Category: Uncategorized

Spreadsheet Macros

Scammers send out huge volumes of emails containing malware attachments and they try to get the recipients to open those attachments. Some of these contain programming code which activates as the file is opened, so this can be dangerous

You can avoid attachments that are actually programmes, but spreadsheets are very useful for financial documents e.g. invoices and statements.

Microsoft Excel spreadsheets usually have the file extension .xls but ones that contain macros are usually .xlsm

Macros are Excel programming code and can contain malware so you need to be beware of these.

e.g. an email claiming to be from Bank of America with a confirmation notice in the format of a spreadsheet with macros i.e. .xlsm format.

Some email systems will automatically turn off automatic macro activation and some anti malware services will do this, but best to be sure by not opening the attached file, however much you may want to know what’s in it.

One particularly nasty phishing campaign used spreadsheets with macros to install a remote access trojan  on the computer’s system. This trojan is known as Grace Wire or Flawed Grace.

That software then steals information from the system and sends it back to the scammer. The attachment also contained malware downloaders that install Dridex and Trick banking trojans.

Do not open attached files unless you are certain they are safe.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

National Crime Agency and Covid

The National Crime Agency (NCA) has launched a new initiative, bringing law enforcement and government together with the private sector to tackle criminals seeking to exploit the COVID-19 crisis for financial gain.

The new ‘OTELLO COVID-19 Fusion Cell’, led by the National Economic Crime Centre (NECC) and co-sponsored by the private sector, brings together experts from across sectors – including the financial sector, insurance companies, trade bodies, law enforcement and the wider public sector.

The Cell aims to rapidly share information on changes to the economic crime threat related to COVID-19 and to proactively target, prevent and disrupt criminal activity, protecting businesses and the public.

There is concern that criminals are using the pandemic as a hook to harm vulnerable people for financial gain or to continue illicit activity. Whilst the overall level of fraud being reported has not significantly increased, there has been a noticeable shift towards scams directly linking to Coronavirus.

More people working from home and an increase in online activity has left both businesses and people vulnerable to scams. Lockdown has also changed the way people conduct their lives and business, with an increase in mobile banking, e-payments and cash stockpiling.

The Fusion Cell will work in partnership with industry to identify new trends and threats and decide on the most appropriate way to tackle it, building on the expertise of both the public and private sectors.

The Cell produces a weekly public/private threat dashboard, to inform areas for proactive tactical development and disruptive action.

Insight from developing the Fusion Cell has the potential to inform a longer term ambition to develop the capability to spot and stop economic crime before it happens, with real-time insight and disruptive activity through public-private data sharing

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Stupidest Spam of the Week Professional Listings

Yippee! Who’s Who in America say I have been nominated as a biographical candidate for the next edition and the first phase of my assessment has been passed.

They say they obtain information from executive listings and professional listings but I need to complete my profile for the next step.

Most people use social media and website entries etc. for looking up information on professional people rather than searching Who’s Who or anything similar. Their day ended when we all moved online.

The sales pitch in the email is laughable.

E.g. “the biographical data comes from the most authoritative source – the biographees themselves”.

That means people can make up whatever they want for inclusion, so that sentence dooms the publication to be a fantasy document.

The whole thing is just a Marketing exercise – trying to get personal information from people then charging for a high profile inclusion in their publication rather than a standard entry.

The message sender doesn’t even know my name – the message starts with ‘Dear Valued Candidate’.

Pathetic.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Time-Wasters Update

Medic Feet” the new solution to any pain problem. Use the magic of acupuncture but without needles. You just wear these special sandals and all pain will vanish.  There’s lots of sandals on the market with pressure bumps that stimulate acupuncture points and it’s possible they will help some people’s circulation etc. but they cannot be honestly described as the solution to all pain. Never buy from idiots who promise far too much. 

A typical phishing email arrives titled “Attn: Verify Your Records”. It claims that’s due to Equifax’s latest security breach, my records have been compromised and I must login to verify. The email is from streamingmovie.site which is obviously not Equifax. No thanks.

The Bible Has Cracked The Code for Longer Life”. There are lots of these crackpot emails aimed at Bible believers and this one says the bible mentions a specific nutrient that inhibits aging and can reverse todays deadliest diseases. You just have to click the link to get full details. Typical brainless rubbish.

There seems to be a permanent battle in the USA between those wanting everyone to have open access to firearms and those who want more controls on who and when people can have such weapons.  A latest set of emails exhort people to take out a concealed weapons permit before the government makes it more difficult. The email explains that anyone can fill in the fast track online form and will get a concealed weapons permit unless they are an illegal drug user or have a criminal record.  Is it really that easy? Who knows? But it is madness to try to push people to get further into weapons use without very good reason.

A new summer heat busting portable AC device claims to be taking the United States by storm.  And of course you need to get one before they are sold out. Some of these messages are just spam adverts by people who have bought up a batch of portable AC device but many are scams – no products to sell, just someone who wants your name, address and credit card information. Only buy from reputable sources.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Dropbox Fake Message Scam

Most email services have a maximum message size you can send and sometimes limits on attached file sizes. This is generally only a problem if you’re trying to send video clips but can occur if you want to send a group of high resolution pictures for example or a series of large documents.

Yahoo and Gmail limit is 25MB per message

Outlook limit is 20 MB but Office 365 expands considerably on this.

Paid for email services and business email systems may have much higher maximum message sizes or even no limit in some cases.

  1. What to do when you want to email a very large file

Services like Dropbox have been created to solve this problem.

It is very efficient – you simply upload a file to Dropbox (or a similar service) using your free or paid for account and effectively send a link to the recipient and they can then download the file without filling up your or their email folders.

The Dropbox fake message scam depends on people being used to receiving these Dropbox messages and clicking to download the file.

Scammers upload a piece of malware disguised as an invoice or holiday template or some other document then send out Dropbox links to that document to a spam email list in hope at least some of the recipients will download and open the malware file.

If you receive a Dropbox file from someone you know and you expected the file, then fine.

If it’s from a person you know but didn’t expect a file, then contact them to see if the file is genuine.

But if it’s from someone you don’t know – then do not download whatever it is.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Stupidest Spam of the Week Magic Invention

The Elite Thought They Have Destroyed All of The Evidence of This Device” is the title of a recent email campaign (I assume the grammatical error is deliberate).  It is yet another conspiracy theory based scam as these seem to be very popular, especially in the USA.

The message goes on about how the mystery assistant of the inventor realised the secret of the device on his deathbed.

Some scammers love the dramatic touch.

Then comes the conspiracy part – the device was censored from the beginning and the government burned all of the records regarding it, publicly.

It’s a strange image – of government lackies publicly burning records.

Plus, when the inventor tried to send a piece of the device out of state, he was sentenced to two years in prison, so it is claimed.

All fantasy of course and no-one with an IQ about that of a frog should believe any of it.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature