Category: Fight Back

U.S. Charges 14 Over $147 Million Scam

Federal prosecutors criminally charged 14 defendants with involvement in a $147 million stock manipulation scheme orchestrated in a New York boiler room, which swindled dozens of senior citizens and other investors.

Employees of My Street Research, based in Melville, New York, obtained shares at below-market prices from insiders of five public companies, and conducted wash trades and other manipulative trading to drive prices up, according to  acting U.S. Attorney Bridget Rohde.

My Street Research described itself as providing “unbiased stock research” and “top notch, detailed unbiased research.”

Prosecutors instead describe it as a boiler room operation that used high pressure sales tactics to inflate prices of shares which they or co-conspirators owned in a pump and dump operation – pumping up prices, then dumping stock on clients.

Victims were repeatedly pressured in cold calls and emails to buy shares and sign up for stock tips, and five defendants tried to launder $14.7 million of proceeds from the scheme, which ran from January 2014 to recently.

One such email, for the company Grilled Cheese Truck Inc, said “URGENT!!! MUST WATCH THIS LINK REGARDING THE ‘GRILLED CHEESE TRUCK'” and provided a link to a Fox Business Channel video titled “Soup Nazi Hits the Road with New Food Trucks”.

Prosecutors said the defendants Erik Matz, of Mt. Sinai, New York, and Ronald Hardy, of Port Jefferson, New York, managed the alleged boiler room My Street Research, which was previously called Dacona Financial, Power Traders Press and Trade Masters Co.

Other defendants include cold callers, people involved with stock research, and insiders or marketers affiliated with Grilled Cheese Truck, CES Synergies Inc, Hydrocarb Energy Corp, Intelligent Content Enterprises Inc and National Waste Management Holdings Inc, prosecutors said.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Wayne and Jill Scambaiting

Every year tens of thousands of people in the UK are conned by online scammers, but it is not only the authorities taking action – “scam baiters” take the fight to the scammers.

Wayne and Jill (not their real names) are scam baiters. Jill explained her approach and some examples on a recent BBC Victoria Derbyshire programme.

“We waste scammers’ time, we waste their resources and we make them believe they are not as good as they think they are,” “Scammers are always going to be there but if we can take them down a peg and take a victim away from them any time we can, then we are doing something good,” says Jill.

The scam baiters often publish online their interactions with the scammers as a way of warning people.

The aim is for these to appear in search engine results, so potential victims will be alerted if they type in the scammer’s name.

The Scam baiters don’t make money from their actions – they do it to stop others being scammed. For Wayne, the motivation is simply the “buzz” he receives from knowing he can help someone.

Wayne’s Set-Up as a Scam Baiter

Wayne’s set-up is rudimentary. He works under various aliases, mostly named after characters from his favourite children’s television shows of his youth.

He often makes himself seem more vulnerable – and potentially gullible – by pretending to have recently broken up from a partner.

Both Wayne and Jill always wait to be approached by scammers, rather than seeking them out. Their names are on a so-called “suckers list” – effectively a database of people thought to be easy to con – which is passed around by scammers online.

The latest to get in touch is a man who emails Jill to say she has won the lottery in Africa. Pretending to be husband and wife, Wayne and Jill make a joint contact back, the aim being to waste the scammer’s time by arguing about which one of them gets the money. Surprisingly, Jill considers her biggest success to be the time she received a death threat from a scammer she had targeted.

“If you get a death threat you know you’ve really wound someone up. I had one scammer driving round Madrid for a day trying to find ‘Lynn’, who had gone to Madrid.

“Of course, I hadn’t gone to Madrid, I was in my front room. Jill tells it as a funny anecdote, but it underlines the seriousness involved.

“I take great care in protecting my online persona,” she says. “I bait with email addresses that aren’t traceable. I don’t use any of my real-life information. All of my characters are based somewhere 100 miles away from where I live.”

Click http://fightback.ninja/scambaiting-with-the-crown-prince/ for an example of Scambaiting.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Anthem Agrees Huge Fine for Data Breach

Anthem Inc., is one of the largest U.S. health insurance companies and it has agreed to settle litigation, over hacking that happened in 2015, for a total of $115 million. The hack compromised  79 million people’s personal information.

Anthem said in February 2015 that an unknown hacker had accessed a database containing personal information, including names, birthdays, social security numbers, addresses, email addresses and employment and income information. The attack did not compromise credit card information or medical information, the company said.

Some of the money will be used to pay for two years of credit monitoring for people affected by the hack. Victims are believed to include current and former customers of Anthem and of other insurers affiliated with Anthem through the national Blue Cross Blue Shield Association.

“We are very satisfied that the settlement is a great result for those affected and look forward to working through the settlement approval process,” Andrew Friedman, a lawyer for the victims, said in a statement.

The Indianapolis-based company did not admit wrongdoing, and there was no evidence any compromised information was sold or used to commit fraud.

Companies do not want the bad publicity of a data breach so most do their best to protect against such events. But some don’t make enough effort and maybe this huge pay-out  will convince them that it’s cheaper to protect the data than it is to fight court cases.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Warrington Gears Up Against Scammers

Friends Against Scams run awareness sessions around the country to educate people on how to avoid scammers and what they should do if they or someone they know is caught up in a scam.

There was such a session in Warrington recently and it seems to have had a big effect.

All those attended signed-up to be a “Friend Against Scams” or a “Scam Champion” and have pledged to raise awareness and spread the word across communities about the dangers of scams, particularly to Warrington’s most vulnerable residents.

As part of the event, they showed how criminals attempt to trick people with official looking documents or websites, or convincing telephone sales patter, with the aim of persuading them to send a “processing” or “administration” fee, pay postal or insurance costs or make a premium rate phone call.

A relative of a 78-year-old man from Cinnamon Brow who was a recent Warrington mail scam victim said: “I tried intercepting as many letters as I could find in his house and return them with ‘gone away’ but that had no effect on the volume of mail sent. He was still receiving at least one hundred scam mailings a week. “I estimate he has spent at least £30,000 in four years on scam mail products and scam lotteries.

Dr Muna Abdel Aziz, director of public health for Warrington, said: “Scams come in many forms, and scammers will target people of all ages, backgrounds and income levels. We receive complaints from residents who have lost thousands, and in some cases, tens of thousands of pounds

“These sessions aimed to empower residents to recognise and avoid scams and to help friends, family and neighbours do the same. Financial loss is not the only cost to victims, as feelings of vulnerability can also have a devastating impact.”

For more information about the campaign and how to get involved visit, go to  http://www.friendsagainstscams.org.uk

Friends Against Scams is a National Trading Standards Scams Team initiative which aims to protect and prevent people from becoming victims of scams by empowering communities to take a Stand Against Scams.’

Do you have an opinion on this matter? Please comment in the box below.

The Hero Who Stopped NHS Ransomware Attack

The WannaCry ransomware attack of May 2017 wasn’t aimed at the NHS, it was spread across Europe and Asia and happened to hit the NHS very hard for a series of reasons including that they had old Windows 95 machines on their network and because their network has a huge number of computers attached to it.  The ransomware demands users pay $300 worth of online currency Bitcoins to retrieve their files, but the price goes up if they don’t pay quickly and of course there is no guarantee that payment allows file retrieval.

An anonymous  UK cybersecurity researcher (known by the Twitter handle @malwaretechblog)  with the help of Darien Huss from security firm Proofpoint looked at the ransomware and discovered the name of a website which was being accessed by the ransomware. But the website address hadn’t been registered by anyone. He bought the domain name in order to track the activities of the ransomware but in fact it was a “kill switch” that stopped the ransomware from spreading any further. Well done, if unintentionally.

That didn’t help the people whose computers had already been infected but it stop the outbreak from continuing.

Unfortunately once the scammers realised how the malware had been stopped, they created and released a version that ignored the kill switch. But at least people had time to build defences against another attack.

The researcher, who identified himself only as MalwareTech, is a 22-year-old from south-west England who works for Kryptos logic.

MalwareTech explained that he bought the domain because his company tracks botnets (automated networks of controlled computers), and by registering these domains they can get an insight into how the botnet is spreading. “The intent was to just monitor the spread and see if we could do anything about it later on. But we actually stopped the spread just by registering the domain,” he said. But the following hours were an “emotional rollercoaster”.

He also said he planned to hold onto the URL, and he and colleagues were collecting the IPs and sending them off to law enforcement agencies so they can notify the infected victims, not all of whom are aware that they have been affected.

He said he got his first job out of school without any real qualifications, having skipped university to start up a tech blog and write software.

“It’s always been a hobby to me, I’m self-taught. I ended up getting a job out of my first botnet tracker, which the company I now work for saw and contacted me about, asking if I wanted a job. I’ve been working there a year and two months now.”

Well done hero – he’s now an honorary Ninja.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

UK Biggest Cyber Criminals Caught

The UK’s biggest ever cyber scammers stole £113m by calling victims pretending to be from their bank. Fraudsters used bin bags full of cash for shopping sprees, bought supercars and a Lahore mansion. The Glasgow-based gang targeted small businesses in telephone fraud scam and they cleared out millions of pounds from their victims’ bank accounts

The ring leader Choudhary has been jailed for 11 years and 14 others also face prison terms.

The Burnley-born fraudster had fleeced over 750 British firms to fund his millionaire playboy lifestyle. Raking in £3million a month by cold-calling bank customers, he ruined hundreds of lives and put small businesses on the brink of bankruptcy – leaving one victim so distraught that she committed suicide.

The Method

Choudhary phoned businesses claiming to be from their bank, saying security on the accounts had been compromised. He got internet bank security details and passwords from employees and emptied their accounts in minutes, blocking phone lines with software to stop contact with the real bank

Unwitting customers were told their accounts had been hacked and were duped into giving their internet banking passwords over the phone.

The cash was withdrawn by ‘money mules’ and moved through transfer exchanges from London to Pakistan and elsewhere. The biggest raid saw £2.2million taken from a solicitor’s firm in minutes

Choudhary used the details to convince businesses he was a genuine bank employee, telling them they had been hacked by ‘someone in Aberdeen’ called ‘King’

Scotland Yard believes at least 750 businesses were affected between January 2013 and October 2015, but there could be countless others. Choudhary targeted customers from Lloyds, Santander, Barclays and Royal Bank of Scotland.

Choudhary grew so rich that he flew his personal valets 8,000 miles across the world to polish his Porsches.

He posed as a music producer and property developer and owned a fleet of expensive cars including a Bentley, Rolls-Royce, Lamborghini and two Porsches.

Choudhary spent millions on a property portfolio in Pakistan, Dubai and Scotland, treated himself to £100,000 shopping trips at Harrods, bought £45,000 Rolex watches and enjoyed luxury holidays in the Middle East.

Conviction

Choudhary was jailed for 11 years. Corrupt Lloyds business adviser, Jones Opare-Addo, was jailed for five years for leaking account details to the gang and setting up accounts to launder cash.

Emma Daramola, 23, was given a two-year suspended sentence for conspiracy to commit fraud by abuse of position for her role as an insider at Lloyds

A long list of accomplices were also jailed.

Do you have an opinion on this matter? Please comment in the box below.

Louise and the Microsoft Support Scammer

Louise started up Internet Explorer browser on her PC and a screen popped up with a warning

WARNING – YOUR COMPUTER IS INFECTED

CALL Microsoft SUPPORT on 0208 3808 8964 IMMEDIATELY.

DO NOT TURN YOUR COMPUTER OFF OR ATTEMPT TO DO ANYTHING ELSE

Louise called the number immediately.

A very pleasant Indian man answered and he seemed very knowledgeable and assured her he would resolve the problem.

He asked her to install a piece of Citrix software which she did so he could take control of her PC and establish the nature of the problem.

He emphasised that the PC was badly infected and how important it was to remove the threat.

He warned her to turn off any other computers or mobile phones in the house as they could also become  infected.

At this point, his patter turned into more of a sales pitch for a package that would solve her problem and this made Louise suspicious.

Now Louise’s husband Charles was surprised at the request to turn off other computers and that made him suspicious so he turned the iPAD back on and searched for scams.

He found it – the “Microsoft Support scam”.

Charles then pulled the power cord from the PC to end any incursion by the support scammer.

What happened next?

The scammers called back three times and were ignored until they stopped calling.

Charles ran Kaspersky anti-virus to scan the PC for problems and installed Malwarebytes to also scan for any other malware. He also deleted the Citrix installation.

The PC was safe and they hadn’t been scammed but Charles and Louise had a narrow escape.

If continued, the scammers may have garnered credit card details, bank details, logins and passwords. etc.  as well as being paid for removing a non-existent computer virus.

If you see a warning screen like the one above – turn off the computer and contact a professional.  Do not call the number on screen as they are scammers.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Caller Protection Company Fined For Cold Calling

A West Sussex company has been fined £40,000 for making nuisance calls to the elderly.

The Information Commissioner’s Office (ICO) ruled that IT Protect Ltd, in Bognor Regis, broke the law because it called people registered with the Telephone Preference Service (TPS), which is a service home users can sign up to for preventing unsolicited calls.

Ironically, this firm was making nuisance calls to people to sell them a call blocking device. But by phoning people registered with the TPS it broke the law. The ICO  investigation was aided by members of the public reporting the nuisance calls they’d received from IT Protect.. They told ICO that the firm had preyed on the elderly and misled people by giving the impression they were working with BT.”  STEVE ECKERSLEY, HEAD OF ENFORCEMENT, ICO

IT Protect told the ICO it had bought a list of people and phone numbers from another firm, but it had not verified that the numbers were not on the TPS list and hence could not legally be cold called.

Reliance on another firm does not preclude the company from law breaking.

The law says that calls should not be made to anyone who has registered with the TPS unless they have told the caller that they wish to receive such calls from them. Companies failing to screen against the TPS, who then call people without consent, can expect enforcement action by the ICO.

IT Protect is the first company to be slapped with a bill by the ICO since it took over management of the Telephone Preference System in December

TPS  is a free service designed to protect people from unsolicited sales or marketing calls

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.