I thought spams that began that way had died out years ago and yet there it was on my screen. "Hello, Dear" from someone I don't know. It wasn't from the daughter of a Nigerian king or a banker who wanted me to help him get some money out of the country. In fact, I don't know what the scammer's line would have been. The message simply said that the sender had something important to tell me and I should contact her.
In less time that it has just taken me to tell you about it, I had deleted the message. Some people probably didn't, though, and I have to wonder why people fall for schemes that are hatched by people the cops used to call "bunko artists". Even the best anti-malware can't protect you these kinds of scams.
And where did that term come from? Wikipedia says "A confidence trick is also known as a con game, a con, a scam, a grift, a hustle, a bunko (or bunco), a swindle, a flimflam, a gaffle or, a bamboozle. The intended victims are known as marks, suckers, or gulls (i.e. gullible). When accomplices are employed, they are known as shills."
But why are there so many of them? Are those of us who haven't taken the bait just lucky or are we smarter (or more suspicious or more cynical) than others. As I wrote to a TechByter Worldwide listener this week, "Hey! There's nothing wrong with that. If more people asked more questions, we'd probably all be better off."
Most of the on-line scams are better designed than they were in the old days. And we really don't know how many cons exist. The best ones are never discovered and some people are simply too embarrassed to admit that they were gulls for somebody's hustle.
Cons aren't new. They're mentioned in the Bible. Bernie Madoff is in prison for turning members of the one percent into marks. Some would say that a certain New York businessman who hopes to be president is running a con game. You're at risk when you drop your guard and stop asking questions.
It turns out that the Internet is the perfect place for fraudsters to play their games. We're on-line and we're able to communicate with people around the world. We're sophisticated. We're smart. Or so we think.
I've been reading a book in which one of the characters is a southern sheriff. He's set up to have about half the IQ of the average baboon, but it turns out that he plays the stereotypical stupidity to his advantage and he's actually far ahead of the people who consider him to be an imbecile.
And so it is with fraudsters. Unlike 15 or 20 years ago, they're not stupid. Fraud is big business and the players know how to get the best return on investment. We expose a lot of information about ourselves on services such as LinkedIn and Facebook. A fraudster can appear to know you.
The stereotypical victim is an older person. Younger people are often victims, but the swindlers know that they'll have better success if they go after people who have a lot of money. As Bernie Madoff illustrated, the super-rich are vulnerable. And while the smartest scammers go for the rich, but there are a lot of scammers who aren't "the smartest". They'll go after anyone they can find. In other words, we're all potential victims.
Anyone can probably be conned. Dating back to antiquity, humans learned that we had to cooperate with each other to survive. We want to believe. When someone tells us that they can double our money without any risk in 60 days, we want to believe them no matter how illogical the offer seems. Con artists excel when it comes to presenting situations that are almost believable. And just like sales people are the most likely to fall for a good sales pitch, con artists fall for lines spun by better con artists. Yes, there's a certain irony there.
I've been reading a series of books about a Los Angeles police detective who carefully looks for "tells" when he's questioning someone. Pamela Meyer's book, Liespotting, describes actions we can take to spot less-than-truthful claims. Trust is good even though all of us lie every day to everyone. Most of the lies are white lies ("No that dress doesn't make you look fat," or "Bob, I'm really glad to see you!") and these small untruths sometimes make it possible for us to get things done without needless friction.
The most productive schemes for fraudsters aren't the Nigerian prince variety. If you want to make money on-line as a fraudster, you should concentrate on Ponzi schemes and insider trading. These are the things that fool large numbers of people. "Buy XYZ stock today because it's going to go through the roof tomorrow and you'll triple your investment in 24 hours!" Reminder: If it seems too good to be true, it probably is too good to be true.
Fraudsters understand that people want to believe in each other. The story that they will pitch to you will be designed to catch you off guard. And they know that they'll be safe because many victims won't report the crime. Why? The smart person will have to admit being conned. How many Germans admitted being in favor of Adolph Hitler and how many Italians said they backed Il Duce when World War II ended? We don't want to admit that we were duped.
Con artists love technology. So do pornographers.
Consider pornography. Whenever technology has advanced, pornographers have been there. In just the recent era, pornographers have taken advantage of VHS and Beta, CDs and DVDs, streaming video, 3D video, and soon virtual reality. Scammers were there with useless "medicines" in the Wild West, scams that arrived in your mailbox, telephone and fax, the Internet, and ...... You name it and the fraudsters will be there to exploit it.
Being skeptical isn't a bad thing.
After languishing for several years, Windows Defender is more robust. There's no shortage of third-party security applications and I use one of them, but it really makes sense for protective functions to be part of the operating system.
Enterprise customers (which is to say "corporate users") of Windows now have access to Windows Defender Advanced Threat Protection. It's intended to assist system administrators in detecting, identifying, and eliminating attacks on their networks. As is true with other third-party protective applications, Windows Defender Advanced Threat Protection needs to report information back to developers so that they can see what real-world threats companies are facing.
Of course it's OK if Kaspersky or McAfee or Avast collects information from its users, but because Microsoft is doing it, some of pundits say that Microsoft is violating users' privacy.
Advanced threats are some of the most dangerous types of attacks. Every network can be attacked and many networks can be breached. Network administrators try to anticipate threats and protect against them, but criminal groups also try to anticipate advances in protective measures and find ways to defeat them. Maybe you're old enough to remember the Spy vs Spy feature came to Mad Magazine in 1961.
Once attacks were shotgunned into cyberspace, but now they're frequently targeted efforts developed by organized crime. The developers who create them are intelligent and know how to write effective malware. In other words, they're no longer script kiddies working with code they don't even understand.
The Windows Defender Advanced Threat Protection has 3 specific objectives: Detect, respond, and complement. Microsoft collects threat information from systems that are running Windows 10 in corporate environments around the globe and this allows it to detect threats early. When developers see a new threat, they can create countermeasures and push the patches out to all enterprise systems. Windows Defender Advanced Threat Protection is intended to work with Office 365 Advanced Threat Protection and Microsoft Advanced Threat Analytics.
Yes, enterprise users will need to provide information about their systems to Microsoft and some pundits see a danger there. What information is reported back to Microsoft? Data that shows the state of the enterprise's network functions. No proprietary information will be returned to Microsoft.
At some point, network administrators need to determine whether they trust the company that created the operating system its computers use and, if they don't, then it's time to find another provider.
Malwarebytes reports that ransomware is showing up on Macs and says that Apple has added detection for "KeRanger" to the XProtect anti-malware definitions in OS X. Palo Alto Networks discovered the threat and made the initial report.
Apparently a BitTorrent client had ransomware added in a file named General.rtf. The extension implies that it's a rich-text document, but it is actually an executable file that is placed in the OS X system directory. That file creates additional files and then sits quietly for 3 days.
After its quiet period, the malware begins encrypting all files in the /Users folder and any files that it finds that appear to contain data in the /Volumes folder (in other words, files that are on connected external hard drives and servers). A new file called README_FOR_DECRYPT.txt is then added to each directory where files have been encrypted.
The malware can also encrypt external drives and network volumes, so users' backup files could also be rendered unusable. Currently, the malware doesn't restart following a system boot, but you should expect that in an upcoming version.
In addition to adding detection for malware, Apple has revoked the developer certificate used to sign the malicious copy of the BitTorrent client, Transmission. New infections can't happen until the malware developer creates a new version.
Malwarebytes recommends that Mac users should restart their computers immediately and, if they have downloaded the Transmission app recently, it should be deleted. Malwarebytes Anti-Malware for Mac can remove the threat, but any files that have been encrypted before the malware has been remove will be lost unless they have been backed up and the backups are still intact.
The Federal Communications Commission is promoting a plan that would make broadband service more accessible for low-income families. Nearly all households with annual incomes of $150 thousand or more have broadband access. Less than half of those with incomes under $25 thousand have access.
FCC Commissioner Tom Wheeler says the proposal will come up for a vote at the end of the month and he expects it to be approved.
The broadband subsidy would be rolled in to the FCC's existing Lifeline plan that has existed for a long time. That plan provides $2 billion in annual subsidies so that low-income families can afford wired or wireless phones. The plan was substantially modified in 2015 to address fraud and misuse issues.
The new plan would give low-income families $9.25 per month that could be spent on high-speed Internet access. (If anyone can find high-speed Internet access for $9.25 per month -- or even double that, please let me know.)
Wheeler says that "digital equity" is needed to address some of the nation's challenges such as income inequality, job creation, economic growth, and competitiveness.