 ICQ Rumors 131 - 138 If you're looking for the latest rumors floating around on ICQ, then you have come to the right place, netizen! Note: If you were sent the URL to this page, you should go to http://diamond-back.com/icqlies.html to see the full selection of pages available and to check for updates to the ICQ Lies site.
E-mail is also the best way to contact me if you have a question or suggestion (criticism, complaints and nastygrams should be sent to devnull@diamond-back.com... hee hee). My ICQ list has grown large and unmanageable, so please don't send an authorization request until we get acquainted through e-mail (the fact is, I don't spend much time on ICQ when I'm working on other stuff, which is most of the time). I try to answer every letter I receive, but that's not always possible and I get a little behind sometimes. When I'm involved with designing a commercial web site (my profession), it could be weeks (months?) before I catch-up on the mail or update these pages. But they do get updated, as long as there are rumors on ICQ there will be an ICQ Lies section. That's a promise. One last thing... I get a lot of tech support requests. Sometimes I can help, more often I can't. I don't work for AOL/ICQ, I can't recover lost or stolen passwords and I can't fix something that may be broken in their software. Most of the time I can only respond with information anyone could find at the ICQ Help Center. Before you write to me, please try support@icq.com... they may be slow to answer but they usually do try to help.
Whether it's in English or German, a rumor is a gerücht. And even in 2005, this rumor as about as old as they get. As long as there are a multitude of free messaging services available, ICQ (and all the rest) will be in not position to charge for their service. And even if they thought the unthinkable and decided to start charging, forwarding a message to 18, or 1800, people is not going to change their minds... or turn your flower blue. But by now I think most people realize that. (R138)
UNICEF does a lot of good work feeding, immunizing, educating and helping to prevent AIDS in children around the world. However, if you wish to help them you'll need to click here to support them because forwarding ICQ messages doesn't do a thing. And if you do make a donation to UNICEF, buy yourself a blue flower, because you'll deserve one. (R137)
Fasten your seat belts, we're about to take a little trip down Sleazy Marketing Avenue. First stop, the URL in the above message, where we are greeted by a banner ad for a porn website and a repeat of the "YOU'RE IN TROUBLE!" admonishment.  Not too surprisingly, this sophomoric pronouncement is followed by an equally childish prank of displaying the contents of the visitor's C: drive. It's an old trick, but contrary to the statement that "EVERYBODY can see it!!!", the information is only viewable from the visitor's computer, not from the website. You can see an example of this trick in the commentary for Rumor 21. If it ended here then we could dismiss the whole thing as a prank, but the trip doesn't end here. After a few seconds, the visitor is forwarded to the "Evidence Eliminator" website where one of several ominous sounding webpages will be displayed... Example 1:
Example 2:
OMG! Is my Internet Provider (who happens to be BellSouth) really providing all this "evidence" about me? How else could anyone know all this information about my computer and browser??? The answer is simple, web browsers send all that info every time they request a page... it's standard operating procedure and nothing that should be of much concern to anyone. In fact, website designers such as myself often use this info to create dynamic pages which are automatically adjusted for best display in the most popular browsers. Your Internet Service Provider can be determined by doing a look-up of your IP address, and your IP address must be sent so the website knows where to send the page you are requesting (think of it as writing a letter to someone and asking that they respond with some information, you have to include a "return address" if you expect to receive anything from them... on the Internet, your IP is your return address). The info can also be logged to keep track of how visitors find a website and where they are located. That doesn't mean that I "know who you are" or what's on your hard drive, as these messages from the sneaky folks at "Evidence Eliminator" would like you to believe. In other words, there is no "Authorized Investigation In Progress," this is a COMPLETE LIE being used to scare people into buying this company's dubious product. And what is this product? "Evidence Eliminator" is nothing more than a "disk-wipe utility" with a few bells and whistles for eliminating browser files. There are free programs available which will perform exactly the same tasks. In contrast, the developer of "Evidence Eliminator" (Robin Hood Software Ltd., who, in my opinion is robbing from everyone and giving to themselves) sells their program for (US) $150.00! Why so much? Probably because they are willing to split the loot with their "affiliates" who help peddle this sleaze-ware. That's the most likely reason for the ICQ message that's making the rounds, it appears to be coming from an affiliate who first uses the old "C: drive" trick and then forwards to "Robin Hood's" website for some additional scare tactics (their affiliate number is stored in a cookie so they can be credited with any sales). Other affiliates have been known to launch massive e-mail and UseNet spam campaigns... but I guess that is to be expected. If all the trickery and over-priced software wasn't enough, the "Evidence Eliminator" website has a "Consumer Scam Alert" warning of "false advertising" which has "duped many consumers into buying worthless imitation software." Imagine that, the scammers have issued a scam alert so their competition won't dupe the consumers they are trying to dupe. Kind of like a mugger telling you to look out for the shady character down the block while he runs his hands though your pockets. And to answer their critics, they have set-up a "Dis-Information Center" where they counter the (mostly mis-quoted) claims of their detractors. I guess Internet.com and Wired are all part of the grand conspiracy against them... I wonder if ICQ Lies will make the grade? *g* On a final note, if you really have some sensitive information stored on your computer which you would like to protect, "Evidence Eliminator" is not the software you need, a good data encryption program would serve you much better. Despite all the hype on their website, the only real use I can see for a program like "Evidence Eliminator" is to quickly delete illegal files such as child porn or terrorist plans... law abiding people really shouldn't have any "evidence" which they need to "eliminate." But I did say we were going to take a trip down Sleazy Marketing Avenue and that's where we are... a sleazy ICQ message which leads to a sleazy product most likely to be used by the biggest sleazes of all. Note to "Robin Hood": I don't really care whether your product does everything it claims to do, that isn't the issue. I also don't care to debate whether you encourage spammers, they really don't need much encouragement. Nor do I support any of your competitors, I have no need of their warez or would want to do business with or for them. And I'm not writing this for publicity... I get all I need from my site's visitors. It's the examples above that I object to... you are taking advantage of people who lack the technical knowledge to understand how the Internet works and attempting to convince them that they are being "investigated" and that their service providers are somehow leaking confidential information about them... all to sell your product. But I really don't expect to be hearing from you now that the Federal Trade Commission is checking into your marketing practices, I suspect you'll have bigger troubles on your plate, mate. For more information on these sleazoids, please see: Wired: Ads Play to Users' Privacy Fears Eric Lee Green's Consumer Warning: Robin Hood Software (Love the new domain name, Eric.) Response to Andy@Evidence-Eliminator.com (R136) | |||||||||||||||||||||||||||
ICQ Rumor #135
|
This one is neither a hoax nor an ICQ message, rather it's an e-mail scam dressed-up to look like an official ICQ request for a user's UIN and password. I've included it here because it is probably the slickest ICQ related "lie" of 2001. There have been several variations, the alternate text of one is even more believable:
At first glance everything appears to be in order, the links at the bottom all lead to ICQ webpages, the "Mirabilis Flower" graphic is displayed in some versions and, most convincing of all, the "from" address is "support@icq.com." For some recipients of these e-mails, this was all the "proof" they needed and dutifully filled out the form and sent their information to "ICQ." Or did they? Unfortunately, their UINs and passwords were sent to low-life, thieving, "UIN hijackers" who quickly logged into the victim's account and changed the password. Sometimes the victims would be contacted and given an offer to "buy back" their UIN, other times the victims were ridiculed and intimidated... but rarely were the accounts returned to their rightful owners. While some people could dismiss the theft of a UIN as a minor annoyance and simply sign-up for a new one, for others it meant losing a long held number and having to rebuild a sizable contact list. In either case, this is a very mean-spirited trick and I have nothing but contempt for the jerks who perpetrate it. So how is it done? Well, the official looking formatting and graphic were probably copied from ICQ's website and pasted into the HTML contained in the e-mail... really quite easy to do. The "from" address was spoofed, again it is quite easy to enter any e-mail address to appear in the "from" field. To see where an e-mail truly originated from, the "headers" need to be inspected, this would have usually reveled the true origin to be a free e-mail service... or anyplace other than ICQ.com. This is the reason why the alternate text admonishes the victim not to "reply to this mail"... such replies would in fact be sent to "support@icq.com." But the form data is a different story. When the UIN and password fields are filled out and the "Send" button pressed, the data would be sent to the location specified by the form's "action field," which is not displayed on the screen but can be seen by viewing the "source code" of the e-mail. Note: I've altered the form that appears on this page to send the data to a "dummy page" that only displays the information. In the original forms, the data was being submitted to a variety of websites where the data was processed and then forwarded by e-mail to the final recipient (ie. the thief). In some cases the "go between" websites were services such as BraveNet and MSN (note BraveNet and MSN weren't willing "partners in crime," their form processing services were being abused). Several of the most common destination websites were registered to people who listed Istanbul, Turkey in their domain name records. This common thread, along with the similarities of the various e-mails, leads me to suspect that there is probably more than one person involved with this scheme and that it may be operating out of Turkey. I doubt these are "government controlled" sites, more likely they belong to creeps who think they are pretty clever because they can trick less knowledgeable people into falling for their nasty little game. I wouldn't even call them "hackers"... more like "CyberThugs" who abuse what little skill they possess to cause anguish to innocent people. However, I don't wish to give the impression that Turkey is being singled out for this kind of activity. From the reports I've heard, along with a survey of stolen UINs over the past few years, it would appear that "hacking for profit" is becoming a cottage industry in Russia. But I'd rather not get into a Geo-Political debate with my visitors, instead I invite you to read Wired's news report or simply do a search on Google for "Russian Hackers" and decide for yourself. So the final question is, "What can we do about this?" The only answer I can give is to be aware of "fraudulent forms" and never reveal your password to anyone. ICQ will not ask you for it, so anyone claiming to be "ICQ" is lying to you... no matter how convincingly the lie is packaged. If you do lose your password, don't count on ICQ tech support to be able to recover it for you, they have limited resources and would have to first determine that the lost account really belonged to you (least they unwittingly help someone steal a UIN). Most likely you would be advised to sign-up for a new UIN, they are free and it doesn't take long, though for many people this is unsatisfactory and tantamount to acquiescing to the criminals. With this scam, the proverbial "ounce of prevention" is truly worth a "pound of cure." The creeps lose every time someone is too wise to click that "send" button. So don't let yourself be a victim and help educate your friends, particularly those who are "new to the net" by explaining how these scams work... or just send them to this page and I'll do it for you. (R135)
Sommer? When is that, after Sprong and Wonter? And what's with the vote, are we going to elect a new server that doesn't take "sommer" vacations? If so, I hope the votes aren't going to be counted in Florida, we may never know which server won. Actually, it wouldn't matter anyway because ICQ's servers are not elected entities, they are part of a service offered by AOL/Time-Warner... and the only people with a vote that matters are the company's board of directors and stockholders. (R134)
Just when you think you've heard it all... what's next? Forward a message and you'll have pearly white teeth and a new Mercedes? This is yet another prank message designed to play on ignorance and fear. There is no virus in ICQ and even if there were, forwarding a message certainly wouldn't "clear it." If you're worried about viruses, try installing virus scanning software... doesn't that make more sense? (R133)
Later on I'll explain why these types of warnings are usually smear campaigns and why you shouldn't have anything to do with them. For now, consider this: the message implies the a certain user is spreading a "very bad virus" (as opposed to a "very good virus?") and that this information comes from ICQ and is to be forwarded to all. Well, if "ICQ" already knows this user is spreading a virus, why wouldn't they just close her account rather than asking some moron to forward a poorly worded warning to millions of people? It's all a matter of logic, my dear Watson. (R132)
Now class, what have we all learned about filling out online forms asking for confidential information (such as your password and perhaps credit card info as well)? All together now... "We tell the person asking us to fill out the form to go straight to..." YES, that's correct! Now the page where this form resided has been taken down, but you can be sure it will pop-up somewhere else in due time. BTW, notice the "cbj.net" in the URL up there? CBJ is a redirection service, it's nice for people who don't wish to pay for a "real" domain name. Generally speaking, a multi-billion dollar corporation such as AOL/Time-Warner can afford to outright purchase a domain name, the 15 or so dollars a year is well within their budget. So when you see something like "www.aolfeatures.cjb.net" which uses a redirection or a free hosting service, you can be quite certain it doesn't belong to the "real" AOL. (R131)
If you would like to link to this site you welcome to use any of the link banners on the main ICQ Lies page. You may e-mail me at webmaster@diamond-back.com (Please don't send ICQ authorization requests.) Or tell the world what you think of ICQ Lies by Signing my Guestbook (The Last Word) Subscribe (or Unsubscribe) to the ICQ Lies Update Newsletter If you would like to receive occasional updates about the latest rumors floating around on ICQ, enter your e-mail address in the box and press Send. All info will be kept confidential. (Click here to view our privacy statement.)
Thomas Robert Pasawicz aka DiamondBack All Rights Reserved http://diamond-back.com |
