The SIM Swap Scam

If you access a website and have forgotten the password, there is usually a link labelled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email. You click the button in the email message and reset your password.

Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.

This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.

The SIM Card Swap

Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.

This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.

They will then have access to your messages, contacts list etc.

Then they try to access your bank account and shopping accounts.

Prevention

To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminals intent on defrauding you or stealing your identity.

Text messages are very useful but remember that they are not encrypted and can potentially be read by anyone.

You can use APPS that encrypt data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.

If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

December 4, 2022

Dumbest scam on the Internet this week

So, what’s the dumbest scam or spam on the Internet this week?

An email with the headline

Get Funeral Planning Advice from a Trusted Source

I’ve never heard of them so why would I trust them?

It continues with a number of very general and fairly meaningless statements such as

“Not all funeral planning advice is equal”. Gee, never thought of that.

My favourite line in the email is “Takes the boo out of Taboo” – sounds like a catchphrase and is not suitable when talking about funerals

The email is from we-just-compare.com so it’s just a Marketing company looking for leads.

There is one testimonial in the email and it says “Thank you WFP for helping us”
Who is WFP? – they are not otherwise mentioned in the email.

Altogether a stupid waste of time

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

December 3, 2022

Time-Wasters Update

“Moon Jang” wants to share $21 million with me that is in a dormant account in the bank where he works. He presents me to the bank with fake documents he has prepared and they will hand me all that money to split with the email sender. There are still a lot of these ridiculous 419 scam emails but presumably some people are dumb enough to believe they can get that money. It doesn’t exist of course – just a scam for the unwary.

There seems to be a limitless number of bozos offering website design, SEO services etc. This latest one is from ‘John Goldstone’ and is a reasonably well written offer to do web design. However, the radio station received a dozen such emails – each from a different email address, using exactly the same words but with a different name. That’s a bit of a give away that it’s a scam.

“Your doctor lied to you. Exercise or a healthy diet is not the best way to reverse your diabetes” says the scammer trying to get you to click a link that says ‘Just One handful of this little known fruit…”. All rubbish of course. People should know better than to trust unsolicited emails rather than a medical professional.

“A new contract document has been shared with you on SharePoint storage. Sign in to view encrypted document”. A lot of business use Microsoft SharePoint so will recognise this kind of message. But the radio station this message was sent to doesn’t use SharePoint hence the message is an obvious fake.

“Zuccini, bell pepper, peas, kale …you might be eating this vegetable every day believing it to be super healthy like everyone else does…” Is the opening line of a simple health scam. It goes on to claim one of those four is banned in Europe due to excessive levels of toxin but another of those 4 veggies can cure diabetes. The scammer is either very confused and has mixed up two scams or thinks people are so dumb they will fall form it whatever she puts. Some vegetables do contain small amounts of toxin – that is well known e.g. you have to boil kidney beans to make them safe to eat in large amounts. Pathetic scammers.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

December 2, 2022

BT Stop Callers

BT has a range of services to help you block unwanted callers.

Apart from annoying friends and relatives, most of these calls may be from cold callers i.e. marketing and sales calls from companies you have never dealt with.

There are also the scam callers pretending to be from an organisation you may deal with e.g. claiming to be from BT checking on your line and asking you to confirm your details first.

There are malicious callers and there are time wasters.

Telephone Preference Service

First, you should also ask the company to stop calling you and remove you from their calling list.

If that doesn’t work then register with the Telephone Preference Service. Once registered then you should only receive Marketing calls from companies you have agreed can contact you.

Of course, criminals don’t obey these rules.

You can register with the Telephone Preference Service by signing up for BT Privacy at Home at www.bt.com/callingfeatures. We also offer Caller Display which allows you to see the number of the person who’s calling. BT Privacy at Home and Caller Display are both free. You can sign up to them at www.bt.com/myfeatures.

Scam calls

These are commonly made by scammers pretending to be from BT.

They may ask you for personal information or want access to your computer. Don’t be fooled, this is fraud.

For more information, or to report a scam call, visit www.bt.com/help/home/scams/

Remember

Stay calm and don’t talk to the caller
Don’t give away any personal information or answer the phone with your name or number
Keep your answerphone message short and to the point
Keep note of these calls

If you’re getting abusive, threatening or obscene calls, then you should report them to the police. It will help if you note down the date, time and number that called, along with any other information.

If you’re receiving a lot of malicious calls you can call our Nuisance Call Advice Line on 0800 661 441 (8am to 10pm Monday-Friday and 9am to 6pm on a Saturday).

Calling features that can help:

BT Call Protect – sends nuisance and unwanted calls to a junk voicemail
BT Privacy at Home includes registration to the Telephone Preference Service >
Caller Display – lets you see the number that’s calling you before you answer
BT 1471 – dial 1471 to check the number that last called you
Ex-directory – take your number off the telephone directory

If you have any experiences with these scams do let me know, by email.

November 28, 2022

Christiano Ronaldo scam

Christiano Ronaldo is one of the world’s most famous footballers.

He plays for Manchester United currently although probably not for much longer.

He is paid £26.8 million per year so he’s not exactly short on cash.

The scam is simple.

The scammer sent out mass text messages to random phone numbers, such as

Hello. It’s Christiano Ronaldo using my second account.

Can I borrow your debit card so I can buy some new football boots at Sports Direct.

Is there anyone in the world stupid enough to believe that and send him their payment card details?

Apparently there is.

Unbelievable.

November 28, 2022

Instant Photographer Scam

Photography is one of those things that everyone can do a little and nowadays most of us carry smart phones that include a reasonable quality camera. People upload around 300 million pictures per day to Facebook and around 95 million photos are shared on Instagram every day, almost all from smart phones.

But, being able to take a reasonable picture is a world apart from being a qualified professional photographer.

The scam email starts off with the typical scammers opening warning to catch people’s attention.

“Did you know that pro photographers are FURIOUS about this site?”

Then comes the sales pitch

“WHY?

“Because it shows normal folks like you and me (the underdogs) the true secrets of photography”

“Meaning you can take photos like them without formal training.”

“It’s no wonder guys are saying the site should be banned”

It continues like this for paragraphs.

The email appears to be trying to sell you a video training course and maybe it’s a good training course although the chances are against that as reputable sellers don’t use scammer’s language.

More likely is that the training video (if it exists) is just cheap rubbish put together by a scammer. Once she’s got your money – she won’t care whether you can ever take decent photographs. Don’t waste your money.

Do you have an opinion on this matter? Please comment in the box below.