Information Hub‎ > ‎

The Bad Guys

Updated 05/24/2016
https://sites.google.com/a/thectgroups.org/the-ct-groups/info/TheBadGuys/Computer%20Thief.jpg

YOUR BEST DEFENSE AGAINST THE BAD GUYS?

Question and challenge e-mails that are unexpected.
Question callers that seem strange or unusual.
DO NOT GIVE THEM ANYTHING ... THEY SHOULD KNOW IT!

The "clues" provided are often clear once you think about what you are seeing versus you are being led to believe and enticed to act quickly on.  Pressure for immediate action is one way to stop your questioning and act as directed.  If you are still uncertain, call the sender using a listed number in the phone book.  Do not trust the e-mail or on-line sources as these can be spoofed or hacked.


A GAME CHANGING TACTIC IS NOW BEING USED BY THE BAD GUYS
Previously, only a few items were "clickable" with your mouse that would get you into trouble.  Today most to all of the e-mail has embedded "clickable" links.  Often they are the same link from the "Order Here" to "Get Info" to the "Unsubscribe" link which is bad news for you.

IF AN E-MAIL FOLLOWS THE GENERAL CLUES OF BEING AN ATTACK, DELETE IT - EVEN USING THE UNSUBSCRIBE LINK CAN CAUSE YOU REGRET.  IF YOU HOVER YOUR MOUSE ABOVE ALL PICTURES, TEXT AND LINKS YOU WILL REALIZE THEY ARE EITHER ALL THE SAME LINK OR THE SAME LINK USED FOR VERY DIFFERENT PURPOSES - DELETE THE E-MAIL.



Do you believe this simply is not happening?

It is a little scary to think so many bad things happen on the Internet or the world in general.

To get a better feel for the impact, please read a short but good article by Yoni Heisler, published Dec 01, 2015 by Fox News and see how valuable your private information is to "The Bad Guys".

http://www.foxnews.com/tech/2015/11/30/heres-how-much-your-stolen-data-is-worth-on-dark-web.html


Who are "The Bad Guys"?
  • they may be individuals, a club, a team or a commercial enterprise
  • they may be thrill seekers, students, paid thugs or represent governments
  • they could be skilled professionals or undereducated punks
  • their goals may be excitement, financial, espionage, or just to cause pain
  • they are criminals who act quickly, move around often, will often convey incomplete or misleading information to engage you and without any guilt provide you compelling reason to do stupid things to get money to them
  • understand it is acceptable to hang up on these contacts and trying to seek enforcement of State or Federal Do Not Call Lists may get you laughed at by The Bad Guys and government employees

Their method of "getting to you" can come from a number of places:
  • a mailed or delivered item to your office or residence
  • an e-mail with a solicitation or message from a "friend"
  • an e-mail offer from a store near you with an incredible deal
  • an e-mail of an employment opportunity for minimal risk or effort and a significant return
  • an e-mail from a charity, company or government informing you of your new fortune
  • an e-mail of an attack against an on-line account that needs your urgent attention
  • an e-mail requiring the urgent verification of your personal information
  • an e-mail from someone you know who is out of cash stuck in a foreign country
  • an e-mail from someone desperately wanting to connect with you
  • an e-mail indicating your computer has reported serious problems and they can help you
  • a phone call needing personal information or your action before something bad happens to you
  • an e-mail contending you have an unpaid toll fee that is due or over due
  • a link to a legitimate web site that they hacked into and placed their malware on a page
    you can usually detect this when the filename is a long string of letters and numbers disguised
    like it might be a systems file

Some basics to remember when you encounter these or other items:
  1. Stay calm and think through the message.

  2. Would "the alleged sender" even send an e-mail?  Courts, collection agencies and the IRS do not
    typically use anything BUT the US Postal Service for notices.  Often the attach method it the attachment.

  3. Part of an attack is to compel you into quick action without thinking about the logic or accuracy of their message.

  4. Financial institutions are required to protect you from fraudulent transactions.  They are NOT required to protect you from giving out your personal information to unknown person(s) or having information taken from you computer.

  5. Read through the message and think about it.  Does this even make sense?  Why is this needed?  Would a company really behave in this manner?  Does this even apply to you ... do you even have an account there ... have you ever done what is discussed?

  6. They know your e-mail address.  What also should they have included if the e-mail was real?
    Some examples:
    1. A Court Order but your name or address are clearly missing.  A real Court knows this!
    2. An unpaid Toll Charge yet Toll Operators would have your car license plate number and dat.
    3. Your bank/credit card account without any names or last 4 digits of your account number
    4. A personal solicitation without anything personal, like your name for openers
    5. Offers without your name or address that are just so incredibly good they can't be
    6. Gifts from charities or governments yet they don't provide your information in the e-mail
    7. A requirement to contact an e-mail address or link to provide info they should have on you
    8. An IRS Notice of Refund being wired to you with proof of their "wire transfer" attached 

  7. Examine the spelling and grammar use within the message.  Official e-mails are often form items reviewed may many people prior to be used for communications.  Such mistakes suggests phishing.

  8. Does this even look professional?  Would a company send a communication out like this with spelling or language errors?  Lack of a company logo or other images?  No company contact information?

  9. WHY are the using a generic e-mail address versus their company e-mail address?  Companies want to present an image and you to remember their name.  Would Michael Kors, the premium priced ladies hand-bag company use a generic e-mail address?  Why would Microsoft use a personal e-mail account out of Hong Kong?  What about the United Nations using an e-mail address in Kenya?
    Simple ... they aren't the organization they claim to be and you should avoid clicking on anything except the delete button on your e-mail service for that e-mail.

Some specifics you can look for that are quick giveaways to fraud:

  1. Did you just win a lottery, drawing or contest that you never entered?

  2. Is someone offering you part of a significant amount of material wealth in goods or cash for a
    relatively small payment to cover duties or legal costs? They could borrow that for less!

    Is there a company logo or name given? Is it the current logo or is the name misspelled?
    Microsoft has been spelled MICR0S0FT in the message?  Look closely at the name.
    The capital "O" has been replaced with a numeric zero to avoid prosecution in some countries.

    Is this a sales job where you wire money to them after cashing their check? Watch for the check to bounce, you owe fees and the cash you wired is gone for ever.  The time to cash their check is longer than the time to wire funds and by the time it is realized, they are long gone.

    Why is the United Nations, which has few funds, giving away money to you?

  3. If your computer has a serious problem, why has your computer contacted someone you don't know, they don't know you and why did you not get this critical message about this problem?
    Our friends at Microsoft do NOT MONITOR YOUR COMPUTER, they DO AND WILL NOT CALL YOU and do DO NOT HAVE THIRD PARTIES standing call you and offer their services for a price.  Good people pay these "crooks" to do nothing positive based on reports received.


How you can stop this?

    One person cannot stop them but one person can make others aware of these activities and impact
    their operations.
  1. Do not provide the caller or e-mail sender any information ... nothing.  Do not answer any questions.  Ignore the e-mail, hang up on the caller.  You do not owe them any apology,  explanation, or the time of day.

  2. Understand that hacker's are now obtaining personal information on millions of people and often resell this information for a few dollars per THOUSAND people.  So what if they know your address, name and telephone number?  The Federal government has that information including medical information on you.  Do not trust an unverified caller - don't trust them - confirm it using known sources and not using a phone number or e-mail address they provide you.

  3. With your address obtained through attacks or the phone book, hackers can sent out on-line links for significant discount at stores in your local area.  The links may inflect your computer or hold your computer's data and programs for ransom.

Case Studies of Actual Attacks

In the many pages that follow we have collected a number of actual attacks used to gain your trust to solicit your involvement in doing dumb things that may deprive you of money, a safe computer, expose you to potential loss or exposure of your information and/or potential damage or destruction of your computer and/or leave you open to potential criminal prosecution.

It's a rough world out there and you are your own last line of defense.
Learn how to spot the games and shut them down!