Visa Card Violated Phishing Scam

Outline
Email purporting to be an alert from Visa Europe claims that the recipient's Visa card has been violated and that he or she should follow a link to validate card details.

Brief Analysis
The email is not from Visa and the claim that the recipient's card has been violated is untrue. The message is a phishing scam. People who fall for the ruse and click the link will be taken to a bogus website that asks them to provide their Visa card details and other personal information. Scammers can then collect this information and use it for credit card fraud and identity theft.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 19th April 2011
First published: 19th April 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example From: Visa Europe Alert
Subject: New Alert: Visa Card Violated

Dear Customer.

Additional security on our website bring unity and combined strength to our commitment to provide exceptional card in the United Kingdom,

it's strongly required that you should Validate your Visa Card Details. click the Validate link below

Validate card details now

This email was sent automatically please do not respond

Detailed Analysis

Screenshot of scam email According to this email, which claims to be from the European branch of credit card provider Visa, the recipient's Visa card has been violated. The message advises that it is "strongly required" that the user follow a link to validate his or her card details.

However, the email is not from Visa and the claim that the recipient's Visa card has been "violated" is untrue. In fact, the message is a typical phishing scam designed to steal financial and personal information from Visa users.

Those who fall for the trick and click the link in the scam email are taken to a bogus website designed to resemble a genuine Visa webpage. In an effort to create the illusion that the fake page is legitimate, the scammers have incorporated genuine-looking Visa logos, trademarks and formatting.

Once on the fake website, the victim is asked to input his or her Visa card number, password and other sensitive personal information, ostensibly as a means of verifying the account and rectifying the supposed card violation. All information provided on the fake website can then be collected by the criminals operating the scam and used to make fraudulent credit card transactions and identity theft.

Criminals have regularly targeted Visa card users in similar phishing scams over the last few years. Neither Visa nor any of its participating financial intuitions will ever send customers an unsolicited email that asks them to follow a link or open an attached file and provide account details. Any message that makes such a request should be treated with suspicion.

Similar scams target users of many other financial institutions as well as Visa. If you receive an unsolicited email purporting to be from a company, service, or financial institution that claims that you must update your personal or financial details, do not follow any links in the message. Do not open any attachments that come with the email. It is unlikely that any legitimate entity will ask for your personal and financial information via an unsolicited email. If in doubt about a message you have received, always check with the institution directly rather than following a link or opening an attachment.

 

 

Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware

Outline
Circulating warnings claim that a 4-in-1 Hard Drive device sold at Australian ALDI stores contains malware.

Brief Analysis
The claims in the warnings are true. AusCERT and other reliable sources have confirmed that an old version of the Conficker malware is installed on the ALDI External 4-in-1 Hard Drive devices. ALDI has reportedly now withdrawn the devices.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 2nd August 2011
First published: 2nd August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example Subject: Aldi Computer device warning

PRODUCT WARNING

ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device $99

Reads and writes both CD and DVD Pre-installed 320GB hard drive
Built-in USB hub and card reader Perfect for notebooks Plug and play

This device contains malware. One of ALDI?s special buys from Thursday 28 July.

Device can steal data from computer systems and enable remote access to the attached computer system.

Ensure your computer?s anti-virus software is up to date.

Detailed Analysis
Warnings that are currently circulating via email and social media claim that a Hard Drive device sold by Aldi stores in Australia contains malware. One such circulating warning takes the form of a Queensland Police Intelligence Bulletin originally intended for internal police use only. According to the warnings, the "ALDI External 4-in-1 Hard Drive, DVD, USB and Card Reader Device" comes with malware already installed that can steal information from attached computers and allow third parties remote access.

The claims in the warnings are true. On July 28, 2011, The Australian Government Stay Smart Online Alert service published an alert about the issue which notes:

Aldi stores are currently selling an External 4-in-1 Hard Drive, DVD, USB and Card Reader which may contain malware. If infected, your personal and/or business information may be accessed for fraudulent or illegal purposes (eg, identity theft).

The Australian Computer Emergency Response Team (AusCERT) has also published an alert about the devices. According to AusCERT, the devices contain an old variant of the notorious Conficker malware which was first launched back in 2008. Given its age, most up-to-date antivirus scanners should be able to detect and deal with this threat.

If you have bought and used one of these devices, you may wish to format the hard drive on the device and conduct a full virus scan of your system. Alternatively, return the device to ALDI. ALDI has now issued a voluntary public recall of the devices, although, at the time of writing, the devices were still being promoted via the company's website.

The malware was probably installed unintentionally on the hard drives via infected computers in the factory where the devices were produced.

 

 

Unsubstantiated Rumours Claim Michelle Obama is Pregnant

Outline
Circulating rumours claim that US First Lady Michelle Obama is pregnant with the couple's third child.

Brief Analysis
The rumours are currently unsubstantiated. Despite claims in some pseudo news outlets, there has been no official announcement confirming the pregnancy.

 

Example Subject: Michelle Obama is pregnant

WASHINGTON - The White House announced today that Michelle Obama is pregnant with the couple?s third child.

?Michelle Obama is pregnant,? White House sources said. Outgoing White House Press Secretary, Robert Gibbs, told reporters today that he would not confirm or deny the rumor. But WWN has confirmed that Michelle Obama is about two months into her pregnancy and the President and First Lady expect to have the baby sometime in late July, 2011.

There was a great deal of mystery about the whereabouts of the President and First Lady on Election Night this year. There were many rumors about where they might be - but now we know. The happy couple was spending quality time together, making a new baby.

The last time a baby was born in the White House was Patrick Bouvier Kennedy. He was born on August 7, 1963 and only lived two days. Patrick was the youngest child of President John F. Kennedy and First Lady Jacqueline Bouvier Kennedy and brother to Caroline Kennedy and John F. Kennedy Jr.

Read full article

Detailed Analysis
According to rumours that are currently rocketing around Twitter and Facebook along with other blogs, forums and social networks, US First Lady Michelle Obama is pregnant with the couple's third child. Details of the rumours vary, but some claim that the baby will be born in July 2011. Some versions also claim that the pregnancy has been announced by the White House.

However, at the time of writing, these rumours remain unsubstantiated and may well be without substance. Despite claims in some versions of the rumour, there certainly has not been any announcement confirming the pregnancy from the White House or any other official entity. Although such rumours have circulated since as far back as 2009, they seemed to have gained new life after a "news" story about the supposed pregnancy was published on the Weekly World News website on January 25, 2011. Weekly World News is notorious for publishing absurd, outlandish and totally inaccurate information that it attempts to palm off as genuine news stories. Many of the "news" items on the site are simply made up and have no basis in fact whatsoever. Weekly World News is the online version of a notorious tabloid newspaper of the same name long renowned for publishing utterly fanciful stories disguised as news articles.

For example, another "news" item currently featured on the Weekly World News site makes the utterly absurd claim that McDonald's is planning to build a store on the Moon which will open by 2015. And, in January, 2011, Weekly World News published a completely false story that claimed that Facebook was shutting down in March. Soon after the story was published, it escaped its original context, spawned several mutated versions, and began circulating via Facebook, Twitter and email. It continues to circulate still, causing angst and consternation among many die hard Facebookers who think they are about to lose their beloved network.

Many visitors to the site will quickly realize that the stories it features are factually dubious at best and are not intended to be taken seriously. However, when such stories begin circulating outside their original context, it seems that many more recipients are apt to take them seriously.

Of course, the Weekly World News site's record for publishing false information does not necessarily mean that Michelle Obama is NOT pregnant. But, at least until such time as President Obama and the White House make an official announcement confirming the First Lady's pregnancy, any such claims are simply speculation.

It should be noted that the widespread 2009 pregnancy rumours turned out to be unfounded. Only time - or an official and credible announcement - will tell if the current crop of rumours has any more substance.

 

Unfounded Facebook Rumour- Bob Howard Pedophile Warning

Outline
Circulating Facebook message warns that a 48 year old pedophile named Bob Howard is posing as a 14 year old on Facebook in order to make contact with children.

Brief Analysis
This bogus warning is without merit and should not be reposted. It is one more variant in a series of unsubstantiated and damaging rumours that claim that pedophiles are attempting to contact children via Facebook. While this variant names a person called Bob Howard, other versions have used the names of other men. An earlier, virtually identical, version used the name Harry Graham rather than Bob Howard. There is no credible evidence to back up the claims in these messages. Spreading scurrilous and unfounded rumours such as this can unfairly damage the reputation of innocent people.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 28th April 2011
First published: 28th April 2011
Article written by Tasawer Abbas
Example PARENT ALERT AND ALL YOU KIDS THAT ARE MY FRIENDS..... There is someone called Bob Howard friend requesting kids on facebook at the moment, posing as a 14yr old, when actually he is a 48 yr. old pedophile. He is known to the police. Please be aware and tell everyone you know. We must keep our kids safe....please, please copy and repost

Detailed Analysis
This "warning", which is circulating very rapidly around Facebook and other social networks, claims that a 48 year old pedophile named Bob Howard is pretending to be a 14 year old with the goal of befriending innocent children. According to the message, the man is "known to police". The message asks recipients to repost the information to other users as a means of helping to keep children safe.

However, this warning is yet another totally unsubstantiated pedophile rumour. There are no credible police or media reports that support the claims in the message. In fact, this message is just a revamped version of an earlier - equally unfounded - "warning" that claimed that the 48 year old pedophile was a man named Harry Graham. Note the virtually identical wording of the two warnings:

There is someone called harry graham friend requesting kids on facebook at the moment, posing as a 14yr old when actually he is a 48yr old peadophile. He is known 2 the police. Please be aware and tell everyone u know. We must keep our kids safe - please copy and paste.

Clearly, some malicious prankster has simply substituted the name "Bob Howard" for the name "Harry Graham" before relaunching the "warning" on Facebook. Moreover, several other false pedophile warnings have circulated during the last year. In September 2010, a similar warning began circulating that accused a man named Thierry Mairot of attempting to contact children on Facebook to talk about sex. A later variant of the "warning" changed the name of the accused to Thomas Cowling.

And, "Bob Howard" is actually a very common name. There are a large number of people with that name who have profiles on Facebook. In fact, a great many people in the world share that name. The warning message makes no effort whatsoever to identify which particular "Bob Howard" it is accusing. Thus, many people that share the name may be unfairly tarnished by this baseless rumour, especially if they happen to be Facebook users. Unfortunately, Facebook is becoming a perfect vehicle for destructive scuttlebutt such as this.

The Internet makes it very easy for faceless cowards to make unfounded accusations against others, while remaining anonymous. They may never be required to justify their accusations in any way. If malicious individuals want to discredit, embarrass or annoy someone, or indeed destroy his or her reputation, all they may have to do is create a damaging rumour and post it on Facebook or other social networks.

And even a hint of pedophilia or perversion is often enough to raise great ire and concern among parents and others who care for children. Thus, such accusations, even if totally unfounded, can be a very powerful weapon when wielded by unscrupulous individuals or groups intent on character assassination. Once started, rumours like this can take on a life of their own. Even if the original accuser belatedly learns that his or accusations were wrong, it may well be impossible to stop the further spread of the rumour as it continues its destructive journey.

Of course, it is vitally important to keep our children safe online. However, passing on baseless rumours will do nothing whatsoever to help protect children. Destroying someone's reputation by passing on nonsensical warnings is certainly not going to help keep our kids safe online. A much more productive method is simply to very closely monitor the activities of children when they are online. Better still, don't let young children use adult social networks like Facebook at all.

 

Editor's Note:
Given that this article discusses a slightly altered version of other, virtually identical, bogus pedophile warnings discussed on Hoax-Slayer, parts of the article's content have been adapted from earlier articles.

'Uniform Traffic Ticket' Malware Email

Outline
Email claiming to be a notification of a traffic ticket for speeding from the New York State Police urges the recipient to print out the ticket contained in an attached file and post it to the Town Court.

Brief Analysis
The message is not from police and the attachment does not contain a speeding ticket. The attachment contains malware.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 6th July 2011
First published: 6th July 2011
Article written by Tasawer Abbas

Example From: Police agency Subject: UNIFORM TRAFFIC TICKET New York State ? Department of Motor Vehicles
UNIFORM TRAFFIC TICKETNEW YORK STATE POLICE

Local Police Code

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS

Time: 7:25 AM
Date of Offense: 07/02/2011

IN VIOLATION OF
NYS V AND T LAW Description of Violation:
SPEED OVER 55 ZONE
TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117

Email incudes an attached file named "Ticket.zip"

Detailed Analysis
This email, which purports to be from the New York State Police, claims that the recipient has been charged with speeding in violation of New York State law. The message advises recipients wishing to plead the case to print out a traffic ticket contained in an attached file and mail it to the Town Court at Chatam Hall.

However, the message is certainly not from New York State Police and the attachment does not contain a speeding ticket. In fact, the attachment contains a trojan that, if opened, can install itself on the user?s computer. Typically, such trojans are able to contact a remote server and download further malware that can steal information from the infected computer and allow criminals to control it from afar.

In this case, the criminals responsible for the malware emails obviously hope that their message will panic people into opening the attachment without due care and attention. A great many of the people who receive one of these widely distributed emails will not have even been in New York on the date specified. Thus, at least some, fearing a major error by the police, are likely to immediately open the attachment with the intention of sending off the supposed ticket and pleading their innocence. Such simple - but often quite effective - social engineering tricks have proved very useful for scammers over many years.

Police departments are very unlikely to send people traffic violations via unsolicited emails. This tactic is similar to another current malware campaign in which recipients are instructed to open an attached file in an email purporting to be from the IRS.

Be very cautious of any unsolicited email that claims to be from police or a government department and instructs you to open an attached file or follow a link. Such tactics are commonly used by criminals intent on distributing malware or tricking recipients into divulging personal and financial information via phishing scams.

 

Trees Cocooned in Spider Webs After Pakistan Floods

Debunking email hoaxes and exposing Internet scams since 2003!

                   

Site Navigation

Outline
Circulating message claims that a series of attached photographs show trees cocooned in spider webs after millions of spiders climbed up into trees to take refuge from floods in Pakistan.

Brief Analysis
The photographs are genuine. A number of publications including National Geographic have reported that the widespread and prolonged flooding in Pakistan during 2010 drove millions of spiders into trees to spin their webs. While the spider theory remains the most credible, it should be noted that some commentators have suggested that the webs were made by moth larvae rather than spiders.

Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 11th May 2011
First published: 11th May 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example Subject: Trees Cocooned in Spiders Webs

This is interesting ? the first image doesn?t even look real! It looks like something out of an illustrated book...

An unexpected side-effect of the flooding in parts of Pakistan has been that millions of spiders climbed up into the trees to escape the rising flood waters. Because of the scale of the flooding and the fact that the water has taken so long to recede, many trees have become cocooned in spiders? webs.

People in this part of Sindh have never seen this phenomenon before, but they also report that there are now less mosquito?s than they would expect, given the amount of stagnant, standing water that is around. It is thought that the mosquito?s are getting caught in the spiders? webs thus reducing the risk of malaria, which would be one blessing for the people of Sindh, facing so many other hardships after the floods.

Photo credit: Russell Watkins, U.K. Department for International Development. More images

Detailed Analysis
These eerily beautiful photographs circulate via email, blogs and social media. The description that comes with the images claims that they depict webs woven by millions of spiders that escaped to the safety of trees in response to widespread and prolonged flooding in Pakistan during 2010.

The photographs are genuine. A March 2011 report on the National Geographic website notes:

Trees shrouded in ghostly cocoons line the edges of a submerged farm field in the Pakistani village of Sindh, where 2010's massive floods drove millions of spiders into the trees to spin their webs.

Beginning last July, unprecedented monsoons dropped nearly ten years' worth of rainfall on Pakistan in one week, swelling the country's rivers. The water was slow to recede, creating vast pools of stagnant water across the countryside.

And a March 2011 article published on Wired Science also reports on the phenomenon:

The unprecedented flooding in Pakistan in the latter half of 2010 disrupted the lives of 20 million people, but it also affected the country's arachnid population.

With more than a fifth of the country submerged, millions of spiders climbed into trees to escape the rising floodwater. As the water has taken so long to recede, the trees quickly became covered in a cocoon of spiderwebs. The result is an eerie, alien panorama, with any vegetation covered in a thick mass of webbing.

However, some commentators have suggested that the webs may have been created by moth larvae rather than spiders. Certainly, the webbing created by moth pupae such as that of the Ermine moth is reminiscent of the web covered trees shown in the above photographs. Nevertheless, it remains more likely that the Pakistan tree webs were indeed created by spiders as originally reported. Spider expert Joe Lapp reports on a similar phenomenon that occurred in Texas in 2007. In a comment on the Wired Science story about the Pakistan tree webs, Lapp suggests that the spider primarily responsible for the webs was likely to be a a Long-jawed orbweaver of the genus Tetragnatha. Lapp also suggests that the cause and effect in the reports made be wrong, noting:

We aren't seeing these webs because the spiders are escaping the flood. We are seeing these webs because the floods are producing huge numbers of flies (presumably midges and mosquitoes). The spiders that lived in these trees did tremendously well as a result.

Reports also indicate that the unprecedented spider activity may be helping to control the mosquito population in Pakistan after the flood. The Wired Science article notes:

However, the unusual phenomenon may be a blessing in disguise. Britain?s department for international development reports that areas where the spiders have scaled the trees have seen far fewer malaria-spreading mosquitos than might be expected, given the prevalence of stagnant, standing water.

References
Pictures: Trees Cocooned in Spider Webs After Flood
Millions of Spiders in Pakistan Encase Entire Trees in Webs
Dr Who-like scenes on housing estate as moths create ghostly mass of webs
Journaling the Giant Webs of 2007
The ghost trees of Pakistan: Spider webs cocoon branches in creepy after-effect of floods

comments powered by Last updated: 11th May 2011
First published: 11th May 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

View the original article here

Video Showing Man Taken by Killer Whale

Outline
A viral video appears to show a man taken by a killer whale as he walks along a beach.

Brief Analysis
The video is not real footage and the man was not eaten by the killer whale. In fact, the video is a TV ad for La Sirena, a retail chain located in the Dominican Republic.

 Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 19th May 2011
First published: 19th May 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example Subject: ....... for a killer whale, Just a walk on the beach.

Be careful when walking the beach...

Detailed Analysis
This "viral" video which circulates via Youtube, social networks and email, appears at first glance to show a man standing on a beach near the water's edge suddenly taken and eaten by a killer whale.

However, fear not, the video is not real footage of a killer whale attack on a human and the man was not actually eaten. In fact, the video is a TV advertisement for La Sirena, a chain of retail stores located in the Dominican Republic. The ad copy at the end of the video reads "No todos los lapices dan suerte solo el lapiz la suerte de La Sirena" which, translated to English means "Not all pencils give you luck, just the pencil "La Suerte" from la Sirena".

The strange talk of pencils may seem a little baffling. However, it apparently makes reference to La Sirena's previously aired "Lucky Pencil" promotion. The Lucky Pencil was a character created by the company as a Back To School promotional campaign. The promotion claimed that you can "learn the whole world" with "The Pencil of Luck" and gave people the chance of winning prizes such as laptops or trips away.

Thus, the Killer Whale ad is apparently just a part of this "Lucky Pencil" promotional campaign.