Yup.

Phishing Scam Targets Walmart.com Online Customers

Late last week, Walmart alerted the public to an email-based scam that used the company’s name (misspelled as “Wallmart”) to illegally gather information about users. The email sported the title “Thanks for your Walmart.com order,” and after confused users clicked on links within the emails, their Walmart accounts were charged. While local police departments and Walmart representatives were quick to report and warn consumers about this specific threat, it’s important to keep in mind that consumers around the world lost an estimated $1.5 billion in 2012 alone to this type of Internet scam, known as “phishing.”

“Phishing” scams trick web users into downloading an infected file, clicking a toxic hyperlink, or giving up private information.  Increasingly, phony offers on social networking sites and text messages (also known as SMiShing) are also used to target mobile devices as well.  The end result of successful phishing attempts differs from one scam to the next, but the most common types of attack result in a hacker gaining access to sensitive information (like the password to your online banking site or your email account), access to the information you store on your laptop or mobile device, or even control of your device

Some phishing scams rely on widely recognized brand names to cash in on your trust, as in the case of the “Wallmart” phishing attack last week.  A more sophisticated strategy known as “spear phishing” targets people who are thought to be using a specific credit card, bank, or other online payment system before sending fraudulent messages.  Most of us are more likely to open a message we think is sent from our bank than from a bank we’ve never used.

As a rule of thumb, if you are at all unsure about the origin of your email (as with an unprompted “Thank you for your purchase!” message), do not click on links contained in that email. Instead, go directly to the website domain to check your account and search for the sale or offer described. And remember: If an offer sounds too good to be true, it probably is.



("click the image to make it larger")

If you suspect you’ve been a victim

Realizing that you might have opened yourself to a phishing attempt can be pretty scary, so if you think you’ve downloaded a fishy file or clicked a dubious link, there are several steps you can take:

1.) Change your passwords. If you believe your email account, online banking or payments information, or social media account has been compromised, change your login information as soon as possible.  This could stop a phisher from accessing your account, or at least prevent him from doing any serious damage.

2.) Update your security software. Make sure that your antivirus or cross-device security software like McAfee LiveSafe is up-to-date on ALL of your devices (smartphones, laptops, PCs, Macs, or tablets).  And if you’ve downloaded a file or visited a website that might have infected your device, run a security scan and wipe any questionable items.

3.) Check your financial records. Even if you’re unaware of an initial phishing attack, your bank and credit card statements will reveal if your information was compromised. As a best practice, thoroughly check your statements each month, and if you suspect fraudulent activity, immediately contact your bank directly via phone to place a fraud alert on your account.



Original article: Tuesday, May 21, 2013 at 9:21am by Gary Davis

---

NOT: Offcause ther is other security products that you can use then McAfee!

---

(removed from: http://superuser.com/questions/463395/why-cant-i-launch-telnet-exe-from-a-windows-8-command-prompt/597470#597470)

Copy-Paste Devnullius:
"I use IOBit Start Menu and Search for and elevate start a cmd.exe.

I too cannot start telnet.exe (I Googled for: windows 8 telnet.exe file is in system32 but in cmd command prompt command not found).

I have a similar problem with TFTP.exe. If I explicitly click this one in explorer, a Win 8 error pops up that this App isn't compatible with my version of Windows (8 Enterprise x64).

So I was pretty sure IOBit was at cause, for a reboot did not seem to fix it... *

Testing now confirms: search for cmd.exe with 32 bit start-menu program will start x86 cmd-prompt, and cause all problems.

NOW HOW TO START A x64 COMMAND PROMPT?? FROM: http://scforum.info/index.php?topic=7997.0 , quote: "Remark: Windows 8 has no Run... option or a Start menu (and Windows 7 users should first enable Run...-option with Menu Properties).

In general, Windows 8 users should first start a search for: run

The Run... command will appear! You can pin it to your task bar now or just start it... I found this information here: .

Also, Windows 8 users could use: Classic Start Menu (tip from: http://scforum.info/index.php?topic=7941.0).

Then they too will have their Run... option back (ànd a regular start menu)..."

So with a search with a 32 bit start menu program for "run" you can start the "run" command and start "cmd.exe" in 64 bit mode

BUT I did NOT test the Classic Start Menu-option... That one might fail? I used IOBit's solution...!

And now, I can finally follow (Dutch) instructions for re-firmwaring my Ziggo.nl-router: www.vandersmitte.eu / 2012/03/12 / ziggo-firmware-netgear-wnr3500-v2-vervangen-door-originele-netgear-firmware ;p

Thanks for all expert replies here! Much obliged!

Peace

Devvie

~~~ notemail@facebook.com ~~~

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare
——
All spelling mistakes are my own and may only be distributed under the GNU General Public License! – (© 95-1 by Coredump; 2-013 by DevNullius)



* Pretty sure, but not 100% - might have been a sloppy log-off instead of full reboot, might be that I THINK I tested after the reboot and dit not OR even a really long delay of the actual file movementseven after a reboot (before the reboot, explorer would show the files, cmd.exe would not - also not after attrib -s -h -r...) One should test for herself when in doubt!!"

House Keys Under the Doormat? Nope, in Your Phone

One of my friends recently locked himself out of his apartment. I found this out when I called him because although he didn’t have his keys, he did have his smartphone. This was one of those times he wished he lived in one of those hotels with the Assa Abloy NFC-enabled locks.

It turns out he doesn’t need to go to a hotel to open his door with a phone. Kwikset will soon be selling Kevo, a new deadbolt that can be unlocked with a Bluetooth-enabled phone. You can replace your old door locks with one of these new models.



The Kwikset/Unikey Kevo deadbolt is controlled via a Bluetooth-enabled smartphone app.

The Kevo lock [see demo video] is based on technology from Unikey, a winning company on the ABC TV show Shark Tank. Unikey’s background is in developing biometrics-access controls. Those controls are the ones you see on TV or in movies when a character places a palm or finger on a pad to open a door. With these locks we can all have similar technology guarding our homes.

Security Concerns
Another thing that you would notice from those same shows and movies is that the bad guys are always trying to break these high-security locks and access controls. The difficulty facing the average computer crook when facing a government high-tech lock is that there are so few of these locks to test against. Contrast those to millions of Bluetooth locks that one can buy off the shelf. The bar is much lower with Bluetooth because if they damage one lock during testing, the criminals can easily buy another one and try again.

The biggest payoff for technical attackers against a lock like this is to duplicate your keys or introduce a new one of their own. With physical keys they would need to get possession of them to make copies; with digital keys they need to break encryption and/or bypass security on the device that holds the keys (smartphone or key fob).

The deadbolts come with a single key fob, similar to car keys with transponders in them, and more can be purchased. It’s not clear yet whether, as with transponder keys, one needs to go through a complex process to activate additional fobs. The security of the fobs makes the smartphone a relatively easier target to go after.

There is an iPhone app that lets you manage both your own door key plus those of other residents (e.g., friends, house sitters, etc.) and temporary keys. Android phones also support Bluetooth. So the choice to produce the iPhone app first may have to do with the relative ease of decompiling Android apps.

IPhones are not necessarily more secure, as a knowledgeable attacker can jailbreak a phone and gain access to a decrypted version of the Kevo key app. Using tools like disassemblers, they can then seek out the methods used to secure the keys within the app and potentially reverse-engineer the protection or discover a method of creating new keys. They may also be able to force the app to accept new keys, essentially adding a master key to every one of these Bluetooth-enabled locks. That is actually not as likely as the criminal’s finding a way to attack a single target’s locks.

Future of Physical Security?
Locks are not invincible, not even high-tech locks. The more such locks are installed, the greater the incentive for robbers to break in through technical means. Why steal one set of keys if they can attack a smartphone app and steal all the keys? Fortunately, as the crooks start to take notice of such devices, so will security researchers. Unlike the bad guys, security folks will test these locks and help them improve. I’m sure my smartphone-toting, key-forgetting friend will appreciate that.



Original article: Tuesday, May 21, 2013 at 10:29am by Jimmy Shah

1. I mention iGoogle. First, tabs weren't allowed on top anymore. Only sideways. Then it was closed down. Without explanation, leaving me with a +1000 hours of WASTED work (and my friends without THEIR iGoogle )

2. See this: password policy: http://productforums.google.com/forum/#!topic/gmail/4R4sbmvWn7U%5B1-25-false%5D HATE IT HATE IT HATE.

3. Gmail: new user-interface sucks and does not work conveniently. Over the year, it has become more cluttered than ever before. See old gmail. SEE Outlook.com! I hardly dare to transfer friends to gmail anymore: they ALWAYS complain and it takes them approx. 1 to 2 weeks just to "master" the basics... Even I am always looking for what-where-the-fuck! Grmbl.

4. Google Groups: new interface made it unusable - after the massive hy-jacks and posting problems a few years ago, I abandoned http://groups.google.com/group/altoswindows-2k3 altogether

5. Google Reader: being closed!!! While SO MANY PEOPLE depend on it! It's rude. Noblesse oblige! Also see iGoogle...

6. Waiting for this forever: see which filter actually is ACTIVE for a given gmail email... http://productforums.google.com/d/msg/gmail/qpZ9VyDbTC4/qWz3F4xeDAIJ

7. Run all / selected gmail filters now

8. This one is fair enough from Google's perspectives, but still... Why no more free Google Apps for your Domain?? I'm looking into alternatives (including outlook.com) and will post about that probably one of these days...

9. For years I see the same (confirmed) bug for many of my friends... I setup gmail as their main email client. Every other email account is imported with pop3 to its own Label. Besides that one, I create countless of filters to catch all main addresses and MOVE them from the Inbox to THEIR label. Still, emails arrive in the Inbox - even the ones that SHOULD be catched by my filters... Makes NO sense and kinda RUINS the usability of gmail as the primary email client for my dumbwit friends

10. Google+ ... Google+!!!

11. Google Wave. It failed. Sorry, I liked it but ok. It failed. Still... You showed on the Demo very proudly a new kind of translation bot: Rosy Etta - aunt-rosie@appspot.com - Translator (40 Languages) and
Aunt Rosie - aunt-rosie@appspot.com - Translator bot. They looked VERY impressive and REALLY smart but never saw the light. 4 years later we are STILL stucked with the basic Google Translate. Which does not work at all in RL situations.

x. more to follow ;pp

NO KARMA WHATSOEVER!

devnullius