Windows Genuine Advantage is a controversy wrapped in an enigma buried inside a migraine headache. Or at least that’s what it is for the millions of users who have been falsely identified as software pirates as a result of WGA’s attempt to root out piracy. Since July 2005, one in five computers running Windows have failed so-called WGA tests.
By Jack M. Germain
TechNewsWorld
01/25/07 4:00 AM PT
The TJX Companies, a large retailer that operates more than 2,000 retail stores under brands such as Bob’s Stores, HomeGoods, Marshalls, T.J. Maxx and A.J. Wright, said on Wednesday that it suffered a massive computer breach on a portion of its network that handles credit card, debit card, check and merchandise transactions in the US, Canada, and..
How organized crime could be using your PC to run rackets on the Internet and what you can do about it.
Computer virus writers started to use raging European storms on Friday to attack thousands of computers in an unusual real-time assault, head of research at Finnish data security firm F-Secure told Reuters. It’s been sent to hundreds of thousands of e-mail addresses globally, with the e-mail’s subject line saying “230 dead as storm batters Europe.”
Here we have another in a long line of Scams centered around MySpace. This time it is how to create a digital picture for your MySpace account without the use of a digital camera or scanner. This new technology uses your computer monitor. Oh boy not that old joke, resurfacing as a scam.
Instantly develop a new MySpace picture without a digital camera or scanner!
A new camera technology has been released that can actually use your computer monitor to take a picture of you and your surroundings. This technology “dot-dithers” your screen to act as a camera receptacle. The beta website captures your image just as if you had the computer connected to a video cam.
Try it out!
Select the type of screen you are currently using…
LCD Monitor (thin flatscreen)
Traditional monitor (bulky)
Television
Laptop
None of the above
Not sureContinue to Free Beta Site
Cool, NOT!!! This all starts when you receive a Group Invite on MySpace, from someone you absolutely don’t know; inviting you to join a group with a pretty vague name. Pretty typical fare for this type of scam. So, your just a little bit curious and click on the profile pic to take a peek. Bad move!!!
Just to satisfy your curiosity, here are the 2 images that make up the page. Yes, you can click on the Click Here image; it links to the animated gif on my server.
The Click Here image scrolls across the page; and you can click on either the background or the animated gif and be taken to the page (ScreenShot #1).
Group Details:
Group Name: Very very cool
Founded: Jan 14, 2007
Location: Las Vegas, Nevada - US
Members: 15
OK, so you clicked on the image and are taken to the comment form; and decided you don’t want to answer anything and hit the back button on the browser. So, you go back to the site that got you here, right. No, this is where you wind up.
Not exactly what you had in mind. Clicking the browsers back button will get you caught in a vicious circle between the Comment form and this page. You’re getting pretty pissed after a few tries at backing out, aren’t you.
Examining the Page Source, it’s a straight forward redirect, with a count down script. Says the offer expires in 300 seconds and you can watch it count all the way down to 1 second and stop; never actually counts down to 0.
Scrolling down the page reveals the company that is running this promotion “Top Quality Ringtones”, which is really Funmobile 8383 Limited; operating out of Shatin, Hong Kong. Viewing the bottom of the web page reveals the Terms and Conditions and links to the Privacy Policy, Contact information and opt out information.
I don’t know about you, but I have no intention of giving these people my personal information and having my account charged $5.99 weekly of $9.99 monthly; depending on the cell phone provider . Who knows where my personal information will wind up. I do know that my cell phone inbox will fill up with Spam text messages, as well as my email inbox. Thanks, but no thanks.
Let’s move on to the really interesting stuff. I want to check out this new “dot-dithering” technology that can make my Monitor a camera. I just can’t contain myself. I’m always checking out new technology and finding ways of adopting it to enhance the user’s viewing experience (Sarcasm folks). So, let’s pick a monitor type and click through to the next page.
Trying to back out of this page using the browsers back button will get you the Ringtones promotional page. Same stupid behavior.
OK, let’s take the picture. Make sure you look at the “twinkling” spot in the lens.
Yep backing out of this page will get you the Ringtones promotional page.
Time to pick up my photo, By the way I have been examining the page source for all the pages. To this point there has been no malicious scripts or “drive-by” install attempts on any of the pages.
Time to pick-up my photo. Wonder how it will turn out?
They claim this is not a Phishing Scam
Please note, this is NOT a “phishing” page.
From examining the page source, it doesn’t appear that the email and password data isn’t actually submitted anywhere. At least not from what I could tell. My advice is to err on the side of caution and don’t submit any personal data, that includes your MySpace login and password, on this site.
Notice the Terms of Use/Privacy Policy at the bottom of the page:
Terms of Use / Privacy Policy:
By filling out this form, you authorize us to spread the word about this funny site. You will enjoy your friends’ reactions and you will receive all of the credit. This is a harmless e-Card site looking to spread the laughter!
We do not share your private information with any third parties. We do not “SPAM” people with commercial messages nor do we collect any information to be used outside the scope of this free tell-a-friends promotion! This is not a “phishing” site that attempts to “trick” you into revealing personal information. Everything we do with your information is disclosed here.
This page is not affiliated with or operated by MySpace(tm).
ANY LIABILITY, INCLUDING WITHOUT LIMITATION ANY LIABILITY FOR DAMAGES CAUSED OR ALLEGEDLY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, SHALL BE STRICTLY LIMITED TO THE AMOUNT PAID BY OR ON BEHALF OF THE SUBSCRIBER TO THIS SERVICE.
We may do a combination of the following based on your friends’ interest.
1. Temporarily access your MySpace account for the following purpose(s).
2. Post “magic camera” bulletins in the appropriate section.
3. Invite your friends to a “magic camera” group.
4. Invite your friends to a “magic camera” event.
5. Comment your “top” friends once about this “magic camera.”
6. Send one batch of “magic camera” messages on your behalf.
7. Create a small floating profile overlay (very cool!).
8. Introduce new entertaining sites.This is a free service. You will not be asked to pay at any time. You will not be subscribed to anything asking for payment. This service is made possible by many hours of human effort.
H’m they say it’s harmless and they are not “Phishing”; yet they ask for your MySpace Account info. This appears to actually be a phishing attempt, a poorly implemented phishing scam.
So, what does happen when I click the button labeled “Send To Friends”?
Wow, I get a reward. I wonder what I get. Let’s find out. I type the word rewards into my browser navigation bar; hit enter. Here comes my reward.
Yep, same old tired Ringtone promotional page. Looks like they really want me to buy some ringtones. Filling in that page and submitting your information will get you what seems like an endless stream of promotional pages. If you like your Cellphone and email inboxes filling up with Spam; and someone other than you accessing your MySpace account; be my guest, fill in all those forms with your personal and sensitive information. As for me, no thanks not happening.
So, just how did I come across this site. Well on Digg http://digg.com/security/Down_Pour_Net_The_latest_Myspace_password_sca mh_wowh, I read the blog http://down-pour.net/wpblog/2007/01/14/the-latest-myspace-password-sca m-wow/, and read Ivan’s rather intense profanity filled tirade on his MySpace Blog WARNING: EXPLICT LANGUAGE http://blog.myspace.com/ivanthepig. Dude, get a grip.
Both claim that this site/scam will inundate your computer with spyware. I found no evidence that this is the case. I found no malicious scripts, no “drive by” install attempts, no downloads. Nothing, nada, zilch, zip. No Spyware, Viruses, Trojans. No malware what so ever.
What I did find is a scam site. A site that is designed to harvest email addresses, cell phone numbers, and what looks like a “phishing” attempt to obtain your MySpace account information.
If you run your own website, you will soon come to realize the nuisance Spam bots present. They trawl your site and collect email addresses, consume your bandwidth and can cause other problems. There however is a number of ways you can prevent some of them. This article is the process I use to block abusive bots from my site.
Bad Behavior has blocked 219 access attempts in the last 7 days.