Serious phone fraud you should warn your loved ones about
Most emails that I receive concerning some new scam turn out to be little more than a hoax. It’s the sad state of our society that many find easy methods to waste time of those they do not know.
Today I received an email from a source I trust which sounded like an example of the above; however, I did my due diligence to make the determination for myself due to the regard I have for the person who sent it. To my surprise it turned out to be the one in a thousand (or more) that is true.
If you have loved ones that may not be savvy to official sounding phone calls, who are perhaps not as skeptical as you are when someone asks for information, please, I implore you to make them aware of this and impart the seriousness. This is identity theft via social engineering at its worst.
According to snopes.com, the scam first surfaced in 2001. It has cropped back up several times in different states up to at least 2005 which probably means it is destined to show up again.
First the corroborating links, then the story:
Jury Duty Scam
From the Tinley Park Police Department,
This has been verified by the FBI (their link is also included below).
Please pass this on to everyone in your e-mail address book. It is
spreading fast so be prepared should you get this call. Most of us take
those summonses for jury duty seriously, but enough people skip out on
their civic duty, that a new and ominous kind of fraud has surfaced.
The caller claims to be a jury coordinator. If you protest that you never
received a summons for jury duty, the scammer asks you for your Social
Security number and date of birth so he or she can verify the information
and cancel the arrest warrant. Give out any of this information and
bingo; your identity was just stolen.
The fraud has been reported so far in 11 states, including Oklahoma ,
Illinois , and Colorado . This (swindle) is particularly insidious
because they use intimidation over the phone to try to bully people into
giving information by pretending they are with the court system. The FBI
and the federal court system have issued nationwide alerts on their web
sites, warning consumers about the fraud.
How to use Windows Mobile Sync Center on Vista with F-Secure Client Security
We’ve been using F-Secure as our virus/malware protection in our company for a little over a year now. I have been and continue to be impressed with the product and the company support.
Recently I purchased my new laptop with Windows Vista installed. More recently I purchased a new HTC P4300 smartphone with Windows Mobile 5. It’s been working great, and I love the phone. The only weird issue has been syncing with the USB cable. In order to make it work I had to temporarily turn off the firewall inside of F-Secure Client Security. Syncing via Bluetooth was working fine so I tended to lean on that.
Today I decided it was time to fix the issue. I gave a call to the business support line at F-Secure, explained the problem quickly to the technician. She told me right off the bat that this was an issue she had no experience with, so she asked if I minded giving her a little time to investigate. Of course I said that was fine.
Within 30 minutes I had an email from her outlining the solution. My total phone time was about 5 minutes and then another 5 to put the fix into place. Thank you!
The problem is simply that the Sync Center in Vista uses some ports over the USB connection that are new enough not to be included as a standard. After adding the ports and making sure that one of the applications was allowed, everything worked great. Since I do not believe they have a technical article yet, I thought I would outline the solution here in case anyone else needs it.
Please note that these steps only work if your security policy allows you to edit a few things. If you are running in a corporate environment you may need to give these instructions to your network administrator to include in the corporate policies for your virus protection.
Step 1
The first thing to do is to get into the Client Security configuration screen where we’ll be doing most of the work. Right click on the F-Secure icon in your system tray and choose Open F-Secure Client Security. This will bring up the main window. You will want to choose the Internet Shield menu option on the left, then click on the Change link next to Application Control.
Step 2
Next you need to add the application that does the communication to the allowed list in Application Control. wmdHost.exe is the component that performs the actual communication requests. It is possible that this application may already be there, but if it is not, simply click Add it to include it in the list. If it is not in the list it should be found in C:\Windows\WindowsMobile\ If you do have to add the file, I’ve noticed that my Client Security software will default to the access level of prompt for a new application. The other bit that is odd is that it will not let me change it when I’m adding the file. I complete the addition to the list, then go back in to the details to modify it. At this point it will let me change the behavior to Allow.
Step 3
Finally you need to create a new service and add the necessary ports. There are 5 inbound and 1 outbound port necessary.
Start by switching to the Firewall configuration screen, then to the Services tab and add a new one. I simply called it Windows Mobile Sync Center. Make sure to choose the TCP protocol.
On the screen where you add, there are two areas for ports. They are termed Initiator ports and Responder ports. These map to inbound and outbound. Here are the correct settings:
Initiator (inbound) ports:
- 990
- 999
- 5678
- 5721
- 26675
Responder (outbound) ports:
- 5 679
Once you’ve made all of those configuration changes you are ready to give it a shot. Grab your Windows Mobile device and your USB cable and hook them up. You should get the Connected check box and see it synchronize as expected.
I hope that helps you out!
NFS Server on Windows; What a pain!
We use a nice open source package called BackupPC. It is a nice system with a powerful web interface that has many capabilities to interact with other nix and windows based hosts.
We had been using smb (Samba) to do most backups from windows hosts, however there was one problem with our Exchange Server. The backup file was huge, roughly 16GB using ntbackup. Samba has a limitation of 2GB files for transfer, so that was a killer.
Initially I took the “quick and dirty” route. I created a batch file that ran the backup and use the split command to split the backup file into 500mb chunks. It worked, but what a hack! Recovery means restoring the files and using join to get them back together. Not a fun prospect.
I recently ran across the the Windows Services For Unix (SFU) on a different server and found that it had the ability to add NFS server functionality to a Windows 2003 server. Hallelujah! No more 2GB limitations!
I looked up documentation on installing and configuring things. I found that I had to implement User Mapping in order for Windows to translate UNIX users to Windows accounts. No problem, it all seemed very straight forward. I set up my shares, made sure my permissions were correct and that my users were mapped. The drive mounted on my Linux box perfectly! Then I tried to list the contents:
Permission Denied
Dang, so close! I must have mucked up permissions, right? Wrong. I went through all of the standard troubleshooting, opened the share up to everyone including root access, mapped, remapped and changed other settings. Still nothing. Ugh! Time to search Google. I found many similar issues, but nothing that was what I really needed. Many people had permission denied problems that turned out to be issues with user mapping or root access. Not my problems, although I tried everything I found.
Finally I went directly to Google Groups and began searching. After a few pages of things I’d seen before, I ran across a post that pointed me to this TechNet article. I do not know why it was so hard to find this. Searches at the MS Knowledge base did not yield these results.
Anyway, it turned out the only problem was a single initial setting all the way at the top of the SFU snap-in. It is under the Settings tab and it simply says Server Name. It was blank! I would have thought that it would put the default name of the server in there, but it did not. No biggie, I changed it and viola, everything worked! I backed out of all my troubleshooting changes to give access only to Backup Operators and no root access to the share and things ran very smoothly.
Hopefully someone may find this pointer faster than I did, if so then my work here is done! Until the next problem of course. 
Phishing with Flash
In F-Secure : News from the Lab – January of 2007 describe sites that are popping up ising Flash to illicitly gain information about you. This technique (the illicit information gathering, not that it is using Flash) is called Phishing, and while it’s been around a while I am still amazed at the number of people that do not understand what is going on.
The trick is for the Phisher to create a website that looks exactly like a site you would trust complete with a URL that is close enough to the real one to seem legitimate. The website simulates something such as a PayPal login. Some are sophisticated enough that they pass you off to the real site after you have attempted to login, but by then it is too late! The Phisher has your account information and before you know it, your money is gone!
If you, as I, are among those that understand this threat then I encourage you to take the responsibility to educate your family, friends, and when the opportunity presents itself others that you meet or know. If you are having a conversation that is related to computers or the Internet, actively guide it to bring out the facts about Phishing! These Phishers are illegally stealing information from people, and who knows, the next person could be your mother. Add to that the fact that they are becoming more sophisticated all the time and it is a scary thought.
According to the F-Secure article on why Phishers are moving to use flash;
Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content.
That makes sense. They are immoral punks, but they are also smart punks. Why do they do it you may ask? Because it is big business! They make a lot of money doing it. It is hard for the authorities and the legal system to make a difference, it is just too easy for them to avoid prosecution. A few do find their way into the courts, but it is obviously not much of a deterrent. The best way to fight them, in my opinion, is to make the practice not profitable. Let’s do that by educating people! Tell the ones you know and love about the dangers and how to avoid them! Make a difference!
Botnets and beyond
A friend just shared this article from the New York Times. I thought it relevant concerning my last post.
Thanks n909!
Botnets for the Average Joe
I just finished reading this Washington Post interview with a 0×80, a h480r running a botnet. They paint a pretty good picture for the average user. If you are in the industry (read “geek”) then this is old news, but it may be a good resource to hand out to those you know and/or love that do not understand the threat and the need for keeping their computer safe.
Shout out to Geek News Central for reporting this one.
RFID vulnerabilities
Adi Shamir to the current RSA conference on his findings concerning the weakness in the current generagion of RFID chips. This rather interesting, and somewhat concerning coming on the heels of my recent post.
The uninitiated might say that this sort of thing takes a lot of effort and the practicality of someone actually doing it is very low. Those people, in my opinion, have no clue of the types of things that really go on in the world of electronic security.
I would submit that there are far too many individuals with a lot of talent, toko much time and not enough motivation to put their talent to productive use who will jump at the chance to crack something like this. It will be for the purpos of fun at first, of course, but at some point it will move into the malicious realm. Corporate and government agencies around the globe will want a piece of the type of information that can be gained from cracking RFID’s. Mailicious individuals will take advantage of the “talened but bored” to start turning a proffit. More shadowcrew’s will emerge.
Shamir hits the nail on the head saying “the pressure to get tags down to five cents each has forced designers to eliminate any security features, a shortcoming that needs to be addressed in next-generation products.”
-
Pale’s Social Graph
Google Reader Shared Stuff- Android accounts for one-quarter of mobile web traffic, says Quantcast
- Samsung suggests Galaxy Tab will cost between $200 and $400 -- also coming to Vodafone
- Android’s Mobile Web Consumption Share In The US Is Surging, iOS Share Dropping
- Jobs suggests that competitors' device activation tallies may be inflated, Google quickly responds
- Samsung Galaxy Tab preview
- Amazon streaming 99-cent ABC and Fox shows... right now (update: purchases, not rentals!)
- Windows Phone 7 goes gold master, begins rolling out to partners for final launch preparations
- Want An Apple TV Right Now? Buy A Roku
- Samsung Galaxy S update to Froyo leaks
- Live TV Is For Old People: Time Shifting And Online Make Up Nearly Half Of All Viewing
