May 18, 2009

Posted by Angela | 2 Comments

Facebook Phishing Scam Alert

The following is a post from our brand new intern, Angela.  She’ll be sharing stories, tips, and articles she finds useful to our clients.  Please give her a warm welcome to the Keystone blog.

Phishing For Facebook Phans

As I was putting different widget applications on my new Netvibes account (which I highly recommend to anyone who does not already have one), I found an article about a phishing scam on Facebook that is spreading through messages.  Its aim is to trick you into visiting a harmful site that looks like Facebook, so they can steal your login information.

I thought it sounded interesting-probably because I’m on Facebook roughly 25 hours a day-so I looked into it a little more and discovered that I have received not only one, but TWO of these messages just a week ago!

The message sent to you is usually from a friend and has a subject line with something simple like, “Hello”, or something more urgent like, “Do it now!” and “Help!” which were the subjects of the two I received. The body of the message says something like “151.im” or, in my case, “Funny fulldig.im.”

In the Facebook message itself, the domain does not show up as a hyperlink so there is no harm in clicking on it. However, if you are a person who doesn’t get on Facebook often and you just check your notification e-mails for updates, then you do have the opportunity to click on it. Most e-mail clients, like Gmail in my case, automatically enable the domain to be a hyperlink within the notification e-mail. So don’t click on it in your real e-mail inbox nor should you copy the domain into your browser. Clicking on the message in your Facebook inbox simply to open it won’t affect you. However, if you have clicked on the link in an e-mail all you have to do is change the password to your Facebook account.

Facebook is aware of the problem and said in regards to it:

“We think this is related to the fbaction.net/fbstarter.com campaign of a couple weeks ago.”

They also said that they are taking steps in cleaning up this mess and posted about those steps in their recent blog post.  Check back for more information as it becomes available.

Post to Twitter Tweet This Post

Read More
Mar 27, 2009

Posted by Eric Jackson | 1 Comment

Even More Domain Spam Scams

domain-scam-letterApparently the Chinese have NOT cornered the market on shady domain name scams. While Nigerian princes and Chinese domain scammers prefer to take the more personal route with a cordial email directed at domain owners, American/Canadian domain pirates have gone a different route: obtuse scary notices and fake invoices.

The first scam is similar to the Chinese scam. They play upon the fear that your “intellectual property rights” are going to be infringed upon. They use big words and reference the “United States Legal Code” regarding “False descriptions and dilution of Trademarks and the Uniform Domain Name Dispute Resolution Policy.”

In other words, they’re trying to sell you a bunch of domain names you don’t now own and very likely don’t want to own. Even if you DID want to own those names, you certainly don’t want to purchase them through sneaky scumbags like the company so low-down that they don’t even have the guts to tell you their name.

The second scam is just as bad. The Domain Registry of America (located in Ontario) sends you notification that your domain name is about to expire and you should pay them to “renew” it. What they don’t tell you is that they’re going to transfer the name from your current provider (likely someone you trust) to Domain Registry of America. Domain Registry of America has even been the defendant of an FTC lawsuit because of their deceptive practices: http://www.ftc.gov/os/2003/12/031219compdomainreg.pdf

So how should you deal with these people?

  • Step 1. Open the letter from the deceptive jerks.
  • Step 2. Use your hands to crumple their notice up into a small wad.
  • Step 3. Place the wad of paper in your wastebasket and go back to what you were doing.

Problem solved! (Note: If you get an email notice about your domain name and you’re not sure if it’s a scam, you can always call your friendly neighborhood technology solutions provider–Keystone–and double-check… but it’s probably a scam).

Post to Twitter Tweet This Post

Read More
Mar 11, 2009

Posted by Eric Jackson | 30 Comments

Chinese Domain SPAM

Chinese Domain Spam Hopes To Wrestle Your Domain Away From You

Chinese Domain Spam Hopes To Wrestle Your Domain Away From You

If you have a domain name or website, you’ve likely received a message from “Margaret” or “Tina” in the “Checking Department.” Margaret (or Tina) will explain to you in her email that “Mr. John Zhou has attempted to register a domain name similar to yours!”  This is a common trick in the sketchy and shady domain name business.

The trick is:

  1. Scare the potential…uh…sucker by making them think someone is trying to steal from them.
  2. Use language in the message that makes it appear something is already underway.
  3. Reassure them that their glorious and helpful organization will stop this evil enterprise and help you acquire the “Internet Brand” that is rightfully yours.

So a few things to remember regarding this and other potential scams:

  1. Mr. John Zhou doesn’t exist. He probably didn’t submit a formal application for the rights to “HendersonvilleRotary.com.cn.”
  2. As far as I can tell, my local Rotary Club has no interest in expanding to China. Nothing against China, mind you…I just don’t see myself or any of my colleagues flying to China for breakfast, coffee and “buddy check.”
  3. If you ARE interested in doing business in China, there are many organizations that can help you do this. The Tennessee Chinese Chamber of Commerce, headed by Dr. Ming Wang, is dedicated to developing increased U.S.-China trade. Don’t get me wrong…I’m 100% in favor of American businesses expanding and selling their products and services in China. Buying a domain name in support of your new export venture is great. But something tells me you’ve got a lot more work to do before you start selling product or services in Beijing.
  4. They want your credit card. You can guess what happens next.

So, if you’re interested in registering insert-your-domain-here.com.cn, call or email us. We’d be happy to do it and we’ll even let Margaret (or Tina) know that you are ready to expand into Asia.

Here’s an example of a message you might see:

To whom it may concern               2009-3-11
We are a domain name registration service company in Asia,

Last week we received a formal application submited by Mr. John Zhou who wanted to use the keyword  “hendersonvillerotary.org” to  register the Internet Brand and with suffix such as .cn /.com.cn /.net.cn/.hk/ .asia/ domain names.

After our initial examination, we found that these domain names to be applied for registration  are same as your  domain name and trademark. We aren’t sure whether you have any relation with him. Because these domain names would produce possible dispute, now we have hold down his registration, but if we do not get your company’s an reply in the next 5 working days, we will approve his application

As authorized anti-cybersquatting organization we hereby suspect Mr.John Zhou is a domain investor. so we need you to attach importance to this issue.

In order to handle this issue better, Please contact us by Fax ,Telephone or Email as soon as possible.

Yours sincerely

Margaret (or Tina…or some other American-sounding name)
Checking Department
Tel:   86 513 8562 2060
Fax:  86 513 8532 2065
Email:margaret@ntwifinetwork.com
Website: www.ntwifinetwork.com
Mail No.:756516

Post to Twitter Tweet This Post

Read More