Luftwaffe and Allied Air Forces Discussion Forum

Luftwaffe and Allied Air Forces Discussion Forum (http://forum.12oclockhigh.net/index.php)
-   General (http://forum.12oclockhigh.net/forumdisplay.php?f=13)
-   -   PHISHING EMAIL IN TOCH MEMBER's NAME (http://forum.12oclockhigh.net/showthread.php?t=25941)

Nick Beale 17th June 2011 22:19

PHISHING EMAIL IN TOCH MEMBER's NAME
 
This evening I received an email purportedly from TOCH Member Norman Malayney. It uses a recognised phishing message:
Hope you get this on time, I made a trip to Aberdeen, Scotland and had my bag stolen from me with my passport and credit cards in it. The embassy is willing to help by letting me fly without my passport, I just have to pay for a ticket and settle Hotel bills. Unfortunately for me, I can't have access to funds without my credit card, I've made contact with my bank but they need more time to come up with a new one. I was thinking of asking you to send some funds via Western Union to my travel agent in California so he can expedite my travel arrangements.

I can forward you details on how you can get the funds to him. You can reach me via email or on Blue Island hotel front desk phone, the numbers are, +44********** or +44**********.
(read more here) inviting the recipient to send money to a hotel front desk. I've redacted the phone numbers—no sense in spreading them

I've PM'd Norman to let him know that his account may be compromised.

Brian 18th June 2011 00:41

Re: PHISHING EMAIL IN TOCH MEMBER's NAME
 
Hi Nick/Norman

I received a copy as well.

Cheers
Brian

Jim P. 25th July 2011 03:00

Re: PHISHING EMAIL IN TOCH MEMBER's NAME
 
Not related to this particular infection, but if you ever follow a link to a Russian site and start getting messages shortly thereafter to the effect that your disk(s) are failing, shut your computer down immediately. Bring up in safe mod and do a google search for MBAM. The errors are false and what the 'virus' does is start to hide all your software and disks, the 'site' that detected the problem will run some 'utility' to examine your system and offer, if you give your cc number, to 'fix' the problem. The address of the company may be some place in Florida (it was for me). Your pc has been hijacked. Whatever you do, DO NOT, give them your cc number. I expect if you do you're toast. When I got hit with this I had fortunately read something about this hijack some time ago, but could not remember what the solution was. I did try and get through their krap long enough that everything got hidden on me. However when it finally occurred to me to put in the OS disk and boot in safe mode, I could see all my files. At that point I finally started googling and eventually found the MBAM site. Their solution is free, but you need to follow their instructions exactly. There may be better solutions out there, but some of the 'solution' sites were pay sites, a few of which I think are somehow related to the 'infection', and none of the companys were known to me (the Nortons, Zone-Alarms or other well-known anti-virus companys had nothing-this was in early June). I was not about to give my cc # to anyone in that situation. Finally found the free MBAM site (they will ask you to purchase their product, but the 'fix' for this is free). End result, their software 'unhid' all my file folders, but not my software so I had to re-install all my applications. I still have a few problems like not being able to set a desktop scheme, which I can live with, but all functionality was restored. A friend of mine got nailed with the same thing a couple of weeks later and I had him shut down his machine and call his IT department. This was the nastiest bug I ever 'caught' from the internet and my firewall and anti-virus software did not catch it until it was too late. Note that I have no affilation whatsoever MBAM or the software company that produces the fix (BittingCow[?] or something like that.) Just a word of warning.

Ruy Horta 25th July 2011 16:57

Re: PHISHING EMAIL IN TOCH MEMBER's NAME
 
Ok, I'll lock the account.

If Norman doesn't contact me it will sat locked.


All times are GMT +2. The time now is 04:23.

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004 - 2018, 12oclockhigh.net