What Are Tracking Cookies?

Definitely not a Mary Berry special, tracking cookies are used by websites to track your browser actions.

Well that sounds bad – is it?

Yes and no.

Cookies are small pieces of information stored on your computer by your browser – they may be used to maintain the list of items in your shopping cart for example.  Cookies are used by websites to remember important information which can help your browsing experience e.g. not having to keep logging in.

So, what are tracking cookies?

Tracking Cookies are a specific type of cookie that is used across multiple websites to track which websites you use.  This may be so a website can present tailored information to you e.g. if you access a shopping site and look at specific products then you may find the next sites you visit show adverts for those same products.

For some people this is a step forward from random adverts but for others it’s an invasion of privacy.

Tracking cookies are commonly used to build records of people’s  browsing histories. Concern over this invasion of privacy prompted European Union and American legislators to take action in 2011. EU law requires all websites targeting EU member states gain “informed consent” from users before storing non-essential cookies on their device.

How to Block Tracking Cookies

Your browser will have privacy settings that allow you to block tracking cookies (sometime called third party cookies).

Some browsers have an option called ‘Do not Track’ which should have the same effect as blocking the third party cookies but not all websites implement this properly so it’s best to find the option to block.

To access the privacy settings you should find Settings on your browser menu then select privacy or security options.

How to Remove Tracking Cookies

Your anti-virus software will not normally remove tracking cookies but Internet Security packages will do and so will any anti-malware packages. Also there is software that will just  remove tracking cookies in order to maintain your privacy.

Do enter your email address and click in the subscribe box on top right to keep up to date with new posts.

Defending FightBack Ninja Blog Against Online Attacks

cartoon_gangsters

The Fightback Ninja blog uses standard WordPress technology for the creation and management of the blog online.

WordPress is very good and free to use and there are many thousands of templates and addons available, so you can use it to create a wide variety of blogs, websites and more.

However, the fact that it is so well known also makes all WordPress installations a target for scammers and spammers.

Attack type 1 – the attackers try to access specific files that normally exist in WordPress installations, with the intention of amending those files to give themselves  scammers complete access.

Counter action: I had installed iThemes addon for WordPress and it gives a good level of protection against the common sorts of attacks. It blocked access and will lockout any IP address or login that tries constantly to access specific files.

Attack type 2 – password guessing

All WordPress installations have an admin login with the ability to create new logins and do anything on the installation.

Counter action: After nearly 10,000 attempts to crack the password, they gave up. Good job I had picked one that cannot be guessed.

Attack type 3 – comment spamming

This is not directly an attack but is simply morons trying to post entries (full of links) on the comments of the blog. This is usually to increase the ranking of some website by having as many backlinks as possible.

Counter Action: I had Installed a spam comment blocking addon called Akismet.  This puts all comments in a holding area till I chose to approve them or delete them.  So far nearly one hundred such spam comments have been blocked. The sort of comment they typically try to post is anodyne e.g. “Good writing but have you checked out this list of good links?” This is just rubbish to be deleted. As their attempted posts never appear on the blog – they give up for a while then try again.

Also, Google ignores post comments where the post is less than 3 months old so these comment spammers always go for old posts.

If you allow these comments onto your blog then you will be inundated with more as they are produced automatically.

Attack type 4 – A deluge of comment spam

Counter attack: I had to install an addon that let me turn off the comment facility completely for a while.

It is a nuisance that all WordPress sites get attacked in these ways, especially the popular ones. But the right precautions make it difficult for the scammers to cause any damage.

No doubt, the morons, scammers and spammers will continue attacks at some time but hopefully will never succeed.

If you have any experiences like this or with scammers  do let me know, by email.

ninja_signature

Major Organisations Hacked in the UK in 2016

hacking

There have been a lot of company data breaches in 2016 in the UK but the three biggest known such breaches are

  • Three mobile phone company
  • Tesco bank
  • Sage business software company

Three Mobile

Three, one of Britain’s largest mobile operators revealed it’s had a major data breach that could put millions of its customers at risk. Hackers accessed Three’s customer upgrade database via using an employee login. They didn’t get access to any financial data but did access  names, phone numbers, addresses and dates of birth of its customers.

Tesco Bank

Tesco Bank which is part of Tesco supermarkets, had to freeze the online accounts of online customers as 20,000 people had money stolen from their accounts.

You can imagine what the customers thought of suddenly finding their bank cards were rejected. Everywhere and then for some that money had disappeared from their accounts.

Tesco Bank, which has over seven million customer accounts, has said it will cover any financial costs of the breach.

Sage

Sage is a business software company and is part of the FTSE-100 index.

Sage said their data breach could have compromised the personal data of 280 businesses that use Sage.

Attitudes to Data Breaches

A recent survey into attitudes towards organisations that have experienced data breaches shows that 84 percent of respondents would reduce or stop using an organisation’s products or services following breaches, and only 16 percent of respondents would continue to use an organisation’s products or services as usual.

Respondents were asked: “If you found out an organisation whose products or services you use had multiple data breaches, which of the following best describes how you would react?”

16 percent – I would continue to use their products or services as usual

27 percent – I would limit my usage of their products or services

37 percent – I would only use their products or services if I had no alternatives

20 percent – I would stop using their products or services completely

Businesses (especially those in the public eye such as FTSE-100 companies) need to understand that if their online security is not up to standard and they are hacked – that has a chilling effect on their customers and it will be hard to repair their reputation.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

ninja_signature

Trading Standards Scambuster Teams

trading-standards-logo

The Government’s 2005 Consumer Strategy ‘A Fair Deal for All’, set out a commitment to Regional Trading Standards Scambuster teams.

These teams concentrate on doorstep crime, cowboy builders, online scammers, “get rich quick” schemes, large scale scams and more. They work with other agencies to bring the scammers to justice and have had much success in stopping scammers.

e.g. The Scambuster Wales Team, established by Wales Heads of Trading Standards, was launched in April 2009 and is managed from City of Newport Trading Standards with teams of officers based in the North and South of Wales. The team is comprised of dedicated Trading Standards Officers and experienced ex Police Officers, who work alongside officers from the Police, HM Revenue & Customs and other enforcement agencies. They work across local authority boundaries focusing on the hardest to tackle scams and rogue traders that set out to rip people off.

The team has demonstrated new ways of working through targeted, proactive, intelligence led enforcement. There is now much closer co-operation and data sharing between trading standards and other agencies, partly due to the level of criminality the team has investigated.

Q. What do the scambusters team do that trading standards services can’t?

Dishonest activity is not confined by local authority boundaries. The Scambuster team has the ability to work across a region to tackle the more serious cases. Level 2 criminality describes crime which crosses local authority boundaries. The team aims to tackle such criminality by working on behalf of individual local authority Trading Standards Services. In some cases the team acts as an additional resource or it can be tasked by individual services to carry out investigations on their behalf.

Q. How can I get in touch with the Team?

Check on the Internet – http://www.nationaltradingstandards.uk/work-areas/scambuster-teams/ shows a list of the scambuster teams.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja

ninja_signature