Archives

Don’t Be Tricked With Online Money Launderers

Email message sent to different product providers and companies asking the recipient to send them back a message containing the details of products available with views for further orders.

Short Analysis

This kind of email is also a part of what experts called “money laundering” scam. The moment the recipient of the said email also send reply to the sender along with the details of the requested information, the scammers will now place orders and will also request the recipient to pay through credit cards. The scammers will ask you to send payment higher than the price agreed. They will then request you to wire the additional amount of payment for “shipping agent” or another third party individual. The credit card used for the said transaction will now be stolen. This kind of scheme is just a way of converting proceeds of crime to untraceable amount of money.

Detailed Analysis

Businesses who used to sell items online are the ones who often receive email messages with this scheme. Scammers often regard themselves as interested customers and will usually ask more information regarding a particular item which they offer. The message usually contains request about the pricing details as well as the payment option.

Although some of these emails may also be real customer enquiries. But, most of them serve as an opening gambit to money laundering scam.

When the vendor replies to scam messages like this giving the requested details, scammers will now place their orders using emails. They will then ask you to pay the order with your credit card. Usually, the orders are quite convoluted and complex. Scammers will now insist of dealing directly to the vendor itself instead of making the transaction with the ordering system used by the vendor online.

What comes next is that scammers will now instruct you to pay with an extra amount than the exact amount of orders since the vendors will need that extra amount for paying the courier service or the “shipping agent”.

After that, they will then make excuses on why they can’t pay the shipping charges directly. And if the vendor doesn’t agree with the additional fee and send it to its delivery agent, the scammers will now threat you of withdrawing back your orders. They will now convince you to just send the shipping payment through money transfer services like Western Union. But their ultimate goal here is to convert the funds from the stolen cards to untraceable cash.

 

Money Laundering Tricks

Outline

Email message sent to different product providers and companies asking the recipient to send them back a message containing the details of products available with views for further orders.

Short Analysis

This kind of email is also a part of what experts called “money laundering” scam. The moment the recipient of the said email also send reply to the sender along with the details of the requested information, the scammers will now place orders and will also request the recipient to pay through credit cards. The scammers will ask you to send payment higher than the price agreed. They will then request you to wire the additional amount of payment for “shipping agent” or another third party individual. The credit card used for the said transaction will now be stolen. This kind of scheme is just a way of converting proceeds of crime to untraceable amount of money.

Detailed Analysis

Businesses who used to sell items online are the ones who often receive email messages with this scheme. Scammers often regard themselves as interested customers and will usually ask more information regarding a particular item which they offer. The message usually contains request about the pricing details as well as the payment option.

Although some of these emails may also be real customer enquiries. But, most of them serve as an opening gambit to money laundering scam.

When the vendor replies to scam messages like this giving the requested details, scammers will now place their orders using emails. They will then ask you to pay the order with your credit card. Usually, the orders are quite convoluted and complex. Scammers will now insist of dealing directly to the vendor itself instead of making the transaction with the ordering system used by the vendor online.

What comes next is that scammers will now instruct you to pay with an extra amount than the exact amount of orders since the vendors will need that extra amount for paying the courier service or the “shipping agent”.

After that, they will then make excuses on why they can’t pay the shipping charges directly. And if the vendor doesn’t agree with the additional fee and send it to its delivery agent, the scammers will now threat you of withdrawing back your orders. They will now convince you to just send the shipping payment through money transfer services like Western Union. But their ultimate goal here is to convert the funds from the stolen cards to an untraceable cash.

Microsoft Support Scam Tactics

Cybercrime is now a growing trend anywhere in the world. Different kinds of Internet scams and frauds are prevalent but there’s really one hoax that’s rising nowadays; and that is Microsoft Support scam.

This is a supposed call from a fake Microsoft support specialist, offering you help to fix your computer. The computer user will receive calls informing them that there ISP discovered a serious virus attacking their system; thus Microsoft support specialist was being contacted to tackle and reach out the issue. The security professional from Microsoft will usually run a scan on your system to identify what kind of computer virus present in your device. And once the scan is done, and the serious problem is now on hand, the tech support will then offer to solve the problem for one $250 and sometimes even more and you have nothing to do but to sit comfortably in front of your computer waiting for the repair to finish.

All these tactics are not new to us; however it continuously grows due to the presence of cheap labor and cheap calls outside U.S. Some users are even fighting back in order to record the information regarding the modus operandi of the scammer as well as its identity.

The tactics commonly used by the scammers are really intended to fool their prey and those unsuspecting users. First, the scammers or fake Microsoft support specialist will reach the user with confidence, speaking to their suspected victim using technical words informing them that they are in great threat of a serious virus attack.

Scammers will represent themselves as a specialist from a certain department of Microsoft. While both are in connection with each other through the phone call, scammer will now threat the user with different kinds of error messages that often indicates virus infection on the device. Usually, these errors are general just like log file.

Scammers will then instruct the victim to run DOS command and confirm the unique ID of the victim’s system. Although this process may sounds like an excellent proof for a certified tech support staff, the scammer will now have the chance to read the numbers displayed on the screen of the user. They will then instruct the user to confirm generic IDs for file extensions which will make your system more vulnerable to threats.

After that, you will just find yourself logging their system remotely and perform the tests instructed by the scammer. And later on, find yourself on a PayPal page paying the supposed Microsoft support specialist for the services rendered not knowing that everything is just a hoax and you are the victim.

 

The World Of Ransomware

Though our malware defenses have improved, ransomware authors are finding new ways to infect our systems. Fortunately, we have options and solutions.

It’s a computer user’s worst nightmare. You boot your PC, and a big warning box pops up on your screen. No, it’s not a Windows error; the message states that all your files have been encrypted and you’ll have to pay a ransom to get the key.

The first strain of this pernicious form of malware/ransomware was CryptoLocker. It was a profitable scheme — until anti-malware apps adapted to this new threat. But as with any successful infection, CryptoLocker soon mutated into new variations such as CryptoWall and TorrentLocker. Whatever they’re called, all these strains of malware have a common thread: they don’t destroy data but simply lock it up until you pay the ransom. Even when the infection is removed, the data remains encrypted. And in some cases, even backup files are made unusable — unless you buy the key.

Most ransomware infections arrive via email attachments or phishing attacks. They can even be hidden in cloud-based file-sharing sites such as Box, Dropbox and ShareFile. They can be .exe files, ZIP files, or fake PDF files that are in fact executables used to install malicious code. Ransomware seems to be especially adept at evading anti-malware tools. Its encryption engine is similar to those we regularly use on our PCs, and its pattern or signature can change rapidly.

 

The encryption process uses two types of keys. The public key is used to encrypt files; the private key handles decryption and is held only by the data’s owner. A CryptoLocker attacker uses the public key to lock your files. Because the thieves hold the private key, they effectively own the files. You pay ransom to have your data unlocked — you might or might not get the actual key. Again, because the attackers use standard encryption techniques, the encryption process usually goes undetected by anti-malware programs.

 

 

 

How To Perform USB Virus Removal?

As more and more computer users carry USB sticks with them to store and transfer their data, it was only a matter of time before virus writers targeted these devices as a delivery mechanism. This is done through the use of an autorun.ini file. This type of file is basically just a text file with instructions to execute other files. The other files are the actual virus payload. They may have names like Ravmon.exe, New Folder.exe, svchost.exe, and possibly another files with a.dll extension.

Manual USB virus removal can be very tricky and it is suggested that you use a good antivirus/spyware removal tool to prevent and remove risks automatically. The first thing to do is make sure you have a good backup of your files on the USB stick. Offsite backups allow for greater peace-of-mind. Next, you’ll want to make sure your computer is not set to automatically run CDs and removable devices. Microsoft has a one-click solution located in their knowledge base (967715) to disable autorun.

It’s best to attempt removal of infected files through the operating system’s command prompt. Simply click Start, Run (or Search programs and files) and type cmd, Enter. Enter the drive letter your USB stick is using. If you need to check, go to My Computer (or Computer) and see what drive letter has been assigned to the USB device. Next, in the command prompt type that drive’s letter, e.g., if it’s E, type e: to switch to the E-drive).

Then, make sure all files, including hidden and system files, are showing. So, type attrib -rsh. This will ensure the files are not read-only and that system and hidden files are showing. Delete the autorun.ini file and any.exe and/or.dll files that look like they don’t belong. The key thing is to make sure the autorun.ini file is gone. This will keep the virus from replicating again.

It’s virtually impossible to keep your USB memory device free of viruses when it gets used in other computers; however, as long as you have autorun disabled on all of your computers and use up-to-date virus protection software, you will lessen the chances of becoming infected.

How To Eliminate Antivirus Live

Antivirus Live is a kind of “ransomware” application which is also a variant of malicious software programs that often affects your entire system and imitates a genuine antivirus tool hoping that you will purchase the complete version to eliminate the said infection. The tool makes Internet proxy within your PC and  redirect those several attempts to download the tool that can  delete it and produce pop-up messages that identify the genuine tool as an infection. Eliminating this antivirus Live needs that the program parts will be deleted and the proxy will be removed and deleted from the registry section of your computer. You can follow the instructions below to properly eliminate the ransomware from your system.

  • The first thing you need to so is to reboot your Pc, and to do this, you can simply press on your “F8” button from your keyboard simultaneously when the BIOS of your computer begins listing all the hardware linked to your PC until such time that your “Advanced Boot Options” window will show up. Choose your “Safe Mode with Networking” menu to boot your PC in a “Safe Mode.”
  • Immediately launch now your Internet Explorer web browser and open your “Tools” menu and click on “Internet Options” entry. Now, click on “Connections” button and select your “LAN Settings” tab. When your LAN settings window will show up, uncheck on the option “Use a Proxy Server for your LAN” and then hit the “OK” button. Close your “Internet Options” screen as well as your Internet Explorer browser.
  • Using your mouse, right- click on “AvScan” listing found on the “Software” listing and click on the “Delete” tab from its context menu. Scroll down through the listing “Processes” located on the “Task Manager” menu. Immediately look for an entry that has code “sysguard.exe” on its file name, usually with random set of letters prior to it. Select the procees to choose it and then click on “End Process” option and confirm that you really want to do this changes whenever prompted to do so.
  • Launch your “Registry Editor” from your Windows operating system by clicking on your “Run” option from your “Start” menu and then type the word “regedit” on the search box of your “Run” window. Open the listing “HKEY_CURRENT_USER” on the registry editor and expand your “Software” listing.
  • Using your mouse, right- click on “AvScan” listing found on the “Software” listing and click on the “Delete” tab from its context menu and then confirm that you really want to do this changes whenever prompted to do so.
  • Scroll down from the menu and expand your “Microsoft” listing and look for “Internet Explorer.” Expand that listing and then look for “Download” entry so that you can see its contents. Select the line with codes “RunInvalidSignatures”=”1.” Using your mouse, right- click on “Delete” tab and confirm the deletion action whenever prompted.
  • From your “Microsoft” listing, look for “Windows” entry and expand it immediately as well as the “Current Version.” From your “Internet Settings” option, delete the entry “ProxyOverride”=” along with “ProxyServer” = “http=127.0.0.1:5555,” and then expand your “Policies” listing then erase the “LowRiskFileTypes” = “.exe” from the “SaveZoneInformation” = “1” and “Associations” lcoated on your “Attachments.” Look for your “Run” entry, then removed the registry key that includes random letters the same with the “Process” name that you ended previously.
  • Reboot your PC and let your system normally boot this time.

Important Things That You Should Know About Bloodhound.W32.Ep

Bloodhound.W32.Ep is a type of worm virus that propagates itself by sending and forwarding it to any other computer through infected websites on the web and e-mail attachment that contains the virus. The malicious program often makes itself appear like any anti- virus software used by Symantec Anti- virus tool for it to become more difficult to detect. Backdoor.w32.ep has the capacity to download malicious software from the web towards your computer. It can generally slow down the performance and speed of your computer, disable your computer from the Internet connection, and changes the default settings of your operating system.

You can eliminate this bloodhound.w32.ep worm from the hard drive of your computer by shutting off all the entries associated with the virus and using an effective and reliable anti-virus tool available online. Here are some of the useful instructions that you can follow to properly remove all backdoor.w32.ep virus from your system.

  • Open the browser of your computer. Proceed to a website that provides virus removal tool like the “Free Anti-Virus” from AVG.
  • Locate the tool from the website’s download section, and immediately click on the downloadable link for the installation file of that anti- virus tool.
  • Close your Internet browser and then double- click the link for the installation files. Simply follow all the instruction to properly install the software.
  • At the lower portion of your desktop window, locate the “Start” button and click on it. Select “Shut Down” menu and click on the “Restart” button. Wait for your computer manufacturer’s logo to show up on your screen.
  • Press on the “F8” button from your keyboard as soon as you saw the logo. Wait for a new window to appear with a black and white text option screen.
  • Press on the downward arrow key and then highlight the text menu labelled as the “Start Computer in a Safe Mode.”
  • Hit on “Enter” key, and then wait for your system to load the operating system in a safe mode. Press on the Ctrl” key, “Alt” key and then the “Delete” key simultaneously to show up the “Task Manager” option of your computer. Click on “Processes” button.
  • Scroll down on the list of applications and files operating on your system. Look for entries named “Bloodhound.exe” ; “mjcs.exe”; “123.exe”; “xrmkoni.exe”; or “darkst.com.” If there’s any entry with that label, click on it and then choose the “End Process” option located at the right- lower corner of your “Task Manager” window. Repeat the entire process to the other entries with similar labels in your list.
  • From your desktop window, double-click on the icon of your anti-virus tool installed earlier. Click on “Update Now” option on the left side of that window. Simply follow the instructions and click on “Computer Scanner” menu.
  • Choose “Scan Whole Computer” option. Wait for the tool to completely scan the hard drive of your computer for presence of bloodhound.w32.ep and any other computer virus. Click the “Remove Selected Problems” option once the scanning is completely done and has already removed all the virus infections inside your system.

 

Eliminating Google Redirect Virus From Your Computer

The Google Redirect Virus will continually send you to fake websites, false search engines and a series of adverts. Despite being a highly common virus, it’s actually very difficult to remove from the typical computer – making it vital that you’re able to get rid of the infection from your computer in the most effective way to ensure the continued security of your system. This tutorial is going to show you how to get rid of the infection from your computer for good – using specific software that’s been designed to remove the virus specifically.

This virus is basically what’s known as a “browser hijack object” / “Tojan Horse”, and works by installing itself onto your computer and then changing the settings that your computer uses to run. This virus is not like most other infections, as “real” viruses will essentially put a large number of fake applications / files / settings onto your system and then cause all sorts of problems as a result. The redirect virus works by changing the Windows settings that are required to handle redirections on the Internet. To fix this problem, it’s recommended that you are able to repair the damaged settings / options that the virus will have affected.

Not many people realize this, but anti-virus applications are totally ineffective at removing the redirect virus from your computer. The problem is that this virus just changes a few settings and will then disappear from your computer – leaving no trace for any anti-virus application to locate and remove. The way to get rid of this infection is to essentially make sure that you are able to use a tool / method that will remove the virus from your system in its entirety.

There are currently three programs which are able to get rid of the redirect virus from your system:

Hitman Pro – This is a “Trojan Horse” removal tool, which works by scanning through your computer and getting rid of any traces of Trojan Horse infections that your computer may have inside. You can use this by downloading it onto your system and then getting rid of all the parts of the virus from your system. This is free to use on a 30-day trial.

ComboFix – This is a rudamentary virus removal tool which will scan through the files that you specify (by using a “script”). If you use the correct script with this program, you should be able to remove all the parts of the redirect virus from your computer pretty easily.

FixRedirectVirus.org – This is a specially designed piece of software that’s been created especially to get rid of the redirect virus. This application has been compiled by a leading computer technician from the UK, and is now able to get rid of the infected parts of the program that is on your PC. You can use the tools that it shows to remove the redirect virus in the most effective way possible. This is by far the most effective way to get rid of the infection on your PC.

Sending Off Harmful Adware And Spyware

Adware, Spyware those two dreaded words we all fear, and with good reason when you know what the potential is.

When you first install your operating system on your computer and boot it up, you have the feeling that it’s as if you are starting anew. Everything runs very fast and smooth, without a hiccup, and so you start installing various games and programs, download some tunes and some photos onto your machine.

After a while, you notice that it’s slowing down a bit, and gradually over time it seems to be getting worse. Well, unless you have used up all of your memory and hard drive space, then perhaps what you are dealing with is a dreaded adware or spyware program(s).

But before you jump to conclusions about what you should do, it would be a good idea to examine your recent use of the computer, as well as the symptoms which are currently showing. If you have at some point downloaded music online (only illicit sources count), or if your homepage keeps on magically changing, or if you keep getting horrendously annoying pop-up ads, and see that your computer is running uncharacteristically slow, then your privacy is indeed being invaded by adware and spyware programs.

These adware and spyware programs may seriously damage your computer and in the extreme, they may even end up affecting your life in the real world. Think about it for a moment. Any information that you might access online can be intercepted. Dubious and shady websites will start to appear on your desktop and in your favorites, all your browsing activity will be tracked and monitored, virus-crammed toolbars will start to appear on your browser and your default page may even be subject to hijacking!

This can end up with you being unable to change the settings. While some of these programs are not entirely dangerous, there are others out there that are programmed to be just that and what’s more, some are nearly impossible to remove; all they do is take up space and slow down your activities on the computer. I took my computer to a national PC chain recently and there was something on my machine even they could not remove!

If you thought all you had to worry about was the odd virus, think again because adware and spyware can give you all sorts of headaches and security issues.

If you want to be rid of adware and spyware programs you should run a specialist program to detect and remove them as soon as possible. Some you pay for, but there are some very good free or trial versions available for you to use. It is a good idea to do this on a regular basis, like daily!

Look for one that gives you a good level of control and that gives you the option to perform automatic sweeps of your computer. This will give you peace of mind and leave you to get on and enjoy a much improved machine, and it saves you forgetting!

Do it today and see what a difference it makes to the performance of your computer once you are free from adware and spyware.

 

What Makes Adware And Spyware Unique From Other Viruses

Spyware, Adware, viruses, trojans, worms, keyloggers, and rogue anti-Spyware are terms that you may or may not have heard before, so it’s probably best to just explain each one, so that you can take steps to ensure that your PC is protected against them. All of these are “malware”, which is short for “malicious software.”

Spyware – Just as the name implies, it is a program that is installed on a computer and “spies” on or monitors it. Spyware programs are a type of “malware” that collect information about the user of a computer without the user’s knowledge. The user is usually unaware that Spyware is even present on their computer. Although the name suggests that Spyware simply monitors a user’s PC activity, Spyware can also install additional software, monitor sites visited, internet activity, change home pages, and result in slowed internet connection speeds.

Adware – As you can see that the word “Ad” is in the word, Adware is software that supports advertising activities. Adware is a type of software that presents a user with advertisements by automatically playing them, displaying them, or downloading them after a user has installed a software application containing Adware.

Viruses – A computer virus operates very similar to a virus that results in you calling into work sick with a cold. A computer virus is a computer program that infects a host, in this case, your computer, and duplicates itself and spreads throughout your computer. Viruses are different from Spyware, Adware, and others because they have the ability to duplicate themselves. A virus is only called a “virus” if it can be transferred from one computer to another in the form of an executable file or code. Once the virus is in your computer, it can spread itself to other computers by infecting other computers on your network, etc. A virus can cause major file corruption/modification and slow down your computer drastically.

Trojans – Trojans are very similar to the story of the “Trojan Horse” that you may have heard or read about. Trojans are malicious software that infiltrates your PC, while appearing to accomplish something legitimate or useful. What they really do is allow unauthorized access to your computer to some hooligan. Once this hooligan has remote access to your computer, he or she can do just about anything that the user account that they are logged into is allowed to do. Some examples of things that trojans do that you don’t want them to are: steal passwords and credit card information, install malicious software, edit or delete your files, record your keystrokes, and even view your screen or crash your computer.

Worms – A worm is like a virus in that it is a program that can duplicate itself and distribute itself to other computers on a network. Worms exploit security loopholes, consume large amounts of network bandwidth, and usually harm the network in some way. The worst part about worms is that they can allow backdoor access to your computer to some hooligan that would like to send spam email from your computer or engage in some other form of illegal activity.