狠狠撸

Organized Spam: Today's Racket

●
Globally costing us $130B in 2009
●
A list of a million emails cost $25 or less
●
Spammers paid nearly nothing in 3rd world
●
They pay $600 for WinRumer to generate countless
spambots to trash sites, steal your identity
●
It's so cheap they blast it to everybody
●
They are often beyond jurisdiction

Job Seeker's Defense Against Spammers – Sept 2012 – Chuck Thomas

Today’s Takeaways

? How passwords are hacked and avoiding it.
? How to identify links you should not click.
? How to effortlessly retrieve unique hard-to-crack
passwords in a secure place. (www.lastpass.com)
? Easy/free browser tools to confirm your bad feeling a
site is creepy. (www.mywot.com)


What's their game?
●
Hack your email to spam for them – break into your
other accounts.
●
Pose as legitimate organizations and ask for your
credit card, Social Secruity, other personal information.
This is known as Phishing.
●
To get money directly from you if you are foolish
enough.


What's their target?
The entire planet.
Some of the incredibly stupid spam is targeted to attack
incredibly clueless people that respond.
They are relentless, esp. the Borg-like spambots…they will
“assimilate” your PC into zombies to spam for them if possible.


Where are they from?
As just mentioned, spammers could hijack your PC to
spam for them. Spam sites tend to be in East or South
Asia, former Soviet states, accessed by either locals or
Americans.


Much of this is common sense
●
Don't rush
●
Ignore any “call for action” and click
●
Investigate


1st – The Basics
Have a recent and FULL backup on DVDs ($25) or external hard
drive (about $85)
Backup hardware is the only expense needed in this slideshow.
Google: EaseUS for free backup software


Need a Firewall to stop threats BEFORE they
enter your computer

?
Windows Vista / 7 / 8 users activate it inside
the Control Panel (Windows Firewall)
?
If using older Windows (like xp) – download
Microsoft Security Essentials (free) or a free
personal firewall from COMODO.com


Then you need an anti-virus product to kill the
intruders that get thru the firewall. These products
have free versions:
●
Microsoft Security Essentials (includes a firewall)
●
AVG
●
Avast
A FULL anti-virus scan weekly overnight.


Need to keep current on Microsoft updates, as most
address security.
Trivia: Microsoft typically does their updates the 2 nd
Tuesday of the month after 3pm Dallas time.
It’s known as “Patch Tuesday”


When Installing software, consider opting out of
most/all options

?
Toolbar add-ons are notorious for having spyware
?
Notifications for update, while legit, do slow down
your computer’s boot, and could compromise your
privacy


Remember this one thing!


Password Hacking Spambots

●
AAAAAA
●
AAAAAB
●
AAAAAC
●
…etc, etc.
●
if you have a short and simple password, this brute
force attempt WILL burn you if you don't change it
periodically.


Yahoo Job Groups
●
Very spam-ridden unless moderated
●
Suspect emails if no subject following the
Yahoo Group name in brackets
●
If content if just a link – delete as spam
●
If content has a generic message around
the link (i.e. comment spam) – it's likely spam
●
If you know the person – contact them!
●
If you have been hacked by a spammer,
change your password and do a full anti-virus
scanner

Another danger: Clicking without forethought
Spammers LOVE people who are too busy!
Great way to catch malware


What is Phishing?

A fraudulent email claiming to be from an organization
urging you to give out a password, Social Security
number, credit card #, etc. NEVER do this!
The easiest way to expose many of the phishing
scams is select the body of the email, right-click, and
do a Google search…it’s probably reported on sites
like www.snopes.com.
If you right-click the URLs of the “official” images –
they will often look 3rd party – not like the organization
they claim to be.
Example on next two slides….


> Continued…

A Woodcreek member that didn't change her password

From: NotCarefulEnough@yahoo.com
To: Way_too_many_business_contacts
Subject: VACATION PROBLEM
I'm writing this with tears in my eyes,my family and I came down
here to UNITED KINGDOM for a short vacation unfortunately we
were mugged at the park of the hotel where we stayed,all
cash,credit card and cell were stolen off us but luckily for us we
still have our passports with us...sob, sob, sob.
Swipe this, right-click and Google will expose this at snopes.com
and other sites.


If a friend you know got hacked….
?
Call or forward the email back to them!
?
If you use Hotmail/Outlook – click “My friend’s been
hacked!”


If you stop using an online account, seriously
consider closing it.

Why?

Idle email, Twitter, other accounts WILL
eventually get hacked by spambots


Spambot: “Bet you
used the same
“Crap! Knew I password for your
should have Twitter, bank accounts
changed that – that’s next!”
short password
last year”


Strong Passwords

●
8+ characters
●
Mixing alpha, numbers, special characters is better
●
Avoid Family/Pet names
●
Routinely incrementing by number or date is better
●
Do not use the same password other accounts.
●
If your browser offers to remember passwords – Don't!

There is an easy way to do this, answer in a couple of slides.


Resist the urge to save passwords as cookies
and become prey to the Dark Side


Use www.lastpass.com instead
?
Works on desktop, notebook, tablet, smartphones
?
Windows, Apple, Linux
?
Browsers Internet Explorer, Firefox, Chrome, Apple
Safari, Opera
?
It’s free!


How can LastPass.com help?

?
It securely stores your passwords in an easy to find
place for all your internet devices
?
It generates unique passwords for you
?
It automatically logs on for you (with permission)
?
It can coach you to better security
?
But DO NOT record your master password on your
computer or in the cloud


The LastPass Security Challenge can
help you make passwords hack-proof


If you record your password or hints – LIE!

Intentionally write down your password wrong in a way
YOU know what it really is. If someone else tries it they
won't be able to hack you.


Spammers are wolfs in sheep’s clothing.
Is it easy to expose them? Yes!


What if our browsers could call out scammers like that late 80's
TV ad did for car salesman Joe Izuzu? (i.e. "He's Scamming")
There is an app for that and it’s easy!


Go to mywot.com - download this browser add-on,
refresh browser.
It works for smartphones, tablets, notebooks, desktops,
Windows/Apple/Linux, browsers Internet Explorer,
Firefox, Chrome, Safari, Opera.


Note: Web of Trust rates trustworthniess.

Among other things, that includes unsuitable content
such as porn and hate speech, sites that may do
identity theft, malicious sites, unreliable online
business sites, and scammers.

The WOT app is like the Oil Gauge or Check Engine
light on your car’s dashboard. When the WOT red
circle appears, you decide if you are still interested in
the site.

Once you download the WOT app on your browser, a
ring will appear – usually by the URL to indicate the
trustworthness of the site with a score 0-100.

Score typically 100-80

Score typically 50-0


Example: WOT Finds a Scam

Job Seeker's Defense Against Spammers – Sept 2012 – 7, 2012 Thomas
Job Seeker's Defense Against Spammers – September Chuck

Rubbish Alert: Picture of a beautiful person living in Mountain
View, California, that’s probably from Manila. (tools to prove it)
Why did “John” and couple others sign this same post as
“Andrea?” (Hint: he may not even know how to speak English –
read on)


Why is his profile missing? Hmmm…


“John Duggan” sez you gotta click this site….


….but look at the top of your browser (right corner if
Chrome) – it’s zoomed in on this slide
The WOT add-on rated this site with a scarlet circle with
a rating of 5 out of 100 – how fast should you run?
www.realwritingjobs.com claims to be an easy way to
make money at home as an online writer…


How it looks in Internet Explorer – see the red circles?


How it looks in Apple Safari: warning is front and center


If you really want to investigate realwritingjobs.com, on
your browser, swipe and right-click it to activate your fav
search engine. Google found a site revealing it’s a
borderline scam site you will probably pay more in fees
than you will make in publishing articles.


Really Creepy Sites

The ones with the popups. When you leave, popups
will beg you to stay, sometimes even physically
keeping you from leaving. In those instances, close
the browser, killing it with Task Manager (search or
run taskmgr.exe) is necessary, or even shutting the
computer down.

Examples of such sites are “scareware” that makes it
seem your PC is infected with hundreds of viruses in
an attempt to make you buy.

Q: How do you tell a forum/group spammer?
A: They don’t talk back – just like that empty chair


Related: Don’t feed trollers/flamers on LinkedIn Groups
Besides: Employers can SEE you!


?
What is a troller? Anyone that joins a group/forum
simply to disrupt. In person, few are brazen enough to
pee in a public swimming pool or scream “Fire” in a
theater, but on the net losers do it all the time.
?
Flamer/agitator: Occasionally a person will be
obsessed with ONE topic to the exclusion of everything
else in their life, often of the socio/political variety. They
rant on it and badger others to agree, often with an
extremist viewpoint.
?
Arguments on forums are a bad idea. On the phone or
in person, people can sense “Enough!”, but on forums
people often go well beyond that and get enraged.
Other reasons such as being anonymous.

I recently opined on a LinkedIn Pet Group, then was
flamed by a couple of Animal Rights members that said
I was not current on that topic. I asked for links, but
they spend far more energy ranting demanding I blindly
be a yes-man to these strangers, then childishly hated
on every character I typed.
So I unjoined that LinkedIn Group and reported one of
them to LinkedIn…she had nothing in her profile: No
location, profession, nothing – so why is a non-
professional on LinkedIn?


Moral of the story: Don’t argue with idiots. They will
bring you down to their level then beat you with
experience.
Seriously, act like a shopkeeper on social media such
as LinkedIn, Facebook, Twitter, anything.
Shopkeepers bite their tongue on hot topics such as
politics, don’t argue – just be nice to all and get their
business!


Sometimes it's better to just get a new email

●
The old email may be impossible to clean up
●
Just be very selective on the use of your new email
●
Some email services such as Microsoft Outlook make
it easy to go into new mail/old email


Web email with best spam filters
●
Gmail
●
Hotmail (respectable 2nd)
●
Yahoo (well behind)


If you are concerned with the Google search engine
revealing your privacy, consider www.startpage.com


Emails in general

●
Again, check for no subject, suspicious or ALL CAPS
subject
●
Hover over the sender – you should see their email.
Does the name look machine-generated, have a
product name in it, or otherwise just odd? It may be a
spammer
●
Many job seekers abandon their email after landing.
You should continue to network, but if you retire that
email, change the password to a long phrase to hack-
proof it.


One way of publishing your email:

WoodcreekJobSeeker AT Gmail DOT COM

instead of WoodcreekJobSeeker@Gmail.com

…this may defeat spambots doing idenity theft

Yes, this is a bit parnoid, optional


"I'm not a Network Engineer so how do I find potential
spyware and other junk on my Windows PC?"
Download Soluto.com


What's Soluto.com?

?
A free download for individual Windows
desktop/notebook users.
?
In a user-friendly way, it identifies on future boots
items that are potentially useless, harmful, or invade
your privacy
?
Soluto and internet users opin on the services you
boot up with if they are good/bad, spy on you and give
you reasons why.


How not to look like a spammer

Make a brief introduction – who you are and where you
met. Spammers and trollers are notorious for not
identifying themselves, so an intro puts your audience
at ease.


Avoid participating in Chain Letters

In many cases, they are playing on fears, superstitions,
or part of a multimarketing scheme…do you want to be
associated with that?


A really extreme way to avoid viruses and malware:
ditch Windows

Does not always work, but Linux and Apple are much
smaller targets.


狠狠撸

Job seekers defense against spammers/spambots Sept 7, 2012

Recommended

More Related Content

Similar to Job seekers defense against spammers/spambots Sept 7, 2012 (20)

Recently uploaded (20)

Job seekers defense against spammers/spambots Sept 7, 2012

Editor's Notes