Hello people,

Yonko here. With all the buzz around holidays and the upcoming April Fools’ Day, this seems like a very good time to punch a few lines about this Conficker menace virus and how to protect yourself from it. If you haven’t heard about Conficker then you should educate yourself. Conficker is one of the worst viruses to date. It spreads by exploiting unpatched computers. It comes in three known variants – Conficker.A, Conficker.B, Conficker.C. Each version of Conficker features a “new and improved” set of tools to make your dream-come-true vacation in the Caribbean a nightmare. As an example, version C has the ability to disseminate itself through thumb drives (a.k.a. flash drives, a.k.a. where’s my can-never-find-it-thingamagic).

Now, I can write all day about how Conficker can spread and infect, but what I really want to tell you about is How To Protect Yourself From it. Right now there are two options: you either have Conficker on you machine, effectively turning it into a drone, or you don’t… and you are a happy camper.

One way to find out is to attempt to run a Windows Update by going to Start, All Programs and then Windows Update. Find and install all available updates and you “should” be okay. As with any anti-virus vs. virus battle it’s all a matter of catching up to one another.

So, make sure your computers are up-to-date and Conficker would be just another funny name on the news reel for you.

Now, if you do have it, you would probably know it immediately. Windows update would probably not run. And your access to well-known and respected anti-virus websites like AVG, Symantec, McAfee,Kaspersky etc would be restricted or blocked. Microsoft has released a special patch to address this vulnerability in its, otherwise solid as a 10-foot steel blast door, Windows operating system. You can find it here and make sure you select the right operating system at the bottom of the page, then download the file and install it.

In the event that you have it, call for help. Even I cannot tell you the extent of damage this thing can cause.

To Protect Yourself and Your Computer from Conficker or any other modern virus keep your anti-virus software updated, same goes for your computer.

I use ZoneAlarm as my antivirus/antispyware but it might be too much for you. My recommendation is AVG as it is less likely to stump you with questions you don’t know the answer to.

Have fun and stay safe. You know how to find me

Hello KW Agents,

Yonko Ganchev here.

Please be aware of this scam that you might have received in your mailbox. Under any circumstances are you to submit any confidential information to this person. A huge Thank You goes out to Liz Wellman and Felicia Leyva-Adams for sending me that email. KW Support is fully aware of this scam, evidenced by their response:

And here is the actual email, the spelling mistakes have been preserved:

From: EIRCOM UPGRADING TEAM [marybgahan@eircom.net]

Send: Thursday, March 19, 2009 12:14 PM

Subject: Dear Webmail.KW.com Account Owner

Dear Kw.com Account Owner,

This message is from Kw.com mail admin messaging center to all Kw.com mail account owners.  We are currently updating our database and e-mail account center. We are canceling  unused Kw.com e-mail account to create more space for new accounts.

To prevent your account from closing you will have to update it below to know it’s status as a currently used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Kw.com Email Username:

Kw.com Email Password:

Date of Birth:

country:

The above information  should be directed to Customer service e-mail bellow

EMAIL:    eircomupgrading2009@live.com

Warning!!! Any account owner that refuses to update his/her account within Three days of this update notification will loose his/her account permanently.

Thank you for using Eircom.net mail

Support Team

Warning Code: ID67565434

————————-

Find the home of your dreams  with eircom net property Sign up for email alerts now http://www.eircom.net/propertyalerts

Again, please do not submit any information to this email address. This is a SCAM.

Your Tech guy,

Yonko

Hello again,

Yonko here. Here is another classic scam, this one looks even more legitimate than the PayPal scam. Very elaborate I would say. Yet, it remains a scam. A huge Thank you goes out to Sheri Arispe for forwarding that email to me. Here’s a picture of the email:

Bank Of America Phishing Scam

Moreover the Subject Line of the email stated: Your Bank of America account may have been accessed from an unauthorized computer! Also the email is obscured under Bank Of America, whereas it actually is coming from ixmmbd@accounts.net. Hm, Bank of America email address???? Not!

Pretty convincing, yes? And it is, however, upon scrutiny the actual website that the link in the email will take you to is:

http://24-171-24-196.dhcp.stls.mo.charter.com/online (DO NOT FOLLOW), which eventually terminates into http://96.38.230.38/member/ (DO NOT FOLLOW). And that particular address…? What do we find out about it is that it has been reported as a malicious one. How do I know? I use Firefox and it stopped my attempts to open the website by displaying this picture:

Firefox saved the day from web forgery

So, please, please, please always check where a link would take you before clicking on it.

Thanks,

Yonko

www.HomeOfficeTechSupport.com

Hello again people,

Yonko here. Just had this pop up in my mailbox today, a second time in two days. Classic spam/phishing email. In essence it looks very legitimate, unfortunately it’s not. Here’s the email:

Subject was:  PayPal Notification, and the sender was covered to look like Support.

Dear PayPal Member,

We recently have determined that different computers have logged onto
your PayPal account, and multiple password failures were present before
the logins. We now need you to re-confirm your account information to us.
If this is not completed by March 11, 2009, we will be forced to suspend
your account indefinitely, as it may have been used for fraudulent purposes.
We thank you for your cooperation in this manner. To confirm your Account
records click on the following link:

http://www.paypal.com/us/cgi-bin/webscr?cmd=_login-submit&dispatch=588

Thank you for your patience in this matter.
PayPal Customer Service.
Please do not reply to this e-mail as this is only a notification.

1999-2009 PayPal. All rights reserved.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Scanned with Copfilter Version 0.84beta3a (ProxSMTP 1.6)
AntiVirus: ClamAV 0.91.2/9095 – Wed Mar 11 17:20:07 2009
by Markus Madlener @ http://www.copfilter.org

Sure looks relatively okay. Trust me it’s not. The address that this link points you to is:

http://211.147.211.100:8085/webscr/webscr/login.htm?cmd=_login-run?CMD=Login

Here are the flags:

1. PayPal does not send messages like this.

2. PayPal always works with secure websites. The Link does not start with httpS:// but with http:// which means it is not secure. It does not point to the PayPal website. It points to some unknown server – 211.147.211.100.

3. For those of you that were present in my Security, Firewalls and Anti-Virus/Spyware class you know that a link may appear to be legitimate but you need simply place you mouse over it to see where it would take you. In this case, somewhere to a server in China, downloading who knows what.

Stay away from messages like this one. No bank or financial institution would just “lose” your information, they make money off of you so it is in their BEST interest to keep that information safe and secure even from yourself.

Your helping hand in trying times,

Yonko

www.HomeOfficeTechSupport.com