Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Spam

Spammer Faces Decades In Prison For Sending More Than 1 Million Spam Emails (suntimes.com) 146

mi quotes a report from Chicago Sun-Times: A man has been indicted on federal fraud charges for allegedly sending more than a million spam emails. The indictment charges 36-year-old Michael Persaud of Scottsdale, Arizona, with 10 counts of wire fraud and seeks the forfeiture of four computers, according to a statement from the U.S. attorney's office. The indictment was returned Dec. 9, 2016, and was unsealed after Persaud was arrested last month in Arizona. Between 2012 and 2015, Persaud used multiple IP addresses and domains to send spam emails over at least nine networks, including several servers in Chicago, according to the indictment. He sent more than a million spam emails to people in the U.S. and abroad, using false names to register domains and creating fraudulent "from address" fields to conceal the fact that he was the one sending the emails. Each count carries a maximum sentence of 20 years in prison.
mi leaves us with some rather unpleasant imagery, writing: "Personally, I wish [the sentence] carried removal of 1 square millimeter of skin for each message instead."
Botnet

Programmer Develops Phone Bot To Target Windows Support Scammers (onthewire.io) 97

Trailrunner7 quotes a report from On the Wire: The man who developed a bot that frustrates and annoys robocallers is planning to take on the infamous Windows support scam callers head-on. Roger Anderson last year debuted his Jolly Roger bot, a system that intercepts robocalls and puts the caller into a never-ending loop of pre-recorded phrases designed to waste their time. Anderson built the system as a way to protect his own landlines from annoying telemarketers and it worked so well that he later expanded it into a service for both consumers and businesses. Users can send telemarketing calls to the Jolly Roger bot and listen in while it chats inanely with the caller. Now, Anderson is targeting the huge business that is the Windows fake support scam. This one takes a variety of forms, often with a pre-recorded message informing the victim that technicians have detected that his computer has a virus and that he will be connected to a Windows support specialist to help fix it. The callers have no affiliation with Microsoft and no way of detecting any malware on a target's machine. It's just a scare tactic to intimidate victims into paying a fee to remove the nonexistent malware, and sometimes the scammers get victims to install other unwanted apps on their PCs, as well. Anderson plans to turn the tables on these scammers and unleash his bots on their call centers. "I'm getting ready for a major initiative to shut down Windows Support. It's like wack-a-mole, but I'm getting close to going nuclear on them. As fast as you can report fake 'you have a virus call this number now' messages to me, I will be able to hit them with thousands of calls from bots," Andrew said in a post Tuesday.
DRM

DRM Company Denuvo Forgets To Secure Its Server, Leaks Two Years Of Emails (torrentfreak.com) 77

Denuvo "left several private directories on its website open to the public," TorrentFreak wrote Sunday, calling it "an embarrassing blunder" for the digital rights management company. "Members of the cracking community are downloading and scrutinizing the contents," the site reports, with one of the finds being an 11-megabyte text file which apparently contains every message sent through Denuvo's web site since 2014. An anonymous reader writes: There's a message from Google's security team, one from Capcom Japan, and "dozens of emails from angry pirates, each looking to vent their anger," according to TorrentFreak. Ars Technica reports that there's also a 2015 message from Microsoft about "an upcoming initiative," as well as messages several game studios, and even one from the producers of Mavis Beacon Teaches Typing. "Combing the log file brings up countless spam messages, along with complaints, confused 'why won't this game work' queries from apparent pirates, and even threats (an example: 'for what you did to arkham knight I will find you and I will kill you and all of your loved ones, this I promise you CEO of this SHIT drm')."

"Since Denuvo's contact page does not contain a link to a private e-mail address -- only a contact form and a phone number to the company's Austrian headquarters -- the form appears to also have been used by many game developers and publishers." And in addition, "much of Denuvo's web database content appears to be entirely unsecured, with root directories for 'fileadmin' and 'logs' sitting in the open right now."

In addition, there's also a slideshow -- which has since been uploaded to Imgur -- bragging that "With over 300 man years of development experience among us, we clearly know what we're doing."
Communications

Facebook Changes Feed To Promote Posts That Aren't Fake, Sensational, Or Spam (techcrunch.com) 194

TechCrunch is reporting that Facebook is prioritizing "authentic" content in News Feed with a ranking algorithm change that detects and promotes content "that people consider genuine, and not misleading, sensational, or spammy." The algorithm will also boost stories that are going viral in real-time. From the report: To build the update, Facebook categorized Pages that frequently share inauthentic posts like fake news and clickbaity headlines, or get their posts hidden often. It then used these posts to train an algorithm that detects similar content as its shared in the News Feed. Facebook will now give extra feed visibility to posts that don't show signs of similarity to inauthentic content. Meanwhile, Facebook wants to more quickly surface big stories going viral either because the topic is being posted about by lots of people, or a Page post about the topic is seeing tons of engagement. Facebook will then take that as a signal that you might temporarily care more about the topic, and therefore show it in your News Feed while it's still hot. Facebook says it doesn't anticipate significant changes to most Pages' News Feed distribution, but some might see a small increase or decrease in referral traffic or outbound clicks depending on if they share authentic, timely content vs inauthentic and outdated stories.
Crime

Police Department Loses Years Worth of Evidence In Ransomware Incident (bleepingcomputer.com) 131

"Police in Cockrell Hill, Texas admitted Wednesday in a press release that they lost years worth of evidence after the department's server was infected with ransomware," reports BleepingComputer. "Lost evidence includes all body camera video, some in-car video, some in-house surveillance video, some photographs, and all Microsoft Office documents." An anonymous reader writes: Most of the data was from solved cases, but some of the evidence was from active investigations. The infection appears to be from the Locky ransomware family, one of the most active today, and took root last December, after an employee opened a document he received via via a spam email. The police department backup system apparently kicked in right after the infection took root, and created copies of the already encrypted data. The department did not pay the $4,000 ransom demand and decided to wipe all its systems.
Facebook

Facebook Has a Team That Handles Mark Zuckerberg's Page (cnet.com) 55

theodp writes: Q. How many Facebook employees does it take to produce Mark Zuckerberg's Facebook page? A. More than a dozen! CNET's Ian Sherr offers his take on the news that Facebook has a team that handles Mark Zuckerberg's page: "Ever notice the photos, videos and posts on the profile page for Facebook's CEO are a lot nicer looking or better written than yours? Don't feel bad. Mark Zuckerberg has a team of people who are increasingly managing his public persona, according to a Wednesday report from Bloomberg Businessweek. Not only do they help write speeches and posts, but they also take photographs of his family and his travels, interspersing them with infographics about the company's user growth and sales. There're even people who delete harassing comments and spam for him. A Facebook spokeswoman said the company's service is an easy way for executives to connect with people." Wonder how many people it took to help craft the latest post, in which Zuck fired back at "some misleading stories going around" about "some land" he purchased in Hawaii (which another Zuck post noted also serves as a petting zoo of sorts for his daughter).
Google

Did Google.org Steal the Christmas Spirit? (theregister.co.uk) 103

Google.org gives nonprofits roughly $100 million each year. But now the Register argues that festive giving "has become a 'Googlicious' sales push." Among other things, The Register criticizes the $30 million in grant funding that Google.org gave this Christmas "to nonprofits to bring phones, tablets, hardware and training to communities that can benefit from them most," some of which utilized the crowdfunding site DonorsChoose (which tacks a fee of at least $30 fee onto every donation). "The most critical learning resources that teachers need are often exercise books, pen and paper, but incentives built into the process steer educators to request and receive Google hardware, rather than humble classroom staples," claims the Register. theodp writes: [O]ne can't help but wonder if Google.org's decision to award $18,130 to teachers at Timberland Charter Academy for Chromebooks to help make students "become 'Google'licious" while leaving another humbler $399 request from a teacher at the same school for basic school supplies -- pencils, paper, erasers, etc. -- unfunded is more aligned with Google's interests than the Christmas spirit. Google, The Register reminds readers, lowered its 2015 tax bill by $3.6 billion using the old Dutch Sandwich loophole trick, according to new regulatory filings in the Netherlands.
The article even criticizes the "Santa's Village" site at Google.org, which includes games like Code Boogie, plus a game about airport security at the North Pole. Their complaint is its "Season of Giving" game, which invites children to print out and color ornaments that represent charities -- including DonorsChoose.org. The article ends by quoting Slashdot reader theodp ("who documents the influence of Big Tech in education") as saying "Nothing says Christmas fun more than making ornaments to celebrate Google's pet causes..."
Crime

Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine (bleepingcomputer.com) 70

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.
AT&T

AT&T Is Adding a Spam Filter For Phone Calls (theverge.com) 66

An anonymous reader quotes a report from The Verge: Today, ATT introduced a new service for automated blocking of fraud or spam calls. Dubbed ATT Call Protect, the system identifies specific numbers believed to be sources of fraud, and will either deliver those calls with a warning or block them outright. Users can whitelist specific numbers, although temporary blocks require downloading a separate Call Protect app. The feature is only available on postpaid iOS and Android devices, and can be activated through the MyATT system. Phone companies have allowed for manual number blocking for years, and third-party apps like Whitepages and Privacystar use larger databases of untrustworthy numbers to preemptively block calls from the outside. But ATT's new system would build in those warnings at the network level, and give operators more comprehensive data when assembling suspected numbers. More broadly, marketing calls are subject to the national Do Not Call registry. Specific instances of fraud can still be reported through carriers or directly to police.
Security

Nigerian Man Charged in Hacking of Los Angeles County Emails (theguardian.com) 44

A 'mere' 10.8% phishing success rate has forced Los Angeles County to notify approximately 756,000 individuals that their personal information may have been compromised. The attack occurred on May 13, 2016 when 1,000 County employees received phishing emails. 108 employees were successfully phished. A Nigerian national has been charged in connection with the hack. From a report on The Guardian: Many large organizations would welcome a 10% success rate in their internal anti-phishing training sessions, with 30% and above being common. The 2016 Verizon DBIR suggests that 30% of all phishing emails are opened. The high number of individuals affected from a relatively low number of successes in LA County demonstrates how dangerous phishing attacks can be. The nature of the potentially compromised information is also concerning. "That information may have included first and last names, dates of birth, Social Security numbers, driver's license or state identification numbers, payment card information, bank account information, home addresses, phone numbers, and/or medical information, such as Medi-Cal or insurance carrier identification numbers, diagnosis, treatment history, or medical record numbers," said the County of Los Angeles Chief Executive Office in a statement.
China

Apple Introduces 'Report Junk' Option To Deal With iCloud Calendar Spam Invites (9to5mac.com) 22

Apple is rolling out a fix for the iCloud Calendar spam issue that has plagued users over the past few weeks. On iCloud.com, reports 9to5Mac, the company has added a new Report Junk feature. This lets users remove spammy invites from their calendar and reports the sender to Apple for further investigation. From the report: The feature is currently only available on Apple's iCloud.com Calendar web app but it is likely to roll out to the iOS and Mac native Calendar in a future software update. Since early November, some Apple users were seeing a deluge of calendar invites from unsolicited people (usually with Chinese names) that used the description field of calendar invites to 'advertise' junkware and various physical products.
Google

Google Preparing 'Invisible ReCAPTCHA' System For No User Interaction (bleepingcomputer.com) 57

An anonymous reader quotes a report from BleepingComputer: Google engineers are working on an improved version of the reCAPTCHA system that uses a computer algorithm to distinguish between automated bots and real humans, and requires no user interaction at all. Called "Invisible reCAPTCHA," and spotted by Windows IT Pro, the service is still under development, but the service is open for sign-ups, and any webmaster can help Google test its upcoming technology. Invisible reCAPTCHA comes two years after Google has revolutionized CAPTCHA technologies by releasing the No CAPTCHA reCAPTCHA service that requires users to click on one checkbox instead of solving complex visual puzzles made up of words and numbers. The service helped reduce the time needed to fill in forms, and maintained the same high-level of spam detection we've become accustomed from the reCAPTCHA service. The introduction of the new Invisible reCAPTCHA technology is unlikely to make the situation better for Tor users since CloudFlare will likely force them to solve the same puzzle if they come from IPs seen in the past performing suspicious actions. Nevertheless, CloudFlare started working on an alternative.
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 122

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Desktops (Apple)

It's Not Just You, iCloud Calendar Spam is On the Rise (techcrunch.com) 28

New submitter petersike writes: If you're using iCloud to sync your calendar across your devices, chances are you just received a bunch of spammy invites over the last few days. Many users are reporting fake events about Black Friday 'deals' coming from Chinese users. If you're looking for cheap Ray-Ban or Louis Vuitton knockoffs, you might find these invites useful. Otherwise, you might be wondering: why is this a thing? If you use your calendar for work, you already rely on calendar invites to invite other people to meetings and events. All major calendar backends support this feature -- Google Calendar, Microsoft Exchange and Apple's iCloud. And it's quite a convenient feature as you only need to enter an email address to send these invitations. You don't need to be in the same company or even in your recipient's address book. But it's also yet another inbox -- and like every inbox out there, it can get abused.
Facebook

Locky Ransomware Uses Decoy Image Files To Ambush Facebook, LinkedIn Accounts (arstechnica.com) 36

An anonymous reader quotes a report from Ars Technica: A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn. According to the Israeli security firm Check Point, security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer. Users who notice the download, and who then access the file, cause malicious code to install "Locky" ransomware onto their computers. Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin for the key. Previously, it had relied on a malicious macro in Word documents and spam e-mails, but Check Point says that in the past week there has been a "massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign." Users are advised not to open any file that has automatically downloaded, especially any image file with an unusual extension such as SVG, JS, or HTA -- though benign-looking images could exploit the way Windows hides file extensions by default.
Twitter

Spammers Compromised Popular Twitter Accounts Including Viacom And Microsoft Xbox (engadget.com) 23

"A number of popular Twitter accounts suddenly wanted to help you add more followers," joked Engadget. An anonymous reader writes: Early Saturday morning, due to a breach of the Twitter Counter analytics service, the compromised Twitter accounts started posting images touting services that sell Twitter followers. The affected accounts include @PlayStation, @Viacom, @XboxSupport, @TheNewYorker, @TheNextWeb, and @Money (Time's finance magazine) as well as @NTSB (the National Transportation Safety Board) and @ICRC (the Red Cross), and the Twitter accounts of famous individuals include astronaut Leland Melvin, Minnesota Governor Mark Dayton, and actor Charlie Sheen. "We can confirm that our service has been hacked; allowing posts on behalf of our user," Twitter Counter posted Saturday, announcing minutes later that "hackers CANNOT post on our users' behalf anymore."
"Apologies for the spam, everyone," tweeted the account for Xbox support, adding "We're cleaning things up now."
Facebook

Facebook Disputes Gizmodo Report, Says It Never Built and Withheld Any News Feed Changes Based on Their Political Impact (slate.com) 68

Tech news site Gizmodo reported Monday that Facebook planned a News Feed update that would have identified fake or hoax news stories, but "disproportionately impacted right-wing news sites by downgrading or removing that content from people's feeds" so it chose to never release the update. Facebook has denied the claims in the report. A spokesperson told Slate: "The article's allegation is not true. We did not build and withhold any News Feed changes based on their potential impact on any one political party. We always work to make News Feed more meaningful and informative, and that includes examining the quality and accuracy of items shared, such as clickbait, spam, and hoaxes. Mark himself said, "I want to do everything I can to make sure our teams uphold the integrity of our products." This includes continuously review updates (sic) to make sure we are not exhibiting unconscious bias.
Yahoo!

As Contradictions Mount, Experts Call For Declassification of Yahoo's Email-Scanning Order (onthewire.io) 50

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.
Security

Yahoo's Government Email Scanner Was Not A Modified Spam Filter, But a Secret Hacking Tool: Motherboard (vice.com) 45

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.
Spam

Amazon Marketplace Shoppers Slam the Spam (fortune.com) 120

Spammy follow-up email messages are turning off Amazon Marketplace shoppers. Shoppers who buy from Amazon's Marketplace typically like the convenience and prices. But many are also unhappy about the barrage of emails that sellers send them after the purchase, notes Fortune. It adds: Sellers deluge often inboxes with requests for product reviews, inquiries about how the process went, and sales pitches for more stuff. Considering the comments on social media, feedback from friends and family, and in posts in Amazon.com's customer service forum over the past two years, this problem is not getting any better. There appears to be no way to opt out of this email flood, which is odd, given Amazon's self-professed zeal for great customer service. One shopper in Amazon's customer forum thread posted a response from an Amazon service representative that apologized for the notifications and noted that the feedback had been forwarded to the company's "investigations team."

Slashdot Top Deals