Friday, September 11, 2009

FAKE Yahoo Alert, be aware!

If you too have received an email like this, be aware that its a spam message. You can either report it to yahoo or just ignore =)

Yahoo! Customer Care Satisfaction Survey

Dear Valued Member,

Due to the congestion in all Yahoo users and removal of all unused Yahoo Accounts,Yahoo would be shutting down all unused accounts,You will have to confirm your E-mail by filling out your Login Info below after clicking the reply botton, or your account will be suspended within 24 hours for security reasons.

UserName: ............................................

Password:..............................................

Date Of Birth: ........................................

Country Or Territory:...............................

After Following the instructions in the sheet,your account will not be interrupted and will continue as normal.Thanks for your attention to this request.We apologize for any inconvinience.

Yahoo! Customer Care

Case number: 8941624
Property: Account Security

take the survey

Yahoo!
Copyright © 2009 Yahoo! Inc. All rights reserved.

Saturday, October 07, 2006

Worm automates Google AdSense fraud

Virus writers have crafted a malware threat that serves up expensive Google AdSense web pages related to mesothelioma, a rare cancer caused by exposure to asbestos.

Industry workers affected by the disease have launched a series of lawsuits, a factor that means "ambulance chasing" lawyers pay through the nose to get a mention when searches for the term "mesothelioma" are made. The cost-per-click for the term "mesothelioma" is among the highest in the online ads business ranging from $4 to $13 and higher on various keyword bidding networks.
This, in turn, makes the term a prime target for click-fraud. Google AdSense allows online publishers to make revenue by displaying Google ads relevant to the content of their site. Because Google pays the host Web site based on the number of clicks on their ads, the process can be susceptible to "click-fraud".

The KMeth worm, which targets Yahoo! Messenger users, directs infected users to a web site serving a barrage of Google AdSense advertisements related to mesothelioma. Financially-motivated malware writers apparently hope to cash on the ruse through shares in the resulting advertising commissions which we doubt will materialise. Fraud detection mechanisms employed by Google are more than likely to identify rogue sites generating suspiciously high returns using such illicit tactics but that doesn't eliminate the other security risks consumers face from the worm.

KMeth exploits IE vulnerabilities to infect surfers who visit malware infested sites controlled by hackers, promoted through IM messages sent to the Yahoo! Messenger contacts of infected users. The "status message" in Yahoo! Messenger can also be also hijacked, presenting potentially enticing messages to their contacts, such as "check out my blog" in order to trick potential marks into becoming infected, IM security firm FaceTime reports.

Meanwhile an infected user's IM control panel is disabled, and their home page is hijacked to point towards rogue web sites designed to generate maximum revenue through click fraud. Using malware to perpetrate click-fraud is an established technique but the KMeth worm extends this idea by employing a battery of social engineering techniques.

"Typically, financially-driven malware attacks use botnets to fraudulently increase traffic to specific online advertisements," said Chris Boyd, director of malware research for FaceTime Security Labs. "In this case, the hackers have cleverly borrowed tactics from botnet-creators to create a bot-less network of hijacked PC users to drive traffic to sites populated with these specific Google AdSense advertisements. Introducing the human factor into the scenario makes these 'bot-less nets' much more difficult to detect."

MySpace acquisition a $20 billion fraud?

Brad Greenspan, one of the original founders of the MySpace universe, published a report that claims that News Corp.'s 2005 acquisition of MySpace may have defrauded shareholders by "more than $20 billion." Greenspan has requested further investigation by the Securities and Exchange Commission, the U.S. Department of Justice and the U.S. Senate Committee on Finance.

Greenspan claims that records he obtained indicate "one of the largest merger and acquisition scandals in U.S. history." According to the former chairman and chief executive officer of Intermix Media, which invested $1 million into the creation of MySpace, shareholders "were blatantly misled into voting for a quick and unfair sale" and "deliberate steps were taken to withhold and manipulate information." He also claims that money was improperly gained and laws were broken.

Greenspan hopes that MySpace's $580 million acquisition by News Corp. in July 2005 will be "unwound" and MySpace will be independent. "An independent MySpace is significantly better for its users and shareholders," he said. The report, freely available at freemyspace.com, lists several quotes - which Greenspan says are taken from email conversations between the parties involved in the acquisition: If authentic, the emails could provide some evidence that the negotiating individuals were aware of a much higher value of MySpace, and profited from the deal later on.

A key accusation of Greenspan is that Intermix and News Corp. withheld information about the revenue of MySpace, which grew "at a 1200% annualized rate" and was on track hitting $250 million for the year. "Shareholders were forced to trust the recommendation of Intermix' Board and were under the impression MySpace was unable to turn its massive traffic into revenues," Greenspan writes.

So how does Greenspan fit into this picture?

Greenspan, who founded eUniverse, claims to have had the idea for MySpace and is believed to have spent about $1 billion to get MySpace with his firm off the ground back in 2003. Other key people involved in the founding included by Tom Anderson and Chris DeWolfe, the current chief executive of MySpace. After arguments - which included accounting issues - with board members, Greenspan was forced to the leave the company, which changed its name to Intermix Media after his departure. Greenspan tried at least twice to claim back his company in proxy proceedings, which, however, were unsuccessful. Greenspan ended up with a $47 million check from the News Corp. acquisition of Intermix.

His claim that MySpace was worth substantially more than the $580 million News Corp. paid, could either increase his check or hand him back a social networking site that currently has more than 110 million members, a $900 million Google advertising deal as well as recently announced music distribution agreements for its members.

Greenspan now aims his accusations at Richard Rosenblatt, who took over at eUniverse and Intermix as CEO after Greenspan's departure. "In addition to Rosenblatt's stunning and incriminating emails, the two highest non-director senior executives, chief financial officer Lisa Terrill and chief operating officer Sherm Atkinson, have come forward through their legal counsel indicating significant breaches of fiduciary duty by Rosenblatt and the directors as part of the News Corp. transaction," Greenspan said. "The MySpace Report" shows that Richard Rosenblatt knew before the transaction that MySpace was well on its way to becoming worth at least $20 billion."

MySpace did not comment on Greenspan's accusations.