Friday, November 14, 2014

A Perfect Example of Dangerous SPAM Comments

No sooner had I written my article about my deleting comments that I deemed to contain SPAM, than an apparent spammer added a comment to that very article that is a perfect example of why it is dangerous to trust links in comments unless I endorse that link in my reply to the comment.

Here is the comment.  Notice how carefully they must have read the original content?  LOL!

Velocity Labels has left a new comment on your post "SPAM and Comment Policy Explanation":

Thanks also for sharing your knowledge by making this blog. It's really a great help for me. I hope you make more blogs like this.

Adhesive visitor pass labels (Link Disabled)

Velocity Labels appears to be a legitimate company.  I was able to reach them by phone.  But, the link that I've disabled was flagged by Webroot as containing probable malicious code.



The person posting this has a Google ID and claims to work there.  But, hackers are clever and even that may be a hoax to add a level of trust.


In any event, this is exactly why I delete 99% of comments having any kind of link.  If I miss one, do yourself a favor and so NOT click on the link!

I have contacted the company to alert them that they may have been hacked.  More often than not, a company will not know it.  I worked for a highly secure government contractor with amazing levels of security and a little over a tear ago they were informed by the FBI that our computers had been compromised by a foreign government.  How?  A single individual had clicked on a link in an email that had supposedly been sent by a friend.  But, of course it was not the friend.  It was a spoof.

Fortunately, no serious secrets were compromised; but, it definitely was a wake up call.

UPDATE

I had a great conversation with the owner of Velocity Labels and they will be contacting me when they have made sure that all the pages on their site have been purged of any malicious code.  While it's a shame that we learned about them through the work of a person trying to take advantage of their good reputation, I am happy to have become acquainted with them.  I look forward to being able to safely point you in their direction once everything has been checked out and given a clean bill of health.  I'm thinking about trying out their services by purchasing some custom labels for the YouthQuest Foundation.  I have the Dymo Lablemaker Twin Turbo and love it.

4 comments:

  1. Tom,

    I am not that computer savy so thank you. I know I would have clicked the link without knowing. So what you are saying is by clicking a single link, viewing a website and thats it, you can have someone hack through your computer and view every file, email, or document you have?

    ReplyDelete
  2. That is EXACTLY what I am saying. If you click on a link and it goes to a hacked web site in which a person has embedded malicious code, it is possible for your computer to become in infected with that malicious code. Your security software may or may not catch it.

    Like real viruses, computer virus are always mutating to avoid security software from immediately catching it so anti-virus software is always trying to catch up. Fortunately, Webroot caught this one.

    But, there is also the potential that it found a false positive. The owner of the website is going to let me know what they find.

    Based on our conversation, we know:

    The Google ID was false. The person does NOT "live" at Velocity Labels. Nor, do they work there. They went to a lot of trouble to take on that identity. And, that, alone, is a red flag.

    The company is legitimate and has a Facebook page that was not compromised, which is how I was able to alert them of the issue. I had a wonderful conversation with the owner. When they are sure the website is completely safe, they will let me know. They make custom labels for Dymo printers and I certainly am glad to find out about them, even if the circumstances were less than desirable. :)

    ReplyDelete
  3. What do they stand to gain from the average person though in a circumstance like this where they fake their identity at that company assuming, that the threat is real?

    ReplyDelete
  4. We are accustomed to assuming that hackers are malcontents having fun at the expense of others. But, that is probably the least source of hacking these days.

    Every email has some corporate address, either a place where the person works or the service that they use for their email accounts. It is an opening into these corporate IT systems that is usually the goal. This means harvesting email addresses builds up huge databases that can be searched for particular companies. There are other, publicly available databases that lists names of companies performing particular types of businesses.

    So, suppose I want to steal confidential data related to the auto industry. All I have to do is first find companies making automobiles and then look through my harvested email addresses for the domain names for those companies and send them a trojan in an email purporting to be from a friend or associate, As in:

    "Hi Tom, Here is a really funny cartoon I thought you would like (link)"

    The bad guys probably weren't really interested in the label company. They were interested in those needing custom labels... indicating people having big mailing lists, etc.

    There are many different levels to the whole malicious software network.

    ReplyDelete