Alleged “Likejackers” agree to root out Facebook spam

Adscend Media LLC also pays $100,000 in attorneys’ fees to state

SEATTLE – The owners of a California-based online marketing company have agreed to stop spamming Facebook users. The details were revealed today in a settlement – a consent decree – between Adscend Media LLC and the Washington State Attorney General’s Office.

“Today’s settlement puts a stop to Adscend’s ‘likejacking’ and other misleading tactics that led Facebook users to fork over personal information or buy subscription services from sites that appeared to be recommended by friends,” said Washington State Attorney General Rob McKenna.

In January, McKenna’s office and Facebook sued Jeremy Bash and Fehzan Ali, the owners of Adscend Media LLC for initiating posts to Facebook pages that appeared to offer visitors an opportunity to view scandalous or provocative content. However, before being able to view the content, a series of required steps lured Facebook users into eventually visiting commercial websites. Other tactics included “likejacking,” in which Facebook users were tricked into clicking the “like” button, inadvertently spreading the sales pitches to friends.

Adscend, hired to promote products, in turn does business with “affiliates” who create attention-getting marketing messages. Too often, according to the Attorney General’s Office, those messages amounted to social media spam.

http://www.atg.wa.gov/pressrelease.aspx?&id=29716

http://nakedsecurity.sophos.com/2012/05/08/facebook-clickjacking/

Certifiedbug.com

Washington state AG and Facebook target social media spammers

Sophos

A popular Firefox add-on appears to have started leaking private information about every website that users visit to a third-party server, including sensitive data which could identify individuals or reduce their security.

Naked Security reader Rob Sanders alerted us to the activities of the recently updated ShowIP add-on for the Firefox browser.

Currently over 170,000 people are said to be using ShowIP.

What the add-on’s description doesn’t say is that since version 1.3 (released on April 19th 2012) it has also sent – unencrypted – the full URL of sites visited using HTTPS, and sites viewed in Private Browsing mode, to a site called ip2info.org.

The user never realises that the data has been shared with a third-party, unless they use special tools to monitor what data is being sent from their computer.

http://nakedsecurity.sophos.com/2012/05/01/privacy-concern-showip-firefox-add-on/

Certifiedbug.com

Firefox ShowIP add-on privacy concerns

Graham Cluley
Sophos

“The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.”
http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-horse-discovered/

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

Certifiedbug.com

Sabpab Mac OS X backdoor Trojan

Apple

8 views…

http://support.apple.com/kb/HT5244

Forbes
4/06/2012

For anyone who doubted that Apple’s long grace period with cybercriminals is over, doubt no more: On Friday, researchers at Russian antivirus firm Kaspersky confirmed findings from another security firm earlier this week that more than 600,000 computers running Mac’s OSX are infected with the Flashback botnet, and half of those machines are in the United States.

http://www.forbes.com/sites/andygreenberg/2012/04/06/researchers-confirm-flashback-trojan-infects-600000-macs-being-used-for-clickfraud/

Krebs On Security

The current custodian of Java – Oracle Corp. – first issued an update to plug this flaw and others back on Feb. 17. I suppose Apple’s performance on this front has improved, but its lackadaisical (and often plain puzzling) response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware attacks.

http://krebsonsecurity.com/2012/04/urgent-fix-for-zero-day-mac-java-flaw/

Forbes
4/09/2012
http://www.forbes.com/sites/andygreenberg/2012/04/09/apple-snubs-firm-who-discovered-mac-botnet-tries-to-cut-off-its-server-monitoring-infections/

Kaspersky Lab

“The three month delay in sending a security update was a bad decision on Apple’s part,” said Kaspersky Lab’s Chief Security Expert, Alexander Gostev. “There are a few reasons for this. First, Apple doesn’t allow Oracle to patch Java for Mac. They do it themselves, usually several months later. This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough. Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time! The problem is exacerbated because – up to now – Apple has enjoyed a mythical reputation for being ‘malware free’. Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.”

http://www.kaspersky.com/about/news/virus?time=1333224000

Certifiedbug.com

Researchers Estimate 600,000 Macs infected by Flashback Trojan

Krebs on Security

VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.

http://krebsonsecurity.com/2012/03/mastercard-visa-warn-of-processor-breach/

Certifiedbug.com

MasterCard and VISA Warn of Processor Breach

Microsoft Safety & Security Center
Computer Security, Digital Privacy, and Online Safety

Avoid tech support phone scams

Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

Telephone tech support scams: What you need to know

Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.

Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.

Do not trust unsolicited calls. Do not provide any personal information.

Will Microsoft ever call me?

There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.

http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

Certifiedbug.com

Tech support phone scams

comantra.wordpress.com

In a recent interview with the Cyber Law department, Comantra officials carried out a quick recovery channel strategy in how effectively Comantra scams can be delimited. Microsoft in the meantime has agreed to provide advanced far end support to its trusted partner by offering quality benchmarks to Comantra based online computer tech support. Comantra as we all know has been a leading player in deployment of online technical support to a competitive global client base. This has faced a serious jolt in reputation management wherein future service disruption can be a major issue. Comantra scams, as is being cited by major news media worldwide has once again brought in the widespread notion of how effective online computer tech support is in view of fraudulent channels of web technology.

http://comantra.wordpress.com/2012/03/09/how-comantra-fights-brand-recognition-affected-by-scams/

September 2011: Microsoft removes Gold Partner Comantra

Certifiedbug.com

Technical Support

KrebsOnSecurity
Aghast at Avast’s iYogi Support

The makers of Avast antivirus software are warning users about a new scam involving phone calls from people posing as customer service reps for the company and requesting remote access to user systems. Avast is still investigating the incidents, but a number of users are reporting that the incidents followed experiences with iYogi, the company in India that is handling Avast’s customer support.

A follow-up investigation by KrebsOnSecurity indicates that Avast (among other security companies) is outsourcing its customer support to a third-party firm that appears engineered to do little else but sell expensive and unnecessary support contracts.

Complete article: http://krebsonsecurity.com/2012/03/aghast-at-avasts-iyogi-support/

Avast! Blog
iYogi support service removed
https://blog.avast.com/2012/03/15/iyogi-support-service-removed/

We had initial reports of this behavior a few weeks ago and met with iYogi’s senior executives to ensure the behavior was being corrected. Thus, we were shocked to find out about Mr. Krebs’ experience. As a consequence, we have removed the iYogi support service from our website and shortly it will be removed from our products. We believe that this type of service, when performed in a correct manner, provides immense value to users. As such, over the next weeks, we will work with iYogi to determine whether the service can be re-launched.

Re-launched?

ESET Threat Blog
Fake Support, And Now Fake Product Support

I first became aware of the plague of Indian companies operating PC and anti-virus support scams because one of our competitors advised me that one of them was apparently carrying out unethical marketing on ESET’s behalf. (They weren’t, of course, anything to do with ESET: see this blog series and this paper.)

I recently learned from my colleagues at ESET UK that cold-callers from Mumbai have developed a new twist on this cold-calling scam, calling people in the UK and apparently claiming to offer paid support in response to problems that don’t exist,

Complete article: http://blog.eset.com/2012/03/15/fake-support-and-now-fake-product-support

Of interest
Microsoft MVP Troy Hunt’s Blog:
Anatomy of a virus call centre scam
Scamming the scammers – catching the virus call centre scammers red-handed

http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

Certifiedbug.com

Fake Product Support

Malicious spam continuing to do the rounds from a random name @ the same domain as your own. Delete without opening any attachments or links.

Certifiedbug.com

“I was at a party yesterday” spam

February 23rd, 2012
We Can’t Wait: Obama Administration Unveils Blueprint for a “Privacy Bill of Rights” to Protect Consumers Online

Internet Advertising Networks Announces Commitment to “Do-Not-Track” Technology to Allow Consumers to Control Online Tracking

WASHINGTON, DC – The Obama Administration today unveiled a “Consumer Privacy Bill of Rights” as part of a comprehensive blueprint to improve consumers’ privacy protections and ensure that the Internet remains an engine for innovation and economic growth. The blueprint will guide efforts to give users more control over how their personal information is used on the Internet and to help businesses maintain consumer trust and grow in the rapidly changing digital environment. At the request of the White House, the Commerce Department will begin convening companies, privacy advocates and other stakeholders to develop and implement enforceable privacy policies based on the Consumer Privacy Bill of Rights.

http://www.whitehouse.gov/the-press-office/2012/02/23/we-can-t-wait-obama-administration-unveils-blueprint-privacy-bill-rights

Alex Fowler, Technology and Privacy Officer for the Mozilla Foundation.
http://firstpersoncookie.wordpress.com/2011/01/23/more-choice-and-control-over-online-tracking/

Certifiedbug.com

Consumer Privacy Bill with Do Not Track