SCAMS and PHISHING Forum?

Should we have a room dedicated to Net scams and phishing schemes?

  • Yes

    Votes: 34 79.1%

  • No

    Votes: 9 20.9%
  • Total voters
    43
  • Poll closed .
Dennis Olson

Dennis Olson

Chief Curmudgeon
_______________
These days, the viruses, net scams and "phishing" attempts are growing ever more plentiful, dangerous and convincing. I was thinking about placing a sub-forum off the main room here dedicated to just those issues. All scams and phishing schemes could be posted in there, and folks could read about them (hopefully) before being taken in by one.

So, is it a good idea or just more "fragmenting BS"...?

Comments welcome.
 
B

Brooks

Membership Revoked
My vote doesn't seem to be on the list.

Let them start on the main page and then segregate them for easier reference.
 
ZePPo

ZePPo

Membership Revoked
Do you mean stuff like this? From my Webroot Spy Sweeper news.....

Spyware News


The Webroot Threat Research Team continues to uncover new spyware threats every day. We've highlighted some of the current dangerous and more pervasive threats below. As always, Webroot recommends updating your spy definitions weekly for comprehensive protection. And if any of your co-workers, friends or family encounter any of these spies, they can remove them immediately with the free trial version of Spy Sweeper available from www.webroot.com.

New threats:
-Rbot - an Internet Relay Chat controlled Trojan horse which may be used to remotely access a machine.

-MyDoom_O - a mass mailing worm that installs a remote Trojan horse that listens for remote connections on TCP port 1034.

-Sncntr - a downloader program which has the ability to download other spyware onto a computer.

-WindowsNT IRC Trojan - an Internet Relay Chat controlled Trojan horse that may allow a hacker to gain unrestricted access to your computer and retrieval of data when you are online.

-Sced Downloader - a downloader program which has the capability of downloading more spyware onto a computer.


Updated threats:
-WildMedia - adware which may display ads on your computer.

-Peper Trojan - known to download files onto a computer and display pop ups.

-vx2 (Transponder) - an IE Browser Helper Object that monitors requested web pages and data entered into online forms, then delivers targeted advertisements.

-IEPlugin - an IE Browser Helper Object that monitors web surfing activities and displays pop-up advertisements based on keywords.

-CasinoPalazzo - adware which may place unwanted shortcuts and programs on the desktop advertising CasinoPalazzo.com.






Tips and Tricks


Spy Sweeper uses "Definition" files to detect and remove spyware from your PC. To ensure comprehensive protection, we recommend subscribers update their definitions at least once a week. Non-subscribers receive one free update. To check for new "Definition" files, click the Options icon to find the Update Definitions button under the Program Options panel.
 
Dennis Olson

Dennis Olson

Chief Curmudgeon
_______________
Yup. Stuff like that, the latest phishing scams, as well as the Nigerian (and now UAE) scams. The kind of stuff that folks on the net NEED TO KNOW.
 
B

Brooks

Membership Revoked
Dennis, part of the problem is that the people who need to know are the ones who need a hefty 2x4 swung in their direction. For instance, the folks who never bother to check the story out at snopes.com. Those folks aren't so likely to regularly browse a subforum, IMO.
 
Dennis Olson

Dennis Olson

Chief Curmudgeon
_______________
Well, the subforum would be shown immediately above the main threads, so it'd be very difficult to miss, unlike the SIGs, which don't show up directly (you have to GO there).
 
onderock

onderock

Veteran Member
Good Morning Dennis-

I think it's a good idea.

Lotsa stuff out there that some of us get, some of us don't.

Like this latest Sun Bank scam:

(verified by Snopes)


Home --> Inboxer Rebellion --> Scams --> Phishing Expeditions -->SunTrust


Phish Bait: SunTrust bank customers.

Example: [Collected on the Internet, 2004]




Origins: This phishing scheme was disseminated by e-mail in October 2004 and directed at customers of SunTrust bank. It differed from ordinary phishing schemes in that clicking on the link provided didn't take the user directly to a bogus SunTrust Bank web site; instead, the code launched a browser in the background which displayed the real SunTrust web site while popping up a phony "confirmation" screen in the foreground:




Users who entered personal information such as their ATM card numbers and PINs into this counterfeit form transmitted that sensitive data not to SunTrust Bank, but to scammers based in Russia.

Last updated: 5 October 2004


The URL for this page is http://www.snopes.com/inboxer/scams/phishing/suntrust.asp

Urban Legends Reference Pages © 1995-2004
by Barbara and David P. Mikkelson
This material may not be reproduced without permission.



---onderock---
 
B

Brooks

Membership Revoked
Unless the thread starts out on the main page, it might as well not be there as far as many folks are concerned. So, it's still a question of who your audience is. The ones who would already know better or the ones who need it in their face to pay attention to it? I still can't vote because I can't tell if your first choice includes starting on the main page and then moving or starting directly on the sig.
 
B

blueberry

Inactive
I sell on eBay. I list about 100 - 200 items a week. Lately, I have noticed more "phishy" bidders. A bidder will bid on several hundred auctions from different sellers. Even tho the bidder never pays, and will be kicked off eBay, the "phishy" bidder now has the email address of several hundred sellers.

I am not sure if the "phishy" bidder sells the list of emails, or sends out the spoofs on their own. If I have a large batch of acutions end on one day, I usually notice 5-10 spoofs in my email right after the auctions end. On average I get 5 to 8 spoof emails a day.

The most real looking spoof I ever recieved, pretended to be from Capital One. I was amazed at how real it looked. Since I do not have a Capital One card, it was
real easy to determine it was a spoof :rolleyes:

I get spoofs pretending to be from eBay, PayPal and numerous banks. I forward the Pay Pal and eBay spoofs back to Pay Pal and eBay, but I just delete the ones from the banks - I am not sure who to send them to :shr:

I really feel for the people who have been taken by phishers.
 
D

Delta

Has No Life - Lives on TB
I think its a good idea.

Whether it starts on main board or not probably doesn't matter, but the more we start on the main board, the more work we make for the mods in having to move things.

I for one have never understood the apparent prejudice against the sub-boards. Some people seem to think having their postings on the sub-boards is some kind of demotion. They are just more appropriate places to find some things. Maybe some people just forget to look there. On the other hand, there are sub boards I never visit, and I no doubt miss things--like why we should always go camping with a tent. :D
 
phoenix7of7

phoenix7of7

Deceased
Well; this is certainly timely today. This morning I had two emails from my 'bank' asking me to verify my user name, password and account numbers - and do it quick before the account was inactivated.

No - I didn't fall for it. But the provided link did call up a page exactly like the actual bank homepage.

I decided to enter some colorful language in the user name and password boxes. Sure enough - that data took me to the next pages where a long list of info was asked for.

Truly - I would cap the sort of scum that are doing those scams.
 
Libertarian

Libertarian

Deceased
Sure! Great idea. I just got five notices from banks I do not do business with asking me to click on their link and enter my account number and password so that they could help me fight fraud.

I also had a few from various African nations telling me that either I am a biillionare or they need my help to get stolen/seized money that is rightfuly theirs and would like to use my bank account to do so.
 
DannyBoy

DannyBoy

Veteran Member
Sounds like a good idea Dennis, just more work for you though. I agree with Blueberry above, too. The Citibank deal was the best scam ever, but now they (the scamers) have been copied by many.

edit... Hey! Finally broke 300!!
Dan
 
I

intothatgoodnight

. . .
. . . or, you could enroll with an ISP who has the ability to filter *most* of this stuff out before it gets to your email box.

Earthlink is VERY good at filtering out email junk -- OCCASIONALLY, something will slip through -- such as the CapitolOne scam I saw recently.

OTHER ISP email accounts are not NEARLY as well culled of junk email, which slip through far too often, only to be caught at my end by Mozilla's junk mail filters (if at all).


intothegoodnight
 
Ought Six

Ought Six

Membership Revoked
I would suggest making it a public forum available to non-members as well. Public service to the net community, and all that.
 
Walrus Whisperer

Walrus Whisperer

Hope in chains...
This is one of those things that I think are so important that I think they belong on the main page. Even if it helps only one person, its worth it. This place is getting so chopped up I cant find ANYTHING.
 
'plain o joe'

'plain o joe'

Membership Revoked
Frankly, you could make a dozen more.

But what drives me nuts is threads that are still on the main page, getting alot of activity getting moved.

imvho, all posts would first goto the main page, then after a 24 hr period of no posts, would get sorted into their respective sigs

example: Current Posts

[HLTH] Stop smoking shots
would be sent to Corkboard or Alt Meds

[USA]Sponge Duck Toy A Sex Toy?
would end up in TIO

[OT] Any psychics out there?
would end up in UNEX or ALT.

only hard news and prep would be left in the main sig

AFTER 24 HRS of no posts...

Takes the onus off the mods for moving something, yet leaves the main page for todays news and happenings..

you could also make that time period 48 hrs of zero posts, before it gets moved.
 
Last edited:
jed turtle

jed turtle

a brother in the Lord
i agree with plain ol joe.

and i do think there's a place for a scam forum to collect the latest headsup. i almost fell for the phoney paypal email to hurry up and change my password because of hacking.

on the subject of SIGs, i've noticed that the list of threads stays rather short on most of them. is it a bandwidth issue? unless you've read and can remember something in a post that has fallen off the page - and thus do a search- , there' s no way to peruse older threads.
 
Dennis Olson

Dennis Olson

Chief Curmudgeon
_______________
That setting is available in your USER CP, to adjust how many days of back-threads are available to you by default. In addition, beneath the threads list in every forum is a "Show threads from:", with options of today, yesterday, a week ago, a month ago, 3 months ago, 6 months ago, a year ago, and from the beginning. Change the value of that field and click the Submit button.
 
S

Seldom Seen

Membership Revoked
Pardon my ignorance,but what is a phishing scam? Is it some sort of data mining,where people give up their bank account numbers to nigerians in order to get rich quick?
 
Dennis Olson

Dennis Olson

Chief Curmudgeon
_______________
It's fake emails that LOOK like legitimate notices from places like your bank, credit card issuer, paypal, etc. These emails tell you to "update your account information by clicking this link". The clicked link takes you to a website that looks exactly like the legitimate one, except it goes to a criminal's server. You enter your account information, and they subsequently drain your bank/cc account.

"Fishing" (for private information) via the web.
 
S

Seldom Seen

Membership Revoked
Thanks. I've never seen one of those,but I guess I'm a pretty small target since I don't have CC,paypal or even a checking account :eye:
 
O

Oilpatch Hand

3-Bomb General, TB2K Army
Well; this is certainly timely today. This morning I had two emails from my 'bank' asking me to verify my user name, password and account numbers - and do it quick before the account was inactivated.
Click to expand...

Yeah, I got one yesterday, from "Wells Fargo," asking me to verify my account details. Since I don't have an account with them, it was an easy one to knock off.

But, I have to admit I was impressed by the authentic appearance of both the e-mail and the site linked to it. If you didn't check the URL field at the top of the browser, you might come away with the idea you were actually at the Wells Fargo website.

I think a "phishing-scam" room is a good idea.
 
rugmaker

rugmaker

Veteran Member
I usually go to the computer area if I am having any problem relating to computers.

I like having posts put on the main page for a short time so that I don't miss anything before it goes to it's proper place. More people see the main page, but when I need to look something up later, I can usually find it by going to that section.
 
M

milkydoo

Inactive
I say give it a try....can't hurt. If it saves our members pain and suffering, wasted time and money, then it's worth it.
 
You must log in or register to reply here.
Top