We're seeing a LOT of phishing emails pretending to be from Dropbox.
The general rule is this: The email heading begins: "(name) sent you an invitation"
The body of the email contains a link (to sign up to Dropbox, but as you would (hopefully) guess, it's a bogus link.
Please be aware.
Please do NOT click on links in emails.
Be safe......
Here's a new one on us. An email pretending to be from Discover.com
Nicely, (or stupidly) they've included a real link to Discover, if you were lucky enough to click that, but every other link re-directs you to a bogus website.
You can see from the tooltip below.
NEVER click links in emails especially from banking and financial institutions.
Be aware....
There are a ton of bogus emails doing the rounds right now designed to appear to come from Santander.
Do not click any links within these emails.
Here are 2 examples:
Here's another example of a phishing scam received via email.
First and foremost, the biggest clue is the 'Dear Valued Customer' bit.
The next clue, as is the case on almost all of these scams is the mass cc mailing list in the clear.
Finally, the give-away tooltip of the real URL. It looks ok at first glance, but notice the 139689.net bit at the end. That's the actual domain (which is clearly not A&L). Anything before that, i.e the A&L bit with dot whatever can be made up by anybody. It's the ending domain in the URL that is the actual domain it points to.
Hopefully this all helps to keep you alert and easily spot the scams.
There has been a lot of activity involving a Facebook hack whereby a user posts a link to a video.
The post looks like this:
"(Persons name) this is the hottest video ever! :P :P :P "
If the user clicks the link, it opens a video which will install a player in Windows and send out the same message to all your friends.
To remove it, change your Facebook password, and delete the app by going to go to Account > Application Settings and delete the HD Video Player. Also delete all the posts it made so that others don't click on it.
It seems as though this may be a vulnerability in the Facebook mobile app, which might allow a malicious interception of data.
If you click the link, you will be asked to download the “FLVDirect.exe“ file. If you do, your computer will become infected and post the message to your Facebook page.
We would also recommend that you download and install Microsoft's Windows Security Essentials, and run a scan.
As ever, we remind you to never click on links that people send in emails or post on social networking websites, especially if the language used doesn't fit the profile of the user that allegedly posted it.
Here's a great post over at the Malware Diaries about a recent phishing attempt involving an email reporting that you are due a tax refund:
Whole Foods Market the American grocers is trying to clamp down on a series of Facebook-based scams that entice users with a purported $500 gift card.
The scam has been spreading virally through Facebook via "fan pages" with names like "Whole Foods Market Free $500 Gift Card Limited - first 12,000 fans only" and "Whole Foods FREE $500 Gift Card! Only Available for 36 hours!" The fan page asks Facebook users to add it as a fan, thus pushing awareness of the page through those users' Facebook networks, and then asks them to fill out a credit assessment and other forms that request personal information. The scam then uses a form of malware to crash users' computers and the information they have entered is left vulnerable.
The scams first emerged on Thursday, Whole Foods spokeswoman Libba Letton said, and though they have been working with Facebook to pull them down, new scams "keep popping up" as they're removed. "Throughout yesterday and this morning, we've been alerting them each time we see new ones, and we take them down," Letton told CNET. She said that if Whole Foods runs contests and gift card giveaways, they will only be orchestrated from the company's own Web site.
Whole Foods has also been using its Twitter account to reply to people who have tweeted about the scam or expressed concerns with it, providing answers like, "It's a scam, unaffiliated and unauthorized by us! Please help us report these pages so Facebook can shut them down." A warning announcement on its Facebook fan page is planned as well.
It's not yet clear who is operating the scams or whether any user information has been compromised.
"Groups and pages that attempt to trick people into taking a certain action or spamming their friends with invites violate our policies, and we have a large team of professional investigators who quickly remove these when we detect them or they're reported to us by our users," a Facebook representative told CNET. "We're working on ways to automate the flagging of these scam groups and pages so we can take action on them even more quickly."
The company recommends that users follow the Facebook Security fan page and report suspected scams when they see them.
(from CNET)
