Beware : “Damaged message was restored” phishing scam eMail

! BEWARE !

today I got an eMail from Google Administration, stating “Damaged message was restored and re-sent to you”,

on my Mac this was immediately recognizable as a Junk-message (or rather : a Phishing Scam-message), as you can see in the picture below.

DamagedMessage-fakemail

so BEWARE ! and don’t let yourself be fooled or mislead by this eMail scam !

Advertisements

fixed : close that one window that blocks off the rest of Safari

Question :

While browsing the internet using Safari, I suddenly got a popup window which I can’t close. I expect it to be a scam, as there is only one button ; an OK-button.

As I don’t agree with the text I am supposed to agree on, and I don’t trust the sender either, I just want to close this popup-window. But the red ‘Close Window’-button is not responding, and I can’t switch to any other open browser windows either. Safari seems to hang.

I could of course restart Safari, but I have several windows open I haven’t saved yet and it would be a real hassle to loose them…

Isn’t there any way to shut this popup down without loosing any other open windows ?

 

Answer :

The popup you have encountered is most definitely a scam-popup, as there is no option to ‘not agree’.

It’s rather simple to get out of this awkward situation :

  1. shut down your WiFi-connection : goto the ‘piece-of-pie’ icon in the top menu bar of the Finder –> then select “Turn Wi-Fi Off” from the pulldown menu that appears
  2. pull the ethernet-cable from your Mac
  3. now you’re disconnected from the Internet, you can safely click on the OK-button in the popup-window
  4. the popup-window will now close, and you will now be able to normally use Safari again
  5. now close all other windows you don’t need to have open
  6. even though you could now reconnect to WiFi- or Ethernet-internet, it’s recommended to do the following first
  7. still without internet-connection, open a new browser window : File –> New Window (or just press the CMD + N key-combo)
  8. then open the Reading List sidebar in that fresh window : View –> Show Reading List Sidebar (or just press the SHIFT + CMD + 2 key-combo)
  9. now drag all open browser windows you want to keep to the reading list
  10. when done, clear Safari’s history and website data : Safari –> Clear History…
  11. in the popup window that opens asking you to “Clear history will delete related cookies and other website data.” click on the “Clear History”-button
  12. then close Safari
  13. then reconnect to the Internet (either via WiFi or Ethernet-cable)
  14. and reopen Safari

…you can now find all previously open windows in the Reading List

 

enjoy !

Donate Button (MacManusNL)

Beware : Picasa Library phishing scam eMail

! BEWARE !

 

 

 

 

 

today I got an eMail from PicasaLibrary, stating “Your photo is successfully uploaded”,

on my Mac this was immediately recognizable as a Junk-message (or rather : a Phishing Scam-message), as you can see in the picture below, but on my iPhone that wasn’t so easy to figure out… it was mainly the fact that I haven’t used Picasa in ages that made all alert bells ring in this case… and the fact that I’ve never heard of PicasaLibrary (and would expect it to be written Picasa Library) raised more suspiciousness…picasa_scam…so BEWARE !

Note : this scam eMail comes in various versions, a similar one pretending to be from Picasa Library also states “Damaged photos found”. More info on that one can be found here.

 

 

Beware : WhatsApp voicemail eMails are fake !

Lately, more and more people are being spammed with (fake) eMail messages, suggesting that there is a WhatsApp voicemail for them.

Beware : clicking on the (green) “Play” or “Listen” button will NOT enable you to listen to any newly recorded voicemail…

…this is a phishing-scam that instals malware (= malicious software) !!

DO NOT INSTALL !!

Note : the fact that this malware-installer makes use of a stolen Authentication Certificate (which is still valid) makes it extremely hazardous, as that will tick your computer/mobile phone into allowing the malware to be installed

The devices that suffer from this are mainly Android-mobile phones, but jailbroken iPhones, PCs and Macs also. Any original (not-jailbroken) iPhone will only install software from the iTunes App Store, so they are secured against this kind of malware.

HOW TO EASILY DETECT THESE PHISHING EMAILS :

The subject will read something like “Incoming voicemail at [date]”, and the sender will appear to be (*) “Whats App Notifier”, and there will be a big (green) button inside the eMail  named “Listen” or “Play”…

(*) on a Mac this can easily be detected, because of 2 simple indications :

1- in the senders name it is written “Whats App”, in stead of the official “WhatsApp” (one word)

2- when clicking on the senders name in Apple Mail.app, it turns blue and in yellow an eMail address will appear, which will not have “WhatsApp” in it, but will look like a regular private or business eMail-address

If you get one of these fake eMails, just mark them as SPAM and delete them a.s.a.p.

They look something like these :

whatsapp-malware-1whatsapp-malware-2

Note : if you happen to click on the “Play or “Listen” button, what will happen will (slightly) depend on the version of the eMail you have encountered and the type of device you are using :

– malware will be downloaded directly onto your device

– you will be redirected to a website which will scam you into installing malware

The Malware reportedly is WinWebSec and installs Fareit and Ursnif, which are info-stealers that send your private info to internet criminals, enables them to make your computer call paid telephone numbers and send these same type of phishing eMails on your behalf to anyone in your Contacts…

And once installed, you will also be spammed with messages by a fake antivirus-software called Antivirus Security Pro to pay for getting (in-existend) infections removed form your computer…

More on this scam be found here :

http://www.spamfighter.com/News-18612-Bogus-WhatsApp-Voicemail-Messages-Employed-to-Spread-Malware.htm

http://www.threattracksecurity.com/it-blog/kuluoz-voicemail-spam-drops-signed-certificate-winwebsec/

Donate Button (MacManusNL)