Category: Fight Back

Stop Badware

There used to be a useful website at https://www.stopbadware.org/  but it disappeared in 2021.

It was a resource to educate people and companies about “badware” and worked with various organizations that try to protect against various forms of badware.

The post below tells you about what the organization stood for.

Badware.org claimed that “Our work protects people and organizations from becoming victims of viruses, spyware, scareware, and other badware”. That sounds useful.

The StopBadware project started at Harvard University and was turned into an independent nonprofit organization in 2010.

What is Badware?

Badware is software that overrides a user’s choice about how his or her computer or network connection will be used.

Some badware is specifically designed for criminal, political, and/or mischievous purposes.

These purposes might include:

  • stealing bank account numbers, passwords, company secrets, or other confidential information
  • tricking the user into buying something that they don’t need
  • sending junk email (spam)
  • sending premium text messages from a mobile device
  • attacking other computers to prevent them functioning properly
  • distributing badware to other computers

Badware is sometimes referred to as malware. It includes viruses, Trojans, rootkits, botnets, spyware, scareware, and more.

The StopBadware programme:

 

  • provides Internet users with important and timely information about badware
  • helps website owners, particularly individuals and small businesses, protect their sites from badware; offers resources and community support to owners of compromised sites
  • engages web hosts and other key service providers to help them effectively and transparently address badware websites within their zones of control
  • encourages companies to proactively share data and knowledge with one another; leads collaborative information-sharing efforts that create greater security for all stakeholders
  • conducts high-impact research on malicious websites, cybersecurity econometrics, and critical infrastructure, to name just a few

Some badware may not have malicious intentions, but still takes away the user’s control.

For example, a browser toolbar that helps you shop online more effectively but does not mention that it will send a list of everything you buy online to the company that provides the toolbar. In this case, you are unable to make an informed decision about whether to install or use this software.

Another example is when you install a piece of software, and that software installs additional software that you weren’t expecting. This can be especially troubling if the additional software does something you dislike or doesn’t uninstall when you remove the original software.

STOP BADWARE!

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Three Tools That Block Online Tracking

A lot of our activities online are tracked by a variety of organisations. The various tools described below operate in different ways and none can guarantee to eliminate 100% of trackers so it’s trying them to see if they suit what you want.

Sometimes this is just so they can display relevant adverts or to offer location specific answers (e.g. local restaurants), sometimes to learn about their customers and sometimes for less acceptable reasons. However, if should be our choice how much is tracked – not the software makers and users.

Ghostery https://www.ghostery.com/products/

This has a large database of tracking entities i.e. software that will track you. You install the browser add-on then it can detect these entities and block them as you browse.

On each website, Ghostery displays a list of trackers from that site in the upper right corner of the screen.. You can then go to the settings page and block individual trackers or block all trackers.

The browser add-on is available for the most browsers.

Disconnect https://disconnect.me/

The browser add-on blocks trackers as it finds them, but allows requests that it considers to be necessary for loading content.

Disconnect detects trackers based on the number of requests they’ve made for your information, and displays them in one of four categories: advertising, analytics, social and content. You can choose to block or allow each tracker.

Privacy Badger https://www.eff.org/privacybadger

This tool is belongs to the Electronic Frontier Foundation and uses an algorithm to “learn” which social or ad networks are tracking you over time.

It initially allows third-party trackers until it detects patterns in third-party requests. Then it will start automatically blocking what it considers “non-consensual invasions of people’s privacy”. This approach may mean the tool identifies new trackers more quickly than its competition but it takes longer to be effective.

Privacy Badger is available for Google Chrome and Firefox.

You can see these tools operate in a different manner, all attempting to block online tracing without stopping anything you find useful.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Safer Internet Centre

https://www.saferinternet.org.uk

The safer Internet Centre is a partnership of three leading organisations: Childnet International, Internet Watch Foundation and SWGfL, with one mission – to promote the safe and responsible use of technology for young people.

South West Grid for Learning (SWGfL) Trust is a not-for-profit charitable trust providing schools and other establishments with safe, secure, managed and supported connectivity and associated services, learning technologies to improve outcomes, and the toolkit for being safer online.

The partnership was appointed by the European Commission as the Safer Internet Centre for the UK in January 2011 and is one of the 31 Safer Internet Centres of the Insafe network. The centre has three main functions:

  1. Awareness Centre: to provide advice and support to children and young people, parents and carers, schools and the children’s workforce and to coordinate Safer Internet Day across UK
  2. Helpline: to provide support to professionals working with children and young people with online safety issues
  3. Hotline: an anonymous and safe place to report and remove child sexual abuse imagery and videos, wherever they are found in the world

The UK Safer Internet Centre is funded under the Connecting Europe Facility (CEF) programme of the European Commission. As such we contribute to the Better Internet for Kids (BIK) core service platform to share resources, services and practices between the European Safer Internet Centres and advice and information about a better internet to the general public.

The website pages are – About,  Safer Internet Day, Blog, Training & Events, Research, Get Involved, Translate

Advice Centre, Hotline, Helpline, Pupil powered e-safety

It contains a lot of advice and information, largely to do with young people, parents and carers but much applicable to anyone so it is a useful resource.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Phone-Paid Services Authority

https://psauthority.org.uk/

The Phone-Paid Services Authority is the UK regulator for content, goods and services charged to a phone bill.

Phone-paid services are the goods and services that you can buy by charging the cost to your phone bill or pre-pay account. They include directory enquiries, voting on TV talent shows, donating to charity by text, joke lines, chat lines, games or downloading apps on your mobile phone. They are referred to as premium rate services in law.

UK regulation is open, fair and robust, underpinned by a Code of Practice approved by OFCOM.

Ofcom. As the telecoms, internet and payments sectors continue to grow globally at an unprecedented rate, the Phone-paid Services Authority takes action to safeguard consumers and help cutting-edge providers of digital content and services to thrive.

Their vision is a healthy and innovative market in which consumers can charge content, goods and services to their phone bill with confidence.

The Mission of the Phone Pre-Paid Services Authority

To protect consumers from harm in the market, including where necessary through robust enforcement of our Code of Practice and to further their interests through encouraging competition, innovation and growth in the market.

They seek to do this through:

  • Providing clarity about the market for content, goods and services charged to a phone bill
  • Applying an outcomes-based Code of Practice
  • Delivering a balanced approach to regulation
  • Working in partnership with Government and other regulators
  • Delivering high standards of organisational support.

What are Phone-Paid Services and How Do They Charge You?

Phone-paid services is a generic name for goods and services that you purchase and are charged to your telephone bill or pay-as-you-go credit. Here are some examples of phone-paid services:-

  • Quizzes and competitions
  • Voting (e.g. X-Factor, Britain’s Got Talent, Strictly Come Dancing)
  • Charity donations (one-off donations or subscriptions)
  • Digital content (e.g. apps, in-app purchases, digital media,
  • one-off purchases or subscriptions)
  • Directory enquiries (e.g. 118 numbers)
  • Adult services (e.g. chat, dating)
  • Gambling

The job of the Phone Pre-Paid Services Authority is to look after the industry and ensure people are not cheated. But it’s everyone’s responsibility to behave sensibly and that includes not downloading unsafe APPS, checking all payments and not handing over confidential information to unknown people or APPS.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Jim Browning is a Scambaiter

Scambaiting is the practice of conning scammers – when they phone or email or text, the scam baiter plays along and if possible, gets the scammer’s bank details etc. to pass along to the relevant bank and the Police.

Jim Browning is the alias of a Northern Irish YouTuber with nearly 3.5 million subscribers who has been posting scambaiting videos for the past years.

Browning regularly gets access to scammers’ computers and has even managed to hack into the CCTV footage of call centres in order to identify individuals. He then passes this information to the relevant authorities including the police plus banks and other organisations where relevant.

Jim says “I wouldn’t call myself a vigilante, but I do enough to figure out who is running the scam,’ and I pass it on to the right authorities.”

He adds that there have only been two instances where he’s seen a scammer get arrested. Once where he worked with BBC’s Panorama to investigate an Indian call centre – as a result, the centre was raided by local police and the owner was taken into custody.

Browning says becoming a YouTuber was “accidental”. He originally started uploading his footage so he could send links to the authorities as evidence, but then viewers came flooding in. “Unfortunately, YouTube tends to attract a younger audience and the people I’d really love to see looking at videos would be older folks,” he says.

In his most popular upload, with 40m views, he calmly calls scammers by their real names. “You’ve gone very quiet for some strange reason,” Browning says in the middle of a call, “Are you going to report this to Archit?” The spooked scammer hangs up. One comment on the video – with more than 1,800 likes – describes getting “literal chills”.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Okumura is a Scambaiter

Three to four days a week, for one or two hours at a time, Rosie Okumura, 35, telephones thieves and messes with their minds. For the past two years, the LA-based voice actor has run a sort of reverse call centre, deliberately ringing the people most of us hang up on – scammers who pose as tax agencies or tech-support companies or inform you that you’ve recently been in a car accident you somehow don’t recall. When Okumura gets a scammer on the line, she will pretend to be an old lady, or a six-year-old girl, or do an uncanny impression of Apple’s virtual assistant Siri. Once, she successfully fooled a fake customer service representative into believing that she was Britney Spears. “I waste their time,” she explains, “and now they’re not stealing from someone’s grandma.”

Okumura is a “scambaiter” – a type of vigilante who disrupts, exposes or even scams the world’s scammers. While scambaiting has a troubled 20-year online history, with early forum users employing extreme, often racist, humiliation tactics, a new breed of scambaiters are taking over TikTok and YouTube. Okumura has more than 1.5 million followers across both video platforms, where she likes to keep things “funny and light”.

I waste their time and now they’re not stealing from someone’s grandma

Rosie Okumura

In April, the then junior health minister Lord Bethell tweeted about a “massive sudden increase” in spam calls, while a month earlier the consumer group Which? found that phone and text fraud was up 83% during the pandemic. In May, Ofcom warned that scammers are increasingly able to “spoof” legitimate telephone numbers, meaning they can make it look as though they really are calling from your bank. In this environment, scambaiters seem like superheroes – but is the story that simple? What motivates people like Okumura? How helpful is their vigilantism? And has a scambaiter ever made a scammer have a change of heart?

Okumura became a scambaiter after her mum was scammed out of $500. In her 60s and living alone, her mother saw a strange pop-up on her computer one day in 2019. It was emblazoned with the Windows logo and said she had a virus; there was also a number to call to get the virus removed. “And so she called and they told her, ‘You’ve got this virus, why don’t we connect to your computer and have a look.” Okumura’s mother granted the scammer remote access to her computer, meaning they could see all of her files. She paid them $500 to “remove the virus” and they also stole personal details, including her social security number.

Thankfully, the bank was able to stop the money leaving her mother’s account, but Okumura wanted more than just a refund. She asked her mum to give her the number she’d called and called it herself, spending an hour and 45 minutes wasting the scammer’s time. “My computer’s giving me the worst vibes,” she began in Kim Kardashian’s voice. “Are you in front of your computer right now?” asked the scammer. “Yeah, well it’s in front of me, is that… that’s like the same thing?” Okumura put the video on YouTube and since then has made over 200 more videos, through which she earns regular advertising revenue (she also takes sponsorships directly from companies).

“A lot of it is entertainment – it’s funny, it’s fun to do, it makes people happy,” she says when asked why she scambaits. “But I also get a few emails a day saying, ‘Oh, thank you so much, if it weren’t for that video, I would’ve lost $1,500.’” Okumura isn’t naive – she knows she can’t stop people scamming, but she hopes to stop people falling for scams. “I think just educating people and preventing it from happening in the first place is easier than trying to get all the scammers put in jail.”

She has a point – in October 2020, the UK’s national fraud hotline, run by City of London Police-affiliated Action Fraud, was labelled “not fit for purpose” after a report by Birmingham City University. An earlier undercover investigation by the Times found that as few as one in 50 fraud reports leads to a suspect being caught, with Action Fraud frequently abandoning cases. Throughout the pandemic, there has been a proliferation of text-based scams asking people to pay delivery fees for nonexistent parcels – one victim lost £80,000 after filling in their details to pay for the “delivery”. (To report a spam text, forward it to 7726.)

For Okumura, education and prevention remain key, but she’s also had a hand in helping a scammer change heart. “I’ve become friends with a student in school. He stopped scamming and explained why he got into it. The country he lives in doesn’t have a lot of jobs, that’s the norm out there.” The scammer told Okumura he was under the impression that, “Americans are all rich and stupid and selfish,” and that stealing from them ultimately didn’t impact their lives. (Browning is more sceptical – while remotely accessing scammers’ computers, he’s seen many of them browsing for the latest iPhone online.)

“At the end of the day, some people are just desperate,” Okumura says. “Some of them really are jerks and don’t care… and that’s why I keep things funny and light. The worst thing I’ve done is waste their time.”

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature