Jim Hamm sends this warning: "Here's a spamming attempt to be aware of if you use Apple's App Store: 'Websense Security Labs™ ThreatSeeker™ Network has discovered that Apple's App Store has become the latest target for email attacks and spam. App Store is the service provided by Apple Inc. as a platform to purchase and download applications for iPhone®, iPod touch®, and iPad™. The attack comes in the form of a fake invoice email.'"   Read the full story here.

An email purporting to be from CableOne, asking David Passell to provide his address, password, and other ID wasn't going to fool David.  He emailed this alert to us, a reminder to be vigilant.  A look at CableOne site emphasized that warning.  Do not open a .ZIP file unless you know what it is and who it came from.  Additional resources on their site include links with info about Citibank - fraud, eBay, Monster.com, Nigerian Bank, etc.

Here's something to watch out for: an e-card scam. David Passell passes along this warning:  "I got this message today. I am always suspicious of them, even the ones that Bobby sent for my birthday and Valentine's until I have verified with the sender. I went to the Hallmark.com website and after having been led through a 'labyrinth' of possibilities (including giving a name, email and phone number), to ask them a question, I determined that whenever you get a message like this you should forward it to
abuse@hallmark.com which i did.

"I am forwarding my copy of the email to them. I do not understand why these companies that are so attempting to protect their image make it so difficult to determine how to forward a question on the legitimacy of an email that purports to come from them. I would think that information would be right at the top of their home page. When you forward an email be sure to first select 'View long headers' as I have done. Notice the text in red that follows 'X-spam-report.'"

Date: February 20, 2010 6:54:26 PM MST
To: abuse@hallmark.com
Subject: Fwd: You've received A Hallmark E-Card!

Begin forwarded message:
From: hallmark.com
Date: February 20, 2010 4:27:20 PM MST
To: davidrex@northlink.com
Subject: You've received A Hallmark E-Card!
return-path: root@mail.krankenhaus-hale-saale.de
return-path: root@mail.krankenhaus-halle-saale.de
received: (qmail 20765 invoked by uid 1034); 20 Feb 2010 23:28:13 -0000
received: from spam2.commspeed.net (216.19.2.15) by 0 with SMTP; 20 Feb 2010 23:28:13 -0000
received: From mail.krankenhaus-halle-saale.de (80.64.188.130) by spam2.commspeed.net (MAILFOUNDRY) id nFRKCB53Ed+CoQAw for davidrex@northlink.com; Sat, 20 Feb 2010 23:28:13 -0000 (GMT)
received: from localhost ([127.0.0.1]) by mail.krankenhaus-halle-saale.de with esmtp (Exim 4.63) (envelope-from ) id 1NiyjL-0005FC-Ne for davidrex@northlink.com; Sun, 21 Feb 2010 00:27:24 +0100
received: from mail.krankenhaus-halle-saale.de (localhost [127.0.0.1]) by localhost (AvMailGate-2.1.4-7) id 20138-0UI6M4; Sun, 21 Feb 2010 00:27:22 +0100 (CET)
received: from root by mail.krankenhaus-halle-saale.de with local (Exim 4.63) (envelope-from ) id 1NiyjI-0005EH-PY for davidrex@northlink.com; Sun, 21 Feb 2010 00:27:20 +0100
x-envelope-from: root@mail.krankenhaus-halle-saale.de
x-envelope-to: davidrex@northlink.com
content-type: text/html
message-id:
x-antivirus: checked by Avira MailGate (version: 2.1.4-7; AVE: 7.9.1.172; VDF: 7.10.4.104; host: router2); id=20138-0UI6M4
x-spam-score: -1.3 (-)
x-spam-report: Spam detection software, running on the system "router2", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: You have recieved A Hallmark E-Card. Hello! You have recieved a Hallmark E-Card. To see it, click here, [...] Content analysis details: (-1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required MIME headers 1.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 0.0 AWL AWL: From: address is in the auto white-list
-----------------

     If you've been hearing about Flash you may be wondering, "What's the fuss?"  Here's a quick look.  Flash adds animation and "dynamic interaction" to a website.  Some people have had a lot of trouble with it.          
     When you go to the Search box at the top of this blog and type in "Flash" it brings up postings that mention Flash:  September 3, December 16, January 30, and February 2.
      Jim Hamm comments, "I don't mind ads on a website, only those aggravating ads that flash on and off like a sign on a motel in Las Vegas.  I'd like the ability to stop them from flashing."  Apple has decided not to have iPhone or iPad support Adobe Flash.  Here's a recent article.
     To download Adobe Flash go here.
     A Safari plug-in, ClickToFlash, prevents Flash from loading on the webpage. Jim Hamm says, "I've not tried this yet, but I used to use a Flash blocker when I used a PC.  If anyone uses, or has used, this plug-in I'd appreciate hearing your comments, pro and con."  Here is a link where you can download ClickToFlash.
      Go to Google and do a search on "Flash Mac" and you'll have plenty of places for research.

A warning about a trojan, the "Zeus bot crew" comes to our notice.  Read this posting from Symantec. The email comes with the subject line, "Your Personal Vaccination Profile" and looks like official communication from the Center for Disease Control.

On the heels of the warnings from De Prez Allen Laudenslager read tips from CNET News on how to avoid being a victim of an email phishing scam. Recently usernames and passwords from Hotmail, Gmail, and possibly accounts of AOL and Yahoo users being posted online has caused concern. Read in detail the five tips by Larry Magid: change passwords regularly, click cautiously, look for secure sites that use "https" (the "s" stands for "security"), use a phishing filter and good antimalware software, and think critically. Additional tips and links are given in the article.

For those who run a mixed system with both Mac and PC De Prez Allen Laudenslager says, "Malware is still a problem. This is not reported to attack the Mac, but since I run a mixed PC and Mac system I thought I'd pass it out just in case we have some members who are still running PC as part of a network.

"Never open attachments to email that claims to be from US or state agencies; they never use email attachments to communicate with taxpayers.

"This one claims that you may have under reported income and may be due a refund. It urges you to click on the attachment which directs you to a phony website that will infect PCs."  Here's the article describing the problem.

Thanks to John Carter for the following warning, "If you are a Facebook user, you might get a message from a friend saying something like, 'BigCityBizNews.org Read this news article...', or, 'Community-News.org...', which promises to tell you about a great money-making home business opportunity.

"The link takes you to an authentic looking website with a news article about using Google advertising that eventually asks you to click on two other links and pay $1 for one link and $1.95 for the other link. You probably get nothing in return for the money you give them, or what you get is information on how to do something that you could figure out on your own. And what's more, the article looks even more authentic by mentioning the name of someone in your city who is making tons of money with Google ads."

Scammers did some serious stuff, running ads on the website of The New York Times. Jim Hamm sends us this link, and comments, "The scammers are getting ever more creative in getting into your computer. This article doesn't mention whether it affects only PCs or also Macs." Scroll down the page to read comments on this problem and how it has affected some users.

With his latest investigation to find what was taking a large portion of CPU time, David Passell gives us his findings here. "I located it thanks to the Activity Report. It appears to be related to the iAntiVirus freebee. The actual process running is iAVD and it "belongs to root".

David concludes, "When I clicked on it and Quit Processor I received a request to enter my administrator password. After I did that iavd quit and the processor usage went back to a few percent. I think, if possible, I will delete iAntivirus.

Any other suggestions?"
(Click on image to enlarge the view.)

"Tagged.com promises photos but delivers headaches," warns John Carter. "Have you been 'Tagged' lately? Don’t become a victim of this annoying e-mail ploy that automatically signs you up for an expensive voicemail service.

"A radio and TV personality and his wife recently had lunch with another show host and his significant other. After the meal, the first couple received an e-mail from Tagged that said his friend had some pictures available online. They naturally assumed the pictures were taken during their meal together and wanted to see them.

"The catch was that they had to register at Tagged.com in order to view the supposed pictures, according to the e-mail. Once they completed the registration, they received another e-mail saying they had been signed up for a voicemail service. The cost? $14.95/month automatically billed to their home phone number! They immediately called to cancel the service and got a real runaround before they were able to do so.

"Several days later, they received an e-mail from his friend explaining that Tagged is a virus-like program that goes through your address book and falsely blasts out notifications about photos online.

"Snopes.com has a lengthy explanation about the dangers of Tagged. Don't fall for it if you receive an e-mail asking you to register for Tagged. Be sure to let the sender know you received the message, and then direct them to read the Snopes briefing." You can also see what wikipedia reveals about them.