Marketing by terror

I’ve mentioned Android webjacking before, but here’s another example. Things like this are not usually “viruses” on your handheld device, but rather malicious code embedded in a legitimate website by unscrupulous advertisers.

screenshot_2017-02-16-11-04-16

 

First, this exploit makes your phone buzz like a hornet that’s just been pinched in a vise, and locks your browser. No going back. Second, vulgar sites? No, actually this popped up when I was trying to leave a comment at retailcomic.com. I trust the site not to hide exploits like this on purpose.

 

screenshot_2017-02-16-11-04-35

The claims on these “warnings,” along with being written in questionable English, are absolute lies: “If the problem can not be resolved immediately , the viruses will spy your phone, and destroy your SIM card, delete all your contacts.”

Now I’m just following the trail to see who’s behind this.

screenshot_2017-02-16-11-04-49

Looks like someone is hawking an app (surprise, surprise):

screenshot_2017-02-16-11-05-09

A comment at the app’s site complained, and the developer responded; notice the salutation “Dear,” usually seen on Nigerian scam emails but certainly a red flag that the app developer is not a native English speaker.

 

Screenshot_2017-02-16-11-05-51.png

Despite the apology and denial of malicious intent, I would be very suspicious of apps that are advertised in this way.

Be careful out there.

The Old Wolf has spoken.

Beware the Zeus virus (No, you’re not infected)

I’ve written about scams that get you to call a phone number and help bad guys access your computer before. Here’s another variety you need to be aware of.

My wife’s computer has had this happen twice in the last few weeks (click the image for a larger view):

zeus-virus-scam

Chrome is locked up – you can’t close the tab, click away, or do anything else except kill the browser in Task Manager. A computerized voice repeatedly intones, “Your computer is infected. Your data is being stolen. Call this number for support…” You can imagine that this would be very frightening to someone who is not computer-savvy, and a lot of people will fall for it.

Just to see how the scam works, I called the number (855-335-8826 – don’t call this number) and got an agent with a foreign accent (sounded Indian or Pakistani to me) asking how he could help. Putting on my “geezer voice,” I told him that my computer was talking to me and telling me that my data was being stolen.

  • Agent: “Have you downloaded anything lately?”
  • Me: “No.”
  • Agent: “I will direct you through a couple of steps so I can access your computer and help you fix this problem. Look at your keyboard in the lower left – do you see the Window key? I want you to press that key, together with the letter ‘r’. [Note: he wants me to run a program.]
  • Agent: “Type the letters ‘hh’, then a space, then the letter ‘t’ in the ‘open’ box. Then press the “OK” button.

hht.jpg

  • Me: “Ok, I did that.” [This is what I get]

page-display

  • Agent: “Do you see the little question mark in the upper left hand corner? I want you to click that and select the option that says “Jump to URL.”

url

  • Agent: “Now type this in the box: ‘www.support.me’

jumptourl

  • Me: “OK, I’ve done that.” [This is what I get]:

support

  • Agent: “I will now give you a 6-digit code to enter into the box. Your number is 925837. Please type that into the box and click ‘Start Download’.”
  • Me: Do you really think I’m going to allow access to my computer by a bunch of scammers? Get a life. *click*

What’s going on here is that if I had entered the number, I would have given complete control of my machine to a random scammer, and from that point he could have

  1. Stolen sensitive data like passwords, contact lists, or financial information.
  2. Infected my computer with malware
  3. Taken control of my machine and woven it into a spamming botnet.
  4. Other things more horrible that I wish to contemplate.

There are websites out there that tell you how to remove the “infection” that causes this popup; most of them exist to shill programs like Zemana, Malwarebytes, and HitMan Pro. Free versions of these are legitimate, but don’t be conned into buying “Pro” versions unless you really need their features. Others may ask you to download their own proprietary removal tool. Be wary of such sites.

The key here is that if you get the “Zeus” malware popup, NEVER CALL THE NUMBER. You’ll just be opening yourself up to fraudsters who want to do very bad things to you and your computer.

Be careful out there.

The Old Wolf has spoken.

Beware of “Pet Care” texts or emails

Scam Alert-stamp

Over at a post about working over a Craigslist scammer, I got a few comments about a particular scammer that’s working the “pet care” angle. I thought I’d respond to his email address and see how it works.

I wrote to jamesbrenard1@gmail.com: “Someone said you were interested in pet care. Where are you located?”

Here how the drone responded:

Hello and how are you doing?

Glad to read from you and since you were refereed by CARE, I feel comfortable discussing this opening as it concerns the comfort of my fur babies who happens to be the only babies i have presently but hoping for that to change soon. My name is James and my wife’s name is Maha, I contacted Care i needed a Caregiver so am trusting their judgement. I am relocating to your neighborhood from Canada. I recently got a contract with a company on a private research job and i’ll be in charge. My wife is 6 months pregnant, she was in a little accident few weeks ago so am a little indisposed and this is going to be a big change in my family so we want everything to move smoothly and stress-free, so i am going to have a limited time for our fur babies and this is where i hope you come in and help.

I need someone to work 4 hours in a day for an 3 days in the week, someone that is mature whether young or old, loves pets, reliable, attentive, honest and punctual. You will be taking care of 2 Dogs, Billy a yr old Australian Terrier and Misty a 4 years old German
Shepard for any three days of your choice excluding Sundays and will have to take them on a walk at least once a week, give them a bath, brush their hair and make them comfortable while we are away. I can handle the feeding but the rest i wont be able to do, so you can work for us as long as you want. I plan on getting 2 fishes on the other hand; one is a Fancy Goldfish, while the other is an Auratus Cichlid, we’ve never had fishes but i wish to have the very best care for them so i’ll need advise on names that you think will befit them. I trust you can do this for us.

Our arrival date will be on the 28th of January and we’ll be having a face to face meet on the 29th the day after our arrival. I will be offering you $415 weekly,and also will be needing your services for 4 hours at any suitable time of yours. Bonus will be paid if there are any overtime, If you believe you are fit for this position in as much you will prove yourself to be a reliable and good person, I will instruct my financial clerk to pay for the first week before our arrival so as to secure your service in advance and to show our commitment on our part. 

My financial clerk will require this information to be able to make out a check to you;

Full Name:
Full address with Apt Number:
City, State and Zip code:
Phone number:

I await to read from you soon.

Warmest regards

Note a couple of things:

  1. This bozo has no idea where I live. Even if legitimate, he or she could be living in Fairbanks, Alaska, and I might be responding from Key West, Florida.
  2. The promise of advance payment. Anyone who “bites” would be sent a check of this nature: Secret Shopper Bogus Check
  3. The next thing that would happen is that the criminal would send too much money and ask the victim to wire a large part of it to someone else via Western Union. Of course, the check is bogus, your money is gone, and you’re on the hook to the bank for the full amount – including possibly facing criminal charges of your own for negotiating false documents. That doesn’t happen often, but some banks and police departments are anal-retentive enough that it has happened, and will probably happen more often in the future.

I sent the drone a fake name but a real address… and never heard back. I wrote back once saying “Hey, what happened? You were going to send me a check to get Pet Care started. Did you change your mind,? Should I still be looking?” but never had a response. Either he somehow twigged that he was being played for a fool, or simply had moved on to a new victim.

At any rate, watch out for this individual and any others using the same ploy.

Be careful out there.

The Old Wolf has spoken.

Business Loan Scam

I apologize to my readers if this blog sounds like a broken record at times, but the dangers from scammers and fraudsters is real – and the more information available, the more likely that someone doing a web search will come across it and save their money or their information.

2015-08-31-1441027541-9677105-021913_robocalls_600.jpg

I’ve talked often about robocalls; here’s a good article from Consumer Affairs.

“[Scammers] have raked in millions of dollars with schemes like the business loan pitch. The recorded greeting says something like “congratulations, your business has been approved for a $250,000 loan.” If you stay on the phone long enough to talk to a live person, that person will try to get information from you that can be used to steal your identity.”

Got one of these just now. I pressed “1” to find out how the scam worked, and got someone who was virtually incomprehensible; he sounded like a Dane with his mouth full of Knödel.¹ His first question, in rapid-fire Mongolian, was “What is the annual revenue of your company?” When I asked him who was offering me this loan, he hung up.

Be careful out there. If it’s a robocall, it’s almost certainly a scam.


¹ A Dane sounds like a Norwegian with his mouth full of Knödel (which is a very heavy, thick dumpling). So this gives you an idea of what I was hearing.

Now it’s the “EU Business Register.”

 

To: redacted
From: EU Business Register <register@eubusinessreg.com>

Subject: Business Register 2016/2017

 Dear Madam/Sir,

In order to have your company inserted in the EU Business Register for 2016/2017, please print, complete and submit the attached form (PDF file) to the following address:

EU BUSINESS REGISTER
P.O. BOX 34
3700 AA ZEIST
THE NETHERLANDS

Fax: +31 205 248 107

You can also scan the completed form and attach it in a reply to this email.

Updating is free of charge.

The scam continues, which I referred to here and here. Making another quick reference to it for additional exposure in case people are searching the web to see if this outfit is legitimate.

It is not. It is a total scam.

Very little has changed. Their spam emails, blasted all over the world, always say “updating is free of charge.” But the small print, ah, the small print:

THE SIGNING OF THIS DOCUMENT REPRESENTS THE ACCEPTANCE OF THE FOLLOWING CONDITIONS AND THE CONDITIONS STATED IN “THE TERMS AND CONDITIONS FOR INSERTION” ON THE WEB PAGE: WWW.EUBUSINESSREGISTER.EU. THE SIGNING IS LEGALLY BINDING AND GIVES YOU THE RIGHT OF AN INSERTION IN THE ONLINE DATABASE OF THE EU BUSINESS REGISTER, WHICH CAN BE ACCESSED VIA THE INTERNET, ALL IN ACCORDANCE WITH THE CONTRACT CONDITIONS STATED ON “THE TERMS AND CONDITIONS FOR INSERTION” ON WEB PAGE: WWW.EUBUSINESSREGISTER.EU.THE VALIDATION TIME OF THE CONTRACT IS THREE YEARS AND STARTS ON THE EIGHTH DAY AFTER SIGNING THE CONTRACT. THE INSERTION IS GRANTED AFTER SIGNING AND RECEIVING THIS DOCUMENT BY THE SERVICE PROVIDER I HEREBY ORDER A SUBSCRIPTION WITH THE SERVICE PROVIDER EU BUSINESS SERVICES LTD. “EU BUSINESS REGISTER”. I WILL HAVE AN INSERTION INTO ITS DATABASE FOR THREE YEARS. THE PRICE PER YEAR IS EURO 995. THE SUBSCRIPTION WILL BE AUTOMATICALLY EXTENDED EVERY YEAR FOR ANOTHER YEAR, UNLESS SPECIFIC WRITTEN NOTICE IS RECEIVED BY THE SERVICE PROVIDER OR THE SUBSCRIBER TWO MONTHS BEFORE THE EXPIRATION OF THE SUBSCRIPTION. YOUR DATA WILL BE RECORDED. THE PLACE OF JURISDICTION IN ANY DISPUTE ARISING IS THE SERVICE PROVIDER’S ADDRESS. THE AGREEMENT BETWEEN THE SERVICE PROVIDER, EU BUSINESS SERVICES LTD AND THE SUBSCRIBER IS GOVERNED BY THE CONDITIONS STATED IN “THE TERMS AND CONDITIONS FOR INSERTION” ON THE WEB PAGE: WWW.EUBUSINESSREGISTER.EU

So if you enter your data and send it in for what you think is a “free listing,” you’re agreeing (at least on paper) to shell out €2985 for a three-year listing, and agreeing to be billed every year forever unless you cancel in writing.

Fear not. If you get stung, just write and tell them that you’re not paying. Quoted from my previous post:

If you happen to fall for this, these things will happen:

  1. The company will ignore any attempts to contact them
  2. If you simply refuse to pay, you will begin to get aggressive and threatening communications from a “global debt collection company,” Waldberg & Hirsch. That firm does not exist – it’s just the same drones trying to frighten you into paying. They will demand payment in full for the agreed-to three years, but will settle for one year’s payment if you’re foolish enough to send it.

The solution:

  1. Just ignore them. They can’t sue you, because they are running a scam, they know it, and they don’t want to attract legal attention to themselves. Never pay these gong-farmers a cent; ultimately they’ll go away.

Again, why the Dutch authorities have not managed or taken the trouble to shut this scummy operation down is incomprehensible.

Be careful out there.

The Old Wolf has spoken.

Selling Snake Oil with Name-Dropping.

I don’t like scammers. I don’t like woo-peddlers. I don’t like people who take advantage of the gullible and/or the vulnerable to make money at any cost. I’ve written numerous times about snake-oil sales, and even got a cease-and-desist letter from some law firm because the manufacturer didn’t like being called a scumball.

But they’re still at it.

Back in 2015, Forbes wrote a legitimate article about “How Fake News Articles And Lies About Billionaires Were Used To Market An Iffy Dietary Supplement.” Forbes complained and followed up, and the spurious website vanished, the cockroaches scurrying back into the darkness that spawned them.

For what it’s worth, the crooks didn’t focus on Forbes, they also used CNN and probably many others to hawk their garbage.

The thing about cockroaches, however, is that they keep coming back; if anyone survives a nuclear winter, it will be these creatures. There’s enough money to be made selling worthless nostrums that the scammers can easily afford to reformulate and resurface. and the immense potential for fraud inherent in affiliate marketing (which I elaborated on here) means that this plague will be a difficult one to eradicate.

I keep getting popup tabs when I visit Newser.com, and this is a recent one:

hawking

The name of the junk product has changed – instead of BrainStorm Elite it’s now IQ+, and the source of the farticle (fake article, or advertorial) is http://www.healthreportz.com/, a website that has nothing to do with Forbes.

It goes without saying that the product is worthless, Hawking has nothing to do with this junk, and the interview with Anderson Cooper is being spun to appear as if it’s endorsing this particular product – which it’s not.

The IQ+ website looks really slick, includes the standard Quack Miranda¹, and after you give them your information and click the big red “Rush My Order!” button, you are taken to the confirmation page where you provide your all-important credit card information. That page also includes this text:

rush

That’s exactly how it looks, and is so easy to miss that most people won’t read it, which is what the bottom-feeders are hoping for. If you do click the Terms and Conditions, you find the industry-standard “gotcha” clause:

In-Trial Offer: A trial offer provides the customer an opportunity to try our product free of charge for 14 days from date of order, paying only shipping and handling fees of $4.98(USD). At the conclusion of the trial period, you will be billed the full purchase price of $89.97(USD) and enrolled in the monthly replenishment program.

So that special price of $4.98 is really $94.95, and you will be billed $89.97 every 30 days because you signed up (without reading the details) for their convenient auto-ship program. You can make a Wreave bet² on the fact that getting a refund for unexpected charges to your credit card will be harder than pulling hen’s teeth – their agents will be trained to make it nearly impossible to get your money back without the threat of legal action.  This is how the kiz-eaters make their money, and frankly, Scarlet, it stinks.

I notified Forbes of the most recent iteration of this scam, and hopefully they’ll look into it. As mentioned before, there’s so much money to be made with scams of this nature that they’ll be back . I have no illusions that my little essays will do anything to stem the tide, but if even one person reads them and saves their money, it will have been worth it.

The Old Wolf has spoken.


Notes:

¹ The “Quack Miranda” warning is required by the FDA on all nutritional supplements, some of which have proven value. The appearance of the standard wording does not mean a product is worthless, but a huge percentage of the garbage sold by nutritional companies have dubious value and all must carry the disclaimer.

² The Wreaves are a part of Frank Herbert’s ConSentiency universe. Their strict code of honor prevents them from gambling, hence a “Wreave bet” is a sure thing.

An old scam, resurrected

I previously posted about the most deceptive ad I had ever encountered in an article entitled “Selling It.”

Hall of Shame Advertisement

Take away all the mummery, and the thrust of the ad was, “throw away your old rabbit ears and buy our pretty rabbit ears.”

When it comes to separating suckers from their money, old ideas die hard. I mean, why throw away such a good concept if it works, right?

Saw this in WalMart just the other day:

20160914_161116

20160914_161101

Other than the fact that the old one was analog and this one is digital, it’s the same marketing pitch, with the same marketing weasel words. But the summum bonum of the product? “Works just like your old antenna, ONLY NOW with a sleek design.”

Well, that’s certainly sufficient incentive to throw away my old digital antenna and buy this one. Except for the fact that I haven’t watched broadcast TV for over 20 years, but that’s another story.

Save your money and don’t buy camel ejecta like this.

The Old Wolf has spoken.