Remove Spyware and Viruses today

Twitter discontinued support for basic user authentication in third-party applications yesterday morning.

Good. It's always best to never share your password with a third-party. Even if you trust them, their database could be compromised, and your password along with it. The discontinuation of basic user authentication also removes the vector of brute force password attacks via Twiter's API.

All third-party applications must now use Twitter's OAuth.



So, that being the case… we have a feature request.

The other day, we came across some Twitter spam using a bit.ly link that pointed to an application called "Lady Gaga photos".



If you "Allow" the application, two things will happen: the account tweets spam and follows two new accounts (emoboyxx3 and BoyGeorge).

We don't suspect Boy George is behind this…



Okay, so it's a spam application. Time to visit Settings/Connections and revoke its access.



And here's our feature request, we want a "Revoke Access and report as a spam application" as well as the "Revoke Access" option.

Cheers!

On 01/09/10 At 03:36 PM

Wikipedia's affiliate marketing entry includes the following sentence: "Although many affiliate programs have terms of service that contain rules against spam, this marketing method has historically proven to attract abuse from spammers."

This is very true — affiliate marketing methods definitely attract abuse from spammers.

Our recent posts on Facebook and YouTube spam linked to cost per action (CPA) affiliate networks. We've come across affiliates from several CPA incentive networks while investing social networking spam, and one of the more interesting companies that we frequently see abused is CPAlead.com.

CPAlead claims to be to be one of the largest affiliate networks with nearly 11 thousand members in its Facebook Group. They also have an interesting Twitter profile that lists their daily top earners.

They've tweeted 258 times since June 18th and the total amount of daily top earnings is $485,188.34.



There were 281+ thousand leads (completed surveys) and 3.7+ million clicks. That's a 7.5% conversion rate for the top earners.

With numbers such as that… there's little wonder why spammers are attracted.

On 31/08/10 At 09:44 PM

“Money mules” may be unsuspecting Americans who act as shipping managers, do the dirty work for the bad guy, and open bank accounts, too. Sometimes the mule may be foreign, traveling to the United States specifically to open bank accounts.

Mules often get hooked into a “small business” or employment that is a function of a criminal enterprise. The mules often respond to “help wanted” ads from online job placement sites. Shipping scams are a common tactic criminals use to employ mules to receive goods bought with stolen credit card numbers, who then ship to people who buy them in online auctions. The mules in this process are essentially facilitating selling hot goods and money laundering.

The mules are often baited into setting up bank accounts that the criminal controls. These bank accounts will be set up under the name of the mule, and are generally programmed to transfer money overseas in increments of less than $10,000 to avoid detection.

Most mules end up pulling money out of their pockets to front shipping costs with the promise of a big payoff. In the end, the mule is often bilked and ends up with an empty bank account.

But not this mule, who was arrested and sentenced to 46 months in federal prison for sending more than $860,000 to offshore online scammers. He was caught after a sheriff’s deputy became suspicious during a traffic stop. They found eleven cell phones, fake IDs, $53,200 in cash, and 76 Western Union receipts. This was no poor unsuspecting mule. This guy knew exactly what he was doing.

“He admitted accepting and cashing wire transfers from online shoppers for vehicles, boats, motorcycles and vehicle trailers, then sending that money to Romania or Spain in small amounts to make detection less likely. The items for sale did not actually exist.”

To protect yourself from becoming a victim of such scams consider subscribing to an identity theft protection service, which offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. For additional tips, please visit http://www.counteridentitytheft.com

Robert

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss money mules and job scams on Fox News. (Disclosures) 

Robert Siciliano
Robert_Siciliano@McAfee.com
www.CounterIdentityTheft.com

I had been doing some work on the computer and was logged in to McAfee Family Protection under my account.  I was looking for something on YouTube when I came across a video of a tired puppy falling asleep  in his bowl of water. It was so cute I thought I would show it to my littlest “cyber daughter.” She melted instantly… puddle on the floor! The next video suggestion that popped up was a bear falling asleep, which she clicked on immediately.

At this point, I had to walk away – just a few feet, into the kitchen to get something for “cyber son #2”. I hear CD say “Hmmm, that’s weird” and the mouse click. Then I hear her say “Mommy, what’s this word?” I walk back over to the computer and gasp. The word she was pointing to is “orgasm”. WHAT THE WHAT?????

Maybe 45 seconds had gone by and we had gone from “bear falling asleep” to “bear” and “kitty” doing inappropriate things in the video. I kid you not! She had clicked on the second bear video and was bored in about 5 seconds and all the next videos contained a word she didn’t understand.

Now, I would like to say that none of these videos contained anything other than animals being scratched in that tickle spot which makes their leg move in that scratchy sort of way. The kitty video wasn’t even a cat! People were just hoping to get some hits by giving a stupid video a provocative name.

This is what happens on YouTube sometimes. If you have a child who enjoys YouTube, be aware that there are videos that you may not want your kids to even see the name of or you will be faced with explaining what an adult word is to a six year old.*

The lesson I learned is that I cannot walk away from the computer without logging out. In mere seconds a child can find inappropriate material. Be ever vigilant parents. Just knowing what can happen is half the battle!

Keep the little ones safe out there!

Tracy

*Which, by the way, I did not. I just told her it was a bad word and closed the window, turned to her and smiled and said “Okay, time to go out!”