Is This A Scam - Part I

This was originally published on February 22, 2018. I have since updated the police log to reflect the scams since February 15, 2018 through July 29, 2018

Corvallis Police Department Reports (Oregon)

July 26
THEFT: 7:37 p.m., [address omitted]
A man told police he was contacted by someone purporting to be a Chinese official and who informed him he needed to transfer $10,000 into an account at the Bank of China to ensure it was "clean" because it could have been involved in an "economic crime." The man transferred the money and then realized he may have been scammed. Police told the man to cancel the wire transfer and to report the incident to authorities in China.

July 17
SCAM: 11:08 a.m.,[address omitted]
A woman told police she listed two Country Music Festival tickets on Craigslist for $400 and received an offer out of California for $1,300 if she’d send $960 via Western Union to someone in New York. The woman said she did this and was later informed by her bank that the check she deposited was fraudulent.

WEDNESDAY, JULY 11
SCAM: 1:58 p.m., [address omitted]
A woman told deputies she met a man on Facebook a few months ago and the man told her he was in a hospital in South Carolina and needed money for surgery. The woman said she gave the man $1,000 in Amazon gift cards and the man asked for $2,000 more. The woman wanted to verify she was scammed and deputies told her she was. They discussed ways to prevent the incident from occurring again.

TUESDAY, JULY 10
SCAM: 10:03 a.m., [address omitted]
A woman told troopers she received an email that contained a check for $928. The woman was instructed to cash the check and buy something for the suspect and keep the change. The woman deposited the check and spent the money but did not send any money to the suspect. The bank then informed the woman the check was fraudulent and requested the money back.

July 6
SCAM: 12:53 p.m., [address omitted]
A woman told police she paid $299.99 to Microsoft for a subscription to keep her computer clean of viruses. The woman later realized it was a scam and canceled the check before it reached the recipient. Police think the scam involved international perpetrators and discontinued the investigation.

June 30
SCAM: [address omitted]
A person reported they received a phone call from someone claiming to be a Benton County Sheriff’s Office deputy. The caller told the person they had missed jury duty and needed to pay $3,000. The person bought $1,000 in Google Play cards and sent photos of the cards to the caller.

June 30
SCAM: 6 p.m., [address omitted]
A woman reported that some Chinese nationals called her posing as members of the Chinese consulate in San Francisco. They said that Shanghai police officers wanted to speak to the woman about some bank accounts opened in her name through the Industrial and Commercial Bank of China. The woman spoke with alleged Shanghai police officers, who stated she would be arrested if she could not prove she did not open the accounts. They convinced her to wire $90,000 to a bank account in Hong Kong with a promise of it being returned once her innocence was proven. The woman later realized the call was fraudulent.

June 19
SCAM: 11:23 a.m., [address omitted]
A man reported he had met a person online who identified herself as Ingrid Nugent and they had entered into a relationship. The man said $4,500 was deposited into his account by a person Nugent said was her attorney. Nugent then asked the man to send $4,064 by iTunes gift cards and money gram to Nigeria, which he did. The check deposited into the man’s account subsequently was declined.

June 15
SCAM: [address omitted]
A woman reported she had been having problems posting a video to Facebook, so she Googled a support number for Facebook. She called a number she found and was told her problem could be fixed if she provided $700 worth of gift cards. The woman bought the gift cards and provided the card's numbers to someone she believed to be a Facebook support employee. After providing the gift card information, the woman’s problem was resolved. The woman was informed by the person she called that if she provided another $300 worth of gift card information she would be reimbursed her money. She started to believe she was scammed and called police.

June 12
SCAM: 7:23 p.m., [address omitted]
A man reported he received a call from a person identifying himself as "Deputy Dale Ingram" with the Benton County Sheriff’s Office. The caller said the man had two failure to appear warrants and could pay the fine over the phone or be arrested. The man said he bought two Green Dot cards for $972 and read the numbers to the caller. When the man reported the incident to deputies, they informed him he was the victim of a scam.

June 5
SCAM: 4:17 p.m., [address omitted]
A man reported he was contacted by someone stating they were from the hospital and told him a Benton County deputy was trying to reach him. The man said he was contacted the following day by someone saying they were Sheriff Ingram with the Benton County Sheriff’s Office and that the man had a warrant for his arrest. The caller told the man he needed to buy two “Money Pak” cards with $494 on each to clear the warrants. The man purchased the cards and gave the caller the identification numbers. The man said he tried calling the number back, but there was no answer. Police tried calling the number but it went to an automated message machine and then the call ended.

May 31
SCAM: [address omitted]
A man told police he had listed his Microsoft Surface Book online for sale and was contacted by someone named “Yani Pedro” who wanted to purchase it. The man set up payment for the computer through PayPal and mailed the computer to an address in Houston. However, the man never received payment and discovered the email he was sent about PayPal was a scam.

May 15
SCAM: 4:37 p.m., [address omitted]
A woman told police she received a phone call at work from a woman who claimed to work for the state police. The caller told the woman that she did not file a Form 8886 with the IRS, and they were going to issue a warrant for her arrest. The woman said the caller instructed her to buy 12 gift cards worth $500 a piece. The woman told police she spoke to her bank and gave the caller some of her information, and then went to Wal-Mart to try and buy the gift cards. The woman said she tried twice to buy the gift cards, but her transactions were declined. Police informed her she had been scammed.

May 15
SCAM: [address omitted]
Police responded to Citizens Bank after a man cashed a fraudulent check. Officers contacted the man, and after he refused to remove his hands from his pockets, they placed him in handcuffs. The man told police he received the check in the mail from a Craigslist ad and was supposed to provide the account information to the sender. The man had deposited the $2,000 check on Monday and withdrew $200 of it. The bank then realized the check was fraudulent. Officers informed the man he had been scammed and released him. He returned to the bank the remaining cash he had from the $200 and was informed his account would be closed.

May 3
SCAM: 2:08 p.m., [address omitted]
A man told troopers he had received a call from a person posing as a Lane County deputy who claimed he had two warrants for his arrest. The “deputy” told the man he could turn himself in to the sheriff’s office or pay two payments of $489 in Green Dot Moneypak cards. The man sent the money.

April 26
SCAM: 4:25 p.m., [address omitted]
A man reported his brother, who has dementia, received a phone call from someone claiming to be the county sheriff. The caller claimed the man had missed jury duty and there would be a warrant for his arrest if he did not pay $1,500 via prepaid MoneyPaks. The man stayed on the phone with the caller while he purchased the debit cards and provided the card numbers to the caller over the phone.

April 2
SCAM: 9:38 a.m., [address omitted]
Police responded to Jimmy John’s for a fraud complaint. An employee told officers a man had called the shop stating he was from the corporate office. The man told the store manager that the shop was being investigated for employee theft and needed to provide the corporate office with $1,000 in gift cards. The manager drove to Fred Meyer, purchased two Visa gift cards and sent the images of the front and back of both cards to the phone number provided by the caller. A different employee had the cards locked so they could not be used.

March 22
SCAM: 12:10 p.m., [address omitted]
Two people told police they posted an ad on Craigslist seeking housing. They said they were contacted via email by “Larry Dunkin,” who claimed he lived out of state but was renting out 950 SE Powell Ave. The two people agreed to wire $800 via Western Union for the deposit, and Dunkin was to mail the keys. After they wired the money, Dunkin demanded $2,700 for three months’ rent before he would send the keys. The people refused to send the money. Police determined the house was not for rent.

Feb 27
SCAM: 3:38 p.m., [address omitted]
A woman told police she placed an ad on Craigslist to rent a room. An individual responded and assumed they had been selected as the next tenant and sent a check to the woman for $3,500. When the woman informed the person she would not rent a room to them, the person told her to cash the check and send a money order back in return. The woman knew it was a scam and gave the check to police.

Feb 25
SCAM: 2 p.m., [address omitted]
A man told police that someone, whom he believed to be a woman in Colorado, added him on Facebook. They video chatted and the man exposed his genitals. The other person then told the man that if he did not pay $500, they would post a video of his genitals online. The suspect wanted a money order sent to the Ivory Coast. The suspect’s Facebook account has since been deactivated.

Feb 21
SCAM: 4:12 p.m., [address omitted]
A woman said she received a phone call from someone claiming to work for Microsoft. The caller told her that her computer’s virus protection had expired and he could clear her computer of viruses for $499.99. The woman gave the caller her debit card information, as well as remote control of her computer. She later realized it was a scam and noticed a second charge for $512 on her bank statement.

Feb 15
SCAM: 8:34 p.m., [address omitted]
A woman told police she met a man online who claimed to have lost his wallet while on vacation. The woman sent the man $600 via Western Union. The following day, Western Union’s fraud department called her and said they felt she had fallen for a scam and put a hold on the transaction. The woman then received a call from someone claiming to be an FBI special agent and who said they knew about her involvement with the first man and that she was under investigation as a potential terrorist. The caller told her she needed to send $600 via money order to a judge in Florida, which she did.

Feb 15
SCAM: 10:30 a.m., [address omitted]
A man reported he sold a computer on Craigslist to “Tonnie Hooker III” for $770. He said he received a check in the mail for $2,300 with instructions to send the rest back via Western Union. The man wired the money from his bank account and then found out the check did not clear, for a total loss of $1,530. The man said “Hooker” had told him he would arrange for someone to pick up the computer in person but the person never arrived.

Feb. 14
SCAM: 11:38 a.m., [address omitted]
A man told police he had received a $2,450 check from Dial America Marketing with the agreement he would do bookkeeping for the business for $200 a week. The man said he was told to redistribute the funds by wiring the money to a Walmart in Texas, which he did. His bank later told him the check he received was fraudulent. The man lost a total of $2,450.

Feb 5
SCAM: 11:03 p.m., [address omitted]
Police responded after an employee at Burger King received a phone call from someone asking her where they keep the money and how much was in their safe. An officer took the phone and asked who he or she was speaking with. The caller promptly hung up. The employee who answered the phone said the caller claimed they were doing an FBI investigation for corporate and asked the employee to take money out of the safe and meet them nearby. The employee realized it was a scam and kept the caller on the phone until police arrived.

Feb 1
SCAM: 10:24 a.m., [address omitted]
A man told police he received an email on his OSU account regarding a job offer from a biotech company where he could earn $200 a week. The man said he received a check for $2,400, which he deposited into his bank account. He said he was asked to transfer $1,680 to someone in Texas via Western Union, at which point he realized it was a scam.

Jan 25
SCAM: 10 a.m., [address omitted]
A woman reported receiving messages from phone number 443-342-4190 stating her Social Security number had been stolen. She told police she called her mother, who called the number back and spoke to someone who said the Social Security number was being used by drug traffickers in Texas to send money to Mexico. The woman’s daughter called the people back and was advised to get all the money from her bank account, put it on Walmart gift cards and give the card numbers to them, which she did. The caller stated the money would be refunded to her the next day by a police officer. When that didn’t happen, she looked up the phone number and discovered it was a scam.

Jan 17
SCAM: 3:44 p.m., [address omitted]
A woman told police she accepted a job from a Craigslist post and was sent a check from an individual who identified himself as Taiwo Ayeni. The woman said she cashed the check and sent $850 via Western Union to her new employer's “supplier.” The woman said the employer then requested she buy several iTunes gift cards with the remainder of the money. The woman said that sounded odd and she contacted her bank, which informed her the check she deposited was not legitimate and she was most likely the victim of a scam. The woman said she sent a message to the original sender saying she was not sending anything to him. She said the posting on Craigslist has since been deleted.

Jan 12
SCAM: 2:22 p.m., [address omitted]
A woman reported receiving a phone call from a man who stated her identity had been stolen. The man told her to buy a $1,500 gift card from Target and provide the security code to him, which she did. She also gave the man the last four digits of her Social Security number, a picture of her and the name of her bank. The woman said the man spoke with an accent and called from the number 443-648-5751.

Jan 8
SCAM: 1:08 p.m., [address omitted]
A woman reported receiving a phone call from a man who identified himself as Benton County Sheriff's Deputy Cook at phone number 541-847-5100 (the Benton County Sheriff’s Office Monroe number). The man told her she had a "contact warrant" for missing jury duty and needed to pay her bail before getting off the phone with him or she would be arrested. The woman said she stayed on the phone with him while she drove to Safeway, purchased a $2,000 MoneyPack gift card and then drove to the Law Enforcement Center, where she provided him with the gift card number over the phone. The woman said the caller told her the gift card did not work and to purchase additional gift cards. She said she asked him to come out of the Law Enforcement Center and she would give him the physical card, and he disconnected the call. The woman then realized it was a scam and went inside to report it.

Dec 19, 2017
SCAM: 9:41 p.m., [address omitted]
A woman told police she received a call from 443-579-5816 and a man identifying himself as “Richard Gomez with the Federal Marshals” told her that her social security number was being cancelled due to pending criminal charges. The woman stated Gomez instructed her to take all the money out of her bank account and buy Walmart gift cards. The woman bought $2,675 worth of Walmart gift cards and provided Gomez with the pin number on the back of each card. Gomez told the woman the charges would be dropped and her social security number would be reactivated. Police have no suspects.

Dec 4, 2017
SCAM: 6:39 a.m., [address omitted]A man reported he met a girl on the website Chatroulette about two years ago and began video chatting with her via Skype. The man said that on Sunday he received a message via Skype demanding $400 or the sender would disseminate explicit videos or photographs to the man’s Facebook friends. The sender requested the money be sent to the Philippines. No suspects were identified.

Dec 4, 2017
SCAM: 3:50 p.m., [address omitted]
A woman reported she had received a pop-up on her computer stating it was hacked and she needed to call 1-855-236-8222. She spoke with a man by the name of Ben Carter, who told her to write a check for $249.99, scan it and send it to him to remove the virus. The woman did so and later learned it was a scam.

Dec 1, 2017
SCAM: 2:15 p.m., [address omitted]
A woman reported she received a call from her boss informing her the Sheriff’s Office had called looking for her and to call them as soon as possible. She said she called the phone number given to her and was told she had two warrants for her arrest and she needed to go to the Sheriff's Office immediately to sign paperwork. She agreed to go to the Sheriff's Office and was told to bring a $500 gift card with her to pay a fine for which she would be reimbursed for if it turned out she did not have any warrants. She was instructed to get the card, which she did, and call them and give them the number on the card, which she also did. She was then told to go to the post office and mail the card to the USPS MCO Division, which she did, and then go to the Sheriff's Office. While at the Sheriff’s Office her husband called and informed her it was a scam.

Nov 27, 2017
SCAM: 9:46 a.m., [address omitted]
A man reported he had received a call in October from someone claiming to be Alex Williams with Apple Inc., who told him his computer was infected with a virus. The man said he agreed to pay about $3,000 in iTunes gift cards for two software packages to protect his computer. When the suspect asked for additional gift cards, the man became suspicious and called Apple and learned he had been scammed.

Nov 21, 2017
SCAM: 10:50 a.m., [address omitted]
A woman reported she had received a Facebook message from a friend telling her they had won $50,000 grants. The woman’s friend gave her a phone number and told her to call and ask for agent Paulsen Glenn. The woman said Glenn asked her to send a picture of her debit card and to buy $300 in iTunes gift cards, which she did. Her father learned what she was doing and told her it was a scam. The woman closed her bank accounts and is not out any money. Police spoke with the woman’s friend, who said she had not sent the Facebook messages. Police said her account appeared to be hacked.

Nov 21, 2017
SCAM: 12:16 p.m., [address omitted]
A woman reported she received an email on her OSU account indicating she was qualified for a job making $200 a week. The woman said she was sent a check for $2,450 and asked to send $2,100 back to the sender by Western Union. The woman sent the money and later realized the check was fraudulent.

Nov 4, 2017
SCAM: 9:43 a.m., [address omitted]
A man reported he had met a woman on the Plenty of Fish dating website and exchanging revealing photographs with her. The woman’s profile stated she was 23 years old. However, an unknown man called him stating he was the girl’s father and she was 16 years old. The “father” said he needed to pay him or he would go to police, so he put $60 on a prepaid card and gave the “father” the account and pin number. The man realized this was a scam after the “father” called again requesting more money.

Oct 19, 2017
SCAM: 12:02 p.m., [address omitted]
A woman reported her 15-year-old son had put $1,200 worth of camera equipment on Craigslist. A man named Hernandez Gago contacted them and offered to pay through PayPal if they would ship the camera equipment to New Jersey. They did so and found out the PayPal emails they were receiving were fake.

Oct 18, 2017
SCAM: 2:30 p.m., [address omitted]
A woman reported a man named Mark contacted her via phone and computer saying her bank account had been emptied. The man said he could get the money back for her if she sent him money. The woman withdrew $35,000 from her bank account and deposited it into various accounts at different banks that Mark instructed her to go to. An officer contacted Mark, but he would not answer questions and hung up the phone.

Oct 17, 2017
SCAM: 3:45 p.m., [address omitted]
A woman reported she had been contacted by a man who claimed to work for Wells Fargo and took the woman’s information. She later noticed $4,000 had been withdrawn from her account.

Oct 13, 2017
SCAM: 1:05 p.m., [address omitted]
A woman reported her husband planned to update their Garmin GPS device on the internet. However, he went onto a fake site and paid $180 to a man who pretended to be a Garmin technician. The couple verified with Garmin that they had fallen for a hoax.

Oct 11, 2017
SCAM: 3:30 p.m., [address omitted]
A woman reported she received a phone call from a man who identified himself as David New and told her she had won a 2017 Mercedes Benz. The man asked the woman to provide him credit card information to pay taxes on the car. The woman said she did not give the man any information.

Sept 27, 2017
SCAM: 3:45 p.m., [address omitted]
A woman reported she felt she was being scammed. She said she was contacted by a woman who identified herself as Kristen Anderson on Roommate Finder. After communicating for two weeks, Anderson sent the woman a check. But the check was written for $2,000 more than the agreed upon amount and Anderson asked the woman to wire back to her the extra money. Before wiring the money, the woman realized it might be a scam.

Sept 21, 2017
SCAM: 2:03 p.m., [address omitted]
A woman told police she thought her computer had been hacked after she found she had contacts she had not created. She said she was contacted by Microsoft, who told her they would resolve the issue and to buy iTunes gift cards to pay for the computer repair. The woman bought $700 worth of iTunes gift cards and provided them with the numbers. The woman told police the website "www.fastsupport.com" and the phone number 1-866-955-7984 were used during the scam. An officer called the phone number and spoke with someone but was not able to acquire tangible suspect information.

Sept 11, 2017
THEFT: 2:09 p.m., [address omitted]
A man reported he received a call from a man with an Indian accent claiming to be the federal police. The scammer told his victim that he filled out his admission paperwork to the University of Oregon incorrectly and had to either pay a fine or go to jail. The man agreed to pay the fine and was directed to purchase iTunes gift cards from Safeway and relay the relevant information over the phone. The man provided the scammer with $400 worth of iTunes gift cards. Police informed the man he had been scammed.

This was a small sample taken from reported scams that have happened in the past few months here in Corvallis. Again, I did not pick all of them, only a few. There are thousands that happen in every city each year. These scams can range from an attempt to receive money from you, to stealing various account credentials, purchasing a service that doesn't exist, etc.


Welcome to my mutli-part series on scams. That's about as straightforward as I can make it. This multi-part blog will touch on MANY different types of scams, as well as some more specific ones that were not mentioned above. We will cast a broad net on some, and get down to intricate details on others, so brace yourself, because this information is not only important, but in some ways frightening. We're going to ignore the 'Foreign Nigerian' scam, but we'll touch on a few that aren't too far removed from that.

Part I - Advertising Scams


macAds.jpg
Screen Shot 2018-02-20 at 2.59.13 PM.png

To kick things off, let's define adware. Adware is ads that are designed to make you click on it and purchase whatever type of product they are selling. These kinds of adware can be described as 'clickbait,' which is designed to scare, confused, or intrigue you into clicking on a specified page. Adware is incredibly easy to acquire or accidentally click. Take the screenshot, this is if you type MacKeeper into a search engine. By the way, DON'T download MacKeepr. I am using it strictly as an example and not endorsing it in the slightest. I think it does more harm than good to your computer. I digress...you can see three links to a "MacKeeper" download. If you further analyze it, or worse, click into those pages, only the third one down will take you to the actual MacKeeper webpage. If you look close enough, you can see, in green, the word "Ad" next to the top two links.

If I click on the first link, I see this (picture left). It looks legitimate, until you read the URL. Instead of MacKeeper.com, it is http://mackeeperapp.mackeeper.com/landings/198... What does this mean for you? Be extremely careful when searching the internet, and be very cognizant of the word "Ad" next to the URL.

Screen Shot 2018-02-20 at 3.13.07 PM.png

And just to note, this can happen simply from typing in 'mac help' (pictured below) to a Google search, which yields this first result. If you click on it, it takes you to a page that looks legitimate, and has a phone number plastered across the top of it, which will take you to a call center with another attempt at a scam.

Screen Shot 2018-02-22 at 9.41.21 AM.png
DVe7s-7VAAIyCMi.jpg-large.jpeg

It is surprising how easily ads can trick you into clicking on something accidentally. Again, take the following screenshot. This came from my PERSONAL Facebook page. It is an advertisement for piece of software(?) called Mac Software. As you also tell from the bottom-left of the screenshot, it clearly links you to MacKeeper.com, which I verified. This is one of the reasons I have written so much about MacKeeper, because this is the type of advertising they do. They steal other titles just to attempt to get you to click on their 'clickbait-esque' advertisements. Most users download MacKeeper without even truly realizing what happened. One of the things that I am pleased about is the response by many of those in the Apple community. As an avid member on Apple Discussions boards, which are user-to-user forums that allow average users to ask questions to a community of more experienced users, typing in MacKeeper immediately pulls these results:

Screen Shot 2018-02-20 at 3.24.20 PM.png

Now MacKeeper might think I am calling their software a scam, which I can't legally say, as they're known for sending their cease & desist letters to security researchers, but their advertising strategy is, in every way, shape, and form, a scam.

IMG_5498.png

Fortunately, I have noticed many users starting to realize the many downfalls of this software. Even Apple Support, as they mentioned on Twitter, consider MacKeeper a form of malware. While it may not be malware in-and-of itself, it is what many companies refer to as a PUP (Potentially Unwanted Program) or PUA (Potentially Unwanted Application). One of the only companies that I have seen not identify MacKeeper is a PUA is Avira. After a little research, however, you'll notice that Avira licenses their AV engine (anti-virus engine) to MacKeeper, noted in the MacKeeper EULA (End User License Agreement) during their install.

If it hasn't been made clear, I despise this piece of software, and I have uninstalled it on an insanely, large number of machines, but MacKeeper isn't the only piece of software that gets exploited through adware.

I can comfortably say that one of, if not the, most devious and exploit pieces of software comes from Adobe - more specifically, Adobe Flash Player. Adobe Flash Player has been a long time transmitter of malware and adware to end-user's computers. If usually originates with a pop-up saying that your Flash Player is out of date. This is a scam. If you have any doubts, visit Adobe's Flash Player webpage which will allow you to download a legitimate download. It is unfathomably easy to get duped into downloading one of these fake Flash Players. To show you, check out the video. In this video, I go to a Youtube-ripping site, which converts a Youtube video into just an audio file. It just so happens that when I attempted to "convert a video," it led me to a fake Adobe Flash Player. The most hilarious part was at the end, when it asked me to download MacKeeper...they are the WORST.

The installation of a fake Adobe Flash Player found from a video to music converting website

flash-out-of-date.jpeg

This type of scam is frequently preceded by a picture like the one to the right, so if you see it, exit immediately. I even disassembled the the fake Adobe Flash Player and uploaded the executable file to VirusTotal, which responded with only one hit from different anti-virus companies, saying it was a part of OSX/Bundlore, which is a common form of malware. See the results below.

Screen Shot 2018-02-22 at 3.03.41 PM.png

The primary point is to tell you that you have to be careful when browsing the internet. Only go to reputable sites, and please try to avoid any Google search result that begins with the green letters "Ad," and if you get a popup telling you that your Adobe Flash Player is out-of-date, go directly to Adobe's website, which was linked above. 

Safe browsing!

-Stuart

Strava Endangering the Military Accidentally

Corvallis, Oregon on the Strava Global Heat Map

Corvallis, Oregon on the Strava Global Heat Map

It was once outlandish to think that robots would learn from humans, and then take over the world. Seems pretty silly, right? 

As time goes by, we see advancements in technology. Many of them are for the good of the country, whether it is advancing medical equipment, vehicles that don't emit carbon, and the list goes on and on.

We do, however, see that technology to a certain extent, can actually put human lives at risk.

The fitness company Strava, who dubbed their own motto "The Social Network for Athletes," recently updated their website to reveal a new, updated Global Heat Map, showing where people around the world are exuding the highest heart rates during exercise or  the highest rates of speed. I imagine Strava was imagining this map being a motivational tool for people to get out and exercise, but what we've seen with their recent publication is actually horrifying. 

strava fitness raf mount pleasant.png

You can just take a look at Interstate-5 and see how "busy" it is. That's not frightening. You know what is? That you can look at a top-secret United States military base in Syria and see exactly where the soldiers are running due to the fact that they left their fitness apps open. This also reveals some odd amounts of traffic, whether it be foot or vehicular, in places like Royal Air Force Base Mount Pleasant (pictured left). Not only can you see the main roads entering and exiting the compound, you can also see some of the smaller, more rural roads. For people fighting against America, whether it be a foreign power like North Korea, or a terrorist organization, like ISIS, this information can be vey useful.

We don't just see this in our home country. We can see our military bases from around the world. Take for example the picture below. You can clearly see some of the main FOBs (Forward Operating Bases) in Afghanistan.

fobafghanistan.jpeg

You can't tell me that it isn't creepy what you can see. It's like when consumers first started realizing that you could actually see people committing crimes on Google Earth. It's technology catching up and passing the humans. 

As a fan of thriller novels, this is the stuff that can make nightmares that you read in a thriller novel come true. This map makes military bases come alive and obviously identifiable. 

military bases.jpeg

It's hard to blame Strava for publishing this, as it is a pretty amazing map to view, but with many of technology's bugs, the fact that Strava didn't have to clear this with the United States Armed Forces is staggering. When some in information security finds a bug in a system, the idea is to follow proper protocol and alert the company's security team to give them time to patch the issue before taking it public, but Strava appeared to just ignore all warning lights. It is nearly impossible to believe that NO ONE at that company thought about the ramifications of publishing something that is just gathering massive amounts of data and publishing it. Granted, when you download their app, you basically Accept their Terms & Conditions, which all them to collect your locational data, but it is still surprising that they took so much of this public.

We can even see the issues in the United Kingdom, more specifically, Her Majesty's Naval Base, or HMNB Clyde, is home to the UK's nuclear arsenal. It would be very disconcerting to know exactly where employees are moving at all times. 

I think the bigger question that should be asked is why are employees allowed to use their cellphones in the same building as nuclear weapons? It would be incredibly ironic for a nuclear weapon to go off because a Samsung Galaxy explodes in someone's pocket.

HMNB Clyde, UK

HMNB Clyde, UK

I wish I knew what the best response to this would be. It's hard to blame Strava, although their publishing is endangering lives, but it truly is the user's fault for using their application on military bases. Hopefully we will see a crackdown on the use of their app in sensitive areas, although it may already be too late.

Best Mac Security Tools of 2017

Computer_virus_illustration.jpg

As we round out another year, I look back at everything that has happened this year with computer security, especially in the Apple sector.

We can look back at WannaCry, the ransomware attack that ravaged Microsoft systems across the world in May. It infected around 300,000 computers and over 200,000 victims. This was quickly followed by another piece of ransomware called Petya. In March, a data trove of 8,761 documents were posted to Wikileaks, which was entitled "Vault 7," a collection of stolen documents containing documentation of alleged spying operations and different hacking tools. This doesn't even take into account the massive amount of DDoS (Distributed Denial of Service) attacks against companies and individuals. Last but not least, we cannot forget the massive data leaks in the past few years, which includes but is not limited to Equifax, Target, Sony, Yahoo, Ashley Madison, Adult Friend Finder, and last but not least, Stuxnet.

With all of that being said, although not all of these attacks were done specifically to the Mac operating system, some of them did. Because of that, we have compiled a list of the top security tools of this year. They weren't all produced this year, but they are the security tools that I use daily and trust whole-heartedly. We will also recount some of the biggest tricksters and liars of the year as well in our next blog post.

If you are interested or have questions about any of this years top security tools, please let me know. Send me an email at stuart@crashsecurity.com.


Top 5 Mac Security Tools of 2017:

 

Honorable Mention

nordvpnlogo-100726095-large.jpg

NordVPN

NordVPN is my favorite VPN (virtual private network) I've used thus far, and I have tried quite a few. I've tried quite a few, and after being disatistfied with the price of the last one I used, ExpressVPN, I moved to NordVPN. 

I learned of a great comparison site called That One Privacy Site that provides a breakdown for tons and tons of VPNs. To sum up VPNs, they encrypt your IP address, so you can remain relatively anonymous while browsing the internet. With how many different things I research, I have to use a VPN. NordVPN is one of the top rated, and it also has great reviews. You can choose where you want your IP address routed through, whether it be Canada, Europe, Asia, or anywhere in between.

Sign up for the two-year plan for $3.29/month.

Follow NordVPN on Twitter: @NordVPN


No. 5

Screen Shot 2017-12-22 at 2.27.29 PM.png

GPG Tools

This suite of tools allows you to send encrypted emails using the program, GPG Suite. Although it may seem as if your email is impenetrable, it isn't. This tool can be tough to configure, but once completed, it is an amazing application. It allows you to give your public key to others, in which they can send you encrypted messages. The only way to see those messages is by decrypting them with your private key. It uses an encryption called OpenPGP, PGP standing for Pretty Good Privacy (no joke). Using a server, you can access your friend's public keys to send them emails when you need or want to do it. It is a plug-in for Mac Mail, so if you use a different email client, you may have to download a different tool. This is available for macOS 10.9 and higher. Read more at their website which is linked in their title.

To send me an encrypted email, my public key is: BB387DBD

Follow GPG Tools on Twitter: @GPGTools


No. 4

littlesnitch_256.png

Little Snitch

Little Snitch is a network monitoring tool that makes your connections visible. You can allow or block certain connections, as well as set parameters about the connection. Say I want to do an Adobe update, but I only want my computer reaching out to Adobe's server address for 30 minutes, I can set the parameter to allow the connection for 30 minutes. After that time expires, the connection will be blocked. You can also block a site for a certain amount of time or "Forever." Same goes with allowing websites. I allow my computer to connect to the iCloud server "Forever," as I constantly have things syncing with my iCloud account. 

microsnitch_340.png

Little Snitch also now has a companion piece of software called Micro Snitch, that monitors your computers camera and microphone and will alert you when they go active. This piece of software, I have found not as useful, and I will explain why a little further down this article.

Follow Little Snitch on Twitter: @LittleSnitch


No. 3

infected-files.jpg

ClamXAV

ClamXAV has, for years, been my favorite antivirus on the market for multiple reasons. One common issue with running antivirus on a Mac is live-monitoring. For quite some time, ClamXAV did not support live-monitoring, and it was instead a simple, powerhouse antivirus scanner. If you run this program as just an antivirus scan, it will bog your machine down, but I would simply set it up at night, and allow the scan to run while I slept. When I woke up, it had a list of all of the issues it may have found. I could then immediately put them in my Trash. 

What ClamXAV has released more recently is ClamXAV Sentry. It is a live-monitoring piece of software that I set up to monitor specific folders. Obviously, the folder most likely to get infected on your computer is your ~/Downloads folder. Anything downloaded from the internet will typically download here. I have it monitor my Downloads and my Desktop, as well as a few hidden folders. Most every-day users would not need to worry about the hidden folders, but because of how much I play with malware, I set it up to scan that anyway. 

So why do I like ClamXAV over Norton or Sophos or McAfee? Well, those programs live-monitoring are extremely CPU-consuming. I find myself getting angry with how slow it makes my machine run. With ClamXAV, I've never had that problem. ClamXAV is also one of the quickest AV engines to find new malware in the wild, so I cannot recommend it enough. 

There is a free trial, but it is now a paid program, and I think it is well worth the $29.95.

Follow ClamXAV on Twitter: @ClamXAV


No. 2

Malware-Bytes.png

Malwarebytes for Mac

Another amazing malware remover and antivirus, Malwarebytes. For many years, Malwarebytes stuck pretty specifically with malware and something referred to as PUPs (Potentially Unwanted Programs). More recently, they have begin diving into the AV community, and with each update, Malwarebytes and ClamXAV get more and more similar as far as what they do. Malwarebytes for Mac was a program that I used often to help rid people of unwanted programs and adware. We will dive into some of these PUPs in our next blog post, but Malwarebytes was always there, and it would always remove the program fully, not leaving behind any files, no matter how deep they were buried in your system. 

Malwarebytes recently released Malwarebytes Premium 3.0, which is not only a malware scanner, but an antivirus software with "Real-Time Protection," which is like their version of live-monitoring. I got this upgrade immediately, and although there were some bugs early on with the program utilizing large amounts of memory, sometimes even when the program wasn't running, those bugs have since been resolved. Malwarebytes is also touted as one of the top antivirus scanners.

Take the image below. This shows live threats that Malwarebytes, for Windows and Mac), is catching. It also shows threats that it caught that other antivirus softwares did not. This was a screenshot I took less than two minutes into this map populating in real-time. I can't imagine what it would look like if I allowed it to run for hours on end.

Screen Shot 2017-12-21 at 11.58.55 AM.png

Malwarebytes is now the company to beat when it comes to antivirus. They are also one of the first companies to catch new threats, and they keep very busy on social media platforms for support and tips. You can download the free or paid version.

They also frequently blog about security issues, which I highly recommend reading. They are very up to date on everything that has to deal with computer security.

Follow Malwarebytes on Twitter: @Malwarebytes

Follow Malwarebytes for Mac specialist Thomas Reed on Twitter: @ThomasAReed


No. 1

CaY75aNi_400x400.png

Objective-See

Objective-See and creator Patrick Wardle has been pumping out free application after free application for years now. No, they don't have one app, they have OVER 10!

First, Oversight, one of their newer applications, does the live-monitoring of your computer camera and microphone. As I mentioned earlier, Micro Snitch does it as well, but anything produced by Patrick Wardle is going to be some of the best software out there. It is easy to run, is easy to set up, and it just runs in the background, using virtually no CPU or memory. It is fantastic. You can allow or block connections when they are coming in, so you will instantly know if someone is using your camera without your permission.

In addition to this, they've added another application called BlockBlock, which monitors common persistence locations on your computer. This would be the locations malware may install.

Another application, Ransomwhere?, helps stop ransomware from making you a victim. It notices when something is encrypting your files, and you can either approve or terminate the process that is doing so. This is such a fantastic tool seeing as how ransomware has constantly been on the rise, especially over this past year.

Wardle has also released multiple open-source tools, encouraging users to download the programs through a Git website like GitHub. One of the more recent open source tools called ProcInfo is a tool that allows you to find a specific process and analyze it. This allows you to trace what a specific process is doing to see if it is malicious or not.

They have also produced an open-source program called LuLu that is a firewall. It will block any outgoing connection until it is approved by the user. I just recently started using LuLu, and I love it so far.

Again, all of these applications are FREE.

These are just four of the many tools that Objective-See has produced. I would highly suggest using them, and if you need help installing any of them, don't hesitate to let me know.

Follow Objective-See on Twitter: @Objective-See

Follow Patrick Wardle on Twitter: @PatrickWardle


In conclusion...

These are applications that I LOVE. I don't get paid to promote any of these. In fact, the free tools by Patrick Wardle and Objective-See are on Patreon, and I donate to them monthly because I believe so much in the power of the products. To show you how much I like these, I took a screenshot of my toolbar, where you can see many of these currently running.

(From left to right): MicroSnitch, BlockBlock, LuLu, ClamXAV Sentry, Little Snitch, Malwarebytes Premium 3.0, Oversight, NordVPN

(From left to right): MicroSnitch, BlockBlock, LuLu, ClamXAV Sentry, Little Snitch, Malwarebytes Premium 3.0, Oversight, NordVPN

Don't take Mac security for granted. All Macs are susceptible to malware. It's not to late to download applications. Again, if you need any assistance installing these programs or how to operate these programs, please don't hesitate to contact me either for a home visit through my House-Call page or a general questions through my Contact page.

The Scam of A-Tech Network

Have you ever seen a pop-up with a phone number saying you have a "virus?" So have we. Take a dive with us into a company called A-Tech Network, and how they will attempt to scam you out of all of your money.

Read More