Author Topic: Fanbox is a hoax, I got caught (Read 9731 times)

jcarter · « **on:** September 24, 2011, 09:31:14 AM »

I got an email from a friend, and here is what it looks like, see screenshot.
He just got back from a trip and said he might put some photos up, thats what fooled me.
I clicked upon "Launch", and that was the trigger, which created a $9.99 charge on my iPhone AT&T bill from Fanbox!
Got it taken off, but he said that other friends of his had the same thing happen.
He has no idea where Fanbox came from, nor how they managed to get his name and email, and worse of all, the emails of his friends.
http://www.infobeatmail.com/someone-named-...ing-for-anwers/
This sort of explains what happened to him.
Jane

Xairbusdriver · « **Reply #1 on:** September 24, 2011, 12:00:11 PM »

So, you clicked on a link in an email?

Why?And the email was from a "friend?"

How did you know that?This is not a "hoax" (which can sometimes be humorous) it's a Scam (an intentional attempt to fool and defraud). Not much different than a Trojan (hiding the true purpose of a 'gift').

It's the unfortunately natural result of clicking links in emails. Been discussed numerous times here and elsewhere.

Known (and foolproof) prevention rules:

Paddy · « **Reply #2 on:** September 24, 2011, 12:59:13 PM »

More info: http://www.consumerfraudreporting.org/FanboxScam2.php

jcarter · « **Reply #3 on:** September 24, 2011, 02:16:18 PM »

Why I clicked upon it? Was that he told me while I was walking Lilly by his house the previous day, that he was sending me some pictures from an album site that he had just uploaded.

Then when I told him about what happened, a day afterwards walking down our street, he said that he had heard from others. If it hadnt been for him telling me about pictures coming, I would certainly never have clicked upon that thing.
It has not affected my computer, just the 10 dollar charge on the iPhone bill which was easily fixed.

I have also heard that you dont actually have to click on some of these things, you can just MOUSE OVER a link and you will get snared.

And these horrid robo-calls telling people that their credit accounts need updating are coming in to our phone once in a while now, I guess they are exempt from the 'Do not call' lists. Or ignore them?

I am tired of all this junk, there was even an article in our local paper about an elderly person getting caught up in one of these phone things.

Also thanks for that link, there sure is plenty of info in this nasty Fanbox thing.

Xairbusdriver · « **Reply #4 on:** September 24, 2011, 04:58:59 PM »

OK, so he told you he was sending you an email. The question remains; how did you know it was from him? How do you know his email address book is secure? How do you know his Windows machine (and I'm willing to bet that's what he uses) has security software installed and that it is be used? Simple questions, but without answers you have no way of knowing what a link will do much less where the message came from.

Bottom line: If you click a link in an email, you and only you are responsible for the consequences. As Nike doesn't say: Just don't do it!

Now, as for the monetary charge, how did they get that info if all you did was click the "launch" button? I assume that it opened your default browser (Safari?). Do you allow Safari to auto-fill forms?!

Or did you also supply that info, yourself?

I've seen no proof that mousing over a link has any effect other than the html, client-side action of changing the display. No info is sent to the server by that action, it's simply a CSS property assignment to the hover pseudo element. Of course, if the link is actually hidden in a graphic, your computer has already sent a message to the server to download it and some damage has already occurred; they don't have your financial/personal data but they certainly know your addy is valid and you allow downloading images.

jcarter · « **Reply #5 on:** September 24, 2011, 08:05:50 PM »

Yes, he has a PC, and I doubt that his address book is secure.

So when I clicked upon that link in the screenshot, it sent me that charge on my iPhone account. I realized that it looked a bit fishy, and deleted the email, and told him about it the next day. He knew that something bad was happening.

I really dont know how my email address came up and how my account got charged, darn glad it was an email address that I dont use often.
And that the charge was easily cleared.
From what I can figure out, I didnt supply any info besides the email address, all I did was click on that button, and then deleted the whole thing. Nothing else came up, nor was anything compromised on my Mac.

This is so nasty! I certainly was fooled and he was too. When you walk down your tiny back road and a friend says that he has uploaded pictures and you get an email that looks like its from him, and you get bombed by Fanbox, which is a name that sounds pretty much like Facebook, it makes us a lot more paranoid about the net and the troubles that lurk.

Thank god we use Macs! And that we have people like you who can explain this insidious stuff and how it works.
I would NEVER EVER use my little Dell on the internet, except for the classroom page and a couple other sites that I know are OK.
Jane

jcarter · « **Reply #6 on:** September 24, 2011, 08:16:08 PM »

To explain what happened about the mouse over thing,
I ordered some flannel shirts from a company named Haband.
And when I saw a link that said "free shipping", I moused over it. But did not click upon it.
Several months later I saw a charge on my credit card account that said "Haband Perks".
I was quite upset, so I Googled it, and yes it had happened to many many other people who had ordered from them and had not used the free shipping, as that link looked odd.
I called my credit card co. and they said I had 'joined a club' by mousing over that free shipping thing.
And they got rid of the charges.
They said NEVER use Haband company on the net, if you wanted to order something from them, use the PHONE only, as they cant slime you if you phone in your order.
So I found on the net info about this company that was the 'CLUB' and they had done this to people who had ordered flowers as well. I took the time and effort to find the phone of Haband company and worked up thru the food chain and told them what they did, and they would never get another order from any of my large family and friends.,
I got a sincere apology and they said that this was a way that they were making money.
I told them that this was a very slimy way to increase their income and their company used to be a great place to order work clothes and inexpensive mens clothing.
They were upset that I had taken the time to pursue this, and said that they would change their ways as they had lost many loyal customers by this 'club' thing.
Sorry for the long post, but I had written this all down when it happened.

Forgot to say, that you probably have hit on the explanation, a hidden graphic under that innocuous free shipping button. It happened to other people too.

Paddy · « **Reply #7 on:** September 24, 2011, 08:47:55 PM »

And more on Fanbox: http://www.allspammedup.com/2009/08/fanbox...embers-to-spam/

Jane, did you receive and look at this message on your iPhone? If so, it looks to me like it's a "short-code message" - and yes, it appears you get charged for those. I still don't understand all the ins and outs of it, but it's clear that Fanbox is a very slimy company!

jcarter · « **Reply #8 on:** September 25, 2011, 07:26:16 AM »

Yes, I did receive it on my iPhone, but didnt look or click on it. I just run thru messages on the iPhone and delete all except from family.
But it must have triggered this by just being there on the iPhone.
I never got far enough on the Mac to see anything about joining or giving info to Fanbox. When I realized that my friend's email had been compromised, I knew it was fake. He was livid.
Ive never gotten another one thank goodness, so perhaps he was able to get rid of the whole mess.
The link you sent has exactly what happened to him.

He is thinking of getting a Mac this winter and if so, I will hook him up with you people here. He goes to Nigeria, Tajikistan, and Kuala Lumpur on business a lot, so I hope to talk him into getting a Mac before he leaves for the winter. And he wants for me to set up an account on Pbase.com for his pictures, he hates Facebook.
Thank you for the info, he can come over here when he gets home and read the links that youve supplied me with.

jcarter · « **Reply #9 on:** September 25, 2011, 07:33:46 AM »

Here is another one, of course I didnt click on anything, just deleted it.
This person who sent it, has no clue about computers, she is somebody I met when I was giving away books on our local free-cycle site. I did get a normal email from her way back after I mailed the books to her. So looks like she got scammed by something too, also a PC user. Its not even her correct email.
Let me know if you think this is another thing like Fanbox,
Screenshot,

Jack W · « **Reply #10 on:** September 25, 2011, 09:23:41 AM »

QUOTE(jcarter @ Sep 25 2011, 08:33 AM) <{POST_SNAPBACK}>

Here is another one, of course I didnt click on anything, just deleted it.
This person who sent it, has no clue about computers, she is somebody I met when I was giving away books on our local free-cycle site. I did get a normal email from her way back after I mailed the books to her. So looks like she got scammed by something too, also a PC user. Its not even her correct email.
Let me know if you think this is another thing like Fanbox,
Screenshot,

If that one isn't, then there's no such thing.
IMHO

Jack

Xairbusdriver · « **Reply #11 on:** September 25, 2011, 04:05:27 PM »

Be very suspicious of any link that has a "?" in it. It will almost certainly have more text after that "?" which is data it is sending to the sender's server. You will usually be able to see and read most of that data. But there is not normally a good reason to use that unless you know what the site/company is and why they need the info they are sending. It can be used to allow the company/site to send you to a different page that will already know who you are or to include a unique code that will give you a discount or other helpful things.

But you should always be given such 'codes' (and even a URL) in plain text in that email, also. Then, use your bookmarks to send your browser to the site and look of the place you can use that code. If the company forces you to use an email link, tell them you don't appreciate that lack of respect for your security and will no longer be doing business with them. And let them know you'll be reporting their lack of customer respect to all your friends. Don't put up with being abused by companies that don't care about your security.

However, when you can read the thing and plainly see a reference to a completely different web site (http://work22home.net/esub/bizopp_mainphp), why on God's green earth would anyone click it, EVEN IF IT WAS NOT IN AN EMAIL?!!!

Just stop clicking on email links. Anywhere. Never do it. Period. Please...

Nor do I believe that simply seeing a list of emails on an iPhone will do anything. Viewing the actual message, even a part of it, WILL download any graphics, visible or not, of course. That will send a message back to the server, just like it does on an email app on any computer. On the iPhone, there is a "Load Remote Images" switch in the "Mail, Contacts, Calendar" settings. That should be turned OFF. It will not only prevent these messages being sent back but it will increase battery life! Do it. Now!

jcarter · « **Reply #12 on:** September 25, 2011, 07:46:06 PM »

Havent clicked on anything except that one doggone message from Fanbox. I just delete all the others. Tis the only time Ive gotten hit by any of those.
Except for that mouseover thing with the Haband company last year, that was really slimy.

Its very interesting to look at the code and see how you have explained how this tricky stuff works. Im not great at code yet, but I am learning.

I do already have "Load Remote Images" turned off on the iPhone.

Ive not had a problem with a company sending troublesome email links. Like you say, I have the companies I do business with all in my bookmarks, like LLBean and more.
No trouble with those great companies.
I get sales info in emails from Cabelas and Lands End, and a few others, but not a single problem with any of them.
Jane

kcourt · « **Reply #13 on:** September 26, 2011, 11:00:51 PM »

Well, I got caught too. The fanbox I received was from a friend who was in England for a year. She said she was sending some photos, so when I got it, I didn't think twice and clicked on "launch". I didn't give any name, etc. but I suppose I will have a charge also.

Funny thing is I know better. It happened so fast. I learned my lesson.

Kathy

jcarter · « **Reply #14 on:** September 27, 2011, 06:59:19 AM »

Yes, thats why it happened so quickly to me, he told me just the day or so before about his new pictures, as I was walking our dog by his house on our road.
Fanbox had his name and email and some mutual friends correctly, so I thought it was legit.

News:

Author Topic: Fanbox is a hoax, I got caught (Read 9731 times)