Category: Fight Back

June 16, 2017

Warrington Gears Up Against Scammers

Friends Against Scams run awareness sessions around the country to educate people on how to avoid scammers and what they should do if they or someone they know is caught up in a scam.

There was such a session in Warrington recently and it seems to have had a big effect.

All those attended signed-up to be a “Friend Against Scams” or a “Scam Champion” and have pledged to raise awareness and spread the word across communities about the dangers of scams, particularly to Warrington’s most vulnerable residents.

As part of the event, they showed how criminals attempt to trick people with official looking documents or websites, or convincing telephone sales patter, with the aim of persuading them to send a “processing” or “administration” fee, pay postal or insurance costs or make a premium rate phone call.

A relative of a 78-year-old man from Cinnamon Brow who was a recent Warrington mail scam victim said: “I tried intercepting as many letters as I could find in his house and return them with ‘gone away’ but that had no effect on the volume of mail sent. He was still receiving at least one hundred scam mailings a week. “I estimate he has spent at least £30,000 in four years on scam mail products and scam lotteries.

Dr Muna Abdel Aziz, director of public health for Warrington, said: “Scams come in many forms, and scammers will target people of all ages, backgrounds and income levels. We receive complaints from residents who have lost thousands, and in some cases, tens of thousands of pounds

“These sessions aimed to empower residents to recognise and avoid scams and to help friends, family and neighbours do the same. Financial loss is not the only cost to victims, as feelings of vulnerability can also have a devastating impact.”

For more information about the campaign and how to get involved visit, go to http://www.friendsagainstscams.org.uk

Friends Against Scams is a National Trading Standards Scams Team initiative which aims to protect and prevent people from becoming victims of scams by empowering communities to take a Stand Against Scams.’

Do you have an opinion on this matter? Please comment in the box below.

June 2, 2017

The Hero Who Stopped NHS Ransomware Attack

The WannaCry ransomware attack of May 2017 wasn’t aimed at the NHS, it was spread across Europe and Asia and happened to hit the NHS very hard for a series of reasons including that they had old Windows 95 machines on their network and because their network has a huge number of computers attached to it. The ransomware demands users pay $300 worth of online currency Bitcoins to retrieve their files, but the price goes up if they don’t pay quickly and of course there is no guarantee that payment allows file retrieval.

An anonymous UK cybersecurity researcher (known by the Twitter handle @malwaretechblog) with the help of Darien Huss from security firm Proofpoint looked at the ransomware and discovered the name of a website which was being accessed by the ransomware. But the website address hadn’t been registered by anyone. He bought the domain name in order to track the activities of the ransomware but in fact it was a “kill switch” that stopped the ransomware from spreading any further. Well done, if unintentionally.

That didn’t help the people whose computers had already been infected but it stop the outbreak from continuing.

Unfortunately once the scammers realised how the malware had been stopped, they created and released a version that ignored the kill switch. But at least people had time to build defences against another attack.

The researcher, who identified himself only as MalwareTech, is a 22-year-old from south-west England who works for Kryptos logic.

MalwareTech explained that he bought the domain because his company tracks botnets (automated networks of controlled computers), and by registering these domains they can get an insight into how the botnet is spreading. “The intent was to just monitor the spread and see if we could do anything about it later on. But we actually stopped the spread just by registering the domain,” he said. But the following hours were an “emotional rollercoaster”.

He also said he planned to hold onto the URL, and he and colleagues were collecting the IPs and sending them off to law enforcement agencies so they can notify the infected victims, not all of whom are aware that they have been affected.

He said he got his first job out of school without any real qualifications, having skipped university to start up a tech blog and write software.

“It’s always been a hobby to me, I’m self-taught. I ended up getting a job out of my first botnet tracker, which the company I now work for saw and contacted me about, asking if I wanted a job. I’ve been working there a year and two months now.”

Well done hero – he’s now an honorary Ninja.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

May 26, 2017

Scamming the Scammer : Joseph Moekenna

This is funny story of how a very stupid scammer using the name Joseph Mokoena (JM) tried to scam HRH Princess Margaret and failed. It is a set-up as Joseph Mokoena was led to contact Princess Margaret and there is a team of anti-scammers sending the replies to JM.

Email from JM: Subject: PLEASE I NEED YOUR HELP.

This is a long email whereby JM claims to be a government under-secretary in Addis Ababa with $235 million that he needs to ship out of the country and it is currently hidden in four metal trunk boxes at a security company. He offers 40% of the value on return for shipping the items.

Reply from Princess Margaret: My Dear Mokeona

The reply goes on about how much the money will be useful at the Palace in rebuilding Tode Hall and that she will involve her equerry, Sir Marmite Luny-Binns from now on.

JM: After a series of emails, he tells her that she will need a Certificate of Deposit and he can acquire that for her at a nominal fee. He then tells her that all contacts should be with a Mohammed Musa who is in charge of the security company.

The anti-scammers now introduce another character: Home Secretary Graham Norton into the emails and that Princess Margaret will be travelling to Africa under the pseudonym Edna Everidge.

Lots of backward and forward emails about trivial points and names.

JM starts to get frustrated that the process is taking so long with interminable emails from assorted people to deal with and endless questions.

The anti-scammers demand that Chancey Davies (another character introduced by JM as working at the security company) make a pledge of allegiance to princess Margaret before they can do business together.

“I Chancey Davies, being of sound mind and body, do swear humble merkin and fey feasiance to the service of Her Gracious Majesty Princess Margaret, to the test in all Her issue and dominion, pursuaint in this moment of our business.” This to be recorded and witnessed.

It all gets very silly. Lots of mistakes in the travel arrangement to Africa, secrecy requirements and more characters appearing over the weeks of the emails. JM is increasingly angry at the lack of progress.

The anti-scammers then claim that one of their characters has died and they are arranging the funeral service at Westminster Abbey and invite JM to attend as a privileged guest.

At this point the scammer JM finally realises he’s been had and sends an angry email.

But the anti-scammers have a copy of his passport and that goes to the Police.

Let’s hope they got him.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

March 3, 2017

UK Biggest Cyber Criminals Caught

The UK’s biggest ever cyber scammers stole £113m by calling victims pretending to be from their bank. Fraudsters used bin bags full of cash for shopping sprees, bought supercars and a Lahore mansion. The Glasgow-based gang targeted small businesses in telephone fraud scam and they cleared out millions of pounds from their victims’ bank accounts

The ring leader Choudhary has been jailed for 11 years and 14 others also face prison terms.

The Burnley-born fraudster had fleeced over 750 British firms to fund his millionaire playboy lifestyle. Raking in £3million a month by cold-calling bank customers, he ruined hundreds of lives and put small businesses on the brink of bankruptcy – leaving one victim so distraught that she committed suicide.

The Method

Choudhary phoned businesses claiming to be from their bank, saying security on the accounts had been compromised. He got internet bank security details and passwords from employees and emptied their accounts in minutes, blocking phone lines with software to stop contact with the real bank

Unwitting customers were told their accounts had been hacked and were duped into giving their internet banking passwords over the phone.

The cash was withdrawn by ‘money mules’ and moved through transfer exchanges from London to Pakistan and elsewhere. The biggest raid saw £2.2million taken from a solicitor’s firm in minutes

Choudhary used the details to convince businesses he was a genuine bank employee, telling them they had been hacked by ‘someone in Aberdeen’ called ‘King’

Scotland Yard believes at least 750 businesses were affected between January 2013 and October 2015, but there could be countless others. Choudhary targeted customers from Lloyds, Santander, Barclays and Royal Bank of Scotland.

Choudhary grew so rich that he flew his personal valets 8,000 miles across the world to polish his Porsches.

He posed as a music producer and property developer and owned a fleet of expensive cars including a Bentley, Rolls-Royce, Lamborghini and two Porsches.

Choudhary spent millions on a property portfolio in Pakistan, Dubai and Scotland, treated himself to £100,000 shopping trips at Harrods, bought £45,000 Rolex watches and enjoyed luxury holidays in the Middle East.

Conviction

Choudhary was jailed for 11 years. Corrupt Lloyds business adviser, Jones Opare-Addo, was jailed for five years for leaking account details to the gang and setting up accounts to launder cash.

Emma Daramola, 23, was given a two-year suspended sentence for conspiracy to commit fraud by abuse of position for her role as an insider at Lloyds

A long list of accomplices were also jailed.

Do you have an opinion on this matter? Please comment in the box below.

February 24, 2017

Louise and the Microsoft Support Scammer

Louise started up Internet Explorer browser on her PC and a screen popped up with a warning

WARNING – YOUR COMPUTER IS INFECTED

CALL Microsoft SUPPORT on 0208 3808 8964 IMMEDIATELY.

DO NOT TURN YOUR COMPUTER OFF OR ATTEMPT TO DO ANYTHING ELSE

Louise called the number immediately.

A very pleasant Indian man answered and he seemed very knowledgeable and assured her he would resolve the problem.

He asked her to install a piece of Citrix software which she did so he could take control of her PC and establish the nature of the problem.

He emphasised that the PC was badly infected and how important it was to remove the threat.

He warned her to turn off any other computers or mobile phones in the house as they could also become infected.

At this point, his patter turned into more of a sales pitch for a package that would solve her problem and this made Louise suspicious.

Now Louise’s husband Charles was surprised at the request to turn off other computers and that made him suspicious so he turned the iPAD back on and searched for scams.

He found it – the “Microsoft Support scam”.

Charles then pulled the power cord from the PC to end any incursion by the support scammer.

What happened next?

The scammers called back three times and were ignored until they stopped calling.

Charles ran Kaspersky anti-virus to scan the PC for problems and installed Malwarebytes to also scan for any other malware. He also deleted the Citrix installation.

The PC was safe and they hadn’t been scammed but Charles and Louise had a narrow escape.

If continued, the scammers may have garnered credit card details, bank details, logins and passwords. etc. as well as being paid for removing a non-existent computer virus.

If you see a warning screen like the one above – turn off the computer and contact a professional. Do not call the number on screen as they are scammers.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

February 10, 2017

Caller Protection Company Fined For Cold Calling

A West Sussex company has been fined £40,000 for making nuisance calls to the elderly.

The Information Commissioner’s Office (ICO) ruled that IT Protect Ltd, in Bognor Regis, broke the law because it called people registered with the Telephone Preference Service (TPS), which is a service home users can sign up to for preventing unsolicited calls.

Ironically, this firm was making nuisance calls to people to sell them a call blocking device. But by phoning people registered with the TPS it broke the law. The ICO investigation was aided by members of the public reporting the nuisance calls they’d received from IT Protect.. They told ICO that the firm had preyed on the elderly and misled people by giving the impression they were working with BT.” STEVE ECKERSLEY, HEAD OF ENFORCEMENT, ICO

IT Protect told the ICO it had bought a list of people and phone numbers from another firm, but it had not verified that the numbers were not on the TPS list and hence could not legally be cold called.

Reliance on another firm does not preclude the company from law breaking.

The law says that calls should not be made to anyone who has registered with the TPS unless they have told the caller that they wish to receive such calls from them. Companies failing to screen against the TPS, who then call people without consent, can expect enforcement action by the ICO.

IT Protect is the first company to be slapped with a bill by the ICO since it took over management of the Telephone Preference System in December

TPS is a free service designed to protect people from unsolicited sales or marketing calls

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.