So many of you have encouraged me with my woodturning that I have set up a website. Please point your browsers to http://www.truffuls.com to see all my pieces.
The piece at left is Spalted Dogwood and African Blackwood.
This just in from Computerworld:
"January 02, 2008 (Computerworld) — New "ransomware" that locks up a person’s PC and demands $35 to return control to its user is on the prowl, a security researcher said this week.
The extortionists tell victims of the Delf.ctk Trojan horse to dial a 900 number, said Alex Eckelberry, CEO of Sunbelt Software Distribution Inc., a Clearwater, Fla.-based security developer. That number can be traced to "passwordtwoenter.com," a payment processor also used by hardcore pornography Web sites to charge for access to their content, added Eckelberry.
Users infected with the Trojan horse see a full-screen message posing as an error generated by Windows, according to screenshots posted by Eckelberry on the Sunbelt company blog on Monday. "ERROR: Browser Security and Antiadware [sic] Software component license exprited [sic]," the message reads. "Surfing PORN, ADULT and some other kind of sites you like without this software is dangerows (sic) and threatens with infection of your computer by harmful viruses, adware, spyware, etc."
The bogus update window includes a "Click to activate new license" button that in turn brings up another screen, this one telling U.S. users to dial a 900 telephone number and enter a personal identification number (PIN). If the 900 number doesn’t work, the page instructs users to dial alternate numbers — one in the West African nation of Cameroon, the other a satellite telephone number.
"You’re completely locked out of the system" after the Delf.ctk Trojan horse installs and runs, said Eckelberry. The only way to regain control is to pay up by dialing.
A search on Google for the 900 number returns results pointing to passwordtwoenter.com, a Web site registered to Global Voice SA, a company based in the Republic of Seychelles, an island nation in the Indian Ocean. The IP address used by passwordtwoenter.com is shared with similar domains, including "pintoenter.com" and "chargemyphonebill.com," which are also registered to Global Voice.
Global Voice did not respond to e-mail sent to the address listed in the domain registration information for passwordtwoenter.com.
Ransomware, a term used to describe malware that tries to extort money from users after an infection — usually to return access to suddenly-encrypted files — is rare, but not unknown. The last outbreak of any note was in July 2007, when another Trojan horse, dubbed "GpCode," demanded $300 to unlocked frozen files."
According to the NY Times, a cyber attack via 1,100 targeted phishing emails, gave criminals access to databases inside a nuclear weapons laboratory (Oak Ridge in Tennessee). The criminals may have been from China or simply broke into computers in China to mask their true location.
Rednecks + nuclear weapons lab + phishing emails can never result in anything positive….
I just received this scam for Teachers Federal Credit Union. As it is a local financial institution that many of us use I’m posting it here as a warning.
I have notified them and provided the details.
If you recall my post from Nov. 20, the ComputerWorld article mentioned that scammers had figured out a way for their malicious sites to rise to the top of Google searches. Well, my heros at Google have put a stop to that evil infiltration of my online existence!
ComputerWorld reported yesterday that:
"November 28, 2007 (Computerworld) — Google Inc. has purged its index of the thousands of malware sites that wormed their way into results lists for hundreds of legitimate search phrases, researchers confirmed today.
"They look gone to us," said Alex Eckelberry, the CEO of Sunbelt Software Distribution Inc., the company that broke the news Monday of a massive, coordinated campaign by attackers to spread malware through search results on Google, Yahoo, Microsoft Live Search and other sites."
Please read the article for more information.
In any event, you still need to be careful. While your most successful searches will usually give you what you want within the first 10 - 20 hits, you still need to be wary of hits returned with odd URLs that just don’t seem like they really match what you were looking for. Learn to decipher the URLs in the search results. If you are searching for a book, you’d expect that the URLs returned in a search would relate in some way to books: www.amazon.com; www.booksellers.blah; libraries, publishers, etc…. but if the URL does not seem to fit in the group you may want to skip that result.
I’ve been spending my evenings and weekends in my woodshop making ornaments. Take a look at my Google Picasa Albums. If you’d like to see them live I have a tree in my office with all of them displayed. I try to add one or two each day depending on how long my back lasts at the lathe.
Many of you have seen these before, but if you haven’t, feel free to poke around. More will be added to this category when I get sick of making ornaments! 
Every day since my Florida trip I’ve gotten at least 5 phishing attempts, but since I’ve posted so many already I don’t see the value in posting them here.
Just be very sceptical of any email asking you to do anything concerning personal/financial information. There is an extremely high likelihood that it is an attempt to relieve you of your financial stability.
I’ll continue to post interesting samples to delight you, but for now, I’ll concentrate on other topics from the criminal underbelly.
Apparently, GPS Units are the hot item dirtbags are looking for this holiday "shopping" season. Last Monday, in broad daylight, in a busy parking lot, my car, not 30′ from my office, had its passenger side window smashed and my GPS stolen. Good thing they didn’t take the VHF Coast Guard radio or the Feds would be looking for them!
The joke is on them, our unit was broken; it didn’t hold a charge, and we were planning on getting a new one soon. But, I am disturbed that they have all my addresses that I frequent, even my dad’s in Florida. Now we have a groovy Garmin Nüvi 360! This thing has an 8 hour battery, interacts with your cellphone via Bluetooth and will even ready my Audible.com audio books! Oh, and it is password protected so it won’t unlock without the password or you are in our driveway!
From the intel I’ve gathered, they (the scum of the Earth), spot a GPS sucked to your window and smash and run. Some of them will even smash the window if they see a residual "suck mark" from the suction cup holder. A colleague reported that every car with a GPS on his block was broken into.
I made a small sign and am placing it on all the cars in my lot if I see evidence of a GPS Unit.
Ah, Christmas; it brings out the "BEST" in everyone!
A: Yes, and either way, you are screwed!
These are appearing more and more frequently in my inbox. They don’t send you to a bogus site, instead, they are sitting on their lazy backsides waiting for you to call them. Some of them claim this is a toll-free number, some claim they are in Indiana, or other states. Fact is, 641-665-XXXX is an exchange from New Haven, Iowa.
Interestingly enough, 641 is also used for calling card calls and other types of greedy tactics. Don’t people in Iowa have any legitimate business to attend to?
NEVER call a number provided in an email asking for personal info or telling you you’re a winner of some fortune or your card/account has been suspended/terminated, etc…. Call the number on your monthly statement or on the website you always go to (don’t click on a link in an email).
Can you spot the "Phake"? Take the PayPal Phishing Challenge and you too could become a PayPal Anti-Phishing Champion!
