Grab and Keel

Last year around this time I was sending out a post on holiday email viruses. While I haven’t seen any outstanding holiday items yet, I did have one possible scam in relation to a just completed online bank transaction. Their email displayed the bank’s logo and looked pretty official. However, it suggested I sign back on to the bank website from the email, and some words were misspelled. I forwarded it to the bank’s abuse email site.

I don’t know about PC’s since I work off a Mac, but when I receive an email, my app has a drag down on the toolbar that says “Source”.  It shows you some of the code, addresses and delivery route that got the subject email to your box. Often the addresses are obviously hooey. For example, something like Earthlink.com, instead of Earthlink.net, or some weird or personal name that doesn’t make any sense. In my above noted case, the source code might have been obvious to an expert, but it wasn’t to me.  However, I think you have to vigilant. If any one thing about an email seems fishy, don’t respond to it.

In any event, I swam over to look at the FBI’s website, to see what they were up to. It looks like a bit. They have 12 notices for this year. It turns out their most recent notice dated 11/3/09 might actually relate to mine above.

The FBI, in it’s efforts to be precise, has utilized some umbrella titles on their notices that make it difficult for us average non-bureaucrats to immediately understand what the heck they are talking about. However, I encourage you to read the text of the bulletins to see if one relates to you. Their link is HERE.

Dark Reading, an Internet Publication put out by InformationWeek. Has a nice article entitled: “ISPs: Email Abuse Down But Not Out”. I don’t know if you will be able to read the link without completing a free registration first. However, if you like computerese they always have interesting things to say. It appears the US might actually be a leader in this category for spam reduction. Also, approximately 90% of email is still spam, which in fighting, is creating a large resource drain for ISP providers.

Then there is Grumblar, a malware botnet that has been around for a while, crashing websites with complex file architecture like WORDPRESS!?!. NetWorkWorld reports: Botnet authors crash WordPress sites with buggy code. Other sites that use complex PHP are also affected.

The vermin who produced Grumblar, in their effort to improve it, goofed up. Even though the older version is still around, the newer one produces a fatal error message on your website, showing you’ve been compromised. If you think you are in that fix, and you are a computer doofus like me, contact WordPress or whomever your Webmaster is, on what to do. If you know a little more, you might try following one of the links in the NetWorkWorld article above.

Last, but not least, if you are shipping via UPS, here is their link entitled: Protect Yourself Against Fraud. Their page links show examples of email and website fraud, in .pdf form.