Warning- Twitter Direct Message Phishing Attack Spreading

Posted on February 20, 2010 by The Uber Geek

Hey guys and gals, Just wanted to make you aware of a new phishing attack affecting Twitter. If you recieve a Direct Message reading “lol, is this you”, and linking to a site called bzpharma, DO NOT CLICK ON THE LINK. People who do, and enter their details into the fake twitter page will let a spammer hijack your account. The Hijacker will then use the same message to Direct Message the same thing to all your friends. Now, just to be clear, if you’re receiving these messages your account is not compromised. However, if you find you’re sending them, make sure to change your Twitter password as soon as humanly possible.

Wikipedia defines Phishing as

the criminally fraudulent process of attempting to acquire sensitive information such as usernames,passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,^[1] and it often directs users to enter details at a fake website whose look and feelare almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users,^[2] and exploits the poor usability of current web security technologies.^[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

-Zach Morton “The Uber Geek”

Twitter Phishing Attack Spreading via Direct Message (mashable.com)
Twitter Warns of New Phishing Scam (pindebit.blogspot.com)
New Twitter worm (robbiz1978.blogspot.com)
Twitter Spam: Phishing Scam Steals Twitter Passwords (huffingtonpost.com)
The Phishing Flow Chart (ghacks.net)
Twitter and Facebook Scams (robbiz1978.blogspot.com)
New Twitter Phishing Scam Targets Users Through DMs (readwriteweb.com)
Public Awareness: Safeguard your self from Phishing mails (shoutmeloud.com)
Social Media Etiquette: 6 Important Lessons Learned from One Japanese Company’s Major Twitter Mistake (windmillnetworking.com)
Twitter asks for password resets (geardiary.com)
Twitter and Facebook Scams (ecombizcenter.blogspot.com)
I Pissed Off A PR Spammer Today (techcrunch.com)
Phishing attacks on Twitter? (slyvisions.com)

The Uber Geek’s Guide to keeping your World of Warcraft Account Secure

Posted on January 28, 2010 by The Uber Geek

World of Warcraft is definitely my favorite game. The graphics are beautiful, the game is fun as hell and there always seems to be something fun going on. I have been playing for about 4 years now (Human Mage, Jezuz, on Ravencrest used to be on llane). In my time on WoW, I have seen several people get their accounts hacked, and nothing ruins the fun more than that. So I thought I would give you The Uber Geek’s guide to keeping your WoW Account secure.

1. Change your password often. This isn’t just for World of Warcraft, but all your accounts online. Especially your bank account passwords. You should try to change your password monthly if you can, And when changing passwords use combinations of words and alphanumeric characters.

2. Use a different email address. You should try and not use the same email address you post on your blog, facebook, myspace and other sites people see, as this makes you more prone to security breach.

3. Buy a Blizzard authenticator. Blizzard sells a tiny keyfob that you link to your account, every time you logon you press a button. The authenticator then gives you a series of numbers that work as your password. Unfortunatley, without your authenticator you will not be able to log in, but at least you know your safe. They cost around $6, but if you have an Iphone you can download one for free (no droid app yet, WTF?!?).

4. Never give your password to ANYONE. I don’t care if he’s been your best friend since kindergarten, don’t do it. Sharing WoW accounts sucks anyways, you can’t play together.

5. Keep your Flash player updated on your computer. It will prompt you when you need to update, just take the 2 minutes to do it. This will keep your account safe as many of the hacks utilize flaws inside flash on certain websites.

6. Use your Automatic Updates. Do you know what computer guys call Windows? Job Security. It is very unsecure and unless you do the updates on a regular basis your leaving your computer open to all kinds of attacks.

7. Use a good antivirus. Personally I recommend Kaspersky Anti Virus. It is the best antivirus available.

8. Use a good Anti Spyware. Download, update and run Spybot. All else is crap.

9. Ensure the site your on, is the site it says it is. Phishing is very common. Before you put in your user name and password into the World of warcraft site, ensure that the address bar says that where your at, and its not misspelled.

Just remember all in all, have fun, be good and use common sense and you should be pretty safe.

Btw, Knights of the Fallen forever baby!

As Gmail hack released, security experts still seeking solutions

Posted on January 18, 2010 by The Uber Geek

A vulnerability inside Internet Explorer 6 (AKA Windows XP’s Default browser) is to blame for the Chinese cyber attacks against Gmail according to multiple sources. Most of these targeted attacks often involve a cocktail of zero-day vulnerabilities combined with sophisticated social engineering scenarios. Security experts are still seeking solutions. This is bad news because now that its public, larger attacks are sure to follow. Microsoft will be expected to put out an update to resolve this issue immediately.

The threat model must now be adapted to not only worry about eastern European hackers siphoning off credit card databases, but all of your communications and intellectual properties. Stronger browsers, malware protection and anti phishing technology are now seen to be more needed. The German government has even sent out a message requesting that all users of Internet Explorer switch to a more secure browser. Personally I love Firefox, and Google chrome. Chrome is less fancy and faster, and Firefox has almost any function a person could possibly want.

It seems Ironic, that their mantra is “Don’t be evil”, yet they help the communists censor the internet for words like freedom, and democracy. I just hope that this will end their relationship with the Chinese government.

Zach The Uber Geek

Have no fear…the Uber Geek is here!

Tag Archives: Phishing

The Uber Geek’s Guide to keeping your World of Warcraft Account Secure

As Gmail hack released, security experts still seeking solutions

Related articles by Zemanta