Author: comptroller

March 20, 2019

What is Spear Phishing

Phishing is where the scammer tries to obtain sensitive information such as logins, passwords and payment card details by pretending to be a trustworthy organisation e.g. your bank or local council or a major retailer.

This kind of attack is usually carried out by email or instant messaging and often directs the user to enter confidential information at a fake website, which looks identical to the expected legitimate site.

When phishing is targeted at specific individuals or companies, then it is called “Spear Phishing”.

How Spear Phishing Works

For example. An email arrives, claiming to be from a trustworthy source and the sender knows your full name, job title and department for example. The scammer has done their homework to get this information about you to give the scam a higher chance of success.

A link in the message takes you to a bogus website made to look like the expected website.

The fake website looks legitimate but only exists to take the users confidential information and pass it to the scammer.

These emails often use clever tactics to get victims’ attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Centre for Missing and Exploited Children.

Cyber criminals employ individually designed approaches and social engineering techniques to effectively personalise messages and websites. As a result, even high-ranking targets within organisations, like top executives, can find themselves opening emails they thought were safe. That slip-up enables cyber criminals to steal the data they need in order to attack their networks.

How to Protect Yourself

Attackers utilize various social engineering techniques that leverage recent events, work-related issues, and other areas of interest pertaining to the intended target. Don’t publish any private information about yourself.

Training employees to spot misspellings, odd vocabulary, and other indicators of suspicious mails may reduce the chance of people being caught out by these scam attacks.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

March 18, 2019

The Abandoned Package Scam

This is a version of the Nigerian 419 scam i.e. it promises great wealth but ends up with the victim having to pay for unexpected small costs that may add up to quite a figure until they realise it’s just a scam and stop paying.

The message arrives from someone who sounds like an important official, perhaps from a government embassy or from an airline or airport or docks manager.

One common version is from Castillo Hector, Head of Luggage storage facilities at San Antonio International Airport.

He discovered an abandoned shipment and when scanned it showed a very large sum of money in US dollars. The consignment was wrongly labelled and is now abandoned.

He is even going to pay the $3,700 non-inspection charge to have the trunk of money released and sent to you.

He just needs you contact details, full address etc. and will proceed.

You have to agree to pay him 30% of the proceeds and that’s a done deal.

Of course, there is no trunk full of money, just a standard con.

Once you send him your details, the story will change and unexpected charges will occur, But as you’re going to get a trunk full of cash, paying a little up front is no problem.

Then it happens again and again and again until you realise it’s a con and stop.

By then you may be considerably out of pocket.

These people make a lot of money from these scams as people let their greed get the better of their common sense.

Do not fall victim to scammers. Offers of free money are always fraud.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

March 17, 2019

Stupidest Scam of the Week – Fat Release

The message is titled ‘Late Night Snacks’ and the catch line is ‘Eat this and drop 7 lbs in 3 days’.

Then lots of guff about how this will lower your blood sugar and eating one portion of this magical unnamed product makes your body lose fat as if you had completed 55 minutes of intense exercise.

That’s a very precise number 55 minutes whereas, in reality, everybody is different and the rate of burning calories differs widely even with people doing exactly the same exercise.

Then as if that’s not enough to grab the attention, the message claims the product eliminates inflammation from your body and sets your visceral fat on fire.

That sounds rather dangerous as well as being impossible of course.

The email is just a pathetic scammer inventing anything that sounds catchy and putting down whatever comes into her mind.

There is no product, just a scammer after your personal details and cash.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

March 16, 2019

Time-Wasters Update

Ultimate Energy Freedom has a weird invention that saved a family during a hurricane apparently. Is it a robot dog? No. Or a mobile phone? No. Or the next door neighbour fire and rescue? No. It was kept secret by the energy fat cats but discovered by accident by a nurse and the energy cartels are so terrified of it they and the White House are trying to take down the website that shows this miracle. Some stupid people love a conspiracy so the scammers fill their messages with this type of drivel.

Angelo Demitri wants me to open the attached word file and send him a proforma invoice. Not a chance. The attached file will be laden with malware and you should never open an attached file from someone you don’t know.

“Memory Loss” say I can fight memory loss by using this one strange trick. It helps people over 65 boost their memory and gives back razor sharp thinking. I cannot think of anyone under 65 with razor sharp thinking so it’s unlikely to create a generation of pensioners with razor sharp thoughts. Just an evil scammer trying to cash in on people’s problems with aging.

“Manifestation Method” is trying to cash in on many people’s wish to be able to think or dream of what they want and have it magically appear. Obviously this is not sane behaviour but things such as ‘The Secret’ push these ideas and many have been caught up in it. This scam claims you can manifest what you want starting in just one minute. Sad and pathetic.

Super durable dog chews are a strange email subject for scammers but they try anything that is working in the market and lots of people have dogs. This email was just hoping to find active email addresses as these are more saleable than most spam email lists that are largely dead or impossible email addresses.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

March 15, 2019

Barclays Caller ID Service

Barclays has launched a new caller ID service to fight scams in mid phone call.

The new feature is on its app and website and it lets customers check whether callers claiming to be from the bank are genuine – while they are on the phone.

The caller identification service is designed to fight impersonation scams, where fraudsters pretend to be phoning from organisations such as banks to trick victims into transferring money or personal details.

Some scammers are even able to spoof numbers to make it look like they’re calling from a legitimate organisation – but this new feature will confirm whether an incoming call is from a genuine Barclays’ employee.

At the moment, the feature is only available to Barclays Premier customers – who must have £100,000 saved or invested with the bank, or pay in an annual salary of at least £75,000 – but Barclays says it will be rolled out to all customers “over the coming months”.

How Does Caller ID Work?

Eligible customers will be able to use the feature on the Barclays APP. It is also available in online banking when using a browser on your phone.

If you’re unsure if the call is from Barclays, it will check if you have the Barclays app or are registered for online banking.

If you are, Barclays will offer the verification service and send you a notification.

You then log in to either your Barclays app or online banking and open your notification. This confirms the caller’s name and asks if you’d like to continue with the call.

Barclays checks the response and you then complete the typical identification checks and the call continues as usual.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.