May 18, 2012

Posts Comments

You are here: Home / Archives for Managed Solutions

Dr. Dan wants to buy Real Estate (Phishing)

August 12, 2010 By 1 Comment

We’re paid to be paranoid here at Managed Solutions. When this message arrived in my inbox today it was a rarity. Rare because it is one of very few phishing Emails that have bypassed my anti-spam mechanisms. Phishing is a process by which a criminal pretends to be a legitimate entity in an effort to gain passwords, identity, bank account or other private data. Here is the text of the message:

I am interested in purchasing a private residence in your country or in any country you are well-acquainted with.

The Property must be located in a well-reserved,serene,secure and highly-hygienic environment because I am most particular about the safety and sound health of my family.
I wish to make this transaction with you in a very secret and confidential manner due to my position as a cabinet minister here in my country Ghana.

Therefore,upon response from you I will connect you with my agent here whom I trust so much to represent my interest in this purchase.franciskweme2007@[hidden].com
Thank you and accept my kindest regards,

Dr. dan

Want to complete this article?

What issues do you see with the text of this message and why would I assume that it is a Phishing Email? Complete this story via comment and we’ll feature your comment as a part of the article and link back to your website.

We have a winner, David Schur completed the article via this comment on Facebook:

David Schur – I’ll take a shot Joe.
1) does not address you by name. Nobody will buy your house, or send you millions of dollars without knowing who the heck you are
2) Total lack of pii. If this was legit, they would know your address, which is the relevant pii in this case. My bank or cc includes the last 4 digits of my account to let me know the email is real.
3) Typo’s…when will the phishers learn that simply hiring a native english speaker to proofread would make a difference (maybe there is ba business opportunity here)
4) simple common sense…to good to be true = false…100% of the time

This won’t work for a real hack…but luckily phishers these days never invest in data that connects your email to any meaningful form of pii…luckily axiom 4 will ALLWAYS be true

Joe’s comment – I really like David’s rule #4, I think Phishers best tool is exploiting people’s greed. Also David had no desire to have a link back to anywhere so I asked him what Charity he likes, here is his response:

American Red Cross…when bad stuff happens they get my money…then I can safely and with good conscience ignore the inevitable scam charity emails” – David Schur

Popularity: 7% [?]

Filed Under: News, Security, Technology Tagged With: , , , , ,

Joe Reviews SB10-221 Cert Report (Video)

August 9, 2010 By Leave a Comment

Here is a review of this weeks Cert Advisory. This update contains issues with Apple iTunes, Safari and Mozilla Firefox. Be sure to update these products if you haven’t recently. This is a weekly feature here at Managed Solutions. If you have questions about this video post a comment here or ask on our Facebook Fan Page.

Popularity: 4% [?]

Filed Under: IT Professionals, Security, Videos Tagged With: , , , , , , , , , ,

Lenovo Product Showcase

August 5, 2010 By Leave a Comment

This page is provided to provide information about the Lenovo products that are sold through Managed Solutions. This is primarily provided for the convenience of our customers, we do not offer e-commerce at this time.

Popularity: 6% [?]

Filed Under: Lenovo Tagged With: , , , ,

Countdown to Zero Leasing Offer

August 4, 2010 By Leave a Comment

Our business partner Lenovo is launching Lenovo Financial Services (LFS) and as a part of that launch they are offering special promotional leasing. This may be just the opportunity for your business to obtain equipment that is needed today while preserving cash flow.  This Countdown to Zero offer consists of a 0% financing, Fair Market Value lease over 39 months with no payments for the first three months.

0% Financing Plus 3 Months of Zero Payments LFS Promotion

  • Transactions may be as small as $10,000 and as large as $250,000
  • Transactions must be approved by 9/30/2010 and funded by 10/31/2010
  • Up to 40% of the total sale amount financed may be Lenovo services, peripherals, and software (sold by Lenovo)
  • LFS can finance the entire solution; Lenovo Business Partners (like Managed Solutions) can supplement the sale with additional hardware, software and pre-approved services

It is also worth mentioning that Leasing of all shapes and sizes are available as a part of this new offering, feel free to contact us for more details.

Popularity: 8% [?]

Filed Under: Lenovo, News, Promotions Tagged With: , , , , ,

Plague of Adobe Acrobat and Reader Vulnerabilities Continues

July 7, 2010 By Leave a Comment

I seem to write a post on this once a month minimum. When I opened this weeks Cert advisory there were 14 9.3 vulnerabilities for Adobe Reader and Acrobat. This plague of vulnerabilities and the related exploits that have popped up remind me of Internet Explorer 5 years ago. So here at Managed Solutions we are once again advising our clients to apply any updates to Adobe products when prompted or to exercise extra caution with .pdf files. Here is the menacing list of vulnerabilities announced on 6/30/2010:

Click to view full size.

14 Adobe Acrobat Vulnerabilities

Enhanced by Zemanta

Popularity: 6% [?]

Filed Under: IT Professionals, Security, Technology Tagged With: , , , ,

Quick Tip MrFixit for Windows Update Issues

July 5, 2010 By Leave a Comment

Have you ever encountered errors with Windows Update or had it just stop prompting you all-together? This might be the solution to your problem. Either way it is a web page at Microsoft that will provide the right tool depending on what Operating system you are running.

To run the utility navigate to http://support.microsoft.com/kb/971058 and click on the Microsoft Fix It icon or link:

Mr Fixit Utility

You will have one option that can be selected, only use this option if the first attempt without it checked was not successful:

Mr Fixit Aggressive Options

After running the utility in either mode an additional screen will pop up with other options:

MrFixit Complete

If after a restart you still experience issues, you can run the utility again to access the help links in the utility. Microsoft does provide free support for windows update issues.

Popularity: 16% [?]

Filed Under: Howto, IT Professionals, Quicktips Tagged With: , , , ,

Update your iTunes or face potential exploitation

June 28, 2010 By Leave a Comment

While reviewing this weeks CERT summary I noticed three vulnerabilities with a risk rating of 10 which is the highest. With the wide distribution of the iTunes software, these vulnerabilities have potentially serious ramifications. Since they involve remote code execution it is prudent that any and all users of iTunes upgrade to version 9.2 or newer. You can check the version you are running via help/about in the program menu. Here is a partial screen-shot of this portion of the Cert advisory followed by a link to the advisories:

iTunes Vulnerable

iTunes Vulnerable - Cert Advisories

Resources:

Popularity: 5% [?]

Filed Under: Security Tagged With: , , , , ,

Anatomy of a Phishing Email

June 13, 2010 By Leave a Comment

I encountered a great opportunity this evening, the opportunity to share an inside look of a Phishing Email. What is Phishing?

“In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.” – Wikipedia

What I noticed was an Email purportedly from Bank of America telling me that there was an “Account Resolution Required”:

Phishing Message Bank of America

Message in Outlook Allegedly from Bank of America

I scanned over to the preview pane and noticed that it had a link that appeared to be correct, so I hovered over the link to see if the link was spoofed and to no big surprise, it was. Here is how the message looked in my preview pane, I did not download pictures because that is a popular way for spammers/crooks to confirm Email addresses of their targets/victims:

Full Phishing Email Screenshot

Full Phishing Email Screenshot

Let me further clarify in lay terms, the link that reads:

https://www.bankofamerica.com/home/1244618/ddjdfdkfi126.aspx?screenid=Update_Acct

is actually:

http://prostyle-esports.nl/index.php

and this is evident when I hover over, or place my mouse cursor on the “alleged” link. This is a tactic you can use to check links you are unsure of. However I should clarify that it doesn’t always work. There have been occasions where this has been spoofed effectively typically it has to do with the Email client or Browser and security patches on your computer.

Testing the Link

Using a test environment I pasted the link to see what the target site looked like:

Blocked - Forgery

Blocked - Forgery

I was pleased to see it had been blocked, this saved me the time of researching and Emailing the Internet Provider involved. After confirming this I used “properties” on Outlook to get the header information, there is a lot of information but plenty of clues to let me know that this message was not authentic (had everything else appeared right, which most certainly the SSL certificate warning would have popped up unless it was an unprecedented forgery!). Here are a few of the more obvious lines I parsed from the headers:

Received: from User ([82.128.0.69]) by post.strato.de (mrclete mo25) (RZmta
23.3) with ESMTP id 20016am5E507CT ; Mon, 14 Jun 2010 07:43:29 +0200 (MEST)
Reply-To:
From: Bank of America

In the above examples, you can see that the message replay and from don’t match and that the mail server is post.strato.de not a likely mail server for Bank of America (perhaps for Deutsche Bank next time guys?). Also after running the IP address of the sender 82.128.0.69 on Arin.net I was able to determine that it was a European Address (which I had already figured due to the .de domain on the mail server, but it was further validation):

Output of Arin.net Whois - RIPE

Output of Arin.net Whois - RIPE

There are a lot of ways to spot fraudulent/Phishing Emails. Our advice to our clients is if they are not 100% certain we recommend they forward the messages to us for analysis. Most of these kinds of messages are blocked and we don’t see them, but if something doesn’t look quite right it probably isn’t.

Enhanced by Zemanta

Popularity: 8% [?]

Filed Under: Howto, IT Professionals, Security Tagged With: , , ,

Speakeasy and Covad to seek merger

June 10, 2010 By Leave a Comment

 

We received information today that Speakeasy is seeking to merge with Covad. As we are a Speakeasy partner we wanted to share this information with our customers immediately. Here is the Email from the Speakeasy CEO Bruce Chatterley:

I want to personally contact you regarding an important announcement that Speakeasy is making today and explain how this announcement benefits our partners.

Speakeasy has decided to join with Covad Communications Company, a leading national provider of IP broadband services in North America and MegaPath Inc., a leading voice, data, security, managed service and VPN service provider.   This new entity combines Speakeasy’s expertise in smaller business communications, MegaPath’s wide selection of products and value-added services and, Covad’s robust network infrastructure. This combined entity creates a new class of CLEC; a Managed Service Local Exchange Carrier (MSLEC). As a result, Covad’s nationwide broadband footprint will support Speakeasy and MegaPath’s voice and data application services. By combining companies, these voice, data, and value added services will be available anywhere you do business and to virtually every small, medium and large business you serve.

This merger is subject to the approval of the Federal Communications Commission and state public utility commissions in many of the states where Covad and MegaPath do business. Until the close of this merger, Speakeasy will continue to operate business-as-usual. This transaction is expected to close by the end of the third quarter of 2010.

Speakeasy is dedicated to providing our partners with the highest-quality portfolio of voice, data services on the market, and this merger helps us strengthen that commitment. The resources of the new combined company will enable us to expand our service offerings and provide more choices and value for you and your customers

I want to take this opportunity to thank you for your continued support. Partners are an important part of both companies and will become even more critical to our combined company. With this merger, you will continue to receive all of the benefits of our existing partnership, plus enjoy the benefits of our expanded network and service offerings. We have some exciting plans for the future, and we look forward to working with you to bring them to market.

Should you have any additional questions, please feel free to contact your Speakeasy Sales Consultant.

For more information, please read the press release posted on www.speakeasy.net/press.

Enhanced by Zemanta

Popularity: 6% [?]

Filed Under: News, Speakeasy Tagged With: , , ,

CIMCO DNC Max and CNC Edit Recommended Serial Hardware

June 9, 2010 By Leave a Comment

Here is the official list of hardware recommended by CIMCO for serial communications via DNC Max and CIMCO Edit:

CIMCO DNC-Max and CIMCO Edit (communications) work with all industry standard serial communication hardware devices including but not limited to multiport serial adapters (PCI) and single/multi-port Ethernet (wired and wireless) serial device servers (converters) from MOXA (www.moxa.ccom), DIGI International (www.digi.com), and Quatech (www.quatech.com). 

Because of the consistently high quality and reliability of device servers (wired and wireless) from MOXA we recommend the following devices for Ethernet based communications: NPort 5610-8, NPort 5610-16, NPort 5210, NPort 5110, NPort 2250 Plus US and NPort 2150 Plus.

For multi-port PCI serial adapters CIMCO recommends DIGI Neo Adapters and related concentrator boxes.

Related Posts Plugin for WordPress, Blogger...

Popularity: 13% [?]

Filed Under: CIMCO Tagged With: , , ,
« Older Posts
Newer Posts »