baguznet blogs

Howdy All,

I think this is a good article to share with everyone since I know there are many people eagerly waiting for PC Fair to buy computer items at reasonable price. But please read the news pasted below as a future precaution.

Komputer baru, komponen usang

KUALA LUMPUR: Sindiket penipuan dikesan menggunakan taktik licik dengan menjadikan karnival jualan komputer yang berlangsung baru-baru ini, untuk melambakkan komputer riba terpakai sebelum menjualnya kepada orang ramai sebagai komputer baru menggunakan jenama terkemuka.

Kegiatan sindiket terbabit terbongkar apabila syarikat pengeluar komputer terkemuka itu menerima banyak aduan daripada pengguna yang mendapati komputer riba baru mereka menghadapi masalah selepas membelinya di ibu negara.

Harian Metro difahamkan, hasil siasatan syarikat pengeluar komputer terkemuka itu mendapati, ada sindiket membawa masuk komputer riba terpakai dari Amerika Syarikat ke negara ini dan menjualnya sebagai komputer baru dengan harga antara RM2,000 hingga RM3,000 seunit.

Wakil syarikat pengeluar komputer terkemuka itu juga ketika dihubungi mengesahkan siasatan mereka setakat ini mendapati sindiket terbabit turut menggunakan komponen tidak mengikut spesifikasi sebenar model komputer riba yang dijual kepada orang ramai.

Menurutnya, mangsa kebanyakan pelajar institut pengajian tinggi yang membeli komputer riba itu datang ke pusat perkhidmatan syarikat berkenaan bagi mendapatkan jaminan pembaikan selepas peralatan berkenaan menghadapi kerosakan, hanya beberapa hari selepas dibeli.

Katanya, siasatan bahagian perkhidmatan pelanggan mendapati komponen dalam komputer riba berkenaan tidak mengikut spesifikasi sebenar bagi model berkenaan selain komponennya juga tidak dikeluarkan syarikat itu.

“Kami juga melakukan siasatan di tapak karnival di beberapa negeri termasuk di ibu negara dan mendapati sindiket terbabit menjadikan lokasi berkenaan sebagai pusat lambakan komputer riba dengan menggunakan jenama komputer riba terkenal milik syarikat kami.

“Mereka juga menggunakan kad jaminan, tetapi tidak mahu bertanggungjawab apabila komputer riba dijual menghadapi masalah dan ini menyebabkan pembeli datang ke bahagian perkhidmatan pelanggan kami untuk membuat tuntutan sedangkan kami tidak pernah menjual komputer riba berkenaan,” katanya kepada Harian Metro, semalam.

Beliau berkata, kebanyakan pengguna yang menghadapi masalah penipuan itu disaran membuat laporan polis serta merujuk kepada Kementerian Perdagangan Dalam Negeri dan Hal Ehwal Pengguna untuk tindakan lanjut.

“Pengguna juga boleh datang ke pusat perkhidmatan kami untuk pemeriksaan komputer riba yang dibeli kerana kami akan membuat siasatan sama ada ia tulen atau sudah diubah suai.

“Syarikat juga dalam proses mengambil tindakan undang-undang terhadap sindiket berkenaan bagi menjamin kepentingan pengguna kerana sindiket itu menggunakan jenama syarikat kami bagi memperdayakan orang ramai,” katanya.

Seorang pembeli, S Naraya, 33, berkata dia membeli komputer riba jenama terkemuka itu ketika mengunjungi Pesta Jualan Komputer di ibu negara, 13 April lalu.

“Sebaik tiba di rumah saya dapati komputer berkenaan menghadapi masalah kerana tidak dapat berfungsi.

“Esoknya saya ke pesta itu semula, malangnya ia sudah berakhir dan saya menghubungi syarikat penjual komputer itu untuk mendapatkan jaminan, tetapi mereka enggan bertanggungjawab.

“Jadi saya ke pusat perkhidmatan pelanggan syarikat pengeluar komputer terkemuka ini sebelum dimaklumkan model komputer riba yang saya beli di pesta berkenaan tidak mengikut spesifikasi sebenar menyebabkan ia menghadapi masalah dan kerosakan,” katanya.

Naraya yang juga jurutera berkata, lebih mengejutkannya apabila syarikat pengeluar komputer terkemuka itu memaklumkan mereka tidak pernah menjual model komputer berkenaan dan menyarankannya membuat laporan polis.

“Saya membuat laporan di Balai Polis Dang Wangi pada 16 April lalu kerana ditipu sindiket itu,” katanya.

Wee Fei Soo, 24, pula berkata komputer riba yang dibelinya di pesta berkenaan di ibu negara juga menghadapi masalah menyebabkan dia segera merujuk ke pusat perkhidmatan syarikat pengeluar komputer itu.

“Saya dimaklumkan syarikat berkenaan tidak pernah mengeluar atau menjual model komputer riba jenis itu dan komponen yang digunakan juga tidak mengikut spesifikasi ditetapkan.

“Wakil pengeluar komputer terkemuka itu juga memaklumkan komputer riba dikeluarkan syarikat berkenaan sentiasa mempunyai pelekat keselamatan Sirim.

“Saya dapati komputer yang dibeli di pesta berkenaan tidak ada pelekat Sirim selain kotaknya juga tidak sama dengan komputer yang dikeluarkan syarikat komputer terkemuka itu,” katanya.

N Maran, 36, pula memberitahu dia terkejut apabila dimaklumkan komputer riba yang dibelinya di karnival komputer di ibu kota, baru-baru ini tidak mengikut spesifikasi sebenar.

“Kita pembeli hanya melihat jenama, tapi saya tidak menyangka ada sindiket mengambil kesempatan menipu orang ramai di pesta itu.

“Saya juga membuat laporan polis dan merujuk kes ini kepada Tuntutan Tribunal Pengguna.

“Saya berharap orang ramai jangan terpedaya dengan jualan murah di pesta berkenaan kerana mungkin ada sindiket yang cuba mengambil kesempatan menjual komputer terpakai dan mendakwa ia barang baru,” katanya.

Howdy All,

If you are PayPal users, please take note that PayPal is going to block your access to their website soon if you are browsing using old version of Internet Explorer or FireFox or any other browsers. The main reason is due to lack of security, specially related to Digital Certificate. Please read the article below taken from AccountantsWorld

PayPal To Block Older IE, Firefox Browsers From Site
CommwebNews.com via NewsEdge :

As part of an effort to combat phishing, PayPal plans to block older versions of Internet Explorer and Firefox and other “unsafe” browsers from accessing the online payment site.

In a paper released at an RSA security conference this month in San Francisco, PayPal said there is a significant number of site visitors using browsers as old as Internet Explorer versions 3 and 4, released in August 1996 and September 1997, respectively. Such “unsafe browsers” lack the latest technology for blocking phishing sites and do not support Extended Validation Certificates, which are digital certificates that establish Websites as trusted during online transactions.

Phishing is a deceptive practice used by Web criminals to acquire personal information, such as usernames, passwords and credit card details. Phishers often pose as legitimate businesses in emails to lure victims to fraudulent sites where they are asked to input their personal data. Phishers also use Websites with URLs similar to legitimate sites, hoping that a person will misspell the address and end up at the fraudulent site. PayPal is among the favorite targets of phishers, along with eBay and online banks.

“At PayPal, we are in the process of re-implementing controls, which will first warn our customers when logging in to PayPal from those browsers that we consider unsafe,” the eBay-owned payment service said. “Later, we plan on blocking customers from accessing the site from the most unsafe — usually the oldest — browsers.”

PayPal in February warned people that Apple’s Safari browser didn’t have the necessary security to protect Web users and recommended the latest versions of Microsoft’s Internet Explorer and Mozilla’s Firefox. Safari is the default browser in Apple Macintosh computers and in the iPhone smartphone.

To beef up its own security, PayPal this year acquired Fraud Sciences for $170 million in cash. PayPal planned to use the company’s online risk and security tools to enhance the fraud management systems of both PayPal and eBay. Fraud Sciences’ risk tools and analytics would be targeted at accelerating the development of advanced fraud detection tools, PayPal said.

<<CommwebNews.com — 04/21/08>>

So, make sure you update your browser version before you surf PayPal’s website

Howdy All,

Please be informed that the below article is copied from Network World for the purpose of to share the Warning Message to public. You may read the original article from here

By Robert McMillan , IDG News Service , 03/22/2008
Sponsored by:
Be extra careful when opening documents in Windows, especially if they are Word files.

Microsoft on Friday warned that cyber criminals may be taking advantage of an unpatched flaw in the Windows operating system to install malicious software on a victim’s PC.

The reported attack, now under investigation by Microsoft, involves a malicious Word document, but there may be other ways of exploiting the flaw, Microsoft said.

“Do not open or save Word files that you receive from untrusted sources or that you receive unexpectedly from trusted sources,” Microsoft said in a security advisory posted to its Web site late in the day.

The flaw lies in the Jet Database Engine that is used by a number of products including Microsoft Access. Microsoft is investigating whether other programs may also be exploited in this type of attack.

Although this kind of unpatched, “zero day” attack is always cause for concern, Microsoft downplayed the risk.

“At this time, we are aware only of targeted attacks that attempt to use this vulnerability,” the company said. “Current attacks require customers to take multiple steps in order to be successful; we believe the risk to be limited.”

Following its usual policy, Microsoft didn’t say when — or if — it planned to patch the bug. But in a statement sent to the press, the company did not rule out the possibility of an emergency patch, released ahead of its next set of security updates, which are expected on April 8.

Users of many versions of Word, including Word 2007, 2003, 2002 and 2000 are at risk, unless they are running Windows Vista or Windows Server 2003, Service Pack 2. Those two operating systems include a newer version of the Jet Database Engine that does not have the bug, Microsoft said.

For the technically savvy: this means that PCs with a version of the Msjet40.dll that is lower than 4.0.9505.0 are vulnerable.

There have been other reports of attacks targeting this database software recently. In December, the US-CERT (United States Computer Emergency Readiness Team) warned that attackers were sending out malicious Microsoft Access Database (.mdb) files in a similar type of attack. Security experts speculated that this exploit could have been based on a publicly reported flaw in the Jet Database Engine.

The IDG News Service is a Network World affiliate.

Howdy All,

This morning I received a pishing email claimed as from HSBC but I know it is not from them as I never use my company’s email for any personal matters. As usual, I just have a check on the actual URL from the URL given by looking at it source. I share with you the content of the email that I received below. PLEASE DO NOT CLICK ON THE LINK GIVEN BELOW!!!

Dear HSBC bank customer,

We would like to inform you that we are currently carrying out scheduled maintenance.
In order to guarantee the high level of security to our business customers, we require you to complete “Business Internet Banking Form”.
Please complete BIB Form using the link below:

http://business.hsbc.com/system_directory/isa/file.aspx?session=49230617355387080224840852072630111989207537

Please do not respond to this e-mail.

Looking at the content it seems nothing wrong but wait, please look at the actual message when you view the source. The source will show you the actual URL set for the link given.

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN”>
<HTML><HEAD>
<META http-equiv=Content-Type content=”text/html; charset=iso-8859-1″>
<META content=”MSHTML 6.00.2800.1141″ name=GENERATOR></HEAD>
<BODY>
<P><FONT face=”Geneva, Arial, Helvetica, san-serif”>Dear HSBC bank
customer,</FONT></P>
<P><FONT face=”Geneva, Arial, Helvetica, san-serif”>We would like to inform you
that we are currently carrying out scheduled maintenance.<BR>In order to
guarantee the high level of security to our business customers, we require you
to complete “Business Internet Banking Form”.<BR>Please complete BIB Form using
the link below: </FONT></P>
<P><FONT face=”Geneva, Arial, Helvetica, san-serif”><A
href=”http://business.hsbc.com.nuifjje.es/system_directory/isa/file.aspx?session=49230617355387080224840852072630111989207537″>http://business.hsbc.com/system_directory/isa/file.aspx?session=49230617355387080224840852072630111989207537</A></FONT></P>
<P><FONT face=”Geneva, Arial, Helvetica, san-serif”>Please do not respond to
this e-mail.<BR></FONT></P> 

Please look carefully at the full URL beginning from <A href=> tagging. It shows that the actual domain is not hsbc.com but instead nuifjje.es and of course, it is not a valid domain for HSBC. So it is definite not a valid email from HSBC but just a pishing email trying to steal HSBC customers’ personal information. Sometimes, it is an attempt to get you infected with some viruses, worms or trojan.

Howdy All,

In my previous posting, I informed everyone about the pishing email sent to people to steal their login info. This time, I received an email, sent to my company’s email, trying to steal the information. For me, I’m not worry about it since I do not have any account with Google but it is good to remind others. I share with you the content of the email that I received below. PLEASE DO NOT CLICK ON THE LINK GIVEN BELOW!!!

————————

Dear Google AdWords Customer!

In order to update your billing information, please sign in to your AdWords account at https://adwords.google.com, and update your billing information. Your account will be reactivated as soon as you haveentered your payment details. Your ads will show immediately if you decide to pay for clicks via credit or debit card. If you decide to pay by direct debit, we may need to receive your signed debit authorization before your ads start running, depending on your location. If you choose bank transfer, your ads will show as soon as we receive your first payment. (Payment options vary by location.)

Thank you for choosing AdWords. We look forward to providing you with the most effective advertising available.

Sincerely,

The Google AdWords Team

————————

This message was sent from a notification-only email address that does not accept incoming email. Please do not reply to this message. If you have any questions after following the steps above, please visit the
Google AdWords Help Center at https://adwords.google.com/support/bin/topic.py?topic=8336&hl=en_US to
find answers to frequently asked questions and a ‘contact us’ link near the bottom of the page.

————————

I know it is a pishing email because the link given is not pointing to the said URL as we see it but it is actually pointing to a sub-domain created similar as google’s sub-domain for a domain a country of China - fgreo3.cn

You can also verify the email by looking at the original message (its header parter specially), it is not from Google. Please see below

Return-path: <firewalker434@yahoo.com>
Received: from [92.112.35.159] ([92.112.35.159])
	by my.acctrak21.com (my.acctrak21.com)
	(MDaemon.PRO.v7.2.3.R)
	with ESMTP id md50001165699.msg
	for <abrahman@my.acctrak21.com>; Sat, 22 Mar 2008 21:01:39 +0800
Received: from [92.112.35.159] by e.mx.mail.yahoo.com; Sat, 22 Mar 2008 16:01:37 +0300
Date: Sat, 22 Mar 2008 16:01:37 +0300
From: “Google Adwords-noreply” <adwords-noreply@google.com>
X-Mailer: The Bat! (v3.62.03) Home
Reply-To: firewalker434@yahoo.com
X-Priority: 3 (Normal)
Message-ID: <048989728.86776683630043@yahoo.com>
To: abrahman@acctrak21.com
Subject: Please Update Your Billing Information
MIME-Version: 1.0
Content-Type: multipart/alternative;
  boundary=”———-{nHEX}”
X-Lookup-Warning: MAIL lookup on firewalker434@yahoo.com does not match 92.112.35.159
X-MDRcpt-To: abrahman@acctrak21.com
X-Rcpt-To: abrahman@acctrak21.com
X-MDRemoteIP: 92.112.35.159
X-Return-Path: firewalker434@yahoo.com
X-MDaemon-Deliver-To: abrahman@my.acctrak21.com
X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11)
X-Spam-Report:
	*  3.0 BAYES_60 BODY: Bayesian spam probability is 60 to 70%
	*      [score: 0.6079]
	*  0.1 HTML_MESSAGE BODY: HTML included in message
	*  0.1 HTML_TITLE_EMPTY BODY: HTML title contains no text
X-Spam-Status: No, hits=3.2 required=5.0 tests=BAYES_60,HTML_MESSAGE,
	HTML_TITLE_EMPTY autolearn=no version=2.64
X-Spam-Level: ***
X-Spam-Processed: my.acctrak21.com, Sat, 22 Mar 2008 21:01:44 +0800

————{nHEX}
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

————————

Dear Google AdWords Customer!

In order to update your billing information, please sign in
to your AdWords account at https://adwords.google.com, and update your
billing information. Your account will be reactivated as soon as you have
entered your payment details. Your ads will show immediately if you
decide to pay for clicks via credit or debit card. If you decide to pay
by direct debit, we may need to receive your signed debit authorization
before your ads start running, depending on your location. If you
choose bank transfer, your ads will show as soon as we receive your
first payment. (Payment options vary by location.)

Thank you for choosing AdWords. We look forward to providing you with
the most effective advertising available.

Sincerely,

The Google AdWords Team

————————

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message. If you
have any questions after following the steps above, please visit the
Google AdWords Help Center at
https://adwords.google.com/support/bin/topic.py?topic=8336&hl=en_US to
find answers to frequently asked questions and a ‘contact us’ link near
the bottom of the page.

————————

————{nHEX}
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
<HTML><HEAD><TITLE></TITLE>
</HEAD>
<BODY>

<br>————————<br><br>Dear Google AdWords Customer!<br><br>In order to update your billing information, please sign in<br>to your AdWords account at <a href=”http://adwords.google.com.fgreo3.cn/select/Login/” target=”_blank”>https://adwords.google.com</a>, and update your<br>
billing information. Your account will be reactivated as soon as you have<br>entered your payment details. Your ads will show immediately if you<br>decide to pay for clicks via credit or debit card. If you decide to pay<br>
by direct debit, we may need to receive your signed debit authorization<br>before your ads start running, depending on your location. If you<br>choose bank transfer, your ads will show as soon as we receive your<br>first payment. (Payment options vary by location.)<br>
<br>Thank you for choosing AdWords. We look forward to providing you with<br>the most effective advertising available.<br><br>Sincerely,<br><br>The Google AdWords Team<br><br>————————<br><br>This message was sent from a notification-only email address that does<br>
not accept incoming email. Please do not reply to this message. If you<br>have any questions after following the steps above, please visit the<br>Google AdWords Help Center at<br><a href=”https://adwords.google.com/support/bin/topic.py?topic=8336&hl=en_US” target=”_blank”>https://adwords.google.com/support/bin/topic.py?topic=8336&hl=en_US</a> to<br>
find answers to frequently asked questions and a ‘contact us’ link near<br>the bottom of the page.<br><br>————————<br><br> <br></div><br>

</BODY></HTML>
————{nHEX}–

Can you see the email for return path? Google never practice such thing, in fact. I think I should report to you about this pishing email for their further action. Also, see the actual URL that appear at the last part of my quote? It is not going to google’s domain but somewhere else. So, the next time when you received such email, do not immediately click on it but have a check first to verify the email for safety reason.