Author: admin

Fake Website Gang Sentenced

Six people have been given jail sentences after defrauding the public out of more than £37m in one of the largest UK online crime cases brought to court.

The group set up and operated a number of “copycat websites”, which impersonated official government services to sell British passports, driving licences and other key documents at very high prices. The convictions and sentences followed one of the biggest investigations undertaken by the National Trading Standards eCrime Team.

Peter Hall, Claire Hall, Syed Bilal Zaidi, Collette Ferrow, Liam Hincks and Kerry Mill received sentences of varying lengths.

The criminals plan was to create copycat websites mimicking websites of government agencies that charge  for documents such as passports, car tax etc. and spend the time and money necessary to ensure their websites come top of Google searches for people looking at how to get or update their passport etc.

They used the company name Tadservices Limited between January 2011 and November 2014 and their fake websites mimicked those of 11 government agencies and departments.

Customers were conned into paying more than they needed for new or replacement passports, visas, birth and death certificates, driving licences, driving tests, car tax discs and the London congestion charge.

The criminals then expanded their operation to make copycat websites mimicking similar government websites of the American, Cambodian, Sri Lankan, Turkish and Vietnamese official visa sites where travellers could apply and pay for electronic visas.

The illegal profits funded a glamorous lifestyle for the defendants, with extravagant spending on expensive cars and luxury holidays.

“These convictions represent an important milestone in the fight against online fraud,” said Lord Harris, the chair of National Trading Standards. “This was a huge fraud and a very large number of people lost money as a result of the malicious actions of these criminals.”

Handing down sentence on Tuesday, Judge Sean Morris said: “The internet is now the most frequently used marketplace. It is full of busy people in a rush who don’t have time. There is a lot of money to be made by dishonest people out of the honest people who don’t have time to check that a site is an official government service.”

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Paypal Security Warnings

The title of the email is “Important Update: Upgrade Your Browser”

The message starts with a warning in large letters.

Action required to continue accessing PayPal.co.uk.

This could easily be a scammer’s email trying to get you to click on a link supposedly to PayPal but in fact to a scammer’s page.

However, these warnings are real. The email is from PayPal and the links are to PayPal pages.

Why the warning?

There is a standard called “The Payment Card Industry Data Security Standard (PCI DSS)” and it is an information security standard for organizations that handle credit cards from the major card schemes.

They have upped their security requirements from 30th June 2018 and payment takers including PayPal want to meet that new standard.

The message from PayPal says upgrade your browser but you have to click to get more detailed information on what needs to be changed.

PayPal want to ensure everyone using PayPal in the UK uses TLS 1.1 or better still TLS 1.2 rather than the original TLS 1.0 in their browser. TLS is about how the data is encrypted.

How to Upgrade

This is different for each browser but for Chrome means going to Settings then System then Advanced then finding TLS on the list and ensuring only TLS 1.2 is enabled and TLS 1.0 is off.

The PayPal messages contain links for detailed information on each browser.

How to Check Your PayPal Email is Genuine

Scammers will notice these emails going out from PayPal and likely try to replicate them but with links to their own fake pages.

  1. Check the email is from PayPal.co.uk and not any other domain
  2. Check the links do go to PayPal pages (hover the cursor over the link to see where it will go)
  3. You don’t need to login to anything to make the changes as it’s just the browser settings you will change.
  4. Do I have to follow PayPal’s instructions? Only if you want to keep using PayPal payments.

Stay Safe

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A 2016 survey of 428 businesses that have suffered cyber-attacks in the previous months.

You can see from the statistics above for 2016, that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

The SIM Swap Scam

If you access a website and have forgotten the password, there is usually a link labeled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email.  You click the reset request in the email message and reset your password.

Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.

This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.

The SIM Card Swap

Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.

This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.

They will then have access to your messages, contacts list etc.

Then they try to access your bank account and shopping accounts.

Prevention

To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminal’s intent on defrauding you or stealing your identity.

Text messages are very useful, but remember that they are not encrypted and can potentially be read by anyone.

You can use APPS that encrypt the data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.

If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Councillor Pothole

Councillor Roy Owen got tired of just attending council meetings and decided to tackle some of the council’s problems by hand – potholes, litter, rubbish dumping etc.

Roy lives in Caernafon and the streets have a serious pothole problem but the council is short of money and the complaints from the residents pour in.

So, Roy armed with his van, asphalt, a blow torch and some tools started filling the holes.

Now, he does this for much of the week and also helps to get rid of rubbish piling up and other jobs as the residents need. He does have to skip some council meetings – what a shame.

Roy, who is 60, has been carrying out repairs for the last two years in his Seiont ward in Caernarfon and it’s all due to the number of complaints he receives from residents about potholes and that the council cannot deal with them in a timely manner.

Roy’s only cost apart from his own time is about £26-a-week spent on asphalt, paid from his councillor’s allowance.

He is trained in road repairs but the council is not so pleased with his actions and says that the work should always be carried out by a highway authority.

“I go out and deal with the problem head on,” he has said.

Unsurprisingly, his residents love him and he wins his council ward election by a huge margin each time.

Roy is what a councilor should be – someone who gets the job done and makes a difference.

Nice one Roy. You are an honorary Ninja.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Automated Scam Calls

PPI callers and many others have been using automated systems for years that call and ask you questions then get you to press a button to be connected to an agent.

Automated systems are a lot cheaper than staff so for the criminals engaged in large scale scamming, this can be the most efficient way.

Action Fraud Technical Support Scam Calls

Action Fraud say people are receiving cold-calls from fraudsters claiming to represent Action Fraud. When the calls are answered, an automated voice asks the responder to “press 1 if you have made a report to Action Fraud.” When the responder presses 1, they are transferred to a fraudster.

Victims are informed that their computers have been hacked, which has led to their online bank account being compromised and funds being withdrawn. One particular victim was told that £40,000 had fraudulently left their account.

The scammer may ask for remote access to the victim’s computer, via a remote access tool. Once the scammer has that, they may be able to access confidential information, login and passwords, credit card details etc.

HMRC

The scam sees people called randomly with an automated message warning that they are under investigation by HMRC and need to call the number given or “face serious legal consequences.”

If you call back the crooks will likely ask for your bank details and make off with your money.

HMRC does not make threatening phone calls. HMRC will call people about outstanding tax bills, and sometimes use automated messages, however it would include your taxpayer reference number.

Talk Talk Example

“I have had an automated phone call from this number 081233472243. It was informing me that my internet connection would be cut at 1pm today, press button 1 to speak to an agent or button 2 to stay connected. I chose to hang up.

This is the first time I have had an automated call, I have had a lot of calls lately concerning my internet connection, I always hang up or sometimes they hang up when I tell them I don’t believe they’re from TalkTalk. They always ask me to turn my computer on, I always refuse.”

Good job she didn’t fall for the scam.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature