It was brought to my attention that someone had posted his email address to a message he posted here and that within a few days he started receiving SPAM.

I receive so much SPAM I can't tell if any of it is from me posting my email address here. Just be aware that it is very likely that the SPAMMERS have software that can search for discussion groups like our and look for any email address listed in the messages.

Just be aware.

It was also brought to my attention that there is a new telephone scam going on where you may receive a phone call from someone that claims that there are from a credit card or possibly checkcard you own. They claim that they are trying to verify that if you made a certain transaction and if you tell them no. They tell you that you will be getting a refund for that amount. They ask for the 3 digit security code from the back of the card to verify that you are still in possession of your card.

Then using that info they are able to make charges against your card. It looks like somehow they are getting a list of all your credit card info, including your home address, and all they need is the security code. Just beware of giving out any info to someone phoning you are in response to an email you receive.

One I have been receiving many of is one asking you to verify your PayPal info. They give you a link to a site that looks official and it ask you to verify your account info by re-entering all of your info. Don't do it.

I have seen the same thing for credit cards.

I am presently using a layered approach to keeping me from looking at SPAM and hopefully not missing any email that I want to look at.

Its not easy. I use Mailwasher Pro to catch most of the stuff that is pure bullshit. I still have to check out about 25% of the email I get to see if I want to download it or not.

I am also using Ella, which works with Outlook. It is a software that learns as it goes. I use it to catch some of the email that gets by Mailwasher Pro. For me there is always email coming in between the time Mailwasher checks, I check and then hit the process mail button.

I then have a version of Norton AntiVirus. Mailwashere can catch most of the viruses and worms but I have noticed that it does not catch those that are zipped. NAV catches those plus the other ones that just slip by.

Protect yourself. No one else is going to do it for you.

If you need to include your email address in a message you can always add something to it that needs to be removed before someone can use it like

ricksSPAM231@cox.net
or
ricksREMOVE231@cox.net

There are plenty of tricks you can use so someone reading the message will know what it is but a software program is not likely to know. Of course the two tricks above have been around so long the SPAMMERS may be checking their list and just removing those words from their list of harvested addresses.

Rick,

Very informative post. Thanks for posting. For every one person using the internet in an honorable fashion, there are five looking to make life miserable for others with scams, spam, etc.

Jim

Ad-aware 6.0
Spybot - Search and Destroy 1.2
ZoneAlarm Pro

http://www.spychecker.com/software/antispy.html

I just found the above site today. I have been using Ad-Aware and still was getting tons of spyware on my computer.

I downloaded two free programs today

SpyBot - http://www.spychecker.com/program/spybot.html

SpywareBlaster - http://www.spychecker.com/program/spywareblaster.html

I just ran SpyBot and it found things that Ad-Aware missed.

SpywareBlaster is suppose to remove the ability of the spyware programs of infecting your system.

Too early to tell how well they will work.

Folks--

This topic has been a hot button at our work for some time. I would encourage everyone to download and utilize Ad-Aware and Spybot. When you download them make sure you do the updates first before you run them. Ad-Aware looks for one type of malware whereas Spybot targets another...they should be used in conjuction with one another. Both are free and hopefully will stay that way. Both programs can be configured to start upon system boot-up and so your system starts each day clean. Also Spybot has an immunize button that you should use to keep the bad things off your computer.

Ohhh and in reference to that virus that attacks IIS and Internet Explorer. The wind was taken out of it's sails the day it was discovered. The virus would redirect you to a Russian website that would automatically download a trojan to your system. The Russian ISP shut down the website the day it was discovered. Feel free to continue to use IE regardless what your local media tells you....

read about it yourself..... http://antivirus.about.com/od/virusdescriptions/a/scob.htm

If anyone who is attending the seminar needs a hand getting your laptop "secure" I would be more than happy to help you set up these programs and get them automated!

AVG Free Edition

http://www.grisoft.com/us/us_dwnl_free.php

The following is the text of a email message sent to me


"Dear Citibank Customer,
We recently noticed one or more attempts to log in to your Citibank
account from a foreign IP address and we have reasons to believe that
there was attempts to compromise it with brute forcing your PIN number.
No successful login was detected and you have full protection by now.
If you recently accessed your account while travelling, the unusual login
attempts may have been initiated by you.
The login attempt was made from:
IP address: 103.27.185.24
ISP Host: cache-62.proxyserver.cis.com
By now, we used many techniques to verify the accuracy of the
information our users provide us when they register on the Site.
However, because user verification on the Internet is difficult, Citibank
cannot and does not confirm each user's purported identity. Thus, we
have established an offline verification system to help you evaluate with
whom you are dealing with. The system is called CitiSafe and it's
the most secure Citibank wallet so far.
If you are the rightful holder of the account, click the link bellow, fill
the form and then submit as we will verify your identity and register you
to CitiSafe free of charge. This way you are fully protected from fraudulent
activity on all the accounts that you have with us.
Click to protect yourself from fraudulent activity! [links to 219.148.127.66/scripts/confirmation.htm]
To make Citibank.com the most secure site, every user will be
registered to CitiSafe.
NOTE! If you choose to ignore our request, you leave us no choice but to
temporally suspend your account.
* Please do not respond to this e-mail, as your reply will not be received.
Regards, Citibank Customer Support"

eegads and I don't even have a citi-bank account. I suppose some people who have one will go to the web site posted and dutifully give up all their account information so that it can be either cleaned out or their limit taken to the max.

I use the same password for all accounts,or rather,I used to until someone got a hold of it and submitted a stiff $1875. invoice to PayPal.They only require an e-mail address and password,giving the bastard free reign.The funds were withdrawn from my checking a/c via electronic transfer that was already linked.

Luckily,I caught this all in time and lost nothing.A word to the wise!

hi,

re: Ricks new software

looking forward to hearing what you like and dislike about the software.

Personally, I have avoided the extra load on my system to even use firewalls!
However, with HTR and being on line for extended periods, I have been considering removing the RISK of using the internet without the standard safeguards. For spam protection and help, I am considering iHateSpam. This is a spam solution toutedby SunBelt which is a newsletter that I read.

QUESTION: Do you have an opinion on iHateSpam by SunBelt software?

-----------------------------
re: MikeDee

I am curious if you reported this to CitiBbank.

I had the same experience with a PayPal email. However, I displayed the email with the full details of the email and opened another browser window. From the second browser window I connected to PayPal and found their ...report Spam.. window. I started a report and sure enough they have a section to past the email, most web sites have this as a separate section. When a web site does not, I just paste the email within the spam report.

So, with the Spam report in progress. I can switch to my email window, copy the email AND the techie stuff about the internet links, and paste the spam-email-with-wwwTechie to the spam report.

so, QUESTION: did you report your spam to CitiBank?

if above yes, then QUESTION: do you know a simpler way to submit the Spam report?

----------------------------
re: MarkDee

wow, that is a GOOD story to remind folks that CyberSpace can be dangerous.

I have not had that happen YET. Yes, I do EXPECT that some Cyber thief will take advantage of me someday but I am not going to stop using the power of the internet because I am afraid of a thief!!

However, I would like to know what you did to get LUCKY. That is, you said '..Luckily, I caught..' . Well, if you could tell my WHAT you did and maybe HOW you did it then your experience may help me get lucky when I need to stop a Cyber thief.

oh, I am especially interested in the Citibank reply and/or help?

--------------------------
more than enuf for now. I have some data work that is waiting to be done.

According to the last two issues of ] Woody's Window Watch (http://woodyswatch.com/windows/index.asp) Microsoft is coming out with a Windows XP SP2 in the very near future.

According to Woody, it will be a massive (200 MB) change and likely leave many users with a few programs that will not work correctly.

Security and firewall up are suppose to be key to SP2.

Time will tell if SP2 fills in all the security holes that MS has come out with or just adds new ones.

There are suppose to be big changes to Internet Explorer also, as part of the change.



:confused:

I got "lucky" by frequent verification of all internet finances...weekly then, daily now with a touch of paranoia. PayPal requires only an e-mail address and password. I was foolish enough at the time to utilize only Hotmail and the same password for all accounts. Hotmail has had vulnerability issues in the past and I suspect someone got my password through their weakness and proceeded to PayPal, which through linked checking and credit cards will pay any submitted invoices.

Access to your Hotmail and PayPal accounts affords the culprit ability to stop or intercept any notices normally attendant to the transactions and the time to clean up their tracks. My hit occurred three days prior to my discovery...PayPal took me around the corporate carousel but reversed all charges within a week of a filed affidavit.

Have a great week.

http://www.safer-networking.org/en/home/index.html