Phisihing calls to Symantec Customers
This is an email I sent to a couple people listed under the Symantec Media contacts as there are is general Corporate contact information anywhere on the website (obivously by design). I putting this up both as a warning to other Symantec customers and also as I doubt it has reached the appropriate department in Symantec in email form. I’m receiving calls from a woman with a British accent, and a blocked phone number, claiming to be from Symantec. She knows I am a current customer, and proceeds to ask me questions regarding our current IT infrastructure. I’m going to assume this person does not work for Symantec, and the fact that they apparently have a list of your customers and are trying to get information on their current IT infrastructure should be of some concern as their intentions are unknown.
PLA?
Hi, a while back I decided to play the old CoD4 (Modern Warfare 1) on my PS3. Please note that this is LONG. This is not meant to be a story, but an idea of what happened so it will be easier to sort out what was wrong. I noticed a clan tag: [PLA] that was used by multiple different people. Sometimes, right before the round would start, it would just say: 'DRAW' Host ended game. And if you looked at the little scrolling text area, it would be rapidly moving saying the exact same thing: "[PLA]<player id> Unknow Command..." You're probably wondering what this has to do with anything, but let me assure you, it all comes together. When I went to check my Facebook on my computer later that day, I noticed something odd. There was a shortcut to a program I don't remeber installing called "On-Lock" or something similar. In the task bar, a little notification bubble kept appearing saying (in an unusual windows text): "WARNING!!! YOUR COMPUTER HAS MULTIPLE VIRUSES!!! PLEASE CLICK THIS FOR MORE INFORMATION!!!" I'm not an expert, but I know a fake pop-up when I see one. So instead, I pushed the 'X'. A window instantly popped up, apparently scanning my computer, and then telling me that I needed to buy this product to continue safety. And, of course... They only took Credit cards. I struggled to get the pop-up to go away, but once I did, my ENTIRE BACKGROUND changed into what looked like the 'blue screen of death' however, all my icons were still up as well as the task bar. I tried to run Windows Defender, but another pop-up appeared claiming that the process has to be executed because some file was infected. Of course, I know a few things about computers. I hold the power button until it turns off, and then turn it back on, this time running safe mode. I decided to search around my files. In My Documents I found some folders named by a large sum of numbers. Opening the file, I find a .dll file and an empty folder. I continued to search, until I found the root. On my C:/WINDOWS there were so many folders named similar to the other ones, with the exact same contents (named differently). I also found some fake Windows programs, one of the many was called Windows Agent, and had a poor looking 8-bit image of what looked like a Drug Dealer/Spy. I right clicked it, and pressed Delete. "You do not have permission to perform this operation." Please note that I was the only user of this computer, meaning that an 'admin' could not have parental controls. However, I did manage to delete the oddly named folders. And then, I found a folder that almost made me want to die. It was in C:/WINDOWS. The folder was named 'PLA'. I opened it to find a LOT of .dll and .bat files, as well as even more fake windows apps. When I restarted my computer again, I went to the actual OS. I had no pop-ups. I went back to Windows Defender to double check that everything was okay, so I performed a scan. Every once and a while, the name of the folders that it would be currently scanning would change for a split second to an odd code, then go back to normal. I knew it was an over-ride. I ended up having to completely reset my computer, with all my documents and music going with it. Thank you if you made it this far! Can anybody help me out with this? I know I already fixed it, but is there any way to prevent it? Any info on this would be gladly appreciated: Past experiences, research, etc. I actually google'd PLA and found out that it was a group of foriegn hackers that were accused of hacking the Pentagon... This clearly isn't them, but they must've named themselves after.Maxthon Browser Review Required
I came across a browser called Maxthon sometime back. I use it for occasional browsing but I am still not confident in using it against my corporate webmail or banking websites because the servers that Maxthon uses are in China. Also the browser seems to be making a webservice call to the server on startup and periodically for general security updates. I would like to know if Symantec has a review about this tool and/or a Symantec expert could review the tool to see what information it actually passes from the desktop client to the server at intervals. The files of Maxthon themselves are clean and do not contain any infections of any type.