MoonPoint Support Logo

 


Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
July
Sun Mon Tue Wed Thu Fri Sat
 
17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
2019
Months
JulAug Sep
Oct Nov Dec


Mon, Jul 15, 2019 10:53 pm

Scammer calling from 210-361-8678

I received a call from 210-361-8678 on my cellphone today. The call was obviously from a scammer as the message included some statement about my social security number (SSN) and legal action that would be taken against me if I didn't call the number from which I was called - I didn't note the exact message, but I found someone at the Whycall.me site at Phone: 210-361-8678 reporting a message that seemed similar if not the same as what I had heard. The other person reported he or she received the message below on July 16, 2018:

Security number is used for some fraudulent activities and due to that we have in order to suspend your social security number right away from the Law and enforcement Department and also to freeze your bank accounts before we go ahead and do that. If you need any further information about it kindly call back at 210-361-8678. Once again that's 210-361-8678. Thank you.

There were numerous other people reporting similar calls where someone was referencing a problem with the person's SSN and advising the person to call 210-361-8678. The call is obviously an attempt to defraud those called. I went to the FCC Consumer Complaint webpage and filed a complaint. I received an email response to the form I submitted with a ticket number. The email response from the FCC stated "The FCC is committed to doing what we can to protect you from these unwelcome interruptions to your day. Unwanted calls, including illegal and spoofed robocalls, are the largest category of complaints the FCC receives." It is troubling, though, that some fraudster has been engaged in this activity using the 210-361-8678 number for a year with no action taken against him. The first report I saw on the Whycall.me site was on July 16, 2018, but I saw others reporting the same issue on that webpage from that date through July 15, 2019. The Whycall.me site allows one to search for reports filed by other people on calls from telemarkers and scammers. The site describes itself thusly:

Whycall.me is a consumer complaints board used to report telemarketers, robocallers, scammers, and debt collectors that violate the law. We receive more than 6,000 complaints each month, which helps potential victims identify and avoid answering calls from problematic phone numbers. Our global phone book of numbers is powered by crowdsourcing and online data sources.

The site's homepage advises users of the site to also report the calls to relevant government agencies, which it lists. For the number that called me, the site listed the following information:

San Benito, Texas
Its exchange 361 is managed by SOUTHWESTERN BELL - TX
The number is currently on switch number SNBNTXSBDS0 (switch is a technical specification, provided here for phone hobbyists)
Around 20% of people reported it as "Recorded Message"
You are the 2nd person to search for it here.
There has been a total of 30 comments left about the number.
Latest people reported the number as that of "SCAM, "Social Security'"

I registed an account at the site and posted a note about the call I received today.

[/security/scams] permanent link

Sat, Jun 16, 2018 2:59 pm

Scam call from 1-800-222-2222

I received a call to my cellphone at noon Eastern time in the U.S. on Saturday June 16, 2018 with the calling number showing as (800) 222-2222. When I answered the call I heard a message stating the call was an automated call that would provide a chance to earn a $50 credit on your next bill. I was then prompted to hit "1" to continue. I did and heard the messaage "Please enter your Verizon billing password" at which point I ended the call. After I ended the call, I called the number back and heard the message "Welcome to America's hottest talk line. Guys, ladies are waiting to talk to you." I have Verizon as my provider for cellphone service. If a Verizon user goes to the Verizon Wireless webste, he or she can log into his or her account by providing either a mobile number or User ID with the password for his or her account. So anyone falling for the fraudulent call will, by providing the password, since the scammer will know the called number, provide the credentials the fraduster will need to use the person's Verizon account. When I looked up the number online, I found others reporting fraudulent activity from the calling number. E.g., 800-222-2222 | Suspected Scam Call | Whitepages. At that page, someone posted on June 14, 2018 3:10:48 PM that he or she received a "Verizon Wireless scam" call from that number. I logged into my account from a computer and opened a chat session with a Verizon representative to report the fraudster. She told me she was going to report it. I also submitted the number at the Federal Communications Commission (FCC) Stop Unwanted Calls and Texts webpage through the "file a complaint with the FCC" link on that page.

[/security/scams] permanent link

Fri, Sep 22, 2017 11:18 pm

Failed POP3 login attempts from 94.136.51.56

While checking the mail log file, /var/log/maillog, on an email server today, I noticed an attempted login from an IP address in an address range I didn't recognize. The entry in the log file contained the following text:

dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=94.136.51.56

I checked the country associated with the 94.136.51.56 IP address (ds7247.dedicated.turbodns.co.uk) with geoiplookup (you can install the GeoIP package on a CentOS Linux system with yum install GeoIP) and found it was an address assigned to an entity in Great Britain.

$ geoiplookup 94.136.51.56
GeoIP Country Edition: GB, United Kingdom
$

[ More Info ]

[/security/attacks/pop3] permanent link

Fri, Sep 15, 2017 11:04 pm

AskPartnerNetwork Directory on a Windows 10 system

A user reported her Windows 10 Professional system was running slowly. On September 14, 2017, I checked the system with SUPERAntispyware, which reported that it found the Ask Toolbar. It reported the following items associated with the toolbar:

C:\ProgramData\ASKPARTNERNETWORK\TOOLBAR
HKCU\Software\AskPartnerNetwork\Toolbar
C:\ProgramData\AskPartnerNetwork

[ More Info ]

[/security/scans] permanent link

Sun, Jul 02, 2017 11:07 pm

SUPERAntispyware Found Ask Toolbar on 2017-07-02

I scanned a Windows 10 system used by a family member on July 2, 2017 with SUPERAntispyware Free Edtion, since the system was responding more slowly than I expected even for simple actions, though the system has other antivirus software on it. The first thing that SUPERAntispyware identified was the Ask Toolbar browser extension. It showed the following information for Ask Toolbar:

Ask Toolbar

C:\ProgramData\ASKPARTNERNETWORK\TOOLBAR
HKLM\SYSTEM\CurrentControlSet\services\APNMCP
HKCU\Software\AskPartnerNetwork\Toolbar
C:\ProgramData\ASKPARTNERNETWORK

[ More Info ]

[/security/scans] permanent link

Sun, Apr 23, 2017 11:31 pm

Phishing email leading to ridersrepublic.in

Someone notified me that she had received an email from a business contact a couple of days ago informing her that he had shared a document using Dropbox. But when she later contacted his company, she was informed that someone else was sending out email using his email address. She forwarded the message to me, which is shown below with the actual sender's address changed, though:

Subject: Blaine Watkins has shared a file with you using Dropbox
From: Blaine Watkins <blainewatkins@example.com>
Date: Tue, April 18, 2017 6:09 pm
To:

Hi, I just uploaded a Document for you to see using Dropbox. View|Download files and let me know what you think.

Thanks

Blaine

She was concerned that her system might have been infected by malware when she viewed the message. I scanned her system with SUPERAntiSpyware Free Edition, but SUPERAntiSpyware didn't find any malware recently placed on her system. McAfee Total Protection is the real-time antivirus software on her system, but I've found that using additional tools, such as SUPERAntiSpyware, can sometimes detect malware missed by a user's antivirus software. I performed a full scan of the system using McAfee Total Protection after running the SUPERAntiSpyware scan, but it didn't find anything, either. I also checkd the system with Malwarebytes Anti-Malware Home (Free), but it didn't find any malware, either, except for a zip file I created containing files associated with malware I found on the system quite some time ago.

[ More Info ]

[/security/phishing] permanent link

Thu, Mar 16, 2017 10:30 pm

Outlook 2016 unspecified encryption certificate message

After resolving a problem with my laptop not reading certificates stored on my Personal Identity (PIV) card. I've been able to decrypt email messages from others with Outlook 2016 on my MacBook Pro laptop running OS X El Capitan (10.11.6) by using my PIV card in the SCR331 card reader, but when I attempt to send an encrypted email, I see a message stating (image):

You have not specified an encryption certificate for this account. Once you send this encrypted message, you will not be able to read it. Do you still want to send this encrypted message?

If I click on Continue the email will be sent encrypted so that it is readable by the recipients when their email clients decrypt it using their private keys, but I am unable to read the message I sent when it is placed in my Sent folder. To resolve the problem, I clicked on Tools on the Outlook menu bar, then selected Accounts, then clicked on the Advanced button. I then clicked on the Security tab and selected a certificate in the Encryption section. It had been set to "None Selected".

[ More Info ]

[/security/encryption] permanent link

Sun, Mar 12, 2017 10:57 pm

Let's Encrypt certificate expired

A couple of days ago, a user showed me a message she saw on her system about a security certificate issue. When I looked at the message, I realized it was due to the expiration of the Let's Encrypt certificate on the email server used by her system. I logged into that system and queried the server with the openssl command to check the expiration date. I saw it had expired that day, March 10.

# echo "quit" | openssl s_client -connect pop3.moonpoint.com:995 -quiet
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = imap.moonpoint.com
verify error:num=10:certificate has expired
notAfter=Mar 10 19:53:00 2017 GMT
verify return:1
depth=0 CN = imap.moonpoint.com
notAfter=Mar 10 19:53:00 2017 GMT
verify return:1
+OK Dovecot ready.
#

From the root account, I renewed the certificate using the command letsencrypt renew.

[ More Info ]

[/security/encryption/openssl] permanent link

Wed, Mar 08, 2017 10:54 pm

Unable to read certificates from PIV card

I'd been having problems using a Personal Identity Verification (PIV) card with my MacBook Pro laptop running OS X El Capitan (10.10.5). I need the system to be able to access certificates on the PIV card in order to be able to decrypt email from some individuals. I have an SCR331 card reader, which attaches to the system via a Universal Serial Bus (USB) port.

SCR331 PIV card reader

If I attached the PIV card reader and clicked on the Apple icon at the top, left-hand corner of the screen and selected About This Mac then clicked on System Report, if I clicked on USB under Hardware, I would see the system recognized the card reader was attached. E.g., I saw "SCRx31 USB Smart Card Reader" for an SCR331 (that is a number on the underside of the device which appears to be its model number with a part number of 904875 listed there, also) PIV card reader I attached to the system via a USB port.

[ More Info ]

[/security/encryption] permanent link

Wed, Mar 01, 2017 10:42 pm

Discarding configuration changes for a Juniper SRX router/firewall

If you've been entering commands for configuration changes on a Juniper Neworks SRX router/firewall, which runs the Juniper Network Operating System, Junos OS, but haven't committed those changes to make them active, you can discard them using the command rollback 0. which will replace the "candidate config", i.,e., the one you've been editing, with the active configuration, which is also the boot configuration.
root@Alder# rollback 0
load complete

[edit]
root@Alder#

The device can store multiple prior configurations and you can revert to one of those other prior configurations, instead, using rollback n where n is the number for the prior configuration. You can also rollback to a saved "rescue" configuration with rollback rescue. You an see a list of the stored configurations to which you can revert using the command rollback ?.

[ More Info ]

[/security/firewalls/SRX] permanent link

Once You Know, You Newegg AliExpress by Alibaba.com

Shop Amazon Local - Subscribe to Deals in Your Neighborhood

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo