Jump to content

David H. Lipman

  • Content Count

  • Joined

  • Days Won


Everything posted by David H. Lipman

  1. Email clients aren't a vulnerability. Yes, certain email client software may fall to a software vulnerability that may be exploitable but they are few and far between and there is a myriad of email clients. The true vulnerability is the email recipient themselves. Many forms of malicious emails use Social Engineering which is the human exploit. The vulnerability is falling for a Phishing email or, what we were previously discussing, a sextortion email. The vulnerability is the susceptibility for falling for Social Engineering ploys.
  2. The email headers are forged and thus... pointless.
  3. Yes. Many frauds are created, placed in a template and are subsequently sold or bartered.
  4. Very, very, conditional. The sending email client can mark the email to receive a "Delivery Notification" and/or a "Read Receipt". The email system and the email client may act on them or they may not. By default the email recipient client software will deny "Read Receipt" and depending on the email client the recipient may get a message to the effect of (paraphrased ) "The sender has requested a Read Receipt, do you accept?". It is totally up to the system of the email recipient if a "Delivery Notification" is generated or not. Most do not.
  5. I have downgraded and lost nothing. Try deleting the ShortCut and then recreating it.
  6. All versions... http://ftp.mozilla.org/pub/firefox/releases/
  7. New email, still current Hello! I am a hacker who has access to your operating system. I also have full access to your account. I've been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited. If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device. This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence. Why your antivirus did not detect malware? Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent. I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched. With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use. If you want to prevent this, transfer the amount of $528 to my bitcoin address (if you do not know how to do this, write to Google: "Buy Bitcoin"). My bitcoin address (BTC Wallet) is: 1ELKdWgfed################pKSqcCjM After receiving the payment, I will delete the video and you will never hear me again. I give you 50 hours (more than 2 days) to pay. I have a notice reading this letter, and the timer will work when you see this letter. Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address. I do not make any mistakes. If I find that you have shared this message with someone else, the video will be immediately distributed. Best regards!
  8. Malvertising is not meant to harvest information per se. It is meant to present some kind of Social Engineering fraud. It could be; You Won, Your software X needs to be updated, it could be a fake news report pushing some Snake Oil product or it could be a FakeAlert. Some Examples of FakeAlerts: FakeAlert-Screens.pdf / Flash Version There are different flavours of Ransomware and they have different target audiences. It's all about the money ( in BitCoin form ). Obviously a corporate victim would get a higher value ransom that an individual. " Was I right that if I had clicked on any of the "alarm" buttons on this particular "You have won," then there could have been either identity theft or ransomware behind it? " Doubtful. They might try get you to divulge Personally Identifiable Information ( PII ) to use in other schemes and/or they could try to push a Snake Oil Remedy, get you to use some product, access a particular web site or other objective to obtain affiliate revenue. Different scam have different results and you are mixing them all up.
  9. The extortion email is a fraud. What they claim is a fraud. Just delete them.
  10. Anything in your Profile Downloads and you don't know about, just delete. Keyloggers ==> Malwarebytes.
  11. Q: I usually by cheap mice or earphones. Is there any danger in buying the cheapest equipment by non-top brands made in China? Maybe.... Depends on the vendor. Buy only through a well known, established, vendor. Buying cheap products from a "fly by night" would pose a greater risk. Q: And another question comes to my mind: I have some files/folders with multiple files on my computer which I don't remember neither where they came from, nor what they are. Is there a way to find out what those files are? That's too broad a question to answer. It would depend upon where those files/folders are located, what the File Types are ( Documents, Media, Executable, etc ) and the file dates may bring clarity to the question.
  12. Q: Is it better to have more e-mail accounts, or fewer (or even 1)? Have as many as you want or as few as you want. It is not better or worse. It is whatever works for you, Q: Obviously I should use different passwords everywhere. But what about logins? Should I use a different login on every website/app? Yes. Reduce victimization by being less predictable. Q: Personal details I enter on various websites should be fake whenever possible, I presume? Enter NO personal details. Q: Creating accounts on online stores (like Amazon, E-bay, Aliexpress, local ones and alike). Is it okay to have an account (which obviously will have to have my real details, including my address) or should I use "guest" accounts whenever it is possible? Guest when possible and don't store Credit Card with the site. When possible, don't even create an account. Q: Malwarebytes Web[somethingDon'tRememberExactly] extension. Should I use it and is there any benefit to me using it if I already have Malwarebytes Premium? Yes. They are no longer Beta and act on web sites other than what Malwarebytes Premium does. Q: VPN. Should I use it? If yes, when should I use it? Yes. But the VPN provider must be fully vetted as what you are blocking others from seeing, THEY ( the VPN provider ) will see. VPNs are only needed if you use a mobile platform and jump onto Public WiFi. Q: If yes, which ones could be considered best/safest ones (I was looking into Windscribe)? I don't have an answer but I am sure another responder will.
  13. So, how is the End User supposed to know where to go ?
  14. It is a malvertisement and is web based and not based upon what's on your device. However, the malvertising web site will use the device's User-Agent and GeoIP to perform victim specific targeting.
  15. That's what I mean. Is F/P reporting now bifurcated ? If it is, I suggest a F/P Reporting sub-forum in Malwarebytes Browser Guard specifically for Browser Extension Add-Ons.
  16. Are F/P Reporting for web sites intended to be bifurcated between here and Malwarebytes Browser Guard - ( Chrome and Firefox ) ?
  17. You mean that non malicious, WikiMedia, web site that hosts legitimate sound bites ? Why do you think it is a malicious site that you have to worry about their sound bites ? If you thought it was malicious, why did you post the site so it is a live, clickable, link ? Think !
  18. Is this still a Beta or is it an official release ? ( same with Chrome )
  19. Malwarebytes - it is just a one word name. Steganography - https://en.wikipedia.org/wiki/Steganography " Steganography (/ˌstɛɡəˈnɒɡrəfi/ (listen) STEG-ə-NOG-rə-fee) is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography combines the Greek words steganos (στεγᾰνός), meaning "covered or concealed", and graphe (γραφή) meaning "writing". " Graphic files manipulated through steganography or mathematical manipulation are not executable. Graphic files are rendered. That means a program, utility or a OS construct opens the file and displays the graphic accordingly. Such a file will still be rendered and the graphic shown. It may be a low quality graphic or it may me very simplistic for its physical size but rendering it will not cause a malicious binary that was embedded within to be executed. This takes an external file whether it be a a Script ( VBScript, Powershell, Python, etc ) or a utility that has been hard coded to take the manipulated graphic file and extract the malicious binary and execute it. A graphic file that has been specifically crafted to exploit a vulnerability in a graphics rendering engine is another story. But it is still not an auto executable situation. For example a malicious web site may be setup to host the Graphic file that has been created to exploit a graphics rendering vulnerability. When the graphic is viewed by the victim, the web site will attempt to take advantage of the chaos created by the graphics rendering vulnerability and exploit it where the web site causes a malicious executable to be downloaded and run. Alternatively this may be done in a specially crafted MS Word or MS Excel document which uses take advantage of the chaos created by the graphics rendering vulnerability and exploit and cause an embedded ( OLE ) malicious executable to be run or a VB Script to download a malicious executable and then run it. The important takeaway is that a graphic file can be malicious in nature but without external assistance can't infect a computer with malware. It will take that external assistance for it to take place. In the initial post it was specifically asked about "Google Images". Here the external assistance could be the Browser in conjunction with a malicious web site. While Malwarebytes products will not detect a malicious graphic via signature detection, its web protection module coupled with its exploitation protection module will mitigate that kind of threat.
  20. How "what" exactly works ? You quoted a post that touches; vulnerability exploitation, steganography and hiding malware in plain site by adding it to a graphic file.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.