Vimeo Email Spoof Leads to ‘Permission to Publish Video’ Scam

Smart phones and webcams no doubt helped popularize user-generated videos (UGV) on video hosting sites like youtube.com and vimeo.com. However, the biggest surprise has to be the cross over appeal and use of UGVs on hard news websites and premium TV networks, an honor once reserved only for seasoned production crews. While many professional videographers seek both fame and fortune, amateur producers of UGVs are willing to settle for the bragging rights of having thousands, if not millions, of people view and comment on their works. Having one's works broadcasted or published on a news site, has to be the icing on the cake, since such exposure could increase the chances of the UGV going viral, the Golden Globes for UGV production.

Cybercriminals work hard to steal your money, investing in the stealth toolkits, using proven strategies and studying human behaviors. When molding email scams, they often use a tried and true formula that includes two key components: a trusted source or sender and a compelling topic or body of text. Without thought, too many PC users click too fast and let inside nasty infections like the one behind the Vimeo scam. An email under the signature of a journalist is reportedly seeking permission to use or publish 'your video' on his news portal. Victims are asked to click on a masked or fraudulent Vimeo hyperlink that leads to the true payload, a Canadian Pharmacy webpage that offers erection enhancement pills. Secondarily, the malicious webpage could also house a Trojan downloader that is able to unload other malicious programs without further aid. Those too caught up in the prospect of fame or fortune may accept the invite as genuine and without caution or hesitation click and pacify the scam and unleash a malicious attack.

If one Trojan penetrated your weaker defenses, chances are more malware threats will follow. At a minimum, a port will be opened to let inside more malicious programs and to intercept new commands. Script may be run to copy vital data stored in the browser cache or on the hard drive. A keylogger could be used to record keystrokes being typed into web-based forms of a financial nature. A browser helper object could reroute traffic to sites encouraging click fraud or promoting the sale of a rogue security program. Malicious toolbars might be installed that spy on the PC user's surfing habits and order up a customized attack of annoying pop-up advertisements.

Negative system changes to support malicious activity and block removal could conflict with the OS and cause unstable system behaviors. Instead of waiting for some fake rogue security program to alert you an intruder is aboard and offer an empty fix, you should use a reliable scanning tool you installed yourself to investigate. If malware is found, do not rely on rudimentary methods that cannot guarantee total eradication nor fully restore your system back to normalcy. Instead, be aggressive and use a professional antimalware solution loaded with an anti-rootkit component that guarantees complete success.

Top 6 Tips to Avoid Future Scams

Following simple safety guidelines could thwart future attacks and keep a hacker from gaining remote access of your computer to use your system resources to harm others.

1. Keep an antimalware solution in effect and run regular scans to be proactive in blocking suspicious or malicious programming behaviors.
2. Be slow to click on links or attachments, especially unsolicited IMs or emails.
3. Use strong passwords that are hard to crack.
4. Do not download pirated files! Many illegal downloads are laced in infections.
5. Stay atop of software notifications that patch vulnerable programming.
6. Never trust any program you did not install on your own and did not authorize to run a scan.