Warrington Gears Up Against Scammers

Friends Against Scams run awareness sessions around the country to educate people on how to avoid scammers and what they should do if they or someone they know is caught up in a scam.

There was such a session in Warrington recently and it seems to have had a big effect.

All those attended signed-up to be a “Friend Against Scams” or a “Scam Champion” and have pledged to raise awareness and spread the word across communities about the dangers of scams, particularly to Warrington’s most vulnerable residents.

As part of the event, they showed how criminals attempt to trick people with official looking documents or websites, or convincing telephone sales patter, with the aim of persuading them to send a “processing” or “administration” fee, pay postal or insurance costs or make a premium rate phone call.

A relative of a 78-year-old man from Cinnamon Brow who was a recent Warrington mail scam victim said: “I tried intercepting as many letters as I could find in his house and return them with ‘gone away’ but that had no effect on the volume of mail sent. He was still receiving at least one hundred scam mailings a week. “I estimate he has spent at least £30,000 in four years on scam mail products and scam lotteries.

Dr Muna Abdel Aziz, director of public health for Warrington, said: “Scams come in many forms, and scammers will target people of all ages, backgrounds and income levels. We receive complaints from residents who have lost thousands, and in some cases, tens of thousands of pounds

“These sessions aimed to empower residents to recognise and avoid scams and to help friends, family and neighbours do the same. Financial loss is not the only cost to victims, as feelings of vulnerability can also have a devastating impact.”

For more information about the campaign and how to get involved visit, go to  http://www.friendsagainstscams.org.uk

Friends Against Scams is a National Trading Standards Scams Team initiative which aims to protect and prevent people from becoming victims of scams by empowering communities to take a Stand Against Scams.’

Do you have an opinion on this matter? Please comment in the box below.

Mobile Device Malware “Judy”

The Korean company Kikiwini published 41 Android APPS under the name ENISTUDIO Corp.

These could have infected up to 36.5 million Android devices by hidden malware that produced fake advert clicks.

Security firm Check Point identified these apps and realised these infected devices could be used to generate large amounts of fraudulent clicks on advertisements, generating revenues for the creators of the malware.

The malware was dubbed “Judy” by Check Point after the title character in Kiniwini’s apps. Chef Judy: Picnic Lunch Maker, for example, encourages players to “create delicious food with Judy

Google removed the apps from Google Play once it had informed of the problem.

How does Judy infect your device?

Hackers create a harmless app that can get around Google’s security screening and it is added to the app store.

Once it has been downloaded by users, it silently registers with the makers servers for update.  That update is not just latest software, content and adverts etc. It contains the code and list of web addresses. The APP then opens a browser window and starts to make clicks on the listed websites on the selected adverts. These clicks are registered by networks such as Google Ads and in time will produce payments to the makers.

This kind of cheating has been used in the past but this is one of the worst such examples and it circumvents Google APP security which they will not be pleased about.

Kiniwini also develop APPS for Apple devices but so far there are no reports of problems with those APPS.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

What is the Dark Web?

The Dark Web is the websites that the owners don’t want you to find, unless they specifically give out an invitation. These sites are not on Google or other search engines because they have never been registered  and deliberately don’t have links from other sites that Google or other search engines know about.

It’s true that most of the Dark web is about illegal activity including fraud, phishing, terrorist activities, drugs, hacking etc. However, there is some activity on the Dark web that people don’t want to be seen but is not illegal such as whistle-blowers preparing or sharing information, things that are legal in some jurisdictions but not in others, unmonitored communication in countries with totalitarian controls etc.

Darknet websites are accessible only through networks such as Tor  and I2P (“Invisible Internet Project”). Tor browser and Tor-accessible sites are widely used among the darknet users and can be identified by the domain “.onion”.

These route the users’ data through a large number of intermediate servers, which protects the users’ identity and gives anonymity. The complicated system makes it almost impossible to decrypt the information even  layer by layer. Communication between darknet users is highly encrypted allowing users to talk, blog, and share files confidentially.

Web Based Hidden Services in January 2015

Directories 2.5% Blogs 2.75% Pornography 2.75% Hacking 4.25%
Searches 4.25% Anonymity 4.5% Counterfeit 5.2% Whistle blowers 5.2%
Wiki 5.2% Email 5.2% Bitcoin 6.2% Market 9%
Drugs 15.4%

There are markets similar to Amazon but that sell illegal items such as drugs, weapons, hacking software, viruses, etc. Many hackers sell their services individually or as a part of groups. Various government bodies around the world try to track activity on the Dark Web but it is not easy.   There are numerous forums where credit card details and identities are sold.

Amongst the numerous illegal activity sites are scam sites that defraud people trying to carry out illegal activity.

See http://www.fightbackonline.org/index.php/guidance/12-explanations/69-the-dark-web-what-is-it for further information.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

The Amazon Order Cancellation Scam

You receive an email that seems to be from order-update @amazon.com. It is addressed to my email address, not ‘unknown recipients’ or blank as most phishing emails are usually addressed.

The title is “Amazon.com – Your Cancellation 139-216896-257848336”

This looks genuine.

The email describes the cancellation of an order yesterday and the relevant book title and details.

There is a link to the order to review it and at the bottom of the email there is a link to Amazon.

Both of these links are fake – they go to davidestore.com which is clearly not Amazon.

These phishing emails look very professional – an exact match for Amazon emails and no spelling mistakes or poor grammar.

Many people use a family account for Amazon so may not immediately recognise the email to be fake.

Do not be tempted to click on the links to see what happens or unthinkingly believing it will get you to the relevant Amazon page – because it won’t. The link is to a fake version of an Amazon page and it just wants your Amazon access details so the thieves can plunder your Amazon account.

What about the fact that the email appears to be from Amazon?

The senders have ‘spoofed’ the Amazon address so the email does appear to be from Amazon. This is more difficult to do than the average scammer will bother with but some do use this spoofing technique to make their messages seem more genuine.  (http://www.fightbackonline.org/index.php/guidance/12-explanations/63-the-problem-of-fake-emails  tells you more about spoofing)

What should you do if you receive one of these phishing emails that seems to be from Amazon?

Amazon say the best approach is to send the phishing email as an attachment to stop-spoofing@amazon.com and they will be able to establish where the email originated and hopefully stop the perpetrators.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

The Identity Theft Resource Centre

http://www.idtheftcenter.org/

The Identity Theft Resource Centre (ITRC) is a non-profit organization that supports victims of identity theft in resolving their cases, and broadens public education and awareness in the understanding of identity theft, data breaches, cyber security, scams/fraud and privacy issues.

It is for American citizens only. You can call the ITRC on a Freephone number and they provide no-cost case mitigation and consumer education to approximately 10,000 victims and consumers annually. ITRC maintains records of data breaches and publish the list each week.

ITRC aim to:-

  • Educate consumers, corporations, government agencies, and other organizations on best practices for fraud and identity theft detection, reduction and mitigation
  • Serve as a relevant national resource on consumer issues related to cybersecurity, data breaches, social media, fraud, scams and other issues.

The ITRC also conduct research and surveys in collaboration with partners and sponsors resulting in white papers, fact sheets, and solutions to educate consumers and businesses.

They believe that prevention and reduction of identity theft will require education and cooperation between consumers, businesses, law enforcement agencies, and legislators.

ITRC is a very useful organisation and they help a lot of people each year.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

The Kitchenware Car Park Scam

This has happened before in Surrey but now theses scammers are at it again.

They have approached people in Waitrose car park in Cobham and at Painshill car park.

You’re in a car park and maybe just getting out of your car or heading back to your car and you are stopped by someone. You expect they want directions to somewhere but they start telling you a story. Sometimes they hang around schools trying to talk to the waiting parents or sometimes they just knock on doors.

The story is roughly as follows:-

 I was on my way to the airport to fly home but I have too many samples left. Kitchen knives, cutlery, crockery – all top quality sets as you can see for yourself (shows the product).

 I can’t take them on the plane as they are too heavy so I have to sell them off quickly.

I can offer these professional products to you at a very much discounted price if you buy now.

The products have designer names and appear to be Swiss made and top quality but when the victim’s inspect them at home, they realise they are poor quality copies and not worth what was paid.    

The scammers have German accents and speak good English.  They are clearly very convincing as people keep falling for this scam and some spend over £1,000 only to find out their purchases are near worthless.

The Police do know about these scammers but if you are approached by them then do tell the Police.

If you know anything about these scammers or have been conned by them – let me know.

A World of Passwords

The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce and is one of America’s oldest physical science laboratories.  NIST produces  a wide range of measurements and standards, many of which are used world-wide and contribute to many advanced technologies, materials and fabrication.

NIST also produces guidelines for the system developers who create APPS needing passwords and tells them what checks should be made and what restrictions to apply.

The latest guidance on passwords is DRAFT NIST Special Publication 800-63B Digital Identity Guidelines

It says that passwords should be

  • chosen by and memorable for the user.
  • of sufficient complexity and secrecy that it would be impractical for an attacker to guess or otherwise discover them.
  • at least 8 characters in length (unless allocated by the system in which case they should be at least 6 characters)

In the last few years, most websites needing passwords have insisted they include capital letters and numbers, but this new guidance says that’s unnecessary.

Systems shall not permit the subscriber to store a “hint” (for their password)  that is accessible to an unauthenticated user.

When processing requests to establish or change passwords, systems shall compare the prospective password  against a list that contains values known to be commonly-used, expected, or compromised. For example, the list may include (but is not limited to):

  • Dictionary words
  • Repetitive or sequential characters (e.g. ‘aaaaaa’, ‘1234abcd’)
  • Context specific words, such as the name of the service, the username, and derivatives thereof.

If the chosen password is found in the list, the system shall advise the subscriber that they need to select a different secret, shall provide the reason for rejection, and shall require the user to choose a different value.

There should be a maximum number of times a user can try to input a password, and then the user should be blocked temporarily.

For some years, it became common for systems to require a password be changed every 6 or 12 months and that advice was given out many times, but this has changed. It is now recommended that systems do not require password changes. Users can choose to change their passwords whenever they wish.

Passwords are essential to access many online services and hopefully the new guidelines will enable the developers to make the process of selecting a new password easier and more secure than previously.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.