August 16, 2023

Return of the Facebook Ad Violation Scam

On July 9, 2023, I published a blog article about a Facebook ad violation scam I received in my email inbox. After I reported the scam to SpamCop, the scam stopped for me, but not for another person I know. Evidently, my break is over and the scam arrived afresh in my inbox, on August 16, 2023.

Apparently, scammers are following me and other people who maintain Facebook business pages. When they or their ad detection script detects that I've boosted a post, or created a new ad, they create an email-borne phishing scam targeting my page by its name. In the most recent scam email, the subject was: "Your ad account is currently inactive." The From field contained the words: "Meta for Business". The body text contained dire warnings, including the following:

We regret to inform you that your Advertising account was used to create one or more Ads that do not comply with our Advertising Policies or Community standards.
...
Your account will be permanently deleted in the next 24 hours.

This was followed by a call to action:

To request a review, if you believe your account follows our Community Standards, please use the form below:

SUBMIT NOW

Now that I've stated the visible basics, let's take a look behind the scenes and see just what the Hell is going on!

This article has extended content.
Continue reading "Return of the Facebook Ad Violation Scam" »

back to top ^

August 9, 2023

Fix for Logitech Setpoint won't open on Windows 10 in 2023

Back in 2016, I wrote a blog article detailing how I got Logitech SetPoint to startup with Windows. Until I found the fix, SetPoint installed and I could open and manage it, but it simply wouldn't auto-launch when I logged into Windows or install its icon in the "System Tray." Fast forward 7 years and a new problem popped up with SetPoint not working right on a newly acquired Windows 10 laptop computer.

This new problem is that even though I was able to install SetPoint on my new to me Dell Latitude laptop, I was unable to launch/open the program to manage it. The installer completed and there was a shortcut on the Start Menu. But, clicking on the icon and shortcut did absolutely nothing. When I opened the folder containing the program's executable, Setpoint.exe, and clicked on it, I got a popup error message from Windows complaining that "the side by side configuration is incorrect."

Before I stumbled onto the actual fix, I tried all kinds of suggestions I found on various troubleshooting forums. I downloaded old versions of Microsoft Visual C++ packages in the hopes that the program was looking for long outdated missing components. I even tried a suggestion to run the program in Windows 7 Compatibility mode. Nope, none of this worked. ;-( So, I began following my own hunches based upon decades of experience operating and upgrading Windows computers.

This article has extended content.
Continue reading "Fix for Logitech Setpoint won't open on Windows 10 in 2023" »

back to top ^

July 9, 2023

Facebook Ads Scam

If you run ads, or pay to boost posts on your Facebook (business) pages, you may have received an email with a subject similar to these:


  • Your ad does not meet Facebook's advertising standards.

  • Your ad will be suspended and your ad account will be restricted

  • Your Ads Account Has Been Disabled Due To Violation Of Community Standards


The email claims to come from Meta Business, or Meta for Business, and that's what most email clients will show in the From field. The message body contains wording similar to this:

Hello, (your Facebook "page" name)

We officially inform you that your advertising account has been found in violatin our ads policies. We ensure to take the safety of our user seriously, and we request all advertisers to follow our guidelines.

We've decided to permanently restrict your account. If you think this decision is incorrect you can appeal below:

SUBMIT

After you request a reconsideration, you usually have to wait 48 hours to get a different decision. Before new results are available, your account will be in a "pending review" status.

The Meta for Business Team,

Meta Platforms, Inc., Attention: Community Support, 1 Facebook Way, Menlo Park, CA 54902

This article has extended content.
Continue reading "Facebook Ads Scam" »

back to top ^

December 4, 2022

Nigerian romance scammers are targeting Facebook

December 4, 2022

For the last few months I have seen and reported many comments that have been posted on the timelines of female Facebook members. These comments are usually in response to some sad event mentioned by those members in posts they make on their timelines. This event might be a death notice about a relative, friend, workmate, or even a pet. Or, somebody may have posted about being sad, or brokenhearted because of a breakup, or some form of loss. If the post was made by a female Facebook user, in addition to replies from their friends, they may also receive a comment similar to the following, which I copied from a friend's post about pets crossing the Rainbow Bridge.

"Glen VanHerck
Honestly, I love your posts and shares, you seem kind and worth talking to. I hope you don't mind if we are friends? I tried sending you a friend request but it won't let me. I would love you to send me a friend request for a friendly chat, if you don't mind..
"

This wording and slight variations of it are from a template used by romance scammers that are often based in Nigeria. This come-on has been used over and over to lure unsuspecting women into replying to the scammers behind it. Anybody who becomes Facebook or Instagram friends with these people will be sweet talked out of a lot of money.

If you went to that person's page you would find photos of a distinguished looking US Air Force General who works at the US Northern Command. This entire profile is faked and uses photos downloaded from publicly available military news publications. The scammer, or multiple scammers running this Facebook page created the profile as a lure to rope lonely women into a romance scam where they will build trust with the victim, then begin asking for money for various reasons. I have a Facebook friend who has lost thousands of dollars to a similar scammer, who it turned out lives in Lagos, Nigeria.

If you are a female Facebook user and see a similarly worded comment under something you posted on your timeline, block that user and report the comment as Fraud or a Scam. Then delete that comment so your friends don't get curious and reply to the scammer.

Photos can be downloaded from the web and uploaded to a new Facebook profile. The details about the person being cloned are often publicly available. The scammers are professional confidence men. Once they get the confidence of a victim they will drain that person's bank account asking for payments by prepaid gift cards, MoneyGram, or Western Union, which are untraceable and unrecoverable once sent and claimed by the scammers.

You can learn more about Nigerian Romance Scams on this Wikipedia page. If you know somebody who may have fallen for a romance scam, point them to this Wikipedia article.

back to top ^

December 2, 2022

TD Canada Trust 419 scam arrives in postal letters

November 28, 2022

On Monday, November 28, 2022, I fetched my mail and one letter caught my attention. It was a plain white envelope addressed to me by my name. The sender was simply the words "IBT ELECTION." It had a prepaid postmark from Canada Post, which is strange because I am in the USA. The enclosed letter was obviously printed from a scan on a black and white copy machine. The message it contained is what is known in the spam and scam trade as a Nigerian 419 scam. I will outline the gist of the letter below.

The upper left contained a black and white copy of a TD logo, followed by Canada Trust. It was dated November 22, 2022 and addressed me as "Dear (my name redacted)." The first paragraph was worded much like a typical Nigerian 419 scam going back to the early 2000s. It started off with this: "I am aware that this letter has come to you as a surprise as we have not met before or handled any business deal in the past. Nevertheless, I have contacted you with genuine intentions and I hope I can trust you with this inheritance opportunity which I explain below."

The second paragraph reads as follows:
"My name is MR. MATHIAS EDISON, an account manager with TD Canada Trust Bank, Ontario, Canada. I retrieved your contact address in my search for the next of kin to a deceased customer of our bank MR. GEO (redacted), a citizen of your country, who lived and died in London from Cardiac Arrest in the year 2012. Unfortunately, this customer died intestate leaving his bank account with an open beneficiary status." snip minutia

It ends the paragraph with the hook:
"I would like to present you to our bank as his next of kin to claim this dormant account worth $9.2 Million USD (Nine Million Two Hundred Thousand US Dollars)." the rest of his story is octopus ink meant to further rope in the reader and get them to respond to the email address at the end of the letter where professional followup scammers go to work getting the victim to pay advance fees to cover imaginary fees and bribes in the hopes of splitting this huge amount of money with the scammers.

The signature at the bottom is:
Sincerely
Mr. Mathias Edison
chicken scratch signature.
Email: [email protected]

Inheritance and investment scams are favorites with the lads from Lagos. They've been scamming people in other countries for centuries going back to the French Revolution with the Spanish Prisoner letter scam, and in modern times with the Nigerian Prince scam. You can read up on the details and history of these Nigerian 419 advance fee fraud scams on this Wikipedia page. The number 419 refers to Nigerian Penal Code 419, which deals with financial and advance fee fraud..

In conclusion, there is no such dormant account. You are not the beneficiary. You are a mark which the Nigerians sometimes refer to as Mugus (fools). If you're reading this you probably got a similar letter, or perhaps a similar email. Don't fall for it. Keep tabs on your elderly friends and relatives and mention this to them so they don't get scammed..

back to top ^

December 29, 2021

Tis the season of Facebook and Messenger account impersonators

Beware of new Facebook Friend requests and Messenger message requests coming in the name of people you may already be friends with on the platform. A lot of these requests may even have same profile photo as your friend uses, but may not actually come from the accounts you are friends with.

First, let's acknowledge that there are valid reasons why a Facebook member might create a new account. For instance, they could have a new phone or computer and can't recover the logins from the old device for some valid reason. So, if that person sends friend requests to his previous friends it is probably not a scam (er, maybe). But, that person would be prudent to write a post explaining what happened in the new profile, or in Messenger messages.

But, let's get serious. Facebook accounts are juicy targets for scammers who copy user names, a photo and some details and create a fake, or clone account of somebody you know. They do this so they can scam that person's friends. Always check the member's profile before replying to an unexpected message request that says it is from a Facebook User, possibly with a new account, even if it has the profile photo that friend has been using. Just do a quick search for your friend's name then go to that friend's profile and see if they or their friends mention them possibly being "hacked." They usually have not been hacked, per se, but rather had their account cloned by an impersonator.

Hacked and cloned accounts are used to scam the victim's friends, either by sending a new Friend Request to a fake profile controlled by a criminal, or via specially crafted messages in Facebook Messenger. They can do this if you have an unprotected Friends List that is viewable by other people or the public. If you want to protect your friends from being contacted by scammers who might want to clone your account, just make your Friends list private and viewable to only yourself. To do this go to your account settings, then click or tap on Privacy. the Privacy section contains a setting labeled: Who can see your friends list? To protect your friends from scammers and potential account cloners, set it to: Only Me..

This article has extended content.
Continue reading "Tis the season of Facebook and Messenger account impersonators" »

back to top ^

December 28, 2021

Securing your Facebook account

I recently helped a Facebook friend secure his account after he accidentally got it hacked by a Nigerian 419 scammer/fraudster. The fraudster was using my friend's account to send scams to people on his Friends list via Facebook Messenger. He needed to change his Facebook password, but didn't know where to do it. This article describes how to do that.

If you are using the Facebook App (not a web browser) on a phone, tablet, or touch screen laptop computer, login to Facebook via the screen or desktop icon. Look at the icons along the top of your Facebook profile. At the far right is an icon with three horizontal lines. Touch that icon. A page opens labeled "Menu" on the upper left. To the right of the word Menu is a gear icon. Touch the gear icon to open your "Settings & Privacy" then follow these steps...

  1. Under the heading "Account" is a link labeled "Password and Security." When you press this link the first option is to check your "Important Security Settings." Do that and fix any serious issues.
  2. Afterward, come back to the Password & Security page and look under the heading: "Login" - where you will see: "Change password." Press that link and follow the on-screen instructions.
  3. Do not reuse an old password as they get stolen from hacked online databases. Create a strong new password that can't be guessed by a random stranger or a hack-bot using a dictionary attack to crack known words. Better yet, if your browser offers to create a strong password, let it and have the browser save/remember it.
  4. Note, you might have to add a punctuation mark, capital letter, or a number to the new password if the input field complains that the password must contain at least one of this or that character.

If you are using Facebook in a web browser, rather than an App, on a desktop or laptop computer, read the extended content for instructions for changing your Facebook password.

This article has extended content.
Continue reading "Securing your Facebook account" »

back to top ^

October 16, 2021

Webhosting Deal Alert!


Do you need web hosting now?
If you have been thinking about getting a website online, you need to first arrange for web hosting with a web hosting provider. If you aren't covered in money (I'm not), Hostgator is offering a 19th birthday celebration sale with 70% Off all new† 12 to 36 month shared web hosting accounts from Monday, October 18, at 12:00 AM CST, through Friday, October 22, at 11:59 PM CST 2021. This offer includes free domain registration, as well as a free Let's Encrypt SSL certificate.*

The same deal applies to people who already have a website hosted with a different provider, who's hosting account is about to expire and come up for renewal. If you simply renew your hosting with your existing provider you may be in for a big surprise. This is because it is customary in the web hosting business model to offer new customers a big discount on the first term, but jack up the rate for renewals. This is the opposite treatment that software companies use where you get a price cut to renew or upgrade to the newest version of a program.

Whether you belong to the first category or the second one, you are going to save big bucks if you take advantage of this very limited time offer.

* A Secure Sockets Layer (SSL) certificate is what allows a web page to be served in the secure HTTPS protocol because it encrypts data going both ways, from a web browser to and from the web server. This insures that any data you type or paste into a contact or card payment form cannot be viewed in readable form by a man in the middle hacker or criminal who might try to intercept traffic on that website.

† This deal only applies to new customers with Hostgator, If you currently have an active Hostgator account you cannot use these links to save on a renewal or upgrade fee.

70% Off Shared Web Hosting now!

If you happen to miss this flash 70% of sale, or simply aren't ready to make a change, here is another link that will save you up to 60% off new† Hostgator hosting packages. Save Up to 60% Off New Hosting + $4.99 on Select Domains with Promo Code 60OFF2017!

Why am I posting this? It is simple. Not only am I a satisfied web hosting customer, I am also an affiliate for Hostgator. If anybody clicks or taps on my image or text links and signs up for a new account, I will earn a very useful commission. If you find this information useful and plan to get or change web hosting soon, why not do it now and take advantage of this money saving offer before it expires?

Hint: if you are a previous customer without an active hosting package with HG you can take advantage of this offer!

back to top ^

June 5, 2021

Domain Registry renewal pitch is back again

June 5, 2021

If you own Internet domain names, like example.com, you should know by now that they have to be renewed after your initial term expires. Some of you got your first year of domain registration for free when you signed up for web hosting. Others may have paid up front to register a domain for multiple years. After that initial term you should have received renewal notices from the domain registrar of hosting company either telling you they were auto-renewing your domain name, or asking you to update your payment information. Those notices would be sent to the email address on file with your domain registrar or web host. Failure to renew a domain will result in any websites tied to it going offline shortly after it expires.

Let's stop at this point so I can define some of the terms I used in the first paragraph. You need to understand what they mean if you own, or want to buy domain names and have online websites.


  • A "Domain" in this context, refers to an digital asset that can be used to point to a website, or other online presence like a file server, database or even a social network.

  • A domain "name" is an alpha-numeric name somebody chooses for use for a website or an online accessible asset. Some companies use domain names on internal networks, but that is not within the context of this article. A domain name has two parts: the prefix and extension. You choose an available prefix then add the available extension. A classic example is "example.com." There are numerous domain extensions, like .com, .net, info, .org, etc.

  • A Domain "Registrar" is a company whose business includes registering domain names and entering them into a world wide database. Unless Registrars are accredited the official licensing body ICANN, they are merely acting as middlemen for someone else who is accredited. Once a domain name is registered and entered into the official registry, it cannot be registered to anybody else unless it expires and is not renewed.

  • A "Website" (a.k.a.: web site), in this context, is an online presence for a domain that has publicly or privately viewable content that is reached over the Internet. For the sake of clarity, I am referring to websites like mine: wizcrafts.net.

  • A "web host, or hosting company" is a business that owns huge numbers of bare metal computers known as "servers" that are housed in climate controlled warehouses. They provide the digital space for their customers to create websites and have them viewable over the Internet.

  • If you are reading this you know what the "Internet" is.

Moving along, last year I wrote a blog article about the Domain Registry (of America) registration renewal scam I got in the mail. Well, I just got another letter from this company, located in Bergen, New Jersey, notifying me that one of my domain names was about to expire and that I needed to renew it quickly to maintain its online presence. The fee they are asking for is $50 for one year or $90 for two years. Those rates are through the roof too high in today's domain registration market! I can renew a .com or .net domain for between $10 and $16 US dollars per year at Domain.com, or Cloudflare.

I went to the new website shown in the letter I got from them and they have dropped the words "of America," but the logo still contains Domain Registry next to a round portion of an American flag. They have a confusing double business name: "Global Internet Ventures: and "Internet Domain Name Services Inc." Nowhere on any of their few web pages is there any mention of them being accredited by ICANN. Any legitimate Registrar will proudly display the ICANN Accredited logo. It appears that Domain Registry, et all, is just a middle man for somebody else. Their exorbitant markup of $50 for registrations and renewals belies the fact they they aren't trying to compete for your business. They are getting sales from the letters they mail out to registered domain owners trying to fool them into transferring to Domain Registry from their existing registrar (which is likely much lower priced in the first place). They are hoping you are too busy to read the fine print or look up who your registrar is and you will pay them through the nose for the privilege of being bent over by DROA.

There is a funny twist to this story. It so happens that the domain name they wanted me to pay $50 to renew before it expires is already expired! It isn't assigned to me or anybody else. It went to the bit bucket in the sky! So much for doing their homework!

Now that you know the facts, if you own a domain that is coming up for renewal and wonder if you are paying too much, check out my Registrar: Domain.com. As for web hosting, I currently use InMotion Hosting.

I may receive a commission on sales generated through my affiliate links. This isn't a bad thing! It is a way to survive in a big dog little dog world.

Here's a heads up! No matter how many years you register your domains for at a time, it is imperative that you periodically login to the place where they are registered and make sure that your contact info and email address is up to date. A lot of people lose their domain names because they failed to update their email address and didn't receive the notice that the renewal time was approaching. Credit and debit cards usually expire in 3 years. If you took a 5 or 10 year domain registration up front, your card on file may be outdated. If you don't receive the email notices you will lose your domain when the due date passes without payment. If you don't know or remember who the Registrar is you can find out by doing a "Whois" lookup on the domain name (e.g., example.com)

Finally, if you are new to all this and have a website that needs work, consider me as your Webmaster. See my Webmaster Services page for more details.

Thanks for your time.

back to top ^

September 3, 2020

Return of the Domain Registry renewal notice sales pitch

September 3, 2020

A few days ago I got a letter in the mail, addressed to "Domain Owner," from an outfit calling themselves Domain Registry, with a return address of 924 Bergen Ave, Suite #289, Jersey City, NJ 07306-3018. The address also contained one of my registered domain names.

The envelope boldly proclaimed the following, in bold blue and red type: "Renewal Information Enclosed - OPEN IMMEDIATELY." Inside I found a letter with large bold type warning me that "Domain Name Expiration Notice." The letter told me that the named domain was due to expire in a couple months and that I needed to renew it to maintain my exclusive rights to it and my "online identity." The letter informed me that I could conveniently transfer the expiring domain to Domain Registry to save money with their "best savings" prices. Those prices were $50 for 1 year, $90 for 2 years and $190 for 5 years registration. It went on to offer the two optional domain name extensions: .net and .org, both listed for $90 for 2 years.

Domain owners who have had domains for a long time will remember getting these same scams from Domain Registry Of America. This is the same outfit just using a truncated business name. Further, their website url has changed to giv.com, which is short for Global Internet Ventures.

This article has extended content.
Continue reading "Return of the Domain Registry renewal notice sales pitch" »

back to top ^

Blog Links

Sponsored Message

I recommend Malwarebytes to protect your computers and Android devices from malicious code attacks. Malwarebytes detects and blocks spyware, viruses and ransomware, as well as rootkits. It removes malware from an already infected device. Get an 18 month subscription to Malwarebytes here.

If you're a fan of Robert Jordan's novels, you can buy boxed sets of The Wheel Of Time, here.

As an Amazon and Google Associate, I earn commissions from qualifying purchases.


CIDR to IPv4 Address Range Utility Tool | IPAddressGuide
CIDR to IPv4 Conversion



About the author
Wiz FeinbergWiz's Blog is written by Bob "Wiz" Feinberg, an experienced freelance computer consultant, troubleshooter and webmaster. Wiz's specialty is in computer and website security. Wizcrafts Computer Services was established in 1996.

I produce this blog and website at my own expense. If you find this information valuable please consider making a donation via PayPal.

Follow @Wizcrafts on Twitter, where I post short updates on security issues, spam trends and things that just eat at my craw.

Follow Wizcrafts on Twitter







Creative Commons License This weblog is licensed under a Creative Commons License.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.

Powered by Movable Type

(back to top)