Fake credit card processor email. Sure this message is form Mastercard/VISA, even though the website it comes from is ccsecured1srv.wufoo.com... Wufoo is a way to create and share online forms. This form makes it look like you're logging into your account so they can steal your credentials. Fun fact: dot CAT from the email address has nothing to do with cats, it was created for Catalan, the region of Eastern Spain.
We are asked, from time to time, what advice we'd give parents and kids about learning how to navigate the Internet. The first advice we give is don't expect your kids to be able to navigate the Internet alone. It's like walking down a dark downtown alley in the middle of the night, you never know what you're going to find - maybe it will be empty and maybe you'll find a predator. Or maybe you'll panic yell fire and all hell will break loose.
We don't normally write about threats in the real world, focusing more on the online world, but in this case there's a real threat coming from the online world - specifically Craigslist locally in the Reno / Sparks area.
For those who sell items on Craigslist there has always been a certain amount of risk involved. Some of the crimes associated with Craigslist include:
The list could go on and on and on.
So this morning when this suspicious email arrived in one of our employees in-boxes it seemed important to get the message out to the area before there's a news report that begins Reno / Sparks, Nevada 2015.
This person did indeed have an item offered on Craigslist this weekend and this would be a genuine reply to that ad, the "Original craigslist post" took you there until it was deleted this morning. However, there are some red flags in this email, such as "this item" that should make people stop and consider whether it's a legitimate offer for purchase or not.
The obvious concern is this is someone or several people trying to lure victims to a parking lot where they could be robbed or worse. As out in public as a Walmart parking lot might seem, unless you're parked right at the front there's a lot more privacy in those parking lots than you'd initially think. There is a sense that you're being told something about the person with the email address, but using two women's names is more likely a ruse to put you at ease.
This email has been reported to the local authorities who said this email is unusual as most of the Craigslist scams they see involve a scam for money with no in person meeting; it's the here I've sent you $1000 for a $500 item, send me the change scam. It's not until after you've sent them their "change" that you discover the $1000 check or money order is bad or forged.
Always be safe when using Craigslist to buy or sell items!
Another bit of malware, named WireLurker, has been discovered targeting iPhones and iPads.
iPhone and iPads are infected when the device is connected through USB to a Mac computer where an infected OS X app has been downloaded. The source of the infection is reported to be third-party OS X apps in the Maiyadi App Store in China. For the time being most of the reports of infection are located in China. Apple devices are at risk whether they've been jailbroken or not.
Security firm Palo Alto Networks researcher Claud Xiao has said this "heralds a new era in malware attacking Apple's desktop and mobile platform" and is "the biggest in scale we have ever seen."
The larger the Apple market share, the more attractive Apple becomes as a target for cyber criminals.
Palo Alto Networks says the infected WireLurker app has been downloaded over 356,000 times to OS X computers, how many of those computers have attached via USB to an iPhone or iPad is unclear. Once infected the malware has the capability of stealing "a variety of information" from the mobile device.
The recommendation is the same for iOS or Android, don't download from third-party app stores.
If nothing else, this malware is a proof of concept for malware / virus developers that Apple devices are not impenetrable.
A fake FedEx email is making the rounds and because the link to get the shipping information is cleverly hidden in an image you might be tempted to click before evaluating the legitimacy of this email. 
We'll take this email apart step by step so you can get an understanding of just how fake it is.
Let's start with the FedEx logo - how many of you noticed that the logo isn't quite right. Here's their logo image from their website.
Both the font and color are wrong in the email. It's also missing the registered trademark or copyright symbol which is prevalent whenever you see "FedEx" used online and in emails.
Next, for the sake of logic, were you expecting a parcel from FedEx? Or were you excited by the idea that someone sent you something unexpected so you hit "Get Shipment Label" before thinking about it? And while we're considering it, where does "Get Shipment Label" take you? It certainly doesn't take you to fedex.com - instead it takes you to master-insight.com. Well what is that? master-insight.com was registered earlier this year through GoDaddy to an entity appearing to be located in Hong Kong.
Not very likely that master-insight.com knows anything about any parcels either delivered or undeliverable to you.
So let's look at the who the email reports to be from: "FedEx SmartPost <This email address is being protected from spambots. You need JavaScript enabled to view it.>". Ok so then what is fefmont.org? Fefmont.org comes up as registered to an organization Franciscanas del Espiritu Santo de Montpellier in Madrid. The organization in Madrid translates to Franciscan Sisters of the Holy Spirit and has domains franciscanasmontpellier.org and fefmont.es, .es is the country code for Spain.
Expecting a parcel from Spain were you?
Finally looking into the headers confirms the European tie.
195.76.183.201 is a RIPE IP Address (RIPE is the European version of ARIN which stands for American Registry for Internet Numbers).
After all of that, does anything about this email seem legitimate? Obviously that was rhetorical. But so many will be so excited by a secret surprise parcel that they won't stop to evaluate the legitimacy of this email before clicking "Get Shipment Label"...
Another group has made a copycat of CryptoLocker, and they've gone so far as to even use the CryptoLocker name. Although recently some users are now seeing the infection as TorrentLocker, perhaps the original creators of CryptoLocker are feeling territorial about use of their name. Beyond stealing the name and being a ransomware infection, these two infections are not the same.
This new CryptoLocker works to encrypt all of your data and renames the files with a .encrypted file extension; although this version does not delete shadow volume copies which in some cases can be used to recover files. You then receive a ransom note, so to speak, giving you a link to purchase the decryption key for your files. The cost for the decryption key is 1.8 Bitcoins and interestingly is posted as AUD, Australian currency. 1.8 Bitcoins may seem like an odd amount, but at the time of this CryptoLocker's release it was equal to 1,000 AUD.
Upon clicking the link you're sent to a website that, at least in some screen shots, provides a Buy It Now price and a Buy It Later price as well as the total number of files encrypted. Clearly wanting to make sure you are able to buy the decryption key you are also offered information on how to register a Bitcoin wallet and how to purchase Bitcoins. 
This infection is using a static Bitcoin address so anyone can go see the payment activity associated with those purchasing the decryption key. As of this morning total Bitcoins received stands at 77.52790304 BTC or roughly $36,876 USD since late August. The cyber criminals haul is over $35k USD in just over 2 weeks. Looking at booty like that and it should become clear to everyone why this kind of crime isn't going anywhere and why having a quality enterprise backup solution is a must have for any business. Call or email Top Speed today to learn what an Enterprise Backup Solution will do to protect your company's valuable data. 775-852-1811 or This email address is being protected from spambots. You need JavaScript enabled to view it.
UPS Stores have reported that malware has been found on Point of Sale (PoS) systems in 51 stores around the country including one locally on Keystone Avenue. Twenty-four states are reported to have stores affected by this malware.
This particular malware went undetected for quite sometime as it was not caught by anti-virus software. The malware found is believed to have compromised credit and debit card information, as well as postal and email addresses.
The breach includes approximately 100,000 transactions between January 20, 2014 and August 11, 2014, dates vary by specific location. UPS spokesman Chelsea Lee has said the company is not currently aware of any fraud related to the attack.
If you or anyone you know has shopped with a credit card at the Keystone Avenue location or any other UPS Store make sure you take necessary steps to protect yourself and pass the information on to others who may also be affected. Currently the UPS Store's advisory says they do "not have sufficient customer information to contact potentially affected customers." So it is now to the communities and social media to spread this information so anyone who may have been affected can act before they experience any kind of credit / debit card fraud.
From Tim David, President of The UPS Store, "Please know we take our responsibility to protect customer information seriously and have committed extensive resources to addressing this incident. We understand this type of incident can be disruptive and apologize for any anxiety this may have caused."
If you shopped at The UPS Store and are concerned you're at risk make sure you make use of the free credit monitoring being offered. For a full list of affected stores, see below. For the Data Security Incident Information or All Clear ID protection being offered click here.
This is another example of the kind of PoS malware previously seen in the Target breach. It seems clear that PoS malware is becoming a larger and more serious threat to retail stores and it is important companies take steps toward securing their Point of Sale systems. 
PastaLeads is one of the most annoying Adware out there. This isn't the kind of infection that just slows down your computer, this nasty piece of Adware creates a Windows service that constantly runs in the background and as if that weren't bad enough if also configures your web browser to use a proxy server.
What does that mean for my computer? PastaLeads generates leads typically for outbound sales companies, for instance let's say you need auto insurance so you do a search. Suddenly a window pops up with a form where you enter your information and then the program will send that "lead" to auto insurance sales people who will contact you.
Wait, you say, that seems helpful, not harmful. As helpful as this program seems the problems caused are two-fold, first you will be inundated in pop-up advertisements, all kinds of insurance, tech support (which are often scams that will try and get you to spend a fortune for a non-existent problem, see this article for more details), home cleaning services, lawn care, etc. Second any information you enter, consider what you enter whenever applying for any kind of insurance, is immediately shipped off to unknown 3rd parties to use for marketing or other more nefarious purposes.
How does your computer end up with PastaLeads or PastaQuotes installed? This is one of those infections that piggy backs on top of free software you download and install off of the Internet. Remember the old adage, "There's no such thing as a free lunch", there's also no such thing as free software off the Internet.
It is very important you pay attention when installing any software onto your computer! Sure it looks easy to just click through and select the Recommended install when you get to the screen that has installation choices like "Standard (Recommended)" or "Custom" sometimes also "Advanced", but if you want to know what 3rd party crud is being installed along with your software you should typically choose Custom or Advanced as that will often allow you to opt out.
Additionally when you read the license agreement (yes you should read it) or the installation screens and you find them telling you that they will be installing a toolbar or other addon along with the desired software now would be the time to cancel the install and go find another option.
Or more generally speaking simply avoiding "free" software is the best way to go, because if that free software includes something you have to pay a computer company to remove, then it really wasn't free in the first place. 
Fake credit card processor email. Sure this message is form Mastercard/VISA, even though the website it comes from is ccsecured1srv.wufoo.com... Wufoo is a way to create and share online forms. This form makes it look like you're logging into your account so they can steal your credentials. Fun fact: dot CAT from the email address has nothing to do with cats, it was created for Catalan, the region of Eastern Spain.
We are asked, from time to time, what advice we'd give parents and kids about learning how to navigate the Internet. The first advice we give is don't expect your kids to be able to navigate the Internet alone. It's like walking down a dark downtown alley in the middle of the night, you never know what you're going to find - maybe it will be empty and maybe you'll find a predator. Or maybe you'll panic yell fire and all hell will break loose.
We don't normally write about threats in the real world, focusing more on the online world, but in this case there's a real threat coming from the online world - specifically Craigslist locally in the Reno / Sparks area.
For those who sell items on Craigslist there has always been a certain amount of risk involved. Some of the crimes associated with Craigslist include:
The list could go on and on and on.
So this morning when this suspicious email arrived in one of our employees in-boxes it seemed important to get the message out to the area before there's a news report that begins Reno / Sparks, Nevada 2015.
This person did indeed have an item offered on Craigslist this weekend and this would be a genuine reply to that ad, the "Original craigslist post" took you there until it was deleted this morning. However, there are some red flags in this email, such as "this item" that should make people stop and consider whether it's a legitimate offer for purchase or not.
The obvious concern is this is someone or several people trying to lure victims to a parking lot where they could be robbed or worse. As out in public as a Walmart parking lot might seem, unless you're parked right at the front there's a lot more privacy in those parking lots than you'd initially think. There is a sense that you're being told something about the person with the email address, but using two women's names is more likely a ruse to put you at ease.
This email has been reported to the local authorities who said this email is unusual as most of the Craigslist scams they see involve a scam for money with no in person meeting; it's the here I've sent you $1000 for a $500 item, send me the change scam. It's not until after you've sent them their "change" that you discover the $1000 check or money order is bad or forged.
Always be safe when using Craigslist to buy or sell items!
Another bit of malware, named WireLurker, has been discovered targeting iPhones and iPads.
iPhone and iPads are infected when the device is connected through USB to a Mac computer where an infected OS X app has been downloaded. The source of the infection is reported to be third-party OS X apps in the Maiyadi App Store in China. For the time being most of the reports of infection are located in China. Apple devices are at risk whether they've been jailbroken or not.
Security firm Palo Alto Networks researcher Claud Xiao has said this "heralds a new era in malware attacking Apple's desktop and mobile platform" and is "the biggest in scale we have ever seen."
The larger the Apple market share, the more attractive Apple becomes as a target for cyber criminals.
Palo Alto Networks says the infected WireLurker app has been downloaded over 356,000 times to OS X computers, how many of those computers have attached via USB to an iPhone or iPad is unclear. Once infected the malware has the capability of stealing "a variety of information" from the mobile device.
The recommendation is the same for iOS or Android, don't download from third-party app stores.
If nothing else, this malware is a proof of concept for malware / virus developers that Apple devices are not impenetrable.
A fake FedEx email is making the rounds and because the link to get the shipping information is cleverly hidden in an image you might be tempted to click before evaluating the legitimacy of this email. We'll take this email apart step by step so you can get an understanding of just how fake it is.
Let's start with the FedEx logo - how many of you noticed that the logo isn't quite right. Here's their logo image from their website.
Both the font and color are wrong in the email. It's also missing the registered trademark or copyright symbol which is prevalent whenever you see "FedEx" used online and in emails.
Next, for the sake of logic, were you expecting a parcel from FedEx? Or were you excited by the idea that someone sent you something unexpected so you hit "Get Shipment Label" before thinking about it? And while we're considering it, where does "Get Shipment Label" take you? It certainly doesn't take you to fedex.com - instead it takes you to master-insight.com. Well what is that? master-insight.com was registered earlier this year through GoDaddy to an entity appearing to be located in Hong Kong.
Not very likely that master-insight.com knows anything about any parcels either delivered or undeliverable to you.
So let's look at the who the email reports to be from: "FedEx SmartPost <This email address is being protected from spambots. You need JavaScript enabled to view it.>". Ok so then what is fefmont.org? Fefmont.org comes up as registered to an organization Franciscanas del Espiritu Santo de Montpellier in Madrid. The organization in Madrid translates to Franciscan Sisters of the Holy Spirit and has domains franciscanasmontpellier.org and fefmont.es, .es is the country code for Spain.
Expecting a parcel from Spain were you?
Finally looking into the headers confirms the European tie.
195.76.183.201 is a RIPE IP Address (RIPE is the European version of ARIN which stands for American Registry for Internet Numbers).
After all of that, does anything about this email seem legitimate? Obviously that was rhetorical. But so many will be so excited by a secret surprise parcel that they won't stop to evaluate the legitimacy of this email before clicking "Get Shipment Label"...
Another group has made a copycat of CryptoLocker, and they've gone so far as to even use the CryptoLocker name. Although recently some users are now seeing the infection as TorrentLocker, perhaps the original creators of CryptoLocker are feeling territorial about use of their name. Beyond stealing the name and being a ransomware infection, these two infections are not the same.
This new CryptoLocker works to encrypt all of your data and renames the files with a .encrypted file extension; although this version does not delete shadow volume copies which in some cases can be used to recover files. You then receive a ransom note, so to speak, giving you a link to purchase the decryption key for your files. The cost for the decryption key is 1.8 Bitcoins and interestingly is posted as AUD, Australian currency. 1.8 Bitcoins may seem like an odd amount, but at the time of this CryptoLocker's release it was equal to 1,000 AUD.
Upon clicking the link you're sent to a website that, at least in some screen shots, provides a Buy It Now price and a Buy It Later price as well as the total number of files encrypted. Clearly wanting to make sure you are able to buy the decryption key you are also offered information on how to register a Bitcoin wallet and how to purchase Bitcoins. This infection is using a static Bitcoin address so anyone can go see the payment activity associated with those purchasing the decryption key. As of this morning total Bitcoins received stands at 77.52790304 BTC or roughly $36,876 USD since late August. The cyber criminals haul is over $35k USD in just over 2 weeks. Looking at booty like that and it should become clear to everyone why this kind of crime isn't going anywhere and why having a quality enterprise backup solution is a must have for any business. Call or email Top Speed today to learn what an Enterprise Backup Solution will do to protect your company's valuable data. 775-852-1811 or This email address is being protected from spambots. You need JavaScript enabled to view it.
UPS Stores have reported that malware has been found on Point of Sale (PoS) systems in 51 stores around the country including one locally on Keystone Avenue. Twenty-four states are reported to have stores affected by this malware.
This particular malware went undetected for quite sometime as it was not caught by anti-virus software. The malware found is believed to have compromised credit and debit card information, as well as postal and email addresses.
The breach includes approximately 100,000 transactions between January 20, 2014 and August 11, 2014, dates vary by specific location. UPS spokesman Chelsea Lee has said the company is not currently aware of any fraud related to the attack.
If you or anyone you know has shopped with a credit card at the Keystone Avenue location or any other UPS Store make sure you take necessary steps to protect yourself and pass the information on to others who may also be affected. Currently the UPS Store's advisory says they do "not have sufficient customer information to contact potentially affected customers." So it is now to the communities and social media to spread this information so anyone who may have been affected can act before they experience any kind of credit / debit card fraud.
From Tim David, President of The UPS Store, "Please know we take our responsibility to protect customer information seriously and have committed extensive resources to addressing this incident. We understand this type of incident can be disruptive and apologize for any anxiety this may have caused."
If you shopped at The UPS Store and are concerned you're at risk make sure you make use of the free credit monitoring being offered. For a full list of affected stores, see below. For the Data Security Incident Information or All Clear ID protection being offered click here.
This is another example of the kind of PoS malware previously seen in the Target breach. It seems clear that PoS malware is becoming a larger and more serious threat to retail stores and it is important companies take steps toward securing their Point of Sale systems.
PastaLeads is one of the most annoying Adware out there. This isn't the kind of infection that just slows down your computer, this nasty piece of Adware creates a Windows service that constantly runs in the background and as if that weren't bad enough if also configures your web browser to use a proxy server.
What does that mean for my computer? PastaLeads generates leads typically for outbound sales companies, for instance let's say you need auto insurance so you do a search. Suddenly a window pops up with a form where you enter your information and then the program will send that "lead" to auto insurance sales people who will contact you.
Wait, you say, that seems helpful, not harmful. As helpful as this program seems the problems caused are two-fold, first you will be inundated in pop-up advertisements, all kinds of insurance, tech support (which are often scams that will try and get you to spend a fortune for a non-existent problem, see this article for more details), home cleaning services, lawn care, etc. Second any information you enter, consider what you enter whenever applying for any kind of insurance, is immediately shipped off to unknown 3rd parties to use for marketing or other more nefarious purposes.
How does your computer end up with PastaLeads or PastaQuotes installed? This is one of those infections that piggy backs on top of free software you download and install off of the Internet. Remember the old adage, "There's no such thing as a free lunch", there's also no such thing as free software off the Internet.
It is very important you pay attention when installing any software onto your computer! Sure it looks easy to just click through and select the Recommended install when you get to the screen that has installation choices like "Standard (Recommended)" or "Custom" sometimes also "Advanced", but if you want to know what 3rd party crud is being installed along with your software you should typically choose Custom or Advanced as that will often allow you to opt out.
Additionally when you read the license agreement (yes you should read it) or the installation screens and you find them telling you that they will be installing a toolbar or other addon along with the desired software now would be the time to cancel the install and go find another option.
Or more generally speaking simply avoiding "free" software is the best way to go, because if that free software includes something you have to pay a computer company to remove, then it really wasn't free in the first place.
Fake credit card processor email. Sure this message is form Mastercard/VISA, even though the website it comes from is ccsecured1srv.wufoo.com... Wufoo is a way to create and share online forms. This form makes it look like you're logging into your account so they can steal your credentials. Fun fact: dot CAT from the email address has nothing to do with cats, it was created for Catalan, the region of Eastern Spain.
We are asked, from time to time, what advice we'd give parents and kids about learning how to navigate the Internet. The first advice we give is don't expect your kids to be able to navigate the Internet alone. It's like walking down a dark downtown alley in the middle of the night, you never know what you're going to find - maybe it will be empty and maybe you'll find a predator. Or maybe you'll panic yell fire and all hell will break loose.
We don't normally write about threats in the real world, focusing more on the online world, but in this case there's a real threat coming from the online world - specifically Craigslist locally in the Reno / Sparks area.
For those who sell items on Craigslist there has always been a certain amount of risk involved. Some of the crimes associated with Craigslist include:
The list could go on and on and on.
So this morning when this suspicious email arrived in one of our employees in-boxes it seemed important to get the message out to the area before there's a news report that begins Reno / Sparks, Nevada 2015.
This person did indeed have an item offered on Craigslist this weekend and this would be a genuine reply to that ad, the "Original craigslist post" took you there until it was deleted this morning. However, there are some red flags in this email, such as "this item" that should make people stop and consider whether it's a legitimate offer for purchase or not.
The obvious concern is this is someone or several people trying to lure victims to a parking lot where they could be robbed or worse. As out in public as a Walmart parking lot might seem, unless you're parked right at the front there's a lot more privacy in those parking lots than you'd initially think. There is a sense that you're being told something about the person with the email address, but using two women's names is more likely a ruse to put you at ease.
This email has been reported to the local authorities who said this email is unusual as most of the Craigslist scams they see involve a scam for money with no in person meeting; it's the here I've sent you $1000 for a $500 item, send me the change scam. It's not until after you've sent them their "change" that you discover the $1000 check or money order is bad or forged.
Always be safe when using Craigslist to buy or sell items!
Another bit of malware, named WireLurker, has been discovered targeting iPhones and iPads.
iPhone and iPads are infected when the device is connected through USB to a Mac computer where an infected OS X app has been downloaded. The source of the infection is reported to be third-party OS X apps in the Maiyadi App Store in China. For the time being most of the reports of infection are located in China. Apple devices are at risk whether they've been jailbroken or not.
Security firm Palo Alto Networks researcher Claud Xiao has said this "heralds a new era in malware attacking Apple's desktop and mobile platform" and is "the biggest in scale we have ever seen."
The larger the Apple market share, the more attractive Apple becomes as a target for cyber criminals.
Palo Alto Networks says the infected WireLurker app has been downloaded over 356,000 times to OS X computers, how many of those computers have attached via USB to an iPhone or iPad is unclear. Once infected the malware has the capability of stealing "a variety of information" from the mobile device.
The recommendation is the same for iOS or Android, don't download from third-party app stores.
If nothing else, this malware is a proof of concept for malware / virus developers that Apple devices are not impenetrable.
A fake FedEx email is making the rounds and because the link to get the shipping information is cleverly hidden in an image you might be tempted to click before evaluating the legitimacy of this email. We'll take this email apart step by step so you can get an understanding of just how fake it is.
Let's start with the FedEx logo - how many of you noticed that the logo isn't quite right. Here's their logo image from their website.
Both the font and color are wrong in the email. It's also missing the registered trademark or copyright symbol which is prevalent whenever you see "FedEx" used online and in emails.
Next, for the sake of logic, were you expecting a parcel from FedEx? Or were you excited by the idea that someone sent you something unexpected so you hit "Get Shipment Label" before thinking about it? And while we're considering it, where does "Get Shipment Label" take you? It certainly doesn't take you to fedex.com - instead it takes you to master-insight.com. Well what is that? master-insight.com was registered earlier this year through GoDaddy to an entity appearing to be located in Hong Kong.
Not very likely that master-insight.com knows anything about any parcels either delivered or undeliverable to you.
So let's look at the who the email reports to be from: "FedEx SmartPost <This email address is being protected from spambots. You need JavaScript enabled to view it.>". Ok so then what is fefmont.org? Fefmont.org comes up as registered to an organization Franciscanas del Espiritu Santo de Montpellier in Madrid. The organization in Madrid translates to Franciscan Sisters of the Holy Spirit and has domains franciscanasmontpellier.org and fefmont.es, .es is the country code for Spain.
Expecting a parcel from Spain were you?
Finally looking into the headers confirms the European tie.
195.76.183.201 is a RIPE IP Address (RIPE is the European version of ARIN which stands for American Registry for Internet Numbers).
After all of that, does anything about this email seem legitimate? Obviously that was rhetorical. But so many will be so excited by a secret surprise parcel that they won't stop to evaluate the legitimacy of this email before clicking "Get Shipment Label"...
Another group has made a copycat of CryptoLocker, and they've gone so far as to even use the CryptoLocker name. Although recently some users are now seeing the infection as TorrentLocker, perhaps the original creators of CryptoLocker are feeling territorial about use of their name. Beyond stealing the name and being a ransomware infection, these two infections are not the same.
This new CryptoLocker works to encrypt all of your data and renames the files with a .encrypted file extension; although this version does not delete shadow volume copies which in some cases can be used to recover files. You then receive a ransom note, so to speak, giving you a link to purchase the decryption key for your files. The cost for the decryption key is 1.8 Bitcoins and interestingly is posted as AUD, Australian currency. 1.8 Bitcoins may seem like an odd amount, but at the time of this CryptoLocker's release it was equal to 1,000 AUD.
Upon clicking the link you're sent to a website that, at least in some screen shots, provides a Buy It Now price and a Buy It Later price as well as the total number of files encrypted. Clearly wanting to make sure you are able to buy the decryption key you are also offered information on how to register a Bitcoin wallet and how to purchase Bitcoins. This infection is using a static Bitcoin address so anyone can go see the payment activity associated with those purchasing the decryption key. As of this morning total Bitcoins received stands at 77.52790304 BTC or roughly $36,876 USD since late August. The cyber criminals haul is over $35k USD in just over 2 weeks. Looking at booty like that and it should become clear to everyone why this kind of crime isn't going anywhere and why having a quality enterprise backup solution is a must have for any business. Call or email Top Speed today to learn what an Enterprise Backup Solution will do to protect your company's valuable data. 775-852-1811 or This email address is being protected from spambots. You need JavaScript enabled to view it.
UPS Stores have reported that malware has been found on Point of Sale (PoS) systems in 51 stores around the country including one locally on Keystone Avenue. Twenty-four states are reported to have stores affected by this malware.
This particular malware went undetected for quite sometime as it was not caught by anti-virus software. The malware found is believed to have compromised credit and debit card information, as well as postal and email addresses.
The breach includes approximately 100,000 transactions between January 20, 2014 and August 11, 2014, dates vary by specific location. UPS spokesman Chelsea Lee has said the company is not currently aware of any fraud related to the attack.
If you or anyone you know has shopped with a credit card at the Keystone Avenue location or any other UPS Store make sure you take necessary steps to protect yourself and pass the information on to others who may also be affected. Currently the UPS Store's advisory says they do "not have sufficient customer information to contact potentially affected customers." So it is now to the communities and social media to spread this information so anyone who may have been affected can act before they experience any kind of credit / debit card fraud.
From Tim David, President of The UPS Store, "Please know we take our responsibility to protect customer information seriously and have committed extensive resources to addressing this incident. We understand this type of incident can be disruptive and apologize for any anxiety this may have caused."
If you shopped at The UPS Store and are concerned you're at risk make sure you make use of the free credit monitoring being offered. For a full list of affected stores, see below. For the Data Security Incident Information or All Clear ID protection being offered click here.
This is another example of the kind of PoS malware previously seen in the Target breach. It seems clear that PoS malware is becoming a larger and more serious threat to retail stores and it is important companies take steps toward securing their Point of Sale systems.
PastaLeads is one of the most annoying Adware out there. This isn't the kind of infection that just slows down your computer, this nasty piece of Adware creates a Windows service that constantly runs in the background and as if that weren't bad enough if also configures your web browser to use a proxy server.
What does that mean for my computer? PastaLeads generates leads typically for outbound sales companies, for instance let's say you need auto insurance so you do a search. Suddenly a window pops up with a form where you enter your information and then the program will send that "lead" to auto insurance sales people who will contact you.
Wait, you say, that seems helpful, not harmful. As helpful as this program seems the problems caused are two-fold, first you will be inundated in pop-up advertisements, all kinds of insurance, tech support (which are often scams that will try and get you to spend a fortune for a non-existent problem, see this article for more details), home cleaning services, lawn care, etc. Second any information you enter, consider what you enter whenever applying for any kind of insurance, is immediately shipped off to unknown 3rd parties to use for marketing or other more nefarious purposes.
How does your computer end up with PastaLeads or PastaQuotes installed? This is one of those infections that piggy backs on top of free software you download and install off of the Internet. Remember the old adage, "There's no such thing as a free lunch", there's also no such thing as free software off the Internet.
It is very important you pay attention when installing any software onto your computer! Sure it looks easy to just click through and select the Recommended install when you get to the screen that has installation choices like "Standard (Recommended)" or "Custom" sometimes also "Advanced", but if you want to know what 3rd party crud is being installed along with your software you should typically choose Custom or Advanced as that will often allow you to opt out.
Additionally when you read the license agreement (yes you should read it) or the installation screens and you find them telling you that they will be installing a toolbar or other addon along with the desired software now would be the time to cancel the install and go find another option.
Or more generally speaking simply avoiding "free" software is the best way to go, because if that free software includes something you have to pay a computer company to remove, then it really wasn't free in the first place.
Phone: (775) 852-1811
Toll Free: (866) 511-1331
Fax: (775) 852-1844
Email: info@tsis.net
800 South Meadows Parkway
Suite 600
Reno, NV 89521