Sehr geehrte Damen und Herren,
für Sie wurde von Ihrem Finanzamt bzw. Ihrer Steuerverwaltung über das Verfahren ELSTER eine verschlüsselte Datei
(Einkommensteuerbescheid) zur Abholung bereitgestellt.
==========Ihre Datei finden Sie als PDF-Datei im Anhang dieser E-Mail. =======
Sollten Sie die Daten nicht abholen, so werden diese nach 6 Monaten automatisch gelöscht.
Dies ist eine automatisch generierte E-Mail - bitte antworten Sie nicht an diese Mailadresse.
Mit freundlichen Grüßen
Ihr Finanzamt / Ihre Steuerverwaltung
www.elster.de
HINWEIS:
Sie erhalten diese E-Mail, weil Sie bei der Datenübermittlung z.B. Ihrer Steuererklärung die
Mailbenachrichtigung auf diese E-Mailadresse gewünscht haben.
Bei Steuerbescheiden ist allein die Papierausfertigung rechtlich relevant.
Showing posts with label virus warning. Show all posts
Showing posts with label virus warning. Show all posts
Tuesday, February 7, 2012
Fake tax office message
A fishing expedition from Germany, pretending to be from the tax office.
Tuesday, June 16, 2009
Obnoxious malware site
Just stumbled across the obnoxious malware site Netsecurityworks.com. Claimed to scan my harddrive and found lots of viruses. Haha, it found windows viruses, but there is no Windows on the computer. Trying to close the annoying window triggered an automatic download of an .exe file. BAD...
Here is a web site which lists URLs for highly suspicious/malware web: MalwareULR.com
Here is a web site which lists URLs for highly suspicious/malware web: MalwareULR.com
Monday, November 3, 2008
Trojan virus steals banking info
BBC reports that the Sinowal trojan has infected computers world-wide and stolen information for more than 270'000 bank accounts and 240'000 credit cards... Infections can happen simply by visiting a booby-trapped web site, and users wouldn't be aware of the infection.
Here is another report from the register.
Here is another report from the register.
Monday, February 18, 2008
1 in 1000 web sites are "evil"
Google finds that out of the billions of web sites out there, 3 Million are malicious and try to inject worms or viruses onto your computer, or try to steal information, such as credit card numbers etc., from you.
Read a report in MacWorld.
Read a report in MacWorld.
Friday, February 8, 2008
The number of malicious programs reaches new highs.
BBC reports that the number of malware programs has reached unprecedented highs. More than 3000 new samples are created every day. See the BBC report
Tuesday, September 4, 2007
Virus and Anti-Spam software that gets you...
BBC News had a piece on virus and hacking tools that have become a commercial commodity for criminals to purchase. Apparently all kinds of hacking tools are now offered commercially and as kits. Expect more SPAM, phishing, and other types of attacks in the future.
Another threat to personal computers stems for poor or even fraudulent anti-virus and/or anti-spyware software. There is plenty of anti-spyware software out there that really only makes the problem worse. Bad and dangerous programs posing as security software are certainly not good. Therefore, buy your products only from large, established, reputable companies.
A notorious case of such rogue software is/was SpyLocked or SpyWareLocked. Searches with google turn up lots of sites with instructions how to remove it. See, e.g., these removal instructions.
It even got its own entry on Wikipedia. Another fake program is VirusLocker (see these removal instructions).
The imagination of fraudsters is unlimited. Check out this huge list of bad software sites on the Spyware Warrior Site.
Another threat to personal computers stems for poor or even fraudulent anti-virus and/or anti-spyware software. There is plenty of anti-spyware software out there that really only makes the problem worse. Bad and dangerous programs posing as security software are certainly not good. Therefore, buy your products only from large, established, reputable companies.
A notorious case of such rogue software is/was SpyLocked or SpyWareLocked. Searches with google turn up lots of sites with instructions how to remove it. See, e.g., these removal instructions.
It even got its own entry on Wikipedia. Another fake program is VirusLocker (see these removal instructions).
The imagination of fraudsters is unlimited. Check out this huge list of bad software sites on the Spyware Warrior Site.
Friday, August 31, 2007
Storm worms enters blogs
The BBC had a report that the Storm worm is now invading blogs. Messages are posted to blogs that link to web sites that try to inject the worm into your computer. Subject lines for these messages are for example:
are you kidding me? lol
Dude dont send that stuff to my home email...
Dude your gonna get caught, lol
HAHAHAHAHAHA, man your insane!
I cant belive you did this
LMAO, your crazy man
LOL, dude what are you doing
man, who filmed this thing?
oh man your nutz
OMG, what are you thinking
A search with, for example, "HAHAHAHAHAHA, man your insane!" turns up many google blogspot sites. Be extremely careful with such sites. Some of them are just full of Storm Worm spam messages.
However, some of the google sites have now been blocked, most likely by Google or the blog owners, and only registered users can log in.
In any case, this does not bode well at all. This hacker group has now a system of probably over 1 Million infected computers under their control, and I am sure in a short time there will attempts to flood other popular sites.
are you kidding me? lol
Dude dont send that stuff to my home email...
Dude your gonna get caught, lol
HAHAHAHAHAHA, man your insane!
I cant belive you did this
LMAO, your crazy man
LOL, dude what are you doing
man, who filmed this thing?
oh man your nutz
OMG, what are you thinking
A search with, for example, "HAHAHAHAHAHA, man your insane!" turns up many google blogspot sites. Be extremely careful with such sites. Some of them are just full of Storm Worm spam messages.
However, some of the google sites have now been blocked, most likely by Google or the blog owners, and only registered users can log in.
In any case, this does not bode well at all. This hacker group has now a system of probably over 1 Million infected computers under their control, and I am sure in a short time there will attempts to flood other popular sites.
Wednesday, August 22, 2007
postcard/e-card and "Membership" SPAM emails are STORM WORM
The Register had yesterday a report that the new series of SPAM emails - the recent "Welcome/Membership" emails - that try to lure you into clicking on a link are attempts to infect your computer with malicious software. They are new permutations of the previous ecard/postcard SPAM emails. If the reader goes to the web site, he is prompted that an applet (little program) needs to be installed for secure login. This program is called "applet.exe", runs on Windows machines (not Mac Os X or Linux), and creates a backdoor on the computer that allows hackers to take over the machine. This piece of malware or Trojan is known as "Storm", "Zhelatin" or W32/Newar. It changes and adapts rapidly, in fact so fast that many antivirus software packages do not yet recognize it intially. This is an extremely dangerous Trojan going around. Between January and May 2007 2817 infected hosts were detected, but this has skyrocketed to 1.7 million infected machines now. F-Secure has a list of Sender and Subject lines that the recent SPAMs use.
Tuesday, August 21, 2007
New phishing or virus attack by email SPAM
New variations of the postcard / e-card spam emails are showing up that try to lure you into clicking on a provided link. This time the spam emails pretend to be a confirmation for a membership registration, or something along those lines, and they try to trick you into clicking on the link. Most likely the given web site will inject a virus into your computer system. Here are some examples:
Subject: Membership Details
From: "Web Players"
Sender: User viqlpkkvxut
New Member,
Are you ready to have fun at Web Players.
Account Number: 828285335
Temorary Login: user3090
Password ID: yg141
For security purposes please login and change the temporary Login ID and Password.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Thank You,
Confirmation Dept.
Web Players
Subject: Member Confirm
From: "Free Ringtones"
Sender: User twcenwfunwi
Dear Member,
Thank You for Joining Free Ringtones.
Membership Number: 28189574868359
Temorary Login: user4810
Your Password ID: qu845
Please keep your account secure by logging in and changing your login info.
Follow this Link: http://xxx.xxx.xxx.xxx
Enjoy,
Confirmation Dept.
Free Ringtones
Subject: Registration Confirmation
From: "Office Antics"
Sender: User neojqgl
New Member,
We are glad you joined Office Antics.
Membership Number: 81718539734
Temp Login ID: user8300
Temorary Password: ch274
Please keep your account secure by logging in and changing your login info.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Thank You,
Membership Support Department
Office Antics
Subject: Dated Confirmation
From: "Online Hook-Up"
Sender: User wcrdzwrbl
Welcome Member,
Here is your membership info for Online Hook-Up.
Confirmation Number: 94429852
Login ID: user8191
Password ID: da684
Your temporary Login Info will expire in 24 hours. Please login and change it.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Enjoy,
Welcome Department
Online Hook-Up
Subject: Your Member Info
From: "Free Web Tools"
Sender: User fwunefx
Welcome,
Are you ready to have fun at Free Web Tools.
Account Number: 6179795186753
Your Temp. Login ID: user8774
Password ID: gl565
Please keep your account secure by logging in and changing your login info.
Click on the secure link or paste it to your browser: http://xxx.xxx.xxx.xx
Thank You,
Welcome Department
Free Web Tools
Subject: Membership Details
From: "Web Players"
Sender: User viqlpkkvxut
New Member,
Are you ready to have fun at Web Players.
Account Number: 828285335
Temorary Login: user3090
Password ID: yg141
For security purposes please login and change the temporary Login ID and Password.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Thank You,
Confirmation Dept.
Web Players
Subject: Member Confirm
From: "Free Ringtones"
Sender: User twcenwfunwi
Dear Member,
Thank You for Joining Free Ringtones.
Membership Number: 28189574868359
Temorary Login: user4810
Your Password ID: qu845
Please keep your account secure by logging in and changing your login info.
Follow this Link: http://xxx.xxx.xxx.xxx
Enjoy,
Confirmation Dept.
Free Ringtones
Subject: Registration Confirmation
From: "Office Antics"
Sender: User neojqgl
New Member,
We are glad you joined Office Antics.
Membership Number: 81718539734
Temp Login ID: user8300
Temorary Password: ch274
Please keep your account secure by logging in and changing your login info.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Thank You,
Membership Support Department
Office Antics
Subject: Dated Confirmation
From: "Online Hook-Up"
Sender: User wcrdzwrbl
Welcome Member,
Here is your membership info for Online Hook-Up.
Confirmation Number: 94429852
Login ID: user8191
Password ID: da684
Your temporary Login Info will expire in 24 hours. Please login and change it.
Use this link to change your Login info: http://xxx.xxx.xxx.xx
Enjoy,
Welcome Department
Online Hook-Up
Subject: Your Member Info
From: "Free Web Tools"
Sender: User fwunefx
Welcome,
Are you ready to have fun at Free Web Tools.
Account Number: 6179795186753
Your Temp. Login ID: user8774
Password ID: gl565
Please keep your account secure by logging in and changing your login info.
Click on the secure link or paste it to your browser: http://xxx.xxx.xxx.xx
Thank You,
Welcome Department
Free Web Tools
Tuesday, August 14, 2007
New variants of the postcard/e-cards
New versions of the spam emails pretenting to be postcards/e-cards from friends/colleages etc. are spreading. Here are some examples:
Colleague(xxxx@xxxxx.org) has created Animated postcard for you at birthdaycards.com.
To see your custom Animated postcard, simply click on the following Internet address (if your mail program doesn't support this feature you will need to COPY and PASTE the address into your browser's address box):
http://xxx.xxx.xxx.xxx (IP removed)
Send a FREE greeting card from birthdaycards.com whenever you want by visiting us at:
http://birthdaycards.com/
This service is provided and hosted by birthdaycards.com.
Colleague has created a greeting ecard for you at E-Cards.Com,
the Internet's most popular greeting card service.
Your greeting card ID is: xxxxxxxxxxxxx
To see your custom greeting card, simply click on the link below:
http://xxx.xxx.xxx.xxx (IP removed)
Send greeting cards from E-Cards.Com whenever you want by visiting us at: http://E-Cards.Com/
Copyright (c) 1996-2007 E-Cards.Com All Rights Reserved
The aim of these emails is to guide you to a web site that will infect your computer with a virus.
Particularly, if you use a version of the Windows operating system, it is highly recommended that you keep your computer updated with the latest patches and with the latest anti-virus and anti-spyware software.
It is also helpful to use alternative Web browsers, such as Firefox or Opera, instead of Internet Explorer.
Colleague(xxxx@xxxxx.org) has created Animated postcard for you at birthdaycards.com.
To see your custom Animated postcard, simply click on the following Internet address (if your mail program doesn't support this feature you will need to COPY and PASTE the address into your browser's address box):
http://xxx.xxx.xxx.xxx (IP removed)
Send a FREE greeting card from birthdaycards.com whenever you want by visiting us at:
http://birthdaycards.com/
This service is provided and hosted by birthdaycards.com.
Colleague has created a greeting ecard for you at E-Cards.Com,
the Internet's most popular greeting card service.
Your greeting card ID is: xxxxxxxxxxxxx
To see your custom greeting card, simply click on the link below:
http://xxx.xxx.xxx.xxx (IP removed)
Send greeting cards from E-Cards.Com whenever you want by visiting us at: http://E-Cards.Com/
Copyright (c) 1996-2007 E-Cards.Com All Rights Reserved
The aim of these emails is to guide you to a web site that will infect your computer with a virus.
Particularly, if you use a version of the Windows operating system, it is highly recommended that you keep your computer updated with the latest patches and with the latest anti-virus and anti-spyware software.
It is also helpful to use alternative Web browsers, such as Firefox or Opera, instead of Internet Explorer.
Tuesday, July 31, 2007
More fake greeting cards, ecards, postcards, Virus warning
Recently, many more of these fake phising ecards, postcards, greeting cards have appears. They always look exactly the same, the only thing that changes is how they are addressed: Friend, family member, mate, class-mate, worshippper, etc., and from which web service the come from, i.e. american greetings, e-cards.com, all-yours.net, 2000greetings.com, freewebcards.com, vintagepostcards.com, 123greetings.com, riversong.com, postcards.com, greet2k.com, netfuncards.com, hallmark.com etc.
They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!
Here is a recent list of such emails in my junk box:
They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!
Here is a recent list of such emails in my junk box:
Thursday, July 5, 2007
Phishing using Greeting cards/ecards, Virus warning
Recently, I got e-greeting cards in my email, one apparently from a neighbor, one from a friend. However, I didn't expect any cards. A careful check of the IP addresses on which one was supposed to click showed that they are not the same as the one from the company from which the e-greeting was supposed to come.
Here are the two examples:
....
Subject: Celebrate Your Nation
....
Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.
SEEING YOUR CARD
If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:
xxx.xx.xx.xxx (IP number removed for security reasons)
Or copy and paste it into your browser's "Location" box (where Internet addresses go).
PRIVACY
2000greetings.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy.
TERMS OF USE
By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement.
We hope you enjoy your awesome card.
Wishing you the best,
Mail Delivery System,
2000greetings.com
...
Subject: You've received a greeting postcard from a neighbour!
Date: Mon, 2 Jul 2007 14:22:06 +0200
...
Good day.
Your neighbour has sent you a greeting postcard from Hallmark.Com.
Send free ecards from Hallmark.Com with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
--------
OPTION 1
--------
Click on the following Internet address or
copy & paste it into your browser's address box.
xxx.xx.xx.xxx (IP number removed for security reasons)
--------
OPTION 2
--------
Copy & paste the ecard number in the "View Your Card" box at xxxxx (removed)
Your ecard number is
xxxxx (removed)
Best wishes,
Mailer-Daemon,
Hallmark.Com
These emails are BOGUS, FAKE, neither of the IPs (deleted above) pointed to 2000greetings or hallmark.
I found further information on this type of fraud also at purportal.com/spam/1852/ and www.scambusters.org/ecards.html.
The sole purpose of these emails is to direct the reader to a fraudulent web site, with the purpose of infecting your computer with spyware or viruses, or otherwise obtaining information from you to exploit.
This threat is very, very insidious (dangerous), because a simple click to this bad web site can already cause problems if
your computer is not protected from the latest viruses or spyware!!
So, beware! Do not click on the links!!
Here are the two examples:
....
Subject: Celebrate Your Nation
....
Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.
SEEING YOUR CARD
If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:
xxx.xx.xx.xxx (IP number removed for security reasons)
Or copy and paste it into your browser's "Location" box (where Internet addresses go).
PRIVACY
2000greetings.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy.
TERMS OF USE
By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement.
We hope you enjoy your awesome card.
Wishing you the best,
Mail Delivery System,
2000greetings.com
...
Subject: You've received a greeting postcard from a neighbour!
Date: Mon, 2 Jul 2007 14:22:06 +0200
...
Good day.
Your neighbour has sent you a greeting postcard from Hallmark.Com.
Send free ecards from Hallmark.Com with your choice of colors, words and music.
Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, choose from any of the following options:
--------
OPTION 1
--------
Click on the following Internet address or
copy & paste it into your browser's address box.
xxx.xx.xx.xxx (IP number removed for security reasons)
--------
OPTION 2
--------
Copy & paste the ecard number in the "View Your Card" box at xxxxx (removed)
Your ecard number is
xxxxx (removed)
Best wishes,
Mailer-Daemon,
Hallmark.Com
These emails are BOGUS, FAKE, neither of the IPs (deleted above) pointed to 2000greetings or hallmark.
I found further information on this type of fraud also at purportal.com/spam/1852/ and www.scambusters.org/ecards.html.
The sole purpose of these emails is to direct the reader to a fraudulent web site, with the purpose of infecting your computer with spyware or viruses, or otherwise obtaining information from you to exploit.
This threat is very, very insidious (dangerous), because a simple click to this bad web site can already cause problems if
your computer is not protected from the latest viruses or spyware!!
So, beware! Do not click on the links!!
Subscribe to:
Posts (Atom)
