of storage. Messages displayed in context as conversations."Now, normally Gmail gives you invites directly in the top console and does not ask you to fill out information. This email looks really valid, plus it got through Gmail's spam filter. So is it real? I doubt it. But it looks so real. Anyway, it asks you for your current gmail account and password. That is a direct tip that someone is phishing for passwords. Be Careful and look out for this email!COPY OF THE GMAIL PHISHING SCAM CURRENTLY CIRCULATING

A:Gmail Phishing Scam - Never send password in email

Thanks for this warning harrywaldron,

I hope you don't mind, but I posted the link in another forum as well to warn some ppl about this scam.

Thanks again

Read other 1 answers
RELEVANCY SCORE 52

Received one of these out the blue for an account i've long since deactivated.
 
Perhaps stupidly, clicked the 'didn't request this change. let us know option', and was take to what appears facebook. All seems legit HTPS facebook. I entered no details further at this point, and was not requested to. It appeared exactly like Facebook and had this message
 
Thanks for letting us know
We've recorded that you didn't ask to reset your password. You can log in to your account with your current password, and you don't need to do anything else.
 
Close
 
 
To double check i requested the same thing on a separate acct (so entirely legit) and received an identical response. Having clicked both it appears again to be identical to the first, and looks legit, however, i can see that the url isnt exactly the same. 
 
Number one (that i requested to check) - https://www.facebook.com/login/recover/disavow_reset_email.php? [Rest of URL Redacted]
 
Number Two - that came out the blue
https://www.facebook.com/login/recover/disavow_reset_email.php? [Rest of URL Redacted]
 
 
I have put ****** in instead of the request codes in case it's sensitive. 
 
Any thoughts? Does this look dodgy? 

A:Facebook password requested email - Scam? Phishing?

Looks like a scam to me, and FB uses https...

Read other 8 answers
RELEVANCY SCORE 51.6

I’ve received an email from one of my contacts which I was expecting to get some documents from, a minute too late I realized that I clicked the link in a phishing email sent from his address and think I also clicked "add to white list", in a dialog from bitdefender.
Running bitdefender it found some malware and took care of them.
I can’t detect any suspicious activity on my machine.
How can I tell if the system is infected?
 
Email message title: You have 1 new google doc message
Email message body: Please view the document i uploaded for you using Google docs.
 
View Now
 
 
Thank You.
2014 Google Support.
 
 
View now links to:
Warning: remove spaces and exclamation  marks only if you are one of the experts helping, and know what you are doing, otherwise  you’ll fall pray to this scam!
 http://domator !service.pl/ !godo !fmoney/index.html
 
 
Thank you!
 
 
 
 
 

A:Clicked link in phishing email titled: You have 1 new google doc message

It would be of use to know what Bit Defender found and removed. Maybe you could post its log.
 
The obfuscated sending address could of been scraped from the internet, from your address book or from the person's email
address book you were expecting documents from. It could also just have been guessed.
 
Hopefully, Bit Defender removed the threat.
 
No way of knowing for certain what the attachment attempted or installed. Here is a list of programs
often recommended in this forum for finding and removing adware and malware.
 
 
download AdwCleaner by Xplode and save to your Desktop.
Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs... Read more

Read other 7 answers
RELEVANCY SCORE 51.6

Trend Micro threat analysts recently unearthed spammed messages that purported to have come from Trend Micro. Targeting trusted organizations is not an uncommon technique, used by cyber criminals when carrying out spam campaigns. In this case, the phishing URL and domain are already inaccessible.



Read more -
Spoofed Trend Micro Email Leads to Phishing Site | Malware Blog | Trend Micro

Read other answers
RELEVANCY SCORE 50.8

Right, so I recieved a phishing email which had a link, however no attachment. I knew it was a phishing email but because my iPhone touchscreen is messed up I unfortunately opened it via Safari. At the time this outlook account was also logged in to another computer elsewhere in the house. The link weirdly opened the YouTube homepage which I found very strange as the link address was very much different. I'm panicking at the moment that someone may have access to my IP address, be able to send malware through my WIFI or have sensitive information. Does anybody have an idea as to the level of threat and actions I should take from here?
I've forwarded this to the company they were posing as who has an email for phishing emails and ran Malwarebytes and McAfee which hasn't found anything on my windows PC. I've also changed the email password. Pretty worried guys!

Read other answers
RELEVANCY SCORE 50.8

This has just come in, and was captured by my phishing filter. I have since deleted it as I suspect its authenticity;

If it is legit, then the sender is doing the very action that Users are being firmly and constantly warned against. Not good practice, so in the Bin it goes.

A:WARNING - Email Phishing Junk-mail Block; Microsoft Security???

Did your Provider mark it as Junk / Spam or whatever before it got to you?

Read other 5 answers
RELEVANCY SCORE 50.4

Today Sept 10, 2015,  your staff member Angoid referred me to this forum.  
 
The following is a narrative that occurred yesterday Sept 9 or the day before.  The computer used is a February manufactured Lenovo laptop with a Windows 8.1 OS and a Chrome browser is being used. Purchased in May, it had been carefully gone through to clean it of much bloatware, and arguably suspicious malware.
 
While in web mail, mail was opened before identifying later it was not from the assumed, trusted sender, AND a link within the text of the email was clicked on.  The site the link was associated with had more links, but none were clicked on there. Besides the unwanted email address of the sender, there was other obvious evidence it was illicit email such as off beat content, and similarly so the web site that the clicked-on link was associated with.
 
Results:  The web email was signed off and shortly later signed on to in order to get to the Inbox.  The https in the address window of the signed on to email inbox has a red, diagonal line across it. Just the https has this. Normal functioning inside the email was possible.   After signing off, another (clean) computer was used to open the same email account and experienced no red, diagonal line across the https.  The first computer continues to have the red, diagonal line across the https.  Care has been taken not to sign into bank accounts or on line shopping, etc. 
 
Th... Read more

A:Phishing victim here; malicious link clicked; https crossed out on email acct

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Ran by CPUOA User (ATTENTION: The user is not administrator) on CPUOAF0101P (10-09-2015 16:06:12)Running from C:\Users\CPUOA User\DownloadsThis program must be run in an Administrator account.The Program file must also be located on the Desktop and not the Downloads folder.Please run the program as suggested and post the log(s) in your next reply.I will review it.

Read other 20 answers
RELEVANCY SCORE 50.4

Major Secure Email Products And Services Miss Spear-Phishing Attack.

Experiment successfully slips fake LinkedIn invite from 'Bill Gates' into inboxes

-- Tom
 

A:Major Secure Email Products And Services Miss Spear-Phishing Attack

Wow
 

Read other 1 answers
RELEVANCY SCORE 50

Is there any way to make a hotmail link public ?

When I copy & paste the link, and click on the link, I am asked to sign in into Hotmail.

If I just copy paste an email content, there is no way in which the reader can be sure that it hasn't been doctored.
 

A:Can I make an email content public ?

No you cant. And even if you could, the reader still cannot be sure the content isn't doctored. Forging email is easy and 99% of people are clueless about the full headers and how to trace them.

Why not just forward the mail to the interested parties? Or take a screenshot?

Or, use signed e-mail.
 

Read other 2 answers
RELEVANCY SCORE 49.2

There's a public list of some 400+ shops, record collectors and more whom have listed theyre email addresses on a site publically as wanting to hear about records for sale. I've tried emailing as low as 10 at a time and still get return messages/ I'm on NTL, and have read the limit regardless of email service used is 50, well I cant even get above 10. I basically want to email all of these publically available email addresses the same email of the record list they want to hear about and have listed theyre address publically for that, and for them to not see eachothers addresses.

I have hotmail, gmail, ntl acounts, the only thing I can see is hotmails group but how can I add 400+ email addresses in one go as a group, and would this even work!? I've seen some of the list/subscription orientated software but thats not best or suitable is it!? I basically want the easiest way to get this email out legitimately to these publically available lists, at least 50 at a time. Tips on services, software, things to do, anything greatly appreciated, thanks.
 

Read other answers
RELEVANCY SCORE 46.8

I started receiving emails from a few friends this morning asking me if I indeed send out an email titled "Secure shopping" from my yahoo mail address recommending them to shop at a website (www).ushopcn.com I first thought it went to a few email addresses (mostly obsolete since I deliberately do not use my yahoo email much). But later in the day I received the copy of this email and I could clearly see that it did go out to a lot more email addresses than I thought and I now suspect to all of them in my yahoo address book. I sent out a short email to most who have received it apologizing profusely! (not from yahoo mail of course!). I then noticed that my address book in yahoo mail is wiped out. Strangely, the email showed up just a few times in my Sent Folder (and only showing that it went to ONE email at a time...when, from my friends' forwarded emails back to me. it was obvious that it did go to MANY at the same time!).

I have run Spybot S&D and mbam...I am clean they tell me. I have deleted most of the emails in my Yahoo Mail folders. I have not attempted to send out a new email from Yahoo Mail. Everything else appears to be functioning properly, including my Outlook mail and GMail accounts where I do most of my email stuff.

I am now paranoid...What else can I do? I would appreciate any help from the experts here, thanks!

Here is the text of the stupid email that was sent:

Hello!How are you recently?
I would like to introduc... Read more

A:Yahoo mail sent a phishing email to all my contacts and then wiped out ALL my contacts!

my hotmail address had the same problem. recently i went to set it up to send auto replies as i was going away, and found the same email message copied in there ready to send again.

i was advised to change my password for my email to something which was capitals&lower key + numbers. Scan using malware and avira. didnt find anything, and had no problems since.

i'm by no means an expert - this is the advice i was given by someone who knew what they were talking about!

Read other 4 answers
RELEVANCY SCORE 46.4

i just recieved an email allegedly from paypal stating that [email protected] has been added to my email. i was initially dubious of the email because i know i haven't touched paypal in months and because the mail came with an attachment.

not trusting the "report any scams" URL at the bottom of the mail, i googled paypal and THOUGHT athat i accessed my account outside of yahoo, but after i filed a report, i saw that the paypal URL started with https which looks suspicious too.

i tried asking jeeves who [email protected] is only to find a couple of blurbs regarding phishing under that message. then when i asked jeeves if https is a fake url, i found out about other sophisticates phishing techniques where a browser is hijacked and redirected.

i'm worried that even though i tried to find paypal via google, that this hijack STILL redirected me to the phishing site. it doesn't show up under hijack this.

did i do the right thing? am i safe? i'm worried that i was redirected to the phishing site where i gave my login info to a fake paypal address.

THIS is where i'm being directed when googling paypal:
https://www.paypal.com/

that looks wrong.
 

A:paypal phishing by "[email protected]"

just ignore them and don't open those uspect e-mals, delete them!

hi, welcome to TSG.

Download hijack this from the link below.Please do this. Click here:

http://www.thespykiller.co.uk/files/hijackthis_sfx.exe

to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.
 

Read other 3 answers
RELEVANCY SCORE 44.8

I have a new computer with Vista Home Premium and I moved some of the Public Folders (Public Documents, Music, Pictures) from C to D, as instructed by Microsoft at this link When you try to move a public folder in Windows Vista, the Move button may be missing

I want to be able to share these folders from their new location with the other computers in my home network, so I turned on the Public Folder sharing in the Network and Sharing Center.

However, in the Network and Sharing Center the only public folders recognized are the ones still at the original location - C:\Users\Public\Favorites and C:\ ...\Public Desktop (hidden files) and ...\Recorded TV.

I have spent a few hours searching for the answer to this on the internet. In this version of Vista Home Premium, there is NOTthe option to change the letter of the directory in the registry by changing the key called public as suggested by the How To Geek at this link Move the Public Folder in Windows Vista :: the How-To Geek

How To Geek says:"Browse down to this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
You should see a key called Public. Double-click it to open it and change it to D:\Public, or whatever location you want to move the public folder to."Note - Vista Home Premium does NOT have a Public key.

Does anyone else have any other ideas?

Thanks so much in advance.

A:Public folder moved to another directory no longer Public

Originally Posted by vistabegood


I have a new computer with Vista Home Premium and I moved some of the Public Folders (Public Documents, Music, Pictures) from C to D, as instructed by Microsoft at this link When you try to move a public folder in Windows Vista, the Move button may be missing

I want to be able to share these folders from their new location with the other computers in my home network, so I turned on the Public Folder sharing in the Network and Sharing Center.

However, in the Network and Sharing Center the only public folders recognized are the ones still at the original location - C:\Users\Public\Favorites and C:\ ...\Public Desktop (hidden files) and ...\Recorded TV.

I have spent a few hours searching for the answer to this on the internet. In this version of Vista Home Premium, there is NOTthe option to change the letter of the directory in the registry by changing the key called public as suggested by the How To Geek at this link Move the Public Folder in Windows Vista :: the How-To Geek

How To Geek says:
"Browse down to this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
You should see a key called Public. Double-click it to open it and change it to D:\Public, or whatever location you want to move the public folder to."Note - Vista Home Premium does NOT have a Public key.

Does anyone else have any other ideas?

Thanks so much in advance.




If you open Windows Explorer an... Read more

Read other 2 answers
RELEVANCY SCORE 44.8

I've corrupted the permissions on my C:\Users\Public\Public\Downloads folder. How can I recreate this folder? I've tried deleting the folder and then recreating it in the registry under HKEY_LOCAL_MACHINE\..\Shell Folders & User Shell Folders, but
to no avail.
This is on a Windows 8.1 Pro x64, non-domain, desktop installation.

Read other answers
RELEVANCY SCORE 44.8

I have only had my new HP notepad a few weeks an already I have a annoying pop up which I don't know if it's a fraud or legitimate due to me installing new programs.

It apears after about a minute of starting up and can only be closed via the task
manager.

I have tried to locate it but have not really found my feet with windows 7.

Anybody got any ideas on how to remove this pop up or find out if it's fraud or not?

I have inclosed two images:

Image 1= Actual pop up
Image 2= Pop up and how it appears in the task manager.

A:fraudulent or legitimate?

Welcome to Windows Seven Forums.

You haven't said which programs you've installed so I'd err on the side of caution and run a full anti-virus scan.

Malwarebytes is highly recommended: Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer

Read other 7 answers
RELEVANCY SCORE 44.8

I recently had some fraudulant charges go through my paypal account, and am afraid I'm infected with something. I've also noticed my computer going significantly slower than usual since around the time I noticed the charges. After running DDS I was only given one DDS.txt file, and no attach.txt file. I did check the checkmark for attach before starting, and I ran the program multiple times to make sure.
 
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17041
Run by Administrator at 20:05:44 on 2014-04-15
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.1790.247 [GMT -4:00]
.
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Fil... Read more

A:Fraudulent charges

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/531199 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 44.4

my dad has just been off the phone saying i need to come to their house as my mums pc has loads of errors etc,

a guy phoned my mum up and said their computer was needing fixed, so by the sounds of it, they've used remote access to get into her pc.

my dad phoned me on his moblie phone, so i said to him to shut the PC down and unplug it from the net.


after giving my mum a rollicking about being so naive, what security measures do i need to do to make sure this guy can't get access to my mums PC


any help/info would be appreciated

A:HELP. Remote Access (fraudulent)

Immediately run a full AV/Malware scan .... do a system restore to a point before this jerk conned her ... good luck...

Read other 8 answers
RELEVANCY SCORE 44.4

Three weeks ago an "alert" gave me three choices - to continue, cancel or "x" out. I accidentally hit cancel and soon received a thank you for a subscription, which was false. Soon, in Firefox, tabs opened to other sites I'd never heard of. Then a screen comes up giving the same options and the only way out is through task manager.

I've been plagued with Trojans that are taken care of via AVG and Malawarebytes but would really like to get to the core of the web sites.

I'm running XP. Thanks for any help you can give.
 

A:fraudulent switch to other web sites

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

 

Read other 1 answers
RELEVANCY SCORE 44

Due to nine fraudulent digital certificates issued, MS has issued this fix available now for the following problem:






Quote:
Microsoft today warned that Comodo has issued nine fraudulent digital certificates to a third party whose identity could not be sufficiently validated, a scenario that could allow attackers to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web surfers.

According to the Microsoft advisory, the fraudulent Web certificates affect the Microsoft Live service, Google’s mail system, Yahoo and Skype log-ins.
login.live.com
mail.google.com
Google
login.yahoo.com (3 certificates)
login.skype.com
addons.mozilla.org
“Global Trustee”




If you have your updater set to auto install, the fix should be applied. If not, the update is available at the following link for all supported versions of Windows to help address this issue.

For more information about this update, see Microsoft Knowledge Base Article 2524375.

Read More:

Microsoft warns: Fraudulent digital certificates issued for high-value websites | ZDNet

Post, Security News:

Microsoft warns: Fraudulent digital certificates issued for high-value

A:MS releases important fix for fraudulent certificates

Thanks for the info...I just ran the stand alone installer.

Read other 1 answers
RELEVANCY SCORE 44

Official-looking e-mails claiming to be from IRS are fraudulent.

Schemers claiming to be Uncle Sam are filling e-mail boxes in Contra Costa County, Calif., and across the country with messages asking for people's personal information.

-- Tom
 

A:Official-looking e-mails claiming to be from IRS are fraudulent

Thanks
 

Read other 1 answers
RELEVANCY SCORE 44

Microsoft Security Advisory (2607712)
Fraudulent Digital Certificates Could Allow Spoofing






General Information

Executive Summary

Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft Windows. Although this is not a vulnerability in a Microsoft product, Microsoft is taking action to protect customers.

Microsoft has been able to confirm that one digital certificate affects all subdomains of google.com and may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Microsoft is continuing to investigate how many more certificates have been fraudulently issued. As a precautionary measure, Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List.

All supported editions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certification authority. Users of these operating systems will be presented with an invalid certificate error when they browse to a Web site or try to install programs signed by the DigiNotar root certificate. In those cases users should follow the instructions in the message. Microsoft will release a future update to address this issue for all supp... Read more

A:Fraudulent Digital Certificates Could Allow Spoofing

That's not good

Read other 3 answers
RELEVANCY SCORE 44

Chalk one up for the good guys. The FTC today announced that it's filed a restraining order against a company that allegedly offered Internet users a spyware scanner program that falsely reported that computers were infected with spyware, and which failed to remove any spyware at all from infected machines.

http://blogs.pcworld.com/staffblog/archives/000567.html
 

A:FTC Shuts Down Fraudulent Antispyware Company

worth one bump. maybe it can save someone some money and heartache.
 

Read other 1 answers
RELEVANCY SCORE 44

The HP 13-u100na is advertised as having a resolution of 1920x1080, but the actual resolution is 1366 x 768. I have two with the same problem. HP advises that the Full HD resolution only applies to the graphics card, i.e. it is only available when the laptop is connected to an external monitor. You can see the misleading claims on http://store.hp.com/UKStore/merch/Product.aspx?id=Z3F58EA&opt=ABU&sel=NTB It even says Full HD on the box itself! I have reported HP to the Advertising Standards Authority.

A:Fraudulent advertising of HP x360 13-u100na

Sorry for the lousy formatting, I should have done a preview.

Read other 1 answers
RELEVANCY SCORE 44

SAYS: FRAUDULENT WEB PAGE BLOCKED. Although it gives me option in small print to "GO TO SITE ANYWAY."

I have a hard time accessing eBAY. When I click on an item, there's a page that comes right away saying that my attempt to open this page is Fraudulent Web Page Blocked by Norton, says to visit Symantec, or to exit the page. I tried to exit the page and it's still there. PLEASE HELP.

I have Windows XP. Please help.

Thanks.
 

A:Fraudulent Page Blocked on eBay

They are working on this issue,
Take a look HERE
 

Read other 1 answers
RELEVANCY SCORE 44

The full advisory can be found on the Web at: http://www.microsoft.com/technet/security/advisory/2524375.mspx.

===========================
SUMMARY
===========================
Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

Certificates for the following Web properties are affected:

• login.live.com
• mail.google.com
•www.google.com
• login.yahoo.com (3 certificates)
• login.skype.com
• addons.mozilla.org
• "Global Trustee"

Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used.

An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375 (http://support.microsoft.com/kb/2524375).

Typically, no action is required of customers to insta... Read more

Read other answers