|
Online and Onsite Computer Repair
|
Tuesday, 06 July 2010 11:04 |
|
You've got to hand it to the scammers for their creativity. Using the name of the Ministry of Transport and claiming a new tax, all to get you to open their fake antivirus installer.
 This one comes in an email with a body similar to one of the following:
Nice hear you again,
how you maybe have prepared hear, the Ministry of Transport
will Modification a tax for your motor vehicle.
Please read attached documentation intimately, in the case of
conserve your finance.
Wish you lucky day!
Mattie Watson
or:
Hello,
how you maybe have prepared hear, the Ministry of Transport will
Switch a fee for your motor vehicle.
Please read attached documentation rigorous, in the cease of
economize on your pelf.
have a nice day!
Pierre Andrade
Of course, it's not actually from a friend of yours, and it's not from the Ministry of Transport, either. The attachment, a 61KB zip archive, has a name something like "US_CAR_DOCUMENT_03_07_2010.zip", probably with the date in the filename changing, depending on when the email was sent. An attachment simply named "CAR_DOCUMENTATION.zip" has also been seen.
Opening this zip file shows a single contained file, with the same filename, except for the extension. The extension on samples that I've seen is doubled: ".DOC.exe" or tripled ".DOC.________.exe" This makes it appear at first glance to be a Word document, but it's actually a program. Running this program by double clicking will infect your computer with a rogue antivirus product.
One particular oddity about this trojan is that, while it's detected by Norton, McAfee, and Trend Micro Housecall, it's not detected by Trend Micro AntiVirus. Housecall is an online, web-based scanner that's free to use. Their purchased, install-on-your-computer antivirus product, though, misses this infection. One would think that both these products would use the same definitions and scanning engine technology, but that's apparently not the case.
|
|
Last Updated on Tuesday, 06 July 2010 11:27 |
|
|
Monday, 05 July 2010 11:50 |
|
Scammers are using fake Facebook password reset messages again, in order to peddle their fake antivirus software.
A recent email wave of image spam (meaning the text of the email is actually contained in an image, rather than normal email text) attempts to entice users to open an email attachment, purportedly a response to a request for a new password.
This file actually contains a variant of the Bredolab trojan, which installs fake antivirus software.
The image appears as the following text:
The image text translated to actual text, for the benefit of search engines:
Hey,
You recently requested a new password.
You can find your new password in attached file.
Please note that this email has been sent to all contact emails associated with your account.
If you did not request a new password, it's likely that another person has mistakenly
attempted to log in using your login.
As long as you do not click the link contained in the email, no action will be taken and your
account will remain secure.
For more information, visit our Help Center at http://www.facebook.com/help/?topic=login
Thanks,
The Facebook Team
The attached file is a zip compressed archive, which, when opened, contains the trojan.
 The real problem with this particular variant is that it's only detected by 5 out of 41 scanners at virustotal.com: Authentium, AVG, the open source ClamAV, F-Prot, and Sophos.
The big 3 software packages - Norton, McAfee, and Trend Micro - and even the more popular of the smaller providers - NOD32, Microsoft, and Kaspersky - all completely miss it.
This goes to show that obtaining security software based on its relative popularity in the marketplace is not a sound method for keeping your computer safe.
The email claims to be from "Facebook Security", or "Facebook Support". The emails I've seen also contained names of supposed Facebook employees, undoubtedly fake also, such as "Adelberta Chizmar" and "Travis Cleave".
Beware of social engineering techniques such as this, and don't open any such attachment.
|
|
Last Updated on Monday, 05 July 2010 14:03 |
|
Wednesday, 12 August 2009 19:46 |
|
The new website is now officially live.
Not all content is currently moved over, but this will be happening in the next day or two.
In the meantime, if you need something that was on the old site, you can access it at
http://oldsite.cbserviceslondon.com.
|
|
Last Updated on Tuesday, 22 September 2009 10:29 |
|
Thursday, 22 October 2009 09:54 |
|
At CB Services, we can fix your computer!
Quality
CB Services is a low-cost, high quality technology service provider. We do this by eliminating the corporate overhead of most larger businesses. When you go to a big box store to get your computer repaired, you pay $80 per hour, of which only $10 goes to the technician. What kind of a technician can you get for $10 an hour?
The rest of your money goes to pay for flashy advertising, multiple layers of managers, and a corporate head office that may not even be in your country.
In the process, business decisions are not made based on what will make the company the most money, but what makes the best technical sense for the customer. CB Services is run by technical expertise, not marketing.
Security
Consider that the number of personal records stolen in data breaches from a company or organization since January 2005 has reached over 150% of the population, and identity theft is at an all time high.
Specializing in data security, CB Services can help ensure that your critical and confidential business data will not be leaked out to identity thieves, or the competition.
In fact, in the entire history of CB Services, no company that's been following our advice for data security has ever had a data breach. How many technology companies can say that?
Convenience
Remote Support: As long as your computer will turn on and connect to the Internet, problems such as spyware and viruses, driver installs, and basic training can be handled with our remote support service. You don't need to take your computer anywhere.
Choice
A leading Linux system builder in London, Ontario, we have technicians certified in Linux, Windows 95/98/Me, and Windows NT/2000/XP, as well as networking, and other high-end information technology requirements. |
|
Last Updated on Thursday, 22 October 2009 10:14 |
|
|
Copyright © 2010 CB Services. All Rights Reserved.
|
