Facebook Marketplace Ebay Scam!

The Famous Facebook Marketplace Scam!

It seems that some folks on the planet have nothing better to do than figure out new and exciting ways to scam the unsuspecting!   One of the more novel approaches we have seen is the Facebook Marketplace scam!  This scam starts out harmlessly as a vehicle sale on the Facebook Marketplace.  You see an advertisement of the great Mercedes -Benz Sprinter camper that you have been interested in and at an unbelievable price (clue 1)!  You send a message through the Facebook Marketplace to the seller expressing your interest in coming to see the vehicle.   This is followed up a day or two later (clue 2) with a very nice email from the seller suggesting that you should get your financing in place as this vehicle is priced for a quick sale.

You write back that you are a cash buyer and want to see the vehicle.   This time you get a heart breaking email back saying the seller is in the Armed Services and is about to ship out so they have placed the vehicle with Ebay Motors for your protection

I am active duty Military!

Hello, I’m serving in Sioux City Air National Guard Base ( ANGB ), IA but soon our unit will be sent back oversea to replace and help the troops scheduled to come home, so I don’t need it anymore at this time. This is the reason why I left the RV stored with all the paperwork at the eBay Motors in Sioux City, IA ready to be delivered. I have signed a contract with eBay to take care of the selling on my behalf. I want to use their escrow and transport services as they offer 100% protection and insurance to both buyers and sellers.

“The deal includes free delivery and it will arrive at your address in 3-5 days, depending on the exact location. You will have 5 days to try out prior to making any purchase and if by any reason you find something you don’t like about it you can send it back at my expense (but I am sure you will love it and you will not be disappointed). If you are interested in knowing more info about how it works, I can ask eBay to send you an email with more information on how to purchase it. eBay will contact you shortly after they have the details with all the confirmation that you need to complete this deal and you will also have proof that I am covered by them and a legitimate seller. If you would like to receive the email from eBay with all the transaction information please reply with your full name, shipping address and phone # and they will contact you right away.”

Look the email is really from Ebay!

If you now send your name and address you will in fact get an invoice.  The invoice looks real enough and to the untutored eye, it would be very easy to be taken in!  After all the reply to address is Ebay!
——————————————
From: eBay™ <support@ebay-motors-securitycenter.com>
Date: Monday, August 19, 2019 at 1:18 PM
To: unsuspecting@buyer.com
Subject: Your Invoice for 2014 Leisure Travel Unity Murphy Bed Order# 233573853682 – Review and pay!
Thank you for using eBay! 

The next step is to pay for your item. Check out and pay to get your item as soon as possible.

Dear <unsuspecting buyer name here>

You are receiving this email because the seller (Tammy Schick) has registered you as a
potential buyer for the vehicle
2014 Leisure Travel Unity Murphy Bed.
Your Invoice is attached to this email. Please follow the enclosed payment instructions.
After carefully review the information, please contact our Customer Support Department at 
+1 (818) 275-7842 in order to confirm and approve your payment.
Thank you for using eBay for your Order!
———————————————————————

Check the “WHOIS” Domain Ownership

If you are careful and you call the phone number in the email, you will actually get someone who claims to be Ebay motors customer service.    If you take the time to go to the WHOIS directory and look up the ownership of the domain name ebay-motors-securitycenter.com  you might notice that the domain is owned by someone other than Ebay!

WHOIS search results

Domain Name: EBAY-MOTORS-SECURITYCENTER.COM
Registry Domain ID: 2418304121_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://www.tucows.com
Updated Date: 2019-07-30T12:44:30Z
Creation Date: 2019-07-30T12:44:24Z
Registry Expiry Date: 2020-07-30T12:44:24Z
Registrar: Tucows Domains Inc.
Registrar IANA ID: 69
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS1.SYSTEMDNS.COM
Name Server: NS2.SYSTEMDNS.COM
Name Server: NS3.SYSTEMDNS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-08-19T23:29:23Z <<<

Is Facebook complacent?  Does Google really know everything?

At the end of the day -remember what  you parents taught you: “If it looks to good to be true, it is to good to be true”.     You have to pay careful attention when you are buying stuff on the internet!

How can Tucows a major domain registration agency sell someone a domain name that is a clear trademark infringement and is clearly part of a phishing exhibition!  importantly, if Facebook and Google have this great ability to know everything about everybody, why is it that they do not know about this scam?  Why has this ad and others like it been running on the Marketplace for months and as near as I can see, it is still running.   The scammers are actually paying for an advertisement on Facebook?  Unbelievable!   Click on the ad and you will update Facebooks database as to what your interests are so they can sell more targeted advertising!

The Browser Wars taking control of “hosted” applications!

“”As more and more applications become cloud based hosted solutions, the more urgent your choice of Internet Browser will become!  The desktop warfare, in our opinion, is really getting out of control!  You would think that you can use any browser for any website you want to surf, but such is not the case.  We recently made the mistake of trying to pay our Microsoft Office Online invoice while using a Firefox browser.   Only when we switched over to a Microsoft IE browser could we complete the transaction!

In yet another painful situation while working with CISCO Prime Communications Deployment tools, we were experiencing a database access error.  This error stalled development for several hours as we tried to find the root cause of the connectivity error.   Only by accidentally switching to IE from Firefox, did we uncover that the connectivity error was a fraud perpetrated by our choice of browser.  (Granted we think the only useful thing you can do with IE is download Firefox).

WTF is Control C?

Those of you who have been working with fat client based solutions, like Microsoft Outlook might actually be somewhat discouraged from using Microsoft Office 365.   All of the usual operations like right clicking on an object to copy and paste are suddenly replaced with pre-historic multi key chord strokes like Control C or Control X.   Personally, I find both Google and Microsoft cloud solutions to be frustrating! The simple act of  high-lighting a range of text might cause you to go completely over the edge!  The application will “bark” at you with an error recommendation as  you try to replicate the desktop experience with your browser based application.

BrowserCutPaste

We have many clients who require us to use a variety of different tools when we work on those projects.  For example, some folks like Google mail rather than Outlook OWA as implemented in Microsoft Office 365.   Web conferencing tools like Webex from CISCO and Lync or Skype for Business by Microsoft have very different results depending on your choice of browsers.

Desktop Warfare winners?

Who is winning the war?   Well is seems that Google Chrome is the hands down winner with a 44% market share largely resulting from losses by Firefox and Microsoft IE.   Apple’s Safari seems to remain relatively constant and newcomer Opera does not seem to be making an impact.  These numbers hold true regardless of the platform, with Apple and Android showing the same browser preferences as their desktop competitors.

BrowserCounter

So how do you survive with this level of warfare?   We find that both Chrome and Firefox have outside developers who support the browser by creating add-ons.   Our particular favorite is Firefox as they seem to have a wider community of developers.   (We also figure anything you type into a Chrome browser is immediately searchable by the entire Internet population).   Though feature comparisons are useless, and most folks just pick a browser based on personal preferences or device (Safari is an Apple product), we think Chrome and Firefox are the most open solutions.   We are Mac freaks, but at the end of the day, WebRTC will most likely be developed by Chrome and Firefox who are not defending hardware market share or erecting proprietary application.   The kool kids typically pick one of these two browsers if they are going to change from the browner that shipped on their Windows or Apple platform.

As you use more and more cloud based applications you will become increasingly more aware of the browser warfare taking place on your desktop!  At the end of the day, you are going to end up using more than one browser to get your work done!

Hey watch how easy it is to get the password you left in your browser!

Network Security begins with an “Acceptable Use” Policy!

Most folks seem to understand what a firewall is and why it is so very important. They intuitively understand they need something between the “trusted” internal computer network, and the wild west we call the Internet! The installation of a firewall is generally something all business do, from the wireless network at the local coffee shop, to the medium size law firm and the giant multinational distributed enterprise. The barbarians are at the door, but with a firewall we all feel protected! The largest percentage of cyber security risks, however, do not come through the front door and your firewall will never see them enter. The largest risk to the security of your network comes from the employees and guests allowed, either connected by wire or wireless, to attach to your corporate network.

As a CISCO Certified Security Professional, DrVoIP does a great deal of work in the area of computer network security. When called on to do a “Security audit”, “voice readiness” or “network assessment”, the first question we ask executive management is where is your AUP? After all, we can tell you what protocols are running around on your network, and even which user is consuming the most bandwidth. We cannot, however, tell you if they are allowed to use that bandwidth! The creation of an “acceptable use” policy (i.e., AUP) is an essential first step in network security. The AUP communicates to all network users what is supported and what applications are allowed on the network. It describes what is acceptable regarding personal email, blogging, file sharing, web hosting, instant messaging, music and video streaming. It defines what activity is strictly prohibited on the network and clearly outlines what constitutes “excessive use”. The computer network is a valuable corporate asset and as such, it needs to be valued, protected, and secured.

Does your company have a network access and authentication policy? What is the “password” policy? Do you even 0need a password to use the company network? Can anyone just come in and plug whatever phone, pad or computer device they happen to have into the company network? What is the data storage and retention policy? Do you allow VPN tunnels that extend your company network to a home office or coffee shop? Do you allow your users to connect third party provided equipment to your network? Is it acceptable that Bob just added a hub to his office network connection so he can plug in his own printer? How do we feel if Bob plugs in his own wireless access point? Do we have a “guest” network and do we let those folks know what is acceptable on your network?

What are the legal ramifications and liabilities you are exposed to if you are providing a computer network as part of a lease agreement? Are you liable for damages if your computer network is unavailable or “down for any reason? If Home Land Security shows up because your company’s public IP address was traced as originating a terrorist treat, do you have the user agreements in place to mitigate the costs you are about to incur defending your good name and reputation?

Computer network security is more than a firewall. A computer with an Ebola virus, Adware or nefarious RAT (remote access terminal) will infect all computers on your network, threaten your corporate data and render your firewall as useless as a screen door on a submarine. If your company has taken the prudent step of providing a Human Resource or employee manual that spells out the company’s position on work force violence, sexual harassment, vacation day accrual and drugs in the workplace, why don’t you have a manual that defines the acceptable use of your most vital corporate assess, the computer network?

Contact DrVoIP@DrVoIP.com and ask us to send you a sample AUP!   We can assist with the creation of an acceptable use policy that makes sense for your company and your employees while protecting your valuable communication and collaboration asset, the company Intranet!  Then and only then can we do an effective “network assessment”. – DrVoIP

Don’t look now but you have been hacked!

Hackers at the Front Door?

Most every home and business office now has a firewall that separates your internal computer network from the wild west of the world wide internet. The good news is that firewalls have become increasingly more sophisticated and properly configured can do an excellent job in securing your internal computer network devices.  Modern firewalls now include intrusion detection and prevention, email spam filtering, website blocking and most are able to generate reports on who did what and when. They not only block evil doers from outside your network, but they police the users on the inside from accessing inappropriate resources on the outside internet. Employees can be blocked from visiting sites that can rob your business of valuable productivity time or violate some security compliance requirement.  Prime business hours is really not the time to update your Facebook page! Nor do we want our medical and financial service folks using an instant messaging service to chat with and outsider!

The Firewall is the electronic equivalent of the “front door” to your computer network and there is an endless parade of potential evil doers spray painting your doors and windows, relentlessly looking for a way in. A properly configured, managed, and regularly updated Firewall can be very effective in protecting your computer network, both in the office and at home. Behind the firewall, must desktop computers and office servers have local software based firewalls installed that also provide virus protection.  Hopefully if something does get past the firewall, the internal virus and desktop firewall solutions will provide an additional level of security.

What is a Firewall Anyway?

Firewalls are both reasonable and appropriate but here is the bad news. Most of the hacking you now hear and read about is not done by evil doers coming through your firewall! The real damage is done by those inside your network! Malicious users and dishonest employees will always a treat. There is always the treat of the unscrupulous employee swiping credit card data or passing security information for money. The real danger, however, is from users who are just ignorant of today highly sophisticated security vulnerabilities. The most honest employee can unwittingly become the source of a major security breach resulting in the loss of their own personnel data, or the personal and financial data of your customers.

Take your average laptop user as a perfect example. How many times have you gone down to Starbucks and setup shop?  Beautiful day, open air, sun and a high speed internet connection, wireless phone and it is business as usual! If I told you how easy it is to setup a “man in the middle” attack at Starbucks you would give up coffee for the rest of your life. You think you are on the Starbucks WiFi, but actually that kid in the back of the Starbucks with the Wireless Access Point attached to his USB connector, has spoofed you into thinking he is your door to the Internet. He has been monitoring every key stroke on you laptop since you logged in. In fact he now has your log in, password and most everything else on your computer.  Now when you head back to the office and plug in,  you just unleashed a bot on the company network and he will be back later tonight!

If laptops were not enough, everybody is now walking around with a Smartphone!  Did you know that your Smartphone keeps a list of all the WiFi networks you have used recently? Remember when you were down at Starbucks checking your email while waiting for that cup of coffee? Now everywhere you go your phone is sending out a beacon request that sounds like “Starbucks WiFi are you there?” hoping it will get a response and auto connect you to the internet. Remember that kid we were just talking about?  He decided to answer your beacon request with a “yeah here I am, hop on!” Just another “MITM” attack and what he can do to your Smartphone, especially those Androids makes your laptop look like Fort Knocks!

Sometimes for fun and entertainment, while sitting at a gate in an airport waiting room, I will net scan the WiFi to identify how many phones, computers and ipads are online and connected. Not saying that I would do this, but I think you could execute a Netbios attack in less the five minutes?  It is amazing how many people leave their printer an network sharing options on when they travel.  Even more people leave their “Network Neighborhood” settings  in the default configuration!  The drill is always the same:  map the network to see what hosts are connected; port scan for know vulnerabilities; out the exploit tool kit and the rest is actually getting relatively boring for the ethical hacker.  Now credit card thieves on the other hand…….

Chances are your Internet browser is worst enemy when it comes to securing your privacy.  Every website you visit, every email you send and every link you follow is being tracked by hundreds of companies. Don’t believe me?  If you are using Firefox, install an add in extension named DoNotTrackme and study what happens.  Assuming you are an average internet surfer, in less that 72 hours you will have a list of over 100 companies that have been tracking your every move on the internet!  These companies don’t work for the NSA,  but they do sell your “digital profile” to those willing to pay for the information.  Where has your GPS been? What sites did you visit, what movies did you watch, what products did you buy, what search terms did you select – all of this dutifully reported back by you and your unsuspecting employees.  Ever wonder if your competitors want to know what your viewing on line?

Voice Over IP phone systems offer an entirely new range of vulnerabilities waiting to be exploited by the unscrupulous evil doer!  We recently illustrated to a client Law Firm (as a paid intrusion detection and penetration testing consultant and with the clients permission) just how easy it is to covertly switch on a conference room based speakerphone and broadcast the entire conference to a remote observer over the internet! In fact, capturing voice packets for replay is the first trick script kiddies learn in hacking school!

VoIP, Bluetooth, WiFi, GPS, RFid, file and print sharing and even the “cloud” all add up to a list of vulnerabilities that can be easily exploited. What can you do? You need to educate yourself and develop your own “best practice” for safe computing.  You need to educate your employees and co-workers about the various vulnerabilities we all face every day as we become more “wired” and more Mobile.  Hire a competent Computer Network Security professional to do “penetration testing” on your corporate network and firewall.  It would be better to pay a professional to “hack” you, then pay to  fix it after you have been hacked!  Remember if we can touch your network, we will own your network!

(DrVoIP provides VoIP network readiness assessments and is a certified  Network Security consultancy.   If you contact DrVoIP@DrVoIP.com we recommend that you use Ipredator to do so!)