FRAUDULENT GRAND JURY SUMMONS CONTAINING MALWARE

04/17/08-The IC3 warns consumers of recently reported spam e-mail containing a fraudulent subpoena notifying recipients they are commanded to appear and testify before a Grand Jury. The e-mail attempts to appear authentic by containing a court case number, federal code, name and address of a California federal court, court room number, issuing officers’ names, and a court seal. Recipients are directed to click the link provided in the e-mail in order to download and print associated information for their records. If the recipient clicks the link, malicious code is downloaded onto their computer.

The e-mail also contains language threatening recipients with contempt of court charges if they fail to appear. Recipients are also told the subpoena will remain in effect until the court grants a release. As with most spam, the content contains multiple spelling errors.

If you receive this type of notification and are unsure of its authenticity, you should contact the issuing court for validation.

Be aware; if you receive an unsolicited e-mail, especially from an unknown sender, it is recommended you do not open it. If you do open the e-mail, do not click any embedded links, as they may contain a virus or malware.

If you have received an e-mail similar to this, please file a complaint at www.ic3.gov.

STORM WORM VIRUS

02/11/08-With the Valentine’s Day holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software (malware). The e-mail directs the recipient to click on a link to retrieve the electronic greeting card (e-card). Once the user clicks on the link, malware is downloaded to the Internet-connected device and causes it to become infected and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine’s Day has been identified as the next target.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

If you have received this, or a similar e-mail, please file a complaint at www.ic3.gov.

FBI IDENTIFIES RECURRING FRAUDULENT E-MAIL SCAM

02/01/08-The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.

Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).

The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.

It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided. If you have received a scam e-mail please notify the IC3 by filing a complaint at www.ic3.gov.

VISHING ATTACKS INCREASE

01/17/08-Are you one of many who have received an e-mail, text message, or telephone call, supposedly from your credit card/debit card company directing you to contact a telephone number to re-activate your card due to a security issue? The IC3 has received multiple reports of different variations of this scheme known as “vishing”. These attacks against US financial institutions and consumers continue to rise at an alarming rate.

Vishing operates like phishing by persuading consumers to divulge their Personally Identifiable Information (PII), claiming their account was suspended, deactivated, or terminated. Recipients are directed to contact their bank via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with “Welcome to the bank of ……” and then requested to enter their card number in order to resolve a pending security issue.

For authenticity, some fraudulent e-mails claim the bank would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain “malicious software aimed at capturing login credentials.”

Please beware-spam e-mails may actually contain malicious code (malware) which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.

A new version recently reported involves the sending of text messages to cell phones claiming the recipient’s on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided.

Due to rapidly evolving criminal methodologies, it is impossible to include every scenario. Therefore, be cognizant and protect your PII. Beware of e-mails, telephone calls, or text messages requesting your PII.

If you have a question concerning your account or credit/debit card, you should contact your bank using a telephone number obtained independently, such as from your statement, a telephone book, or other independent means.

If you have received this, or a similar hoax, please file a complaint at www.ic3.gov.

01/04/08-We have increasingly received reports of fraudulent schemes misrepresenting FBI agents, officials, and/or FBI Director Robert S. Mueller, III. The fraudulent e-mails give the appearance of legitimacy due to the usage of pictures of the FBI Director, seal, letterhead, and/or banners. The e-mails may also claim to come from our domestic or overseas offices.

The types of schemes utilizing the names of FBI agents, officials, or the Director’s name are typically lottery endorsements and inheritance notifications. However, other fraudulent schemes include threat and extortion e-mails, website monitoring containing malicious computer program attachments (malware), and online auction scams.

The social engineering technique of utilizing the FBI’s name is to intimidate and convince the recipient the e-mail is legitimate.

The FBI does not send out emails soliciting information from citizens.

Please be cautious of any unsolicited e-mail referencing the FBI, FBI Director Mueller, or any other FBI official endorsing any type of Internet activity.

If you have experienced this situation please notify the IC3 by filing a complaint at www.ic3.gov.

NEW TWIST CONCERNING THREAT AND EXTORTION E-MAILS

01/09/07-There is a new twist to the IC3 alert posted on December 7, 2006 regarding e-mails claiming that the sender has been paid to kill the recipient and will cancel the contract on the recipient’s life if that person pays a large sum of money. Now e-mails are surfacing that claim to be from the FBI in London. These e-mails note the following information:

• An individual was recently arrested for the murders of several United States and United Kingdom citizens in relation to this matter.
• The recipient’s information was found on the subject identifying the recipient as the next victim.
• The recipient is requested to contact the FBI in London to assist with the investigation.

It is not uncommon for an Internet fraud scheme to have the same overall intent but be transmitted containing variations in the e-mail content, e.g., different names, e-mail addresses, and/or agencies reportedly involved. See our related top story on the hitman scam.

Please note, providing any personal information in response to an unsolicited e-mail can compromise your identity and open you to identity theft.

If you have experienced this situation please notify the IC3 by filing a complaint at www.ic3.gov.

Due to the threat of violence inherent in these extortion e-mails, if you receive an e-mail that contains personally identifiable information that might differentiate your e-mail from the general e-mail spam campaign, we encourage you to contact the police.

E-MAILS CONTAINING THREATS AND EXTORTION

12/07/06-We have recently received information concerning spam e-mails threatening to assassinate the recipient unless the individual pays several thousand dollars to the sender of the e-mail.

The subject claims to have been following the victim for some time and was supposedly hired to kill the victim by a friend of the victim. The subject threatens to carry out the assassination if the victim goes to the police and requests the victim to respond quickly and provide their telephone number.

Warning! Providing any personal information can compromise your identify and open you to identity theft.

If you have experienced this situation, please notify your local, state, or federal law enforcement agency immediately. Also, please notify the IC3 by filing a complaint at www.ic3.gov.

With the Valentine’s Day holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software (malware).

The e-mail directs the recipient to click on a link to retrieve the electronic greeting card (e-card). Once the user clicks on the link, malware is downloaded to the Internet-connected device and causes it to become infected and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine’s Day has been identified as the next target.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

If you have received this, or a similar e-mail, please file a complaint at www.ic3.gov.

StopBadware.org Labels RealPlayer Software as Badware.

Two versions, two different badware behaviors

StopBadware.org, the consumer protection initiative developed to combat badware, today released an alert about RealNetworks Inc.’s RealPlayer software application.

The group found RealPlayer version 10.5 to be badware because of inadequate disclosure of advertising behavior, and RealPlayer version 11 to be badware because it bundles an additional application without disclosure.

RealPlayer 11 is the current version of the application, offered on http://www.real.com as an Internet video and multimedia player.

RealPlayer 10.5 is an older version which is still widely distributed through such sites as BBC Radio and through the Firefox web browser’s “missing plug-in” capability.

The report highlights two areas of concern:

1. The Software does not fully, accurately, clearly, and conspicuously disclose the principal and significant features and functionality of the application prior to installation.

The advertising software bundled with RealPlayer is misleadingly called a ‘message center’, and is described incompletely and inconspicuously in the EULA (End User License Agreement) as software designed to provide useful software updates.

When RealPlayer 10.5 is installed, the advertising features of this ‘message center’ are enabled by default for users who choose not to register their personal information with RealNetworks after the software is installed.

2. Software installs deceptively.

RealPlayer 11 does not disclose that it installs Rhapsody Player Engine, and does not remove this software when RealPlayer is uninstalled. Users are not informed by the installer or uninstaller of the connection between RealNetworks and Rhapsody Player Engine.

“Software producers have a responsibility to inform users, clearly and unambiguously, about what software will be installed on their computers and what it will do,” said Maxim Weinstein, manager of StopBadware.org at the Berkman Center for Internet & Society at Harvard Law School. “RealNetworks does not allow users to make an informed choice about how their computers will be used. We hope to see a new version of RealPlayer soon that addresses these concerns.”

A full copy of the report can be found here.

The FBI has recently released information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients. 

The e-mails inform you that someone has filed a complaint against you or your company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.

The e-mails are intended to appear as legitimate messages from the above departments, and they address you by name;  other personal information may be contained within the e-mail.

Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency, so you respond by clicking on a hyperlink, opening an attachment, or initiating a telephone call.

It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal your passwords.

The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

If you have received a scam e-mail please notify the IC3 by filing a complaint at www.ic3.gov. For more information on e-scams, please visit the FBI’s New E-Scams and Warnings Web page.

A new report from EdSource looks at how well Californian public schools are preparing today’s students for tomorrow’s workforce.

Math and Science Education for the California Workforce:
It Starts with K-12, looks at current projections for California workforce needs in several important science, technology, engineering, and mathematics fields and provides a comprehensive examination of how California’s standards-based reforms have affected student achievement in math and science.

It also reviews the performance of traditionally low-achieving student subgroups and of the highest-achieving students.

And finally, it looks at the extent to which California’s postsecondary system is producing graduates in these key fields.

Download the PDF here.

If you’re setting up a class blog and want to have multiple contributors – for instance students, room parents, and special visitors – WordPress has a feature that lets you invite other people to write, edit, or manage the site, without handing out your password to everyone.

By defining the role each contributor plays, you get to control the level of access they are given when they sign in to the site.  There are four roles you can choose from:

Administrator on WordPress.com

Administrators of your site can access everything.  If you are uncomfortable about setting up the site on your own, consider asking a parent to serve as your co-administrator until you feel more confident (it won’t take long, I promise).

Editor on WordPress.com

Editors can manage and publish content that other people have contributed, but can not change any of the site settings.  If you have no desire to ever administer the site, you should consider taking the role of editor, and finding someone to act as the site’s permanent administrator.  (Although I am going to say you are a big baby because it’s really, really easy, and lots of fun

Author on WordPress.com

Authors can access and publish their own content only. This would be a good role to assign to room parents, or anyone that wants to communicate to the students and their families like special visitors.  Let’s say a member of the police comes in to talk to the students about road safety; you can offer them the opportunity to write a post about their visit so the class gets a permanent record of it, and parents can get a real glimpse into the classroom.

Contributor on WordPress.com

Contributors can edit their posts but they cannot put them online, and this is the best role to assign to students if you want them to add their work to the class site.  By assigning this role to students, you get to review their work before you deem it fit for human consumption.  If it’s not quite ready, return it to draft status so the student can continue working on it, otherwise hit the publish box, pat the little person on the back, and let them show their friends how clever they are; they now have published work.

Note:

Reviewing is a recent addition to WordPress.com (July, 2007), so if you have been using WordPress for a while, check out Ryan Boren’s post on how to submit for review.  It has screenshots to show you what the student and the editor will see.

For a more technical overview from Mark Jaquith read:

New WordPress feature: Pending review

For more information on various roles look at:

Assigning different contributors to WordPress blogs – From WordPress FAQs
If you want more information, or would like to add something to this post, please let me know by commenting (below).