Author: admin

Fake Offer of Website Articles

If you own a website, you may get people contacting you offering to write articles for your site.

This is often people looking to be paid for the articles and that is OK.

Sometimes it is people wanting to write articles without pay – they want exposure for their work or just to have their name and writing on a known website.

But there are also scammers who offer this service and they want to steal from you.

A recent email starts with “I am David & I am currently working on an online campaign with a client who would be interested to post an article on your website. The article would discuss topics relevant to your readership and include a natural link to my clients website.”

The senders email address is david.outreach0 which is obviously a personal email address rathe than a business email address so that tells you the message is a scam.

Plus, “…topics relevant to your readership” means the sender has no idea who this email is going out to so is very likely to be part of a mass scam mailout to random email addresses bought on a spam email list.

If the message was genuine, then it would be tailored to the receiving company not for random email addresses and the author would anticipate a reply by email.

However, the email contains a link which is a goobledegook one and tells me to put in my details at that address.

No thanks – keep your scam.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Legal Path to Recover Stolen Money

This is a series of steps for attempting to recover money stolen by fraudsters.


It has been created by Barrister  Gideon Roseman following his skirmish with fraudsters. You can read about that at

  1. Immediately phone your bank and ask to speak with the fraud team

Explain what has happened and demand they immediately contact the fraudster’s bank, i.e.  the bank you transferred your money to.

  1. Immediately contact a solicitor or barrister who can accept instructions directly from members of the public (or alternatively you can attempt to do this yourself). Ask them to immediately make an application to freeze the fraudster’s bank account and any other bank account that the fraudster has with their bank. The application should include a request for an order that the fraudster’s bank provides the following information:
  • all contact details (mobile phone, home phone, email address, residential address etc.) for all signatories to the fraudster’s bank account and any other bank account held in the fraudster’s name or any other signatory to this bank account that is held at the bank
  • all bank statements for the fraudster’s bank account and any other bank account to which the fraudster or any other signatory has with the bank in question for a period of 6 months; and
  • the current balance of all bank accounts with the bank that is in the fraudster’s or any other signatory’s name.
  1. Once you get hold of the court order, this will need to be immediately emailed to the fraudster’s banks’ ‘court orders’ team who can process it. You can ask your bank for this email address.
  2. As soon as you receive the information from the fraudster’s bank, consider the following points:

(i) has your money been transferred or paid to any recognisable company you can contact, such as a known retailer

(ii) if you can identify a company that has received your money, you can then contact this company, explain what has happened and request they either cancel the transaction made by the fraudster or request them to hold onto the money they have received and

(iii) has the money been transferred to other bank accounts.

  1. If your money has been transferred out of the fraudster’s bank account and into another bank account, you have the option of returning to court and making an application for the information set out above and repeating the process set out above.
  2. When you have received the fraudster’s bank account statements, try to work out the dates and times of the transfers out of their accounts. Your bank will be under a duty to contact the fraudster’s bankers, who will then freeze the fraudster’s account.

If your bank has failed to act within a reasonable period of time after you have notified them of the fraud, which has enabled the fraudster to transfer your money without a trace, it is likely that your bank will have breached their duty and will have to compensate you.

Good luck.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

Email Auto Forward

The FBI has warned businesses of the threat posed by cybercriminals who create auto-forwarding rules on their victims’ web-based email services, in an attempt to make them more susceptible to Business Email Compromise.

Business Email Compromise is an American name for fraud where hackers send an email message that appears to come from a known source making a legitimate request but ends up with the recipient being defrauded.

e.g. the hackers manage to get the email address and details for a solicitor conducting a house sale and email their customers asking for payment to be made to a new bank account (controlled by the criminals).

Or a hacker spoofs the email address of the company CEO to instruct a ledger clerk to transfer some company money to a new bank account.

Email Auto Forward Rules

With many email systems you can create rules that automatically move emails to folders or mark emails or delete messages from specified senders or auto forward emails containing specified keywords then delete them, for example.

The criminals use a variety of methods to get access to email systems, the most common being the sending of phishing messages to get the victims to enter their email credentials into a fake website page believing it is something to their benefit e.g. a free prize draw.

With access to the email, they setup rules that, for example, will auto forward any incoming message with the keywords ‘bank’, account’, ‘payment’ or ‘money’ then delete the messages.

The hackers hope this will give them emails containing enough information to be able to create matching fake emails and send those to the relevant companies asking for money to be transferred or to change the bank details for a payment due etc.

The hackers continue this until someone realises their payments are going astray.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Man United Ransomware Attack

Manchester United football club experienced a ransomware attack in late 2020. They were held to ransom for millions of pounds by cyberhackers who targeted the club’s computer systems and demanded payment to stop them from releasing sensitive data.

It is a difficult decision for any business – pay up or risk seeing highly sensitive information being wiped out or leaked into the public domain.

The club were clear from the start that the attack was very serious but it did not impact on their schedule of matches.

United brought in a team of technical experts to contain the attack and they informed the Police and the National Cyber Security Centre (NCSC).

The NCSC revealed that in 2019 an English Football league club was hit with a £5m ransomware demand. They were unable to access their CCTV or use entry turnstiles, but its’s not believed that they paid anything.

It took weeks of effort to get things back to normal following the attack and United could face fines of up to £18 million or two per cent of their total annual worldwide turnover from the Information Commissioner’s Office if the attack is found to have breached their fans’ data protection.

The NCSC has previously warned that there is a growing threat to sports clubs.

It took roughly 2 weeks for United IT staff and outside experts to regain control of the situation. It is believed they did not pay the attackers.

The episode was embarrassing for United and they are still under investigation by the Information Commissioner’s Office.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature