There seems to have been an outbreak of phish links dropped onto Twitter in the last day or so.

Messages such as these should be avoided:

hey look at this funny blog rosalierebyb.blogspot.com/

heyy!!! i want u to see my blog!! blogtwitter.access-logins/login

You'll notice the second message (which was sent to a colleague of mine) incorrectly lists the phishpage (it's missing the .com, so the phishers shot themselves in the foot with that one) but the page at

blogtwitter.access-logins.com/login/

is still live at time of writing. More here.

These are currently being sent to random people on the Microsoft XBox network:


Click to Enlarge


Click to Enlarge

"Hello we are a company called Microsoft Rewards. We have an overstock on Xbox Microsoft points. We are now giving them out but hurry because everyone on Xbox Live will be getting this message.

If you want points all you have to do is send us your username, email and password. After that we will log in and give you the points."

As you might have guessed, it's a scam...

It's yet another fake warning from a rogue security product, this time claiming...well, take a look for yourself:




A fake timer counting down till they shut down your computer, to "protect it" from some imaginary threat. Nice of them. Would the average user even be able to hit the download button, install the program and run it in the panic-filled 30 seconds they claim is all you have left?

Doh. Do yourself a favour and add this site to your blocklists, if you don't already have it:

registrydoctor2008.com

Here we have another variation on a piece of viral spam originally aimed at videogamers. The execution is somewhat different, but it follows the same pattern. One can only assume this method of "getting people to click things and send it to everybody" is a bright idea someone dreamed up on a marketing forum.

Here's the site:


Click to Enlarge

...and here's the babble underneath, this time claiming clicks will earn you "free stuff" (500 clicks for a free EBay US Sellers account, and 5000 for "free entrance to moneymaking black hat school"): 


Click to Enlarge

I hope people didn't bother to send the links and click like mad, because the "moneymaking black hat school" seems to be currently offline...

(Hat-tip).

Throughout this year, there's been random outbreaks of mails claiming you've won a fortune, courtesy of Microsoft.

Naturally, it's a scam - and it looks like it's back yet again. Here's what's currently doing the rounds:



"Your lucky winning number falls within our Africa booklet
representative in West Africa as indicated in your play coupon,"

Yes. Of course it does.

As many of you probably know, I like my videogames. I also really like videogames where you get to shoot thousands of crazed zombies in the face, with a pump action shotgun. With that in mind, I was particularly interested in a collection of files that surfaced about a week or so ago, in relation to the popular videogame Left 4 Dead.

See, in theory it's supposed to be extremely difficult to mess around with XBox videogames. You might be able to exploit a few glitches here or there, but actually altering the game itself? Sorry, no can do.

Except....it's not quite that straightforward. Someone decided to hook their PC up to their XBox360, take files from the XBox Hard drive, patch them with custom-built software that looked like this:




......and then put the altered files back onto the XBox Hard Drive. Once this was done, the game was open to all sorts of abuse. You could make the characters giants, spawn thousands of guns, generate an endless amount of zombies, fly.....you name it, it was probably do-able. The exploit was quickly fixed, and the files are now supposedly useless.

However.

The bit that really interested me was that in many threads on unrelated forums, some people were claiming that using these programs on their PC had resulted in Steam accounts being stolen.

Despite testing these various programs for what seems like an age, I'm no closer to having my Steam account stolen than I was last week. It's possible that people are having their Steam account taken via an unrelated method, and in the rush to work out the cause this hack / mod is taking the fall. With that in mind, if anyone reading this tried the above hack (or knows someone that did) and you think your account details for Steam were taken as a result of using these files, please leave a comment and let us know exactly what happened.

Whenever I see a video on Youtube that repeatedly urges me to "visit a link" in relation to Habbo, I'm naturally suspicious. As it turns out, to fool people into handing over their Habbo logins, all you need to do is pretend you've created an awesome program that manipulates every aspect of Habbo you can think of....






...and then post up a link to a third-party website. Once you enter your login details, you'll gain access to the wonderful program.

Honest.

No doubt a lot of people have fallen for this already, but if they'd only taken the time to examine exactly where the .tk domain redirects to....



..."Fishingisfun"? Call me suspicious, but I don't think I'll be entering any login details onto that website anytime soon...

According to this article in Globes Online:

Sources inform ''Globes'' that online media company Zango Inc. has closed its R&D center in Tel Aviv and fired all 50 employees. In June, the company laid off 75 employees, including 20 in Israel because of a drastic slide in the number of users and revenue, which forced the company to revamp its business plan.

There's a little more information here at the Zango blog.

If you like shooting zombies in the face - and who doesn't - then you may well have already purchased Left 4 Dead, a videogame pitting four survivors against a relentless zombie horde.

Well, it appears to be a popular target for scammers. An EMail popped up in my mailbox over the weekend, claiming I'd received a "guest pass" that would let me play the full game "for a limited time". Here's the mail in question:


Click to Enlarge

"The steam support has invited you to use a free guest pass for Left 4 Dead on Steam, the leading digital distribution platform for PC games.

Once you've installed Steam (or if you already have an account) click here to accept steam supports invitation to a full game of Left 4 Dead."

Of course, the link for the "guest pass" doesn't take you to an official site - it takes you to

steampovvered.co.cc (note that's steampo v v ered, NOT steampowered)

At that point, if you enter your Steam password, you've potentially lost it for good. The site is currently offline, presumably because it's already been reported ("This domain is under examination at the moment, it will be finished within 24 hours"). However, there are probably more Phishing scams out there attempting to capitalise on the popularity of this particular game.

Now if you'll excuse me, I have to prepare for the coming Zombie Apocalypse...

Yes, our least-favourite Facebook "friend" is back on the scene, infecting PCs as it goes. This time round, the scam involves taking you to a fake Youtube page (that actually looks more like a Myspace player...doh), claiming it's a "Secret video from Tom". Click the video, download the supposed "Flash player update" and run it to ruin your weekend.

If you want to go down a different route however, when you see a message like this from your friend:


Click to Enlarge

Delete it, and let your friend know they have a problem that needs fixing in a hurry! As you can see, most of the messages in this latest wave play on the fear of being seen in "mysterious" videos being spread across the web. The main one being publicised at the moment is a message with the title 'You look just awesome in this new movie.' However, there are plenty more variations out there - the one above, for example, says "Don't worry; the whole Net will see this video".

For the curious, the fake video player page will look something like this:


Click to Enlarge

We detect this as Koobface, rather unsurprisingly!