Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

vanity- Heads up interesting spearfishing scam(computer security)
happened to me | 10/24/2013 | self

Posted on 10/24/2013 8:22:36 PM PDT by waynesa98

So I get a private call, dead air for a few seconds, then the phone rings back to the caller. Indian accented man answers claiming my computer is infected with a virus, no company name nothing. So I ask which computer. a few meaningless back and forth. Ask me to google teamviewer.com, instead of just going to teamviewer.com. wanted access to my system, wouldn't tell me the virus. did an off line scan anyway. So note to selfs, do not let anyone your not 100% sure is legit connect to your system with teamviewer


TOPICS: Computers/Internet
KEYWORDS: computers; security; virus
Navigation: use the links below to view more comments.
first 1-2021-38 next last

1 posted on 10/24/2013 8:22:36 PM PDT by waynesa98
[ Post Reply | Private Reply | View Replies]

To: waynesa98

Did he identify himself as “Peggy”?


2 posted on 10/24/2013 8:24:03 PM PDT by kaehurowing
[ Post Reply | Private Reply | To 1 | View Replies]

To: waynesa98

Hey, is your refrigerator running?


3 posted on 10/24/2013 8:24:27 PM PDT by Paladin2
[ Post Reply | Private Reply | To 1 | View Replies]

To: waynesa98

Not sure I would admit this publicly.-)


4 posted on 10/24/2013 8:26:10 PM PDT by Mr_Peter (Proud to be a Republican in Hingham Massachusetts)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Paladin2

Do you have Al Gore in can?


5 posted on 10/24/2013 8:26:19 PM PDT by Jack Hydrazine (IÂ’m not a Republican, I'm a Conservative! Pubbies haven't been conservative since before T.R.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: waynesa98

We had this a few months ago. They said they were from Microsoft and that my computer had a virus. He wanted me to give him remote access to fix the problem - I told him I won’t give my mother remote access and that he could copulate in another place - if you get my meaning.

Mel


6 posted on 10/24/2013 8:27:05 PM PDT by melsec (Once a Jolly Swagman camped by a Billabong.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Jack Hydrazine
I keep AlGore IN the can.

Piss be upon him (and AlGorezira).

7 posted on 10/24/2013 8:28:46 PM PDT by Paladin2
[ Post Reply | Private Reply | To 5 | View Replies]

To: waynesa98

Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.

Spear phishing
Phishing attempts directed at specific individuals or companies have been termed spearphishing.[35] Attackers may gather personal information about their target to increase their probability of success.

Clone phishing
A type of phishing attack whereby a legitimate, and previously delivered, email containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned email. The attachment or Link within the email is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender. It may claim to be a resend of the original or an updated version to the original.

This technique could be used to pivot (indirectly) from a previously infected machine and gain a foothold on another machine, by exploiting the social trust associated with the inferred connection due to both parties receiving the original email.

Whaling
Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.
(I thought whaling was when you go to the bar...)
http://en.wikipedia.org/wiki/Phishing

What is spear phishing?

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by “random hackers” but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information.

As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient’s own company and generally someone in a position of authority.

Visiting West Point teacher and National Security Agency expert Aaron Ferguson calls it the “colonel effect.” To illustrate his point, Ferguson sent out a message to 500 cadets asking them to click a link to verify grades. Ferguson’s message appeared to come from a Colonel Robert Melville of West Point. Over 80% of recipients clicked the link in the message. In response, they received a notification that they’d been duped and warning that their behavior could have resulted in downloads of spyware, Trojan horse s and/or other malware.

Most people have learned to be suspicious of unexpected requests for confidential information and will not divulge personal data in response to e-mail messages or click on links in messages unless they are positive about the source. The success of spear phishing depends upon three things: The apparent source must appear to be a known and trusted individual, there is information within the message that supports its validity, and the request the individual makes seems to have a logical basis.

Here’s one version of a spear phishing attack: The perpetrator finds a web page for their target organization that supplies contact information for the company. Using available details to make the message seem authentic, the perpetrator drafts an e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator. The email asks the employee to log into a bogus page that requests the employee’s user name and password or click on a link that will download spyware or other malicious programming. If a single employee falls for the spear phisher’s ploy, the attacker can masquerade as that individual and use social engineering techniques to gain further access to sensitive data.
http://searchsecurity.techtarget.com/definition/spear-phishing


8 posted on 10/24/2013 8:34:34 PM PDT by Jack Hydrazine (IÂ’m not a Republican, I'm a Conservative! Pubbies haven't been conservative since before T.R.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Paladin2

ROFLMAOLOLOLOLOLOLOLOL!!!!


9 posted on 10/24/2013 8:35:54 PM PDT by Jack Hydrazine (IÂ’m not a Republican, I'm a Conservative! Pubbies haven't been conservative since before T.R.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: waynesa98
We get these calls occasionally. I always tell them that we don't have a computer.

"You don't even have a laptop?" Stifling my laughter, "What is that?"

10 posted on 10/24/2013 8:37:44 PM PDT by NautiNurse (Obama sends U.S. Marines to pick up his dog & basketballs. Benghazi? Nope.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mr_Peter

why I told him to piss off and die. I kept him on the phone to see what the scam was. Had not heard of it before.


11 posted on 10/24/2013 8:39:33 PM PDT by waynesa98
[ Post Reply | Private Reply | To 4 | View Replies]

To: NautiNurse

Tell them your abacus seems to be working fine, but you can meet them at the local NSA office if they have any questions.


12 posted on 10/24/2013 8:40:08 PM PDT by Paladin2
[ Post Reply | Private Reply | To 10 | View Replies]

To: NautiNurse
"You don't even have a laptop?"

Well, yeah, but only if I have an extra $20 when I'm at the strip club.

13 posted on 10/24/2013 8:41:00 PM PDT by fieldmarshaldj (Resist We Much)
[ Post Reply | Private Reply | To 10 | View Replies]

To: NautiNurse

LOL

I have a buddy that acts dumb and tells them he can’t read.


14 posted on 10/24/2013 8:41:14 PM PDT by laplata (Liberals don't get it .... their minds are diseased.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: waynesa98

see this teamviewer thing popping up on the computer at work the same one the IT kid uses to fix the network and ima wondering why bitorrent is there too


15 posted on 10/24/2013 8:41:59 PM PDT by bigheadfred
[ Post Reply | Private Reply | To 1 | View Replies]

To: NautiNurse

LOL! What a nice reply! :-) Maybe they’ll ask about your Smart Phone, next time. (Here’s hoping they don’t read this sites and start getting ideas...)

I too received a similar call and asked which computer was infected and was told “All of them!”

That sounded odd after a couple of other questions, so I asked them, even my Microsoft Windows ‘95 computer?

“Yes!”, was the emphatic and confident reply.

Well, I don’t have a Windows ‘95 computer any more; I’d upgraded it to Windows ‘98.

I realized then it was time to hang up.


16 posted on 10/24/2013 8:44:50 PM PDT by mbj
[ Post Reply | Private Reply | To 10 | View Replies]

To: waynesa98

You could have chose a couple of other paths.

One would be to say that you don’t own a computer. Then ask how it was possible that this problem existed.

Or...

You could say, “I’m typed in the website address but my computer won’t connect for some reason. Maybe you guys have a virus!”


17 posted on 10/24/2013 8:45:42 PM PDT by Jack Hydrazine (IÂ’m not a Republican, I'm a Conservative! Pubbies haven't been conservative since before T.R.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: waynesa98

Time for LightBeam technology!

Mozilla’s Lightbeam tool will expose who is looking over your shoulder on the web
http://www.independent.co.uk/life-style/gadgets-and-tech/news/mozillas-lightbeam-tool-will-expose-who-is-looking-over-your-shoulder-on-the-web-8902269.html


18 posted on 10/24/2013 8:47:28 PM PDT by Jack Hydrazine (IÂ’m not a Republican, I'm a Conservative! Pubbies haven't been conservative since before T.R.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bigheadfred

teamviewer is a legit way to let a TRUSTED friend, geek try to fix your computer. Its basically built into Win 7 and 8.(same service different name) Bitorrent is a program that lets a crowed of people share files(legit and not legit) The issue is a non trusted helper planting malware on your system. both bitorrent, teamviewer, and other sharing systems can be vulnerabilities.


19 posted on 10/24/2013 8:51:08 PM PDT by waynesa98
[ Post Reply | Private Reply | To 15 | View Replies]

To: mbj

I’m still on Wang.


20 posted on 10/24/2013 8:54:17 PM PDT by kaehurowing
[ Post Reply | Private Reply | To 16 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-38 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson