The Impact of Phishing Scams

Phishing scams are where the scammer sends you an email or a text or calls you, claiming to be from the government, the local council, the phone company or your Internet provider, a major retailer etc.  aiming to get your confidential information such as login and password details or credit card details etc.

These scams are extremely common with many people receiving numerous such emails or messages each day. Some organisations get hundreds of these scam messages every day and the Internet providers block billions of these messages every day.

For organisations, blocking these messages takes time and resources, but if the criminals get the data they seek, the damage can be long lasting.

A survey of large organisations suggested the cost of such activity averages around $2 million for a 10,000 person company and is attributed as follows:-

  • Business impact through loss of proprietary information (41%)
  • Loss of productivity (35%)
  • Other wider effects (16%)
  • Damage to reputation (8%)

Prevention is generally easier and cheaper than disaster recovery activities so make sure your organisation has the right systems protection in place and train staff on how to recognise phishing threats.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Covid-19 Passport Scam

This is a new Covid scam.

The email title calls the message an “Official Notification – NHS COVID-Pass – GOV.CO.UK | COVID_19 Vaccination-Passport | Your order of “UK CVD19”

It offers the recipient the opportunity to get a Covid-19 passport which really means a certificate to prove the recipient is vaccinated against Covid-19 and is currently Covid-19 negative.

The government do not send out such emails and private companies are not allowed to offer this.

Most of the message is text copied from various websites about how this is needed to open up travel again.

There is a big green ACCEPT button and a big red REJECT button.

Both of which go to the same link which is at a Japanese domain name that is nothing to do with the UK government.

Scammers often target major problems in the world and have no interest in helping anyone but themselves.

Delete any such messages.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Stupidest Spam of the Week Fat Burning Coffee

There are endless magic ingredients offered by scammers that supposedly create weight loss – normally without any effort or exercise or even restricting your diet.

Clearly these are all lies, invented by scammers to get your money and/or personal details.

This latest one has the title ‘The death of black coffee’.

It involves a ‘weird trick’ which is common for many of these scams.

It claims that one tiny tweak to your morning coffee puts your body into fat burning mode all day and it takes less than ten seconds.

There are nice photos of hot coffee drinks.

So, this trick is supposed to ‘ignite your metabolism’. No doctor or responsible person would describe a real product using that phrase. Anything that did ‘ignite your metabolism’ would be extremely dangerous as it would mean pushing your body temperature up significantly.

There is a link to click to get the ten second trick.

Never never click on such links in unsolicited emails as it encourages these criminals and you can only lose.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Microsoft Digital Crimes Unit

Microsoft’s Digital Crimes Unit (DCU) is an international team of technical, legal and business experts that has been fighting cybercrime to protect victims since 2008.

They use their expertise with online criminal networks to uncover evidence to pass onto the appropriate law enforcement agencies throughout the world. They can also disrupt the operational infrastructure used by cybercriminals, through civil legal actions and sometimes by technical means.

DCU has developed strong relationships with local and global law enforcement, security firms, researchers, NGOs and customers to drive scale and fight cybercrime. They also use the evidence they collect to help with the development of technical countermeasures to strengthen the security and safety of Microsoft’s products and services.

Areas of Focus

  1. Tech Support Fraud. These scams are very common as the criminals involved operate this scam on an industrial scale. DCU use data analytics and direct customer complaints to investigate criminal networks engaged in tech support fraud.
  2. Business Email Compromise (BEC). This is where criminals impersonate key people in an organisation e.g. the Finance Director to get an employee to transfer funds to the criminals. BEC is one of the most prolific and costly cybercrime attacks in the world today. According to a 2020 FBI report, BEC attacks were responsible for $1.8B in losses and represent more than 40% of all cybercrime losses.
  3. In 2020, the DCU secured court orders to block malicious web applications targeting business organizations, directed the removal of 744,980 phishing URLs resulting in the closure of 3,546 malicious email accounts used to collect stolen customer credentials obtained through successful phishing attacks.
  4. This is a wide area of criminal activity and DCU focus on identifying and disrupting these criminal activities.
  5. DCU focus on payment systems and disruption of the criminal infrastructure behind these attacks.
  6. Business Operations Integrity. This means supply chains and all systems infrastructure that can be attacked by criminals.

Keep up the good work DCU.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Easy To Guess Passwords

Most people have realised that they need to have passwords and pin numbers that can’t be easily guessed – don’t use your birthday or year of birth or the dog’s name or a common word etc.

But latest reports show there are still many people with passwords or pin numbers that are very easy to guess.

28% of people in a recent survey had a password that is in the top 20 most common ones and hence could be guessed very easily.

If they can be easily guessed they you could be hacked and lose money and more.

If your pin number is on the list below then change it urgently.

  • 1234
  • 1111
  • 0000
  • 1212
  • 7777
  • 1004
  • 2000
  • 4444
  • 2222
  • 6969

If you password is ”password” or “123456” or “12345678” then change it urgently.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature