Category: information

Google Safe Browsing Report

Safe Browsing is a service that Google’s security team built to identify unsafe websites across the web and notify users and website owners of potential harm.

Google’s Safe Browsing technology examines billions of URLs per day looking for unsafe websites.

Google say that approximately two billion devices benefit from Google Safe Browsing technology. When Google  has identified a site as potentially harmful, Safe Browsing triggers a warning to users.

Warnings displayed per week

 

 

 

 

 

 

 

 

 

 

 

 

 

 

When a user of a Safe Browsing–enabled browser or APP attempts to access unsafe content on the web, they’ll see a warning page explaining that the content that they’re trying to access may be harmful.

If a site identified as harmful appears in Google Search results, there is a warning next to that site in the results.

How Google Notify Website Owners

If your website is identified as being harmful, then Google will notify you through the search console.

That details the steps to recover from an infection and gives examples of the specific code that has been injected into their site.

Further information available at https://transparencyreport.google.com/safe-browsing/search

If you have an opinion on safe browsing, do let me know, by email.

Fightback Ninja Signature

Social Engineering in Scams

In this context, social engineering means to manipulate someone into doing what you want e.g. to type in login and password on a fake website so the scammer gets that information.

So, ‘social engineering’ is the methods used to trick people into doing what the scammers want.

It could be a phishing email asking you to urgently login in to your internet banking account or to call a support number as your computer has been infected with malware or a request from a company executive to urgently transfer money.

Generally, we prefer to trust people so if someone calls saying they are from your bank and they know your name and account – it’s easy to believe rather than to question everything. Maybe you answer their security questions and that gives them the details they need to access your account. It can be as simple and quick as that.

It may feel discourteous not to trust someone who’s called you, but scammers relay on this to get any with their crimes. If you are unsure then question and if appropriate end the call.

An Example Credit Card Payment Scam

A company selling telecom services receives an email from a possible new customer:

Hello,

This is Bill, I have just moved into the area and I need a new phone line.

Do you accept payment by credit card?

What information do you need in order to quote for the work?

Thanks

Bill

After a reply from the Telecoms Company confirming they do accept credit cards, , Bill’s next email sets up the conditions of the scam.

He claims he’s in hospital waiting on an operation.  Lots of description to make it clear he cannot take phone calls or speak to anyone and very much needs help. He describes what he wants fitted in each room and then describes the removal company that is helping him to move while he’s in hospital and they can let the telecoms company in to do a survey if needed.

The purpose of this is to set-up the Telecoms company to accept an over payment by credit card from Bill then pay the removals company, as they cannot accept credit card payment and Bill can’t pay them any other way while in hospital.

This story is complicated and relies on the kindness of the Telecoms company to take the money and pass it on but also on their desire for business.

The telecoms company agrees, takes the credit card payment and then pays the removals company as per the instructions.  For example taking £1,000 for their work up front and £2,000 to pay to the removals company.

It all sounds quite safe, but then comes the sting.

The card was stolen but not cancelled straightaway and when the credit card company do cancel it then will claim the £3,000 back from the Telecoms Company who will end up out of pocket for the work they’ve done but also for the £2,000 paid to the removals company which was also fake.

There are countless similar stories designed to get the punter to accept an over payment or to do something for the scammer.

The stories are sometimes rough and have spelling and grammatical mistakes – to elicit sympathy for the scammer and at other times the stories have been polished by repeated use.

NEVER accept an over payment.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

Easy To Guess Passwords

Most people have realised that they need to have passwords and pin numbers that can’t be easily guessed – don’t use your birthday or year of birth or the dog’s name or a common word etc.

But latest reports show there are still many people with passwords or pin numbers that are very easy to guess.

28% of people in a recent survey had a password that is in the top 20 most common ones and hence could be guessed very easily.

If they can be easily guessed they you could be hacked and lose money and more.

If your pin number is on the list below then change it urgently.

  • 1234
  • 1111
  • 0000
  • 1212
  • 7777
  • 1004
  • 2000
  • 4444
  • 2222
  • 6969

If you password is ”password” or “123456” or “12345678” then change it urgently.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Use of Online Directories

In the early days of the World Wide Web, a lot of people were setting up websites, but for people trying to use the web – the problem was how to find what they were looking for.  The idea of online directories made sense as online versions of paper directories, which had been useful for a long time.

Online directories appeared by the hundred and served their purpose until the search engines became effective enough to replace them as the best way to find websites, topics, phrases, names etc. on the Internet.

Online directories can still serve a purpose as part of an online marketing strategy. For example, they are handy for businesses that do not have a website. This at least gives the business name, address and contact details findable on the Internet.

Best of the Web (https://bestoftheweb.com/) is probably the biggest of the directories still surviving. It claims to have 16 million businesses registered and is based in the U.S. but has local state versions e.g. https://botw.org/local/new-york/  and a UK version at https://botw.org.uk

Niche Directories

Having an entry in a niche directory can be useful and can get traffic to your website.  These directories target a  specific to an industry or an interest etc.  If your website falls into such a specific  niche, then consider an entry.

This can have a positive effect on your website ranking if the directory is well respected.  Trade Association directories are the main niche directories.

Free or Paid Listings?

Most directories offer free listings with the option to pay to get a better listing such as with more photos, more prominence in searches etc.

But, it is difficult to justify spending a lot of money on an enhanced listing when the money could be spent on direct online advertising instead with Google, Bing, Facebook and others.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

How People Respond to Scammers

Almost everyone is used to getting scam calls, scam texts, scam emails and so on.

Most people know they need to be careful – don’t click links in unsolicited emails, don’t trust someone on the phone just because they say they work for your bank or your Internet provider or the government etc.

And generally, people recognise and delete scam messages, emails etc. without wasting time on them.

However, for some people, getting scam calls is a real problem as they don’t want to be rude to the nice person on the phone telling them they have a problem with their computer and offering to help, for example.

When it’s someone on your doorstep telling you there is a roof tile is missing and needs to be fixed, it can be even more difficult to tell them to go away.

You have to recognise that these people will say anything and do anything to steal your money and they don’t care what hardship they may cause you.

They don’t scam people because they cannot afford food – it’s because they want to cheat you or are just unwilling to work for a living.

Trying to reason with these people is generally a complete waste of time – they have decided to spend their time lying, cheating and stealing from people and don’t care about the consequences to their victims. So anything you say will be meaningless to them.

Your basic approaches are:

A. Just delete the messages or put down the phone

B. On a phone call tell the caller you know it’s a scam and end the conversation. With emails and text messages just delete them as responding to these just means you get registered on scam sucker lists and will get even more messages

or

C. Play along and waste the scammer’s time. It won’t stop them permanently but does stop them temporarily as they cannot scam someone else while on the line to you.

Playing along can just mean continuing to listen to the caller and perhaps asking questions, but not doing anything they say and not giving them any information about yourself.

But you can go a stage further and waste their time using any approach you choose, for example some people have used these ideas:

  1. Act really interested. Jill says “I just tell them to just wait for a minute while you answer the door, put your phone down and just forget about it”
  2. Try to sell them something imaginary – B.B. says “I pick whatever is to hand – once it was old clothes so I tried to sell her on heritage pre-worn clothing and another time I had just made some cakes, so I tried to sell the scammer boxes of those. Not for real of course – just to waste their time”
  3. Pretty much keep saying “can you hold on a second?” And then put them on hold for five minutes. Get back on, say a few words, let them start talking, then say “oh dear, can you hang on again? Be right back” (ignore them saying “no, you can’t”, just pretend you didn’t hear them).
  4. William says that he tries to convert the caller to the Church of the Astounding Philistinism and goes into long meaningless sermons
  5. Francine says she starts telling the caller a sob story – usually one from some weepy movie she’s recently watched.

Have fun and waste their time.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

 

Suckers List

A sucker list is a list of contact details for people suspected to be vulnerable to various types of scam and these lists are sold by scammers and hackers to other scammers.

The lists are usually made up of people who have replied to scam emails, texts or letters or they can be details of people who have fallen for a scam, as people who have been scammed before have a higher probability of falling for a subsequent scam.

Once your name is on a sucker list, you are likely to be inundated with scam emails, texts and letters.

Your details may end up on a suckers list simply because you made an online donation to charity or click a link in an email without checking what it was for or for downloading an APP from a site that isn’t Google or APPLE.

Some organisations sell their contact lists to others without properly checking that the buyer is trustworthy or maybe hackers get into business contact data and upload it to the dark web.

Can You Remove Your Name from Sucker Lists?

That isn’t possible,  as these people are criminals so any request to them to stop sending you messages just confirms that the email address is active and hence worth more than a dead email address.

But there are ways to limit these solicitations and stay off future lists.

The Data & Marketing Association (DMA) is an industry trade group that offers a service called DMAchoice that allows users to remove their names from the mailing lists maintained by those members. But that only works with reputable companies.

If you think your details are on suckers lists the only answer is to change your telephone number, logins and passwords etc. even this can be time consuming and inconvenient.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature