About Me

Francois Paget

Francois Paget
Senior Threat Researcher

Read More

Feeds & Podcasts

Blogs

Meet the Bloggers

Archive

Tags

#SecChat $1 million guarantee 12 Scams of Christmas access to live fraud resolution agents Acquisition Alex Thurber Android antivirus Apple botnet Channel Partners cloud security Compliance Consumer counter identity theft credit card fraud and protection credit fraud alerts credit monitoring credit monitoring and resolution critical infrastructure Cyber Security Mom cyberbullying Cybercrime cybermom data breach data center data center security Data Protection Dave DeWalt DLP Email & Web Security embedded encryption Endpoint Protection enterprise facebook fake anti-virus software Family Safety Friday Security Highlights global threat intelligence google government Hacktivism how to talk to kids how to talk to teens identity fraud identity fraud scams identity protection identity protection $1 million guarantee identity protection fraud identity protection surveillance identity surveillance identity theft identity theft expert identity theft fraud identity theft protection identity theft protection product Identity thieves and cybercriminals intel iphone kids online behavior lost wallet protection malware McAfee McAfee Channel McAfee Family Protection McAfee Identity Protection McAfee Initiative to Fight Cybercrime McAfee Labs McAfee security products Mid-Market Mobile mobile malware mobile security monitor credit and personal information Network Security online personal data protection online safety Operation Aurora PCI personal identity theft fraud personal information loss personal information protection phishing privacy proactive identity protection proactive identity surveillance Public Sector restore credit and personal identity Risk and Compliance scam scams scareware security smartphones social media social networking social networks spam Stuxnet twitter vulnerability Web 2.0 work with victim restore identity

McAfee Labs :

GET RICH QUICK ? Nothing is less certain !

Monday, January 7, 2008 at 6:08am by Francois Paget
Francois Paget

Many governmental and civil service web sites call peoples’ attention to chain-letters based on the age-old pyramid scheme. The U.S. Postal Inspection Service gives this definition:

    A typical chain letter includes names and addresses of several individuals whom you may or may not know. You are instructed to send a certain amount of money–usually $5–to the person at the top of the list, and then eliminate that name and add yours to the bottom. You are then instructed to mail copies of the letter to a few more individuals who will hopefully repeat the entire process. The letter promises that if they follow the same procedure, your name will gradually move to the top of the list and you’ll receive money — lots of it.

These rip-off schemes reached the Internet a long time ago. Chain letters are now disseminated over the Internet. These rely on copying and e-mailing your contacts rather than the established paper method. Many antispam products are dedicated to intercepting them. Today, people dreaming of “making money fast” can easily find the software that claims to help them do just that by some efficient Internet searching.

These programs supposedly facilitate making secure payments. The below image shows the result of one of these programs (seemingly of French origin) – an e-mail spam attachment for worldwide distribution:

http://vil.nai.com/images/FPBLOG_01_04_07_B.jpg

The basic principle is as follows:

  • Via Paypal, somebody decided to enter the chain and send 5 Euros to the participant on the top of the list. His e-mail address is displayed when you run the software,
  • After payment, the recipient is supposed to send back a registration key that modifies the configuration by entering the details of the gullible caller at the fourth place and thus altering the list of previous participants,
  • Having done this, the updated file must be sent out to as many people as it is possible to entice more victims and gradually push the sender to the top of the list.

http://vil.nai.com/images/FPBLOG_01_04_07_A.jpg
Looking at this sample, I asked myself whether we should detect this file or not: it is not dangerous to the computer, it is not a malware nor an adware and the people sending the 5 Euros are acting on their own accord. My personal opinion was thus:

  • It is dishonest. And it is not only my opinion but the one mentioned by many government agencies,
  • Chain letter and pyramidal schemes are illegal in many countries,
  • It seems this program is of French origin and the French laws forbid these
    schemes (article L122-6),
  • It uses Paypal and Paypal forbids the use of their system for such activities.

To ultimately battle these types of programs we really need, as usual, to be suspicious whenever someone propose that you can get rich quick!!!

We detect this Potentially Unwanted Program as Scheme-Ultrate.

Bookmark and Share

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (0)