Locksmith Bait and Switch

The bait and switch price scheme is where a customer is lured into a purchase by an unrealistically low price then finds out the real price is much higher for what they want or the product/service offered is far less than they believed.

This scam is common with many types of product and service sales but has recently become a bigger problem in the world of locksmiths with many adverts appearing on local websites such as Gumtree, for locksmiths services advertised at false prices. Customers find out after the work is completed that the cost is actually dramatically higher than they believed.

Typically, these services are offered at £39, £49 or £59 for a lock fitting, lock replacement, emergency access etc. but the customer ends up being charged several hundreds of pounds or more.

If a locksmith offers services at prices that are dramatically lower than the industry prices then there is almost certainly a scam going on.

Always get multiple quotes and specify as clearly as possible what you want and ask exactly what will actually get for the quoted price.
Make sure to be clear on what the call out price is and what the cost per hour or per task is on top of that.
Ideally get a detailed written / email quote for the work
Select a local company, not a national business where you may be talking to someone in a call centre hundreds of miles away
Ideally you want to talk to the locksmith who will do the job, not to an admin person.

If you have any experiences with bait and switch scams do let me know, by email.

October 18, 2020

Stupidest Spam of the Week Sharon T-Shirts

Some scammers translate their scams from their own language into English for example to get their message to more people and you can usually tell, because the grammar is odd. Other scammers deliberately make mistakes with spelling and grammar so that anyone with more than two brain cells will realise this is fake and not respond – leaving just the dumbest to respond.

This latest scam email is an odd one – is the scammer bad at translation or deliberately doing this?

“Hello Mr (Mrs) Sharon, I’m a student and honored to be selling t-shirts for you”.

“I have all size – color – gender. I know you love your family and want have t-shirt for family.”

“Help me have many orders”.

Then there are pictures of strange black t-shirts all with the name Sharon prominent.

To make it more obviously a scam – the sender’s name is supposedly James C. Nyman but the email is from nguythenyudung1305 @gmail.com. OOPS that doesn’t match.

No-one in their right mind should consider buying from someone like this, even if they do have any actual t-shirts to sell.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

October 17, 2020

Time-Wasters Update

Scammers trying to sell health scams often use attention grabbing headlines. This latest one is unusual “Speed your poop train for better poops”. The email address is a long meaningless string of letters including “werberterstext” and there is little content but an exhortation to watch a video. I will definitely not be watching that one.

An email to the radio station by Ryan Peters claims he was looking at our website and wondered if it generates enough business for us, as he can improve it to get many times the number of customers. He is obviously a liar as if he knew we are a radio station he would realise the website is not for generating business – it is to let people listen to the station’s output and see the schedules etc. People seem to think that lying in an email is just Marketing. No it’s not. It’s still lying.

Mikhail Friedman has chosen me to receive $5 million from his charitable foundation and I just have to email back to get full details. A simple and obvious scam message from someone trying to check if the email address is valid and maybe trying to find the dumbest people he can, for some kind of con.

An email title that stands out is “Just 30 Seconds To Claim Your Exclusive Reward”. The message is actually meant to be about an online survey and the link to click says “We Have a Surprise For CVS Customers”. The surprise is that there is no survey and no reward – just a scam website. Not the nicest surprise.

A large section of the population have aches and pains in their joints. That’s part of getting older. One of the most popular magic remedies that scammers pick to entice people is the spice turmeric. There are research studies saying that turmeric can help reduce inflammation and hence reduce the pain and allow more freedom of movement. But, it is limited in it’s effects and you have to take a great deal of the stuff daily to get the effect. This scammer claims you just need to take half a teaspoon and all of your joint pains will be gone by the following day. That is entirely impossible but then it’s just a scam to get people to pay for an ineffective or possibly non existent remedy. Don’t be conned by these fakers.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

October 16, 2020

Dark Overlord Member Jailed

Nathan Wyatt of Wellingborough in Northamptonshire has been jailed for five years in the USA.

He was a key member of the hacking team known as The Dark Overlord.

Their speciality was stealing confidential information such as medical records, client files and personal information then ransoming those files back to the owner.

The ransom was between $75,000 and $300,000 but the FBI do not believe any of the companies paid that ransom.

Those companies did suffer financially due to the cost of the intrusions, fixing the problems and dealing with clients.

Nathan Wyatt pleaded guilty to conspiring to commit aggravated identity theft and computer fraud and was also ordered to pay $1.5 million in restitution.

The only question left is “If none of the companies paid the ransom, how is he rich enough to pay the restitution?”

If you have any experiences with these scams do let me know, by email.

October 15, 2020

The Danger of Online Pharmacies

An increasing number of people buy their prescription medication on the Internet (with or without a prescription). Often this is because it can be cheaper but also at times because the person believes either they can get the medicine they want without a prescription or that it may be easier to convince someone online to give them what they want.

The big problem with online pharmacies is that many are unregistered and that means unregulated, so buying from them is potentially unsafe. The drugs they provide may be unsuitable for the patient or unsafe or be badly or unhygienically produced – you don’t know what you will get.

Medication should only be taken under the supervision of a healthcare professional as their guidance and knowledge of your state of health is crucial in ensuring you get the safest medications.

For prescription-only medicines, an online pharmacy must receive a legally valid prescription before dispensing the medication. This means you’ll either need a paper prescription or an electronic prescription via the Electronic Prescription Service from your GP.

Some sites do offer prescriber services, where provide a consultation with a medical practitioner who can write prescriptions.

It can be difficult to distinguish between registered online pharmacies and other commercial websites. The General Pharmaceutical Council operates an internet pharmacy logo scheme to identify legitimate online pharmacies and you should only buy from registered pharmacies. However, some illegal online pharmacies fake the logo so you have to check carefully.

Check if a website can legally sell medicines online

Search the Medicines and Healthcare products Regulatory Agency (MHRA) register to check if a website is allowed to sell medicines.

You can search the register by the business:

https://medicine-seller-register.mhra.gov.uk/search-registry

If you have any experiences with online pharmacies do me know, by email.

October 14, 2020

How Accidental Data Leaks Happen

It’s easy to assume that all data breaches are the result of criminal activity, but that’s far from true.

A study of data from 2016/17 showed that 92% of security data incidents and 84% of confirmed data breaches were due to accidents or mistakes.

Here are the most common problems leading to leaks of data:

1. Expired Security Certificates

These certificates are an essential component in protecting systems and Equifax found out the hard way in 2017 when hackers accessed huge amounts of confidential data through an expired certificate. This data included 143 million records exposed containing names, addresses, dates of birth, Social Security numbers, and driver license numbers.

The data was stolen by hackers who exposed a vulnerability in Equifax’s web servers. If the relevant security certificates had been updated as they should have been – the hackers couldn’t have used that way in.

2. Unsecured Third Party Vendors

Many websites and complex systems are a mix of the owner’s software plus a variety of third party plugins, addons and linked external services. As in any other part of life – the weakest link determines the safety level of the whole system. If the 3^rd parties aren’t adequately secured then the whole system becomes vulnerable.

3. Poor Email Security

Most hackers still gain access through phishing – that is sending out emails that attract people to respond in some way that gives the hackers the information they need to access systems. Maybe it’s through a fake quiz that requires a login and password or an offer of a gift token etc.

Or could just be that people haven’t learned the need to use passwords that are unguessable and not to write them down by their desk.

A company named Nightfall protects systems data and they have created the following article to explain in more detail how accidental data leaks can happen: https://nightfall.ai/resources/accidental-data-leaks/

If you have any experiences with these scams do let me know, by email.