Category: Fight Back

How to Play the Telemarketer Game

We all get phone calls from telemarketers and scammers. The idea of the game is to waste as much of their time as possible. The more you waste – the less time they have to scam or waste other people’s time.

They normally start with something to get you answering questions e.g. how are you?

You can just say fine but no reason why you shouldn’t tell them half your life story – every illness you’ve ever had, how bad the NHS is, your local doctor, your kids or parents or friends illnesses, the weather. You get the point – talk about anything.

Then they get onto their script.

Answer some questions and ask more questions when you get the chance.

Your questions can be sensible or whatever comes to mind.

e.g. “My Aunt Milly said I shouldn’t talk to anyone who’s a Libra? Are you a Libra?”

 Awarding Yourself Points

Each minute spent on the phone 10 points
Getting caller to repeat part of the script 5 points
Getting answers to stupid questions 15 points
Changing the subject 50 points
Making the caller angry 100 points
Making the caller hang up 100 points

Have fun.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

How to Charge Cold Callers

It is possible under specific circumstances that you can invoice cold calling companies and make them pay for your time wasted.

But it takes a lot of effort to make it work and is only possible with very insistent cold callers who refuse to stop.

Richard Herman is a retired BT engineer and he was plagued with calls from a solicitors.

He thought about what would make it possible for him to claim money from them and he put his plan into action.

  1. He recorded every call and the date, time and length of each call.
  2. He warned them that they would be incurring costs if they continued to call him against his wishes. This warning needed to be explicit rather than just saying ”It will cost you”
  3. He specified that the charge would be £10 per minute or part thereof occupied in answering the cold calls.
  4. His meticulous records, recordings of the calls and warnings to the callers to stop, put him in an excellent position with the law.
  5. He wrote to the callers demanding payment
  6. When payment was not forthcoming and the calls continued then he started legal action.
  7. The company behind the cold calls turned out to be a solicitors and they fought the case but lost and had to pay up.

You can do the same if you’re willing to put in the time and effort.

Richard Herman has a website at http://www.saynotocoldcalls.com/index.html giving more detail and he will answer queries.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Liverpool Advertising Scammers Busted

Advertising magazine fraudster George Williams jailed for seven years over £5.2 million scam.

George Williams controlled a Liverpool-based team conning firms into paying for adverts in a publication called “Emergency Services News”. There should have been about 1.2m copies per year to fulfil their promises to clients but instead police found they only printed 30,000 copies over 3 years.

Williams and others called themselves Weinstein Williams Associates Ltd and were found to have falsely claimed that they worked for the emergency services and detectives believe as many as 15,000 victims paid for adverts in publications that either did not materialise or didn’t reached the audience they had been promised.

Weinstein Williams Associates cold-called people all over the UK, claiming they were endorsed by emergency services to get people to place paid adverts in their fake magazine. Anyone who complained was threatened with legal action.

Williams, of Linacre Road, Bootle, took £2,000 a week and splashed out on flash cars, boats and property. He was jailed for seven years and four other men were sentenced at Liverpool Crown Court over the scam.

Judge Robert Warnock told Williams: “The evidence is overwhelming. You recruited guilty and unscrupulous sales staff. You enjoyed the criminal lifestyle.”  “You have shown no remorse at all. It is highly probable you will offend in the same way. Your motive was greed and your method deception.”

Scammers like this create a plausible situation where they appear to help people in business. But it’s mostly fake and the businesses lose out and the scammers get very rich.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

How to protect Yourself Against Online Scams


The points below can help you to be safer online – but stay cautious, especially where money is concerned.

1. Don’t buy anything or agree to anything that seems too good to be true.
The offer of riches or a bargain or some reward may tempt you, but be careful. If something seems too good to true then it almost certainly is.
2. Always check and confirm the identity of individuals and websites you are dealing with, both online and offline. Do not give away any personal information unless you are sure of who they are and why they need the information.
3. Don’t fall for an advance fee scam. That is do not pay upfront for a job application, a reward, a lottery win or anything else similar.
Any work-at-home scheme where you have to pay upfront is likely to be a scam and anything else where you pay up front for something where you don’t expect a charge is also likely to be a scam.

This applies, for example, to lotteries, other supposed competition wins or inheritances, and people claiming they want to share money they inherited or won.

  1. Don’t buy (or rent) from someone you don’t know or haven’t checked out. This is a difficult one as it’s the business model for Internet business Airbnb and many people around the world have benefited from renting out their home to strangers or renting the home of a stranger. If you are going to do this, make sure to read the reviews carefully looking for anything suspicious and if there aren’t enough reviews on the property then find another one.
  2. Protect your confidential information. Don’t give out private information in response to an inquiry you didn’t initiate.
  3. Buying Online. Use services like PayPal to limit your exposure to card fraud. Once your card is registered on Paypal you can use it on most websites to make secure payment without those websites having sight of your card details.

When buying online, check for “https” in the address line and a closed padlock symbol . If they are missing then the site isn’t safe for confidential information such as login and password.

  1. Don’t be pressed into taking precipitate action. The scammers will try to make you do things quickly – so you don’t have time to figure out that it’s a scam. They will make things appear urgent or set a deadline.

No matter how persuasive an offer seems or how much an agent pushes you to agree on a deal now to get a discount, don’t do it!

  1. Do not respond to charity emails as these can be fake – only donate to charities you know or have checked out and send your money directly to the charity.
  2. Use reputable Internet security software on your PC and keep it up to date. Choose products with “Internet Security” or similar wording rather than simple anti-virus programs as they have more comprehensive features and protection.

Regularly check that you’re using the latest version and that it automatically updates its malware definitions.

Ignore pop-ups and other warnings that your machine is infected that don’t come from this program. And never pay money in response to such warnings.

  1. Don’t click on links and attachments in unsolicited, unchecked messages or social networks.

This may be difficult for some people used to such messages from friends, but it’s your choice to take the risk or not.  At Christmas time many people send e-cards and scammers know this and send their own malware versions, so be warned.

  1. Don’t use Cash Transfer companies such as Western Union or Moneycorp as if the transaction proves to be fraudulent you cannot recover your money.
  2. Be wary about downloading software from unfamiliar websites or using torrent sites that share files. These might install malware on your PC.
  3. Set strong passwords and ideally use different logins and passwords for each website.
  4. Never reply to spam messages – there’s no point and you would only end up with more spam messages.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Defending FightBack Ninja Blog Against Online Attacks

cartoon_gangsters

The Fightback Ninja blog uses standard WordPress technology for the creation and management of the blog online.

WordPress is very good and free to use and there are many thousands of templates and addons available, so you can use it to create a wide variety of blogs, websites and more.

However, the fact that it is so well known also makes all WordPress installations a target for scammers and spammers.

Attack type 1 – the attackers try to access specific files that normally exist in WordPress installations, with the intention of amending those files to give themselves  scammers complete access.

Counter action: I had installed iThemes addon for WordPress and it gives a good level of protection against the common sorts of attacks. It blocked access and will lockout any IP address or login that tries constantly to access specific files.

Attack type 2 – password guessing

All WordPress installations have an admin login with the ability to create new logins and do anything on the installation.

Counter action: After nearly 10,000 attempts to crack the password, they gave up. Good job I had picked one that cannot be guessed.

Attack type 3 – comment spamming

This is not directly an attack but is simply morons trying to post entries (full of links) on the comments of the blog. This is usually to increase the ranking of some website by having as many backlinks as possible.

Counter Action: I had Installed a spam comment blocking addon called Akismet.  This puts all comments in a holding area till I chose to approve them or delete them.  So far nearly one hundred such spam comments have been blocked. The sort of comment they typically try to post is anodyne e.g. “Good writing but have you checked out this list of good links?” This is just rubbish to be deleted. As their attempted posts never appear on the blog – they give up for a while then try again.

Also, Google ignores post comments where the post is less than 3 months old so these comment spammers always go for old posts.

If you allow these comments onto your blog then you will be inundated with more as they are produced automatically.

Attack type 4 – A deluge of comment spam

Counter attack: I had to install an addon that let me turn off the comment facility completely for a while.

It is a nuisance that all WordPress sites get attacked in these ways, especially the popular ones. But the right precautions make it difficult for the scammers to cause any damage.

No doubt, the morons, scammers and spammers will continue attacks at some time but hopefully will never succeed.

If you have any experiences like this or with scammers  do let me know, by email.

ninja_signature

Project Honeypot

honey-5732_640

This is about systematically identifying spammers and hence being able to block their activities.

Project Honey Pot (www.projecthoneypot.org) is a system for identifying spammers and the spambots they use to copy addresses from people’s website. Spambots are automated pieces of software that can read websites and find and copy any email addresses.

Website administrators have few resources able to tell them whether a visitor to a site is good or malicious. Project Honey Pot was created in order to provide this information to website administrators in order to help them make informed decisions on who to allow onto their sites.

Project honeypot is a set of software you can install on your website and it will enable the project honey pot team to track spammers and provide lists of repeat spammers.

To do this, webmasters install the Project Honey Pot software somewhere on their website. Project Honey Pot  handle the rest — automatically distributing addresses and receiving the mail they generate. As a result, they anticipate installing Project Honey Pot should not increase the traffic or load to your website.

Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.

They collate, process, and share the data generated by your site with you. They also work with law enforcement authorities to track down and prosecute spammers. Harvesting email addresses from websites is illegal under several anti-spam laws, and the data resulting from Project Honey Pot is critical for finding those breaking the law.

Project Honey Pot is free to use.

There are also  “comment spammers”

Comment spammers do not send email spam. Instead, comment spammers post to blogs and forums. These posts typically include links to sites being promoted by the comment spammer. Project Honeypot can identify these comment spammers.

Resources

Project HoneyPot publish various useful information in the battle against spammers.

A list of the top IP addresses being used by comment spammers.

A list of the top URLsdomains, and keywords being promoted by comment spammers.

A list of the top IP addresses used by dictionary attackers.i.e. scammers who use every word in the dictionary to try to crack someone’s password.

Statistics

Project Honey Pot is monitoring 235 million addresses and 124 million IP addresses and has identified 267 thousand harvesters and 28 million dictionary attackers.That’s a great record.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

ninja_signature

Trading Standards Takes Down Wyvern Media

cops_679276_640Trading Standards recently carried out its biggest ever investigation, into a group operating as Wyvern Media group.

This group sold advertising space in their publications by cold calling. Sometimes they would claim the company had won a prestigious industry award and must advertise the fact.  At times they would call every hour pressurising companies into buying more adverts or at other times they simply charged the clients account for non-existent adverts.

Sadly for the victims the advertising sold was worthless.  It was either non-existent or in a back water publication with very low readership but claimed to be a major national publication.

Jonathan Rivers was head of Derby-based Wyvern Media group and led a sophisticated operation employing up to 250 people in 12 offices across the UK and had a turnover of around £7 million.

The Nottingham Crown Court heard he admitted fraudulent trading after more than 500 complaints were lodged.

He was jailed for six years. Four other members of staff were jailed, with a further five given suspended sentences.

Rivers, 55, of Coleshill, Warwickshire, was described by Judge Stuart Rafferty as the “head, heart and soul” of the company, which had about 18,000 customers per year and an estimated annual turnover of £7m.

Several small businesses (including charities) were bankrupted by the actions of the group stealing money from them

These scams leave a trail of misery and broken people and businesses behind them.

Well done Trading Standards in stopping this group.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

ninja_signature

Government Fights Back Against Cyber Attackers

 

The government has been surprised by the level of Internet attacks on  government systems, the defence industry, the NHS and on critical business such as the electric companies, water companies etc. and even attacks on household names such as Tesco.

It can be hard to pin down who’s to blame for these attacks but they say there are basically 3 groups involved – government sponsored cyber specialists,  criminals and people who just take up the challenge of hacking.

The obvious guess as to the state sponsored cyber hackers is China and more recently Russia. Both countries deny this of course.

The British government has employed cyber specialists for some time to prevent these attacks from succeeding but the time has come for a big increase in spending on this and to officially warn the cyber attackers that the UK will not only defend itself against such attacks but will respond aggressively to any such attackers.

Philip Hammond confirmed that UK security services would cause “damage, disruption or destruction” against those that attack the UK. These “offensive” capabilities would include proactive cyber attacks as well as the ability to defend against incoming disruption attempts.

This seems to be a significant ramping up of the country’s ability in this arena and in particularly that they will go on the offensive where required.

This is a five year strategy and effectively doubles the current spending on cyber defence.

The government claim it is making progress in cyber defence

e.g.1. where it used to take a month to shut down a website spreading viruses it now can be done in 2 days

e.g.2 websites pretending to be government departments can be shut down in hours where it used to take days.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

ninja_signature

Security Blogger Scams the Scammer

head-1137275_640

A French security blogger named Ivan Kwiatkowski was incensed when scammers tried to scam his parents by pretending to be Microsoft helping them sort out virus problems.

Ivan decided to find out more about these scammers and see if he could turn the tables on them. He called the number his parents had called and a lady named Patricia answered. He spun her a yarn about his computer having problems with Zeus virus and could she help.

Oh yes she could.

It is typical with these scams, for the scammer to install software on the victim’s PC supposedly to ‘see how bad the problem is’ but in fact to use a cheat so as to show the extent of the ‘fake’ problem’ and maybe to look for credit card details and passwords etc.

Ivan had setup a PC off the network so he could let the scammer have a look around safely.

He allowed Patricia to take control of the PC and install her software. She told him she’d found that the PC had 1452 viruses and she could supply anti-virus software and fix it for $189.90. Ivan told her he’d buy the software in Paris where he lives and the conversation ended, to the scammers surprise.

But Ivan wasn’t finished yet – he phoned back and spoke with a new scammer, Dileep, who checked the situation and offered to clean the PC of viruses and install anti-virus protection for $299.99.

Ivan offered to buy the package but when it came to giving credit card details – he had fake card details to use but pretended he couldn’t read very well so when the card number was rejected he claimed poor eyesight was the problem. After numerous attempts he had a brainwave. Ivan had j.Locky ransomware on disk as he had been researching it recently.

He convinced Dileep to accept a photo of the card so he could read the numbers himself, but Ivan send the photo with j.Locky attached.

The scammer didn’t know it but j.Locky would be busy in the background encrypting all of his files then would demand a ransom to have them released.

Scam the scammer.

Nice one Ivan

To read the original account of the scam, go to https://blog.kwiatkowski.fr/?q=en/node/30

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

ninja_signature

Chris Deals With Cold Callers

upset-534103_640

A guest post by Chris.

I don’t intend to be rude to cold callers but they do have scripts to work to and I disrupt that by giving unexpected answers or questions.

If they claim to be doing a survey, then I might say

“What’s in it for me?”

Probably, they’ll tell me there isn’t anything or the slow witted ones just keep asking questions.

I might say “I cannot believe you are asking for information without giving me anything.”

If they say I am going to be entered into a draw or be given £100 voucher off double glazing for example  then I might say “Send me the cash or draw coupon or whatever first then I’ll answer questions”

A lot of the cold callers are from call centres in India and I have visited India several times so I might ask them whereabouts they are and ask about the weather or is my favourite hotel still there or something similar.

They don’t like talking about these things as it’s not on their script.

Other times, I might try to make the cold caller feel guilty.

I could tell them I have come down from the top of a ladder where I am painting the roof or been dragged in from the garden where I am cutting down trees to answer the phone.

Sometimes that works and other times they just stick to the script.

If they ring at lunchtime I always tell them I am hosting an important lunch party and cannot discuss my power suppliers or whatever it is they want at that time.

Of course that can lead to them suggesting they call again which obviously I don’t want.

If they are calling from England at lunch time then I might say

“Why are you calling at lunch time – are you not allowed lunch? I should have a word with my boss about that”

It can be entertaining dealing with cold callers but can just be an annoyance.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

ninja_signature