Computer Tips -Tech Info

Tag: legit

  • WaveEgreetings.com Scam? or Legit?

    This afternoon I received an email that said the following…

    Welcome to Midwave Products LLC!

    Congratulations Avery,

    This e-mail is to confirm your recent/successful WaveEGreetings.com
    order! Log in online and get instant access to hundreds of E-Greeting
    Cards!

    Billing Telephone Number: **********

    As part of your service with the WaveEGreetings.com program, you will
    receive:
    Unlimited access to ecards for every occasion!
    Send greetings to your friends and family.
    Create unique and personalized greetings.

    Your WaveEGreetings.com account can be accessed by going to
    www.waveEgreetings.com/login.asp and entering in your username and
    password below;
    username: ****************
    password: *************

    For your convenience you will be billed a monthly fee of $14.95 on your
    local phone bill for the phone number you provided which is **********.
    Although, there is no affiliation with your local phone company, these
    charges will appear on your local telephone bill on the Transaction
    Clearing bill page as being billed on behalf of Midwave Products, LLC.
    There is no long term contract and the service can be cancelled at any
    time.

    If you have questions or concerns and need to contact customer service
    just simply reply to this e-mail and we will be happy to assist you.

    You can cancel the service by calling 866-982-3699or by emailing us at
    support@waveEgreetings.com and include your home telephone number or
    simply reply to this email stating “cancel”. Or write us at PO Box 17598
    Suite# 77145, Baltimore, Maryland 21297-1598.

    Thank you and Congratulations on joining WaveEGreetings.com

    Sincerely,
    WaveEGreetings.com Customer Support
    —————————————-

    AT&T ENDUSERS:You have the right to dispute the Midwave Products LLC
    charges billed on your local telephone bill. You are not legally
    responsible for Midwave Products LLC charges incurred by minors or
    vulnerable adults without your consent. Your local telephone service
    will not be disconnected because you fail to pay a charge by Midwave
    Products LLC except that nonpayment of certain regulated
    telecommunication charges may result in disconnection of service in
    Alabama, Florida, Georgia, Kentucky, Louisiana, South Carolina and
    Tennessee. Enhanced Telecommunications Service Providers may employ
    other agencies to collect delinquent charge, even if your local phone
    company has previously adjusted them from your telephone bill.

    My first thought was that this was a phishing email and I checked out the links in the message and the site of waveEgreetings.com because….

    (more…)

  • Comment Spam

    Deleting TONS of comment spam that had slipped in unnoticed in the last couple months. I may have to generically disable pingbacks as well as comments. (Sad…) I hope I haven’t dumped legit comments in the purge, but…. really life is to short to spend too much time filtering it manually.

  • Link spam surge….

    Spam spam spam spam…. the last couple days have been busy for the akismet spam plugin for my sites. They’ve been catching a lot of spam comments it appears. Many of them (the comments) seem to be filled with links to forum posts. I’ve noticed several have been shut down at this point. It’s not clear to me if the spammers are exploiting true vulnerabilities in the forum software, or simply finding forums that allow anyone to sign up and post. Either way, they’re leeching other peoples bandwidth to try to hussle (hustle?) their stuff. Along those lines, I wonder if there is a good listing/directory of legit sources of prescription drugs online? The topic is so awash in spammy/spamvertised/offshore based sites it’s hard to know easily who to trust/who not to.

  • AVG antivirus false positive

    Incidents.org has some reports of false positives reported by Grisoft’s AVG antivirus running on Windows XP (SP1)…. The false positive was with a file named C:\i386\REG.EXE which is a legit file from the Windows XP SP1 install. No other news or details on this as of yet.

  • Another Microsoft Office Vulnerability

    Hot on the heels of the Microsoft Word patch there’s a new threat to Microsoft Office. This vulnerability is with Excel documents. According to the MS security response center blog, they’ve received one report of a system being attacked by a previously unknown vulnerability in Excel. The moral of the story is to be suspicious of any attachments, be they programs, or claim to be images, word documents, excel documents, fluffy bunnies or what…. If you weren’t expecting an attachment in email wait and find out if it’s legit through other channels.

    (more…)

  • Bad malware storms brewing

    ADTMAG.com has an interesting article talking of the convergance of spyware and more sophisticated phishing attacks. They talk about the convergance of viruses and spam engines that happened in 2003 as a real shift in the dynamic of WHERE junk mail was coming from. Today botnets account for about 90% of the spam online, and of course, the botnets are the zombie armies that can be (and are being) utilized to bully web pages off the net, or extort large amounts of $$ due to denial of service attacks.

    (more…)

  • Microsoft Genuine Advantage phones home daily

    Microsoft says they need to do a better job about disclosing this, but the Genuine Advantage tool contacts Microsoft daily. It doesn’t do this to track your browsing or downloading habits, but to check and see if it’s ok that it’s still running. According to this article, they have some concern that it might not work properly and wanted to be able to tell it to shut down if there were widescale problems with the proof of legitimate windows copy. I did glean a few more details from the article that correct an assumption that I made a week ago.

    (more…)

  • Fake Google sites….

    You know you would think that www.google.most anything would be legit, but.. sunbelt has been given a heads up, that a site posing as Google Belarus (www.google.by) is not actually a google site. It has ads on the main page. Google is looking into legal options it sounds like.

  • Removing items from MSCONFIG after WMF exploit

    OK, so, I’m busy killing off running processes and fire up MSConfig to try to keep them from coming back on the next boot. To launch msconfig go to start, run… type in msconfig and click ok. The startup tab is where we’re looking for programs running at startup (makes sense…) This is a bit easier and more straightforward than visiting the run entry in the registry. It does combine a few locations into one place.

    (more…)

  • Task Manager Suspicious Processes after WMF exploit

    After getting into Task Manager I saw a number of suspicious processes. There were a lot of things running as my user that I didn’t recognize. kernels64.exe, vxgame6.exe, vxgame4.exe, mm4.exe, vxh8jkdq2.exe, netsh.exe, cmd.exe, winstall.exe, vxgamet4.exe, vxgame2.exe covers most of the list of suspect entries. netsh and cmd are both legit programs, but were likely being used as remote shells. In other words they were legit, but not something that I expected to be running. (I didn’t have a cmd shell open..)

    (more…)