Category: The Authorities

June 13, 2018

The State of Scamming in Australia

Government statistics show that 161,528 reports of scammers were raised with the Australian Authorities in 2017, of which 8.7% involves financial loss.

Total lost estimated to be $90 million.

The biggest chunk of this was to investment scams (approx. $34M), then dating and romance scams (approx. $22M), then business and employment scams (approx.$7M).

Following those were advance fee fraud, buying and selling scams, false billing, inheritance scams, remote access scams, threats to life and finally betting scams.

The age group that lost the most money was the over 65s.

The most common scams reported are:-

Phishing
Identity theft
False billing
Lottery scams
Buying and selling scams
Rebate scams
Remote access scams
Advance fee Fraud
Threats to Life
Online Shopping Scams

Beware of those scammers.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

May 16, 2018

UK Cyber Attacks in 2017

The National Cyber Security Centre (NCSC) has reported on 2017 and here are some key points from the report.

“It was a year of ransomware attacks, data breaches and online fraud.”

The WannaCry ransomware attack in May spread rapidly and randomly. 300,000 devices were infected across 150 countries and affecting services worldwide, including the NHS. The attack demonstrated the real-world harm that can result from cyber attacks, particularly when they are designed to self-replicate and spread.

The enormous scale of the 2013 Yahoo breach , the 2016 Uber breach and the 2017 Equifax breach came to light, demonstrating that data is a valuable target for cyber adversaries. It is clear that even if an organisation has excellent cyber security, there can be no guarantee that the same standards are applied by contractors and third party suppliers in the supply chain. Attackers will target the most vulnerable part of a supply chain to reach their intended victim.

Between October 2016 and the end of 2017, the NCSC recorded 34 significant cyber attacks. 762 less serious incidents were also recorded. With interest in cryptocurrency still strong, cryptojacking – where an individual’s computer processing power is used to mine cryptocurrency without the user’s consent – will likely become a regular source of revenue for website owners. Increased use of cloud technology to store sensitive information will continue to tempt cyber attackers, which could result in UK citizens’ information being breached.

Distributed Denial of Service (DDoS) attacks – where hackers threaten to conduct DDoS attacks unless a ransom is paid – have increased since mid-2017 when a South Korean web hosting company paid a ransom fee in Bitcoin equivalent to US$ 1 million. In late 2017.

The reported number and scale of data breaches continued to increase in 2017, with Yahoo finally admitting in October that all of its 3 billion customers had been affected by the 2013 breach.

Groups assessed to have links to state actors – were likely responsible for some of the larger breaches.

Examples of data breaches included: • Equifax, where the personally identifiable information of 145 million US users and almost 700,000 UK users was compromised. • Verizon’s data on 14 million customers stored in the cloud, and controlled by a third party company, was exposed to anyone who could guess the web address. • Uber was forced to reveal that it deliberately covered up a year-old breach by paying the hackers US$ 100,000 to destroy the data they had stolen. The data of 57 million accounts, which had not been encrypted, was exposed. • An aggregated database of data, collated from multiple breaches, was discovered by security company 4iQ in December 2017. This contained 1.4 billion credentials in clear text, including unencrypted and valid passwords. Analysis indicated a large number of incidents were caused by third party suppliers failing to secure data properly.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

May 11, 2018

Major Hacker Arrested

A team of covert officers tracked the hacker named “Courvoisier” and while he was using the computer in the first class carriage on a train from Rhyl to London officers pounced on him, seizing the unlocked computer.

The arrest was captured on the train’s CCTV. On the laptop they found the financial information of more than 100,000 people.

The hacker (real name Grant West) operated out of a caravan in Kent, to attack the UK’s top companies, obtain personal and bank card details which he then sold on the dark web (i.e. to criminals over the Internet). Officers found approximately 78 million individual usernames and passwords and 63,000 credit and debit card details stored on an SD card in his caravan.

With the help of his girlfriend Rachael Bookes, he carried out cyber-attacks on up to 500 companies – including Sainsbury’s, Nectar, Groupon, AO.com, Ladbrokes, Coral Betting, Uber, Vitality, RS Feva Class Association 2017, Asda, the British Cardiovascular Society, Mighty Deals Limited, Truly Experiences Ltd, T Mobile, M R Porter, the Finnish Bitcoin exchange, and Argos.

In 2015, he managed to obtain the email addresses of 165,000 people and then sent a phishing email masquerading as Just Eat in an attempt to trick people into handing over their personal details, costing the company £200,000 to sort out.

The case is the first time the Met Police have seized criminal property in the form of cyber-currency.

He made at least 47,000 sales of data through the dark web, police said following a two-year investigation.

Case officer DC Helen Foster said the fraud came to light after a referral from Action Fraud who said customers from Just Eat had complained about a ‘phishing email’.

The emails, sent out to customers, purported to be a survey that would give the customer a £10 voucher to use on the site. But unsuspecting punters were handing over more of their personal details which West then sold on the Dark Web.

Once he had a complete set of customer details he would sell them on via the now-defunct online dark web market Alpha Bay.

Police say West made more than £180,000 from the scam. The proceeds from his business were converted into Bitcoins.

Well done the cops.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

May 2, 2018

The Scale of Cyber Crime UK

The City of London Police Commissioner Ian Dyson was a victim of credit card fraud some years ago when criminals used his credit card to pay for a hotel stay and tried to pay for their car insurance with his card.

It is estimated that 5.6 million fraud and cyber-crimes are committed each year, of which only about 10% are reported to the Police. This does include virus attacks etc. and some things that many people would not expect to report to the Police but that still leaves a lot of crimes that are unreported, but should be reported.

Recent statistics show that of the fraud and cyber-crimes reported, only about 10% are investigated by Police.

A lot of online crime is effectively anonymous and there is little anyone can do to track down and stop the perpetrators.

Prevention can be the most practical method for getting to grips with such crimes – warning and educating people to have proper security for their online accounts and to behave with common sense in all dealings online.

However, the Police do have a great deal of success in restricting the actions of the criminals.

In the year to March 2017, the Police shut down 170,856 websites, bank accounts and phone lines connected to cyber criminals.

The banks and other financial institutions and payment services have a huge role to play in keeping us safe online and paying recompense to victims when necessary.

The authorities are progressively clamping down on online crime, but are always several steps behind the criminals.

Be careful

Do you have an opinion on this matter? Please comment in the box below.

April 25, 2018

The Safer Internet Centre

https://www.saferinternet.org.uk

The safer Internet Centre is a partnership of three leading organisations: Childnet International, Internet Watch Foundation and SWGfL, with one mission – to promote the safe and responsible use of technology for young people.

South West Grid for Learning (SWGfL) Trust is a not-for-profit charitable trust providing schools and other establishments with safe, secure, managed and supported connectivity and associated services, learning technologies to improve outcomes, and the toolkit for being safer online.

The partnership was appointed by the European Commission as the Safer Internet Centre for the UK in January 2011 and is one of the 31 Safer Internet Centres of the Insafe network. The centre has three main functions:

Awareness Centre: to provide advice and support to children and young people, parents and carers, schools and the children’s workforce and to coordinate Safer Internet Day across UK
Helpline: to provide support to professionals working with children and young people with online safety issues
Hotline: an anonymous and safe place to report and remove child sexual abuse imagery and videos, wherever they are found in the world

The UK Safer Internet Centre is funded under the Connecting Europe Facility (CEF) programme of the European Commission. As such we contribute to the Better Internet for Kids (BIK) core service platform to share resources, services and practices between the European Safer Internet Centres and advice and information about a better internet to the general public.

The website pages are – About, Safer Internet Day, Blog, Training & Events, Research, Get Involved, Translate

Advice Centre, Hotline, Helpline, Pupil powered e-safety

It contains a lot of advice and information, largely to do with young people, parents and carers but much applicable to anyone so it is a useful resource.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

April 18, 2018

The Pension Wise Service

https://www.pensionwise.gov.uk

In these days of pension fraud, if you’re over 55, it is wise to assess your pension situation using government advice.

The website Pension Wise was set-up by government to provide free advice

They say they can help you if:-

you are aged 50 or over
have a personal or workplace pension
want to make sense of your options

There is plenty of advice on the site from what happens if you live abroad to taxation to the different ways you can take money from your pension pot.

There’s also advice on how to avoid the pension scammers.

If you feel the need to talk to an expert, there are free calls of up to 60 minutes that can be booked.

If you need pension advice – this website is a good start.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.