Scammers are sending bogus email disguised as a Microsoft security alert, in a criminal attempt to trick users into purchasing a rogue scanner (aka scareware). The fraudulent email reads as follows:
———————–
Starting April 1st 2009 the ‘Conficker’ virus started infecting Windows users very quickly. Microsoft was advised by your Internet provider that your system is showing signs of being infected.
In order to prevent further infection we advise running a full antispyware scan on your computer.
We are giving all effected Microsoft Customers with a free tool to remove the infection from their system.
Please visit the Microsoft System Security Scan website by clicking here (REMOVED) to start scanning your computer.
The scan will complete in under a minute and will prevent your information from being compromised. We appreciate your prompt cooperation.
———————–
Those who click the link and visit the site will be presented with a fake warning that their system is infected. Clicking anywhere on the site points to the download of the scareware.
Tags: Conficker
Vijay Mukhi, President of the Foundation for Information Security and Technology says, “The terrorists know that if they use machines at home, they can be caught. Cybercafes therefore give them anonymity.”
“The police needs to install programs that will capture every key stroke at regular interval screen shots, which will be sent back to a server that will log all the data.
The police can then keep track of all communication between terrorists no matter, which part of the world they operate from.This is the only way to patrol the net and this is how the police informer is going to look in the e-age,” added Mukhi.
Is anyone talking about the societal implications of this sort of wholesale surveillance? Not really:
“The question we need to ask ourselves is whether a breach of privacy is more important or the security of the nation. I do not think the above question needs an answer,” said Mukhi.”As long as personal computers are not being monitored. If monitoring is restricted to public computers, it is in the interest of security,” said National Vice President, People Union for Civil Liberty.
There are no ethics in business anymore! Those who thought that MNCs in India would be more ethical are smoking pot! Here is an interesting and a distasteful hijacking of the domain by Vodafone of Airtel’s domain name. Type Airtel.com and you will be directed to www.vodafone.es ! Domain Squatting in not uncommon but this is a little too cheeky and unprofessional.
Huzaifa Das suggests in a desecrates group email that this is because Vodafone bought out Airtel’s Spain operations. Airtel had won a license to operate in Spain . In the last line, she has a valid point!
Try www.Airtel.es that will also redirect to www.Vodafone.es ! Vodafone or Badfone huh??
All this three domains r registered and hosted with Verio Inc. http://www.verio.com/
Domain Squatting Explained
I think no more we will have airtel’s mistake or surprise postings!!! 
follow the link for me explanation u can ping me!
http://ezinearticles.com/?Domain-Squatting-Explained&id=50564
Goggle.com is a classic and great example of domain squatting — whether you like it or not.
The domain was first registered in 2003, only six years after Google.com was first registered. Sure, it’s quite possible Google just didn’t think about this in the first place and got sloppy, but either way, goggle.com is owned by someone other than Google Inc.
Stats prove that day in and day out, Internet users around the world type in the wrong domain. Google receives hundreds of millions of hits per day, seems like a decent amount of that traffic actually goes to the wrong domain.
So what is goggle.com doing to monetize that typo type-in traffic? “Free” offers provided by FluxAds, which then redirects you to a MyExclusiveRewards partner page. Seems like these “free” offers were a huge success, one year ago, but now they are worthless and it’s so hard to actually make them work now.
Hackers have posted personal information on 1,200 Ebay customers to an Ebay forum, dedicated, ironically, to fraud prevention. The information was up for around an hour this morning before Ebay shut the forum down and displayed email details, CVV2 numbers, telephone numbers, home addresses and possibly credit card details to visitors.Ebay says the information was not acquired through a breach of its security and suggests it was likely obtained through phishing or account takeovers. The company also says that the credit card details displayed do not match those on either its own or PayPals servers.
The auction site is currently trying to contact the users whose details were posted and the Trust and Safety board on which the information was shown has since been reopened.
“Very early this morning, a malicious fraudster posted on the Trust & Safety forum on eBay.com posing as approximately 1,200 eBay users,” the company reports in its blog.
“The fraudster made these posts in a way that was intended to appear as though he logged in with their accounts. The posts contained name and contact information, which appears to be valid.”
“We’re in the process of reaching out by phone to these members so that if the information is valid somehow, regardless how this fraudster acquired the information, these members can take the steps they need to take to protect themselves.”
Source: PC Pro UK
Chronology of Data Breaches from 2005. http://www.privacyrights.org/ar/ChronDataBreaches.htm#CP
Online brokerage TD Ameritrade Holding Corp. announced today that a hacker broke into one of its databases and stole personally identifying information for some of its 6.3 million customers. An online advisory and letters to account holders disclosed that names, e-mail addresses, phone numbers and home addresses were taken in the data breach. Client assets, along with user IDs, personal identification numbers and passwords, were not stored in the compromised database.
However, the advisory noted that it’s unclear if account numbers, dates of birth and Social Security numbers were stolen. The company said there is no evidence that any customers were the victim of identity theft because of this security breach.
TD Ameritrade did not say when the hackers got into the database or how long they remained there.
“While the financial assets our clients hold with us were never touched, and there is no evidence that our cleints’ Social Security numbers were taken, we understand that this issue has increased unwanted spam, which is annoying and inconvenient for them,” said Joe Moglia, chief executive officer of TD Ameritrade, in a statement. “We sincerely apologize for that and any added concern this may have caused.”
TD Ameritrade tracked down the break-in while doing an internal investigation into stock-related spam. The company called in forensic investigators and they discovered “unauthorized code” in their system that provided access for the hacker or hackers. According to the advisory, the code has been eliminated from the system.
Moglia, speaking in an online video-taped message to customers, said he is “confidant” that they have figured out how the information was taken.
“This is an issue of the global e-commerce that will be with us the rest of our lives,” he said in the video message. “You have my promise that we will remain totally committed to protecting the trust you’ve placed in us.”
According to the Privacy Rights Clearinghouse’s list of data breaches, TD Ameritrade lost a backup tape in 2005 that contained 200,000 records. And in December of 2006, a missing laptop contained unencrypted information, including names, addresses, birthdates and Social Security numbers. That incident affected about 300 current and former employees.
Today, the company is telling customers that they don’t have to do anything with their accounts. They can change their passwords, but it’s not necessary, according to an advisory.