Offshore Outsourcing & Scammer

Cybercriminals in Japan are focusing on iPhone clients with an online trick that deceives them into introducing a malevolent application when they endeavor to view porn features.

This sort of assault, known as a single tick extortion, is not new and has been utilized for quite a long time against Windows, Mac and Android clients. On the other hand, what's fascinating in this specific case is that it works even against non-jailbroken iPhones. 

Apple firmly controls how iOS applications are circulated to clients by constraining engineers to distribute them on the authority App Store where they are liable to Apple's audit strategies. Then again, there are exemptions to this standard as unique advancement programs for which members need to pay additional. 

All the more ON CSO: Mobile Security Survival Guide 

One such program is known as the iOS Developer Program and has a yearly participation expense of US$99. Designers enlisted in this system can appropriate applications over the air, outside of the authority App Store, yet there are a few limitations. They can just appropriate applications in this way to 100 gadgets for each year and the special IDs (UDID) of those gadgets should be enlisted ahead of time. 

Another project that is more adaptable, additionally more lavish, is known as the iOS Developer Enterprise Program. It is proposed for organizations who add to their own applications and need to introduce them on their workers' iOS gadgets without distributed them on the App Store. Interest in this system costs US$299 every year. 

Scientists from antivirus seller Symantec accept that Japanese cybercriminals are misusing the iOS Developer Enterprise Program in their most recent a single tick misrepresentation crusade, despite the fact that they don't have affirmation yet. 

"They could have either applied for membership on their own or compromised someone else's account," the specialists said Tuesday in a blog entry. 

Both those potential outcomes are awful. In the event that assailants petitioned participation, it would imply that the US$299 cost is no more a sufficiently high hindrance for them. The length of they can contaminate a vast countless rapidly and benefit from them, its justified, despite all the trouble for assailants to pay that passage value regardless of the fact that Apple will probably repudiate their designer ID when the assault is found. 

On the off chance that they utilized a bargained record, that may move others to do likewise. That would be awful news for organizations in light of the fact that interest for stolen designer records enlisted in the iOS Developer Enterprise Program would become on the secret business. 

The maverick application utilized as a part of this extortion battle obliges client affirmation before its introduced. On the off chance that that is acquired, the application will guarantee that the client has subscribed to a grown-up feature site and needs to pay 99,000 Japanese yen (just about $800) over the course of the following three days, or the cost will go up to 300,000 yen ($2,400). 

It's anything but difficult to perceive how that can be productive. On the off chance that a solitary casualty pays $800, the aggressors as of now profit paid for selecting in the iOS Developer Enterprise Program, in addition to a $500 benefit.

The people, which need tech support for their gadgets, are normally going to the shop where they bought it and ask for help. I really don't know how a tech support agent can give phone support for iPhone & iPad without having the device in front of me. Anyway if we take a look at the forwarded email, we see already that the provided links in the signature are not fitting to the description, While the provided sender email address priyeshrao@live.com is fitting with the description in the signature is the link of the email address leading to aniket@vertualpchelp.us. The written homepage in the signature is www.vertualpchelp.us and the link leads to www.virtualpchelp.com.

More interesting is where the calls come from? The calls are not coming from the sites www.vertualpchelp.us or www.vertualpchelp.com. Both sites are a big secret in the World Wide Web. No links are leading to these sites. Alexa has even not enough data for give a ranking for the site www.vertualpchelp.com. www.vertualpchelp.us has a Alexa ranking of 3,360,215. If I compare the site with my blog, then I have a much better ranking (actual ranking: 236,696). My blog has only around 300 unique visitors per day. From where the calls which are getting sold can come in this case?

At the website www.vertualpchelp.us we see the following addresses:

Address (U.S.A)
3422 SW 15 Street Suite #8696 Deerfield Beach, FL 33442
Phone: 813-602-5624
Fax: 813-436-8789

Address (India - Head Office):
101, Laxman Mhatre Rd., Dhaisar West, Mumbai - Maharashtra 400068
Phone: 750-647-9626

---------- Forwarded message ----------
From: Priyesh Rao <priyeshrao@live.com>
Subject: iPhone & iPad Tech Inbound Calls!
To: 

Hello!

Greetings!

The updated details of the process.

iPhone & iPad Tech Inbound Calls!

Calls will be from :

USA & CANADA Customers

Pricing :

50 calls - Rs. 500/- Per call
51 - 100 calls - Rs. 450/- Per call
101 - 200 calls - Rs. 400/- Per call

Timings :

8 PM - 3 AM (IST)

Days of Work :

Monday - Friday

How to Start :

Extensions will be provided to avoid wastage of calls & error's in report.

Minimum extensions to be taken - 3

Price per extension - Rs. 3200/- Per Month

Training Charges:

Training & Support, if required for 3 days. (Rs. 5000 + 12.36%), Rs. 1000 additional per day. 
Center has to take care of the return Flight tickets, Accommodation & Food, if out of Mumbai.

Note: No free test calls will be given, Pricing is not for Negotiation. Minimum calls to buy - 50 calls only.


Mr. Priyesh A. Rao


Mobile : +91 845-498-5591
Business : +91 845-498-5591
Skype : priyesharao
Email  : priyeshrao@live.com
Site : www.vertualpchelp.us


Disclaimer :
This message contains confidential information and is intended for [Recipient]. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. 

Domain registry data of vertualpchelp.us:

Domain Name: VERTUALPCHELP.US
Registry Domain ID: D45990637-US
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2014-12-19T23:27:41Z
Creation Date: 2014-07-15T17:45:36Z
Registrar Registration Expiration Date: 2015-07-14T23:59:59Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: CR172412827
Registrant Name: OMTechnosoft Services
Registrant Organization: OM Technosoft Services Co.
Registrant Street: 11711 N 50TH
Registrant City: TAMPA
Registrant State/Province: Florida
Registrant Postal Code: 33617
Registrant Country: United States
Registrant Phone: +1.8447447700
Registrant Phone Ext:
Registrant Fax: +1.8138082789
Registrant Fax Ext:
Registrant Email: om@omtechnosoft.com
Registry Admin ID: CR172412829
Admin Name: OMTechnosoft Services
Admin Organization: OM Technosoft Services Co.
Admin Street: 11711 N 50TH
Admin City: TAMPA
Admin State/Province: Florida
Admin Postal Code: 33617
Admin Country: United States
Admin Phone: +1.8447447700
Admin Phone Ext:
Admin Fax: +1.8138082789
Admin Fax Ext:
Admin Email: om@omtechnosoft.com
Registry Tech ID: CR172412828
Tech Name: OMTechnosoft Services
Tech Organization: OM Technosoft Services Co.
Tech Street: 11711 N 50TH
Tech City: TAMPA
Tech State/Province: Florida
Tech Postal Code: 33617
Tech Country: United States
Tech Phone: +1.8447447700
Tech Phone Ext:
Tech Fax: +1.8138082789
Tech Fax Ext:
Tech Email: om@omtechnosoft.com
Name Server: NS6005.HOSTGATOR.COM
Name Server: NS6006.HOSTGATOR.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2015-05-25T8:00:00Z <<<

Alexa ranking or vertualpchelp.us:

Domain registry data of vertualpchelp.com:

Domain Name: VERTUALPCHELP.COM
Registry Domain ID: 1866989523_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2014-07-15T17:45:46Z
Creation Date: 2014-07-15T17:45:46Z
Registrar Registration Expiration Date: 2015-07-15T17:45:46Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: 
Registrant Name: OMTechnosoft Services
Registrant Organization: OM Technosoft Services Co.
Registrant Street: 11711 N 50TH
Registrant City: TAMPA
Registrant State/Province: Florida
Registrant Postal Code: 33617
Registrant Country: United States
Registrant Phone: +1.8447447700
Registrant Phone Ext:
Registrant Fax: +1.8138082789
Registrant Fax Ext:
Registrant Email: om@omtechnosoft.com
Registry Admin ID: 
Admin Name: OMTechnosoft Services
Admin Organization: OM Technosoft Services Co.
Admin Street: 11711 N 50TH
Admin City: TAMPA
Admin State/Province: Florida
Admin Postal Code: 33617
Admin Country: United States
Admin Phone: +1.8447447700
Admin Phone Ext:
Admin Fax: +1.8138082789
Admin Fax Ext:
Admin Email: om@omtechnosoft.com
Registry Tech ID: 
Tech Name: OMTechnosoft Services
Tech Organization: OM Technosoft Services Co.
Tech Street: 11711 N 50TH
Tech City: TAMPA
Tech State/Province: Florida
Tech Postal Code: 33617
Tech Country: United States
Tech Phone: +1.8447447700
Tech Phone Ext:
Tech Fax: +1.8138082789
Tech Fax Ext:
Tech Email: om@omtechnosoft.com
Name Server: NS6005.HOSTGATOR.COM
Name Server: NS6006.HOSTGATOR.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2015-05-25T8:00:00Z <<<

Alexa ranking for vertualpchelp.com:

Update Jan. 18, 2017: Link to www.vertualpchelp.com removed as the domain no longer exists.

Why did we still do not have easy-to-use end-to-end encryption? The standard answer is far too complicated! But this is nonsense; Apple shows how to make it simple.

The technical challenges for true end-to-end encryption are solved for many years. In principle, one could make the simple. With it would be sure not just anybody can easily read along our private and business communications.

Nevertheless, emails, chats and phone calls are still almost always in plain text. They are secured for transport (SSL / TLS), but at least, the service provider can read everything and often does. This course also various other interested parties that attach to help him, the contents of confidential messages.

At this point I always hear, end-to-end encryption is still far too complicated. Alone to generate key, not to mention the checking and signing - end users don’t like do that. In fact, I'll never get anyone to use PGP. Nevertheless, the argument is simply wrong.

Because there is already end-to-end encryption, which is so simple that they use many millions of users and do not even know this: Apple's iMessage encrypts any message with a key that is only known by the recipient. Not Apple, not the network operator and not the NSA. And the highlight: Thanks to Apple's iMessage is a sophisticated design that not a bit more complicated than traditional SMS. Each iPhone owners use it easily and has not to worry about the encryption. The encryption is just there.

This one who wants to read along these messages has to attack this encryption. This also applies to Apple or someone standing there with a National Security Letter at the door. In practice this means: It is not enough that Apple or engage NSAs to the appropriate server to write there the plaintext with, as would be the case with Google, Skype and almost all other services. Instead, Apple would have to actively engage in communication and distribute counterfeit keys.

Of course, experts will argue that Apple does not satisfy the pure doctrine and the user himself has no control over his keys. Specifically, the system is not hedged against the fact that Apple itself eventually distributed as "Man in the Middle" wrong keys. But these are details that go past the actual heart of the matter. It can get improved without much effort. (The ignorance and arrogance of Apple is typical and with that the refuse demands for such extensions and perhaps the other side of the coin is that Apple like no other company can create easy-to-use products). Is crucial, however, Apple is the only major manufacturer and service provider offering such end-to-end encryption at all.

The real question is: Why does Google's Android has no a similar function and nourishes us with Hangouts without proper encryption? I seriously doubt that Google no one has come up with this idea or that technological pioneer in so many areas that could not be implemented just as elegant as Apple; Moxie Marlinspike shows with TextSecure how this might look like. There is only one plausible explanation for why Google has nothing to offer in this respect:

Easy to use end-to-end encryption is undesirable.

There is strong political interest to be able to read the communication of all Internet users at any time without much effort. We can only speculate as large as the pressure is exerted by politicians and authorities on the Group. But much harder probably weighs Google own economic interest: With functioning end-to-end encryption, Google would torpedo his own business model. This is in fact based on that the Group can read and analyze our data - and then to present, inter alia for suitable advertising. This of course applies equally to Facebook; so you can write off any hopes about WhatsApp.

Apple, however, earns his money is still with the sale of equipment and Commissions from business apps and content. And they deserve it obviously so good that they - unlike Google and Facebook - have the luxury to leave us our privacy.

What does that mean for us now? Not that we should buy now Apple products. There are too many things that you can refuse to Apple for good reason. But we must not be fobbed off with cloudy promise to respect our privacy and the protection of our business communications to us. Correct and above all simple end-to-end encryption for all could be done - we must demand only finite.