Scammers Bait 40,000 Facebook Victims with Ikea Gift Card

It's in the news and it is viral so I thought you should know about it.

This bit of news was picked on the web and has been verified as true. I am quoting the story here but you can also read the story directly by going to this website:
http://geeks.pirillo.com/profiles/blogs/scammers-bait-40000-facebook

This has been pasted from that website link

Robert Siciliano Identity Theft Expert

It’s just a matter of setting up a fake Facebook page and marketing it to a few people who then send it to their friends and it goes somewhat viral. The Ikea scam hooked 40,000 unsuspecting victims with the promise of a $1,000 gift card.

PC World reports In the past months, fan pages have popped up all over the social networking site, offering too-good-to-be-true gift cards. There’s the $500 Whole Foods card, the $10 Walmart offer, and the $1,000 Ikea gift card. The Ikea page put these gift card scams on the map last month, when it quickly racked up more than 70,000 fans before being snuffed. Facebook has also taken down Target and iTunes gift card scam pages in the past few months.

To get the gift card the users must enter names, address and email address. They are then pointed to other pages where real products and services are offered. From there they enter credit

card details if the offer appeals to them.

The root of this scam is believed to be perpetrated by affiliate marketers who make money on click throughs and create a ruse to gather data on potential customers also known as a “sucker list.”

In general, there shouldn’t be any traditional identity theft as it relates to new account fraud as long as requests aren’t being made for Social Security numbers, and the “victim” isn’t giving one out. Otherwise I don’t see this scam as harmful, but is certainly deceptive.

FACEBOOK Apps - How to spot a fake (Dangerous) one

Have you heard about the malicious attacks contained in Facebook apps that were circulating a while back? If you didn't, now would be a good time to give yourself a quick refresher on techniques you can use to spot an app that is just a little bit off when you're on Facebook.Before we get right into it, I'll state for the record that I get invitations for various applications from people in my friends list all the time. I think everyone probably does. If I were to sum up the entire gist of my message, I would say; if it looks strange,acts strange, comes from a stranger or contains the word "strange", don't accept it. Period - end of story.

While on the subject, you should review your privacy settings in FACEBOOK.

By way of an example, This part's for you. Last week, I was the lucky recipient of a notification that looked just like this:

Pretty innocent right? WRONG! Very, very wrong. First, this particular person is in my "Business Only" friend list (I've covered their last name for privacy) and we've never had a conversation, let alone 'oooh'd and aahhh'd' over each others photos. Second, look at the wording for the notification. It says Matthew XXXXX "commented on your photo". What's strange about that you ask? This is what it looks like when someone really comments
on one of your photos through the Facebook utility:

Subtle, but important. The Facebook phrase is "made a comment about your photo"

Your first inclination would likely be to see which photo someone has commented on right? Well in the rogue application, notice that only the word "photo" is hyperlinked. In the Facebook utility, the words "your photo" are hyper linked.

What should happen when you click "photo" or "your photo"? When all is right in the world, once clicked, you should be taken immediately to the photo that was commented on. However, with this rogue application, you're taken to this screen:

And this is where it gets dangerous. Of course I didn't hit the "Allow" button, but this is where the malicious nature of the app takes place. If someone were to click "Allow", identity information, malicious sites and viruses are all possibilities for results. There are a couple of things about this that should make you feel a bit unsettled.

• First, the name of the app is strange in that only the first letter of the title is capitalized.
  
• Second, there is no graphic (image) for the app.
  
• Third, it's only got a rating of 1 star.
  

Now a 1 star rating does not automatically mean that an app is bad, but it should give you some room for pause. After all, isn't social media all about a user-generated environment? If your peers only give something 1 star, they may be on to something. And lastly, there is no general description of what
the app is intended to do.

Remember that old saying: "if you have to ask, you can't afford it"? Well apply similar logic to apps not built by Facebook by saying to yourself: "if they won't tell me what it does, I don't want it."

This is what a valid app "Allow" screen should look like:


You can always do an apps search to see what you can learn about a particular app prior to allowing access by going to the "Applications"button located in the lower-left corner of Facebook and clicking the"Browse More Applications" link and then typing in your keyword(s) into the search box (the one with the mini magnifying glass).

As a matter of fact, we did an app search for "Tag a pic" and this was the result:

Let me state that the result is not "Tag a pic", but thedevelopers of fbquick may have utilized those words in their description. It seems that "Tag a pic" does not exist in the registry of Facebook applications which should give you your definitive answer that this was indeed a rogue application.

Here are some questions to use when evaluating whether or not an app is dangerous.

• Who did the app invitation come from? Are they a true friend or acquaintance (if you don't know the person at all, don't accept an app invitation plain & simple)? If they are, is the type of app that they sent characteristic of their normal behavior?
• Does the title of the app look strange? Is the app something you've never heard of before? Does the app provide you with a detailed description of the intended purpose? Have you used the FB search apps function to better e-search?
• Do the developers of the app disclose who they are?
• If you hover your mouse over it does the url show up? Does the url look strange?

Remember, being safe on the internet is your responsibility.

One final word, no offense to anyone sending me invites to Facebook Apps. I don't have time to follow my own advice so I just do not accept invites to FACEBOOK apps. just don't have the time.

Using FACEBOOK to steal company data

Whatever the mind can conceive and believe, the mind can achieve. Dr. Napoleon Hill

In this digital age, many company employees are online all day long or have ready access to an internet accessible computer. As a result, many computer users, company employees, have become digitally stoned, some have become like addicts, comfortably numb in this digital world.

The bad guy knows this and uses this against his targets. He knows that in a digital world, an employee is more apt to respond to his message and can be mislead if he uses certain techniques.

As an example, researcher Steve Stasiukonis tested actual company networks using a bogus facebook identity. In these tests he would join a company fan page and would begin mining names and email addresses of persons identifying themselves as company employees. He also gathered information from other social networking sites to further enhance his database of email addresses. He then obtained a domain name similar to the one used by the company and made it look like the genuine company website. When he launched his FACEBOOK email spear-phish attack, he obtained a positive response rate between 45 to 50 percent.

In other words nearly half of employees phished responded with the credentials and passwords used on their company network. In the real world, this information could have been used to steal company information, bring the company network down to it's knees or even gain access to bank accounts and fraudulent financing.

You have to ask yourself, COULD THIS HAPPEN TO YOUR COMPANY?

More details can be obtained at this website

Want a scary example of what some of the gathered information can be used for? Check this out - The same information the fraudsters obtained is today being gathered from Social Network Sites like Facebook, Twitter etc....:


Have you taken steps to protect your company?

Internet's Best kept secret: Winpatrol

Develop success from failures. Discouragement and failure are two of the surest stepping stones to success. Dale Carnegie

One of the best kept secrets on the internet is this small Windows security tool. I have been a huge fan of it for many years now.

The tool is extremely small and sits in your system tray, near the clock, watching and reporting when "stuff" happens to your computer.

For example, if your internet home page changes, Scotty the watch dog barks and advises you of the change AND allows you to block the change. Some misbehaving websites and malware will oftentimes do this, an early sign that your computer is under attack or maybe you are not where you should be. Interestingly it also records the date and time when this change has been approved. Useful when it comes time to start pointing fingers at other users of the computer who, perhaps, are not following the rules you have set down.

The tool does so much more. What it is capable of doing depends in part on which version you use: The very capable FREE version or the even more capable PAID version. The paid version can oftentimes be had for under $15 in US funds, a steal of a deal.

Among the shortlist of what it monitors and empowers you to do:

1. It reports on new programs being installed which run automatically with each reboot
2. It allows you to disable un-needed programs that start automatically with each restart
3. It allows you to "delay" a programs autostart so that your PC boots up faster.
4. It allows you to remove malicious internet helpers that do not help at all
5. etc.....

Check out more of it's features in this video.

Go ahead and give Scotty a try. It's free and it's easy.

I'm not the only one who likes this little gem.

Winpatrol has won many awards

Winpatrol has received a lot of Tech Media Coverage:

Why I sometimes pretend to know nothing about computers

“We can't solve problems by using the same kind of thinking we used when we created them.” Albert Einstein

Life isn't all about computers.... and problems. Sometimes it's better to just have a laugh. Thank you Jeremy, Thank you Oatmeal!