Wednesday, May 30, 2012

FBI: Citadel Malware Delivers Reveton Ransomware in Attempts to Extort Money

Note: The content of this blog is from an FBI alert.

05/30/12—The IC3 has been made aware of a new Citadel malware platform used to deliver ransomware, named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content.

To unlock the computer, the user is instructed to pay a $100 fine to the U.S. Department of Justice using prepaid money card services. The geographic location of the user’s IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.

This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud. If you have received this or something similar, do not follow payment instructions.

It is suggested that you:

■Contact your banking institutions.

■File a complaint at http://www.ic3.gov/.

Thursday, May 24, 2012

Scammers Fake Facebook Account Cancellation Notices:

Facebook users, watch out. A clever scam in the form of a fake account cancellation email is making the rounds, and it's easy to get fooled. Don't let the threat of losing your account trick you into installing malware on your computer.

How the Scam Works:
The scam starts with a suspicious email informing Facebook users that they have a received an "account cancellation request," reports computer security blog Naked Security. Recipients are urged to follow a link to cancel the request.
Here's the clever part. The link appears to be official because it goes to a facebook.com address. Really, it links to a third-party application just running on the Facebook platform.
If you do click on the link, a message asks you to allow an unknown application to run on your computer. Click the "run" button, and you will see a message telling you to download the new version of Adobe Flash. The file that downloads is not the latest version of Flash, but code allowing hackers to spy on your activities and take control of your computer.

For More Information
For more information and screen shots of the scam, see Naked Security's original article.
To receive alerts like these sent straight to your inbox, sign up for BBB Scam Alerts here.

Thursday, May 3, 2012

Tips for Destroying Paper Records Yourself

  • Shred all sensitive paper documents. Never just deposit them in the trash or dumpsterIdeally, use a shredder that cross-cuts, confetti-cuts, or particle-cuts.
  • For extremely sensitive information use a "disintegrator," "granulator," "hammermill" or "grinder." These devices tear paper at random, or tear paper into extremely small pieces.
  • Go to free shredding events sponsored by the Better Business Bureau. For locations and dates visit www.chicagoshreds.com

Share it